Hi Guys,

Over the past 2 weeks I’ve my biggest headache where I did 3 times re-installation of my Wordpress. Why?

I’ve been hacked 3 times in a week.

Yeah! Seriously!

What really happened before I got hacked is I kept getting spamming, almost 30-40 spammers will create free accounts and blogs. I don’t really bother since I thought by having spam blockers will avoid me from any troubles. But I was wrong by doing all the spamming they or the hackers are actually doing their things. They’ve planted some virus/coding into all my index and home files.

How I figured out this is that I noticed that my main page loading taking too long and at the end of the page footer I notice some of the URL’s that wasn’t mine. So, I started to suspect few things. The first thing I did is by downloading my “index” file and found out that there are some “alien” codes planted inside. There you go I downloaded all my files and notice that all my index and home page files contain the same codes. At the same time I told my hosting provider about it and the noticed that there series of IP’s accessing my control panel and etc. Imagine doing all these 3 times…

Anyway, the first thing I did is changing my password to stronger ones. Then I started to browse looking for ways to protect so that I won’t face the same issues again and luckily I found few guys giving great tips on how to protect wordpress blog. Here are some security tips and guidelines for your wordpress blog.

We all agree that having a secure wordpress weblog should be our first priorities when keeping a successful blog. In this post I’d like you to share your knowledge and help us create the Wordpress Security guide to keep the bad guys out.

Below are 10 security tips that you can easily implement on your WordPress blog. Please share one or more life-savers you use permanently to help protect yourself from WordPress security issues.

Here are a few Wordpress security tips I’ve learned over time. After reading a couple of horror stories about blogs being hacked, maimed and mutilated by crazy Russians or vindictive competitors, I’ve decided to it would be good idea to implement some security practices for my WordPress blog. After going through a bunch of sites and fixing things on my own blog, I thought it would be good to share these items with all of the other WordPress users out there.

Implementing these security measures is especially important for anyone who is currently making or trying to make money off their blogs. Once you blog is hacked or spammed without you knowing about it, you’ll be dropped from the search engines and it’s not easy getting back in. Remember, even with all the security measures, it’s essential to have a backup of your blog. The plugin I use is WordPress Database Backup. If you don’t have it installed, install it now! Seriously!

Tips to help protect yourself from WordPress security issues:

1. Stay Up-to-Date/Upgrade Wordpress

This is probably the first thing you should do! If you’re not running the most up-to-date version, you’re asking for trouble. Currently, it’s 2.2.3, but soon will be version 2.3. May as well wait till the 24th and install the newest version. There have been a few releases recently that were just security fixes (SQL Injection, etc). It may seem like a pain in the butt and sometimes it can be, but upgrading is really not that bad. I held off upgrading from version 2.0 to 2.2 for a few months because I was scared something was going to go wrong and everything deleted. Finally, I mustered the energy and went through their instructions step by step and it was fine! After you upgrade Wordpress once, it’s not all that bad!

Probably the first thing you should do! Install the Instant Upgrade Plugin or the Wordpress Automatic Upgrade Plugin. Make sure you back everything up before performing the upgrades.

Tips: Upgrade to Wordpress 2.5. If you’re using Wordpress 2.5 then its all built in. Just click and upgrade by going to your plugin menu.

2. Change default passwords

Are you still logging into your wp-admin page with the same default password that was emailed to you? If so, CHANGE IT! That password is only 6 characters and just numbers and letters. My grandmother could probably crack it after a few weeks. Make it complex and more than 10 characters if you can. Also, try not to use words, make it a nice jumble of letters, numbers, and symbols. Also while you’re at it, go ahead and log into your hosting company’s site and change your password there for your account login and any control panel logins, like cPanel, etc.

3. Use SSH/Shell Access instead of FTP

This one is a big one! It’s not as easy to implement as the other two, but it’s probably the best tip out of all the others that I will list here. If someone gets a hold of your FTP login information (which is usually not encrypted and easy to get), they can manipulate your files and add spam to your site without you even knowing about it! Just read this story! It’s actually best to disable FTP altogether if you can! Using SSH, everything is encrypted including the transfer of files, etc.

4. Install LoginLock plugin

This is a really cool plugin that will automatically block an IP address from trying to log into your Wordpress admin area after a certain number of attempts. LoginLock will prevent bots from continuously trying different combinations to crack your account. This is very similar to how Windows works if you’re in a domain environment. The default locked out time is 1 hour.

5. Create a blank index.html file in your /Plugins/ directory

By default, your Wordpress plugins folder is completely visible to anyone by going to http://www.domainname.com/wp-content/plugins. Go ahead and create a blank document in your favorite editor and save it as index.html and upload it to the plugins directory. Now when you try to access it, you only get a blank screen. This prevents hackers from finding out a security hole in one of your plugins.

You can also add this line in your .htaccess file in your root: Option All -Indexes

6. Protecting your Wordpress wp-admin folder/Block access to wp-admin folder using .htaccess

Attackers can use bots for a brute force style of attack that simply guesses the admin password until they come up with the correct one and login. There are a couple of solutions out there, we will highlight each below.

a) Limit access to wp-admin folder by IP address- This solution is to restrict which IP’s can access the wp-admin folder via .htaccess. This has one drawback is you may have to update your .htaccess folder if your internet provider assigns you a dynamic IP address, you move to another location or you have authors at other locations.

b) AskApache Password Protect- The plugin is simple, it adds a 2nd layer of security to your blog by requiring a username and password to access anything in the /wp-admin/ folder. All you have to do is choose a username and password and you are done. It writes the .htaccess file, without messing it up. It also encrypts your password and creates the .htpasswd file, as well as setting the correct security-enhanced file permissions on both.

7. Remove the Meta Tag Version string from your header.php file

Of course, if you’re running version 2.0 and the current release is 2.3 AND your blog explicitly states that it’s at 2.0 on every page, it’s not going to be very hard for someone to find your vulnerable blog and attack it. The line looks like this:

<meta name=”generator” content=”WordPress <?php bloginfo(’version’); ?>” />

8. Block WP- folders from the search engines - There is no need to have all of your filesWordpress files indexed by Google, so it’s best to block them in your robots.txt file. Add the following line to your list:Disallow: /wp-*

9. Take regular backups of your site and Database.

You always have to take regular backups of your file directories as well as the database. WordPress Database Backup plugin creates backups of your core WordPress tables as well as other tables of your choice in the same database.

10. Protect Your Blog With a Solid Password

Creating a strong password that is also memorable is one of the easiest defenses against being hacked. There are a lot of online password strength checker that you could check.

Also you might check lorelle’s article on blogherald called Protect Your Blog With a Solid Password, offering tips and tricks to help create a strong password that is also memorable, and how to deal with all the myriad passwords we seem to accumulate online.

Got any more tips you want to add? Drop a comment! Thanks!

This article taken from:

http://www.online-tech-tips.com

http://www.noupe.com

Keyword density and placement are important parts of optimizing your private label articles for search engines. Search engine spiders scan a page in a way that makes it important to place your keywords where they will be detected and recognized as a keyword, so that your article will come up when someone searches for that keyword.

What is a Keyword?

A keyword is a word that is going to be placed in your article several times, not just once as that would make every word a keyword. When a spider sees that you have a word placed several times in an article, it will determine that your page may be useful to users that search for such a keyword.

Over Optimizing Your Private Label Articles

It is important to note that there is also such a thing as over optimizing your private label articles for particular words, this is known as keyword stuffing. When you stuff keywords in an article a spider will detect that you are trying to trick it into placing your article high in the search engine results for that word, and will instead penalize your site and your page for doing such. This may even affect the rankings of your other pages or get your site blacklisted from a particular search engine if you are found keyword stuffing too many times.

What is Keyword Density?

Keyword density is how many times your keyword is placed in your article. Most use a percentage to determine how many times they will put a keyword in an article. For instance, if you have a 500 word article and want to achieve a keyword density of 5 percent, then you will need to have the keyword in your article exactly 25 times. You can find hundreds of resources and guides recommending one keyword density over another and the reasons behind the logic, however, in the end you will have to determine which density is more profitable for your articles. Each webmaster as their own density that they like to achieve based on past results. As long as you don’t over optimize and you are making sufficient profit from your rankings, then you can choose whatever keyword density you like.

The Right Density

No matter what exact density you choose, it is important to place keywords so that there are more at the beginning and end to produce an hour glass effect. Having the right keyword density in your article makes it more likely that you will make money off of that article because it will rise in the search engine results and be seen by more people.

So, make sure before you submit your articles to directories, you have verified that proper and suitable keywords are used so that the private label articles you are using are optimized for search engine purpose.

Recommended:

Get Keyword Optimized Private Label Articles