Wordpress Security and Alternatives
-
No matter how secure we try to make our wordpress blogs they still got hacked. We recently got hacked(server level hacking, javascript insertion that took our server down, through the askimet plugin), anyway there was nothing really showing in the front end, no inserted links and nothing suspicious looking code.
Oh well we are changing the passwords now and going through and deleting the javascript.
The problem im facing is that i am handling over 100 blogs, so its very time consuming to do this. I know that once or twice a year everyone goes through a wordpress crisis but we really cant afford nor have the resources to fix it all the time.
Are there any alternatives to wordpress blogs(as good as wordpress). Wordpress has been showing good results so far so it works as far as SEO goes, but we are trying to figure out what to do in order to not get hacked. Besides alternatives id like to know if there are any work arrounds to not get hacked with little maintenance needed. Any tips?
-
What kind of hosting plan are you on (shared, dedicated, etc)? There are a lot of annoying hacks going around affecting WP based sites on shared servers.
-
Website security is a very deep topic. I will jump to the end and share if someone wants to break into your website they can do so and there is nothing you can do about it. There is a balance between accessibility (all your site's users need to access the site) and security (keeping the bad guys out).
The largest companies in the world such as Sony have experienced break-ins. The official websites of various countries experience security issues. If a hacker wakes up one day and decides to focus your site and is willing to focus on doing such as a full-time job, he will likely succeed.
With the above understood, there are many steps you can take to maximize your security:
-
ensure you always use the latest version of your CMS software
-
when a new software update is released ensure your site is promptly updated. Waiting 60+ days to update your software is too long.
-
the same applies to any extensions used on your site. Any extension is a possible security issue.
-
have your htaccess file professionally reviewed by a security expert. There are numerous modifications which can be made to the file which prevents various types of security holes.
-
have your server setup reviewed by a security expert. There are literally hundreds of possible security holes which can be left open due to various settings.
WordPress is the #1 blog software in the world. It is a big step down to #2 in terms of popularity. If you change software you will be making sacrifices.
There are tools like McAfee which scan your site daily for a very wide range of issues, and alerts you to vulnerabilities. Otherwise you can Google "Website security testing" and begin learning more about your site's vulnerabilities.
-
-
we have actualy changed the admin profile...all our blogs had very secure paswords and did not use the admin profile
thats why i am kind of bummed too -
From our experience we noticed that Drupal does not work as well for SEO as wordpress does
so since we tested it Drupal wont be an option for us...Joomla either...but thank you for the tip ill try the website defender url for now...im looking for something that i wont have to manage every couple of months for technical purposes...so if there are any methods i hope we will both find out -
My hosting administrator Chad has some good Ideas. chad@cisaz.net - He has been having me remove the administrator profile, and installed an Administrative plug in as well. I am forwarding your questions, and concerns and see if he can give me more information on Server side securities he added on his end.
Have you tried deactivating the administrator profile, and adding more securities for the new content management contributes?
-
I'm interested in this topic also. I wonder if Drupal is a better option in terms of security.
I have installed the Website Defender plugin in one of my Wordpress websites and it notifies me of security related issues. Since you are managing 100 sites, this might be a service that could streamline that process, I don't know. Anyway, perhaps worth a look:
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Best practice for Wordpress /page/2/
I realize that it might be a minor point but it still bugs me. We have a blog with a number of posts. Content of the posts does not expire or age (in the rare case something changes, we do update the information in the posts). The wordpress blog is setup to display our latest posts and displays 15 posts at once. Since we have a lot of content, the older posts get pushed off the front page which is understandable and desirable behavior. However the pages that have older posts have names like "/page/2/", /page/3/, /page/4/ and so on. This does not look very SEO or user friendly to me. What do you think? Did you come up with something better then /page/ and then a number?
Content Development | | SirMax0 -
Help getting a Wordpress.com site to rank
Hi all, I have a blog for my site, but it hasn't been integrated into our site yet (that will happen in the next few months when we do some site changes). For now, it sits on a Wordpress.com site, and links from my website. I post a couple times a week, have social media linked to it, and feed posts to aggregators regularly. I also comment and like other Wordpress.com sites, but it just isn't ranking. Do I just need to stay persistent? It's been up for a month now, but still only getting a few hits a day. Any advice?
Content Development | | b4cab0 -
I started a Wordpress blog, google indexed it...
How long before I can see those links show up in SEO Moz for my website? What elements is SEO Moz looking for before they add the wordpress site to my linking domains report? Regards, Jeff
Content Development | | biggieshaws0 -
What's the best RSS Feed Pluggin for Wordpress?
I need to add an RSS feed for my Wordpress blog. Which one is the best to use? How can I maximize my RSS feed once I have it ? I'm thinking Technorati but what other places should I place it?
Content Development | | bronxpad0 -
Should I no-follow my WordPress tags
I just launched a WordPress blog on our website and SEOMoz is reporting duplicate content on all of our tags. We only have one post so far, so of course each tag is going to be duplicate. Should I no-follow those tags for the time being?
Content Development | | TRICORSystems0 -
Wordpress Ping List, does pinging Google Help? Could it hurt?
So I was looking at updating my ping list in WP. Some of the lists I have come across have a lot of "blogsearch.google" What does a WP site risk in pinging all of these google properties?
Content Development | | Thos0030 -
My Wordpress traffic has gone through the roof, huge referrals from wordpress.com - why?
My Wordpress traffic has hit an all time high over the last few days - in the last 48 hours I've had as many views as the last two months combined. This huge spike in traffic has coincided with a great piece of exclusive content that went up, but I wouldn't expect the traffic to be nearly as high as this. The strange thing is that all the extra traffic seems to be referred from Wordpress.com, however, I cannot drill down to a more specific URL. Also, the referrals do not seem to translate into page views of the homepage, nor a particular article. Can anyone offer any insight into this situation? Thanks
Content Development | | pugh0 -
Meta Title and Description Placement in Wordpress
I noticed in wordpress code that the <title>and <description> are not at the top of the code and rather located a ways down the code and not displayed how previous sites used to be.</p> <p>Does this still matter for SEO.</p> <p>I thought it should have been,</p> <div id="syn_row5" class="SYN_TXT"><span class="HTML_TXT"><span class="HTML_TAG"><<span class="HTML_ELM">title</span>></span><span class="HTML_TAG"></<span class="HTML_ELM">title</span>></span></span></div> <div class="SYN_ROW"> <div id="syn_row6" class="SYN_TXT"><span class="HTML_TXT"><span class="HTML_TAG"><<span class="HTML_ELM">meta</span> <span class="HTML_ATR">name</span>=<span class="HTML_VAL">"Description"</span> <span class="HTML_ATR">content</span>=<span class="HTML_VAL">""</span> /></span></span></div> <div class="SYN_TXT"><span class="HTML_TXT"><span class="HTML_TAG"> <div id="syn_row6" class="SYN_TXT"><span class="HTML_TXT"><span class="HTML_TAG"><<span class="HTML_ELM">meta</span> <span class="HTML_ATR">name</span>=<span class="HTML_VAL">"Keywords"</span> <span class="HTML_ATR">content</span>=<span class="HTML_VAL">""</span> /> (if still needed ?)</span></span></div> <div class="SYN_TXT"><span class="HTML_TXT"><span class="HTML_TAG"><span class="HTML_TXT"><span class="HTML_TAG"> </span></span></span></span></div> <div class="SYN_TXT"><span class="HTML_TXT"><span class="HTML_TAG"><span class="HTML_TXT"><span class="HTML_TAG"><span class="HTML_TXT"><span class="HTML_TAG">Is there a way to do this in Wordpress? Or does placment not matter anymore?</span></span></span></span></span></span></div> </span></span></div> </div></title>
Content Development | | hfranz0