- Book Reviews I CHEERFULLY REFUSE by Leif Enger, Audio Edition
- Book Reviews A BETTER WORLD by Sarah Langan
- Book Reviews LIKE HAPPINESS by Ursula Villarreal-Moura
- Book Reviews THE MARS HOUSE by Natasha Pulley
- Book Reviews JADED by Ela Lee
- Book Reviews THE MORNINGSIDE by Téa Obreht
- Book Reviews BABY X by Kira Peikoff
- Book Reviews AFTER ANNIE by Anna Quindlen
- Book Reviews IN ASCENSION by Martin MacInnes
- Book Reviews THE OTHER VALLEY by Scott Alexander Howard
Don’t Get Hacked! How to Prevent WordPress Blog Hijackings
Recently I received an email about one of my fellow foodies about her site getting hacked by a blog terrorist. He has tried to blackmail her insisting that she let him host her site and keep his Adsense banners up. At one point, he completely took down her site, too, because she was trying to keep him out. Luckily, she had all her posts backed up and was able to restore her blog when he did that.
So, even though her web hosting technicians are working on it, her Mac laptop was checked, and they’ve changed passwords several times, he’s been able to get into a security hole in the server where her WordPress blog is being hosted and they can’t figure out how to stop him.
The food community has tried to help out by offering advice such as file a police report. Yes, really. After all what is being done to her is illegal, especially the blackmail part. She has a WordPress expert friend who’s been trying to help out, too.
And since he’s posting Adsense banners on her site, she’s reported the situation to Google. (Though good luck trying to get any customer service out of them. She still hasn’t heard back yet after several days.)
Take preventive measures to protect your WordPress blog
So besides backing up, what can you do to protect yourself from getting hacked into and hijacked? Hetal and Anuja at Show Me the Curry, who have had numerous attempts on their site, offer this advice for people with self-hosted WordPress blogs:
- Update your WordPress version to the latest version. The previous versions allow your administrative account to be compromised. Here’s a list of WordPress security vulnerabilities.
- Look for a file called remv.php in your themes directory. This is being used by hackers to remote control your server. If you find one, remove it ASAP.
- Look in your WordPress options table for a list of active plugins. If you see anything that points to a strange directory or file, remove it. Also, if there’s a directory named “zz” in your plugins directory, remove it immediately.
- Look for a user named “WordPress” in your users table. If there is one, it must be removed ASAP. This user account was created by previous versions of WordPress and is used to compromise installations.
- To be safe, after you have completed these steps, change your admin password for WordPress and for your server.
Remember, these hackers are determined, smart and hard to keep out. So back up frequently and keep your fingers crossed.
Anne-Marie Nichols is the Social Media Manager at Mom Central Consulting. You can also find her blogging up some healthy recipes at This Mama Cooks!
-
I CHEERFULLY REFUSE by Leif Enger, Audio Edition
-
A BETTER WORLD by Sarah Langan
-
LIKE HAPPINESS by Ursula Villarreal-Moura
-
THE MARS HOUSE by Natasha Pulley
-
JADED by Ela Lee
-
THE MORNINGSIDE by Téa Obreht