Loading...
Musings + Tutorials2018-07-06T06:56:42-05:00

3 ways to Help Keep Your WordPress Install Secure

Alert! Alert! Malware Detected!

This week, we had a fellow student of ours get Malware installed on their webserver. Our awesome hosts over at QTH.com caught it and deleted the install before others were infected. It turns out, weak login credentials and default email address usage was the way in. It was a good reminder on making sure to keep things as secure as possible. With wordpress being such a popular platform, it also makes it a popular target with the bad guys. They will always try to find a way in, but let’s not make it any easier for them.

The following post will walk you through the steps of helping to minimize the risks.

Tip 1: Delete Unused Installs

The most effective way to stop a bad guy from accessing a WordPress site is to delete the install if it isn’t needed. If we have any test installs or old staging environments that are no longer being used, get rid of them, ASAP.

  1. Login to cPanel
  2. Scroll down to the scripts area
  3. Click on WordPress
  4. This will launch the WordPress area of the Softaculous App installer
  5. Scroll down to see your WordPress Installs.
  6. Click the big Red “X” next to the installs you no longer need.
  7. On the next screen, confirm the uninstall.

Tip 2: Update your Admin password and Email Addresss

If you need to keep your install, but used a weak password and/or default email address during the install process update those credentials.

  1. login to your wordpress site (yourdomain.com/wp-admin)
  2. On the dashboard click on the Users Tab.
  3. Hover over the users name and click Edit
  4. Scroll down to the email form element. The email can be used in place of a username during login, so if this looks like a default, bad guys can figure it out easily. You should update it to your real email address.
  5. Next scroll down to the password form element
  6. Click Generate password and remember what they generate for you, or update it to the password of your choice.
  7. Then click the update profile button

Tip 3: Create a new Administrator Account

WordPress doesn’t let you change the name of usernames. So if you want a more unique username, just create a  new user with an administrator role, and delete the original. This also lets you add a new password and email address at the same time.

  1. login to your wordpress site (yourdomain.com/wp-admin)
  2. On the dashboard click on the Users Tab.
  3. Click the Add New button
  4. Fill out the credentials of the new user.
  5. In the Roles dropdown, choose Administrator
  6. Click the Add New User button

With the new user added, go to the upper right hand corner and logout of the current session. Since you can’t delete yourself, you have to log back in as the new user that was just created.

  1. logout of your current session
  2. login as the new user
  3. Hover over the original username
  4. click the red “delete” button
  5. Attribute the content to a new user if desired
  6. Then confirm deletion.

Conclusion

There will always be bad guys trying to do bad stuff with our tech. As long as the popularity of WordPress remains high, so too does the incentive of these bad guys to try to break into our sites. In addition to the steps above, you will want to make sure to update your themes and plugins in a timely manner. Just make sure to back-up your site and to check compatibility before doing so.

Gradient and Eyedropper

Have you ever wanted to sample a specific color from an object or photo in Adobe Illustrator with the Eyedropper tool and apply it to a color stop on the gradient slider? If so, you’ve probably discovered there’s no obvious way to do so. Here’s how it’s done:

Dropbox:
PDF to iPad Without the Cord

If you’re looking for an easy way to get PDF documents from your desktop computer to your iPad, without messing with cords or the hassle of iTunes, this tutorial is for you. First thing you’ll want to do is to check out Dropbox. Dropbox is a free and secure service

Load a PDF into Apple’s iBooks

With increasing customer demand and questions surrounding “will your books work on the iPad” I’ve been able to get a test device through work. The most asked question is how to actually “get” the books onto the iPad. There are a couple ways, but the easiest in my experience is

Droid 2 Hard Reset

I recently got a droid 2 to use as a test device as I begin experimenting in mobile application development.  I wanted to start with a fresh slate and eliminate all of junk applications and settings that were previously loaded on the device. Having gotten the device second hand, and

What the Flash!

To most, Flash is just something online that lets you see really cool websites and videos. Many people have heard the term “Flash” being thrown around in the media over the summer. To my delight, this extra media coverage has gotten a few of my students, friends and colleagues asking

The Catalyst Commitment – Weeks 1 and 2

Week 1 June 1 Brainstormed some ideas of where I could start looking for resources. Decided I wanted to focus on the social channels, where the information would be brought directly to me, along with online video training via Adobe TV and Lynda.com. June 2 Went to Facebook and Twitter

VIEW RECENT WORK

Let’s Work Together

TELL ME MORE ABOUT YOUR PROJECT

You’ve made it this far, why not reach out and see where things go?

LET’S TALK