How to Prevent Hacking of Your WordPress Site


Computer hacking can occur different ways. Your computer system might be hacked and mined for your personal information. If your password is obtained, your blog or site might be at risk.  Use all or some of these steps to protect your WordPress from being hacked and other hacking.

There are a number of ways to protect your database-driven ASP or PHP site from being attacked by the hackers, that range from weak to strong security. Learn the most efficient ways to slow down the hackers who use methods like SQL injection attacks and/or XSS by means of the URL query string and form inputs. 

Two common types of hacker blocking techniques are input validation and custom error pages. These methods are so simple you won’t have any problem doing them even with just basic coding knowledge. Your greatest strategy would be to put up one or more obstacle. 

1. SQL database driven websites are at risk. 

2. Setup custom error pages.

3. Keep the details of your database from getting into the hacker’s hands with the setup of a custom error page for your website. Hackers will not see any detailed error messages. If you do nothing else, this is the one thing that every site needs. Otherwise, you are basically providing the hackers with an open invitation into your site’s database and offering the hackers all the information they require to launch an attack.

4. In addition to hunting for errors, hackers can enter more dangerous code than a simple single quote in the URL query string. In an attempt to carry out malicious scripts on the database, a variety of creative coding is engaged, such as %20HAVING%201=1; shutdown with no wait-- or even a lot worse. Once the hacker can carry out these scripts, the defenseless database is like theirs for the taking. The hacker never needs to have the database login, nor does the hacker need the connection string because he/she is utilizing the URL query string, where there is already has an open connection.

5. To check if the input entered into your URL query string or your text box is actually safe, you can use input validation rules. Using ASP code on your web page(s) can authenticate the input collected from the query string to make sure it includes only characters that are safe. Once it is deemed to be safe, it can then be stored in a new variable, then inserted into the SQL string and sent to your database. 


These are a few technical ways to prevent hacking of your website. Put them to good use.
by David Simon

No comments:

Post a Comment