How Can They Hack You? Let Me Count The Ways

flatlay blue desktop

Website Security Is Fluid

It’s definitely not just installing a plugin and then forgetting about it. It’s a constant battle to outwit those who would like to gain access to vulnerable information. There are different areas of your site that can be vulnerable if not secured.

Today, we’re going talk about those different areas and why and how you need to keep them locked uptight.

Insecure Webhosting –

WordPress sites are hosted on a web server. Some hosts do no properly secure their hosting platforms. This makes all websites hosted on their server vulnerable to hacking attempts.

Using those bargain web hosting companies who don’t have the assets to protect your property can really hurt you in the long run!

screenshot of hostgator web hosting pricing

Using Weak Passwords

You have different passwords for different parts of your site and all of them need to be kept secure. Below is a list of passwords that need to be checked and possibly changed.

  • Your WordPress Admin
  • Web Hosting Control Panel
  • FTP Accounts
  • MySQL Database used for your site.
  • Email Accounts are used for WordPress admin or hosting accounts.

WordPress login page

 

Unprotected Access To WordPress Admin (WP-ADMIN DIRECTORY)

This gives a user access to perform different actions on your site. It is the most commonly attached area of a WP site.

12 tips to secure your wp-admin section

Incorrect File Permissions

Are a set of rules used by your web server. These rules s help your server control access to files on your site. Incorrect rules can give a hacker access to write and change those rules. Here’s a great article on WP BEGINNER on how to change these!

changing your file permissions in WordPress

Not Updating WordPress

Each new version fixes bugs and security vulnerabilities. If you don’t update you leave those vulnerabilities.

screenshot of a wordpress update screen

Not Updating Plugins & Themes

Same as updating WordPress. Not updating plugins and themes is dangerous can leave your site weak.

screenshot of a wp plugin update page

Using Plain FTP Instead Of SFTP/SSH

You should always choose SFTP access instead of FTP it is much more secure.

The key difference between FTP vs SFTP is that SFTP uses a secure channel to transfer files while FTP doesn’t. With SFTP, your connection is always secured and the data that moves between your FTP client and your web server is encrypted.

Using “Admin” As A WordPress Username

Never use “ADMIN” you should always use something unique. Enough said!

Nulled Themes & Plugins

Never use plugins and themes from unreliable sources. Malicious code can be put into either that can give a hacker access.

HERE’S WHY:

  • You Don’t Know What Else Is in the Code
  • Developers Need Money To Continue Improving Their Products
  • You Won’t Get Any Support From The Developer
  • You Won’t Get Any Automatic Updates

Not Securing WordPress Configuration WP_Config .PHP File

Wp_config contains your database login credentials. To keep that from happening add this piece of code.

The WordPress wp-config. php file contains very sensitive information about your WordPress installation, such as the WordPress security keys and the WordPress database connection details. You certainly do not want the content of this file to fall in the wrong hands, so WordPress wp-config. Here is a great article on how to secure these important files.

Not Changing WP Table Prefix

Change the wp_ prefix. Here’s a link that will take you to a blog post that will explain how to do this if interested.

The most important part of my job is to make sure your website stays safe, secure and user friendly and I take that very personally. If you’d like to have one person to go to with all of your website issues then let’s talk! Schedule a free consultation today!

LET’S TALK!

 

41Shares

35 WordPress Hacks That Will ROCK Your World

This post was originally written in 2018, but it was updated Mar. 2020

  • This first one came to my attention after helping a friend create a new website. She was going through her web hosting company every time she signed on to her website. When you want to log in to your website you can type in your URL and then add /wp-admin/ to the end of it and you will be taken to your login page. For instance, to sign on to this site you would go to https://technology-therapist.com/wp-admin/.

 

  • A page is a static piece of content. It isn’t dated, nor does it show up in any sort of RSS feed. Great uses for pages are your ABOUT page, RESOURCES page, CONTACT page. A post is a dated piece of content that gets pushed out to your RSS feed. It’ll show up in readers. It also is categorized and tagged in your database differently than a page.

 

  • If you look at the top of your posting page you will see a tab that says “SCREEN OPTIONS” (See image below 1.). There you can decide what you want to see on your posting page. You can change it whenever you like and it includes things like plugins that you may want to use. Such as SEO by Yoast or CoSchedule. You can also choose whether you show an excerpt, you can turn your comments off and on, use the distraction-free writing functionality, turn off sharing buttons, even whether or not you use the featured image.

 

  • edit-post-the-blogging-911-wordpress

 

  • The next tab which is the “HELP” tab will give you instructions for writing posts, inserting media, etc. (Image 2)

 

 

edit-post-the-blogging-911-wordpress-1

 

  • On your posts page if you have “LAYOUT” checked you can decide what kind of page you want to create. On mine, I can use the “Default page” which will be whatever I have checked for your general layout (sidebar, no sidebar, right-sidebar, left sidebar). My other choices are: Archive, Blog page, Category Index, or a Landing Page. You can make any or all completely different from each other. (image 3)

 

 

2017-03-23_li

 

  • You can also choose to make a post or page public or private. You can even make a post or page password protected. Like the resource library for this site. When you sign up for my email list you get a password which allows you access to the resource library.  (image 4).

 

edit-post-the-blogging-911-wordpress-3

 

  • You can also schedule posts in the future in case you are away. (image 5).

 

edit-post-the-blogging-911-wordpress-4

 

  • Write an excerpt (activate it in the post screen option) to customize how your post appears around the web. If you are using an SEO plugin, it’s called the meta description. One difference between the two: The excerpt box will display if you have your blog posts set to an excerpt format, whereas the SEO meta description usually only shows up in Google search results or in places where you share the link (like on social). The excerpt will show up in RSS feeders (if your website is set to only show excerpts).

 

  • Under the “SETTINGS” tab on the left under “READING” set your how your article looks in a feed to summary and only send out excerpts in your newsletters. If you send the whole thing out no one will have a reason to come to your site. (image 6).

 

reading-settings-the-blogging-911-wordpress

 

  • You can always change the permalink (URL) of your post by clicking on the edit button right beside the permalink (URL) (image 7).

 

edit-post-the-blogging-911-wordpress-5

 

  • If you want to decide exactly how much text is shown of a post on the front page. Then use the jump break (image 7). It will stop the text and add a read more tag. (#16)

 

edit-post-the-blogging-911-wordpress-4
edit-post-the-blogging-911-wordpress-6

 

  • Trying to get rid of preformatted text by highlighting and using the eraser button. (image7).
  • The toolbar can do a lot of things quickly as you can see on image 7. I’ve already mentioned two the rest are as follows:
  1. Bold text
  2. Format text (H1, H2 etc. If you are not using these you should be.)
  3. Underline text
  4. Is to justify text
  5. Change the color of the text just highlight the text you want to change and enter the HEX number).
  6. Change the color around the text.
  7. I mentioned above
  8. Insert icons of different things like hearts, diamonds, etc.
  9. Decrease the indention
  10. Increase the indention.
  11. Undo
  12. Redo
  13. A list of keyboard shortcuts.
  14. Show/hide the bottom part of the toolbar
  15. Proofreads your writing
  16. Mentioned above
  17. Break a link
  18. Add a link
  19. Insert text/image to the right
  20. Center the text/image
  21. Left-justify the text/image.
  22. Insert a horizontal line across the page
  23. Quote button to accent parts of your text.
  24. Numbered list
  25. Bulleted list.
  26. Strike through text, example: She is was
  27. Italics.

 

edit-post-the-blogging-911-wordpress-7

 

  • When creating menus you can use not only pages and posts but categories, even external links.  Example: On your menu, you could have a “STORE” and it could take you to another site altogether. Or you could have a tab marked “RECIPES” and have it take you to all of the recipes on your site.

 

  • Under the “SCREEN OPTIONS” that I mentioned earlier you can set it to show your bio at the end of a post or page. You can change the wording by going to “USERS” & “EDIT”.

 

  • You need to create an archive page of all of your posts. I use a plugin called “CLEAN MY ARCHIVES” and I only have to place the shortcode [clean-my-archive] and it will post my archives. I also use a plugin called “GENESIS 404” which lets me create my own 404 PAGE (the page someone gets when they type in an error or there is a broken link). On my 404 page is a list of all of my posts so that readers can quickly find what they’re looking for. If you don’t have Genesis then you can go here for instructions on how to create your own Archive index page. If you’re using DIVI you can go to your 404 page and decide where you want to send those who have gotten lost.

 

  • If you go to “SETTINGS” “DISCUSSION” you can blacklist anyone you want. By simply entering their email. This will prevent them from being allowed to comment. (Trolls & bullies). You can also filter out comments by “trigger” words.

 

  • Go to “SETTINGS” “READ” to change the number of posts that show up on the front page.

 

reading-settings-the-blogging-911-wordpress-2

 

  • Change your media sizes to fit parameters that you choose by going to “SETTINGS” “MEDIA”

 

  • If you have Genesis you can go to “GENESIS” “THEME SETTINGS” to enable breadcrumbs which are small bits of text showing the reader where they are on the website. If you don’t have Genesis you can use this plugin. Your site can find adjustments for this under APPEARANCE >>CUSTOMIZE.

 

  • You can upload more than just images to your website such and also Powerpoint presentations, pdfs, word docs, and now Google docs on your website. Just upload them just like an image. Just insert them where you want them with a link.

 

  • Trying to get images side by side? You can go to Picmonkey and Canva and make a collage or you can simply go to the “TEXT” view and insert the code that fits your needs down below and that will allow you to make columns. There are also plugins that will help you as well. Elementor is a good one, but Divi comes out of the box being to design in columns and rows.

 

  • What to create columns on your blog post? On your post or page edit screen and click the text view. Use the following instructions to create columns on your Genesis theme. Here is a great list of Columns plugins by Elegant Themes. 

    2 columns

    <div class="one-half first">This is the 1st column</div>
    <div class="one-half">This is the 2nd column</div>

    3 columns

    <div class="one-third first">This is the first column</div>
    <div class="one-third">This is the 2nd column</div>
    <div class="one-third">This is the 3rd column</div>

    4 columns

    <div class="one-half first">This is the 1st column</div>
    <div class="one-fourth">This is the 2nd column</div>
    <div class="one-fourth">This is the 3rd column</div>
    <div class="one-fourth">This is the 4th column</div>
  • Use the WordPress APP to respond to comments, check stats, and even write posts.

 

  • Use the find link content tool when creating links. When the link box pops up, just hit the arrow and choose “find existing content”. Then you can search or browse your posts for the link.

 

  • Go to “SETTINGS” “GENERAL” and fill in the first two blanks for your website title and tagline. This is what will show up in Google Search. If you don’t have a logo this will show up in its spot.

 

  • Fill out the “USERS” profile completely.

 

  • Change the name of your “UNCATEGORIZED” category to something custom by going to “CATEGORIES” find “uncategorized” click “QUICK EDIT” and change the name to whatever you’d like it to be.

 

  • Create a FAVICON (the small image at the very top). Mine is the circle at the very top of the screen. You used to have to use a plugin, but now you simply go to APPEARANCE>>CUSTOMIZATION and look under site identity and you will see SITE>>ICON. Go to Canva, Picmonkey (any photo editing APP) and create an image in the size of 512 X 512. You can use your logo just make sure it’s something that is legible. You can change it whenever you’d like.

 

  • Put a search bar where it is visible on every page. I suggest the top, but sidebar and footer are fine.

 

  • Put an email sign up form in at least three places on every page. Because there are so many different size devices. Chances are some of them will not show up so it is imperative to have it at multiple points.

 

 

  • Stop saying you wrote a blog. It’s annoying. You write a “BLOG POST” on your “BLOG”.

 

  • Don’t limit your sharing buttons to only the platforms that you’re on. Just because you aren’t utilizing it doesn’t mean that your reader isn’t. You may get new readers from the exposure.

 

  • When creating a link the rule of thumb is. If it’s a link to somewhere else on your site you shouldn’t open in a new window. If it’s a link to another site then you should definitely check the box that says “OPEN IN NEW WINDOW”.

 

  • Don’t use CAPTCHA it’s annoying and people will avoid it altogether. The WordPress plugin Akismet works great.

 

Want even more awesome WordPress tips? Check out the infographic I recently created!

 

Join our community and get this in a downloadable form.

 

640Shares

Best & Worst Tools For Running Your Online Business

Each year I am approached by companies wanting me to try their products & services and ultimately share them with all of you. Some have been great additions to my business others have left me disappointed and flummoxed. I thought I would share with you the best & the worst from the past year!

To begin with, I’m going to break it down into 4 categories.

  1. Blogging tools
  2. Social Media
  3. Email Marketing
  4. Running your business

Blogging Tools

As you know (if you have a blog) there is always so much that needs to be done in a short amount of time so anything that I can find that will:

  • Save Time
  • Save Money
  • Improve My Skills

is a Godsend to me. Now, I want to share them with you!

Web Hosting  

I have my own hosting that I provide through Flywheel (owned by WPEngine) which runs $20 a month. We provide fast, secure hosting, free SSL’s, and amazing support. I only have three spots available.

For someone just starting out or on a tight budget I use **Bluehost. I have to say that I have set up hundreds of sites on Bluehost and not once have I ever had a problem. Once upon a time, Bluehost was considered the bottom of the barrel in terms of hosting, but a few years ago they turned it around and I have to say that I’ve been very impressed with how hard they have worked to improve every aspect of their service.

Themes

I have always been a Genesis girl and **Studio Press is the place to get the best themes. A few months ago I had the opportunity to work with **Divi by Elegant themes and I have to say that I absolutely love it! It’s so versatile and easy to use and saves me tons of time. There are so many things included that you hardly need any plugins at all!

Plugins

Listen I know that those sneaky plugins get you where it hurts. I’m sure you have seen the notices in your dashboard ‘get this pro version’, ‘buy this’, ‘do that’.  Nine times out of 10 you don’t need it. There are free plugins for just about anything. My go-to plugins are:

  • Updraft Plus for backing up.
  • Wordfence for security.
  • Jetpack lots of things.
  • Akismet for spam.

If you’re using Genesis then I add:

  • Genesis Enews (optins)
  • Simple Social Icons
  • Simple Social Share

If you’re using Divi

  • Bloom (optins)

All of those are free & if there’s something you want just search the plugin repository.

Free Courses

From WordPress

WP Beginners
Neliossoftware

Hubspot created a blog post with 60 free online courses that you can take to improve your skills. If you don’t follow Hubspot’s blog you really should. There is always so much valuable information.

Would you like to learn more about Facebook ads? Here’s a great post by Insane Growth that explains it all.

Social Media

Social media is the bane of my existence, but it’s also a necessary evil. I build websites and create content with business tips for bloggers, entrepreneurs & small businesses. I get asked to try a lot of different social media scheduling tool and here is my honest opinion.

**#1 For me is Sendible.com. I run three different websites and manage several clients’ social media accounts. Scheduling blog posts and monitoring keywords that I set up, even monitoring my competitor’s social media accounts. If you run multiple blogs or social media accounts

Sendible is the best.

Most places make you pay per account so for three sites I would have to have three different accounts. I would only be able to pick up one RSS feed unless I had three different accounts.

I could not run my business without Sendible!

Sendible is different. I have a set number of services I can set up and it doesn’t matter how many RSS feeds you pick up and auto-posts new pieces. You can schedule them to repeat however many times it’s all completely up to you. I post to five different FB pages for various people and with Sendible I can do it automatically saving myself lots of time.

Then there is **Tailwind

I love using it for Pinterest.

I know I’m not taking full advantage of the features but what I am using I love. BUT  I don’t like them for Instagram. I tried it I really did, but it was just too confusing and I wasting to much time trying to figure it out.

A few years ago I bought a lifetime membership for Grum.co for only $39 and I love it for scheduling Instagram posts. That’s all it does Instagram, but it’s so easy to use. Unfortunately, they are no longer taking on new customers. If I didn’t have this I would make the time for Tailwind, but this one is just to easy and it’s a lifetime purchase.

CoSchedule

I love Co-schedule I really do, but because of the limitations of only having one site on one account, I just can’t justify that expense when I have other options. It offers a boatload of features and it’s easy to use.

There is really no “free” service for scheduling your content. You can use “Publicize” inside your WordPress site and it will automatically post to FB, Twitter, & LinkedIn.

I know that Buffer offers a free version but I’m not sure of its limitations. I’ve always found it too confusing to use.

If you’re going to spend money this is one of the places where I say if you can pay for it then get it. A good social media scheduler can save you loads of time while helping you build your tribe.

Email Marketing

In today’s 24/7, 100mph world if you’re not marketing through email then you’re leaving a lot of money on the table. You should absolutely be sending a welcome email sequence & sending out an RSS to your subscribers.

A few months ago, I was singing the praises of **Engagebay and I learned a very valuable lesson. Sometimes quick decisions can be the wrong decisions. It can send beautiful emails, there are tools for marketing, sales or service. I feel as if it is an excellent platform, but it just didn’t fit my needs. The main problem was the RSS emails. There just wasn’t enough flexibility and I actually sent out a few crazy emails before I gave up.

If you’re running a small business then I cannot recommend Engagebay enough. It’s beautiful, easy to use and handles so many tasks. It’s also affordable. Here is a link to their Youtube channel which has a lot of info about its features. It’s a great platform I just tend to have a problem with change I guess.

So, I’m back at MailChimp and that’s where I’m staying! I know my way around, it’s easy to use (most of the time) and it’s cheap. They have changed things and unless you have a paid account you are limited in what you can do. Such as only having one audience(list), limitations on automation, etc. I pay for The Blogging 911 account and use the free version for Wanding Web Designer & The Diary of an Alzheimer’s Caregiver my other two sites. The paid version runs me $9.63 a month.

Have you seen my the MAILCHIMP EXPLAINED ebook in the 911 Resource Library? It’s just one of the many free resources inside.

 

 

I’ve worked with ConvertKit before and it is easy to use. I didn’t like the design limitations and figure if I’m going to spend $30 a month it needs to have a lot more.

Running your Business

There are several tools that I use every single day to run my business. Some are free (well most are free) but they are still necessary. Tools such as:

  • 17Hats – is an all-around scheduling tool, lead capture forms, templates such as contracts or estimates. It runs $39 a month for all of its features and there are many. I personally only use the free version because I use the templates & lead capture forms (those project inquiry forms you see around here).
  • Acuity Scheduling – If you need an easy way for people to schedule appointments I highly recommend Acuity. Their free version has always been more than enough for me.
  • Asana – This is my project management tool and it keeps me on track when I’m building out a new site, managing other projects or even just things I need to do. There is both a free and paid version and I’ve always found the free version more than enough for my needs.
  • Canva – There is a free version of Canva that works very well. I use Canva almost every single day and I love it for it’s easy to use dashboard, to the free and paid elements like stock photos, icons, frames, colors, and fonts. For this, I splurge and get the paid version so that I can store my own logos, my fonts (up to 25) and my brand colors for $12.95.
  • Google Drive – Also free. I use it to store all of my clients’ assets. I like how easy it is and it works great with Gmail which is another great free tool. I do use the paid version of this and it runs $6 a month and I have tons of storage and it’s easy to use.
  • One Drive – This is part of my Microsoft subscription which is about $7 a month. This is where I keep all of my assets. (Such as stock images, templates, or other graphics).
  • Dropbox – This is where I store all of the backups for my clients & my own personal websites. This costs around $10 but they’ve added a bunch of new features.
  • Screencast-o-matic – This another thing I purchased from Sumo. It was a lifetime subscription for only $39 and I use it whenever I need to make tutorials or other videos where I share my screen. It’s something I purchased on APPSUMO.
  • APPSUMO – is a great place to find great deals on products or services to run your business! They always have freebies or lifetime deals that will save you tons of time and money.

Know some great tools that I might not know about? Let me know in the comments below.

** Means that it is an affiliate link if you purchase a service, with the (**) beside it, means that I will earn a small commission that will in no way affect your cost.

9Shares