WordPress Plugins To Use

Recommended WordPress Plugins

WordPress is among the most well-loved and often used blog and content management software in the world. One of the most commonly asked questions about WordPress by the new user is what they need so far as plugins and add-ons to the CMS.

Several wordpress plugins are really recommended, not the least of which are SEO plugins for WordPress.

WordPress by nature is very SEO friendly. It can stand on its own two feet–as it were– when it comes to search engine optimization. One way to give WordPress a little added boost is by the use of an SEO plugin to assist you in becoming more visible in search.

WordPress Plugins For SEO

The top SEO plugin that is in use today for WordPress is All in One SEO. This is a free plugin, created by the open source WordPress community. It offers you the ability to send the title and the keywords that you want to the search engines attached to the posts and pages. All in One SEO is a plugin that is available to everyone and is supported by a WordPress community numbering in the hundreds of thousands.

While SEO is important, it is not the only aspect of WordPress with which you might need assistance.

Among the other WordPress plugins which can assist you in creating a higher level of visibility are several which make your WordPress website more interactive.

Mingle Forum plugin for WordPress allows you to set up a bulletin board type forum for your customers and readers. They may ask questions, get answers, and interact with other forum members to share information. The posts are widely viewed in search and are helpful both in getting your site viewed more often and in keeping your traffic on your site interacting with each other.

WordPress Plugins for Security

WordPress visibility typically means that you’ll require more security. Among the most important plugins and tools for WordPress are those which will help to make your high profile WordPress website more secure.

Login Lockdown is one such tool which is recommended for every website built with WordPress. While WordPress is a remarkable tool, it has one issue that should be immediately addressed by every website owner. WordPress, by default allows that someone can try to log into your website as many times as they want to attempt it. One issue with that is that when they are using software to attempt to brute force a website or find a password, it can be very successful if the person who is attempting it has the ability to try hundreds of times. What the Login Lockdown password does is to limit the number of attempts that someone may try to log in. You specify the number of times they may try to log into the website. If a single ip address tries more than the allocated number of times, the WordPress site locks down that IP address and will not let them log in for a given time span. You specify the time span, making it from ten minutes up to 24 hours.

There are several other recommended WordPress plugins that we use and suggest that our customers use, including a firewall or Wordfence plugin, which we’ll add to our post list on a regular basis.


Securing Wireless Networks

One of my consulting clients had an issue today that we were asked to solve. Because it is a very common issue–in fact more common than you might think, I wanted to address it.

Today the vast majority of Americans are using wireless networks with which to connect to the internet. Sadly, many are not aware that there are others making use of their wireless network.  As regards your wireless network,  it may not be something that you consider, but if you’re not securing wireless networks you are permitting others to take advantage of what you’re paying for. Additionally, if you’re not securing your wireless network, you are permitting others to accomplish things on your network for which you may well take the blame if you don’t prevent it.

Take your own steps to prevent access to your wireless network. It’s simple and easy to increase the security of your own wireless.

If you’re not using your wireless internet, shut it off. Turning off your wireless access point overnight is relatively easy. Most of the time, you’re not going to be using it while you’re sleeping. Turn it off. If you aren’t using it, there is precious little reason to keep it functioning.

Password protect it. Turn on WEP or WPA password protection for your network. It isn’t foolproof and there are ways to bypass it, but it’s going to be far more secure than if you do nothing at all. Password protect your media server, your router and any game style platforms that you might have on your network, such as Wii, Playstation or Xbox.

Consider the location of your wireless router. Typically people place the wireless router near a window or near the wall where the wires come through your wall. Take it away from that area and move it more toward the center of the house so that the signal strength to the sidewalk, street or other areas is lower and you’re covering your own intended area rather than helping a stranger to use your network.

Taking these steps isn’t going to stop everyone from gaining access to your wireless network by any stretch, but it will help immensely to prevent the driveby type network access.

Customer Privacy – Cisco Strongarms Their Users Into the Cloud

In a move that has alienated myriad customers, last week Cisco strong-armed companies and individuals who are using their hardware–quite literally forcing them “into the cloud.”

Rolling out–or rather pushing– an update to their firmware for the Linksys Routers EA2700, EA3500, and EA4500, Cisco forced them to sign up to their Connect Cloud in order to access the features.

The routers are shipped to consumers with an option selected by default that offers the consumer an automatic firmware update. The issue is that at the same time Cisco has amended their privacy policy to state that even if the customer un-checks that automatic update, they will still update some components, denying you the right to choose what you want to do with a product that you legally purchased.

In further changes to the policy, Cisco will be keeping track of your information and holding on to information such as the health of your home network, the products that you own, what applications you are using and what features you’re using, as well as your network traffic, your internet history and any errors that you may hit along the way. In addition, according to the Cisco Connect Cloud, your account can be shut down if at any time while legally stealing your information, they find that you are infringing on any rights, looking at any pornography, or infringing on intellectual property rights.

Does it sound to you like perhaps Cisco climbed into the cloud with the media companies along the way?

In addition, Cisco may discontinue your account at any time they want, shutting you down after snooping on your download history, your network and taking absolute control of the hardware that you own.

Cisco did a minor backpedal telling users how to roll back to the old firmware, but it was minor indeed, dealing with the information collection, however that hasn’t been enough to satisfy many customers some of whom relate that they will be moving to other, and often cheaper– router companies which will be more considerate of their privacy.

In a time when privacy is of premiere concern to clients and to individuals, companies with good business sense are paying more attention to the consumer. Even Google has not compromised their paying customers as completely… Hats off to Cisco–who finally managed to best the G-man at something.

The Security Risks of the Connected Home

Home Security Risks

Through the use of our smart phones, TV’s, computers, mobile devices, home appliances, lighting and music systems, more and more of our homes are linking all of this equipment to produce the “connected home”.

All this connection poses significant security threats because of software vulnerability and the lack of even basic security measures like encryption of the link to the Internet and administrator passwords that are strong and complex.

How Secure is Your Connected Home?

By conducting a security check of his own home, David Jacoby, a security analyst for Kaspersky Lab, found that many of the devices he has are vulnerable to hackers. Mr Jacoby found that his network-attached storage (NAS) devices such as routers, smart TV’s, Blu-ray players, among others, all had vulnerabilities, although some were not that easy to find.

He said that not only companies but individuals need to be aware of the security risks involved in connecting our devices. Strong passwords help but there are many other elements over which we have no control. Hackers can, very quickly, get into many of these devices, even those that appear safe or claim to be secure.

How To Improve Your Security

There are some simple steps that will help protect your equipment and data from those who are eager to steal whatever they can from you.

  • Make it harder for hackers to exploit known security holes by regularly updating security, firmware, antivirus and malware software on all of your devices.
  • Home switches and routers have options for setting up a network for each device and restricting access to other devices on that network. For example, you can restrict the access your smart TV has to any other resource such as an external hard drive or printer. By doing this, you reduce the number of resources that a hacker can access.
  • Change the default password and user name on networking equipment and modems since these are often the first point of entry for a hacker’s attack.
  • Regularly change your passwords on mobile devices, and make them difficult. Use a combination of upper and lower case letters, numbers and symbols. As more of us use smart phone apps to control the equipment within our homes, this is one simple way to keep hackers out.

While connected homes are still in the future for most of us, inter-connectivity is rapidly coming as we spend more on technology each and every year. Along with the lack of technological integration, security is still the major drawback for the connected home.

Hardening Your WordPress Installation Using WordPress Plugins

How To Harden Your WordPress Installation

Wordpress, by virtue of the ease of use and the many different ways in which it can be used are truly amazing. The only real issue is that WordPress, by default allows you to attempt to gain entry through the admin control panel an unlimited number of times. In addition, unless you are diligent in keeping your account up to date, you won’t be protected from any security flaws that may rear their head. It is important then to harden your WordPress installation by the use of several very good plugins that can keep your site or your client’s sites more secure.

using wordpress pluginsThe first of the recommended WordPress plugins that will help to harden WordPress against attack is the Login Lockdown Plugin. What this does is to limit the amount of times that anyone can try to log in. You can specify the number of times that people can try to log in in the Lockdown control area. You can also black list an IP there. Typically I set my number of login attempts to about 5 times. If the attempt is made more than five times in any given time span, such as may happen when someone is attempting a breach with software, the login lockdown plugin will halt the process and lock out the offending internet protocol address for a span of time that you specify. You can choose to lock that ip out indefinitely or for 3-6 hours.Bear in mind that this also is effective for you so make sure that you have a good handle on your own password.

WP Malwatch is another recommended WordPress plugin. While it does not specifically lock out offenders, it does alert you to file changes in specific locations and email you if those files change so that you will get an immediate heads up so far as who is trying to change what. It scans nightly or at a time that you specify.

WP Firewall is a solid software firewall that does some very incredible work so far as really locking down your WordPress quite nicely. It will defend against sql injections and several other varieties and while it may not keep out every offender, we’ve found that it works in about 80% of the attempted attacks against your WordPress. One of the most well rounded and well build wordpress defenses, Wp Firewall is a must have if you’re running wordpress on your website. It can save you a vast array of headaches.

Another of the defensive plugins that can do great things for your WordPress site is Bulletproof Security.BulletProof Security protects your website against XSS, RFI, CRLF, CSRF, Base64, Code Injection and SQL Injection hacking attempts. One-click .htaccess WordPress security protection. Protects wp-config.php, bb-config.php, php.ini, php5.ini, install.php and readme.html with .htaccess security protection and even allows you to do one-click Website Maintenance . If you’re serious about protecting your WordPress Bulletproof  will offer a wide array of help with that process.

Each of the mentioned WordPress plugins here are free of charge and are updated and maintained by the wordpress community and the plugin maker. Getting them on board can save you a lot of work and heartache. Take steps to harden your wordpress installation using some terrific open source plugins before you add all of your hard work and effort to the site.