₦airaland Forum

Survey reveals Thousands of WordPress websites get hacked every day, so securing your blog must be top of your priority. Furtunately, it’s not all rocket-science as you need to make most of the tweaks only once.

Then just keep tabs on the WordPress security news and install updates religiously.
Some hackers target the personal information of your subscribers to steal their identity. Other attacks hijack your blog to distribute spam or malware or hold it for ransom. Hackers can also use your blog in a large-scale DDoS attack.

But guess what – if your website becomes a part of a DDoS or spamming network, Google will punish you big time. Bloggers.

Important Consideration of WordPress Security

1. From setting up your installation to choosing security plug-ins, be thorough and vigilant.

2. For instance, never leave your login name as “admin.” Create a custom login instead, and you’d better make it complex.

3. The same rule applies to your password. So, learn how to create, use and store a secure password, and how to prevent hackers from resetting it. For your own good.

4. I strongly recommend a WP Limit Login plug-in to limit the multiple sign-in attempts.

5. Two-factor authentication is another security practice that will get you a long way.

6. Anti-spam protection is a must-have these days. So CAPTCHA and Akismet plugins are essential tools for any website owner.

7. Disabling the WordPress API and XML-RPC is a useful trick that covers a critical security hole in your blog. I strongly suggest that you do it unless you plan to integrate your own programs into WordPress. I recommend in stalling Manage XML-RPC or DIsabla XML-RPC plugins.

8. You need to set up an internal security monitoring system with Sucuri, Wordfence or WordPress Security.

9. In the meantime, knowing how to choose the right hosting provider, and how to secure it is as vital as deploying an external monitoring system (i.e., CloudFlare) to protect your site against DDoS attacks.

10. You’ll also want to set up an SSL certificate and get your data and traffic encrypted. Also, disable PHP error reporting, and update your file permissions to prevent unauthorized users from tampering with them.

11. Proper user permissions management and logging out idle users will save you the headache of troubleshooting your site if one of your contributors wrecks havoc by mistake.

12. You need to be aware of the security threats coming from third-party plugins, themes, and advertising networks. So, find and disable them.

13. Never leave outdated plugins running and keep your website clean from old themes, plug-ins, and content.

14. Secure your end-point devices, IoT, and connections to get your blog bulletproof against physical intrusion. Forge a reliable disaster preparedness plan and do the timely backups of your websites.

15. You can refer to walkthrough published by Alex Grant for WordPress security consideration setup.

These common-sense instructions will help you beef up your blog security and automate most of the security-related tasks. As with everything in life, prevention is cheaper and better than treatment.

So, by investing your time in security you’re making it easier for yourself, as dealing with a website breach is a lot worse than preventing it.

Andriod devices are leading in population in the smartphone market today, Android’s brings various extras for users, with it open source app community which makes It also vulnerable to security issues. As Malicious app makers and hackers use Android’s flexibility to spy on user’s info like password, bank details etc. With people relying on their smartphones to store personal as well as sensitive data, this can be a major issue. There’s also the issue of a lost or stolen phone. Your device in the wrong hands might land you in some serious trouble. however, as they say, prevention is always better than cure, so if you haven’t yet secured your Android device, below are tips you can follow.

1. Encrypt your Android device

Google has taken some steps towards encryption. There’s an “Encrypt phone” feature on Android that can be accessed in Settings->Security. It encrypts your accounts, settings, downloaded apps, app data, media and other files which can only be unlocked by a PIN or Password. You must encrypt your device if you keep sensitive data on your device, if your device is hacked or stolen, your data will not be accessed until the encryption key is entered. There are also 3 party apps that can perform this task if you don’t trust the built in encryption module.

2. Control App Permissions

Andriod devices have iOS like app permissions, which makes sure you can control what info a particular app might be taking. Apps on Marshmallow ask permission when needed and you can deny a particular permission. You still can manage app permission by going to Settings->Apps. There, you can select an app and then tap on Permissions to disable a permission they have, making sure that app isn’t taking any info you are unwilling to give.

3. Set up Find My Device

Android Device Manager is an extremely useful app, it comes pre-installed on many devices and you just have to enable it. You can remotely ring your phone, erase data or lock it. You can enable it by going to Google Settings (Android 5.0 or previous) or Settings->Google (Android 6.0 or later), then go to Security and turn on “Remotely locate this device” and “Allow remote lock and erase”. You can sign in to your Google account on another device over at android.com/devicemanager and take control of the remote actions like erase, lock and find your phone in case your device is stolen or lost. Also, there are apps that offer better “find my device” ability, you can find them on the play store

4. Store important data in internal storage.

An external storage not only affect the performance, it also involves risks of losing your important data. The problem happens because external memory uses a mix of EXT and FAT file system, which is easy to access. Also, when you connect to a PC, the applications on the PC have block-level access to files on a SD card, thus having the ability to plant viruses or malwares.

5. Secure your network

If your network isn’t secure, it can be a gateway for malicious persons to steal your data, so it’s important that you browse the web securely. For that, you can use a VPN to make sure that all the information you send across the web is encrypted and your identity remains hidden. A VPN app is your best bet if you want to conduct important transactions on the web without having to worry about your data theft.

6. Use a Root Management App if you a rooted device

Rooting your Android device brings a lot of advantages but it also comes with its fair share of flaws. Rooting makes sure that your device’s security is open to be compromised, as there won’t be any official updates and apps can go ahead and take elevated permissions. This might result in data theft and apps installing malicious code. While it is not recommendable to root your device if you want to stay secure but if you must, you should install a root management app like SuperSU, which lets you grant or block root access to apps, thus giving you more control.

Stay secure

more cybersecurity awareness at https://bitsecurity.ng