Posts Tagged ‘WordPress’

4 Tips for WordPress Website Security

Friday, July 8th, 2016

Karen Callahan speaking

Here I am, Thursday, 6-23-2016, presenting to my BNI group in Marlborough, MA.

I opened with a fun, something-no-one-knows-about-me story that involved a 13-hour train ride in Spain, an ex-con, a knife, and the threatening of my life. Ahhh… but you will have to meet me for a 1-to-1 to get the whole story!

One of the questions I had been asked to answer that day was:

What is the new gold standard in WordPress website security?

If only there were one thing that could be done for complete protection! That day, I responded with two quick tips:

  1. Create difficult, lengthy passwords
    This is a simple measure that deters a lot of would-be hackers. An easy password is like leaving the keys in your car or the front door to your home unlocked. The first step in self defense is simple locks. (You know that some burglars and car thieves are opportunists looking for an easy score and will move to another car or another house when they find that your car and home are locked down.)
  2. Host your WordPress website with a reputable hosting company
    Do research. Search for “company_name reviews”, and read the reviews. Check websites that exist for discussing the pros and cons of website hosting firms (i.e. Remember that you get what you pay for, so, opt for a mid-priced website hosting account and not the cheapest.

If I had had more time, I would have added 2 more tips that do-it-yourselfers can do to protect their WordPress websites. The full discussion is in my LinkedIn Pulse article, 2 tips to make your WordPress website less attractive to hackers. In the article, I recommend

  1. Updating the software often
  2. Keeping the website hosting account lean and mean

Running old WordPress versions and old plugin versions and keeping unused files in your WordPress hosting account set up your website as a desirable breeding ground for hackers. In those conditions, hackers can work undetected and inject code into your website.

Code that messes up your website. Code that downloads Trojan viruses to your visitors’ cell phones and laptops. Code that kidnaps computers and holds them for ransom. Code that establishes your hosting account as a spam email hub.
–Karen Callahan, 2 tips to make your WordPress website less attractive to hackers

You can take steps to avoid being the “hub” of malicious activity. Learn how to clean up your WordPress hosting account

I write these 4 tips for protecting a WordPress website here because a good, non-techie friend of mine often reminds me that not everyone is a professional WordPress developer like myself, and when you are a non-techie, “You don’t know what you don’t know“. Now you know! Remember to backup your website often, and especially before upgrading WordPress and the plugins.



WordPress 2.6 – DON’T upgrade yet

Monday, August 4th, 2008

I just installed the latest version of WordPress – as a clean install – for a client. Well, let me tell you that the latest version (2.6) is not ready for prime time. The Permalinks – to me one of the most valuable features – do not work. If Adventures Online installed your blog, chances are the blog uses Permalinks. If you install WordPress 2.6, the links (your menu items and links within your posts) will no longer work.

A feature that has been added is the storage of “revisions”. Now, instead of having one record in your database for each page or post, you will have multiple records – and there is no toggle switch to shut this feature off. So, if you edit a post 5 times, you’ll have 5 records for that one post. It is a disgraceful waste of space, especially since there is no way from the admin to rollback to a revision. So WHY hold on to them? 

I went to the WordPress forum to see what “I” was doing wrong and why these things were happening. I am very discouraged to learn that the attitude of the developer (Otto) responding to the questions (for these two items) was incredulous. Obviously, a person who has no real-life experience – with computer systems nor life in general.

So I am discouraged. After praising WordPress as the only blog tool to be using since 2003, and encouraging all of my clients to invest their time and money in it, they release a version that acutally breaks your blog, wastes a lot of space, and they don’t really care.

 I am hoping that they will listen to the multitudes of persons writing in the forum. 

Don’t upgrade to 2.6 just yet. 2.6.1 is suppose to have fixes for the Permalinks. I don’t know if it will address the storing of “revisions”.

I’ll let you know when I know more.