Atelier Shiori

Much more than crafting Ice Cream.

This blog is in archive mode, since Ama Usa An has superseeded this blog. To read my new personal blog, click here (amausaan.tokyo)

Remember: Always Back up your Website!

by

Just today, a fellow Anime blogger named Calaggie who runs Nigorimasen recently discovered that somebody hacked it and deleted all the content. It’s a shame that all the content the person worked hard on got wiped in an instant.

People who are running self-hosted WordPress blogs don’t realize that blogs that run WordPress are subjected to brute force attacks (basically an automated attack that guesses every password combination) in effort to gain control and use it to plant malware or even deface a website. If you host your own WordPress blog, you should do the following to prevent this from happening:

  • Have off-site backups – For most web hosting providers, you can perform a backup through CPanel, but you should keep the backup offsite in an event that you are unable to get a backup before the attack. For a Virtual Private Server, this is easier since you can just use rsync to another service or host after making a backup of the database and an archive. Also, some Virtual Private Server providers like BuyVM and Digital Ocean also have automatic backups (although the latter, it’s an additional cost). For me, BuyVM provides 5 GB of backup space and I created a scheduled task to back up and upload the files to the backup space. Also, Amazon S3 can be an affordable solution for backups as well. If you can’t afford offsite backups, just create a reminder to download a backup each week.
  • Check your plugins and themes – Plugins and themes can potentially have vulnerabilities that can be used by attackers to gain control or plant malware on the site. Therefore, you should keep the plugins updated regularly and only use themes from trusted sources.
  • Install Security Plugins: Plugins like BruteProtect (which will be included in Jetpack), Limit Login Attempts, and Rename wp-login.php can be good tools to protect you from brute-force attacks.
  • Use a strong password for your WordPress and web hosting accounts– This is obvious, but people have the tendency to use weak passwords since they are hard to remember. If you have a hard time remembering passwords, use a password manager like Lastpass or 1Password so that you can generate strong passwords without having to remember them. Also, avoid using FTP since  passwords are sent in clear text, use SSH/SFTP instead (most FTP clients should support SSH).
  • Keep WordPress Up to Date – Usually, WordPress updates fixes security issues. However, you can set it to update automatically.
Category: Tag: , ,

About chikorita157

Author and Owner of Chikorita157’s Anime Blog and Kireina Yuri. If you want to learn more about me, see the “About chikorita157” page.

Reader Interactions

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.