Raise your hand if you are worried about your blog being hacked?
Unfortunately about 30,000 websites get hacked per day according to a report done by Sophos Security. Hackers are not picky and will go after any site they can find. It doesn’t matter how big or small your site is or how much or how little traffic you get.
If you use WordPress to run your website you have some options to help prevent any hacking that may occur. Of course no one or no software can 100% guarantee your website will never get hacked or compromised but it helps to limit the ways hackers can gain access.
One of the most popular WordPress security plugins available is Sucuri. As with many plugins Sucuri had a free and premium version available. The free version is very solid and has most features you will need.
When I outsourced the transfer of my site to a friend he immediately installed Sucuri and scolded me for not having it earlier. When the International Bloggers Association site was attacked and blacklisted I suggested to IBA President Haley that we give Sucuri a try. Within 24 hours the problem was solved and not even a peep since.
What can Sucuri do for you?
How does Sucuri help bloggers sleep at night? Here are a few features the offer:
- Security notifications
- File Integrity Monitoring
- Remote Malware Scanning
- Blacklist Monitoring
- Effective Security Hardening
- Security Activity Log
To help prevent hacking of your website Sucuri has many options to harden your site. Some of these tasks include not allowing PHP files in your uploads directory, which is where any files you upload through the media library are found. It also makes the WordPress version you are currently running hidden so that it is not easily found. This is important because hackers can use the version number to figure out known bugs and use those bugs to compromise your site.
File Integrity Monitoring
File integrity monitoring is important because it will alert you when files are edited. Unless you are directly editing or updating a theme or plugin, there is no reason for a file to be edited or changed. Most hackers inject malicious code into PHP files and when that code is ran it cause havoc. With file integrity monitoring if any malicious code somehow gets added, you can stop it in its track.
Security Activity Log
The security activity log is a great tool especially if more than one person is working on your website. This tool logs every move a person makes in the administration area. If someone edits a theme file, it’s logged. If someone installs or deactivates a plugin, it’s logged. It’s a great way to see what people are doing on your website.
What good is all this monitoring if you don’t know the results? Sucuri has security notifications that will alert if something suspicious is going on so you can take appropriate actions.
The number of brute force attack notifications and password guessing I get on a regular basis is obscene! If just one of those was successful I would be in huge trouble.
CDN Performance and Speed Optimization
Not related to security, but critical for blogging success is page speed. Sucuri plans also offer website speed optimization and site caching to drastically reduce page load time. Yeah for fewer plug ins! Yeah for site speed!
If any of the above sounds the least bit confusing, you really need to head over to Sucuri and start letting them protect your blog. You rely on your blog to produce income for your business, don’t let it become compromised.