Corporate bloggers need to pay as much attention to the security of their blogs as they do in writing them to avoid being hacked.


According to a new guide by Network Box's internet security analyst Simon Heron, the two main threats bloggers face are comment spam and SQL injection attacks. He also claimed that both Blogger and Wordpress have been vulnerable to SQL injection attacks, and don't provide enough care when validating SQL queries.

Heron said: “A new blog takes a lot of time to do well and all that work is being put at risk by bloggers not taking simple security steps. Most bloggers are not security experts, so their blogs don't have the usual checks that their email systems will have in place, for example.


“Most of us are pretty used to sharing links to unknown sites – YouTube videos, or photo albums shared between friends, for example – and this can lead to complacency that hackers exploit.”


The guide produced encourages bloggers to ensure that their blogging software is up to date, check that their password is strong and to use Captcha or other user authentication before allowing a comment post. It also advises on logging in securely over https and to check the blog at the weekend as this is the most common time for a hacker to infect a blog.