Yesterday Wordfence Security posted that 6.7% of all attacks they see on WordPress sites come from hacked home routers. Today they posted a tool on their website you can use to scan your home router and make sure it is closed to attacks. Click the link to read more and scan your router now.
Today I had someone email me how to help them achieve online presence with Google. After typing my answer I realized it was a great post that I could share with others!
Here was my response:
So this is the Cole’s Notes version of SEO. But if you follow these practices, you should be able to rank higher.
If this seems overwhelming, contact me!
Cindy
Many of my client’s websites have been showing an error in the admin dashboard stating “An automated WordPress update has failed to complete! Please notify the site administrator.”
I have done some research and it seems that this error is appearing after you have run the WordPress updates (any updates) and there is a new version of WordPress. I believe this error is being generated on any Godaddy WordPress hosting sites because Godaddy will automatically update the WordPress core files yet WordPress is trying to update itself.
Just be patient…. it takes a few days for Godaddy to process the updates across the WordPress Hosting servers. Once WordPress is updated the error will disappear.
Okay, I get it. People want your business so they target your website on the internet, send an email in the hopes that they can drum up some new business…. but seriously when you read their email to you offering their ‘service’ sometimes it’s almost laughable. They either didn’t even bother to look at your website or they used a robot to search for forms on websites and generate it automatically.
Look at the nice email I just received through my website contact form:
Subject: Web Design For Business
Message Body:
I’m sending a quick note regarding your website. I can make changes (aesthetically / design) so your site will convert more visitors into revenue by allowing your website to be mobile friendly for phones and tablets including more focus on your “call to action” areas.
I would just need to know if you’re open to checking out information about a website re-design. Would you be open to seeing more info and a quote for what I would like to accomplish?
Thanks and let me know
Shelby 🙂
—
This mail is sent via contact form on Wanna Web Design
Maybe, just maybe Shelby should have taken a look at my website and see what I do … LOL 🙂
There is no quick way to secure your website from hackers. You need to be vigilant and use as many defences as you can. The following is a list of 9 ways to secure your website.
Regularly go into your WordPress dashboard and install the newest versions of all your plugins. It’s easy to do: just look at the top left corner, if you see a number with a semi-circle swirl it means there are that many number of updates available for your website. Click on this link and update each of the plugins, themes and WordPress to install the newest version.
There are so many free WordPress themes and plugins out there but you have to be careful which ones you install on your website. Choose themes from a reputable theme developer or theme sales website. One that I use regularly is Theme Forest. Pick from the most popular theme or plugins to ensure they will be kept up to date. Also always check the date of the latest update. If it’s over 6 months old, I tend to avoid it. Look at the history as well, check how long it takes for problems to be corrected or questions to be answered. This will tell you if there is a team keeping up with the software.
Use strong usernames and passwords. Avoid usernames like ‘user’, ‘admin’, ‘root’ choose one that would be difficult to guess. Passwords should be at least 8 – 10 characters long, should include upper and lower case letters, numeric and special characters. Avoid using the user name in the password and avoid using the obvious like your name. Also try to create different username/password combinations across the internet to avoid hackers finding out the one and using it across many accounts to hack all your information.
Use a well established company with a strong reputation and good track record for security. Providers that ensure a high rate of “uptime” and 24/7 support service are important.
For added security you can install a plugin that uses 2 factors for login rather than just the username and password. This would make it much more difficult for hackers to guess the login and for the spambots (programs that search the web to try and sign in to websites repeatedly) to test your site. Here is a free plugin from the WordPress.
SSL stand for Secure Socket Layer. This is added security for any customer or client that might type in personal information on your site. It adds encrypted information that hackers can’t “watch” while people enter information on your site. An SSL Certificate is relatively affordable (less than $100 for the year) and well worth it for the added security and peace of mind.
This is for the developers who need access to the backend files of your website. Using SFTP (Secure File Transfer Protocol) adds extra security rather than signing in directly through FTP. Again it adds encrypted data to the uploads/downloads to protect your website from hackers “watching” your site.
Install a security plugin on your website. iThemes Security plugin is a free security plugin. It has over 700,000 downloads, has been updated recently (3 weeks as of this writing) and as always is easily installed through the dashboard. Another plugin I have been using over the past few years is Wordfence Security. With over 1,000,000 installs this is a well-established security plugin. It monitors who visits your site, you can set it to block IP addresses. The paid version allows you to block countries. It also does scans of your website for any code that has been inserted in your files and sends out emails when new versions of plugins or themes are available.
Make sure you take regular backups of your website. There are many free plugins that you can take daily/weekly or monthly backups of your website. Some are easier to install the backup if something does go wrong. Just a shout out to Godaddy: they offer WordPress Hosting packages that include daily backups of your entire website and keeps these backups for 30 days. With a simple click of a button, the website is restored to any of the past 30 days that you choose.
I would like to thank Cindy from Wanna Web Design for creating our great website. We are very happy with the end result and could have not chosen a better person to create our website. Cindy was very patient with us and took time to explain the process step by step.
Stephanie Rodrigues – VR Plumbing Inc.
This was posted on my Facebook page and I just have to share it…. for all the web developers out there! Go to http://theoatmeal.com/comics/design_hell
If you have Wordfence Security plugin installed in your WordPress website, chances are you are getting emails from WordPress with the subject :
Do not worry! This is actually a very good indicator that something needs to be updated on your website. If you open the email (it is safe) it will tell you which plugin or theme needs to be updated or if the WordPress system has an update.
If the WordPress needs to be updated the best way to do this is through the hosting environment:
If you are hosting with GoDaddy.com or Wanna Web Design Hosting (hosting.wannawebdesign.com), you can sign in to your hosting account, click My Account, Click Web Hosting, then “Launch” and sign in to the CPanel. Under Options and Settings, Popular Apps click the WordPress Icon. Now on the right hand side it will say ‘Manage my applications’ Click this link. You will then see a link that says ‘install new version’ click this link, and follow through the prompts. Then ‘install now’. This will take a backup of your database and files and install the new version. If there is a problem with the install you can back out of it. You will get an email when install is complete. Don’t modify your website while doing the install.
If you ever have trouble or don’t want to bother with this yourself, feel free to contact Wanna Web Design and I can do it for you for only $25.
Otherwise, you need to sign in to your WordPress admin dashboard. At the top of the dashboard screen on the left you will see a swirling circle with a number next to it. (If it says 0 you don’t have any updates).
Click this circle, it will take you to the WordPress updates page.
At the top it will notify you if you have a current version of WordPress. If it is out of date it will say Update Now. Click this link and just wait, don’t navigate from the page. Wait until the wordpress install has completed.
Then return to the WordPress updates page and continue updating all plugins and themes. Be careful of the themes! Some themes have been customized for your install and updating them will override your customizations. Double check with your web designer if you are unsure of your theme name.
To update plugins: Click all of the links at once and then click ‘update’. This will install all new plugin versions.
Do the same with the themes …. but again, do not update themes if you aren’t sure which one is yours.
There is a plugin installed in your website called Wordfence Security. This protects your site from hackers trying to gain access to the admin area. You can also run a scan to see if the website is protected. All plugins must be up to date or you will get an error in your scan.
Hover over Wordfence Security and then click Scan. Click scan at the top. It will walk through all files (takes a few minutes) and then you will get result of scan. You want the message to be ‘Congratulations…”.
WordPress websites are one of the most used Content Management Systems on the web. They are also one of the most attacked Content Management Systems on the web! Hackers are constantly trying to find loopholes or backdoors to gain access to your WordPress site with the intent to insert code within your theme to link to their sites (most cases). In most cases people don’t even know their sites have been compromised, you can’t see it and it the hacks are hidden in old theme files, image files or wherever they hope they will not be detected.
There are many security plugins that you can install in your WordPress site. My favourite is Wordfence Security.
It is easy to install and set up.
Go to Plugins Add New
In the search field type Wordfence Security, then install.
You will be prompted to type in an email address to send notifications. This is how/where Wordfence will notify you if there are any alerts on your website.
Then Click Wordfence from the left side of the WordPress dashboard and select Options.
These are the default selections when you install Wordfence.
The Alerts let you know when there is any activity on your site. These are important especially when there is a global attack on websites. You will know when a hacker is trying to sign in and what admin user id they are trying to gain access with.
Now sometimes this can be a bit of a nuisance as repeated emails get sent to your inbox. But it is important to monitor and make sure they aren’t using a correct administrator user id.
The login Security Options I set really tight so that once a hacker fails 2 times to gain access, they are locked out for 60 days.
Click save to save all your changes.
After a long struggle to find how to add several pages to the Information block and a few missed important details, I have decided to write my own tutorial!
With the proper information it is actually quite simple. These instructions are for version 2.3.3.4.
You need to have access to the files through an FTP client like Filezilla (search for Filezilla and download it for free).
Step 1
go into the /catalog/ folder and locate shipping.php file. Copy this file to create your new page, for the purpose of this tutorial I will call it about.php
edit the about.php file and replace FILENAME_SHIPPING with FILENAME_ABOUT (2 occurrences)
save your file
Step 2
go into the /catalog/includes/ folder and edit the file filenames.php
copy the line
define(‘FILENAME_SHIPPING’, ‘shipping.php’);
and change it to
define(‘FILENAME_ABOUT’, ‘about.php’);
save the file
Step 3
go into the /catalog/includes/languages/english folder and copy the shipping.php file to create about.php
edit the new about.php file and change the following lines:
define(‘NAVBAR_TITLE’, ‘Shipping & Returns’);
define(‘HEADING_TITLE’, ‘Shipping & Returns’);
define(‘TEXT_INFORMATION’, ‘Put here your Shipping & Returns information.’);
to:
define(‘NAVBAR_TITLE’, ‘About Us’);
define(‘HEADING_TITLE’, ‘About Us’);
define(‘TEXT_INFORMATION’, ‘Put your about us information here… use html code to enter it like this :
<h2>About Us</h2>
<p>All about me, me me me!</p>
‘);
* note make sure you keep the final end single quote!
Step 4
edit the following file:
/catalog/includes/modules/boxes/bm_information.php
insert the following code where you would like to add the link to your page:
$data = ‘<div class=”infoBox infoBoxInformation”>’ .
‘ <div class=”infoBoxHeading”>’ . MODULE_BOXES_INFORMATION_BOX_TITLE . ‘</div>’ .
‘ <div class=”infoBoxContents”>’ .
‘ <a href=”‘ . tep_href_link(FILENAME_ABOUT) . ‘”>’ . MODULE_BOXES_INFORMATION_BOX_ABOUT . ‘</a><br />’ .
‘ <a href=”‘ . tep_href_link(FILENAME_CONTACT_US) . ‘”>’ . MODULE_BOXES_INFORMATION_BOX_CONTACT . ‘</a>’ .
‘ </div>’ .
‘</div>’;
save the file
Step 5
edit the following file:
/catalog/includes/languages/english/modules/boxes/bm_information.php
to include the following line:
define(‘MODULE_BOXES_INFORMATION_BOX_ABOUT’, ‘About Us’);
save the file
Upload all of the files into their respective folders and refresh your screen.
The new Link should be added beneath the Information section in the sidebar.
If you don’t see the sidebar, it might be turned off in the osCommerce admin panel….
