WordPress sites are vulnerable to new hacker attacks. Is yours secure?

Posted by | News, Websites | No Comments
Over the last week WordPress sites worldwide have been attacked by hackers. So what? you may say. We all know hackers are busy 24/7 trying to cause havoc. But this time it's a biggun. Apparently a botnet of tens of thousands of computers has been busily squirrelling away at any WP site using 'admin' as the login username. Here's what the BBC's website has to say: 'The botnet targets WordPress users with the username "admin", trying thousands of possible passwords. The attack began a week after WordPress beefed up its security with an optional two-step authentication log-in option. The site currently powers 64m websites read by 371m people each month. According to survey website W3Techs, around 17% of the world's websites are powered by WordPress.' So your first step, therefore, is to change your username. Now. (Any WP sites I set up, by the way, don't use 'admin' as the username. It's just too obvious.) You should also update to the latest version of WordPress (remember to back up first!) and use the optional two-step authentication with a secret number. Yes, it's one more thing to remember but a darned sight easier than rebuilding your website. Next, install a plugin such as Better WP Security. I also recommend installing your website in a separate folder on your server rather than in the root folder. Just don't call the folder WordPress or Website! If you want help beefing up the security on your site, please do get in touch with me so I can help you ward off hackers.

WordPress 3.3 is available

Posted by | News, Websites | No Comments
We're always telling our clients to update to the latest version of WordPress, and now 3.3 is here. Should you update? It's a fairly major upgrade from WP, with much improved facilities if you're using an iPad and streamlining of the Dashboard area, with your submenus flying out at the side on mouseover, rather than expanding downwards (very useful if you use a laptop with a smaller screen). The media uploader has changed to a more simple drag and drop facility. Behind the scene there is improved javascript, which won't really affect you as a client. Find out all the changes here at the WordPress site. Because it's a major upgrade, there are possibilities of bugs which need to be ironed out. Eager users will be finding those bugs and reporting them, so it may be an idea to wait until the next upgrade is released, which will probably be by the end of the year or early in 2012. If you just can't wait to upgrade, we do recommend you back up your site before, in case there are any issues. If you are unsure about backing up your site, WordPress has answers to your questions and a how-to here.  If this all looks a bit too complicated you may like to try out Vaultpress, a plugin which backs up your site every time you make a change. It is not a free plugin - and there is a privacy issue in that your data is being backed up on Vaultpress' server - but worth the minimum $15/month. Of course you can always ask us to perform the upgrade for you; we do that for our clients as a matter of course for smaller updates and will be waiting until 3.3.1 is released before we backup and upgrade your site for you, host server permitting.