Archive for July, 2013

How to fix wordpress security issues & vulnerabilities

Thursday, 25 July, 2013

WordPress is the most commonly used blogging application today and it provides a great platform to all users who want to express their thoughts through the blogs. Being such a popular content management system, its security vulnerabilities are also popular among webmasters. The WordPress users are always concerned about it and it has become a prickly issue now a days. WordPress websites has now become more victimized for its security vulnerabilities, but does it mean that WordPress is not at all secure? Do people have to stay away from using WordPress because of these security concerns? Certainly NOT. Just like any other CMS system, WordPress installations also have its own security concerns, but still it is the highly preferred blogging application worldwide among the masses. To not to be the victim of hackers, as a webmaster you just need to educate yourself about wordpress security.

This article is going to present you with some important tips to improve wordpress security, and about various security plugins that can protect your WordPress site from possible hacking attempts. All these tips presented are simple to make and it will make sure that you have a pleasant and trouble-free blogging experience.

First, we will look at some key security tips and then we can look into some plugins that can secure your WordPress blog even more.

Some security tips that can help

Given below are some important tips to improve your blog’s security.

Choose a strong password

Do not opt for some silly usernames and weak passwords. Make your login credentials as complex as it can, so that the hackers should have a tough time in finding it. It may look like a simple tip, but the fact is most of the attacks are happening because of weak login and passwords. Hackers can easily crack simple passwords. A strong password must include some special characters, symbols, numbers, Upper and lower case letters. Also you must make sure that you change your password too often.

Set a limited login attempt

Generally, the hackers try to login to your account through different tries using different combinations of usernames and passwords. Finally at some point, they will get it correct. Therefore, it is necessary to restrict the number of login attempts to your blog admin using a plugin. When the hacker tries to login more than the limit you set and all the attempts go unsuccessful, they cannot do anything than to leave your account.

Always have an updated version

You should make sure that your wordpress installation is up to date. Most of these updates contain important security patches. Themes, plugins everything should be up-to-date. You should refrain from downloading free themes and plugins from other unofficial sources. It is advisable to download plugins and themes only from the official WordPress repository.

Delete unnecessary clutters

You should conduct occasional clean up activities in your account, by removing all unwanted plugins, themes, spam comments and trackbacks etc… It’s always good to keep your account clean, simple and less prior to the hackers.

Backup your site

Always have a backup in your personal PC or at different server, so if your site is hacked, you can simply restore it in no time from the backup and go ahead.

Free CDNs

CLoudflare and Pagespeed service by Google are the two popular free content delivery networks (CDN) that are efficient. CDN blocks all the unnecessary traffic to your site and ensures proper security.

Configure .htaccess

WordPress security will be at its best through configuring .htaccess (HyperText access). It lets you override your server’s default setting for the directory that has this file. With this, you will have limited file access ensuring proper security. However, configuring .htaccess is a serious task and if you are not well in coding, then go for the plugin named WP htaccess control directly from the WordPress repository. .htaccess configuration for WordPress security is a big topic and you have to gain proper knowledge about it before attempting.

These simple steps can help you prevent possible hacking attempts. However, the hackers are continuously working to steal your identity and benefits. To stay ahead in the race, you need to be little more updated. The following plugins will help you in the process by quickly fixing all hidden security vulnerabilities.

WordPress security plugins

Here are some useful WordPress plugins that can help you improve your wordpress website’s security.

WP security scan

This plugin is for checking your site for the presence of any security exposures and suggest some corrective actions based on the results.

WP-DB manager

This plugin is for managing your WordPress database. It maintains backups, repair and optimizing works of your databases automatically.

6scan security

Even before the hackers achieve the security loopholes of your site, this comprehensive plugin works beyond the protection rule to find out whether your site has any security loopholes for the benefit of hackers or not.

User locker

Assign the number of times you can perform a login attempt to a site through this plugin. If the limit is exceeded, the account will get locked automatically. You can unlock by contacting administrator with your personal and confidential info.

Limit login attempts

Similar to the previous plugin, it also limits the number of times the user can try login with unsuccessful attempts. After the limit, the IP address of the trying user will be blocked for further attempts. The user will be informed about this too.

Bullet proof security

This plugin prevents your site from major kinds of hacking attempts that include RFI, XSS, CSRF, CRLF and Base64. No manual installations are needed and the plugin will configure itself.

Antivirus

It is an antivirus plugin used to protect your WordPress blog from all security issues, malware protection and spam issues. It will scan your site and send the reports directly to your mail daily. In presence of any virus or malware, the plugin will delete the same and clean up your account.

BBQ – Block Bad Queries

This plugin avoids unnecessary URLs that are being posted on your site. Similarly, the long strings that exceed the 255 characters limit are also avoided.

Bad behaviour

This plugin is used to avoid spam links being send to your site. It also avoids the spam readers to visit your site and read your content. If used with a better spam protection service, you can expect the best results from this plugin.

Wordfence

It is a free security plugin. You can use it for virus and malware scanning. It also acts a perfect firewall for your site. You can perform scanning of your site for virus detection in a high frequency range and for many number of times being a premium user of this plugin.

This is a guest post by Janice Noel. Janice is a wallpaper enthusiast and collects wallpapers for her websiteCulLogo.

Will tumblr become the next wordpress?

Wednesday, 3 July, 2013

In today’s internet-based society, blogging is on the rise. Thanks to the wide range of blogging platforms that are available for free today, almost everyone is utilizing blogging for both personal and business purposes. Among various blogging platforms  WordPress, Joomla, Drupal and Tumblr are on the top of the list.

WordPress is the ultimate winner, there is no doubt on that. But here comes the big questions, could Tumblr catch up with WordPress? Does Tumblr have enough capabilities to compete with WordPress, or even the popularity of Joomla and Drupal?

Of sure, it is too early for Tumblr to catch up with CMS giants like WordPress, Joomla or Drupal. However, Tumblr enjoys some unique and exceptional features which make it capable of beating a titanic CMS like WordPress and being the next CMS powerhouse.

It is worth mentioning that microblogging platform has gained more popularity since Tumblr’s birth in 2007. And because Tumblr really enjoys a strong foundation, it can head all other CMS platforms, even WordPress.

Let Figures Talk about Tumbr’s Capability

Although Tumblr is still in its youth with regard to WordPress, Joomla and Drupal platforms, it has a flourishing user-base with more than 52 billion individual posts. And with more than 900 posts being published every second, the platform actually attracts 300 million targeted visitors monthly. The previous mentioned figures tell a one sure fact, Tumblr is one of the fastest growing blogging and CMS platforms around.

By reading the above statistics in-depth we can realize how Tumblr is an exciting and powerful project.  So, Yahoo was smart enough to make the decision of acquiring the platform.

Why Can Tumblr be the next CMS powerhouse?

tumble - the next wordpressSince Tumblr enjoys unmatched simplicity, the probability of being the number one CMS is very high. It may just need some more compelling content management tools. By having more professional content management capabilities, Tumblr can efficiently compete with other CMS giants.

As a matter of fact, the blogging platforms and social communities are attracting people of all ages ranging from old people to youth, teenagers and even children.  And Tumblr offers a complete new level of simplicity to people compared to WordPress and all other CMS giants, most of them require a learning curve to just get started and more time to be professional user. On the other hand, Tumblr does not involve any configuration or installation, nor do you need to pay for enjoying a unique URL or hosting your site.

With all the above mentioned facts, Tumblr could effectively appeal to most segments of people. And as the Internet continues to grow, it is expected that Tumblr attracts more blossoming population.

Tumblr’s Social Integration

When it comes to talking about socializing, Tumblr can stand out from the crowd thanks to its outstanding social integration. It has numerous socializing tools and capabilities including, but not limited to, easy to like contents, easy to follow  certain content or user, easy to link up to Facebook, Twitter and other social communities,  the ability to re-blogging, etc. All in all, Tumblr has incredible community functions that allow it to be an exceptional socializing platform.

What features does Tumblr need to surpass other titanic CMS platforms?

Apart from the functionality and simplicity of Tumblr, there are some limitations and drawback of thesystem, let’s list them.

Page Layout & Customization Limitations

Tumblre has limited page layouts which is a prominent drawback. So, Tumblr needs to think twice about the available themes and page layouts. Only those who know how to create a custom HTML theme can enjoy better and more attractive page layout at Tumblr. In brief, Tumblr has some work to do in terms of design to beat the competition.

Poor Search Engine Optimization

Tumblr has another big pitfall; it is not capable of complying with search engine optimization strategies. However, all grand CMS comply with. Most people online like to have posts that can be optimized for search engines so that they can reach a wider range of visitors.

Additionally, Tumblr allows duplicate content through its re-blogging feature and this is what Google does not like at all.  And when it comes to ranking well in search engines, Tumblr does not apply any unique title tags, which is really a huge pitfall. For Tumblr to surpass other monster CMS applications, it is a must to think twice about search engine optimization features.

Lack Of Support For Self Hosting

Another drawback when comparing Tumblre with other popular CMS is the lack of ability to “Self Host”. Experts usually stress on the importance of getting your own private blog. Actually, there are big differences between creating a free blog and having your own blog, in another term, “self host” blog. In brief, self-hosting your WordPress blog is always the way to go.

Wrapping Up

Tumblr is a micro blogging platform that enjoys multiple functionality and simplicity features that really allow micro blogging to move from strength to strength. On the other side, However, Tumble lacks a lot of search engine optimization aspects. So, for Tumblr to reach a prestigious status and rival the likes of WordPress, Joomla and Drupal, it is a must to have some compelling search engine optimization strategies and also “self-host” feature.

After reading the above article about Tumblr and its powerful features as well as pitfalls, what do you think about Tumblr?  Has it the potential to compete with WordPress and be CMS powerhouse?

This guest article is written by Nick, who works for MarkupBox.com which offers PSD to HTML/CSS, PSD to HTML5 and software implementation services like PSD to Joomla, PSD to Magento, PSD to WordPress, PSD to Drupal, PSD to Email and much more. One Can also hire WordPress developers here for effective WordPress development services.