| As the most popular blogging platform seems to be | | | | and someone gets the logon details, they can only edit |
| WordPress, I'll talk from the WordPress point of view, | | | | the new posts and submit new posts. Earlier posts |
| but on the whole the safety issues will apply equally | | | | and the admin of your blog is secured. |
| well to any blogging platform that you use. With some | | | | You can move the posts back to your main username |
| platforms, for example Blogger, you won't be in control | | | | once safely back on a secure computer. |
| of various aspects like most recent versions, but there | | | | 5) Change Your Nickname |
| are plenty of tips that apply. | | | | The biggest clue that you haven't deleted the Admin |
| 1) Keep Up To Date | | | | user is that all posts are from Admin. To prevent |
| If a new version of the blogging software is released, it | | | | hackers from working out your new admin user name |
| is for a reason. There may be new features, but there | | | | from looking at name attributed to the post, go to |
| may also be extra security releases. So update your | | | | profiles and give your username a different nickname. |
| blog to the latest version of the software as soon as | | | | Then in the next box choose to display your nickname, |
| you can, especially if you are on a version of | | | | rather than the username. |
| WordPress older than 2.8.4 as there is a worm that | | | | 6) Don't Use Obvious Passwords |
| can attack these versions. | | | | If your username is unguessable then you are a long |
| 2) Protect Your Machine | | | | way there, but also make your password strong. Look |
| The same also goes for your own machine, keep the | | | | at the indicator when you type in the password. A |
| virus protection up to date and a firewall running. Try to | | | | combination of upper and lower case letters, numbers |
| avoid using unsecured wifi networks and internet | | | | and maybe a few odd keyboard characters. |
| cafes that you aren't sure about. | | | | 7) Don't Display Versions |
| 3) Maintain Your Username | | | | Remove from the footer of your theme any displays |
| Everyone who uses WordPress knows where the | | | | of version of theme or WordPress that you are using. |
| logon screen is - many themes actually link to it! And | | | | If you are late updating to the new version, you don't |
| the default user id is Admin, so it is quite easy for | | | | want to be telling hackers! |
| hackers to run a script against your blog that starts | | | | 8) Spam Protect Your Blog |
| trying likely passwords. | | | | Make sure that the Akismet pluggin is installed, |
| To prevent this, sign on as admin, create a new | | | | activated and you have entered the key to run it. But |
| username with an admin role, sign off, sign on as the | | | | don't give spammers a clue about how successful |
| new username and then delete the standard Admin | | | | Akismet is at detecting their spam by displaying how |
| account. When you delete it, you should get the option | | | | many comments it has blocked. |
| to move all posts over to your new name. Now | | | | 9) Use A Backup |
| hackers have to guess username and password. | | | | Search the plugins database for a backup plugin that |
| 4) Create An Author Username | | | | works for you and use it regularly. If you are hacked, |
| If you might be posting from third party wifi networks | | | | then as long as you have a few of the most recent |
| and computers, then setup a new username and just | | | | versions of the blog backed up you will be able to |
| give it author access. Use this whilst you are away | | | | recover all posts and settings. |
| and if the networks aren't as secure as they can be | | | | |