WP-Config – The wp-config.php file within your site’s root directory contains the keys to your database. It isn’t directly accessible from the external web, but it is worth spending a bit of time here to ensure security. There are a couple of things you can do here to help yourself.

• Database name, username and password – Your database name can be anything, no one but you will ever see it, so make it something that is not easy to guess. The username and password that you enter here will only be used by Wordpress, so once again, make them something that is not easy to guess, and different from the credentials for your server, GoDaddy account, bank accont, Wordpress users, etc. This way if someone does get access to your server they can’t go crazy on the web getting access to everything you’ve ever owned. You’ll still have access to your database as the domain administrator, and if you ever do need these passwords again they’ll be safely stored in your site backup files.
• Security Keys – Wordpress 2.7 has four keys that you can add to the config file. The point of these keys is to add random elements to the passwords that are stored, making them more difficult to crack. You’ll never need to refer to these ever, so make them long and include every character you can get your fingers on. If you have trouble grasping the concept, use the generator that Wordpress provides.

File Access – Most people use FTP to access the files on their server. That’s great for ease of use, but this is an insecure method. If a sniffer picks up your traffic, they now have the credentials to access your server. Avoid the possibility by using SSH, which IS secure. If you need an SSH client, PuTTY is free.

Admin Account – When Wordpress is installed, it creates an admin account automatically, with a username of ‘admin’. If you use this account to either write for or administer your site, then anyone wanting access already has half of the information they need. Make them work, create an administrative account with a different username and then delete the ‘admin’ user. You can take this a step further by creating an ‘editor’ account to publish with. This prevents a would be hacker from finding out what your administrative credentials are.

Strong Passwords – Now for your account passwords. You want them to be long, and you want them to contain upper and lower case letters, numbers and special characters (# * @ ^, etc). Also, don’t use the same password for your Gmail, bank and GoDaddy accounts. If you have trouble remembering them get a password manager (I LOVE Roboform).

Protect Folders – Wordpress does a pretty good job of promoting itself as software, which is unfortunate because it gives would be hackers information that can be used against your blog. There are two folders that you need to think about protecting. We’ll tackle the easy one first.

• wp-content/plugins/ – This folder is where plugins are stored. By default, anyone that navigates to this folder can see which plugins you’re using. If someone wanted to hack your blog they would check here for potential security holes. Protect yours blog by adding an index.html file. It doesn’t need to contain anything in particular, in fact it can even be blank.
• wp-admin – This is the administrative section of Wordpress, all of the back end and many of its functions. This is the prize for hackers. There are a couple of ways to protect it, writing an .htaccess file yourself, or installing the Wordpress AskApache security plugin. Both will be effective. Once you select a method, and before you begin implementing it, take a few minutes and back up everything sixteen ways from Sunday, then read the instructions. You’re about to lock down your site for real, which means that its possible for you to lock yourself out.

Remote Publishing – One feature of Wordpress is that you can post to it from email or an external blogging platform such as Windows Live Writer or Ecto. This is pretty handy if you’re on the go, have limited access or like the features of your preferred blogging platform more than those within Wordpress. I would venture a guess that most people either don’t know or don’t care about this feature, and if that’s you then turning this off will leave one less opening. I do not mean to suggest that if you do choose to use this feature that you’re leaving your site exposed, I would not consider this an opening. But, if you aren’t using it then why leave it open? To disable this feature log in as an administrator and go to ‘Settings’, then ‘Writing’ and deselect ‘Atom Publishing Protocol’ and ‘XML-RPC’.

Stop Advertising Your Version – By default Wordpress lists its version number in the header code of your blog. Once again, this is giving a hacker information that he can use against you. Open your theme’s header.php file and remove this line “<meta name=”generator” content=”WordPress <?php bloginfo(’version’); ?>” /> <!-– leave this for stats please -->“.

Keep Current – As security holes are discovered the Wordpress development team addresses them. If you don’t stay current then your blog likely has security holes that you’re unaware of. When a new version of wordpress becomes available, install it. Be sure that your plugins are up to date as well. With version 2.7 this can be done with the click of a button so upgrade to 2.7 and then keep it current. No excuses.

Scan for Vulnerabilities – Now that your site is current with the latest software and locked down, scan every once in a while to ensure that a new vulnerability hasn’t exposed you. It takes only seconds to run, and provides valuable information on you site’s security.

Congratulations. Your blog is now more secure than it has ever been before. Go outside and do something fun. But remember, it may be safe today, but it may not be safe tomorrow. Hackers are always looking for ways of gaining accees to Wordpress. You’re never ahead of them, so there’s a good chance that within the next six months you’re going to need to take further action to keep yourself protected.

I have been blogging for six years now, and have also created accounts on just about every social site that I could find. I have loved Flickr since day one, it is THE place to share and peruse photography. And, it meshes with my blog perfectly. Facebook took me a while to warm up to, but now I love it. I enjoy keeping up with the daily lives of my friends, and I’ve even regained contact with some that I had lost touch with years ago. Twitter is even more fun. I’ll admit that it took me months to understand the point, much less embrace it. Now I’m addicted, I love it more than ice cream.

What I’m saying is that I ‘get’ blogging, and I also ‘get’ social media, and there (currently) is no site that makes me want to give up my blog (whether I have 2 readers or 50,000 isn’t the point). What’s more, I’m not going to stop reading blogs. My Bloglines account is loaded with dozens of RSS feeds that I check almost daily. Some are friends, some are blogs with tips for saving money or that provide social commentary, but I love all of them. If one of them drops I’ll go looking for other blogs to enjoy.

If I feel this way about blogging, then there are others. And if a community of people aren’t going to ditch their blog and want to read others, then blogging is certainly not dead. The fact is that Twitter, Facebook, Flickr, MySpace, etc do not replace blogging, they enhance it. Conversations that happen in more social spaces generate ideas that get explored on blogs which prompts further discussion… and on the cycle goes. Besides, if marketing sites are still publishing a guide for blogging, then what about it is dead?

Blogging is not dead. Blogging is doing just fine.

Image via Wikipedia

Have you heard of Zemanta? No its not a drug, although that’s what I originally thought, too. Zemanta is a tool that recommends links, tags, images and related articles as you type a blog entry. I found out about it a few weeks ago, and was intrigued enough that I installed the Firefox plug-in right away. Three blog entries later and I’m sold, I love it.

What It Does
As you type in a blog entry, Zemanta looks through your text for keywords, if it recognizes one, it surfs the web for links, images, tags and articles that are related, and displays them next to your entry. If you agree that these articles are relevant to your post, just click the appropriate button and Zemanta adds the link (or image) to your post.

Why It Matters
First, your posts become more interesting to read when you link to related content on the web, show pictures to illustrate concepts and link to other articles that either support or contrast with your claim. In other words, your readers will find your work more appealing.

Second, Zemanta makes it easier for your blog to be found. By using the tags that Zemanta recommends, you’ll be categorizing your content with the same keywords that others are using, which will ultimately have an impact on the traffic your blog receives through search engines. If Zemanta picks up on something that you blog about, others on the web will find out about it as they blog on related topics. If they link to your post, your blog just became more popular.

Review
Okay, so now that you have a grasp of what this tool does, here’s what I think of it. This is such a great idea! Why on earth hasn’t this been done before? Seriously? I mean, there isn’t any revolutionary technology at play here, this is just a tool that recommends content based on what you’re tying in.

So far I’ve tried the Firefox extension, the WordPress plugin and the Windows Live Writer plugin. As promised, they each work identically, so it doesn’t matter which you use. They also offer plugins for Drupal, Movable Type as well as an extension for Internet Explorer. I have no reason to believe that they’d work any differently. The only blog engine that I’ve tried it with is WordPress, but I did try it with two different themes, and all of the features (pictures from Flickr, lists, links, etc) rendered perfectly in both themes. If you use an image from Flickr or Wikipedia, credit for the image is handled automatically.

The content loads quickly, though I’ve only tried it with a broadband connection. I wouldn’t even attempt this tool with dialup. All of the buttons work flawlessly, which I was impressed with. It works well enough that you really don’t even think about it, it just offers up recommendations in the background as you type.

Bottom Line
Honestly, now that I know about this, it doesn’t make sense to me to blog without it anymore. As a blogger, I want for my work to be tagged appropriately and categorized correctly. I want to link to other sites when appropriate. And I like showing images to my readers. Zemanta makes all of that a breeze, so I get to focus on quality writing. The tool works flawlessly, so what’s not to like. I wish I had thought of it.

Related Articles

• Zemanta Is My New Favorite Tool As A Blogger
• Zemanta ~ Must Have Firefox Extension for Bloggers
• Zemanta – Semantically Augmented Blogging
• Zemanta – Content Suggestion for Bloggers