Archive for the ‘Wordpress’ Category

Securing Your WordPress Website

Friday, August 2nd, 2013

It’s no accident that WordPress has become the 800 lb gorilla in the web publishing field. As of March 2012, 72.4 million sites were running on the CMS, amounting to 25% of all websites operating on the Internet. With that gaudy figure in mind, it should come as little surprise that hackers have flocked to exploit the weaknesses of WordPress.

Last April, a massive army of botnets were created to infiltrate WordPress sites using the “admin” user name via brute force attacks. Every day 30 to 40,000 attacks take place because owners allow their sites to become easy prey for these nefarious individuals.

It’s time to ensure you aren’t one of them. Let’s take a look at some easy ways to protect your WordPress site, helping you sleep a little easier at night.

As with any significant changes you make to your WordPress installation, I strongly recommend you back up your files and databases prior to making any of the changes listed below.

1) Update the admin user name: If the botnet example above didn’t put the fear of God in you, it really should have. Brute force attacks (programs nailing a website hundreds of times a minute by plugging in common user names and passwords) have become increasingly common. Using “admin” or other common user names like “administrator,” “test” and “root,” put a large target squarely on your back.

During the initial WordPress installation, you are prompted for your default user name. Change this to something unique to you. I wouldn’t recommend your name, but maybe something for you to easily remember (Mary526 for instance as a name/birthday combo).

If you’ve already installed your version of WordPress, you can go into mySQL and update the user name. In the wp_users table, you’ll find records of all the users setup on your installation. Just update the user_login for the admin account, and you are golden.

2) Create strong passwords: Having a unique user name is critical, but don’t neglect that other piece of the pie. Those brute force programs are regularly exploiting the most commonly used passwords like “admin,” “password,” “123456,” “111111? and “qwerty.” Don’t make the hackers job easier by serving up one of these juicy passwords. Pick something that has letters (upper and lower), numbers, special characters and over eight characters to really lock down your account. You say you can’t remember all these crazy passwords, much less which one belongs to which account? Consider a free program like Keypass to store all of your user names and passwords, allowing you to login to any site with a quick copy and paste. It can even generate 20 digit random passwords for you. Remembering complex passwords for your email, banking, and WordPress will officially become a thing of the past.

3) Update Your wp-config Security Keys: Tucked beneath your WordPress database settings in your wp-config file are your site’s unique keys and Salts. These are a random array of letters, numbers and special characters you’d likely never run across unless they were pointed out to you. Making a new set is very easy with this handy tool WordPress has provided.

4) Limit Login Attempts: This free WordPress plugin is a very handy addition. About three months ago, I replaced the Login Lockdown plugin on one of my sites with this one. In that time, 3968 users (or more likely bots) have been locked out. Not a single one of these incorrect logins was me.

Basically, this plugin locks a user out for 20 minutes if they have tried to login unsuccessfully more than four times. If they have been consecutively locked out four times, then the time period grows to 24 hours. You can alter these time and chance variables to loosen or tighten your login security. It also has helpful features like logging offender’s IP addresses and emails when a lockout happens. It can be unnerving when those emails start rifling in every minute over an hour long period, but you should feel comforted knowing your site guard is on high alert, earning its keep.

5) Secure WordPress: This is another free WordPress plugin I wouldn’t do without. Basically, it just patches a lot of common holes that exist in the basic WordPress install. It will do things like removing the version number of WordPress throughout the site or blocking malicious URL requests. The plugin allows you to toggle these options on and off to customize the settings for your security needs.

6) Always Have a Timely Backup: If a hacker did breach your site and proceeded to wreck havoc, could you recover? If you have a current file and database backup on hand, you could wipe the site clean and start over if needed.

One option is to just download your files to your local machine, but I’d recommend talking to your web host about backup options. Usually they are fairly inexpensive, and they can schedule them to go every night, once a week or whatever interval makes sense for your needs. Never assume your web host is making backups regardless of how much you are ponying up for your monthly hosting bill. I found this out the hard way.

Also make sure you are backing up your database. There are a ton of good options out there. I have used WordPress Database Backup which emails me zipped data files on a daily basis so I always have my data regardless.

There are other methods to constructing a wall around your WordPress website, but these six quick fixes will put you ahead of 99% of the sites out there. I know most readers will say that can’t happen to me, but I assure you it can. You can take an hour to setup your security correctly, or you can connect with your inner sadist by spending days or weeks repairing the damage, not to mention the potential financial impact inflicted by a savvy hacker. Its your choice.


Cloud hosting for enhancing your business

Wednesday, November 7th, 2012

Some find selection of web host quite overwhelming while for novice in hosting field, it turns to be truly nerve racking task. With number of web hosting providers in India, it gets quite daunting whom to approach and which plans to consider for your website.

Smart solution a step away!

You should look for those hosting providers who are well experienced and certified and have long list of satisfied customers and clients. Look for those that offer latest cloud hosting services. It is the latest trend in business world and offers variety of features worth exploring for your growing business. This kind of technologically advanced hosting service helps in putting a company’s software and data into a computer network known as ‘cloud’ rather than a local server or computer. Cloud servers host the following services:

  • Web based email
  • Music Streaming
  • File storage
  • Website growth flexibility
  • Guaranteed server resources
  • Outstanding features
  • Lower pricing
  • Redundant data storage
  • Advanced proprietary services etc. (more…)

3 Things You didn’t know about WordPress

Tuesday, March 9th, 2010


We can’t be more biased than this: it so happens that we are so swayed by the power of wordpress that we are beginning to believe that it can do a lot more than what is being thought of it. We thought we will let you in a few secrets that many people might not know about when it comes to dealing with wordpress. Our client Fetchprofits, recently sent out an email to us stating how quickly they were able to slap a portfolio site together ( they are into Internet consulting and web content development). Here are some of the tips they could share with us:

  • The famous 3 minute set-up and the 5 -minute outsourcing is really mind-blowing: Did you know that you just need about 3 minutes to have your blog up and running? The only thing that might not be there on your blog right away is quality content right away. Perhaps you could manage to write it yourself, develop it in-house or have web content development firms (or even freelance writers) develop it for you. Within 10-15 minutes, you are up and ready to go. We never knew it could be like this one day when we first came into business.
  • A wordpress blog can be made to look just like a website: You don’t even need to have a website designed anymore. That’s correct, you don’t need web designers at all.You will be surprised to hear it from us because we are into this business ourselves and we are shooting right on our feet; but it’s true. Of course, you will still need a lot of help in designing when you look at bigger things like e-commerce enabled sites, large websites, etc. How individuals and start-ups, a wordpress blog will more than suffice. However, that leads us to the next point.
  • If you have a small business, have your wordpress blog custom designed or modified: It is very important to look professional when you have your own business. If your website looks like the equivalent of a tissue paper, it’s not going to help you at all, is it? So whether you decide to actually get your website designed or just choose to host wordpress, you will still to have that logo up, get some graphic elements done, provide a custom look to your site so that your brand shines through. You can get this done easily by us, if need be.

WordPress is truly amazing and we hope you used it for your business?

A Never Ending List of WordPress Resources You Can Use

Monday, February 1st, 2010

wordpress icon.jpg

Our clients are predominantly wordpress fans and we are always asked about more resources that they could use. The Internet is literally flooded with so many good things for wordpress that is really hard now to actually point at something and say “there you go”. We thought we will make this a constantly updating blog post in series so that it eventually grows into a repository of sorts.

Blogging Elements -- This is a rather Interesting blog co-authored by Mike J – an Internet Entrepreneur and Ashwin Satyanarayana — a web-content developer and an Internet Marketing Consultant. Not only does the blog give all sorts of information on how to set-up a blog and run it but also has an interesting take on blogging itself. It is intriguing to see how these bloggers pick some seemingly ordinary things in life and relate them to blogging. While you are there, make sure that you check their WordPress Resources Page for even more juice.

StandOutBlogger By Thomas : This blog is close to what blogging Elements does, but seems to pursue a loftier goal of making a blogger do much more than mere blogging. But then, it goes a lot beyond just blogging. Thomas talks about Internet Marketing, Keyword Research, Offers discounts and much more. A very well-designed blog which focuses on producing quality content.

WordPress related resources, plugins, themes, SEO, etc

I stumbled upon this huge Mother-of-lists ( lists within lists, anyone?) and I thought it would qualify for a must add in this list of resources. WordPress plugins give life to a wordpress blog — not to mention incredible utility. Where on the virtual earth would you search for plugins you must have for your blog? Right here! Check out the following (Will be continuously updated):

WordPress Plugins

55 Favorite WordPress Plugins

This is, as mentioned before, a never-ending list and will grow continuously. We would obviously be very happy if you could let us know about some great list-type resources or any other repositories which have lots of information about wordpress. We will wait to hear from you.