I posted this in a forum this morning but I thought it would be a good addition to the site.
Securing WordPress is really not that difficult or time consuming. The reason so many WP Blogs are hacked is because most people do nothing to secure their install. One thing to keep in mind is that no site on the internet is ever going to be 100% secure. Not going to happen. It is like the joke about escaping from the bear chasing you in the woods, you do not have to be faster than the bear you just need to be faster than the slowest person in the group.
What your goal really is is to make it not worth the trouble for the gain. Almost all these attacks are automated, they go from one site to the next looking for common weaknesses to exploit. Fix those and you will be just fine. Now if you have a high profile political blog that makes people crazy or something that makes people want to attack YOU as opposed to just hackers looking for a list of sites to break into then you may well want to go a bit futher but for all those niche sites out there the steps below should protect you just fine.
The best and easiest way to do this in during the initial install. This means you should do a manual install instead of using fantistico. Seriously, WordPress is really easy to install do yourself a favor and do it right the first time.
Here is my list and it takes me only about 15-20 mins to do tops.
1. change the default table prefix from wp_ to a random 8 characters.
2. Make sure you use random username and passwords for your database info that include numbers as well as uppercase and lower case letters for the usernames. (use all these in step one as well). For the passwords make sure you add special characters to the mix.
3. Change the default admin username, you can do this in the control panel of WP 3. but you can also change it in earlier versions as well by changing it directly in the database. This should not be a single word, put two or three short ones together at least or use random characters.
4. Make sure you use long (14-16 character) passwords that not only include numbers but the special characters as well. If you are worried about remembering your password use numbers you can remember but hold down the shift key. For instance a birthdate of 052109 becomes )%@!)( Using two dates you can remember with a set of initials 030583CmT)%@!)( and you have a password that is not going to be cracked anytime soon short of the NSA gunning for you and if that is the case you have bigger problems.
5. File permissions is the other thing you need to check. Go into your WP admin and see if you can edit your template files. If you do not get a message telling you that you need to make the file writable then you need to lock the files down with 444 or 644 permissions depending on how your server is setup. The same goes for your config files as well. Once your install is done make sure that none of your files are writable.
6. The last thing to think about is your templates and plugins. If you are not using them go ahead and delte them. Make sure that you read up on any template or plugin your want to use, there have been many cases of the creators adding code to them that allows them to access your site. Most are fine but just be aware and check.
When trying to find a profitable niche there are quite a few good tools out there to help you. However you should not become too dependent on them. Make sure that you take a look atthe search results for the term you are thinking about using and use your reasoning abilities to make the final decision on whether or not it is a good idea to spend all that time and energy.
So you have a keyword that looks good, lots of searches and the competition looks low. Before you waste any time you need to take that last step and do a manual search for the term. Do you get a “did you mean this” from Google? If so that is going to be a problem. Is you term product related and the first two sites on the list Amazon and Ebay? If so that is going to be a problem though of a different sort. Is your term product related and is the Shopping results at the top of the page or are they down farther? Again this is a problem.
The main problem with all of these issues is not whether or not you can get to the top but whether getting to the top will actually do you any good.
In the first situation it appears that the reason for the low competition is that most people searching for your term really are looking for something else (or at least Google thinks so). Thate means that even though there may be a lot of searches for your term most are not really targeted towards it and even if you do rank well Google is not going to show your page.
In the second and third situations even getting to number one might not do you any good. If you thinking about building a product related site such as an Amazon affiliate site and Amazon is already at number one what good is pushing them to number two really going to do you? Everybody know about Amazon and in this case you will get a much lower click through than usual from the number one position. A very large percentage of the people searching will just skip you at number one and click on Amazon because they are already familiar with the name. The shopping results is a similar problem, if it is at the top then it is going to siphon off a lot of the clicks that a number one spot would normally get. Add the two together and the number one position for that particular phrase could possibly be worthless altogether.
Do yourself a favor and take that last step before spending your time and hard earned money on a key phrase that is not going to give you a good return on your efforts.
Custom Bot Creation
If you have the need for a custom bot contact me and let me know. I will be more than happy to give you a quote.
Before you contact me get as much information about what you want to automate as possible. The more information you can give me about the sites and tasks that you want to automate the better I will be able to help you.
Richard
The biggest problem with link packets is that once you purchase them you either have to spend hours building the l inks your self or outsource the project to someone. Outsourcing just adds to the cost and you really never know if they are sharing them with others. Building them yourself can really suck up your time.
The main problem with purchasing backlinks directly is that you really have no control over the links themselves. You can not control the quality of the bio or signature that the links are in nor can you change the links once you have purchased them. Suppose you decide to redo your website or change products or go in another direction. All those links will stop doing you any good.
I have come up with a solution. Automated link packets. The packets will consist of Already created profiles that have already been double passed. What this means is that we created the profiles and then went back a day or two later and added the signature or bio depending on the platform and in a lot of cases added an avatar as well. The key here is that we created a completely non-commercial bio for the moderator to look at. All profiles are checked within 48 hours of being added to the packet to make sure that the account is still live and that the profile is showing.
All you will need to do is fill in a couple of fields and set the Packet Bot running. After it is through running it will give you a text file with the all your profile urls so that you can bookmark them if you want to do so.
Not sure on an exact price point yet. Probably in the $30- $35 dollar a month range. I want to make it affordable but I need to price it high enough so that it is too expensive to purchase just to acquire more links as I do not really want the site getting abused if I can help it.
Should have the final details worked out in the next few days.
I have seen a lot of threads about whether or not automating your tasks it good or bad. I honestly do not see how anyone can think that making things easier to do an being able to them quicker can be bad.
Seriously do you walk everywhere you go and wash all your clothes by hand? Probably not. Why then would your online work be any different? Now there is such a thing as bad automation. If the tool does not do what you want it to do then you either need to purchase a different one or build a better mousetrap yourself.
Obviously a perfect example of an easy thing to automate is creating backlinks to your site. Let us take profile links for instance. If you have a list of sites and do them manually you will have a higher rate of success but you will have to invest a lot of time building the links. How many can you build in a day? A hundred or two if you really work at it. Use a bot and your overall success rate will be a lot less but you can do those couple hundred backlinks with only five or ten minutes worth of work. How anyone can think that is a bad thing is beyond me.
Read more »
The Home Page links set now contains eight sites.
I have added another pr5 site the set. Everyone who has already had their links placed will also get their links on the new site as well. I will probably be adding a couple of more sites to bring it up to 10 sites before I start another set.
I have a set of seven blogs that I will be selling links on. They range from pr2-pr5. The cost will be starting at $30 a month (2 links on all seven blogs) with some discounts and bonuses for purchasing for longer time periods. You can click Home Page links or the Home Page links at the top of the site to see the specifics of the offer.
I have decided that I need to break down and consolidate some of my services and payment pages all in one place as it is just getting too crazy to keep track of them. Over the next week or two I will be moving all my payment pages here as well as all of my non web design services. It will probably be a bit unorganized for awhile so bear with me and if you have any questions or need anything just drop me an email.
Richard
