Monday, April 27, 2015

Your site has been automatically updated to the latest version of Wordpress

Wordpress software is quite user friendly. It even provides an automatic update feature, so you don't have to think abut it at all. Pretty cool, huh?! Or is it?

I received a call from a client today who had received one of those automatic update alert from her website, which is built on Wordpress. She had decided that her son was capable of handing the simple maintenance of her site, and she was working with on on her other internet marketing and presence. He son has set Wordpress to automatically update. In the last week alone, there has been three updates.

The problem is, that the update had a conflict something else that was installed on her website and now her website wasn't working. Some pages were goobly gook and others were totally crashed.

In a panic, she called and begged hoping there was a simple fix. The answer was maybe and sort of.

I asked a very important question - "When was the last time you did a full backup of your site?"  Her answer was the key to how easily (or not) her site could be restored.  Her website had been backed up only a month ago. Good.
However, since that time her son had made several updates to plugins, changed a few settings and then set Wordpress to automatically update. Not so good. In short, her update was outdated.

She was advised that it was still possible to restore her website to that previous backup, however, any changes her son had made since that date would not be included. And she would still have to  update Wordpress.

It's not uncommon for a conflict to occur between on outdated plug in and Wordpress. It's also not uncommon for two plugins to dislike each other. Some developers never update their plugin or offer support once it's been released.

Putting her site back online also meant she needed to troubleshoot what may have caused the conflict so it didn't happen again.

Fortunately for her we were able to get her back online in a few hours and our regular rush fee. The glitch was a conflict between an outdated plugin and the new version of Wordpress.  All it takes is one line of code to cause a conflict.  We found a few other questionable areas in the code of her old theme (we didn't design) that also prevent her site from converting well on mobile devices. That's an entirely different fix.

It's all good for her now. Her son now knows that although automatic updates can be convenient, they can also be costly.  He will be doing more backups now.

Your website is your brand online.  Regardless of how someone may have heard of your, they will attempt to learn more about you from your online presence.

 For assistance, training or consultation with your internet presence, call 800-569-8279



Wednesday, April 8, 2015

FBI warns, Wordpress sites are a target for malicious code and hackers

On April 7, 2015 The FBI issued a warning "Continuous Web site defacements are being perpetrated by individuals sympathetic to the Islamic State in the Levant (ISIL) a.k.a. Islamic State of Iraq and al-Shams (ISIS). 

WordPress hacking is not new. WordPress is attractive to hackers simply by virtue of being so popular. Over 60% of websites are build on a WordPress platform.

You need to know

If you delegate the management of your website to a company or person outside of your firm, you may not be aware of how much protection you have or need, and if you are getting it. If you are the one who is doing the work on a WordPress platform, you are aware of how many times a plug-in or theme needs an update. If you are running security software on your site, you may also see how many times an attempted hack has been thwarted, If you are not running security software on your site, you are simply opening yourself up to trouble.

Having an old, updated site is not only bad for marketing, it is critically dangerous to the security of your site.

Your site is not too small to be hacked

Although you may think your site is too small or not a target, if you are hacked it is disruptive and often costly in terms of lost business revenue and expenditures on technical services to repair infected  websites and computer systems.

Keeping your site secure may seem complex and tedious, however, it is important to take consistent measure to keep your site and your visitors safe.

The solution:
1. Check your site daily and update themes, plugin's and software
2. Use an administrative log-in other than "Admin"
3. Use strong passwords and change them often
4. Install and keep updated security software on your computer and your website
5. Use a plug-in that limits the amount of log-ins
6. Keep your plug-ins updated.
7. Be proactive about protecting your website
8. Make sure the computers you use are free of spyware, malware, and virus infections.
9. Always keep your operating system and the software on it, especially your web browser, up to date to protect you from security vulnerabilities.
10. Make sure you are running secure, stable versions of your web server and the software on it.
11. Update the firewall rules on your router.
12. Be careful about what networks you work from, ie: free WIFi is NOT secure and neither are the passwords you use when using these free networks. If you get infected or hacked when using free WiFi, you can carry this infection back to your basic home or work computers.
13.Work with a competent web management person or firm who will stay on top of all this for you..

Read the complete FBI announcement here: ISIL DEFACEMENTS EXPLOITING WORDPRESS VULNERABILITIES

Other suggestions from WordPress on how to "harden" your Wordpress Site.

Regardless of the size of your law firm, or your website, your site could be vulnerable. This may be the time to take a deep interest in your site security as a general approach to helping protect your site visitors and your investment.

 For assistance, training or consultation with your internet presence, call 800-569-8279