top of page
  • Writer's pictureESET Expert

Safety first: 5 cybersecurity tips for freelance bloggers

The much-dreaded writer’s block isn’t the only threat that may derail your progress. Are you doing enough to keep your blog (and your livelihood) safe from online dangers?

Whether we like it or not, writers and bloggers are part of a community. And while we might write on totally different topics and espouse views from opposite sides of the fence, we all know that a writer’s life isn’t easy.

That’s not just because creating fresh and engaging content requires tireless dedication and a range of skills that involve a lot more than ‘just’ writing; especially in the online world, some ideas or topics presented by authors might not be taken seriously or sit well with certain groups or individuals.

Put differently, you’re likely left to your own devices and need to fend for yourself in more ways than one – including when it comes to digital security. Indeed, it may be a truism that the safety and security of our community and workplace, as well as that of our families and ourselves, should not be taken lightly. And since news and opinion circulates and is distributed mainly online now and at speed, there is a degree of internet security savviness that every blogger or news writer should aim for.

On average, 30,000 websites are hacked a day, with a hack happening every 39 seconds. In 2021 alone, there were 22 billion breached records, and 95% of the successful breaches were due to human error or a person’s underestimating their cybersecurity needs.

And while you might be forgiven for thinking that the bad guys would only be after prominent blogs (cue the hack of Google’s official blog years ago) and that such a thing cannot happen to a humble freelance blogger or writer, the reality is quite different.

So, what can you do? Well, from one fellow blogger to another, there are certain ways to stay safe and protected. Here’s how.

1. Use secure login credentials

Surprisingly, password security in today’s age is still lax, as people even now tend to use the same weak passwords that can be hacked in mere seconds; therefore, a healthy attitude toward passwords is a must. Consider using a longer passphrase or a fourteen-character-long varied password, at least. Better yet, use a password manager that can generate and securely store all your passwords.

2. Turn on two-factor authentication

The best bet to increase the security of your page or logins is to add a second authentication layer to your account. Ideally, move beyond SMS authentication codes (they are increasingly under threat) and use a verified app like Microsoft Authenticator, Google Authenticator or Authy, a dedicated CMS plugin or a platform to generate codes for better account security.

3. Set up a virtual private network (VPN)

Most bloggers work from home or another external location (yes, cafes with good coffee do induce a creativity high), and connecting to public Wi-Fi networks can present a considerable security risk.

There is rarely anything stopping a hacker from sitting down and using a “sniffer” program to monitor all data being sent and received on an open network. Anything you work with, even your blog’s login information, may come up on the hacker’s screen, which can lead to account and identity theft.

With a virtual private network (VPN), your devices connect to a secure offsite server, and your data packets travel through an encrypted tunnel. The encryption will protect your blog’s information on any network. Because you are using a different server, your IP address will be masked, and you will be more difficult to track.

Perchance you might even find yourself facing government censorship or surveillance, in which case you can blog using the Tor anonymity network. [We looked at differences between VPNs and Tor recently.]

4. Keep your CMS and plugins updated

When Ghost, Drupal, WordPress, Joomla, or another CMS tells you of the availability of a new version, act on it. CMS and plugin developers work day and night to patch security holes and other issues that arise. Hence, updating ASAP will ensure you use the most up-to-date security measures to ward off malicious actors from your blog or website. Similarly, you should download your plugins only from verified sources, as those from insecure websites or hosts might contain malware.

5. Use a security certificate (HTTPS)

Another good tip would be to use a TSL (Transport Layer Security) or SSL (Secure Sockets Layer) certificate, as it protects data moving between your site and its visitors via the use of encryption. Said data might include emails for your newsletter, credit card numbers for purchases (or subscriptions, Patreon, etc.), and passwords. Having such a certificate on your website protects said traffic and offers more visibility on Google, so it is not only more secure but also might boost your traffic.

To get a certificate, check with your hosting provider. Typically, certificates come as a part of hosting plans, but some might not. To see if your website already has a TLS/SSL certificate installed, navigate to your web browser’s address bar and look for a small padlock next to the URL.

But wait, there’s more!

Of course, there are several more steps you need to take to ensure more robust security for your blog and personal computer. They start with using industry-recognized security software that will go a long way towards protecting you from myriad threats online, as well as learning some other basic personal cybersecurity practices.

Just as crucially, keep your work backed up, be it on a separate drive (USB/HDD/SSD) or online, using a reputable cloud provider. This way, you will not lose perhaps years of work if something happens, and it will allow you continuous access to your portfolio.

Hopefully, our tips will have you working on your blogs like before, but with the added benefit of a safety net protecting you and your work.


bottom of page