A WordPress plugin brought to you by Search Engine Journal.
So you had your site running for some time now and ready for the next leap? That’s right you know what I mean – Opening a guest blogging opportunity for other bloggers to write guest posts on your site and take your blog to a whole new level with a third-person’s perspective and giving it a fresh feel to your regular readers I don’t further need to tell you the effectiveness of guest blogging let us get down to the most important thing that comes bundled with a guest blogging opportunity – your sites security!
Yes! If you thought that a harmless looking ‘I want to submit a guest post in your site’ is the beginning of it, then I hate to tell you that it might even be the ending of it all unfortunately!
>>>So Let Us Get Down To Evaluating What We Are Battling<<<
Instead of me scaring you let us go the fun way – Let us try it on our own as an experiment.
- First register at your own site as a guest
Don’t Panic yet – there is a way to make sure your site is, and stays YOURS!
- Assign Write permissions to only admin user account
- Set the default setting for directories as 755 and files as 644
- Use 750 for wp-config so your login data remains accessible only to you not even your host.
- Pick up the wp-config.php from its default location (root directory) and place it one location above Your wp-config.php contains all your login details, passwords and access rights. You would not want that file in the root directory which is accessible to everyone since your sites public files lie there. The wp-config.php works fine from a level above and this measure alone will protect you from a host of sniffing attacks
- Place a blank html file named index.htm in your /plugins folder so that the plugin folder files itself are not accessible and whenever a person tries to access the directory they will be presented with what is there in the index.htm file. This saves you from any vulnerability the plugin creator may have overlooked in his plugins and you never know how a plugin is coded
Any website is like a bank. There are many bad people around and you can never be absolutely sure that the vault is secure even if you have the best security in place. The reason I used the bank analogy is because websites and banks operate in a similar fashion – they need to open the doors a lot of time for people to come in and go out and you cant keep the doors shut all the time in the name of security.
So the only measure we have as online business owners is to prevent an attack right at the source But that would not guarantee a fool proof safe site because new loop holes keep cropping up in the frameworks every day and hence it is always safe to keep a backup of all important files and databases.
Unfortunately Spiderman’s uncle passed away before the boom of the internet marketing era otherwise he would have given a different set of advice to our favorite super hero – With great power comes greater risk of getting hacked!
Let me know if you have worked out these security measures already and also share with us if there are any extra measures you have taken to make sure your site stays secure.