Last updated on October 26, 2017
Dear Philipscom Readers,
I am so glad to be here at Philipscom, and I’d like to thank Philip Verghese ‘Ariel’ for kindly allowing me to share this information with you!
His blog is a great place to read about a variety of topics from an intelligent and interesting perspective.
Bloggers can’t miss his recent article on the speed of your webpage
Whether you’re a blogging newbie excited to get your voice heard or an expert focused on your editorial schedule, it’s important that you don’t let your blog’s security fall by the wayside. Not only would a security breach be a threat to your source of income or favorite hobby, but you could also harm your beloved readers in the process.
10 Top Security Tips For Bloggers
Here are ten tips to help bloggers keep their site secure:
1. Enable SSL (HTTPS) on Your Blog
Migrate your domain name from HTTP to HTTPS by setting up trusted SSL certificate on your server. SSL Certificate will make a secure connection between visitors and your blog, which ensures your site visitors that private information is being sent across the web in a more secure manner. Even, Google forcing to move towards a more secure web with HTTPS and obviously, HTTPS site will get more importance compared to an HTTP site. You will get a search engine ranking boost in Google. Currently, Chrome browser 56 has started to show “Not Secure” warning in the address bar to all HTTP sites. So, It is highly recommended to get Positive SSL of Comodo Certificate Authority (CA), which is an ideal certificate to enable HTTPS on your blog quickly.
2. Choose strong passwords.
This is the most basic security tip, but it’s as important as ever. Remember, you’re only as strong as your weakest link, so every single one of your accounts needs a secure password. Anyone of them can be used to gather sensitive information or gain access to another one of your accounts.
Strong passwords will include a variety of numbers and upper- and lowercase letters, and avoid words from the dictionary and other meaningful combinations of numbers or letters (such as your birth year, for example). Of course, never repeat a password for more than one site.
Unfortunately, remembering a deluge of passwords can be a bit tricky, and writing them down or storing them on your computer is another fatal security mistake. Password managers are a powerful tool for making this feasible. This is a program that will save your passwords and automatically fill them in for you. Its database is controlled by one master password, meaning that you’ve shaved down the number of passwords you have to remember to a single one. LastPass, a favorite of mine, will also help you out by generating strong passwords.
3. Change your username.
When you sign up for a WordPress blog, you will automatically receive “admin” as a username. Keeping that as-is is a huge mistake. If you don’t change it, you are giving up half the battle of hacking into your website. Criminals now only have to guess your password, effectively negating the service’s two-step authentication. Change your username to something unique, that’s almost as hard to figure out as your password. The easiest way to do this is to create a new administrator account and delete the old one. You can also use a plugin or make the change directly in your WordPress database. For step-by-step instructions, check out this article on changing your WordPress username.
3. Make sure to update.
Update your computer, update your browser, update your blogging software, update your phone, update your antivirus. Update everything, as soon as possible! Updates will often include fixes for security problems, and therefore neglecting to update will leave you open to all sorts of threats that already have solutions!
However, be aware of what exactly you’re agreeing to. For example, many phone apps will ask for additional permissions that they don’t really need in an effort to obtain your personal information. It’s also a common hacker tactic to disguise a virus as Windows Update or Adobe Flash.
How can you tell the difference? There are a few tricks. Legitimate software won’t usually send you an email about updating, and most programs will prompt you to update when you open it, rather than creating a pop-up reminder. To improve your chances of only agreeing to real updates, set your software to update automatically whenever possible. That way, you aren’t tempted to click on update pop-ups before you’re sure they’re safe!
4. Be careful about public WiFi.
You might be the type of blogger who works best on the go in your favorite coffee shop, or maybe you’re a travel blogger on the road or in airports. But you need to know that public WiFi isn’t safe. A hacker signed onto the same network can see what you’re doing, trick you into downloading malware, pass all of your data through their device before it goes on to its destination or even directly accesses your computer. Obviously, this is a huge security risk!
There are a few ways to protect yourself if you insist on using public WiFi. Make sure you’re using the “public WiFi” option in Windows so that your computer knows not to trust the connection. Turn off sharing within your network, and keep your WiFi off if you’re not using it. Set your important websites to use HTTPS (which can be aided with the HTTPS Everywhere browser extension). Lastly, you should seriously consider using a VPN.
5. Use a VPN.
A Virtual Private Network (VPN), works like a tunnel, taking your information from source to destination safely, and preventing others from interfering. VPNs have multiple uses, but most of them boil down to increasing security.
This means that if a hacker does manage to access your data, all they will see is encrypted information. Since hackers think like more familiar types of thieves, they are unlikely to even try to bust through this defense and will move on to easier targets. Many VPN providers will also include anti-malware and/or anti-spyware measures in the service, adding protection to whatever anti-virus you’re already using.
Everyone should subscribe to one of the many VPN choices, but there are certain situations in which you really need one, such as when using public unsecured WiFi or handling sensitive data. If you truly want to keep yourself and your readers safe, you’ll want to use a VPN.
6. Only use themes and plugins that you trust.
By using a theme or a plugin, you’re giving the developer permission to add code to your website. This could compromise the data of you and/or your users, or allow hackers to insert spam links, malicious code, and/or viruses.
If you don’t know and trust the source, don’t use it. How can you tell which themes and plugins are safe? If it’s in the official WordPress catalog of themes, it’s probably fine. Other reputable companies include Woothemes, Elegant Themes, and StudioPress. Reputable companies will offer support along with their themes, so email or call them to find out how legitimate their business is before you install a new theme or plugin.
7. Limit access to your site when networking.
Every blogger knows the value of networking. However, just because someone wants to write for your site, it doesn’t mean that they have pure intentions. Don’t give someone you don’t know access to your site. If you absolutely must (for example, if they’re going to be a long-term contributor), then don’t give them blanket administrator privileges. Be prudent.
8. Don’t send usernames and passwords via email.
Even if all your guest bloggers are truly trustworthy, hackers aren’t. If that email gets intercepted, someone will have access to your site without your permission, and that can have disastrous results.
So how should you be sharing account information with your associates? You can tell someone to change their password as soon as possible after your email, but that doesn’t ensure that they will.
Here’s another reason that LastPass can come in handy. If two people have a LastPass account, they can share account information without fear. Once you have the extension installed, you can click on the “share” icon next to the site whose information you want to share. It looks like a couple of silhouettes. You then have the option of “giving” the recipient the password, meaning they will be shown the password, or “sharing” it with them, meaning they never see your password and LastPass signs in for them.
9. Don’t open suspicious emails.
As a blogger, I’m sure you correspond with a variety of people. There’s nothing wrong with that, but make sure that your spam filter is doing its job. You should also avoid emails from names that don’t sound familiar or ones that smack of common phishing scams.
If there’s a link in an email, always hover over it with your mouse to make sure the destination matches your expectations. If it’s an email from a business or service, such as your bank, open their homepage yourself instead of clicking on any links. This is a common phishing tactic. Be careful with attachments as well, even if they’re from people you trust, and scan them before opening them. Never reply to spam, even to unsubscribe.
You can also choose from a variety of security programs that will keep your emails away from prying eyes. For example, the free service Criptext provides multiple email security services, such as allowing you to unsend an email, encrypt the included text and find out where and when your emails have been read. Other services will detect and block viruses and spam, stem any accidental leaks of data, scan links and encrypt your information.
10. Keep your PC safe.
There are three primary ways to keep your computer safe: use a firewall, use an anti-virus program and back up your data.
There are two kinds of firewalls: digital and physical. Everybody uses digital firewalls, especially since they come with Windows. However, if you want extra safety, you may want to consider using another firewall. Here’s a site with some firewall reviews.
The ideal anti-virus program will take care of any program or file that it deems harmful, while also remaining open to detecting new threats that it may not have come across yet. If you are unsure of what anti-virus is best for you, here are some choices.
If the worst happens, you’re going to want to have the data from both your computer and your website backed up. Not only can you retrieve information to return your life to normal, but you can use a backup as a security measure. By reverting to a previous save of your computer or site, you can effectively erase any viruses or spyware that make it through your security system.
Tell us about your experiences with internet security. What have you been doing to keep yourself safe? What worked, and what didn’t? Leave a comment below to help out your fellow bloggers!
ENDNOTE: Also please read the following related, informative article written by Cassie on Lorrile’s “working well” Page: Security Tips for Freelance Writers and other #Entrepreneurs
Picture Source: Pixabay.com
Published on: Sep 30, 2015 @ 00:18
Check your domain ranking