Today's question comes from Conroy Dave in Boston, Massachusetts.
He asks, I just visited your blog.
I noticed it was built with WordPress.
How do you keep it safe from hackers?
Ever since I got PR five last month, I've got dozens of hack attempts a minute.
That's a very good question.
And the fact is, since WordPress is so popular and so widespread, it is subject to a lot more attempts by hackers, especially people that have figured out that if there are old versions of WordPress, they're a little easier to exploit.
So the very first thing that I do is I try to make sure that I always have my server patched up to date.
You want to be running the latest version, I think as of this video, it's 2.9 .2.
But already they're testing out version three0.
I'm sure that will have a lot more security as well.
The other big thing that I do is you can change your Htaccess file HT access, which is in WP admin, and you can basically say, you know what, only a small number of IP addresses, the ones that I basically what are called white listing listing out explicitly are allowed to access my WP admin directory.
So what that does is it says if you're just coming from the general Internet, you can't log in, you'll get a 403, you'll get a forbidden air.
But if you're coming from, say, my home IP address or Google's corporate IP address, or maybe be a small number of IP addresses that I have very deliberately chosen, then you are allowed to log in.
You'll still need a password, and I try to pick up relatively long password.
So that is the number one way that I protect myself.
Besides being patched, try to make sure that you set something so that the hackers can't get to your admin directory unless they're coming from a very specific small set of IP addresses, that might not be perfect.
For example, if your web host happens to get hacked and people can read database passwords of other customers or stuff like that, that's not going to protect you very much, but I would at least do those two things.
And that will help keep your WordPress or any other piece of software from potentially being hacked.