Tag Archives: security

increase your wordpress security

Computer Aid Posted on by

I’ve noticed over the years, that many wordpress blog sites have become prone to hacking, and eventually get shut down… which is a shame, as a lot of useful information gets lost along the way.

With just a small amount of work, wordpress can be made secure enough, that you are highly unlikely to get your site hacked.

Change your default admin username

Admittedly, this should be done when you create your blog, as its very difficult to change later (requires database changes). This is an effective method, as most brute-force hackers will assume a username of “admin” and then try a few obvious passwords to get admin access to your blog. by creating the default admin username thats something like: admin654, you make all the hacking attempts a complete waste of time for the hackers, as they need to guess both your username and password.

Use a complex password

This is something thats been taked about by security experts for many years. yet its easy to do, with just a bit of thought: Pick either a well known phrase thas you know eg: Mary Had A Little Lamb, and that becomes a password like: Mhall, then add a number that you know (eg you are born on 19 July: Mhall1907, and there you have it! You can mix this around, eg: 1907Mhall, or: 19Mhall07, or 07MhAlL19

Dont get your web browser to “remember” you login details

I’ve been hit with this problem in the past: sooner or later, you will get infected with a virus/malware. Its quite a simple for the infecting software to get all the saved browser details (website, usernames, and passwords), and then send them to someone who will hack every account you have… VERY dangerous. This applies to virtually every browser, as well as FTP clients like filezilla. So what can you do instead? Use software like keepass, it can store all your passwords, and you only need to remember 1 password to access keepass. You are trading security for the inconvenience of typing your keepass password every to you need to logon to a website.

Update WordPress

Another obvious and simple step: at least once per month, login to the wordpress admin panel, and make sure wordpress and all plugins/themes are fully updated. If you don’t update wordpress quickly, then your blog is at risk of an attacker using a flaw in the wordpress system to hack your website without even knowing your username/password!!!

Install a security plugin

For extra peace of mind, install a security pluging like: “WordPress File Monitor Plus”, and/or “Login Security Solution”

 

Once you implement these systems, you will find maintaining this security will only take a few minutes per month, so its a very worthwhile investment.

How to secure your WiFi wireless home network

Computer Aid Posted on by

It is crucial to secure your wireless network to ensure that your internet connection can be used only by yourself and people you authorise.  I have seen many occasions where clients have not secured their networks and wondered why their internet bill shot through the roof.  There is also a potential security risk if your wireless network is not secure and you have file sharing turned on – others will be able to access your files! Thankfully the procedure for enabling wireless security is relatively straight forward.

Note: This guide is written with Windows 7 in mind, although the procedure is quite similar for Windows XP and Windows Vista.

This is a guest post by JJ Fiasson from IT Support Sydney.

Step 1. Click the windows button in the bottom left hand corner of your task bar. In the search box type “cmd” and hit Enter. A black box will open up with the command prompt.

Step 2. Type in “ipconfig” and hit Enter. We want to know the address of your router, should show up under the entry for “Default Gateway”. The IP will be something like 192.168.1.1 or 10.1.1.1. Write this down.

Step 3. Open your favourite browser and type the number into the address bar that you just wrote down. E.g. http://192.168.1.1

Step 4. Assuming you completed steps 2 & 3 correctly, you will be prompted to enter in a username and password. If your router is a Netgear, the default login should be “admin” as the username and “password” as the password. For Linksys, try “admin” and “admin”. You can also try “admin” and leave the password box empty. If these don’t work, it might be worth Googling for your router make and model with the words “default login”, to try and find out what they are by default. If you can’t seem to track them down, you might need to contact whoever setup your router in the first place and ask them what they set it to. Otherwise, you’ll need to reset the modem/router (not recommended unless you know what you’re doing).

Step 5. Hopefully you figured out the correct login credentials for your router. You should now see a few menu items and a lot of other information. What we are looking for is a menu item labelled “Wireless”, “Wireless Settings” or similar. Click on it. Depending on what brand or make your router is, you may then need to click Security. If yours is a Netgear router, then you will just see an entry on the right labelled “Security options”. The best type of security to use for a home or small business wireless network is WPA2-PSK (AES). Select it from the list.

   

You will now need to pick a passphrase of 8-64 characters. Select something a little more complicated than the word “password”, write it down or memorise it, and enter it into the box. You will then need to apply these settings by clicking “Apply” or “Save” or “Save settings” or something similar.

 

Step 6. Your router will now restart. You will need to change your wireless credentials on any computer that was previously using the wireless connection in the house. This is thankfully quite simple. Click on the Windows (or Start) button, and go to Control Panel. In the top right hand corner select “View by, small icons”. Then go to the Network & Sharing Center. Click on “Manage Wireless Networks” on the left. It should come up with a list of wireless networks, including yours. Right-click on it and click “Properties”.  A small box will pop up. Click the tab at the top that says “Security”, select “WPA2-Personal” from the pulldown list, and then fill out your chosen passphrase in the bottom box. Click OK.

   

Congratulations, you’re done!