When we talk of blogging, people will be focusing on content & traffic. Hardly anyone talk about security. I feel equally important is security.

Just imagine, you woke up one morning, login to your blog and suddenly found yourself cannot access to it. Or suddenly you found someone has mess up your blog. These 2 incidents will be the worst nightmare for a blogger.

Therefore between content, traffic & security, I feel security is the most important.

There is a security plugin known as Wp-Security Scan that will help to scan your blog and provide some recommendation.

You can download the plugin at:-

http://semperfiwebdesign.com/plugins/wp-security-scan/

Once you have upload to your blog’s plugin folder, you can go to the dashboard.

At the bottom of the dashboard you will see a lock symbol. Click on the lock symbol

You will see a few selections like Security, Scanner, Password tool, Database & Support

If you select Security, it will scan you blog and check the following:-

System Information

• Operating System

• Server

• Memory Usage

• My SQL Version

• Items related to PHP

Wordpress Version- It will hide your wordpress version

Database

Wordpress ID- It will provide recommendation

If you select Scan, it will scan your blog and display the following

It will display your File/Directory location, Need Chmod & Current Chmod

To change the Chmod setting, you need to launch your FTP Software.

Browse to the Permissions column, it will display the value of the existing Chmod.

Highlight the relevant item, right click and select File permissions. At Numeric value, key the number as recommended by Wp-security Scan.

If you follow the recommendations provided in Security and Scan , it will definitely tightened your blog’s security

Now you can sleep well. Cheers.

Interesting articles:

risk with wordpress id

free simple captcha wordpress plugin

wordpress blog does not block multiple id attempts

free wordpress automatic upgrade plugin

Click Here to claim Your Free Money Making Blog

Do you know that blogs that are created using Wordpress have a certain weakness?
The weakness is that Wordpress software allows unlimited attempts in trying to sign in.

This raises a security concern as hackers can try to hack your Wordpress ID as many times as he likes until the password is cracked.

Hopefully, Wordpress can address this weakness in their future version.

As for now, I have found a plugin that can help in preventing the hacker from trying to login as many times as he wishes.

The plugin is known as Login LockDown.

It will records the IP address and timestamp of every failed login attempt.. If more than a
certain number of attempts are detected within a short period of time from the same
IP range, then the login function is disabled for all requests from that range.

This helps to prevent brute force password discovery. Currently the plugin defaults
to a 1 hour lock out of an IP block after 3 failed login attempts within 5 minutes.

However you can change this default settings if you desire by going to the Setting->Login LockDown.

You can get the plugin here, .
http://www.bad-neighborhood.com/login-lockdown.html

Cheers

Interesting articles:

review-of-atomic-blogging-3.0

link-that-open-in-new-tab-or-window

check-your-blog-posting-in-google

risk-with-wordpress-id

free-photos-for-your-blog

Do you know there is a BIG risk in Wordpress ID?

Well actually the risk is in the ID itself!

When you first time install the Wordpress software, it will generate a default ID known as ‘Admin’, then you will get a default password too.

The Password look complicated, so you think this is good enough, right?

Let me explain here.

Most of the hacker knows the default ID is Admin, the only thing they do not know is the password. In Wordpress software, you can retry keying in the password as many times as you wish without revoking the ID. This, in my opinion, is one of the weaknesses in the Wordpress Software.

In other applications, your ID will be revoke once you retry 3 times (depending on the administrator’s setting). In some computer installation, you password need to be change at a certain frequency depending on the administrator’s setting (monthly or bi-monthly)

Let me share with you my personal story. A few years ago, I have another blog site. This is my first blog site. Luckily I have not post a lot of information yet.

One day, I found myself unable to login to my ID. Can you guess what ID I am using?

That’s right, I am using Admin ID.

So I login to my web hosting account and check the MySQL database. True enough, someone has changed my Admin ID password. Also another ID was created.

Luckily, I was able to reset the Admin ID and managed to log in.

So in term of best practice,create an ID with Admin privilege. Use the new ID for your daily use.  If you already have an Admin ID, delete this ID. Don’t keep it, else someone might one day hack into your blogsite using the Admin ID.

Interesting articles:

embed-youtube-video-into-wordpress-blog-using-free-plugin

video-on-wordpress-27-features

use-google-reader-to-read-blogs-social-bookmarking

free-automatic-submissions-to-social-bookmarking-sites

Click Here to claim Your Free Money Making Blog