WordPress Defender: 30 Ways To Secure Your Blog From Attack
March 1st, 2010
Email this article to a friend
John Hoff is a guy who knows way more about WordPress security than most people could ever hope to. He offers a security upgrade service that I’ve recommended before, but now he has an option for people who want to save money by doing the work themselves.
His new ebook is called WordPress Defender: 30 Ways to Secure Your Blog From Attack Anyone Can Do. Do you see the double meaning in that title? John meant:
(30 Ways to Secure Your Blog From Attack) Anyone Can Do
That is, you don’t need to be a techie to implement these steps. You just need some basic skills, such as installing plugins, editing files, etc., and he spells out what you need to do to secure your blog.
But the title could also mean:
30 Ways to Secure Your Blog From (Attack Anyone Can Do)
You see, hacking a blog isn’t all that difficult. The problem is that almost all WordPress installations have the same out-of-the-box security configuration. So when a new vulnerability is discovered in WordPress, a hacker knows that he can exploit it on most blogs. He can even set up a bot to automatically carry out attacks on huge numbers of blogs while he sleeps.
Don’t think that you’re not a target because your blog is too small, or it’s not making that much money, or you’re too nice. It’s almost inevitable that you will be targeted at some point. I’ve been hacked at least once, maybe twice, and every now and then someone else will try. Fortunately, John’s system has made me much safer, and I get notifications when someone is trying to hack me.
I get a little more paranoid about hackers each year. Last week, the head security guy where I work gave a presentation about how big the threat is. He thinks that antivirus software is basically useless, because it only protects you from the hackers who aren’t trying very hard.
He told us about companies that sell viruses to people who want to hijack other computers. Many of them offer live support – if you buy a virus from them that gets caught by antivirus software, just call their toll-free number and they guarantee they’ll fix the virus to put the bad guys back in business.
He told us about how the hackers we catch in the U.S. are at the very lowest levels of their organizations. The big guys operate from certain countries in eastern Europe, where they’re safe from prosecution, and free to recruit people to carry out their evil deeds.
In other words, hackers are a very big threat, and one you can’t afford to ignore. John found that out the hard way when his wife’s online jewelry business was completely shut down by a hacker. And millions of other people have learned this lesson after it was too late.
WordPress Defender is 150 pages of solid information about how hackers think and how you can thwart them. It also comes with 14 videos (nearly 2 hours worth) to make things crystal clear and easy to follow along.
Unfortunately, people often make the mistake of waiting to get hacked before they start thinking about security. It’s far better to get prepared now, so you can relax knowing that you’re not an easy target. While nothing is completely secure, the system in this ebook will make your blog far more secure than it is now.
March 1st, 2010 at 8:46 am
[...] Hunter Nuttall — Personal Development For Polymaths [...]
March 1st, 2010 at 1:22 pm
GREAT review!! I too have a post on “WordPress Defender” up today. John’s security system is a MUST for any WordPress blogger.
And I like how you gave two interpretations of “30 Ways to Secure Your Blog From Attack Anyone Can Do.” Astute and accurate, Hunter!
“Unfortunately, people often make the mistake of waiting to get hacked before they start thinking about security. It’s far better to get prepared now, so you can relax knowing that you’re not an easy target.” That’s It!!
March 1st, 2010 at 4:28 pm
Hi Hunter. Thank you for the review. You really hit it on the head (is that a saying?) with that last paragraph.
All too often I see people in the WordPress support forums looking for help because their site got hacked. And now that they have been hacked, it’s only then that they actually look at how to secure it.
It’s a shame that there are such awful jerks out there who would do these sorts of things and take joy in breaking people’s blogs.
March 2nd, 2010 at 8:06 am
@ Jannie, any blogger who gets hacked will definitely say in hindsight that this ebook is a must. Might as well save ourselves some grief by taking it seriously up front.
@ John, yeah, hit it on the head is a saying.
Thanks for sharing your story about your wife’s jewelry business on the sales page, because people need to be aware that it can happen to them.
March 2nd, 2010 at 9:04 pm
Security is one of those things we like to take for granted. At work we call it below the line … it’s just expected. It’s the type of thing that when security is working well, nobody cares … but when it’s messed up, the world goes topsy turvy.
I have seen security shift from a thankless job to a more thankful job and I’m glad to see more security awareness spread among the blogging community.
March 3rd, 2010 at 12:01 am
J.D., that sounds about like how we are in life, doesn’t it? I take so much for granted everyday. Sometimes I have to stop and take a moment to look at what I got.
It’s not until something bad happens that gets us to really know what we truly had.
March 3rd, 2010 at 10:13 pm
@ J.D. and John, Joni Mitchell had it right – you don’t know what you’ve got till it’s gone.