Blogging is a great way to be heard. Maybe you have a lot of valuable ideas that deserve an audience, or maybe you have a business that could use a little advertising. Regardless of your reasons for blogging, you want to make sure the content on your site expresses your own thoughts and not those of a blog hijacker! We came across a post from The Hungry Mouse blog that highlights some of the finer points of blog security, and would like to share some of the excellent information.
Secure your email
If you’re like many of us, your email account is a hub for your Facebook, LinkedIn, Twitter and many other accounts. Even if you have two different emails for personal and professional endeavors, you might have several other accounts tied together through password recovery features or account alerts. While it does make your life convenient when you forget your password and need to access an account, having these connections is risky. If a hacker compromises one account, suddenly your whole system of interconnected accounts is in danger.
In addition to using strong passwords, you can enable two-step verification on many email services such as Gmail. This will tie your account to a specific computer, so anyone trying to access your account from a different device will need a unique code to get in. The code will be sent to your cellphone, so you’ll still have access to your account if you’re away from your usual computer.
A PCMag article warned against posting your email address on publicly viewable forums and websites. Scammers use web scraping software to collect posted email addresses and identify targets. If you want your blog readers to be able to email you, you can use a contact form plugin to hide your address from web scrapers.
Make your domain registration private
The owner of a domain name can easily be found by doing a “whois” lookup, and domain registrations frequently include information such as your home address. Most domain registering services offer the option of making registration private, which will hide your information when someone looks up the owner of your domain.
Use strong usernames and passwords
Security experts suggest using passwords that are unintelligible. Brute force attacks rely on software to quickly input as many combinations of letters and numbers as possible. Most are programmed to start with the most common passwords, such as ones that contain real words.
You can also increase blog security (and overall account security) by using different passwords for each account you have. A master password might seem like a good idea for convenience, but if someone else gets ahold of it …
Back up your content
It might be tempting to think your content will always be available because it’s online. While it is true that something posted online can float around the internet indefinitely, it’s usually because the content gets posted in many different places. Protect your blog content by backing it up somewhere else – either on your own computer or through an online storage service.
The benefits are two-fold. If a hacker decides to take a little creative license with your blog, you still have the original to upload when you regain control. And, if your blog’s hosting service suffers downtime, you’ll still have access to your content.
Just like your computer, blog software has tools to improve security. Depending on which blogging tools you use, there will be different options available. For example, better WP security for WordPress contains a scanning feature that identifies and fixes vulnerabilities on your website.
It might not seem necessary to use software to scan your blog for problems, but those hackers can be pretty sneaky. Another PCMag article highlighted the way hackers use blogs to spread malware. After compromising a blog, they sneak in malicious files within subdirectories, so blog owners are less likely to notice the unsanctioned changes.
Do you have a blog? How do you secure it? Are you worried about being hacked? Let us know in the comments!