(Nearly) Twenty Years Of Blogging & a bit about WordPress security

Yesterday’s #blogpraat chat (nl) (dutch analogue to #blogchat) philosophized and reminisced about 20 years of blogging: the changes, ‘what if’s’ and new developments. 

Unfortunately my wi-fi chose to drop out for the evening, so I was regaled to reading the ‘log which @rsnijders provides every monday eve. (Thanks, Ray!)

If I’d been able I would’ve liked to talk about tech&security. But hey, now y’all can have a blog about it, with extra tips & links instead. 🙂 

Blogging used to be rather involved technically speaking, with the advent of more easily available tech (which is becoming cheaper by the day) and better visual interfaces for programs, these days it isn’t that hard to set-up a blog anymore.

Lots of on-line services to name a few: tumblr, postach.io, exposure, storehouse even offer free blogging space and system maintenance in exchange for ‘only’ your data and usage statistics (with the option to use and re-sell -part(s) of- this data for commercial purposes, the liberties of use on how and when/what vary per service)

If you’d rather keep on exclusively owning the licenses to most of the intellectual property which you share online (auto sharing fb updates, tweets, pics via g+ ,etc. aside.) you can ‘host’ your own blog with wordpress, pivotx, ghost etc. by buying a domain name and some server space.

Buying server space and then installing a blogging platform (cms) like WordPress on your slice of server space means that you get more say over your ideas/intellectual property/content and their licenses. Although your website host takes care of security for the most part, you do need to do a lil’ more maintenance on your own security. (just like you would add extra anti-burglar precautions to your house whether you rent or own it.)

Some general advice:

    Use a strong password (for your database, wordpress and social sharing services)

    A sentence of four or more 8 letter words is a good password, preferably with added $^^#&&( And reLly oddly p_laced spaces and capitals. A sentence is also a bit easier to remember.

    Perhaps if you have a lot of passwords to remember, consider a password manager such as last pass or one pass.

And keep that login safe by

    Having a virus scanner on your computer: key loggers – logging what you type – can nab your pass and other credentials such as your credit card numbers etc.

    Not clicking on suspicious e-mails/website links 

    Not connecting over open ‘gratis’ wifi when you’re flex-working, even if they’re using wi-fi with a password ( these are usually shared with everyone and anyone can snoop on the network) without a vpn (virtual private network) which encrypts your connection.

On the WordPress side of things you can

    Add a dual login/ authentication process with google or install stealth login.

    Install limit login plugin which limits the amount of times an ip-address can try to gain access, hackers can rotate ip-adresses but it adds a degree of difficulty

    Don’t name the admin account ‘admin’ If they really want to people can easily find the admin account name, but not using ‘admin’ takes care of script kiddies, adding yet another degree of difficulty.

    Either manually adjust (harden) your WordPress installation or let a security plugin handle the adjustments.

Stay informed on security, update your plugin/theme/wordpress and back-up regularly is my last bit of advice on keeping your blog running WordPress safely, perhaps even for the next 20 years. 😉

PS: If hardening your WordPress and it’s maintenance sounds like a lot of work you aren’t particularly interested in keeping up with; you can hire me (or another WordPress specialist) to keep an eye on and perform maintenance on your WordPress. Just send me an e-mail with what you would like me to do for your site.

Leave a Reply