Wow, we’ve reached day 5 of Bonnie Gean’s Video Blogging Challenge and so far I’ve kept up!
In this video blog, I want to take the opportunity to nag you about WordPress usernames and passwords. There are a LOT of attacks going on at the moment – including an attempt to force the login and password on a client site yesterday. That’s what prompted this video!
Before you make any changes to your site, make sure you do a full backup! For standard WordPress sites I recommend The Backup Creator.
The blog post I refer to in the video is “Is Your WordPress Secure From Attack?” and there is a link directly in the video too. For those who prefer to read rather than watch, the transcript is below the video.
Video Blogging Challenge Day 5
WordPress usernames and passwords
Good morning! It’s Jan Kearney at My Local Business Online and today is day 5 of Bonnie Gean’s Video Blogging Challenge. I want to give myself a quick pat on the back for actually doing 5 videos, 5 blog posts and keeping up so far with the challenge this week, which is a minor miracle!
It’s a really quick video today. Today I am officially 44. I’m going to go and get on with some work and celebrate with coffee in a second. But before I do that, I wanted to have a quick word about WordPress and online attacks. Most of us use WordPress for our blogging. It’s a fabulous platform, absolutely amazing. The slight downside is because it is so popular, it is often target for attacks.
Now the reason I’m bringing this up now is I logged into my email last night and there was a stream, just duh, duh, duh, duh, of emails where a client’s site had been hit and stopped from logging in. These types of attacks are quite common, there’s a lot of it going on at the moment. Even the big guys are getting hit – Hostgator, the owners of Hostgator, EIG with Bluehost have been walloped by attacks and taken down. Aweber the email software have been getting hammered all week. It’s not new and it is going to get worse.
So what can you do as a small business owner? Because, don’t kid yourself, you are a target. People don’t want to take your site down, they’re not there to damage your business. They want access to your little bit of the web so they can sit in the background then use it to their own advantage. This day and age, often to attack other sites as part of a bot-net. In my clients case, they didn’t get in. they had a secure login and password. The emails were just a report to say someone had been locked out.
What can you do right now? I want you to do it right now, first of all check your login is NOT admin. If you are logging in with admin, you’ve left yourself wide open. You’ve given these bots, because it is all automated, the first key to your website. So go and change it. Over on my blog, a while back, I did a how to change your admin post. I’ll dig that out and put the link on the bottom of the vid. There are plugins that you can use as well, but I personally prefer to do it my way with no plugin.
Secondly, please ensure you gave got a decent password. It’s not your pets name, your date of birth. It’s not password123, letmein or anything else that is remotely similar! Use a combination of upper and lower case and punctuation, dashes, commas and everything else. Go and change your password, make sure your login isn’t admin already far more secure than many, many other blogs out there.
I’ll leave it on that note. Have a wonderful weekend, I’ll speak to you soon!
Over to you…
Have you seen an increase in attempts to get into yor WordPress website recently?Video Blogging Challenge Day 5 by Jan Kearney