One of the first things that needed to be done when I begin my blog was to install a coming soon/maintenance mode plugin so that the site could be created with the right theme and have the right protection in place to protect it from hackers and those wanting to do it harm. There’s nothing worse than a hacked site that could damage you & your brand and as a blogger, I highly recommend you avoid it.
The first plugin I recommend which has been installed here is Stop XML-RPC Attacks which helps secure your site’s XML-RPC by removing some methods, instead of disabling totally XML-RPC, which is needed by some plugins (eg. Jetpack) and some mobile apps. it does it by removing the following methods from XML-RPC interface.
- system.multicall
- system.listMethods
- system.getCapabilities
- pingback.extensions.getPingbacks
- pingback.ping
- X-Pingback from HTTP headers
It’s not perfect but it does its bit in helping stop attacks.
The second plugin that is on my site is called WP Cerber Security, Anti-spam & Malware Scan & it does a lot for me, it defends WordPress against hacker attacks, spam, trojans, and viruses. it has a Malware scanner and integrity checker. it also hardens WordPress with a set of comprehensive security algorithms. It offers Spam protection with a sophisticated bot detection engine and reCAPTCHA. and it tracks user and intruder activity with email, mobile and desktop notifications.
I’ve lost track of the number of times where I’ve read someone is probing for code from somewhere like Japan, trying to log in with a nonexistent username, or an attempt to access a prohibited URL.
I’m really glad I took steps to protect my blog so I can focus on the more important stuff.
