Bloggers, Protect Those Blogs!
Blog Resources, Blogging, Contributed, Education & Training Add comments
The following is a guest post by a huge geek friend of me, Gerardo. He is the owner of the VolkDefense blog, which is mainly on technology, security, and products. Pay him a visit and I’m sure you would be able to protect your computer.
Bloggers today have become very popular on the Internet, such as the legendary John Chow, Darren Rowse, and Shoemoney. With many of them creating rich content that attracts over thousands of readers, most bloggers have forgotten one of the most important aspects in blogging and also crucial to the blog itself, which is security. Many of you may not know too much about security in blogs nor know how to protect your blogs. As a geek in computers, I will point out a few things you can do to protect your blog and prevent from ending up like some with their blog hacked and more. You may have read the guest post by Ashley that slightly touched the topic of computer security, but this post should elaborate a bit more for you.
Some of you may know about David Airey who had his domain stolen from him for a while until finally resolving a few days later. This was not a lack of security on the blog, but rather on the user’s computer. There was no way that the hacker was able to steal or as most of you know it “hack” GoDaddy’s Registry to take over the domain. Some ways that this could have happened are:
- The user fell for a phishing page, which is a page that looks exactly as a real page but it isn’t. An example is when you go to a page that is suppose to redirect you to PayPal.com, but redirects you to PayPai.com. Notice that a capital “i” will make it look like PayPaI.com. After you go onto the page it would ask you for your email and password as usual, but instead of sending you to your account, you would most likely receive an error after you’ve just sent your account details to the wrong hands (hacker in other words).
- A keylogger on your computer has been dropped by downloading an infected file or was dropped via an exploit. A keylogger can do the worst of damage because what it does is it captures all your keystrokes throughout your whole session on the computer; every account, every password, every letter will be recorded down into a text file then sent to the hacker who created the keylogger. This will give them access to your accounts without using bruteforce (forcing passwords) or any other technique.
Some ways you can protect yourself and your blog as well is to use Anti-Viruses to prevent keyloggers from getting your passwords and having to go through what David Airey went through. Bloggers usually use Wordpress, so I will go over some security techquies for that. Some ways to protect your Wordpress blog are:
Updating your Wordpress CMS (content management system) is the most simplest way, but many users wait until it is released for auto update on Cpanel, Hsphere, or any other panel they use, which gives the bad guys time to come up with exploits or use MYSQL hacks to get into your admin panel. You would be in trouble then 
- Setting permissions to 644 on files in your FTP. Some common ones are the wp-******.php files in your root directory. Index.php is important as well because if someone gets access to it, they can ruin your front page. Some bloggers get screwed over because of their hosting or because someone (could be them) left the directory permissions on 755 or 777. I won’t go into detail with this, but here’s a small tutorial on how to set your directory permissons for Wordpress.
- Your computer is crucial! Any viruses or keyloggers can make you go crazy because hackers can steal your passwords to your blog. Lets put it this way, your computer has access to your blog because you use it to edit, write, or do anything to your blog. If somone gets access to your computer, they would basically have access to your blog without you knowing.
These are some of the simplest ways for anyone to follow to prevent getting your blog stolen or even hacked. If you are using Joomla, Drupal, or any other CMS for blogging. Overall, Be safe, Surf Safe, and remember that security is important because security these days are getting tighter and tighter due to the fact that new exploits and viruses are being distributed, don’t get hit by one! Your blog is your investment 
Make sure you subscribe to VolkDefense if you wish to secure yourself and know about new products!
I really like his short tips on the wordpress security…I do have the problem to update my wordpress manually…can you help out? I depends very much on the Fantastico platform in the cpanel…
My last blog post is..Desperate For An Extra Income…
Hi Gerardo,
My domain was stolen not because of a phishing scam, or a keylogger, but due to a GMail security hack, which I explained on my blog (linked to through my name).
Thanks very much for the mention.
Hello David,
GMAIL Security Hack was an exploit. An exploit is a piece of software code that takes advantage of a vulnerability in another piece of software, in this case it was GMAIL, it was a bug in GMAIL that was later fixed when it started happening to other people, not just you. And the link that it sent you to the site also dropped a backdoor which is an infected site and drop trojans (known as a exploited site) on your computer that can almost be any security risk (trojan, virus, spyware, keylogger, dialer, dropper, etc). Sorry about not mentioning that in the post, I will help anyone who needs help, please go to the Bloggin-Ads forum and contact me there.
Mike, Gerardo,
No need to apologise whatsoever. Just thought I’d offer a little extra info about my experience.
All the best.
My last blog post is..Logo of the month #8
[...] out my post on Bloggin-Ads! And also read more about computer security in a post written by Gerardo from [...]
Wow–great post! I knew nothing about Wordpress CMS or directory permissions…very good information to have! Thanks, Gerardo
My last blog post is..Another reason I’ll never understand how a Democrat could ever fathom voting for McCain
Wow, this is a wake up call.. I never knew the gmail security flaw.. and I use free email for all domain stuff… crap… I need to rethink my strategy there!… I was fixated on reading the story of stolen domain and then getting it back.. Great post and follow up stories.
My last blog post is..Sumo in Tokyo
I have heard a lot about keyloggers. Is antivirus alone sufficient to prevent keyloggers from being installed? Is there any program or software out there that can scan the existence of keyloggers in our computer?
My last blog post is..FireFox 3
currently there is some spamming tool is introduced, I am getting hundreds of spam comments in my moderation queue
My last blog post is..DigitalPoint Vs SitePoint
This is a good info..I did not experience it before..But thnx mike for this info…BTW!!the tips can help a lot…:-)
My last blog post is..Workout Tips for Cycling/spinning
It just feels sad that even blogs and other “intellectual propeties” could be stolen and could lead to a devastating experience for the blogger. I highly commend this post since it highly promotes the idea of having a secured blog so that hackers would be off limits in intruding the property of a blogger…I hope hackers would never ever crack again the security stuffs that bloggers could use.
My last blog post is..Einstein And Manilyn Monroe Look-a-like