Put A Firewall Up To Protect Your Blog From Attacks

I usually wait awhile before doing update posts so the original post gets to be seen by quite a few people. I’ve never, ever posted an update straight after the original post. However, since my last post about how My Blog Was Hacked And What I Did About It I’ve decided that this update was so important I should post it straight away.

Fist off I would like to thank Keith of Public Speaking and Presentations for putting me onto John Hoff and his post about how to easily set up WordPress firewall for your blog. Because of that post I’ve installed the SEO Egghead’s WordPress Firewall Plugin! You see where in my previous post I showed you how to protect yourself from someone hacking into your blogs dashboard this one protects you from the more malicious attacks the sort that uses SQL injection. Without this plugin hackers can hack your files without gaining access to your dashboard. I urge you to read John’s post and to install this plugin.

Firewall separating zones of trust
Image via Wikipedia

Since it’s installation I’ve been notified of several attacks on this and one of my other blogs. If I didn’t install the plugin not only would I not have known of the attack my blog may very well have been compromised. Once an attack occurs you get an email notifying you of the file they tried to compromise as well as the IP address of the offender. Apparently all the attacks appear to be “Directory Traversal Attacks” You can read about these and other attacks that a blog may be susceptible to here.  Yeah, I know there’s no SEO value in that link but screw SEO, it’s more important that I get this post out as quickly as possible.

Since being hacked and these attacks I’ve decided to change my user name because I admit it, I’ve been a real wanker because I’ve use admin as my user name. Why, because it’s the default and I never thought twice about it. The problem with admin is most blogs use the default and by doing that we’re making it very easy for the hacker to get in. He already has the user name so all he has to work out is the password. How do I know this? Because every email I’ve gotten so far telling me of attempts to gain access to my blogs have used admin as the user name.

Quick Tip: You know you have to change your user name when you get an email that someone has used it in an attempt to log on.

The problem is that you can’t change the name from the dashboard. Apparently you can change it by accessing you database but that’s too damn hard for most people, me included, which is why I found a plugin that will do it for me. You can access this from the dashboard using the Add New selection in your plugin menu. Just type in Admin renamer extended in the search box and you’re good to go. If you have an easy password it’s probably a good idea to change that as well.

Admin renamer extended

If you ever needed to promote a post via your favorite social media site, Twitter, Facebook or whatever, then I would highly suggest that this is the one. it’s probably a good idea to join my list so you do not miss out on these very important updates.

Digiprove sealCopyright secured by Digiprove © 2011
Continue Reading

How To Deal With Rude And Obnoxious Commentators

Flamer graffiti
Image by hugovk via Flickr

It’s unfortunate, but every now and again we, as bloggers, will have some moron visit our blog that may take exception to what we wrote and then think that he has the right to abuse the crap out of us. There are some bloggers who may retaliate in kind but I think that this is the wrong approach as it merely brings us down to their level.

Take for example this particular post, that I did on one of my other blogs. It was obvious that this bloke was a racist pig and that I could have easily have retaliated, but if I did I would have merely added fuel to the fire. There was no way I was going to sway his opinions and it would have been a wast of time trying. If anything I reckon that being diplomatic about it actually infuriated him even more.

So, how do we treat these poor misbegotten slime balls that choose to flame our posts?

  1. Analyze the comment.  Does it deserve to see the light of day? You may decide that it doesn’t add anything to your post and that it is so obnoxious your only recourse is to delete it. I actually deleted a whole heap of that particular commentator’s comments.
  2. Do not respond in kind. That is one advantage of being a blogger, you can actually take the time to take a few breaths and calm down before responding to their comment.
  3. Be polite, civil and respectful. They may not deserve it, but it shows that you are bigger than they are. Perhaps they will calm down and put their argument, although I doubt it, in a more reasonable manner in which case you’ve shown that your course of action was the right one.
  4. Get Support. See if you can drum up some bloggers who support your view. Their comments may show the obnoxious commentator that he is actually in a minority causing them to rethink their views.
  5. Ban The Ass Hole. If all else fails and they continue to be a virtual pain in the ass, ban his IP address.

I reckon that some of you guys may have come up with some pretty cool ways of dealing with flaming jerks, and if this is so I would really appreciate some comments as others may find them very helpful.


Continue Reading