Scared of Website Hacking? How to Make a WordPress Site Secure

maze

It seems you hear about someone’s site being hacked just about every day. In many cases, the business owner could have taken one or two steps to prevent the invasion. While hackers will continue to devise methods to infiltrate blogs and websites, the following steps will help keep your WordPress Site safe.

#1 Remove telltale signs that give hackers a clue about the site including:

  • The WordPress version from the website’s header – don’t tell people what version of WordPress you are running, especially if your version isn’t up to date.
  • Remove your admin user name and replace it with a unique user name and password.
  • Remove login link from the theme.

testing

#2 Secure the login and install plug-ins and systems that do one or more of the following:

  • Limit the number of login attempts an IP address can use within a specific timeframe.
  • Add two-factor authentication, which will require you to enter an additional code to login.
  • Rename the “wp-login.php” file to something else (such as “log-in.php”) so that hackers cannot know the correct login URL. 

#3 Add SSL for my WordPress Admin. (Note: You will need to contact your web host to have them implement a Secure Socket Layer for your WordPress Admin area).

#4 Have systems to:

  • Scan your site regularly for virus and malware
  • Update plug-ins and WordPress software
  • Back-up your WordPress site regularly 

#5 Create a strong password to log into your site. It should include upper and lower case letters, numbers and special characters. Your password has nothing to do with you or your personal life, so it cannot be guessed, and you have a system to change it at least once every 90 days.

website redesign

#6 Utilize reputable and trustworthy providers including:

  • Website designers/developers
  • WordPress Theme developers
  • Ghost/Guest bloggers
  • Virtual assistants
  • Give each provider a unique password and username and administrative login information is changed after business with provider(s) is concluded. 

#7 Change the default table prefix in the WordPress database, or had it changed for you, so that hackers cannot easily access the database. (Note: For a new Word Press installation, you can change the table prefix in the “wp-config.php” file before installing WordPress. If you have WordPress installed, visit WordPress.org for instructions.)

9-no-slash

#8 Uninstall and remove any unnecessary themes, plug-ins, and users.

#9 Employ the services of a reputable host with demonstrated security practices and systems in place and a reputation for secure hosting.

#10 Create systems to ensure that the back-up system is working effectively and efficiently. Backing up your WordPress site isn’t a “set it and forget it” event. Create a system to regularly check to make sure your blog/site is backing up effectively.

international

No blog or website is hackers-proofed. However, when you take these ten steps to protect your site, you’re drastically reducing your odds of trouble. It’s well worth the time and effort up front to protect your business down the road.

Building an Email Marketing List with WordPress

email mkt1

Aweber & GetResponse SlideUp

The Aweber and GetResponse SlideUp plugin allows you to create a footer bar with either an Aweber or GetResponse opt-in box in it. It will “slide up” from the bottom and stay there, prompting users to sign up.

Because the controls are essentially the same, with Aweber’s having just a couple more options, we’ll just demonstrate the Aweber SlideUp here. The GetResponse SlideUp works the same way.

Step 1: Install the Plugin

Go to your Plugins tab and do a search for “slideup.” Install either the Aweber or GetResponse plugin, depending on which service you use.

1-Install-the-Plugin

Activate the plugin once it’s installed.

2-Activate-Plugin

Step 2: Access the Plugin Settings

Scroll down on the left to the Settings tab. Click the drop down arrow and go to the plugin’s settings.

3-Plugin-Settings

Step 3: Insert Hidden HTML Code

Copy and paste your Aweber or GetResponse form code into a text editor file. Make sure you don’t use Microsoft Word or any word processing program, but a text editor program that doesn’t add formatting.

Look for the code with the input type “hidden.” It should be right below the <form> code and above the rest of the code. This is the code that the SlideUp program needs to generate their own opt in box.

Copy this code to your clipboard.

4-Hidden-Input

Then paste the code in the plugin settings’ “Hidden Aweber Form Fields” box.

5-Paste-HTML

Step 4: Additional Options

The plugin gives you a few more options to customize the look and feel of the SlideUp.

6-Additional-Options

Here’s what each of these forms do

Heading Tag Line: Puts a line of text directly above the email signup box.

Tracking Image URL: If you have a tracking pixel to track your opt in rates, put it in this box.

Header Image URL: This places an image to the left hand side of your slideup. It’s a good place for a logo of some sort. Make sure it’s not more than 35 pixels high.

Step 5: Save and Preview

Save your settings and reload your blog. You’ll see a footer opt-in bar slide up along the bottom.

It’ll look something like this:

7-Footer-Example

That’s how to download the Aweber or GetResponse SlideUp, setup the code and configure its additional settings.

 

 

Add Signature Plugin

The Add Signature Plugin allows you to easily add different signatures to your posts, pages and archives. You can choose to automatically include them on all posts and/or pages, or manually insert the signature in each post.

Here’s how to setup and use the Add Signature Plugin.

Step 1: Download and Install

To download the Add Signature Plugin, go to: http://www.dagondesign.com/articles/add-signature-plugin-for-wordpress/

The file is a text file, so to prevent your browser from automatically opening your file in the browser, right click and select “Save File As.”

1-Save-Txt-File

Next rename the .txt file to a .php file.

2-Change-to-PHP

Upload the php file using your FTP client. Go into your Plugins tab and click Activate.

3-Activate-Plugin

Step 2: Access the Settings

Click on DDAddSig in your Settings tab to setup your signatures.

5-Write-Your-Signatures

Step 3: Write Your Signatures

Write your primary signature, along with up to 6 additional signatures.

 5-Write-Your-Signatures

You can use HTML in your signatures, along with content insertion codes:

6-Codes

Once you’ve written your signatures, all you need to do is save the options and insert <– ddsig –> in any of your posts or pages to quickly insert the signature.

Step 4: Set Default Display

If you want Add Signature Plugin to automatically add your signatures to all your pages or posts for you, just check the corresponding boxes on the bottom of the setup page.

7-Set-Default-Displays

That’s all there is to it! You’ve now setup your own signature to be easily added to any page or post.

 

Thank Me Later

Thank me later is a plug-in that allows you to automatically email your post commenters. You can set the plugin to send the email out after a delay, giving the reader the sense that you read their comment and personally sent them an email.

Here’s how to setup and use Thank Me Later.

Step 1: Installation

Go to your Plugins section, click Add New and click Install on Thank Me Later.

1-Install-Now

 

 

Step 2: Go to Thank Me Later’s Settings

Thank Me Later’s settings is located at the bottom of the Settings menu. Click the link.

2-Settings-Thank-Me-Later

Step 3: Create Your Message

When you land in the settings screen, you’ll immediately be prompted to create your first message. Click the link.

3-Create-a-Message

Tell Thank Me Later who the email should be from, the subject and the actual message. You can customize the message with tags to insert your name, their comments, their name, etc.

 4-Write-Message

Once you’re finished, hit save.

Step 4: Add More Messages (Optional)

If you want Thank Me Later to randomly select from a few different messages, you can. You can also set it to send someone a different message every time they comment.

To do this, first create several different messages by clicking the Add New Message link.

5-Add-More-Messages

Set the probability to determine how likely a message is to be sent. .5 is 50%, 1 is 100% and so on.

Step 6: Message Settings

Your message settings will determine exactly how Thank Me Later interacts with your readers. For this plugin in particular, it’s best if you don’t just leave it on its default and instead customized it to behave exactly as you want.

To access the options, click on Additional Options along the top.

6-Additional-Options

This is what the message options screen looks like:

 7-Global-Message-Options

Here you can choose exactly how your users receive your messages. Here’s what each of these options means:
Maximum Number of Messages: How many emails from you any particular user can receive over their lifetime.

Send Unique Messages Only: Never send the same user the same email.

Comment Gap: If comments are posted in close succession, you can set Thank Me Later to only email users once.

Send Gap: To prevent users from getting to many emails, you can put a waiting time requirement between emails.

Opt Out: Allow users to opt out.

 

Step 7: Set Your Message Restrictions

 

In addition to your Global Options, you should also set your Message Defaults. Click on Message Defaults to access this panel.

 8-Message-Restrictions

Here are the options available in this tab:

Message Delay: How long do you want Thank Me Later to wait before sending a message?

Restrict by Tags: If you don’t want Thank Me Later to email posts on a certain topic, you can block them out.

Restrict by Categories: Same as above, but sorted by categories.

Restrict by Users: Choose whether to send emails only to logged in or logged out users. Leave it unchecked to send it to everyone.

The two other tabs, “Miscellaneous” and “Installation and Information” deal with more technical issues and don’t really affect functionality.

It’s that easy! You’ve just learned how to install Thank Me Later, customize it and use it to send messages to your readers.

 

Free WordPress Autoresponder

Did you know that instead of using an outside autoresponder, you can run it all from your own server? Using the Free WordPress Autoresponder, you can place subscribe boxes, add leads, schedule emails and send email blasts.

Here’s how to download, install and configure Free WordPress Autoresponder.

Step 1: Download and Activate the Plugin

To download Free WordPress Autoresponder, go to: http://freewordpressautoresponder.com/

Scroll down to the bottom and enter your contact information.

1-Enter-Contact-Information

Check your email and click on the confirmation link. Go to the members area.

2-Enter-Members-Area

Scroll past all the sales and promotional material until you reach the download link.

3-Download-Software

Once you have the .zip file, upload it to WordPress and activate the plugin as usual.

Step 2: Setup Your Options

Scroll down on the WP Admin panel to access Free WordPress Autoresponder’s settings.

4-Access-Settings

Go to Setup to setup your unsubscribe messages, footers and other basic options.

5-Setup-Text

Step 3: Add Fly-In HTML (Optional)

If you want to have a hover-over style of opt-in box, do it in the Fly-In HTML box tab.

6-Setup-Fly-In

Start by customizing your fly-in box to look however you want. By default it edits in WYSIWYG, but if you want to edit in HTML just select “Plain Text” from the drop down box.

Once you’re ready, click “Test Fly In Display” to make sure the fly-in look show you want it to.

Then click the “Activate” button and hit submit. Anyone who’s coming to your site for the first time will see the fly-in opt in box.

Step 4: Add Normal Opt-In Box

To add an opt in box anywhere else on your site, use the Form HTML tab.

Again, start by editing the opt in box in WYSIWYG. Once it looks the way you want it to, change the display option to “Plain Text” and paste the HTML anywhere on the blog.

7-Normal-Opt-In

Here’s the “Plain Text” view:

8-Plain-Text-HTML

Alternatively, you can also just drag and drop a Widget from your Widgets tab into any sidebar. This works just like any other Widget.

9-Autoresponder-Widget

Step 5: Add Autoresponder Messages

Now that you have your basic setup complete, it’s time to add some messages to your autoresponder.

Go to the messages tab to get started.

10-Messages-Tab

Click on Add New Message.

11-Add-New-Message

Enter in your first autoresponder subject.

12-Create-a-Message

Click Add Message when you’re finished. Repeat the process for each email you want in your autoresponder.

Step 6: Send a Message Blast (Optional)

Want to email your entire list? You can do so from the Send Message tab.

Just specify which parts of your list should receive your message, enter your message and hit send.

13-Send-a-Message-Blast

Step 7: Manage Your List

To import contacts, export contacts or manually delete contacts, just got to the leads tab.

14-Leads-Tab

Then click “Delete Checked,” “Add Leads,” or “Export Leads” to do just that.

15-Edit-Leads

Congratulations! You’ve now learned how to install, setup and use Free WordPress Autoresponder. It can do just about anything an industrial grade autoresponder can do, right from your WordPress setup, for free.