If you have been using WordPress frequently, then, you will find that the site has been down for maintenance issues. Security in WordPress has been heightened, and this may have an impact on your SEO efforts. Here are some of the things that you could do for protecting and reducing the damage done to your SEO strategy.
WordPress was never for security and had a lot of holes with the security system. But, as the site increases in popularity, it is possible that there will be more hacking that will increase at an exponential rate. Previously on the eve of June 2009, WordPress launched a version 2.8.0 and later upgraded it to a 2.8.4 in four months. This is a heightened four levels of security in four months. WordPress has managed to speed up the work on patches but the similar pace does not seem to exist for hacks. For all this, it seems that there is a gross incompetence on the part of WordPress. The tragedy of the problem occurs right at the top and it seems that the complete team involved in development for WordPress is a failure. So, users need to be aware of the problem and be aware of the implications.
One needs to have a setup for WordPress which allows you to consolidate the inbound links to your main domain and the subfolder to the main site. This allows you some trust and authority scores. For security purpose, it is very dangerous to have publishers who are using the same database in WordPress along with other domain customers, products and records of transactions. Once, you login and access the admin section, then it is possible to be compromised and any hacker has the capability of accessing your data. All it takes is access to the PHP MyAdmin plugin that gives full access to the records of the database allowing a person to edit, cut, copy or even delete data. Such a fearful thought extends to a further compromising level where a hacker has access to the file sytem by having access to modify or copy or delete complete information from websites.
One can also consider placing the website on a subdomain as an alternative SEO implementation. The equity of the links is shared with the central domain will not be as effective as the subfolder. But, you are capable of isolating the subdomain from the main folder better than the subfolder, which is good for security. The subdomain and the database can also be separated as they can have different servers and hosting fields by merely changing the name on the record. With this, you are capable of security that has increased but you have traded it for link equity.
If you are very strung on security, then, it would be best if you could try and blog on an entirely different domain that has an almost no chance of WordPress influence or the capability of compromising the website or the main database. This kind of SEO implementation is possible in very few situations. This setup will remove your SEO strategy for the sake of security.
But, the question remains, if you are capable of retaining any SEO value without compromising security. Here are some of the tips to help you do so:
Backups are the only way to keep your information safe as it is a security against any eventuality. Most people use backup systems that send important backup data from databases to an email account every evening. So, anyone is capable of keeping a backup based on the date the information is backed up. One can have a backup and ultimately an archive of the data from the first to the fifteenth of every month and delete the rest.
Your WordPress database should always be isolated from all your other databases by using all kinds of passwords and usernames. In a case where the hacker has access, he may be able to only destroy the WordPress blog which would be backed up.
Detection needs to be changed
Most of us have a page that gives information of ourselves that is not likely to be edited or changed very often. There are some services like ChangeDetection that give you the capability of monitoring the changes on the site by sending an email or an SMS, the moment it happens. So, if someone unknowingly inserts footer with links of other pages, you will be immediately notified. Google alerts also provide a similar service that does allow anyone to get away.
Login hacks that are aggressive can be blocked
There are some instances when the automated programs try to hack a username or passwords in combination. There is a plugin known as a Login Lockdown that prevents such hack-ins. In case there are consistent attempts, the specified IP address is blocked for approximately 30 minutes. It is possible that the hackers will move on, but you need to make sure that you are not locked down by the consistent changes of password and forget it. In such cases, you could try out Emergency.php that gives you the capability of changing the password and the username while giving you access.
Htaccess helps limit access:
Those who are comfortable with using htaccess, then, they can try getting access to a panel for admin that is based on the IP. But, this will not work for you if you do not have a static IP, i.e., if you are travelling a lot or have bloggers who are travelling.
Engineering social mediums
You could start by trying to setup an account with privileges for admin and then, use an admin username, then remove the admin account. Ensure that all your passwords are strong and unique and have different ones for all your logins. In case you feel you are aged or have a low memory then, try and use a technique for passwords. Ensure that you do not do give any admin access to those who do not need it or for anyone who does not need author or editor status. Ensure that you remove the check that allows anyone to register, in case it is checked. In case you want people to register freely, then ensure the plugin called captcha is activated on the page.
Fresh blogs and plugins are always accepted and need to be updated as quickly as possible. But, it is possible that the updates will break the plugin. Hackers simply wait for an opportunity to break into idle accounts.
It is quite possible that you may be able to optimize your SEO value in the blog while keeping your main domain blog, the reduction in damage from hackers to the minimum and ultimately to be able to recover quickly after spotting the problem.