Securing WordPress

Securing WordPressHow do I secure my WordPress site? I see this question being asked quite often, so I thought that I would take sometime to cover at least some of the basic steps to take in order to secure your WordPress blog. Most of these steps are quite easy to take care of on your own, and if you’re not sure how to do it yourself it should be fairly easy to find somebody that will help you out for a couple bucks.

Not only will this help you out and possibly save you some headaches in the future, but it could make all the difference for your users as well. If something happens to your site it means that you will have to spend hours cleaning it up and getting it back to the way it was and is supposed to be (headaches). However, you’re not the only one that is being affected here. Your visitors will also be affected, when they visit your site they are exposing their computers to harmful content, and this could also come back to effect you in the long run as you may loose visitors because your site wasn’t secure.

Let’s dig in

The first and easiest step to take is making sure that your WordPress Core is up to date with the latest version. The team over at WordPress working on the core go through a lot of trouble keeping everything updated, and quickly clearing up any security issues that might have been found or uncovered. They have also tried to make it as easy as possible to update, you still should back everything up before attempting an update but non-the-less a core update is a one click process.

I’ll admit that I am and have been guilty of avoiding core updates, because a plugin that I use wasn’t compatible with the latest version. Sometimes you may be able to get away with doing this but, it’s a risk that shouldn’t be taken. Even if you can’t write code, it might be possible to make a donation to the plugins author in order to get the process of updating the plugin done more quickly.

Next up, themes and plugins. These also require updates from time to time, plugins for the most part shouldn’t be any big deal to update. However, some of them can be found to have security issues; in this case they are pulled from the directory right away until they are fixed. If you find that this is the case for a particular plugin you have installed it would be best for you and your site to disable and remove the plugin as well to avoid exposing yourself to any potential security threats.

Themes on the other hand, you may find yourself avoiding an update because you made some modifications to it on your installation. I have been guilty of this on myself. The good news is that there is an easy way around this with child themes, if you want to make any changes to a particular theme just go ahead and create a child theme and make your changes in there. If you go about doing things in this manner you can easily update any changes to the parent theme without having to worry about the looks or function of your site being effected.

Lastly on the themes and plugins note, if you have a bunch of disabled themes or plugins stilled installed just sitting there is would be best to just go ahead and fully remove them. Fully removing them is the only way to make sure that they can’t still be exploited, if it comes out that there is a vulnerability in a certain theme or plugin every “hacker” and “script kiddie” out there is going to be hunting down WordPress sites and checking to see if they have the vulnerable theme or plugin on the server.

Next up, is doing your part to make sure that everything is secure as it can be. What does this mean? It means that you should do your best to pick out a password that would be hard to crack and than storing it someplace safe. To make sure that your password is even more secure you should consider changing it often.

Lastly, if you’re able to do so it would be best if you change the default admin login name. Everybody is sure to know right away that the login username is admin by default. By changing this it will give your attacker one more hurtle to overcome before getting into your blog (some themes give this away with links to the author page).

If you follow these simple steps you can make sure that your WordPress blog is secure as it possibly can be. These steps shouldn’t be to hard to follow or execute, however some of them do require a little bit of technical knowledge so if you find that you aren’t able to figure one of the steps go ahead and find somebody trustworthy that can help you with this.

New Free WordPress Theme: TwentyTen Plus Two

Seismic Themes is happy to announce a new WordPress theme today. It’s based on the TwentyTen Theme and looks very much just like it, however it does have some major upgrades that improve on the already great theme. First let me show a screenshot of the new theme and then I’ll tell you a little more about it.

This great new theme is built so that’s it’s responsive all the way down to mobile. We didn’t mess with the max width, which is still set at 960 pixels. Next we set about adding some jQuery and JavaScript features that would really make the theme pop.

The first jQuery feature was to add a search input to the main menu, which I personally think looks really good. But, if the screen size decreases to much the search switches back to only being available in the side bar.

Next up we added an easy scrolling feature, so that your sites visitors can easily reach the top or the bottom of your page/post with just one click. This automatically changes based upon their scrolling position.

What if they don’t have JavaScript Enabled?

That’s a great question, but we have you covered. If it turns out your visitors don’t have JavaScript enabled they won’t see any more than the original TwentyTen WordPress theme.

The best part of all of this is that it’s all free. Go ahead download it, give it a try and see if you like it. I think that you’ll find that you will and so will your visitors.

The Importance of a Website’s Design

The Importance of a Website's DesignFirst impressions count, just like many other things in life the impression a user will get of a website will first come from the way the site looks. A study conducted by Dr. Gitte Lindgaard at Carleton University in Ontario showed that most users will form an opinion about a website within 1/20th of a second, which means the design of a website is very important when it comes to its success.

This doesn’t mean that the look of a website is the only thing that matters, and will be the only thing that keep visitors coming back time after time. However, being that it will be the first thing visitors see and will be what they form their initial opinion on. It better be a visually pleasing design.

When it comes to site design it best to leave it to the professionals or at least really take your time and think things through.

What does this mean?

In particular this means think about what is being placed in the design and whether it really needs to be there. Does it improve the design or turn it into a cluttered mess?

Professional web designers will keep in mind that users will look at certain part of a web page expecting to see a specific element, and they know that if the visitor doesn’t see what they want they will quickly become frustrated.

Another important thing to keep in mind is the use of white space, they is such a thing as to much clutter when it comes to a web page. Also it’s important to keep in mind that to much white space isn’t good either. There’s a fine line that must be found and stuck to when it comes to designing a web page.

In the coming days and weeks, I’ll be putting together more posts, better describing the proper way to plan out and design a web site. Covering positioning of elements on a web page, choosing the right colors, and discovering who the audience of the website will be. So be sure to add the blog to your feed reader so you can keep up with all the latest and greatest news and info.