Posts Tagged ‘Blogger’

Everyone blogs these days and some are yet to give it a shot, so you have finally thought of setting up your blog or you already have a blog and the number of visitors are catching up too. But sadly and seriously these days, there are huge rush of people who hack into blogs either for fun or to malign work of others. So I have found some simple tips to keep hackers away from yours. Let’s see what are those:

null

Upgrade your Blog software

Most bloggers use platform like blogger, WordPress, typepad, Weebly, etc,, Perhaps you have wondered why blogs releases a new version of their software every few weeks. Thousands of people go over the Wordpres code every day in an effort to improve it. A lot of the time, they are trying to plug up security vulnerabilities which hackers have figured out how to exploit. By upgrading regularly, you can be sure that you have all the latest security fixes.

Update plugins

Many times, hackers will figure out how to gain access to your blog through a vulnerability in one of your plugins. The creators of these plugins often release updates that are more secure, which is something you should take advantage of by updating them regularly.

Most Importantly Hide plugins

If the hackers don’t know which plugins you have, then they won’t know where to begin trying to hack your site. The way they find out which plugins you have is by looking in your /wpcontent/plugins directory. If you create a blank document, save it as index.html, and upload it to this directory, you can prevent anyone from accessing this information. Alternatively you can block the standard file list from showing with .htaccess.

Get rid of Admin Login name & Use strong password

Do you still use “admin” as your username to log into your account? If so, you are making things much easier for hackers. If they know the username of your administer’s account, then hackers already have half of the information they need to break into your account. If your password is something like “wood floor”, then it can be extremely easy for hackers to guess. They can often simply use a program which guesses your password based on dictionary entries. Create a lengthy password made up of upper and lower case letters, numbers and characters in no particular order and avoiding dictionary words.

Login securely

One way that hackers will steal your password is by intercepting it through the network while it is on its way to most blogs. You can solve this problem by installing the Chap Secure Login plugin. This plugin will automatically encrypt your password when you login, so the hackers will only be able to see your username.

Remove your version information

Often, hackers will attack your site based on the version of the blog you are running. If they don’t know which version you are running, they won’t know how to attack your site. Install WP Security Scan to remove the identifying code from the header and feeds.

Prevent brute force attacks

One of the simplest ways for hackers to break into your account is to try different passwords over and over until they find one that works. The easiest way to prevent this is to use the Login LockDown plugin. If someone fails to guess the correct password three times within a 5 minute period, this plugin will prevent them from even trying again for the next hour.

Third Party Code

Adding site counters, templates, and other third-party code to your blog can be a great way to add some flare to your content, but can also leave your blog vulnerable to malicious activity if you aren’t familiar with its source. So take a moment to review the code and look for anything that seems out of place. For example, if you are adding a weather gadget to your blog and notice in the code that there are links pointing to unrelated sites, take that as a red flag and keep searching for another weather gadget. There is no reason that a weather gadget should include a snippets like ~ a href=”http://completelyfreemoneysamples.com”>Make Money Online!/a~

Before saving new template code, always preview first. Malicious template designers may sometimes include pop-ups or other unexpected ads in the template code, which will usually be revealed with a quick preview.

Look first to ‘trusted’ code repositories for a new template or widget. There are probably thousands of places across the web where you can find widget and template code, but it may be helpful to first check out some of the more widely known and trusted sources.

Protect against comment spam

Spam can be a danger to your blog and its visitors. Comment spam can insert unwanted content onto your website. One way of protecting against spam is using plugins that track comments and trackbacks, running them through tests to check on whether they are spam and then refusing or approving based on the test results. Though its worth noting that this is not completely full proof and depending on the size of your blog you may even want to personally moderate commenting, or maybe even limit commenting to specific posts.

Anti-spam Plugins and additional resources on how to protect from comment spam:
Akismet
Spam Karma 2
Codex on Combating Comment Spam (http://codex.wordpress.org/Combating_Comment_Spam)

Secure your WordPress Admin directory

This is mainly for WordPress Bloggers since it’s more the choice of pro bloggers and for its rich theme. This is one of the most useful tips where you have to whitelist all IP adresses that can access your /wp-admin/ directory. This method will only allow the access of wp-admin from your chosen IP addresses like your home computer, office computer, laptop etc. It is easy to do through .htaccesswhich you can place at /wp-admin/.htaccess. Here is the code you need.

AuthUserFile /dev/null
AuthGroupFile /dev/null
AuthName “Access Control”
AuthType Basic
order deny,allow
deny from all
# whitelist home IP address
allow from 64.xxx.199.99
# whitelist work IP address
allow from 64.xxx.199.210
allow from 199.xxx.136.200
# IP while in Bangalore; delete when back
allow from 128.xxx.2.27

Change IP addresses with the ones that you want to allow. If you are staying in a hotel for a few days, add their IP address in the file for that period and take that off when you leave that place. A very good security measure to keep your blog safe.

Finally, have a backup plan

You have to have a complete backup (database + files/plugins/themes) in case of uncertainty. It is always a good idea to keep your blog’s backup on more than one places (like computer hard disk, USB drive, CD etc) and take regular backups. This has worked like a charm to me many times bringing back many of my other blogs up in matter of seconds if something went wrong.. The following plugins can help automate the database backup process in wordpress, visit their websites for more information:
wp-db-backup (http://www.ilfilosofo.com/blog/wp-db-backup)
wp-dbmanager (http://www.lesterchan.net/wordpress/readme/wp-dbmanager.html)

Visit the the WordPress codex for further details on backing up your website.

As usual if you think i missed any leave a comment so other stay informed of it.. C U next week, till then take care..

I know many of you are using it already, since everyone as an gmail account and netizens can forget there name but not there gmail ID.. It’s now been just a few days since Google launched its Buzz social-sharing service and started rolling it out to Gmail users. The feature will pit it against social networking sites like Facebook and Twitter. Google Buzz will allow users to quickly share messages, Web links and photos with friends within its popular email service Gmail.

null

Google Buzz comes after the company’s several not-so-successful attempts to strengthen its position in the hotly-contested social networking space.

Here’s looking into what all Google Buzz will do for users. If most of you are already using gmail I am sure you are seeing that new tab for Buzz below your inbox.. On clicking the tab, users can read status updates, photos and video. Buzz updates will also show up directly in user’s inbox as well as in a tab within Gmail. Further you can open an item to comment directly because it’s a live object with an open connection to the server that gets updates in all time. According to Google, 40 people whom users talk to through Gmail and Gchat will be automatically added as friends. Buzz uses information from the existing email accounts of users to automatically show updates and media from people they talk to regularly. However, it will also allow users to share information privately if they want. Status messages that users publish on Google Buzz and flag as viewable to everyone will be automatically indexed by Google’s search engine and be available within Google’s recently launched real-time search results.

Like other social services, Buzz allows users to post status updates that include text; photos from services like Google’s Picasa and Yahoo’s Flickr; videos from YouTube; and messages from Twitter. I say many of its features mimic those of Facebook. This means Buzz will eliminate the need for people to visit sites like Twitter to post updates or see those sent by people they have selected to follow. Google Buzz will also pull in updates from outside your immediate group, such as an active conversation involving some friends and some people you aren’t following. However, though users can view Twitter messages within Buzz, they will not be able to publish new messages to Twitter’s service.

Buzz is also tailored to work on smartphones. Buzz will be available on mobile devices including Apple Inc’s iPhone and those that run on Google’s Android software. The programme automatically includes contacts that a user frequently emails. Google’s buzz also lets users publish their ideas to the world or just to their closest friends. This means each update can be set to either a small group of friends or to the entire world. User’s private updates will be directed to Buzz followers while public updates will reflect on user’s Google Profile page.

So some pretty cool features, so saying that do Could it be Twitter killer? the answer is No, because i thinks it co-exists peacefully. When you post a new tweet using Twitter, Google can import that tweet and send it out to your Buzz followers with the rest of your Buzz updates. You won’t have to jump through any hoops or use any back-door methods to make it happen. Twitter is officially supported by Buzz — the same is true of Flickr, Picasa, Blogger and YouTube.

But the same is not true between Buzz and Facebook. Buzz doesn’t import your Facebook status updates. It doesn’t post updates to your Facebook feed. It doesn’t display your friends’ feed updates. There’s no Facebook Connect integration at all.

Google is going to have a difficult time building a userbase when everyone who has a Facebook profile (that’s just about everyone who uses the social web at all now) is concerned that they can’t see their friends’ updates. They’ll have to keep using Facebook to stay in touch with their Facebook friends.

With more than 400 million users, Facebook is the world’s largest social network; Twitter by contrast has only 18 million or so. Gmail’s unique visitors numbered around 36 million as of last year. Clearly, Facebook is dominating. Google is attempting to challenge that dominance with Buzz, but Facebook is at the same time planning to move just as aggressively into Google’s territory. It was recently discovered that Facebook will eventually launch its own webmail service. You can already send messages to e-mail addresses from Facebook, but the execution isn’t as smooth as it needs to be. The new e-mail plan would address that.

Codenamed Project Titan, the service would offer users e-mail addresses ending in @facebook.com. Facebook would become the largest webmail provider overnight. If the service is functional enough, it could threaten Google’s Gmail. This outlook could change if Buzz integrates with Facebook the way it does with Twitter. Unless that happens, though, you’re better off keeping your bets on Facebook in the coming year or two — at least if your standard of success is something greater than niche appeal. Here is a video to as i Know some people are not interested reading this lengthy blog…

So what are you buzzing now, let me know what do you like and don’t like about it… C U Next week, tell then happy buzzing…..