A lot of people don’t put enough emphasis on protecting their money site, I also ignored this and had to learn the hard way. I was not smart about it and had about 5 of my sites hacked and really had me stressed. I ended up having to re-install all of the infected websites and it really took a lot of time to get them back up and running smoothly. It also affects your SEO rankings if the search engines find you linking out to bad neighborhoods or if you have So I wanted to write a post to help others protect their sites before it’s too late. This post is designed mainly for WordPress users but they are some tools you can use that don’t require WordPress.
Don’t Use The Same Password for Your Databases!
Duh! Right? Ya I should have realized not to do that but it never occurred to check. My host had all my websites with the same database password. So the automatic hack that got into 1 website, replicated and ended up in others because I had the same database password on multiple sites. So if you are not sure how to do this ask your hosting provider how you can change your username and password for each site. This really is something I never read about and will help you minimize damage if you have some.
Some Websites to Scan Your Site For Malware and Scripts
http://www.unmaskparasites.com This website is nice for finding hidden scripts that can pop-up on your website.
http://sitecheck.sucuri.net/scanner/ This site is a good security scanner and can detect scripts and also hacks that try and steal your link juice and also rootkit scans.
WordPress Plugins for Security
Here is the some best WordPress plugin for security. but you should know that not only WordPress, you must have a good Security for all kind of online business for that you need Top 10 Must Needed Online Marketing Tools For Starting Your Business to full secure. http://wordpress.org/extend/plugins/exploit-scanner/ This plugin is great for WordPress and helps you can your site for anything malicious or dangerous.
http://wordpress.org/extend/plugins/easy-database-backup/ I like having my databases sent to me every week. You can set the time period settings and have them sent more or less often. This is good if you ever have a problem you can just re-install your latest database that’s clean.
http://wordpress.org/extend/plugins/bulletproof-security/ I love this plugin, it really protects your WordPress site and it’s pretty easy to use. It protects your php files, .htaccess and more. It protects you from XSS, RFI, CRLF, CSRF, Base64, Code Injection and SQL Injection hacking attempts. There are tons and tons of options in this plug-in and it’s a pretty much one-click type plugin. Really easy for beginners and advanced alike.
If you have some suspicious scripts that are already on your site and you’re not sure what they mean. Try this website http://ottodestruct.com/decoder.php, it will decode whatever the script is so you can read it in a human language.
Change Your FTP Passwords Often!
This is big, don’t forget to change your FTP passwords often, and many times hackers can sniff out your passwords and use that against you. If they end up getting into one site, like I said with the databases they can also gain access to other websites on your hosting. Make the passwords hard to crack too.
Login Lockdown Plugin and Change Admin Username
Change your username from Admin to something else, that’s easier to hack and sniffing tools look for that. Also there is a plugin called login lockdown that will lockdown your page after 3 failed login attempts, you can change the settings on that also.
Update Your Website
Make sure you update your WordPress often, you want to keep all the security updates they do updated. This includes updating your plugins.
Change Your WP-Config.php File
This is the file that connects to your database and most people don’t move it. If you move it you end up blocking people as well as robots from accessing it. If you move it to another directory WordPress will look for and find it.
These are some major things you can do to really help protect your site. Don’t be like me and have to learn the hard way, there are a lot of people looking to hack your site for different reasons. Be pro-active and install some defense. Hopefully this might help some people save their site and their rankings. Thanks!