8 Ways to Safeguard your WordPress Blog from Hackers

You’ve treated your blog like your baby and nurtured it, complete with pictures and proofread everything you’ve written. You might have an average of 300 posts until date and you’ve invested so much time and sweat in making them perfect.

You also have a decent follower base (100+ followers) and a massive number of comments, at least 5000+ good comments by good people who truly appreciate what you blog about.

The above scenario is an absolute delight, until THIS happened!

We can totally relate to this (not that it’s ever happened to us, touchwood) and to see this happen to your very own blog is a nightmare.

But fear not! We’re here with a set of tips that’ll help you keep your WordPress blog safe and secure :)

1. Take a Back-Up!!

Your WordPress database contains every post, every comment and every link you have on your blog. If your database gets erased or corrupted, you stand to lose everything you have written. There are many reasons why this could happen and not all are things you can control. With a proper backup of your WordPress database and files, you can quickly restore things back to normal.

2. Do you have the latest WordPress Version?

You should always make sure that your blog’s version is up to date. WordPress team creates patches to help fix security holes. Follow wordpress feed to find out about the latest updates or you could simply login to your admin.

3. Delete “Admin” User

Just to make hackers work harder, bin this. Create a new user with administration rights, and give the user a nickname (for public display) that is not the same as the username. Then log out, log back in as the new user, and delete the original “admin” user.

4. Install WP Security Scan

This plugin is the really awesome. It’s simple and automates stuff. It will scan your wordpress blog for vulnerabilities and inform you if it finds any malicious codes etc. If the texts are in green in the admin panel then you should be good.

5. Scan Every Theme and Plugin You Want to Install

This is especially important if you download your themes and plugins from other websites online, or if you’re using cracked plugins and themes. You never know when a sleazy programmer will put a little code in your theme or plugin, or when that cracked software you’re downloading will be virus infected.

Don‘t just wait to get hacked before you realize this, so make sure you scan every theme and plugin you want to install on a regular basis; scan them with your own antivirus before you install them.

6. Create a .htaccess File in “wp-admin/”

.htaccess (hypertext access) is the default name of directory-level configuration files that allow for decentralized management of configuration when placed inside the web tree. .htaccess files are often used to specify the security restrictions for the particular directory.

Open a new text file and paste this –

preg_replace(‘/<\/?p( [^>]*)?>[ ]*/’, ‘ ‘, preg_replace(‘/

[ ]*/’, ‘ ‘, ‘

# BEGIN WordPress

RewriteEngine On

RewriteBase /

RewriteCond %{REQUEST_FILENAME} !-f

RewriteCond %{REQUEST_FILENAME} !-d

RewriteRule . /index.php [L]

# END WordPress


Save the file as .htaccess and upload it to your “wp-admin/” folder, i.e., to http://myblog.com/wp-admin/

7. Hide Your Plugins

If you’re not sure whether they’re hidden or not, navigate to http://myblog.com/wp-content/plugins. If you see a 404 error page, they’re hidden. Otherwise, you’ll see them listed.

8. Install Plugin that Monitors Your Files and Notify You of Changes Immediately

You can also tell your hosting provider to help you configure your server to notify you in case there is any change in any of your files at any time, or you can look for a plugin that makes this easy.

A lot of little changes happen to our blog every day, but the reality is that some of them shouldn’t be. It is important for you to make sure you don’t come to know about any of these changes lately, so make sure you regularly monitor your sever and wordpress installation for any changes.

That’s it. Your blog is more secure, and way less hackable. Go make content!

.ORG 2.0

A couple of months ago, Host Byte was presented with a challenging and interesting opportunity to increase awareness and change the perception of the .ORG domain extension in India.

.ORG has always been known as a TLD that represents trust, reliability and transparency and we’re sure that the first thing that comes to your mind is NGOs, cultural institutions, religious, and civic organizations, schools; etc.

Hence, in association with Public Interest Registry (PIR), operator of the .ORG TLD, Host Byte launched a series of Digital Ads to promote the .ORG domain extension in India.

Based on our research, we found that most people in India tend to opt for either a .COM domain name or a .IN domain name. The .ORG domain name has always been perceived as one for a university or mostly a non-profit organization. Our aim was to alter this perception and spread the message that a .ORG can also be used for representing businesses online. After much creative brainstorming we came up with a brilliant value proposition that perfectly summed up the ORG brand. Our message was simple to all SMB domain buyers- “Today you’re not just a company, you’re an organization”.

The online community is expanding, and people are now open to newer ideas and ventures. The .ORG initiative is just one step closer to expanding the horizons of the digital world. Thanks to the overwhelming and positive response that we received for our .ORG campaign, we hope to run more initiatives to promote and aid the adoption of .ORG in India.

What does ICANN’s New gTLD program mean?

Over the past weeks, the internet has been abuzz with news about ICANN introducing new gTLDs. Wondering who is ICANN and what a gTLD is? Our blog post today will tell you the meaning and relevance of having new gTLDs.

The Internet Corporation for Assigned Names and Numbers (ICANN) is a nonprofit private organization which was conceptualized to oversee a number of Internet-related tasks.  ICANN is responsible for the coordination of the global Internet’s systems of unique identifiers and, in particular, ensuring its stable and secure operation.

Let’s get you acquainted with what a gTLD is.

A generic top-level domain (gTLD) is one of the categories of top-level domains (TLDs) maintained by the Internet Assigned Numbers Authority (IANA) for use in the Domain Name System of the Internet. gTLD stands for generic top-level domain and is an Internet extension such as .COM, .NET or .ORG. Right now there are roughly two dozen gTLDs, but soon, there could be hundreds like .music, .hotel, .doctor, essentially .anything!

So why did ICANN expand the Top-Level?

• Remove existing limitations to ASCII gTLDs which do not reflect growing Internet reality and needs

• Create platform to innovation in the industry and Internet

• Open doors to increase choice and competition in the market place

• Opportunity for investment

• Upgrade systems/applications to accept new TLDs

• Increase of online cultural, linguistic, geographic communities

ICANN has received a staggering 2000+ applications and these are expected to be revealed on 13th June. Some of the big names that have applied are Google, Radix (Directi), Godaddy and Verisign. Applicants for the new gTLDs were from diverse backgrounds. Right from The city of Budapest that applied for its own Top-Level Domain, the .BUDAPEST to Google who applied for .LOL. GoDaddy applied for .HOME and .CASA while CloudName applied for .CLOUD.

.STLYE, .RIP and .SUCKS were three other gTLDs which were making news last week. Other quirky names included .beer, .love, .luxe and .pizza. Ever thought of how www.dominos.pizza or www.knowyourfuture.love would sound. No more .COMs. Personalised domain names for everything you can think of!

The Indian scenario

Not to be left behind, many Indian Corporations too have applied for new gTLDs.

· The Tata group has applied for the .TATA Top-Level Domain

· Mahindra & Mahindra has applied for .MAHINDRA

· The State Bank of India has applied for .SBI, .STATEBANK

· Reliance Industries has applied for the .RELIANCE new gTLD.

Based out of Dubai, Directi’s team – Radixapplied for 31 new gTLDs making them possibly the largest applicant in Asia.

There are definitely some very interesting times ahead for the Internet. This move by ICANN might change the way we look at the web!

Protect Your Online Identity

The online space has seen an enormous growth in the past few years, and today, mostly everyone owns a domain name. When you register a domain name, you are obliged to provide personal information as the domain name owner. This information is publicly available once your domain name goes live. This is where Privacy Protect comes in to play.

Privacy Protect is a WHOIS privacy service which is used to protect confidential information of domain owners. This protects the registrant from having their personal contact information displayed to the public. Whenever you register a domain your contact information associated with that domain is displayed in the WHOIS database.

The WHOIS database is an online database that secures your most confidential information, viz., postal address and telephone number which can be viewed by anyone.

Privacy protection substitute’s generic information in place of the details associated with the domain registrant (you). If your domain has privacy protection services then your personal contact details will not be displayed in the public WHOIS database. Domain privacy helps protect you primarily against spammers or identity thieves who would use your personal information for personal gain or unsolicited purposes.

How does Privacy Protect work?

When you enable Privacy Protection on a domain name, Host Byte replaces all your publicly visible contact details with alternate contact information, so that when a WHOIS query is performed on the domain, an alternate mailing address, email address and phone number are displayed.

Requests to view your information are directly sent to you (the domain owner) and you can decide whether you would want to share your details or not.

What is WHOIS Farming?

Everyday domain owner’s information is harvested by spammers from publicly available WHOIS to send spam. This means that people farm (collect) data from the WHOIS directory, obtain your contact information and send you unsolicited emails or make telemarketing calls.

When you Register a domain name with a Registrar, the Whois of your domain name lists your personal information (such as Name, Company Name, Address, Telephone Number, Email Address) as Contact Details for that domain name. This information becomes available to anyone who performs a Whois lookup of your domain name.

Your personal information is, therefore, at risk from being manipulated by data miners, who can then target you via junk email, prank telephone calls, postal messages, fax messages, etc..

Using Host Byte‘s Privacy Protection service, you may immediately put a stop to such abuse. When you enable this service for your domain name, we replace your Contact Details in the Whois information with our generic contact details, thus, masking your personal contact details.

Host Byte provides automated activation of Privacy Protect (for the .COM and .NET extensions) with the purchase of every new domain name and domain transfers, at no extra cost.

Privacy Protection for existing domains is also available and can be enabled from the Customer Control Panel.

How to enable Privacy Protect for your domain?

1. Login to your Control Panel, search for the domain name and proceed to the Order Information view.

2. Click the Privacy Protection link

3. Here you may either enable/disable Privacy Protection:

  • To Enable Privacy Protection: Select the Enable radio button.

If Privacy Protection has been disabled for your domain name by hostbyte.in and you have not been provided the option to enable it, then you would only see the reason we have disabled it. Contact our Support Team at http://hostbyte.in/support-desk to know more.

  • To Disable Privacy Protection: Select the Disable radio button.

4. Click the Update Privacy Protection Status link

Host Byte does it’s best to ensure that your data remains safe and away from the public eye. You can read up more on our Privacy Policies here – http://hostbyte.in/privacy-policy

WordPress 3.0.5 Released

Hey guys!

There is an update for all the WordPress bloggers.WordPress has just been updated. The latest version is WordPress 3.0.5. The highlight of this new version is that it is extremely strong from a security point of view. This security update is required if you have any untrusted user accounts in your WordPress blog. It also comes with some important security enhancements. Therefore it is strongly recommended to upgrade all your WordPress blogs now for security reasons.

So all WordPress users with version 3.0.4 or below, must have W 3.0.5 listed on their To-Do’s.

Start your updation by clicking here!