It is a notion strikes fear that deep in the heart of every blogger. No, we are not talking about get dooced (derived from blogs). We talk about waking up in the morning, loading of your blog and find a screen that looks like this:
The site has been blocked.Or perhaps it was not clear - you just discover links injected into your footer of website containing the text of an anchor of a certain famous pharmaceutical brand.
In any event, these types of scenarios are not good news for bloggers. These capricious web users, that you work hard to attract can easily be repelled by a pirated site and never return. Or, just as bad, be pirated (and not binding) risk the fairness of search engine you have accumulated during the years of blogging, and that is time-consuming restore.
If your site has been hacked or junk e-mail, you have probably been through the tedious process and focused on time combing through MySQL databases, the theme files and directories on your server. If you are lucky, you found the problem, removed and got things back up quickly (without having it replicate again, which we have seen). Or perhaps you had a copy backup and completed a process of restoration.
But even in this case, this situation is not ideal. If you're like us, you feel it is unacceptable for your blog to be reduced, even for a moment - and especially by the pirates.
The single most important tip? Prevention is cure.
In any region other than the security this saying is more important. This is simply because the pirates, the automated and manual type, choose the path of least resistance.
To a large extent, many are playing the numbers game to try to establish links of black hat or manipulate the content of the Web site for the benefit of using illegitimate companies rank higher in search engines. To do this, the pirates frequently send crawlers search on the web, to seek more vulnerable sites.
Then, how can you raise your?
As we know, most bloggers here use WordPress (and certainly more professional bloggers use a self-hosted install). It is essential to keep up to date. Since WordPress is so popular, unfortunately this means that it is frequent prey for hackers. By keeping up with the latest updates, ensure you the security and obtain patch vulnerability directly from the source, such as the community WordPress actively seeks to maintain the security of the software.
Brute force attacks can be easily avoided: choose secure login and password. By "secure login", refers to change of the typical "admin" to be more precise. For a "secure password", use something that is at least ten characters long and contains at least a capital letter and a symbol, such as an exclamation. This will make it virtually impossible for either a human or a computer guess your connection details.
There are a large number of free WordPress plugins written by good Samaritan developers seeking to ensure the safety of their peers to blog. A few must-haves include Secure WordPress, which removes some meta information critical that a hacker could use against you of your WordPress installation, connection attempts limit, which in fact attack in force basically impossible gross, and WP Security Scan, which provides a report on your specific configuration of WordPress and suggests corrective actions.
For those who are not so tech savvy: your installation of WordPress (or any blog installation) is a software and runs on an operating system, similar to how works your own computer.
One of the easiest ways for malicious code to find its way to your blog is an infected system. In reality, your blogging software is never as safe as the system that you access from. The best way to ensure the security of your system is with an antiviru product and complete Internet security. You can also check with your ISP - many of them now offer Internet security to their subscribers.
You can install backups to perform easily via a simple plugin. For those who run popular sites and are very serious about the security of their positions, Automattic (makers of WordPress) has recently started to offer a premium service, called VaultPress, which provides dead-simple backup of databases not only, but all the files associated with WordPress. Frequent snapshots of your installation are critical and, apart from providing peace of mind, will help even if you never get hacked, you do not lose your work.
You can use Akismet (analysis comments via hundreds of tests) to quickly and effortlessly handle spam comments, or use the bad behavior (which refers to bad IP addresses via the project honey pot) and block even reach your site in the first place.
Even with the prevention, the compromises of code is always possible. Sometimes even bloggers push. If ever get you hacked or find webspam on your site and are not sure what to do, not to panic and start deleting files. This can make the situation even worse.
Instead, take screengrabs of the issue and send to someone who specializes in WordPress (or whatever your blog software) with well-known more recent backups. This is very common, there are those who specialized in helping fix just this situation.
Of course, are basic advice just so that everyone should take the prevention. It is more advanced advice (for example, the locking of the/wp-admin / directory with a .htaccess file), but if you begin with implementing the advice above, you will already be a notch more secure than most.
If your site has been hacked? Tell us what has happened, and how you fixed the problem - in the comments.
0 коммент.:
Post a Comment