Need help? Check out our Support site, then


Protection WordPress Blog from being potential Hackers?

  1. I have noticed some blogs (not from WordPress) getting hacked and have their pages disfigured or be redirected to another website. I was wondering if there is security that protects wordpress members from getting such things happened to their blogs.

    And if someone's blog is already been hacked, what can we do in order to retrieved back our original blog?

    Thanks :)

  2. There are a LOT of security features here you won't find at Blogspot or other blogging sites. The #1 issue on the forums seems to be people trying to do stuff that would (as a side effect) compromise security and WordPress won't let them.

    Just as some examples, WordPress doesn't allow javascript (which is how MySpace was hacked, if memory serves) or embeds other than certain types they've examined and cleared: YouTube, Google vid, Grouper, and Odeo for sound files.

    I'm sure a techie could tell you a lot more than I, but I guarantee you WordPress has some pretty darn robust protections in place. It may mean we can't run some groovy stuff in our sidebars, but that's a small price to pay for knowing your blog will be there when you wake up in the morning.

  3. Thanks raincoaster.

    I am aware that WordPress is less flexible in the sence of less groovy stuffs allowed in our sidebars compared to other sites like MySpace and Blogspot.

    But I am wondering, what else can we do to ensure that our sites are hackers free?

    If our blogs did get hacked, who do we look for help or assistance?

    I know the chances of it happening in WordPress is minimal but it is good to know.

  4. The single best thing you can do here is to use a very good password:
    http://faq.wordpress.com/2006/06/16/staying-secure/

    People here are not hacked - someone just guesses their password.

  5. True, that happened to me and I never DID find out who did it.

    Also, a few months ago there was a fellow complaining that he'd left his computer on and himself signed in and somebody who was in his house posted something in his blog he didn't like. DON'T DO THAT. Sign in when you're ready to blog and sign out again when you're done.

  6. Gotta also admit that I'm big on not giving out your email address on your blog as well and using a second one instead. I'w waiting for a spam phish run trying to get wp.com passwords actually. I've seen them for the rest of the blogging sites.

    If your email address isn't readable, you'll never get one of those "We need you to verify your email address. Visit this website and type it in now!" emails.

  7. How can I protect my password? But it still seems like Im being "hacked" Im worried now and I need protection. If anyone knows any anwsers please reply on http://www.rpfrulers.wordpress.com (my blog)

  8. @rpfrulers
    You will have to come back here for your answer. Change your password frequently and make sure it contains both letters and numbers, and upper and lower case to make it as strong as possible. And don't make it something that is easy to guess.

    Also: MAKE SURE AND RECORD IT!!! Nothing worse than changing it and then forgetting what it is. (I've done that before, and it isn't pretty.)

  9. Great link Mark.

Topic Closed

This topic has been closed to new replies.

About this Topic