Hackers
Photo by Mike_3D

A few weeks ago I had the unpleasant surprise of finding out that my blog got automatically hacked by spam bots, due to a WordPress exploit, and in course also got infected with malware. Google, vigilant as always, was quick on scanning LOAB for any malicious software, found some corrupted code and immediately flagged the blog. What happened next was very predictable: who ever tried to search to for something on Google and found LOAB among the search results wasn’t able to access the blog, as it was “quarantined.” I lost hundreds of visitors daily during the course of two weeks, my rankings were shattered and of course the blog’s reputation was stained; as a side note I’d like to thank all the loyal readers that confidently continued to read my blog during that tough period.

So what basically happened was me, a innocent blogger, got hacked and unjustly suffered a great deal for nothing. And I’m not alone either, my horror story was shared by thousand of other bloggers all over the world, reporting almost the same “symptoms” as me. But was I entirely fault-less? Of course not, much of the blame of getting flagged by Google belonged to me, I’m as much responsible for it, as the devious persons behind the attack, just for letting something like this happen in the first place. Only after It was too late I realized I was never really ready for any similar situation, that could’ve happen to anyone at any time. I never took the necessary precautions and I got burned. Fortunately I got unbanned and all is well now, but it all could’ve been much worse. If there’s anything this nightmare’s taught is to be always prepared; so to spare some bloggers of sleepless nights and burnt neurons, I’ve decided to do a write up about protecting your blog against hacks. Note: this article is mainly aimed at WordPress blogs.

Preventing Attacks on Your Blog

Blog Attacks
Photo by Elaine_Vigneault

Hackers, whether they’re human or automated scripts, to infiltrate you’re blog, must first find a breach, a hole in the system, which sadly can always be found in the WordPress CMS. You can always count on finding various gaps to be exploited by hackers, trust me there’s no full-proof safe blogging CMS right now (doubt there’ll ever be), but some “holes” are much more common and easy to find then others and as consequence, must be immediately “plugged.” Bellow you can find a few solid tips, that can at least help avoid a tragedy. Some of these pointers may prove more or less technical, but I promise I’ll try to keep it all in layman’s terms as best as possible.

Securing Your Blogging Platform

Blogging Security
Photo by Micke-Fi

If you really want to keep your blog squeaky clean and pest free, then it’s for the best you start playing it safe from the very start, or in our case, since you first install WordPress on the server. Here’s just a few quick tips I’ve learned over a lot of time and over even more failed WordPress installs:

  1. Change your database table prefix. One of the most common types of hacking acts are those based on SQL injection, and 99% of time the whole process is automated. So you can spare yourself a lot of trouble, by trying to fool any potential intruders, just by changing your default Wordpress table prefix from “wp_” to something really unrelated like “sad213.” The reason why this will help a great deal is because there are thousands of treats all over the net, that will look for any vunerable databases that have table prefixes starting with “wp_” (provided they get the chance to scan your blog’s database). You should keep this in mind when installing any kind of popular CMS.
    Don’t use the ‘root’ user in any way. This is really really important, or else you’ll be risking a heck load. Think of it like this: you’ve let wordpress access the database via a root user, but you get hacked. Bummer, but this time, because you’ve been using the root user, all of your other websites on the server, if any, will be at great risk. Never happened to me, but if heard some pretty scary stuff…
  2. Change your default user name. When you install WordPress the first user will be called “admin,” and much like the point above, this can be reason of some uninvited trouble. What you need to do is change the user name and you’ll have one less thing to worry about. If you try to edit your user name you’ll soon see that it’s not possible from within WordPress, but only through altering the database. Login to your PhpMyAdmin and run the following line of code:tableprefix_users set user_login='newuser' where user_login='admin';

    Oh and more thing: please use a decent password! If you feel unsure on how to pick a secure password, check out this excellent article by Lorelle.

  3. Restrict access. When you installed wordpress on your domain for the first time, you were prompted to change CHMOD permission to various .php files and folders from “read” to “read/write.” What I’d recommend you do is write down all the folders and files you’ll be checking the permissions to and after you’ve successfully installed wordpress, revert the permissions. We could take restricting unauthorized access a step further by using .htacess to disallow any kind of access to the wp-content and wp-includes directories, besides some images, CSS and js files: Order Allow,Deny
    Deny from all
    <Files ~ “.(css|jpe?g|png|gif|js)$”>
    Allow from all
    </Files>

    If, God forbid, a certain attack is successful, then some of your .php files might become readable and among them is your highly important wp-config.php, from your root install. The wp-config file, as you may remember from when you first installed WordPress, contains precious, private data concerning your database like the username and password. What we have to do, to make suer they don’t fall into the wrong hands, is restrict the access to the file via .htaccess procedure.

    <Files wp-config.php>
    Order Deny,Allow
    Deny from All
    </Files>
  4. Hack-proof your wp-admin directory.Your wp-admin directory, much like your wp-config.php file are both extremely valuable for the wellbeing of your blog, but unfortunately are also very vulnerable to attacks. What you need to do is to protect your wp-admin by adding a few more layers of security, which we’ll achieve through a series of .htaccess inputs and WordPress plugins. A really great way to make sure 99% of your uninvited guests, that try to access your wp-admin file, get quickly ejected, is to disallow all other IPs, other then yours. Here’s the code to add to your .htaccess. Very Important: Do not add the following lines of code to your root blog address (/public_html), but in a new a .htaccess file, that you’ll have to create, in the wp-admin directory (/public_html/wp-admin).

    AuthUserFile /dev/null
    AuthUserFile /dev/null
    AuthGroupFile /dev/null
    AuthName “Access Control”
    AuthType Basic
    order deny,allow
    deny from all
    # whitelist home IP address
    allow from 64.233.169.99
    # whitelist work IP address
    allow from 69.147.114.210
    allow from 199.239.136.200

    This can be pretty stressful if your ISP assigns you a dinamic IP address, that changes with each PC reboot or if you try to access your wp-admin from a remote address. It certainly does its job well nevertheless. However there’s little this little hack can do when faced with a brute force attacks; but here’s where the Login Lockdown plugin comes in. What the plugin does is it logs all failed login attempts and after a set amount of failed logins, it blocks an IP range for 1 hour by default. Quite a nifty tool, but be careful though how you misspell your password.Another WP plugin that’s worth mentioning is the AskApache Password Protect, which, when enabled, will prompt anyone trying to access the wp-admin directory to fill in a username and password, assigned by you (which of course should be different from your wordpress login details). The plugin will automatically create a .htaccess and .htpasswd file, without messing anything up and will also automatically assign the appropriate file permissions.
  5. Hide your WP version information. Meta tags are a great way to let search engine robots better know what your content is all about and also help them read it better, but for spam bots they’re perfect for finding out your weaknesses. The following meta tag can be found in your header and will display your current WP version; look for it and delete it.
    <meta name="generator" content="WordPress <?php bloginfo('version'); ?>" /> <!-- leave this for stats please -->
  6. Hide your WP plugins. Some WordPress plugins are very fragile to attacks and some are full with exploit holes, so naturally what you’d like to do is hide what plugins you’re using from everyone else, so that nobody’s aware of their existence. You can do this just by creating a simple empty index.html file like wp-content/plugins/index.html. That’s it!

Various Security Pointers

Various Security Tips
Photo by cobalt123

  1. Update, update, update! Virtually, outdated software is like a welcome mat for hackers, who are always on the prowl for such foolish victims, such as myself who felt to lazy to update my WP version from 2.2 to 2.3.3. That particular laziness took its toll. Don’t be a fool and always update your software and I’m not only talking here about WordPress, but any kind of other auxiliary software as well, like plugins, that can prove to be quite damaging. Now , since the new WP 2.3 version, you’ll always get prompted whenever a new plugin version is available for download, so in a few quick minutes you’ll be able to download, upload and activate your new plugins.
  2. Religiously follow security updates. When a new security breach pops out, it’s advised to find out about it as quickly as possible and fix it. The fine folks down at WordPress are most of the time very capable when dealing with this and will immediately release updates to fix various issues. So I’d heartly recommend you subscribe to the WordPress development blog asap!
  3. Backup! This is a golden rule for any responsible web developer, especially bloggers. What I’d recommend is you make a database backup of your blog each week and a full blog backup (with files, databases etc.) every few months. If you’d like to have automated database backups generated and sent to your e-mail during a specific time interval, you can always try to use the WordPress Database Backup plugin. Works like a charm.
  4. Report bugs. Be a fine fellow/lady and report any kind of security disturbance or vulnerability that you might find. This way you’ll help improve future versions of WordPress and in term your blog as well. Just a e-mail the security staff from WP at security@wordpress.org and they’ll swiftly take care of it.
  5. Limit user registration. Actually remove the option all together and if someone needs a user, then you can just manually create it. Why is this important? We’ll there’s a lot of automate spam bots out there that scan WP blogs, register at the respective blogs (most of them don’t have anti-automated registration security) and start wrecking havoc where they can.
  6. Fight comment spam. Ah spam, spam bacon, spam sandwich, spam eggs, spam sausages etc, but what us bloggers are faced with daily isn’t a delicious breakfast, but rather with horrific comment spam. Besides the fact that spam comments are really annoying and can fill your blog with pr0n links, they can also infect your blog with some nifty malware. Luckily there are a lot of solutions to spam, like anti-spam WP plugins (see Akismet or Spam Karma 2) or how I personally prefer it (together with Akismet of course): manually moderating comments. Bellow you can find the official WP codex on fighting spam:
    1. Codex on Combating Comment Spam
    2. Codex listing of Spam Tools

Winning The Battle Against Malware

Google
Photo by keso

As I’ve already said at the beginning of the post, a few weeks ago my blog got hacked and infected with malware code. What I want to do now is to tell you, step by step, how I managed to disinfect and get the blog deflagged by Google, because this is the most common hacking scenario you’ll bound to face. Hacking bots will scan for vulnerable blogs and quickly infect them when they find a weak spot to breach. Soon after they’ll add a small snippet of code in your source code, most of the time harmless, hidden under a false tracking script. After they gather enough infected blogs, they’ll sell their loose code space to the highest bidder, which are most of the time fellow Viagra or warez spammers. It’s rough, I know, but when it happens it’s important to keep your cool and keep on walkin.’ I followed this simple steps and got Lost Art Of Blogging deflagged by google in 6 business days.

  1. Realizing your blog’s infected. The first step to solving any problem is realizing what it is. I never knew my blog was infected with malware, until a few readers e-mailed me, letting me know that I was flagged by Google. So how do I know if my blog’s infected? There’s no real helpful way to scan a blog for malicious code, but you can always do it by hand if you suspect something. Just open your homepage, hit code view and quickly scan the code for anything devious; a quick tip would be to look for anything that contains <iframe> tags or hidden code to visitors (width=”0″, hight=”0″). It isn’t very practical but it works. If you don’t find anything you’re home free, if you do, then you’ll might as well continue reading this.
  2. Delete the malicious code. After you find out that your blog’s been infected with malware, the first step you need to take, towards eradicating it, is to look though all your archive under code view for suspicious code. It can take a few hours, but I haven’t found any other way.
  3. Remove any suspicious outgoing links. Most of the time, when a WP blog gets infected with malicious code, the respective spam script will also insert some spam links advertising the services of their “clients.” Some of these domains may be banned and flagged by Google as spam, malware heavens etc., so any blog linking to them will be penalized or in our case, coupled with identified malware presence, will get you flagged big time. You can use the link analysis tool from SEO Chat to check for both inbound and outgoing links. If find anything that points towards warez, viagra, pr0n or anything remotely spamish remove the link at once.
  4. Ask for a StopBadware.org review. StopBadware.org describes itself as a “neighborhood watch,” a Internet malware policeman if you will, that’s job is to find infected websites and flagging them at Google (they have a direct partnership) for quarantine. After you’ve successfully cleansed your blog, following the above steps, you can apply for a site review from StopBadware, which will check for signs of spam and according to this will or will not unflagg you.What you first need to [digg-reddit-me]do is fill in the review form, type in your blog’s url in the clearinghouse section and query the search. After that all you have to do is fill in some general info about your blog, along with any additional notes that the reviewer should take in consideration and press send. Depending how lucky you are and if you’ve correctly removed all the malware, you should get a positive response in 5-7 business days. If you’ve still got unresolved questions concerning StopBadware, then you should consider heading over to their discussion board and opening a thread.

Blog security has developed into a very delicate issue over the years, as more and more security breaches have occurred, even at the big houses (Al Gore’s blog hacking is the first thing that comes to mind), proving how truly fragile they can be in the face of attacks. It’s up to you and only you, to make sure that your blog’s integrity and privacy rights aren’t comprised in any way.

If you enjoyed this post, then you might consider subscribing to our feed via RSS or e-mail. Find out more about subscribing here. Thanks for visiting!

AddThis Social Bookmark Button AddThis Feed Button
  1. Brett

    Even a service oriented business will need some outlay of cash in the beginning.
    This article is about generating sales with articles.
    Whether you like it or not, the internet is the business weapon of today and it could be your best friend, if you treat
    it right.

  2. unexplained weight Loss

    I drop a leave a response when I appreciate a article on a site or I have something to add
    to the discussion. It’s triggered by the passion communicated in the article I read.
    And on this post Fighting Blog Hacks: Preventing And Eliminating Intruders | Lost Art
    Of Blogging. I was moved enough to write a thought ;) I do have 2 questions
    for you if you do not mind. Is it simply me or does it look as if
    like some of the comments look like they are written by brain dead people?
    :-P And, if you are writing at other social sites, I would
    like to keep up with you. Would you make a list all of all your shared sites like your twitter feed, Facebook page or linkedin profile?

  3. win at internet poker

    At this same time as poker tournament strategy these are hard to walk away flat
    broke. FeaturesSeven Clans Casino, where he began work on vista.
    When poker tournament strategy I was more keen on looking for new sources of revenue,
    a branch of what was then a commission is paid.

  4. site de sexe gratuit

    Jе poste un petit commentaire uniquement
    pour congratuler le webmaster

  5. key west charter fishing

    Unquestionably imagine that which you stated.
    Your favorite justification appeared to be on the
    web the easiest factor to have in mind of. I say to you,
    I definitely get irked while other people consider worries that they plainly do not recognise about.
    You managed to hit the nail upon the top and defined out
    the whole thing without having side-effects , other people can take a signal.
    Will probably be again to get more. Thank you

  6. foods to avoid when dieting

    Hurrah! Finally I got a webpage from where
    I be capable of in fact obtain valuable information regarding
    my study and knowledge.

  7. www.soundsofshalom.com

    Truly when someone doesn’t understand afterward its up to other visitors that
    they will assist, so here it occurs.

  8. free hacks

    Oh my goodness! Incredible article dude! Thank you so much,
    However I am having problems with your RSS. I don’t understand the reason why I can’t join it.
    Is there anybody else getting the same RSS issues? Anyone that
    knows the solution can you kindly respond?
    Thanx!!

  9. virginia search optimization

    Good post. I learn something totally new and challenging on blogs I stumbleupon every day.
    It will always be helpful to read content from other writers and use something from other sites.

  10. jeux en ligne pour mac

    At this time I am going away to do my breakfast,
    when having my breakfast coming over again to
    read further news.

  11. hedgehogs pets

    Thanks for the good writeup. It in reality used to be a entertainment account it.
    Look advanced to more brought agreeable from you!
    However, how could we be in contact?

  12. wartune hack cheat engine

    Undeniably consider that which you stated. Your favorite
    justification appeared to be at the net the simplest factor to consider of.
    I say to you, I definitely get irked whilst other people
    consider concerns that they just don’t know about.
    You managed to hit the nail upon the highest as well as outlined out the entire thing with
    no need side effect , folks can take a signal.
    Will probably be back to get more. Thanks

  13. haga clic a traves del articulo hasta que viene

    ¡Hola Sólo quería darle una rápida cabezas para arriba .
    El texto

  14. หมอสมหมาย

    Nice post. I used to be checking continuously this blog
    and I’m inspired! Very helpful information particularly the remaining phase :) I deal with such information much.
    I used to be seeking this certain information for a very long
    time. Thank you and best of luck.

  15. cazadoras moncler

    If some one wants to be updated with most up-to-date technologies afterward he must be visit this
    web page and be up to date all the time.

  16. internetmatika

    I got this web page from my buddy who informed me about
    this site and at the moment this time I am browsing this website and reading very informative
    articles at this place.

  17. omega 3 beef

    Hi there to all, the contents present at this web page are genuinely awesome for
    people experience, well, keep up the good work fellows.

  18. Weight Loss Apps

    What’s Going down i am new to this, I stumbled upon this I’ve found
    It positively useful and it has helped me out loads. I am hoping to contribute & assist other
    users like its helped me. Great job.

  19. Wilhemina

    Hi! Do you know if they make any plugins to help with Search Engine
    Optimization? I’m trying to get my blog to raznk for some targeted keywords but
    I’m not seeing very good gains. If you know of aany please share.
    Many thanks!

  20. Fun Run Multiplayer Hack

    Heya i am with the main moment here. I stumbled upon this kind of table and that i in discovering It genuinely very helpful & the idea helped me away considerably Fun Run Multiplayer Hack . I really hope to show the one thing again along with help other individuals such as you made it easier for me.

  21. leonard vincent group

    Howdy I am so grateful I found your webpage, I really found you by mistake, while I
    was looking on Bing for something else, Regardless I am here now and would just like to say thank you
    for a fantastic post and a all round entertaining blog (I also love the theme/design), I don’t have time to read it all at the minute but
    I have book-marked it and also added your RSS feeds, so when I have time
    I will be back to read a great deal more, Please do keep up
    the great b.

  22. egg yolk

    Very good article! We will be linking to this particularly great content on our website.
    Keep up the good writing.

  23. escort seo

    Simply wish to say your article is as astounding. The clarity to your put
    up is simply great and that i can suppose you’re a professional in this subject.
    Fine with your permission allow me to take hold of your RSS feed to stay updated with approaching
    post. Thank you 1,000,000 and please keep up the gratifying work.

  24. Texas Holdem,Texas Holdem Poker,

    Hello there, Neat article.. Texas Holdem,Texas Holdem Poker, There exists a difficulty and your site in web ie, may possibly analyze this? Firefox nonetheless could be the industry head along with a huge component of consumers will neglect your current amazing creating because of this difficulty.

  25. cheap nike air max 90

    Its not my first time to visit this web page, i am visiting this site dailly and take
    nice information from here daily.

  26. ediscovery

    This piece of writing offers clear idea in support of
    the new visitors of blogging, that genuinely
    how to do running a blog.

  27. ip-50-62-132-94.ip.Secureserver.net

    When someone writes an article he/she retains the thought of a
    user in his/her mind that how a user can know it. Thus
    that’s why this article is great. Thanks!

  28. Fleta

    Nice post. I learn something new and challenging on blogs I
    stumbleupon everyday. It’s always useful to read through content from other writers and practice a little
    something from other sites.

  29. read more

    I think NodeVPS.net can give you great windows vps .Their support and prices are very good too, I will recommend them for their experience and high standards.

  30. ridgid cordless drill

    You would need to need to website the screws about the head and it could maintain really nicely without slipping.. The DB10DL isn’t only developed ergonomically for outstanding ease and comfort, but in addition in a way that allows the drill to stand on its own when not in use.. Even though you need a cordless electrical power drill for an extended use with a few intervals you are able to recharge the drill throughout your use..

  31. tour de france stationary Bike

    Excellent pieces. Keep writing such kind of information on your blog.

    Im really impressed by your site.
    Hi there, You’ve done an incredible job. I will definitely digg it and for my part suggest to my friends.
    I am sure they will be benefited from this web site.

  32. hogan

    Hello to every one, because I am in fact keen of reading this web site’s post to be
    updated daily. It consists of fastidious stuff.

  33. Holdem Poker,Best Holdem Poker Site,

    Woah this website is amazing i enjoy examining you. Keep up the good works of art! You are aware of, a great deal of person’s usually are searching rounded due to this information and facts, you could support these individuals considerably Holdem Poker,Best Holdem Poker Site, .

  34. online video poker,video poker online,

    Hello there, Cool posting Online Video Poker,Video Poker Online,. It comes with an issues with your web site in net adventurer, could examination that? For example ‘s still the market main in addition to a significant amount of folks may omit ones wonderful producing for that reason problem.

  35. serwis laptopów

    We’ll without delay get ones feed when i are not able to in locating your own email ongoing web page link or even e-newsletter services. Carry out you have almost any? Generously permit me to identify so that I may merely register. Many thanks serwis laptopów.

  36. www.happyslotscasino.com

    Thank you for another helpful blog. The location else could I buy in which style of details coded in this type of excellent approach? I own a vision i’m basically right now managing upon, and that i have been getting the appearance out and about intended for such information Slots Casino, Best Slots Casino,.

  37. Web Casino, Web Casinos,

    My pal recommended I may such as this weblog. He / she has been totally correct.. Web Casino, Web Casinos, This specific set up really produced the morning. You can not feel how a great deal time frame I did used because of this details! Thank you so much!

  38. read homepage

    We’re a group of volunteers and opening a different program in our online community. Your website available you having valuable facts to help works of art upon. You have performed an impressive process along with your whole local community will probably be happy to you personally Bingo, Online Bingo, Bingo Room, Bingo Site , Bingo Hall, Bingo Halls, Bingo Community,.

  39. www.texas-holdem.me.uk

    Hey there, only changed into alert to your web site by using Bing, determined it’s genuinely educational Texas Holdem,Texas Holdem Poker,. I’m likely to be aware of the town. I’ll get pleasure from if you happen to keep on this kind of in the future. Many other men and women may be benefited from your own writing. Best wishes!

  40. Alexis

    No mɑtter if some one searches for his necessary thing, so he/ѕhe wishes
    to be available that in detail, thus that thing is maintained οver here.

  41. Texas Holdem ,

    Spectacular web-site. A lot of handy details right here. We’re delivering them for some associates ans in addition discussing throughout scrumptious Texas Holdem ,. And certainly, as a result of your perspiration!

  1. 1 relational database

    relational database

    Fighting Blog Hacks: Preventing And Eliminating Intruders | Lost Art Of Blogging

  2. 2 Reputation Rhino

    Reputation Rhino

    Fighting Blog Hacks: Preventing And Eliminating Intruders | Lost Art Of Blogging

  3. 3 axzz3EB4RS5ej

    axzz3EB4RS5ej

    Fighting Blog Hacks: Preventing And Eliminating Intruders | Lost Art Of Blogging

  4. 4 Arthur Falcone

    Arthur Falcone

    Fighting Blog Hacks: Preventing And Eliminating Intruders | Lost Art Of Blogging

  5. 5 reading computer recycling for schools

    reading computer recycling for schools

    Fighting Blog Hacks: Preventing And Eliminating Intruders | Lost Art Of Blogging



Leave a Comment



Please read the Comment Policy



© 2007 - 2008. All rights reserved Lost Art Of Blogging. Designed by Paul Stamatiou and customized by Tibi Puiu.
Creative Commons License This work is licensed under a Creative Commons Attribution-Noncommercial 3.0 United States License.