Warning: Illegal string offset 'singular_post_taxonomy' in /home/wbyb/public_html/wp-content/themes/canvas/functions/admin-functions.php on line 2952

Warning: Illegal string offset 'singular_portfolio_taxonomy' in /home/wbyb/public_html/wp-content/themes/canvas/includes/theme-functions.php on line 807

Prevent Your WordPress Blog from Being Hacked

0 Flares Twitter 0 Facebook 0 Google+ 0 LinkedIn 0 Email -- Buffer 0 0 Flares ×

hacked-blogWhat is the worst thing you can imagine that could happen to your blog?

While there are certainly a number of things that can go wrong, the worst of them all would be for it to be hacked.

If somebody hacks into your WordPress account, he or she could infect it with a virus, use your account to spam others, or delete all of your files.

Imagine how bad it would be for all of your hard work to be deleted.

Thankfully, there are ways to prevent something like this from happening.

You need to learn how to backup your blog, posts, comments…everything.

There are also ways in which you can restore your WordPress blog in the event that it is hacked and/or deleted.

Even if your blog is new and doesn’t have very much content yet, you will still find yourself frustrated if it’s hacked.

Here are some tips for preventing your blog from being hacked:

  • Don’t make your WordPress dashboard password easy for others to guess.  If you use something simple, such as your name, a hacker may be able to figure it. Use a mixture of upper / lower case letters, numbers and symbols.
  • Change the WordPress admin username – most hackers know that ‘admin’ is the username and then they only have to guess the password. Make it twice as hard and change the admin username to something other than ‘admin’.
  • Be careful when using plugins, scripts, and layouts that you find on the internet.  Make sure they come from trusted sources before using them, as they can contain spy-ware.
  • Themes. If you want to use one that you found somewhere on the web, again make sure it is from a reputable source. Some theme creators add hidden links and advertisements.
  • Keep up with all the latest WordPress security upgrades. Although it can be a hassle to keep upgrading all the time, it’s crucial to do so.  All it takes is one small flaw for a hacker to break into your account, so make sure you keep up with all the upgrades and patches.
  • Include the following security plugins, Login Lockdown and Secure WordPress.

As I said at the beginning of the post, make sure you back up EVERYTHING, including your posts, comments, files, images, logos, template, links, and HTML coding.  That way, even if your blog does get wiped out, you’ll have everything you need for quickly putting it back together.

The best plugin to do this is: Backup Buddy.

Many bloggers think that backing up their databases using plugins like WP-DBManager is backing up their whole blog. IT ISN’T.

I am not saying the plugin is not good – it is and I have it installed as it automatically optimizes your databases for faster loading but it only backups your databases.

You need a plugin that backups EVERYTHING like: Backup Buddy.

Follow these tips to protect your WordPress blog from being hacked.  If it still ends up being hacked, make sure you have everything backed up and that you know how to restore it all. The plugin, Backup Buddy, makes it very simple.

What do you do to make your blog more secure?

Please share your views in the comments below.


Related Posts Plugin for WordPress, Blogger...
0 Flares Twitter 0 Facebook 0 Google+ 0 LinkedIn 0 Email -- Buffer 0 0 Flares ×


45 Responses to Prevent Your WordPress Blog from Being Hacked

  1. Corinne Edwards
    September 22, 2010 at 1:46 pm #

    Dear Andrew –

    I was hacked. It was a nightmare. They took my whole blog down with spam. Lots from foreign countries.

    When I asked my tech, “Why Me” he answered, “Because they can”

    Like a sport.
    Corinne Edwards recently posted..LIONS AND TIGERS AND BEDBUGS – oh myMy Profile

  2. John Soares September 22, 2010 at 2:34 pm #

    Andrew, I’m still considering Backup Buddy.

    My host, Hostgator, backs up all my sites once a week and will do a full restore of a site for a small fee.

    And I got hacked when I was on Godaddy, so I know what it’s like to have to deal with these matters.
    John Soares recently posted..International Freelancers Day Online Conference- How to Get the Most from It with the Least Amount of EffortMy Profile

  3. Patricia September 22, 2010 at 2:50 pm #

    Now that I have read this post Andrew; I will be getting Backup Buddy. Just thinking about getting hacked; scary stuff. Thanks for the reminder.
    Patricia Perth Australia
    Patricia recently posted..Lavender Products- Why Choose Organic LavenderMy Profile

  4. Steve September 22, 2010 at 4:08 pm #


    How do you determine if a plugin is from a reputable source? I install them through the WP panel and there is nothing really to differentiate between one developer who I’ve never heard of and the next.

  5. Vishal Gaba September 22, 2010 at 12:41 pm #

    I agree, it was of utmost importance to back up your data. While I was aware of this concept, Back up buddy seems to be a great plugin, will install it right away.

  6. Mavis Nong September 22, 2010 at 8:43 pm #

    Hi Andrew,

    I recently wrote a post about how to protect your blog from being hacked into.

    Great tips you are sharing here. Bloggers need to follow this to secure their blogs.

    Thanks for sharing.

    All the best,
    Mavis Nong
    Mavis Nong recently posted..Motivational Quotes By Will Smith…My Profile

  7. Howard Harkness September 22, 2010 at 2:17 pm #

    What does BackUp Buddy do that I can’t get by just using FileZilla to download my entire website? Other than making it slightly easier to migrate to a new URL (which the new version of WP makes easy enough)?
    Howard Harkness recently posted..Security in the Home- Vacation Electrical TimerMy Profile

    • Andrew
      September 22, 2010 at 7:02 pm #


      Can you get FileZilla to backup your files automatically or do you have to go in and manually start the download each time?

      Andrew recently posted..Prevent Your WordPress Blog from Being HackedMy Profile

      • Howard Harkness September 22, 2010 at 7:16 pm #

        It’s a manual process, which I do every few days. However, it’s not particularly painful. You log into your account, make sure you are pointed to the right place on your local system, then right-click, choose download on the www directory, and specify only files that are newer.

        I’m usually in FileZilla at least once a day anyway to put new stuff up on my site. I suppose if you are running WP as your whole site, you might not be doing regular FTP access, so that might be a hassle to set up, at least the first time.

        FileZilla is free, open-source, and does the job.

        Could be that I’m influenced by my 30 years of programming experience, but it just doesn’t seem to me to be worth $45 to automate something that isn’t that can be accomplished with minimal hassles with a free tool.

        Although now you have given me an idea… I can probably write a script that uses FileZilla (or just about any other FTP client) to automatically backup your sites, with a schedule and a list of URLs.

        The only shortcoming I can think of for that approach is that you have to have FTP access to make it work, and need to have a specific place to store it all. Folks who do WP sites like the fact that the site is accessible from any browser, anywhere.

        • Andrew
          September 25, 2010 at 4:01 pm #


          The last thing I want to do is remmeber to do something each day to back up my files.

          That, to me, is easily worth $45. Buy it, set-up (once), test…done!

          But we are all different, aren’t we?

          Andrew recently posted..Why Some Bloggers Don’t Make Money OnlineMy Profile

          • Howard Harkness September 26, 2010 at 12:59 pm #

            I’m doing something to nearly every website I have at least 3-5 times a week anyway. I have developed a habit of anytime I log into the FTP account with FileZilla, I do a “download all files that have been changed”, which involves about three extra mouse clicks. I do that before I make any changes, just to make sure that I have the latest copy of everything, since I use more than one computer — and I end up with a complete backup of my sites on every computer I use.

            I plan to start using SVN to keep track of changes, since I’m getting to the point where I have a lot of PHP code in a lot of places, and I need to implement some source code configuration control.

            To each his own, I guess. I’ve been a profession programmer for over 30 years, so I probably have a different view of things.
            Howard Harkness recently posted..9 Years AfterMy Profile

          • Andrew
            September 26, 2010 at 4:48 pm #

            Hi Howard,

            Thanks for coming back and sharing your process.

            As we have both said…we all like different ways.

            Andrew recently posted..Why Some Bloggers Don’t Make Money OnlineMy Profile

  8. Ryan Biddulph September 22, 2010 at 2:22 pm #

    Hi Andrew,

    Super tips here.

    I follow them, especially your advice about plug-ins. Before you trust the tool check the source.

    Thanks for sharing your insight.

    Ryan Biddulph recently posted..How Super Annoying People Can Be Your Greatest BlessingMy Profile

  9. Henway September 22, 2010 at 9:59 pm #

    Great points, especially backing up your data. However, I try to stay away from WordPress and other CMS, and build my own simply b/c I find the act of restoring a WordPress blog a bit scary.
    Henway recently posted..What is SteviaMy Profile

  10. Jean Sarauer September 22, 2010 at 3:05 pm #

    Excellent post on a vital topic. A lot of my blogging friends have been hacked lately, and they’ve all said they wished they would have followed advice like what you’ve given here.
    Jean Sarauer recently posted..Here’s to the Rebel BloggersMy Profile

  11. Felicia September 23, 2010 at 5:06 am #

    Hi Andrew, thank you for educating us about the possibilities of being hacked and also, thank you very much for telling us the steps on how to prevent it in the first place. I think the worst thing that could happen to a hacked blog site is when they choose to delete all of your files. That would be like all your hard work is just going down the drain.. 🙁
    Felicia recently posted..William Thorson leaves Team PokerStars ProMy Profile

  12. Ron September 23, 2010 at 7:48 am #

    Thanks Andrew for bringing this topic up. I have wordpress blog and I admit, it was injected with some codes or malwares before by unknown hackers or script kiddies.

    I think, they can easily get in to our WP blog via the plugins, themes and of course FTP software we are using as well.

    Also, updating WP platform is a must for us to minimize this kind of incident to happen.
    Ron recently posted..Baked Macaroni And CheeseMy Profile

  13. Shally Martin September 23, 2010 at 7:57 am #

    Thanks for the tips. It will be useful to avoid account from being hacked and also account restoration after was hacked.

  14. Julius September 24, 2010 at 12:13 am #

    Using a long and complex password is the main security measure I use. Great that you reminded us to back up our content as I’ve not done that recently. I also copy the main content itself and save it in my hard drive, if I don’t have it there yet
    Julius recently posted..The Wonder Years- Seminars@HadleyMy Profile

  15. Alan Mater September 30, 2010 at 9:25 pm #

    Hey Andrew,

    Excellent tips here. I can’t imagine going through an ordeal like getting my blog hacked. I’m going to download the Secure WordPress plug-in right now; although, I’ve taken other precautionary steps already. It never hurts to be doubly sure your blog is safe!

    I’ve seen other, free plug-ins available for complete backup solutions, but Backup Buddy seems to be the easiest and most hands-off of all of them. I would prefer not to have to download the files manually… a completely automated, hands-off method to me is well worth the price for piece of mind.
    Alan Mater recently posted..Q&A- Building Links to Your WebsiteMy Profile

  16. ADHONYS October 8, 2010 at 4:32 pm #

    Thanks for these tips, i didnt knew that some one can stole or delete or my blog. I have a plugin for backup the blog, but nothing to avoid beeb hacked.

    By the way, Congratulations for this blog.I really like it. I have Bookmarked in ny favorites. I will keep visiting you to learn more of seo.

  17. ThatsBlog.com December 15, 2010 at 1:58 am #

    Thanks for your submission to the Eighty Seventh edition of the Blog Carnival: Blogging. Your post has been accepted and its live:


    ThatsBlog.com recently posted..Blog Carnival- Blogging- Forty- Eighth EditionMy Profile

  18. Tony Medina July 8, 2012 at 8:23 pm #

    Hi Andrew, as usual, I always learn something from your posts, thanks.

    I haven’t had any nasty experiences yet, however it could be more luck than good management.

    I have been using FileZilla, and get a daily email with my site’s database backup, also HostGator does a regular weekly one. Would you recommend to just use Backup Buddy?


  19. Wade Balsdon
    August 28, 2012 at 6:50 am #

    Funny you should post this Andrew. Our inbound and content marketing blog was hacked a while ago. My wife is now designing a brand new blog 🙂
    Wade Balsdon recently posted..Your Partner is Making You Fat!My Profile

  20. Salman Ahmad February 25, 2013 at 12:09 am #

    Well the tips looks promising. Gonnna implement all the methods explained in the article. Was looking for similar kind of tips from a long time. Thanks for the share.


  1. Follow Friday, A Birthday Bash Giveaway, and Thesis Awesome - January 1, 2011

    […] Prevent Your WordPress Blog from Being Hacked (@andrewrondeau) […]

Leave a Reply

CommentLuv badge
Please note: Here at WeBuildYourBlog.com, we welcome your comments...supportive, critical or otherwise. However, we censor and delete all comments if they contain the following: Off-topic statements, links to sales pages or services, abusive content, vulgarity, personal attacks, spam or simply saying 'nice post...keep it up!'. Those who violate this policy will be blocked from commenting.

0 Flares Twitter 0 Facebook 0 Google+ 0 LinkedIn 0 Email -- Buffer 0 0 Flares ×