• Home
• Subscribe
• Help
• Photos
• Videos
• SEO
• Follow Me on Twitter!

• Home
• About Dan Nedelko
• Case Studies
• Hire Me
• Sportsbook SEO
• Gambling SEO

Wordpress Security Plugins

When you use Word­press for a cor­po­rate or busi­ness web­site, secu­rity always comes up as an issue and for good rea­son. In what has turned into an ongo­ing series on Word­press Secu­rity I’m going to review a few very use­ful plu­g­ins which will add an addi­tional layer of secu­rity to your Word­press or Word­press MU site.

In addi­tion to this arti­cle, you might find the two other posts in this series useful:

Block­ing Spam with Wordpress

Recov­er­ing from a Word­press Injec­tion (You are labeled an Attack Site)

So here is the added list of extremely use­ful Word­press plu­g­ins, all of them work well with both Word­press and Word­press MU (on my sites at least):

1. http://wordpress.org/extend/plugins/restrict-login-by-ip/ — Restricts Word­press admin login by IP address. This is extremely use­ful since you will likely not want just any­one hav­ing access to the authen­ti­ca­tion login.
2. http://wordpress.org/extend/plugins/limit-login-attempts/ — limit login attempts and records IP address.‘Nuff said.
3. http://wordpress.org/extend/plugins/wordpress-file-monitor/ — mon­i­tors WP file changes and noti­fies by email upon a change.
4. http://wordpress.org/extend/plugins/wp-security-scan/ - scans the server for known secu­rity issues — this is a def­i­nite old standby and should be added to your Word­press site
5. http://wordpress.org/extend/plugins/invisible-defender/ — pro­vides pro­tec­tion against SpamBots
6. http://wordpress.org/extend/plugins/audit-trail/ — tracks changes to the site by user. I find this to be less of a secu­rity issue but it is extremely use­ful if you’ve got numer­ous authors on your blog. At the very least you know who to smack around if they make changes to your site.

Now keep in mind that these will not ensure that you will never have a secu­rity issue on your blog or web­site. But as the say­ing goes an ounce of pre­ven­tion is worth a pound of cure (Ben­jamin Franklin was a pretty smart guy so I’m going with it).

I hope you’ve found these plu­g­ins use­ful. Let me know if you’ve got any addi­tional plu­g­ins or tech­niques you use to secure your sites and ensure smooth sailing!

Cheers,

Ashton Kutcher — Twitter Desperation?

Social Media Mar­ket­ing and Twit­ter in par­tic­u­lar is a great way for stars like Ash­ton Kutcher to gen­er­ate buzz. In fact it’s great for any­one and any busi­ness (when done prop­erly). Now I’m as open minded to all sorts of Inter­net Mar­ket­ing tech­niques but this one strikes me as a bit desperate.

Ash­ton is basi­cally buy­ing paid adver­tis­ing on another social net­work in order to increase his fol­low­ers on a com­pet­ing social net­work. Come on Ash­ton. As they would say on Twit­ter: srsly?

UPDATE:

Clearly  Ash­ton Kutcher using Twit­ter is not a neg­a­tive thing. In fact I fully believe in the power of Social Net­work Mar­ket­ing and pro­vide chan­nels for self pro­mo­tion. How­ever, As a busi­ness dri­ven mar­keter and brand­ing expert I’m still not 100% cer­tain if Ash­ton Kutcher’s cam­paign on Twit­ter pro­duced any defin­able results other than the fact that he got some ded­i­cated air­play on CNN. For a hol­ly­wood actor like Kutcher, this is def­i­nitely a plus, get­ting air­play like that will do noth­ing but pro­mote his own brand, his movies and his career (and pos­i­tively affect­ing his bot­tom line).

I won­der what type of met­rics were taken into account except for the num­ber of fol­low­ers? Was any track­ing done on Click Through Rates? How did it affect his Online Rep­u­ta­tion? More likely than not, it was purely a brand­ing play. I still think the Ad reduces the legit­i­macy of his entire Twit­ter campaign.

Related arti­cles by Zemanta

• Con­firmed: CNN Acquires CNNBrk Twit­ter Account (techcrunch.com)
• Social Media Mar­ket­ing Indus­try Report (incsub.org)
• Ted Turner May Endorse Kutcher In The Race For A Mil­lion Twit­ter Fol­low­ers (techcrunch.com)
• Ash­ton Giv­ing Away Gui­tar Hero? We’re Giv­ing Away Chanel! Help Us Get to 1 MM Votes Before Ash­ton Reaches 1 MM on Twit­ter! (popsugar.com)

Blocking Spam with Wordpress

After my last arti­cle on Clean­ing your Site after a Word­press Injec­tion Attack I fig­ure that it’s time to take the old “an ounce of pre­ven­tion us bet­ter than a pound of a cute” (or some­thing like that). So here is a nice easy way to enhance your Akismet spam pro­tec­tion and quickly and eas­ily black­list an offend­ing IP.

Per­son­ally I get really sick of blog spam­mers, espe­cially since my blog is DoFol­low. It doesn’t stand for the same thing as DoSpam. Very annoy­ing time con­sum­ing and poten­tially harm­ful — alot of these same idiots who blog spam would also be the same peo­ple who will try to inject your Word­press theme and plu­g­ins with Click Counter code.

Any­how in this post I’m going to use the fol­low­ing plugins:

1. Akismet (setup prop­erly but that goes with­out saying.)
2. WP-EasyBan
3. WP Secu­rity Scan
4. Secure Word­press
5. Redi­rec­tion Plugin

The first thing you need to do is install all of the above plu­g­ins and ensure each of them work. As a side note: I had trou­ble with WP-EasyBan on Word­press 2.7.1 but I cor­rected it. To be hon­est I am not 100% sure if it was a con­flict­ing plu­gin issue or a core prob­lem with WP-EasyBan. If you have a prob­lem, con­tact me or com­ment here and I will share my fix (I wasn’t able to see “Add Ban” in the user menu but a few changes to the plu­gin fixed it with­out any issue).

Ok mov­ing right along.

Let’s say you are get­ting a sub­stan­tial amount of Spam in your Spam Bin in Akismet. You will eas­ily be able to tell if it comes from one par­tic­u­lar IP address. First go to your Spam Box and iden­tify the IP address — see below:

Next step: Check your Secu­rity logs under “Tools -> Secu­rity Logs” — now if the per­son is sim­ply annoy­ing you can skip that step but the Secu­rity logs will iden­tify if the user is on a blacklist:

Check your Secu­rity Log and Blacklist

Once you’ve done that it’s time to “Add Ban” pro­vided by WP-EasyBan. It’s got a great inter­face for you to add var­i­ous options. We want to add a spe­cific IP address (adding a block if IP’s could cause you to block legit vis­i­tors to your site.

Adding a Banned IP through WP-EasyBan

Also as an ounce of pre­ven­tion you can set a time limit and maybe you’ll dis­cour­age the blog spam­mers after a period of time. The rea­son I like this method is that Spam­mers never give up unless they are cer­tain that their stuff is not get­ting through. Black­list­ing will let you send a mes­sage that there is no get­ting through to you.

As a last note: I like to add a per­son­al­ized mes­sage to these idiots. Some­time I ven­ture into more colour­ful lan­guage depend­ing on how badly one IP is offend­ing my site and mess­ing with my hard work.

Then you can set another site to redi­rect them to as well. Get cre­ative here you can have fun with this, there is also a sense of sat­is­fac­tion to mess around with these people.

Any­one else have any tips? Let me know!

Cheers,

Dan Nedelko

• Recent Posts

  • Internet Marketing Tweet Digest 2010-08-22
  • Internet Marketing Tweet Digest 2010-08-15
  • Ontario Legalizes Online Gambling — Kinda
  • Internet Marketing Tweet Digest 2010-08-08
  • Internet Marketing Tweet Digest 2010-08-01
  • Internet Marketing Tweet Digest 2010-08-01
  • Google Font API Thesis and Wordpress
  • Internet Marketing Tweet Digest 2010-07-25
  • The Real Life Social Network
  • Internet Marketing Tweet Digest 2010-07-18

Copyright © 2008 Dan Nedelko : Internet Marketer · Dan Nedelko is the founder of Honeypot Marketing an Internet Marketing firm located in Toronto, Ontario and Vancouver, British Columbia · If you can't find what you are looking for please have a look at our Internet Marketing and SEO Resources.

Thumbnails powered by Thumbshots