9 {{ upvoteCount | shortNum }}
9 {{ upvoteCount | shortNum }}

WordPress, Hostgator and Security...

by gixxer
7 replies
Hey everyone!

I'm hoping to get some general help, reassurance and advice regarding the security of my site.

I have a WordPress site hosted on Hostgator.

Because I've become very active in my niche forums lately, I've picked up one or two "hater" types who don't agree with my stance on certain topics. I forget which marketing guru said it but "If you're not making someone mad your marketing is no good."

All that said, how safe is a WordPress site on Hostgator from anything malicious. I have no idea how tech savvy the few detractors I have picked up are.

Any plug ins or precautions I can take to keep the site safe. I know this is a common problem for any blog that starts getting a lot of traffic and has a visible brand.

Any advice is great!

Thanks,

Adam
#hostgator #security #wordpress
  • Profile picture of the author Tim Franklin
    That is a tall order, I do not believe that you can completely, secure anything, 100 percent, however, in regard to taking steps to use a plugin, I would definitely use a back up method, for backing up wordpress, I use amazon S3,

    S3 backup just like the commercial it can help you live a better life.
    Signature
    Bitcoin | Crypto | Blockchain Secrets |
    {{ DiscussionBoard.errors[2391640].message }}
    • Profile picture of the author nmarley
      I agree with Tim, the only secure computer is one that's in a locked room, not connected to the internet. However, that's not very feasible...

      Whatever the method, always be sure and always make off-server backups -- probably the most important thing.

      Also, make sure your file permissions aren't wide-open. Most of the recent WordPress exploits I've heard about have been due to permissions being too open.

      Example: your WP root dir shouldn't be 0777, despite the well-meaning advice of people on various internet forums (including this one).

      You can open it up to set-up the site initially, but then lock it back down once your site is setup. Change your WP root back to 0755 and make sure the web server userid is not the directory owner.
      {{ DiscussionBoard.errors[2392484].message }}
  • Profile picture of the author Abledragon
    I also host my WordPress sites on Hostgator and I've certainly had no problems with them - in fact they've always been extremely good and helpful.

    As Tim has said above, backing up is the best precaution you can take. I back up my entire site once a week by downloading it to my PC and my Database backups are managed by the WP-DBManager plugin.

    There are definitely a number of common sense precautionary steps you can take to make your WordPress site more secure - this article describes quite a few of the steps I use, and used on one of my client's sites after it was hacked:

    http://www.wealthydragon.com/blog/20...ity-wordpress/

    If you have any questions let me know,

    Cheers,

    Martin.
    Signature
    WealthyDragon - Earning My Living Online
    {{ DiscussionBoard.errors[2392485].message }}
  • Profile picture of the author jayesser
    I use Wordpress and Hostgator. Hostagtor are probably the most secure webhost u can use. They are so big on security that it sometimes causes me problems with scripts and implementing changes.

    Hostgator do not use CHMOD 777 permissions - they recognise this as a security risk. They use an implementation of this - CHMOS 755 or is it 775 - i can never recall. Anyway it mimicks 777 but can cause problems with some scripts that need 777 but hostgator can fix this issue usually.

    My site was compromised once but it wasnt a WP site - it was flash which has scripts in it that people can exploit. Hostgator alerted me straight away then cleaned my website at the server end then told me how to get Google to re-instate my site (if ure site is seriously compromised - Google shut it down)

    Regarding FTP i would only use what Hostgator suggest so i only use Coreftp. Its slower than the others but unlike some it doesnt stay connected when idle - it disconnects a short time after transfers so reducing risk of port compromises

    So I would say you are pretty ok but just to be sure u might want to backup!!!
    Signature
    kidsbatterycars
    trikesforkids
    {{ DiscussionBoard.errors[2394948].message }}
  • Profile picture of the author mr2020
    Great reminders.

    I am glad to see so many people suggesting that you BACKUP your work, because no matter how hard you try to prevent damage, having a backup is worth it's weight in gold, when you need it.
    Signature
    Almost Free NLP
    My life is a non stop adventure. Enjoy!
    {{ DiscussionBoard.errors[2395468].message }}
  • Profile picture of the author khay
    Agreed. Back up and back up often. Wordpress has plugins for this. Use them!

    No system is unhackable. Hackers usually take the easiest route, which could well be another site if you're on shared hosting. The best precaution to take is a fresh backup.
    {{ DiscussionBoard.errors[2395559].message }}
  • Profile picture of the author mihir
    use siteautobackup.com and backup your entire cpanel account. it's a hostgator company
    {{ DiscussionBoard.errors[2403073].message }}

Trending Topics