Now that I’ve been working online for a few years and I’ve helped clients develop a lot of blog and social media marketing content, I’ve seen a few “near misses” and a couple of disasters. Internet “bad guys” have found vulnerable places where my sites (and maybe yours) are open to intrusion.
If you are a subscriber you’ve heard my nervous warnings before because I’ve sent out emails to my lists recently. I want you all to have the opportunity to learn what I have and take action to protect your web sites from brute force intrusion–or the vulnerabilities of “known exploits”.Â Too much jargon? Too much techie stuff on your To Do list?
I hope you don’t feel we’re bothering you about this web site security stuff. It’s just that I’m so nervous about mine–and my clients’ WordPress web sites that I want us all to follow up on the lead Daryl Lozupone (Renegade Tech Consulting) is providing us to secure our web sites. (We do seem to have quite a few! LOL)
Two Kinds of Web Site Attacks and Intrusions
In Daryl Lozupone’s recent article and checklist addressing WordPress web site security, he describes two sorts of ways hackers might gain unauthorized access to a website:
1. Brute Force
“The most common brute force attack is implemented through multiple attempts to login to your site.” (WordPress Beginners Security Checklist)
Here’s a screenshot showing multiple attempts at a test site: (Click on the image to view in full screen. Use back arrow in browser to return to this screen.)
Hint : One way to prevent this particular kind of attack and intrusion is to get rid of the Admin user account created by WordPress when WordPress is installed. See screenshot below.
2. Using Known Exploits
“These are far more complex and typically require more skill to implement. The basic idea is that there are known security vulnerabilities for different versions of web software, including WordPress. If the website assailant can determine what version of WordPress you are using, he can then apply exploits known for that version in an attempt to gain access to your blog.” (WordPress Beginners Security Checklist. Free from Renegade Tech Consulting. Link below in P.S.)
Two “Coming Up Quick” Opportunities to Prevent Web Site Intrusions
TODAY: A short, information rich free LIVE webinar. (THIS WEBINAR IS PAST. Hope you didn’t miss it. But, if you did, make sure to pick up your checklist (link below).
4 pm PST / 7 pm EST
Register here: http://socialbizstart.wpengine.com/events/wordpress-security-webinar/
FRIDAY, January 27: A Social Biz Start INTENSIVE (paid) workshop
Starts 8 am PST / 11 am EST
6 hours of instruction, work periods with one-on-one coaching, Q & A sessions. BONUS: follow up office hours with Daryl Lozupone.
Get it done on the day and spend the weekend (and forever) with the peace of mind you need about your Word Press web site’s security.
More info here: http://socialbizstart.wpengine.com/wordpress-security-intensive/
So why should you care? Here’s the email I sent last week:
Has your web site had any “bad guys” hanging around? Looking for a way in?
Is there any chance someone could get in and “mess up” your hard work and content?
Or, have you taken care of it?
Is your WordPress site snug and secure now? No worries that the Internet bad guys will stroll into your web neighborhood looking for a “fun” break in opportunity or a chance to use your site as a “free ride” to promote their own site?
If your WordPress web site security system is on your To Do List and likely to stay there for too long while you’re busy running your business and making some money, you’ll be thrilled that we have a Renegade Tech Intensive training coming up:
We’ve had enough clients with recent “mishaps” to know that many of you are unprepared. You don’t have a web site security system or a disaster recovery plan. You need to put locks on your doors and bars on your windows. You need to have a disaster recovery plan or you’re in danger of losing all your hard work and valuable content.
Don’t let your WordPress web site remain an easy opportunity. Come along to the WordPress Web Site Security INTENSIVE and “get it done” during the training session. (No more lists of things “to do”, just a list of DONE!)
Learn what to do and how to do it–and GET IT DONE during the training!
Wishing you peace of mind,
Daryl Lozupone & Kate Williams
P.S. If you haven’t got your copy of the WordPress Beginners’ Security Checklist yet, here’s the link: http://www.renegadetechconsulting.com/wordpress-beginners-security-checklist