Hardening WordPress Languages: Deutsch • English • 日本語 • Italiano • 한국어 • Português do Brasil • (Add your language) Security in WordPress is taken very seriously, but as with any other system there are potential security issues that may arise if some basic security precautions aren't taken. This article will go through some common forms of vulnerabilities, and the things you can do to help keep your WordPress installation secure. This article is not the ultimate quick fix to your security concerns. What is Security? Fundamentally, security is not about perfectly secure systems. Website Hosts Often, a good place to start when it comes to website security is your hosting environment. Qualities of a trusted web host might include: Readily discusses your security concerns and which security features and processes they offer with their hosting. Decide which security you need on your server by determining the software and data that needs to be secured. Website Applications Security Themes Limiting access Containment
8+ Awesome Plugins for Safely Moving WordPress There’s a lot of love for this free plugin, which allows you to duplicate, clone, backup, move and transfer an entire site from one place to another. Duplicator has racked up more than 480,000 downloads and has received an average rating of 4.9 stars on the WordPress Plugin Repository. That’s a lot of happy people. This plugin is made by developers for developers. Duplicator is currently in beta and comes with the disclaimer that while it’s been heavily tested, it does require “above average” technical knowledge. Duplicator gets a lot of love from me, too.
Hide Your WordPress Login from Author Archive » IT Pixie | Your Personal IT Helper You here: Home » WordPress » Hide Your WordPress Login from Author Archive Did you know your WordPress login username can be leaked quite easily via author archive page’s permalink? The important part here is /author/username/, as this is where your login username could be leaked. When you create a new user on your WordPress site, you assign this user a username for login purposes. There is a field in your WordPress database called user_nicename, which is found in the wp_users table. user_nicename is populated with the login username as the user is created. WordPress uses user_nicename to put together the author archive page permalink. For example, you’ve created a new user called testuser. So a hacker can look at the URL and guess that the username for Test User could be testuser. By changing user_nicename to something very different from your actual login username, it becomes more difficult for hackers to figure out what the login username is.
WP-Optimize We’ve built WP-Optimize around the most advanced and powerful caching technology. Our caching tests and feedback from real-world users show that the caching feature alone can make your site faster than any other cache plugin or optimization. See these speed test results. Yes; optimizing does not involve any “tricks” or poking around in dangerous ways. This is a “how long is string?” In our support forum, here: This is rare; it’s probably because you’re with a shared web hosting company that doesn’t allow scripts to run an optimize command via SQL statements (SQL “OPTIMIZE” instruction). Yes – WP-Optimize is WordPress’s #1 most-installed optimisation plugin, with over 800,000 users and a pedigree going back over 8 years. WP-Optimize will disable some features if it detects InnoDB tables. Not unless you have an existing backup. The plugin is an ongoing work; that means that it is impossible to rule out unforeseen situations and bugs. Yes!
The Best WordPress Membership Plugin in 2014 Is there a way to know the best WordPress membership plugin? I know it’s crazy to think that you could figure out the best WordPress membership plugin without knowing a specific site’s agenda. It’s why I always tell people that while I can create a map, the route you take is based on your own destination. That said, I have spent the last couple of years working with small, medium and very large engagements on membership projects and I’ve refined the criteria to six core features and two additional dynamics (ease of use, speed to learn). I spoke about the six core features on WP Sessions, and you can still check it out. Understanding the 8 Criteria If you don’t get a chance to see the hour-long presentation I created on WP Sessions, here’s a five minute version of what the criteria is. Comparing the top 8 membership plugins While I have created an infographic, I also put the comparison into a PowerPoint presentation to make it easier for you to take with you. The Infographic The Winner
BackWPup Free - WordPress Backup Plugin The backup plugin BackWPup can be used to save your complete installation including /wp-content/ and push them to an external Backup Service, like Dropbox, S3, FTP and many more, see list below. With a single backup .zip file you are able to easily restore an installation. Please understand: this free version will not be supported as good as the BackWPup Pro version. With our premium version you get first class support and more features. In case you need to comply with the new GDPR regulation, check out our post BacKWPup, Backups and GDPR. Requirements WordPress 3.9 and PHP 5.3.3 required! Our friends at OSTraining have done a tremendous job with their video tutorials on BackWPup. (Are you a WordPress novice? Remember: The most expensive backup is the one you never did! Get the BackWPup Pro Version with more features. Made by Inpsyde · We love WordPress Restoring backups made with BackWPup can be done multiple ways. Solution #1 Solution #2 Solution #3 Yes. Yes. Read all 965 reviews Version 3.3
2015 Top 40 WordPress Plugins | totallysales Online My popular all new 2015 totallysales WordPress plugins list is here! If you want your WordPress website to be at the top of the game then here are my latest suggestions of “must have” premier plugins to help you get there. All of these plugins have been used on my websites from this exhaustively researched list at one time or another. Note: Chris Lott, lottspace.com and totallysales.com are not responsible for any issues with your website or other plugin incompatibilities after trying the below plugins. Always make a backup prior to using a new plugin. 1.) .html on PAGES: Adds .html to pages. 2.) 3.) 4.) 5.) 6.) 7.) 8.) 9.) 10.) 11.) 12.) 13.) 14.) 15.) 16.) 17.) 18.) 19.) 20.) 21.) 22.) 23.) 24.) 25.) 26.) 27.) 28.) 29.) 30.) 31.) 32.) 33.) 34.) 35.) 36.) 37.) 38.) 39.) 40.)
P3 (Plugin Performance Profiler) This plugin creates a profile of your WordPress site’s plugins’ performance by measuring their impact on your site’s load time. Often times, WordPress sites load slowly because of poorly configured plugins or because there are so many of them. By using the P3 plugin, you can narrow down anything causing slowness on your site. This plugin uses the canvas element for drawing charts and requires requires Firefox, Chrome, Opera, Safari, or IE9 or later. This plugin will not work in IE8 or lower. Automatic installation Log into your WordPress adminClick PluginsClick Add NewSearch for P3Click Install Now under “P3 (Plugin Performance Profiler)”Activate the plugin Manual installation: Download the pluginExtract the contents of the zip fileUpload the contents of the zip file to the wp-content/plugins/ folder of your WordPress installationThen activate the Plugin from Plugins page. Open the Tools menu, then open P3 Plugin Profiler then click Scan Now. First, get your site back up! Read all 394 reviews
25+ Must-Have WordPress Plugins for 2014 Every WordPress developer has a toolkit of plugins they can’t live without that usually includes solutions for caching, security and adding other improvements that build on WordPress core. That’s the great thing about WordPress – in the WordPress Plugin Repository alone there are more than 30,000 plugins that build on core, allowing you to bend the software to your will. But with so many free and premium plugins available, how do you sort the good from the bad? Below is a collection of essential plugins, all chosen based on their usefulness, quality and popularity. Is your favourite plugin on the list? Details W3 Total Cache is one of the most popular caching plugins for WordPress. A well-regarded alternative is WP Super Cache, which is often thought of as an easier version of W3 Total Cache. Details Jetpack supercharges your site with a collection of powerful features, such as site stats, email subscriptions, forms, social networking and more. Details Details Details Details Features include:
WP Content Copy Protection WP Content Copy Protection is a simple, yet aggressive plugin that uses multiple, aggressive techniques in protecting your content from being stolen. Some of the most common copy methods (via mouse, keyboard and browser), such as right-click, image dragging/saving, text selection/drag/drop, source code viewing and keyboard copy shortcuts, such as CTRL A, C, X, U, S, and P are disabled with this plugin (to name but a few). This is a plugin with teeth - an absolute must for any business owner, blogger and WordPress site owner who is serious about protecting his online content! Simple, effective, lightweight! It works! Basic Features Our Pro Features (Windows, Mac OS X and Linux Compatible) See our Pro Edition in action While this will most certainly help protect your content, do remember that there are many other means one could use to get their hands on your content without using the context menu.
How to Fix the Internal Server Error in WordPress If you have been surfing the web for more than a year, then you probably have seen the HTTP 500 Internal Server Error at least a few times. Internal Server Error is one of the common WordPress errors that can put a WordPress beginner in panic mode. Panic is the worst reaction you can have. Why do you get Internal Server Error in WordPress? Internal server error is not specific to WordPress, and it can happen with anything else running on your server as well. Lets take a look at how to go about troubleshooting the internal server error in WordPress. Video Tutorial If you don’t like the video or need more instructions, then continue reading. Checking for Corrupt .htaccess File The first thing you should do when troubleshooting the internal server error in WordPress is check for the corrupted .htaccess file. Once you have renamed the .htaccess file, try loading your site to see if this solved the problem. Increasing the PHP Memory Limit Deactivate all Plugins Re-uploading Core Files