Here’s a little public service message for my blogging friends. One in five websites use WordPress to create their site or blog. And with that high percentage of users, there are a lot of nefarious people out there spending their time trying to get access to your files. One thing you can easily do to help protect yourself from hackers is to install a WordPress plugin that might prevent you waking up one morning to find your site or blog has been hijacked or is being used to spread malware without you even knowing it. Wordfence Security helps protect you from being hacked.
The following is a bit nerdy, but important information. A good friend of mine, photographer Joel Belmont, turned me on to the Wordfence plugin a few months ago, and since then my eyes have been opened to how many times a day people try to log in to my site as an administrator to do who knows what. Last week, a single suspicious IP address hit my website 45,000 times in 48 hours. And pretty much every day, dozens of people in far off countries as well as here in the US, go through a string of username and password guesses trying to get access to the blog you’re reading now.
Since my usernames and passwords are not easy to guess, lucky for me, they haven’t been successful in the years I’ve been writing this blog. But it would be silly of me to sit back and pat myself on the back without stepping up my security.
That’s where Wordfence comes in. It comes in free and premium versions, but even the free version gives your WordPress site or blog serious protection. You can set how many times someone can try to log in before they are blocked and for how long. Wordfence recommends five failed attempts and blocking for an hour, which they say is enough discourage unwanted bots from hammering your login page.
Also, if your blog or site’s username is “admin”, I can tell you that’s the first username they try. They try that one hundreds of times a week on my sites.
With Wordfence, you can also monitor live traffic to your site to see if anyone seems to be downloading more than a human should be able to read at once. There are many other features including permanently blocking specific IPs that keep trying to gain access.
If Wordfence spots anything suspicious or notices that your other plugins are out of date and potentially susceptible to hacking, you can have it email you to let you know.
Wordfence was just updated to version 5 and I can’t recommend it enough. The internet is a wonderful place, but sometimes you need a large bouncer at the door to keep the riffraff out.
And since we’re talking about protection, is your blog backed up in case someone does gain access and modifies it or deletes it entirely? I’d be willing to bet the answer is no for most of you. Another WordPress plugin I like is called Backup to Dropbox, which does exactly that. Or if you don’t have a Dropbox account there are other similar plugins to back up to your Google Drive or somewhere else you’d prefer.
I made the photo at the top of this entry in 1995 at the old border between East and West Germany, in Berlin, at Checkpoint Charlie, a few years after the Berlin Wall came down. Even a few years later, you could find remnants of the old border crossing as construction was happening in the neutral zone.