How to Start Blog in 100 Easy Steps – Focus on Security

This is a second installment of my on-going saga “How to Start Blog in 100 Easy Steps” and become a successful blogger. The first post in the series How to Start Blog in 100 Easy Steps – Get Rolling! left us with the blog website up and running. We have written a very first post, set up basic appearance of the site, and installed necessary WordPress plugins. This post focuses on blog security.

Step six: tell the world you exist.

People have to be able to find your site, or you will just be writing a diary, not a blog. The main sources of visitors are the search engines, so you have to tell them about you. The crawlers will find you (eventually!), but you can jump start the discovery process by entering your URL manually.

This is only the first step in the long road to SEO (search engine optimization).

The Yoast SEO plugin makes it very easy. In WP console, click on “SEO”, then click on “Webmaster Tools” tab – you see links to the three major search engines: Google, Bing (which also serves Yahoo), and Yandex (main Russian search engine). Click on the links and follow the three steps: enter your URL, get a meta-tag for verification, which you enter into the Yoast SEO, then click on “Verify” and you are done. (Find detailed instructions for Google here).

Step seven: armor your blog.

body armor - medieval security
Your blog must be protected.

There is nothing more discouraging (and infuriating!) than to have your blog spammed, crippled by hackers, or have your contents stolen – even before you really begun! Because of the many nasty characters in the online world, the protection of your blog should be a priority.

Plugins make the task easier, so we now install two more: Wordfence Security and Scrape Breaker. The former is a leading anti-malware (with over a Million of active installs), while the latter protects you from scraping (content theft). Installation is simple: click on “Plugins”, “Install New”, type the name, and finally click “Install”. Perform simple configuration, click “Activate” – and now you can sleep better!

Scraping takes your content and inserts it into another page, making it look like the page created the content. This robs you of your traffic. To add the insult to injury, Google may think that it was you who stole the content and penalize you in rankings. Not a pleasant prospect!

Step eight: add HTTPS security.

HTTPS is a protocol for encrypted connections between browsers and servers. URLs that start with https:// instead of http:// establish secure connections. HTTPS protects data privacy and makes for a safer Internet – so its use is rapidly growing. Google is calling for “HTTPS everywhere”.

What does that mean for you? You have to add HTTPS to your website. Why do you need HTTPS? Obviously, for data security and privacy. Yet the most important, but rarely mentioned reason is branding.

You have to add HTTPS to your website.

Consider what happens if you don’t support HTTPS.  When users enter, they are not sent to your blog! Instead, they are redirected to a parking page that is branded for the web hosting company (e.g. BlueHost). The effect is surprisingly bad! Just try it and see for yourself.

Finally, Google announced that they are starting to use HTTPS as factor in page ranking, the “holy grail” of SEO.

The hosting company BlueHost offers free basic HTTPS (a.k.a. SSL). Upgraded HTTPS costs about $5/month. All you have to do is to contact them and ask to add SSL to your website.

In this second installment of the series “How to Start Blog in 100 Easy Steps” I covered the questions of how to protect the new blog from malware, why you need to add HTTPS to your website, and how to give your URL to search engines. Please let me know if you find the content useful. I would love to hear from you so please leave a comment.