Recently, Hesham of FamousBloggers.net had an unfortunately incident of his domain name being stolen. Fortunately, four days later, he is now back up and sailing away. This issue was resolved relatively quickly, primarily due to his determination of getting back what is rightfully his, and because he took action, rather than waiting for things to unfold. You can read the full story about his journey here and how he got his site back up here. Its read is highly recommended as there are many things you can learn, should this ever happen to you. I actually recommend you to bookmark it for future reference, just in case.
What Lesson Can You Learn From This?
Sadly, most of the time, we only learn and take action once “bad” things happen. What happened to Hesham just proves that there is no sure fire way of protecting our assets from deliberate attacks and online thieves. They exist and they are out there, ready to do you harm without hesitation.
From all this, I can not stress enough the importance of “protecting” your assets. This goes for your domain names, hosting accounts and your websites (specially WordPress). As I said, there is no such thing as 100% guarantees, but you can take steps to make it difficult …
- Remember the saying “don’t put all the eggs in one basket”? – If you have several domains, try as much as possible to put them on different and reliable registrars. This is particularly true for your main domains. While it is convenient to have everything under the same “roof”, the eventual damage control you need to do will be much worst. If you can, have two or three different hosting accounts and avoid having your main domains and hosting account together. For example, I have my main domains in one registrar and hosting in another.
- Make use of “ALL” security measures that are provided to you. If they have a two step authentication, use it. If they allow you to lock your domains, use it. Is there something else they provide, use it. Use them ALL
- Create ridiculously complicated and long passwords – Yeah, this is your first line of defense and by creating strong passwords, you make it difficult. This post shows you how to create a strong and unique password. It is an old post, but unless you find another way of doing it, this works perfectly well. If you do have some cool techniques, please share them below in the comment section.
- Keep all your receipts, payment proofs, and just about anything, that can prove you are the owner of your asset.
- If you do suffer from any unfortunate incident regarding your online assets, don’t wait for someone else to solve your problems. Be active and do it yourself if need be – Pursue your interest and get it done.
How Strong is Your WordPress Security Measures?
Don’t think that someone is trying to hack to your site? Think again. Install and implement this WordPress security measures and wait a week. You will be surprised as to how many email notifications you will get from failed attempts to hack your site. I receive more than 50 per week from all of my sites and that of my clients. That’s scary!
Some things to NEVER forget:
1) Always update your WordPress software at soon as possible. This is probably something that many of you fail to do, because of your fear about compatibility and all that stuff you read about. The question you should ask yourself is why are there updates? There are three main reasons for an update:
- New features – yep. These are all welcome additions
- Bug Fixes – yep. These two are welcome.
- Security Vulnerabilities – Yep. This is the most important of them all. When a vulnerability is discovered, WordPress will immediately fix it and send out the updates. You do know that these are made public and everyone, and I mean everyone knows that the previous version has vulnerability issues. Guess who else knows about this… If you guessed, hackers and evil doers, you guessed right? What do you think they will be doing? Exploit that vulnerability, period. So, forget fear and backup your site, before the upgrade. But always do the upgrade.
2) Backup all your files. Don’t rely only on one place or method. If your hosting provider does it, good. But, create another one on your local drive and another on an external storage device. This is the so called “Grandfather, Father and Son” method. The frequency is for you to decide because it depends on how often you update your site.
3) Be very careful when installing free plugins and free WordPress themes. Make sure to run some diagnostics first or find out about it before anything else. Some plugins and WordPress themes may contain some “vulnerabilities” that allow hackers to take control of your site.
That’s it! Will all the above provide you with 100% insurance that your assets will be safe? Absolutely not, but implementing some or all of them will certainly be better than doing nothing at all. Obviously there are more ways to keep your assets protected and I highly encourage you to do more of your own research. I only hope that this never happens to me or anyone else. Play it safe.