Password Protect Your Stats Files
For self hosted WordPress users there is always the chance of getting hacked by nasty people. Often this happens because most bloggers have no idea on how to protect themselves and their blogs against misuse. WordPress has a security hole of which most aren’t aware of.
A friend of mine got hacked into the other day and this was all due to the prominent “register here” link in the sidebar of most WordPress blogs. He had forgotten that his blog was still open to general registration and never gave it a second thought. Until this happened.
Hackers use malicious software to spam your blog with unjustly links, most likely without you ever realizing that they are doing it. After they register they can gain access to your blogs files via a hidden back door and use this to place bad links throughout your blog. By un-ticking the option to allow anybody to register on your blog you will protect yourself at least one way.
How to protect your stat files
Another way is to password protect your stats files in your cpanel by going to
the icon that says “Password Protect Directories”
Within this you’ll see a list of files. To protect your stats files click on the folder that says “tmp“.
A new list will open and now you can protect each directory within this folder with a password. This will prevent hackers getting into your stat files and leaving unsavory links to some nasty sites.
This can also be a potential problem for you as you might be penalized without knowing it in the first place.
To find out you can access your Awstats and if there is an unusual amount of incoming links from a site that doesn’t look right, check it out. It could be a hacker doing its work in the back end.
Downloading WordPress Themes from 3rd part sites is a big no no
For those of you who are used to downloading WordPress themes from 3rd party sites, think again before you keep doing it. You might want to read this post to understand why you shouldn’t.
CHMOD your files to the right specifications
If your files are open to abuse, hackers will take advantage of this situation. Don’t ever leave any files set to 777 permission as this is asking for trouble. Be especially wary of the config.php file and admin related files.
It is always better to smarten up and read/learn what you can before it is too late.
Related posts:
- Hotlink Protect Your Images
- Plugin: Add Password Security Easily
- Importing WordPress Files To Another Blog URL
- WP Plugin – Automattic Stats
- Be a Super Stats Whore With Woopra
No Responses to “Password Protect Your Stats Files”
Got something to say?
[...] my last post I wrote about how you can password protect your stats files in your Cpanel. Another often overlooked part is the hotlinking problem many face without [...]