4 security links: Why you better secure your blog
Hackers are trying to break into my blog. I know this because months ago, I heeded the advice of other bloggers and boosted my security measures. That included installing the “Limit Login Attempts” plugin. Within days, I started getting WordPress notices when someone was locked out of my blog. I’m the only authorized user.
Since then, I get one or two WordPress alerts every week. Yeah, I was surprised, too. But this is a story about a small success.
Last week, I checked the logs and noticed that the same IP address had been locked out 64 times. I checked and found it came back to a site hosted by Amazon Web Services. I e-mailed their abuse address. They asked for a little more information; a few days later, I got a nice reply.
We have completed an initial investigation of the issue and learned that the activity you noticed did indeed originate from an Amazon EC2 instance. These intrusion attempts that you report were not, however, initiated by Amazon…
That said, we do take reports of unauthorized network activity from our environment very seriously. It is specifically forbidden in our terms of use. We’ve already contacted the Amazon EC2 customer who controlled the instance in question and informed them that they are required to terminate their unauthorized interaction with your network, failing which we will terminate their instance. In cases of egregious abuse or as we otherwise deem appropriate, we will immediately terminate all their instances and suspend their account.
That made me happy.
The lesson here: If you haven’t already secured your blog, do it. I’m not going to go into detail about what I’ve done, but I’ve included links to some of the sites I consulted. Alas, since I’m using WordPress, I’m not sure what the best resources would be for you users of TypePad, Movable Type, Blogger, Drupal….whatever.
And I’m not naive enough to think that my blog is impervious to a determined hacker. Consider this my “knock on wood.” Here’s the links.
10 Tips To Make WordPress Hack-Proof. The Ultimate Guide
guvnr.com | February 24, 2009
This is a must-read for keeping your blog safe, especially if you’re blogging in WordPress. I followed this one almost point-by-point. Complete with videos.
10 Steps To Protect The Admin Area In WordPress
Smashing Magazine | January 26, 2009
Once again, a must-read, but this one is also for WordPress users only. Some of it is a little technical, so you have to be comfy getting under the hood of your installation.
Blog Security – Tips on Keeping Your Blog from being Hacked
ProBlogger | September 7, 2006
ProBlogger is always good. This one is pretty straightforward and doesn’t have a lot of “wow, didn’t think of that” advice, but it’s worth a look.
How I’d Hack Your Weak Passwords
One Man’s Blog | March 26, 2007
Good advice on figuring out a password that works for you, and not the hackers.
Related Posts:
Comments
blog comments powered by Disqus
Kurt's Tweets- Why is this not a national story? Maybe I missed it. Appalling. Disabled woman was tortured and held as a sex slave http://ow.ly/2CiAq
- Bravo. RT @pwthornton: "Banning unsigned online comments undermines the media’s role as a forum for debate.” http://bit.ly/bmZsOn
- I would like to just take the two steps forward and skip the one step back. How about that? Would that be OK?
- Still seeking talented journalists to run #Patch sites in two south St. Louis County communities. Know anyone? http://ow.ly/2Axnv
- Waiting for a listings collector to give her more #Patch marketing cards. The work never stops.
View Comments on 4 security links: Why you better secure your blog
tx Kurt for TB to “10 Tips To Make #WordPress Hack-Proof. The Ultimate Guide” Nice tip too .. “Limit Login Attempts” plugin. ^guv
Very helpful post, Kurt. Thanks for sharing.Yours in palpable paranoia. . . .
Hey, my thanks to you for the great tips and the easy-to-follow videos.
Thanks for visiting.
tx Kurt for TB to “10 Tips To Make #WordPress Hack-Proof. The Ultimate Guide” Nice tip too .. “Limit Login Attempts” plugin. ^guv
Very helpful post, Kurt. Thanks for sharing.Yours in palpable paranoia. . . .
Hey, my thanks to you for the great tips and the easy-to-follow videos.
Thanks for visiting.
Tell me what you're thinking...
and oh, if you want a pic to show with your comment, go get a gravatar!