Sorry this site requires JavaScript to be enabled in your browser. See the following guide on How to enable JavaScript in Internet Explorer, Netscape, Firefox and Safari. Alternatively you may be blocking JavaScript with an advert-related or developer plugin. Please check your browser plugins.

Great post by Donna Fontenot that covers both prevention of and recovery from hacker intrusion, for blogs and other non-blog sites alike.
Comments5 Comments  

Comments

Avatar
from DarkMatter 1318 Days ago #
Votes: 0

I’m dumping wordpress for Drupal. I’ve had it with trying to keep WP secure, and upgrading usually exposes more vulnerabilities than it fixes.

Avatar Administrator
from MattMcGee 1318 Days ago #
Votes: 0

This is a terrific article, Donna - thanks for putting it together.

Avatar
from ColinCochrane 1318 Days ago #
Votes: 0

Good article, though a more accurate title might have been "The Ultimate Wordpress Hacker Prevention Guide".

Avatar
from kapheroph 1318 Days ago #
Votes: 1

Also worth a mention is to keep an eye on security sites like http://secunia.com and http://www.securityfocus.com for vulnerabilities and exploits.One of the better things to come out these blogging applications from my point of view is it has taken the load off server admins as it is a lot easier to hack a wordpress site than it is than a server these days, read CSS, CSRF, SQL injection, XPath injection etc. And when something does go wrong it is usually only the one site. And so (sadly) it puts the responsibility upon the owner/maintainer of the site to make sure that they know what the code that they are using actually does.Bloggers don’t need to be developers or really even know how to code these days and it’s quite inevitable that a majority of those who can code don’t know how to code securely. As this type of application grows with the advances of the web there are going to be more and more of applications like wordpress and plugins for these apps showing up with and people blindly using them and adding bits and peices from here there and everywhere. Does this remind you of what happens with an operating system? Secure for the most part but once applications are installed from various sources, things start to go down hill... As mentioned in the article there are already what you could loosely consider AV and Firewall apps for wordpress and the like. Just what is going on here? Ajax and back end database controlled CMSs, it may look all nice and pretty to the website user but it also looks pretty nice to a malicious user as well.Don’t get me wrong, I enjoyed reading the article and think that there should be more of its type. It’s just that we don’t seem to be fixing the problem by tacking something on to cover the problem.I apolagize for ranting on my first ever comment here but security and privacy are not only my work but my passion.

Avatar
from DazzlinDonna 1318 Days ago #
Votes: 0

pageoneresults, who ate your cereal today?  so, am i to assume that you, oh mighty pageoneresults have the perfect setup?  that you wouldn’t ever dare use a system that might get hacked?  that you in fact are absolutely sure that you’ve done everything right to prevent such a thing?  i mean, it sounds to me like you are just standing on some high and mighty podium looking down upon all us fools, laughing at our stupidity.  true?  well, whatever, dude.  have fun on that podium of yours.kapheroph, if i knew how to fix the problem, i surely would.  but i don’t.  so the best i could do was offer a few ways to help the average joe find a bit of protection.  it may not be bullet-proof protection, but it’s better than nothing.colin, yep, that probably would have been a better title.

Upcoming Conferences

Search Marketing ExpoSearch Engine Land produces SMX, the Search Marketing Expo conference series. SMX events deliver the most comprehensive educational and networking experiences - whether you're just starting in search marketing or you're a seasoned expert.



Join us at an upcoming SMX event:

Upcoming Webcasts

Search Marketing Now Learn more about search marketing with our free online webcasts and webinars from our sister site, Search Marketing Now. Upcoming online events include: