Wordpress Security and Alternatives
-
No matter how secure we try to make our wordpress blogs they still got hacked. We recently got hacked(server level hacking, javascript insertion that took our server down, through the askimet plugin), anyway there was nothing really showing in the front end, no inserted links and nothing suspicious looking code.
Oh well we are changing the passwords now and going through and deleting the javascript.
The problem im facing is that i am handling over 100 blogs, so its very time consuming to do this. I know that once or twice a year everyone goes through a wordpress crisis but we really cant afford nor have the resources to fix it all the time.
Are there any alternatives to wordpress blogs(as good as wordpress). Wordpress has been showing good results so far so it works as far as SEO goes, but we are trying to figure out what to do in order to not get hacked. Besides alternatives id like to know if there are any work arrounds to not get hacked with little maintenance needed. Any tips?
-
What kind of hosting plan are you on (shared, dedicated, etc)? There are a lot of annoying hacks going around affecting WP based sites on shared servers.
-
Website security is a very deep topic. I will jump to the end and share if someone wants to break into your website they can do so and there is nothing you can do about it. There is a balance between accessibility (all your site's users need to access the site) and security (keeping the bad guys out).
The largest companies in the world such as Sony have experienced break-ins. The official websites of various countries experience security issues. If a hacker wakes up one day and decides to focus your site and is willing to focus on doing such as a full-time job, he will likely succeed.
With the above understood, there are many steps you can take to maximize your security:
-
ensure you always use the latest version of your CMS software
-
when a new software update is released ensure your site is promptly updated. Waiting 60+ days to update your software is too long.
-
the same applies to any extensions used on your site. Any extension is a possible security issue.
-
have your htaccess file professionally reviewed by a security expert. There are numerous modifications which can be made to the file which prevents various types of security holes.
-
have your server setup reviewed by a security expert. There are literally hundreds of possible security holes which can be left open due to various settings.
WordPress is the #1 blog software in the world. It is a big step down to #2 in terms of popularity. If you change software you will be making sacrifices.
There are tools like McAfee which scan your site daily for a very wide range of issues, and alerts you to vulnerabilities. Otherwise you can Google "Website security testing" and begin learning more about your site's vulnerabilities.
-
-
we have actualy changed the admin profile...all our blogs had very secure paswords and did not use the admin profile
thats why i am kind of bummed too -
From our experience we noticed that Drupal does not work as well for SEO as wordpress does
so since we tested it Drupal wont be an option for us...Joomla either...but thank you for the tip ill try the website defender url for now...im looking for something that i wont have to manage every couple of months for technical purposes...so if there are any methods i hope we will both find out -
My hosting administrator Chad has some good Ideas. chad@cisaz.net - He has been having me remove the administrator profile, and installed an Administrative plug in as well. I am forwarding your questions, and concerns and see if he can give me more information on Server side securities he added on his end.
Have you tried deactivating the administrator profile, and adding more securities for the new content management contributes?
-
I'm interested in this topic also. I wonder if Drupal is a better option in terms of security.
I have installed the Website Defender plugin in one of my Wordpress websites and it notifies me of security related issues. Since you are managing 100 sites, this might be a service that could streamline that process, I don't know. Anyway, perhaps worth a look:
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Traffic to blog home page is going down after changing my WordPress Theme
I recently changed my wordpress theme from a standard free theme to a newer theme. The home page I switched up a bit adding more calls to action to some of our top posts and leading people to popular categories and so on. This greatly improved the usability of our site as it allowed us to highlight new posts. The previous free template simply listed 10 of our most recent posts on a page with small snippets and then you had to move to the next page to keep reading. Since switching my theme the blog traffic has stayed relatively level. That being said, the specific posts traffic is going up a lot whereas the organic traffic to the blog homepage is now nearly depleted. Is this a common thing to happen or is there anything I can do to fix this issue?
Content Development | | saultienut0 -
If my blog is on Wordpress, and I've installed the AMP plug-in, what do I need to do to get Google to start indexing all my posts as AMP pages?
If I add /amp to the end of any of my posts, I can see that the plug-in is working. It's been months since I installed it, though, and Google hasn't indexed any of the AMP pages. Am I missing a step?
Content Development | | DeanRamadan0 -
Shopify Blog vs Wordpress
We are moving our Ecommerce site to Shopify. Currently we run our blog on Wordpress and I'm wondering if anyone has an opinion on using the Shopify blog vs Wordpress?
Content Development | | Glaze0 -
Wordpress post templates
Hi everyone! What I need is a way in Wordpress for the author to select a category for their post, and then have a template come up with some fields in addition to just the large field where you write your post, where the author can add some additional information. Then on the final post, have that information added to the top in some format that I (as the admin) can control. What I'm doing is setting up an internal company blog so our employees can have more visibility across teams. Some categories of posts will always include the same information, like release numbers, conference attendance, yes/no conclusions, among other information. If there's a plug-in for this, free or not, that would be great! If you can't tell I'm a Wordpress noob... so please bear with me. 🙂
Content Development | | john4math0 -
Should I no-follow my WordPress tags
I just launched a WordPress blog on our website and SEOMoz is reporting duplicate content on all of our tags. We only have one post so far, so of course each tag is going to be duplicate. Should I no-follow those tags for the time being?
Content Development | | TRICORSystems0 -
Wordpress Duplicate Pages/ URL's - Help !
Hi guys, I have been running SEOMoz for just over a month and slowly cleaning up one of my Wordpress Blogs. While going through the crawl reports I have noticed that I have duplicate pages showing on the crawl. For example, the main post would be; www.xxxxx.com/blog/post-title Then I see another URL which would be; **www.xxxx.com/blog/page/59 ** When I click on either URL it goes back to the actual post title URL. What's with these page URL's ? Isn't these two URL's showing duplicate content to the search engines ? Any suggestions would be greatly appreciated.
Content Development | | dcc0 -
How to Integrate a Wordpress Blog into my Website
We are looking at integrating a blog into our website. Unfortunately, our content management system is very clunky and not set up to quickly publish blog style content. I'd like to use Wordpress and set up the blog as a subdomain of my company website. Our URL is www.blockandcompany.com so the blog URL would be www.blog.blockandcompany.com. Is it correct to say that if the blog is set up this way, the search engines will see the regular website and the Wordpress hosted blog as one big site? I want to use the blog to write keyword-rich content, but I don't want to divide my SEO "equity" between two separate sites. Any advice?
Content Development | | Blockinc1 -
Are you sure moving a wordpress blog to a main website is a good idea?
Sorry to ask this question again but I left out some background info...... My blog sits at www.gardenbeet.wordpress.com I have been using the blog as my main linking page for my main website at www.gardenbeet.com - the blog links to relevant sites in both blog articles and on the side of the blog. The blog links to industry websites that in turn link to my main website at www.gardenbeet.com. If I was to move the wordpress blog to my own domain will my mainwebsite loose its strength. Will all those blog links pour my link juice out of my website? Will the current three way links become two way links and thereby lesson their linking importance? Is the previous recommendation (combine the blog and the main website) still the best course of action? Should I keep the two sites or perhaps close entries on the existing blog and start another on my own domain? thanks for your time AGAIN
Content Development | | GardenBeet0