Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor

Free guide to protecting blogstest from hacking and comment spam

Network Box : 06 November, 2008  (Technical Article)
Downloadable guide to bloggers available from Network Box with advice on how to prevent blogs from becoming the victims of SQL injection attacks and other hacks
Corporate bloggers need to pay as much attention to the security of their blogs as they do in writing them, to avoid being hacked, according to a new guide from managed security company, Network Box. The Secure Guide to Blogging, written by Network Box's Internet Security Analyst, Simon Heron, gives bloggers clear and simple guidelines to keeping blogs - and their readers - safe from hackers.

The two main threats bloggers face are comment spam and SQL injection attacks, according to the report. Both Blogger and Wordpress have been vulnerable to SQL injection attacks, and don't provide enough care when validating SQL queries.

"A new blog takes a lot of time to do well and all that work is being put at risk by bloggers not taking simple security steps," says Heron. "Most bloggers are not security experts, so their blogs don't have the usual checks that their email systems will have in place, for example."

Exploiting user trust is also a key factor in exposing bloggers to potential threats, according to the guide. Blog readers are more likely to trust something they read in a blog they subscribe to, and this applies to clicking on unknown links. Heron says: "Most of us are pretty used to sharing links to unknown sites - YouTube videos, or photo albums shared between friends, for example - and this can lead to complacency that hackers exploit."

The guide includes a detailed checklist for bloggers, summarised as:.

• Make sure your software (including your blogging software) is up to date.
• Make sure your blog password is hard to guess and change it periodically
• Restrict administrator and access rights
• Use Captcha or other user authentication before allowing a comment post
• Use anti-spam software on the site and protect your blog with a firewall
• Don't allow reader comments without authentication or moderation
• Change any default prefixes for names set up by your blogging platform
• Log in to your blog securely, over https (not http)
• Disable error messages (this reduces the amount of information you are giving potential hackers about your blogging software)
• Check your blog at the weekend (the most common time for a hacker to infect a blog)
• Backup your blog regularly

To download a free copy of the Secure Guide to Blogging go to the Network box web site.
Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo