Reposted with permission from blog.texthelp.com
If you subscribe to this blog, you likely receive a weekly digest email with a summary of posts from the previous 7 days. You may have noticed that last week this did not occur. Although I would like to say it was because I was vacationing in Tahiti, it was actually something much less exciting. To my surprise when I was preparing to write last week’s post I noticed something strange… The blog no longer existed. Details on exactly what occurred are still unclear, but luckily, I was able to recover everything after several hours and many phone calls.
This experience led me to think that this might actually make a good topic for a blog post. If you currently keep a blog, or are thinking about starting one for yourself or your classroom, security is a real risk. To help prevent the issue that I experienced last week (or at least recover quickly from it), I’ve included 5 best practices below that could save you tons of time and money in the long run.
- Choose your platform carefully - I’m sure there are more blogging services available than I am aware of, but the two primary platforms I see used are Blogger and WordPress. Both have their own advantages. For example, Blogger is owned and hosted by Google. It is easy to setup and great for those new to blogging, but offers less customisation options than you will find with WordPress.
WordPress is actually broken down into two separate products: WordPress.com and WordPress.org. WordPress.com is similar to Blogger in that it is hosted by WordPress. Anytime you are using a blogging platform that is being hosted by the company you are going to be faced with less options when it comes to how much you can customise. However, this is usually an acceptable trade off for many as it is easier and cheaper to setup.
WordPress.org allows you to download the WordPress blogging platform for free and install on your own server. Many hosting companies even offer a “one-click” install of WordPress. The upside here is that you have complete control over your blog. Michael Hyatt offers an excellent step-by-step tutorial on how to setup your own self-hosted blog in 20 minutes here: http://michaelhyatt.com/ez-wordpress-setup.html
- Backup often - Whether you are using a blogging platform hosted by a company or self-hosted, you want to make sure to have a backup. The great thing about Blogger and WordPress.com is that they handle backups for you. However, to be on the safe side, I recommend keeping a backup locally as well. Remember that if you are not paying for the service, there’s always the chance that it could end. Or maybe they somehow “miss” your blog during the backup. Both WordPress.com and Blogger have an option to export your blog and save locally so that you can restore or move to another service if necessary.
For WordPress.org sites, you can usually pay your hosting provider extra to make backups for you or use an extension. I like Vaultpress, but there is a cost associated with it. There are thousands of plugins available for WordPress, however, so if an additional cost is not an option be sure to search the plugin directory.
- Keep templates and plugins up to date – WordPress consistently releases updates to increase security and add to the number of features available in the blogging platform. It is important that you always keep your WordPress install up to date. Any themes or plugins you install may also release updates so keep these updated as well. Ensuring that all of these items are updated is critical for security reasons.
- Use secure passwords – I know this sounds obvious and that you have probably heard it many times before, but I also know that a good percentage of people still use “password” for their computer login. This is often the case because many people think computer hackers would have no reason to want to hack their blog. However, it is rarely the case that an individual hacker is targeting your blog. It is more likely that a program is searching all blogs with insecure passwords. Once it makes its way into your blog, it will inject your site full of spam and other content that is not fun to try and remove. Trust me.
To help make sure I have secure passwords, I use Norton’s automatic password generator. You can choose a minimum number of characters (go with 12), then have it automatically generate a random password that consists of numbers, lowercase and uppercase letters, and punctuation. Just remember to write it down afterwards.
- Be cautious about giving others access – I often ask guests to contribute blog posts. Rather than asking individuals to send me the information so that I can post, I create a separate account for that person so the post will show up under their name. When creating accounts for others, be sure not to set the privileges higher than necessary and also create a secure password for them.
Hopefully these tips will help new bloggers get off to a great start and prevent security issues from popping up in the future. If you have additional tips or resources that you recommend for keeping blogs safe and secure, please be sure to share in the comments section below.