Archive for the ‘WordPress’ Category

New WordPress website for local Rotary club in the works

Monday, August 8th, 2016

I’m proud to announce that I have been chosen to work with the Marlborough Chapter of Rotary International on defining, designing, and developing a new website for the Chapter.

The existing website launched in 2010.

Marlborough Rotary website 2010At that time, the committee had wanted to establish a web presence for the local chapter. It wanted a simple, clean design with user-friendly navigation that could be used as a tool to communicate with the local community as well as with its members.

The 2016 Marketing committee has created a website sub-committee to work on defining a new, more-modern looking website. Sub-Committee members are Elaine McDonald, Peggie Thorsen, Emily Greenwood, and myself. The sub-committee wants a website that includes functionality that meets the business requirements of today’s Marlborough Rotary club, and, more importantly, reflects how the Marlborough Rotary club has evolved as a modern, community-focused organization, with its 2016 message as well as its 2016 attitude!

As an Honorary Rotarian since September 2013, it is a particular pleasure to work on revamping the Marlborough Rotary’s web presence.

Stay tuned…More will be posted when the new website is launched.

 

  •  
  •  
  •  
  •  
  •  
  •  
  •  

Go-To Plugins for Transferring a WordPress Website

Monday, August 1st, 2016

When I transfer WordPress websites from one hosting company to another or even one server to another, I tend to install and use a limited set of WordPress plugins to assist in the transfer. Which plugins are used depends on the website’s set up, but, here’s a list of the plugins that help developers like myself transfer WordPress websites.

WordPress website transfer data migration

The existing website hosting area is the ‘source‘, and, the hosting area to which the website is being transferred is the ‘destination‘.

  • UpdraftPlus
    • Before doing anything else, backup the source website to remote storage. I have used this plugin for WordPress websites as large as 2.5 GB – with no problems. (Yes, gigabyte.)
    • Duplicator is an alternative for smaller websites. Remember to download the Duplicator package to your local drive and delete it from the source area before copying the website over to the destination area.
  • Broken Link Checker
    • Check the broken links on the source website, record them, and save them to your local or remote storage.
    • Use again to check the broken links in the destination website (after the transfer) in order to ensure that they match the broken links on the source website
    • Report broken links to the client
  • WP Migrate DB Pro with WP Migrate DB Pro Media Files
    WP Migrate DB Pro Media Files is an add-on plugin available with WP Migrate DB Pro.

    • Create a migration ‘definition’ that:
      • Backs up the source database. (I don’t worry about backing up the destination database as I use a clean install. See the Before Transferring a WordPress Website section.)
      • Maps the source addresses to the destination addresses (inside the database)
      • Copies the source database into the destination location.
        NOTE: Depending on how you prepare the destination hosting area, you may not want to copy the usermeta nor user tables to the destination. See the comments below about how I prep the destination hosting area.
      • Copies the images and other media from the source into the same folder locations in the destination hosting area.
  • Search and Replace
    • When I forget to map one or more addresses, or need to make mass changes to content in the destination database, I install Search and Replace. Search and Replace is a WordPress tool that makes mass changes to the database – and – the best feature is that it handles serialized data. WordPress data is stored in serialized format. This format is special and needs special handling. Search and Replace does the job well.

These are the WordPress plugins that I typically use. These plugins provide functionality for WordPress website developers. I delete them as soon as the website transfer is complete as they add no value to the public-facing website, and, we know that having extra files hanging out in your WordPress hosting account is an invitation for hackers.

Actually, Broken Links Checker does add value, but, has been reported as a source for burning up server resources. I have not experienced the burn, but prefer to err on the side of caution. So, periodically, I install it on websites, run it, record the broken links, inactivate and delete the plugin, then report the broken links to the client.

Before transferring a WordPress website

  1. Update WordPress to its latest security release on the source website
  2. Update all the plugins to their latest releases on the source website
  3. Install a clean version of WordPress in the destination hosting area
  4. Copy the .htaccess (if exists) and the wp-config files of the destination hosting area onto your local drive for safe keeping.
  5. Copy the wp-custom folder from the source over the destination folder of the same name

What plugins do you use when you transfer WordPress websites?

  •  
  •  
  •  
  •  
  •  
  •  
  •  

4 Tips for WordPress Website Security

Friday, July 8th, 2016

Karen Callahan speaking

Here I am, Thursday, 6-23-2016, presenting to my BNI group in Marlborough, MA.

I opened with a fun, something-no-one-knows-about-me story that involved a 13-hour train ride in Spain, an ex-con, a knife, and the threatening of my life. Ahhh… but you will have to meet me for a 1-to-1 to get the whole story!

One of the questions I had been asked to answer that day was:

What is the new gold standard in WordPress website security?

If only there were one thing that could be done for complete protection! That day, I responded with two quick tips:

  1. Create difficult, lengthy passwords
    This is a simple measure that deters a lot of would-be hackers. An easy password is like leaving the keys in your car or the front door to your home unlocked. The first step in self defense is simple locks. (You know that some burglars and car thieves are opportunists looking for an easy score and will move to another car or another house when they find that your car and home are locked down.)
  2. Host your WordPress website with a reputable hosting company
    Do research. Search for “company_name reviews”, and read the reviews. Check websites that exist for discussing the pros and cons of website hosting firms (i.e. WebsiteHostingTalk.com). Remember that you get what you pay for, so, opt for a mid-priced website hosting account and not the cheapest.

If I had had more time, I would have added 2 more tips that do-it-yourselfers can do to protect their WordPress websites. The full discussion is in my LinkedIn Pulse article, 2 tips to make your WordPress website less attractive to hackers. In the article, I recommend

  1. Updating the software often
  2. Keeping the website hosting account lean and mean

Running old WordPress versions and old plugin versions and keeping unused files in your WordPress hosting account set up your website as a desirable breeding ground for hackers. In those conditions, hackers can work undetected and inject code into your website.

Code that messes up your website. Code that downloads Trojan viruses to your visitors’ cell phones and laptops. Code that kidnaps computers and holds them for ransom. Code that establishes your hosting account as a spam email hub.
–Karen Callahan, 2 tips to make your WordPress website less attractive to hackers

You can take steps to avoid being the “hub” of malicious activity. Learn how to clean up your WordPress hosting account

I write these 4 tips for protecting a WordPress website here because a good, non-techie friend of mine often reminds me that not everyone is a professional WordPress developer like myself, and when you are a non-techie, “You don’t know what you don’t know“. Now you know! Remember to backup your website often, and especially before upgrading WordPress and the plugins.

 

 

  •  
  •  
  •  
  •  
  •  
  •  
  •  

New WordPress Website for local Insurance Professional

Tuesday, June 21st, 2016

Congratulations to Diane Rosen, founder of Integrated Insurance Planning, on her new responsive WordPress website.

Diane hired Adventures Online to develop the first ever website for her insurance business. Diane is a certified CFP, and has been working in Financial Planning and Insurance for over 25 years. In 2014, she sold her successful financial planning practice and retained her insurance business to establish Integrated Insurance Planning which focuses on:

  • Long Term Care Insurance
  • Life Insurance
  • Disability Insurance

The business requirements for developing the website were:

  • Keep it simple with a few words on a few pages
  • Use the teal in her logo as a highlight throughout the website
  • Have the website rest on a contrasting light green background
  • Highlight that “it is all about her clients’ needs; their financial protection and comfort” – and not about pushing products or meeting quotas
  • Ability for the owner to make light updates to the content (CMS)
Integrated Insurance Planning website

Click to view larger version

Solution:

  • A WordPress-based website because of:
    • The user-friendly Content Management System (CMS)
    • The plethora of frameworks and themes to choose from
    • The built-in “responsiveness” (of the themes)

The resulting website tells Diane Rosen’s story in less than 8 pages, presents the content in a simple fashion with the main content on the left and a sidebar highlighting the business focus on the right, includes two forms for connecting with Diane, and the ability for visitors to search the website for the particular insurance that is of interest to them.

Diane is very happy with her responsive website and wrote:

When a business friend referred Karen to me, she said that it would be easy to work with her.  After working with her I can honestly say that my friend’s comment was a huge understatement.

Karen built a WordPress website for me and I am very pleased with the result.  If you use Karen you will find she is responsive, dedicated and competent and a great teacher.  She developed on a timely basis, which was important for me.  She led me through each step and not only communicated well and clearly, she made great recommendations and even helped me write some of the content.  After the training on how to update the website this non-techie person feels very competent with my newly learned skills.  She’s a great teacher in addition to all her other skills.

If you are considering a WordPress website, choose Adventures Online/Karen Callahan and you’ll be happy with the result.

 

  •  
  •  
  •  
  •  
  •  
  •  
  •  

WordPress Plugin Security Alert

Tuesday, March 15th, 2016

Alert for WordPress Bloggers

If your blog/website uses the Custom Content Type Manager (CCTM) plugin, chances are, your WordPress blog/website has been compromised.

A backdoor hack has been discovered by Sucuri Security. March 4, 2016, Denis Sinegubko, wrote a post entitled, When a WordPress Plugin Goes Bad in the Sucuri blog.

It is a detailed account of the progression of activities leading to the discovery of the backdoor, and, Denis speculates about how the hack might have occurred, how the hacker might have progressed from a freelance WordPress developer to the dark side, and indeed, who the hacker might be (names he uses).

There are several recommended steps to mitigate the situation. The top four are:

  1. Replace the current version of Custom Content Type Manager with version 0.9.8.9 which is the most current clean version.
  2. Replace ALL WordPress core files with a fresh install. (Delete the existing files (which have probably been hacked) and replace with a fresh install of the core files.)
  3. Change the passwords of ALL users.
  4. Delete the users that are unknown to you and look suspicious.

Six to eight steps are suggested in the Mitigation section of the article. Scroll to the bottom of the article, just above the author’s byline.

  •  
  •  
  •  
  •  
  •  
  •  
  •