Wordpress Blogging Security Tips on Dragon Blogger

17 Oct

Wordpress Blogging Security Tips

Posted by: dragonblogger // Category: blogging

Always use secure passwords when creating admin accounts, passwords should contain 1 Alphanumeric (a-z), 1 special @,#,$,%,^,*..etc), 1 number [0-9] and even 1 upper case [A-Z].
Ideal passwords are like:

D!noSa0r
B@ngK0k
W*trw0rl3

You should also NEVER be using FTP to transfer files to and from your web server. (Every file and every password you type is clear text across the Internet)
You should use SSH or SCP or SFTP (Secure Shell, Secure Copy and Secure FTP) to transfer files and access your servers.
Using a free SCP client like WINSCP which has a Norton Commander like interface (source files on left and destination files on right), or PuTTY which connects via SSH are best and completely free.

If you use a Unix Web Server as your host (Debian, RedHat, Ubuntu…etc) SSH/SCP/SFTP should be on by default.
If you are using a Windows based hosting provider, you may have to contact your hosting provider and specifically request it or request access via Secure communication protocols.

I use Dreamhost, and you get to choose a Unix box, I have completely secure connections to my hosted web server.

Share and Enjoy:

Wordpress 2.8.4 Security Update Yesterday I updated all 7 of my blogs to Wordpress...
Upgrading to WordPress 2.8.5 I have upgraded all 7 of my managed blogs to...
Find System Statistics with WP Security Scan Wordpress plugin WP Security Scan can tell you some great...
Wordpress 2.8.6 Released: Upgrade Now The latest fix Wordpress 2.8.6 addresses vulnerabilities with sites who...
Migrating Wordpress Blog to New Hosting Provider Part 1 – Backing Up Backing up your existing Wordpress Blog SQL Database and files...

Related posts brought to you by Yet Another Related Posts Plugin.

Written by dragonblogger (880 Articles Published)

Working in the IT Industry for over 10 years and specializing in web based technologies. Dragon Blogger has unique insights and opinions to how the internet and web technology works. An Avid movie fan, video game fan and fan of trying anything and everything new.

Follow dragonblogger on Twitter @dragonblogger

Tags: blog security tips, blogging 101, blogging security, blogging tips, disable ftp, how to create secure passwords, never use ftp, password complexity, putty, secure file transfers, secure ftp, secure web solutions, strong passwords, transfer files securely, web hosting provider options, web hosting tips, winscp, Wordpress Blogging Security Tips, wordpress security

12 Responses to “Wordpress Blogging Security Tips”

Kelvin Servigon Says:
October 17th, 2009 at 8:04 am
Hello fellow P50 blogger!

Your suggestion for creating password is a good idea. Thanks for that, I just changed my password now. LOL
Kelvin Servigon´s last blog ..The Enormous Flood that Ruined the CalumpiteÃ±os

[Reply]
dragonblogger Reply:
October 17th, 2009 at 3:09 pm
Thank you

[Reply]
Heather Kephart Says:
October 17th, 2009 at 1:00 pm
GREAT information, thank you! I took your direct advice and d/l one of the programs you suggested. So far so good!
Heather Kephart´s last blog ..Imagination

[Reply]
Tyrone | Millionaire Acts Says:
October 18th, 2009 at 1:31 am
Nice tips! I have a very hard password combination using letters, numbers, and special characters.

However, I am guilty of using FTP to transfer files on and from my hosting account.
Tyrone | Millionaire Acts´s last blog ..Preparing Your Personal Financial Statement

[Reply]
April King Says:
October 18th, 2009 at 6:52 am
(let’s try this again – stupid line breaks – feel free to delete my other comment)

That ties in nicely with a couple articles Iâ€™ve written about recently:

http://arstechnica.com/business/news/2009/10/30-years-of-failure-the-user-namepassword-combination.ars

http://www.wired.com/threatlevel/2009/10/10000-passwords/

Interesting stuff â€“ adding a decent 2nd factor canâ€™t happen soon enough!

[Reply]
dragonblogger Reply:
October 18th, 2009 at 10:00 am
My wordpress is configured by default to mark 2+ URL’s in a comment as SPAM, I weed through them manually. Thanks for the article links.

[Reply]
Brian from Newsletter For Internet Marketers Says:
October 18th, 2009 at 7:07 am
I just downloaded and installed WINSCP. I’ll play with it today. I’ve been using Core FTP lite but I don’t know how secure that is.

I’ve seen others blog about not using FTP but you are the first one I’ve seen link to secure alternatives. Thanks for that.
Brian@ Newsletter For Internet Marketers´s last blog ..News Related AdSense Site â€“ First Month = One Hundred Dollars

[Reply]
dragonblogger Reply:
October 18th, 2009 at 9:59 am
No problem, WinSCP I have been using for years and is an easy to use SCP and SFTP client. It uses both secure protocols

[Reply]
Michael Aulia Says:
October 18th, 2009 at 10:51 pm
Too many securities thingies that we need to do to secure our passwords on hundreds of web accounts lol
Michael Aulia´s last blog ..How to backup Firefox, Safari, Chrome, Opera, and IE with FavBackup

[Reply]
Mack from Foreclosures Las Vegas Says:
October 19th, 2009 at 10:04 am
Thanks for reminding us about security time and again. The passwords are crucial things and I am surprised to see few people taking it lighter. First of all passwords should never be shared, be it your wife, mom or son.. They are personal and should remain personal. Next is follow your steps in setting a tough password which contains alphanumeric and special symbols so that hackers cant break it. I am sure this rule not only applies to wordpress blogging but to the entire internet phishing concepts.
Mack@Foreclosures Las Vegas´s last blog ..Commercial Real Estate Bubble

[Reply]
Extreme John Says:
October 19th, 2009 at 6:49 pm
There’s a few tips in here that I never even considered, thanks for the heads up now I need to change a few things.
Extreme John´s last blog ..Sunday Smash Link Luv, Twittley for Twitter, Yahoo Meme

[Reply]
dragonblogger Reply:
October 19th, 2009 at 9:55 pm
Glad I could help

[Reply]