File Permissions are set when WordPress is installed. If you did not carry out your own installation, you may want to check that the settings are right for your site.
Setting file permissions for certain files may have significant security implications for your site. It is worth taking a few minutes to check your settings and make sure they match your requirements.
In short, an install done by an experienced WP installer probably won’t need any file permissions tweaks. A self-install might need checking. Also note that shared servers will need different settings. Personally, my sites are on shared servers, as I imagine the majority of WP sites are.
Continue reading WordPress Security – File Permissions
Updates are the simplest way to reduce the risks to your wordpress site.
Set your WordPress version (core) to automatically update right from installation – it’s a no brainer. Of course, you may want to examine all the updates and make your own evaluation… assuming you have the time and expertise.
Not only that but regularly check your plugins and update them too, at least once a week if not daily. Having the latest versions means you are less vulnerable to the latest security issues. There is still no guarantee even if you update seconds after an update is available. However regular updating lowers your risk considerably.
Continue reading WordPress Security – updates
Having already recommended Loginizer to prevent ‘Bruteforce’ attacks, I now have another recommendation: ‘All in One WordPress Firewall’
‘All in One WP Security & Firewall’ from Tips and Tricks HQ is a very popular and up-to-date WordPress Firewall plugin. This certainly meets our requirements as a ‘safe’ option. It has all the features of Loginizer when it comes to Bruteforce, but that’s not all. As the name suggests, this has firewall settings which are simple to use, but it’s features are many and various. Too many to go into here, so a certain amount of playing about with the settings is recommended. One nice feature is the dashboard which displays a gauge indicating how protected your site is. Under this are four buttons which you should click to set up your critical features. Each time you add a feature, your security rating goes up on the gauge.
Continue reading WordPress Security – WordPress Firewall
Having introduced a series on Wordpress Security, the second post in the series looks at protecting WP-CONFIG and .HTACCESS files etc.
Apache uses the .htaccess file to serve files from it’s root directory. If it is not protected properly, your site security is definitely at risk.
Making changes could potentially be a turn-off as ‘techy’ language is being used. The reality is that it is not difficult to take a few steps to minimise the risk to your site. In order to carry out the necessary changes, you will need to ‘write’ to your site files. This sounds ominous, but the good news is, if you don’t want to do this the nuts and bolts way, you can use a plugin..
Continue reading WordPress Security – .htaccess
There are individuals who are ‘out there’ looking to hack into your WordPress site. WordPress Security is at risk not just occasionally, but on a daily basis.
We are acutely aware of security especially since the recent ‘ransomware’ super-hack. This attack appeared to affect multiple government organisations as well as individuals. If we learn nothing else from this, we need to realise that security should be second nature. This applies to wordpress security in the same way that it applies to our workstations and devices.
Continue reading WordPress Security
Like many people, I have an old laptop…this one is really old – I am pretty sure it dates from 2005. Now having said that, it does have 2GB RAM and a 1.7GHz processor. It still trundles along without embarrassing itself. However the issue here is the Operating System, because Microsoft do not do a system to suit this machine.
Continue reading Ventures into LINUX
I have played with ideas for a web ‘portfolio’ on this site, but have not been able to configure it to look quite as I wanted, so I ended up choosing another slider option. I have created a draft site for a client which included client testimonies. The layout of these is similar to what I was looking for for my portfolio.
Continue reading Carousel Slider plug-in
A redirect plugin can be really useful if you have re-built a site, are re-organising your site or have shifted from a HTML platform to a CMS.
I discovered today that an old link (a friend had kindly provided for me) actually pointed to a non-active page. This was because the link had ‘index.htm’ as part of the URL. The original site was built using Dreamweaver WYSIWYG which turns pages into HTML, so the link was valid until I switched to WordPress. The solution was simple and only took a few minutes, so I thought I’d quickly share it with you.
Continue reading WordPress Redirect Plugin
Some content and links visible to your visitors on a web page may not actually be visible to the Search Engines, eg. Flash based content etc.. Part of your SEO research should include tools that will allow you to check that spiders see what they are supposed to see. I recently came across a tool which simulates a Search Engine by displaying the contents of a webpage exactly how a Search Engine spider would see it. It also displays the hyperlinks that will be followed (crawled) by a Search Engine when it visits the particular web page along with meta tags and description.
Continue reading Website Spider Simulator tool
Another Windows 10 anomaly I have come across is that it has become unclear how to access default software preferences.
I remember years ago back in Windows 95 being frustrated because I had downloaded a trial program which had installed itself as the default program for images. When the trial ran out I could no longer open any images by clicking them in an explorer window because the default program was not responding. I spent months without a solution until I realised that you can ‘tell’ Windows which program to use by default (this was done simply in any explorer window – tools/folder options/file types). So where is this functionality in Widows 10?
Continue reading Windows 10 – default programs