How Far Do You Take Blog Security?

When it comes to blogging, more and more of us are doing it. Not only is it a great way to communicate with your readers, but search engines love them! And if everyone else can do it, then why shouldn’t you be able to join them too? – Keeping it updated regularly with new content is one thing though!

The other?… Security!

Because WordPress is Open Source, it means that the script is available to everyone to download for free, and this includes hackers! The developers work hard to provide a script with many benefits for people like ourselves. During the time I’ve used WP, there have been numerous security fixes, and also updates.

Just how many people think about how secure their blog is? Chances are that it slipped our mind, or we just don’t know what to do to make it secure?!

So here’s a few things that you can easily do, that will hopefully prevent any potential hacker from wanting to hack your blog. Don’t give them an easy way in!

1 – Remove The WordPress Generator Tag

If you’ve never taken a look at the source code of your blog, then why not go and do that now? Depending on what theme you are using, this could vary, but around line 10 you should see something like this?…

WordPress Generator Tag

Talk about making it easy for a hacker to see if you’re running on the latest version or not. However it’s easier than you thought to solve! – Just delete it!

In the header.php file of your Theme Editor just find the code, remove it, and hit save. Nothing will happen with the result of you deleting the code, as it says, it’s only there for some kind of stats?!

You’d think that was it, but you would be wrong. Go have another look at your source code and see if you can spot it? Now this IS going to vary, but for me at the time of writing, on line 34 I could see the same thing. The only difference this time was the fact it didn’t display the bit about stats!

Over in your themes functions.php file, we just need to add one line of code. At the end of the file, just hit return (enter) twice and paste the code in, remembering to save the changes.

<?php add_filter('the_generator', create_function('', 'return "";')); ?>

Go back to your blog homepage and view the source again. If you’ve done everything correct, then you should spot the fact that the generator tag has been completely removed. That can also be confirmed by doing a search in the file too!

While I know there are plugins out there, many in fact, that do the same job. What’s the point of having more active plugins and those extra files uploaded to your server. For example, a hacker might find a exploit in the plugin? It also means you have to remember and update it, if you ever find out it needs to be.

Yes, if you decide you want to change your theme, then you will need to make sure the new themes files have this code inserted. But what’s that if it takes you an extra 30 seconds?

2 – Change The Default Admin User

Unless you’ve used Fantastico to install WordPress, there’s a good chance you’ll need to modify the database. At least that what most would think. There are in fact a couple of other ways you can achieve the same result, or a similar one.

The easiest option by far is to create another user from within the admin area, and make sure you assign it with administrators privileges too. With that done, logout, and then log back in again with the new details.

What we are going to do is delete the other account with the username ‘admin’ that WordPress always seems to use by default?! I don’t know how they can’t just have a field in the setup, for the user to pick their own username. There must be a logical reason that I’m not aware of.

Moving on!… When you delete the old user, you’ll be asked what you want to do with the post(s) currently assigned to the user you are planning to delete. There is an option where you can say that you’d like them moved over to the other admin. Select that, and confirm that you wish the user be removed!

If you’d rather not create a new user then you can always use a plugin. As with any other plugin, you upload it to your /wp-content/plugins/ directory and activate it withing your admin area. When you go in to edit the user, there will be another field that allows you to change the username to whatever you like! – Once the changes have been made, you can deactivate the plugin and delete it from the plugins folder again.

3 – Overloading Your Blog With Too Many Plugins

I’m not going to dispute that having plugins on your blog can be great. Most of the time they are around to solve a feature that the script currently doesn’t have. I use plugins here on Mark-McWilliams.com which can sort SPAM out (Akismet) and also one for managing my Top Commentators you can see in the sidebar.

Some plugins owners decide they aren’t going to update it anymore, which is just asking for trouble. Hackers look for all kinds of ways to ‘get in’ and having an old plugin is just what they are looking for. There might be an exploit, and absolutely anything could happen to your site.

The point I’m trying to make is, if there’s any plugins you aren’t using at the moment, then WHY are they still on your server? While I know you might want to keep then for later use, what’s wrong with taking a note of it’s name, so that when you need it you can download the latest copy? – Just a thought! ;)

4 – Upgrade WordPress When A New Version Becomes Available

Whenever I see the notice in my dashboard informing me of a new release, I always make sure about upgrading as soon as I can. But before I do, I’ll read the post that is normally posted on the WordPress Development blog which tells us whats new and what’s not.

If I think there could be a problem with the new version working with my theme, then I’ll get the updates for it first, before I think about updating the blogging software. Sometimes I’ve waited a couple of days, but at least it’s done, and the earliest I could make it too.

Hackers are going to find ways in through things in older versions, and they’ll go searching for blogs that still run on that particular version. Then perform whatever they do, and move onto the next one.

5 – Install The WordPress Database Backup Plugin

As with other things in life, if a hacker is going to come and hack your blog then they will. (They will try their hardest to get what they are after!) This plugin is brilliant, as it can be setup to email you a copy of the database every day at a specific time.

Say for example something did happen to Mark-McWilliams.com and it couldn’t be sorted by re-uploading the WordPress core files, or just deleting the index.html file which they have uploaded, then at least I can resort back to the last backup of the blog.

This saves me all the hassle, and I don’t have to remember about doing it all myself. Just imagine how long it could take you to do it yourself, and how long it takes the plugin. I prefer the plugin, and find it very handy! :)

With this post, I hope it’s given you a little insight into thinking about your blog security. And how changing/editing some of the smaller things could just be what you need to deter a potential hacker from targeting you blog!… If you’ve got anything else to add, then please do in the comments section below!

The Jing Project Goes PRO

I’m well aware that some of you may or may not already know about this, but on January 6th 2009, TechSmith released a PRO version of Jing. (Yes I’m a whole 12 days late in telling you!)

The original version of this software, which is still available, can be downloaded for FREE from the website. But for just $14.95 per year, you can grab the PRO version. And for anyone who wants to know, it boils down to 28.8 cents a week!

If Camtasia Studio is out of your budget, then Jing would be a great solution for you. Now I’ll admit it, Jing does come with limitations. I’m pretty sure that TechSmith only set Jing up as a little project, don’t know where I get that idea from, and it’s really taken off! – A good chance there will be more information over on their blog.

Check out the full list of features along with screenshots and descriptions!

Because the Jing Project seems to be going from strength to strength, and with many users requesting some new features, it would seem appropriate for TechSmith to release another version. And while there is a PRO version out, I still believe that both versions will still be updated over time. :D

Are you a Jing user?… Let me know in the commets section below!

Internet Marketing VS Baguette Express

We all know that customer service is key, and keeping our customers happy is our number one priority. It’ll either make or break your business! – However, I’m about to show you how NOT to treat your paying customers, with something that happened to me when I visited one of my local shops for a bite to eat.

Usually most Saturday’s I head off to Baguette Express, and for the one’s on the other side of the pond, it’s basically just a baguette shop were you can pick whatever kind of filling you like.

So this one Saturday my mum went in, she was passing, and decided to go and get me it instead. I enjoy a Chicken Tikka baguette, so that’s what my mum ordered me. Now she did think that the member of staff had put on something different, but as  she said to me at home, she wasn’t really sure so brought it back for me to try.

Well I instantly took a look at it, and said that’s Chinese Chicken, which I really don’t like. But I took a bite anyway just to make sure, and it definitely was. (With this happening to me before, on more than one occasion, my mum was furious so went back to the shop!)

If you think back to what I said a little earlier, can you guess what’s coming? ;)

Turns out it WAS in fact Chicken Tikka – Makes my mum look like a right old muppet, but also the member of staff too, as they are virtually ‘arguing’ over a baguette and the filling.

Baguette Express had ordered this particular filling from a different supplier (That’s got something to do with the customer?), and there’s nothing they can do? By this point, a nice little queue has started to form. I really wish I’d gone along now! LOL

My mum tells them about the service we’ve been receiving, along with everything else, but also said that we’ll not be back! To this day, I’ve only been twice after this happened. Must be over 2 or 3 months too?!

So what has this got to do with Internet Marketing and customer service I hear you ask? Let’s look at it this way, if we had a customer who wasn’t satisfied with their purchase then we’d offer them a full refund right?

Did Baguette Express do that for us?… NO!

Not even the offer to exchange it for another filling, as I’d gladly have accepted just a normal Ham baguette. And before you ask, I don’t like all those optional extras they offer you.

Being an Internet Marketer, some of us may have even provided the dissatisfied customer with some kind of gift on top of their refund, just to apologise for the inconvenience caused. It’s not something you have to do, but I have seen a few people doing it.

What’s the important lesson learnt today then? Always keep your customers happy, and a nice way of doing that is providing them with FREE content every now and then! You’ll have a much better change of getting a sale, as it’s the subscribers way of thanking you for all the advice you’ve given them, and for all you done.

…Look at how some of the other marketers do things!

Have you had any similar experiences that you’d like to share with the rest of the world, then drop me a comment below?!

6 Days In, What Have You Done?

Believe it or not, but we’re already 6 days into 2009. And as if time isn’t already flying by, I’ve still got plenty more things I’d like to get done before 31st January! I must admit, it’s taking a little longer than I first thought to get back into the swing of things after taking time off and having a bit of fun during the holiday.

Since I last posted, I managed to get a few things ticked off the to-do list. :D

The main one being was that I contacted my programmer, and talked about a few little tweaks we could make to the script. And out of the 4 or 5 simple things that we can tweak, it will ultimately make the users experience much more enjoyable, but easier too!

I’m not exactly sure of the saying, or even if there is one, but often it’s the smallest things that make the biggest difference! In fact, let me give you this example.

When you first setup a blog on WordPress, it comes installed with a default theme. That theme may be what you’re looking for, but for for most it’s not. With a quick search in the Theme Directory, you may be able to find another that’s going to be more suited for the kind of blog you’re creating.

…See how small that tweak was, and how much of a difference it can make?

Along with that email tennis, I’ve been giving this PC of mine another little spring clean. It’s not something I like spending hours upon hours doing, so I’ve really just been working my way though little chunks at a time. I’m amazed when I see multiple copies of the same file saved in completely different areas.

On a lighter side of things, I was very pleased to see a couple of commissions in my ClickBank account over the weekend (Friday and Saturday actually!) But considering the fact I wasn’t really doing any work, it’s a great feeling.

What have you been upto? I look forward on reading your comments!

Looking Back On 2008

Today is the start of the new year, so it seems appropriate to look back at 2008, and see what I did and didn’t achieve. However, before I start talking about that, why don’t we take a look at the top 10 most popular posts here on Mark-McWilliams.com (This may not be 100% accurate!)

If I must say, I do agree that these are some of the top posts here on my blog. And I’m just going by what it tells me, but I do have others which I quite like myself!

The most important thing for me, is to launch my first ever product. Now this actually went into development near the end of last year I think, and there have been times wondering WHY and HOW I still never managed to launch it back in 2008.

I believe one of the reasons is the fact that I try and tackle too many projects at once! I’m willing to admit that, and there’s a good chance that I mentioned the same thing a few times last year too. So I suppose that, along with launching my first ever product, I’m also going to make sure that I just work on one project at a time. Meaning that I’ll actually be able to complete it (for once!) :D

Another one of my bad habits is that I keep tweaking things, and a prime example of that was this blog! It’s just the kind of person I am, and kind of the way I was brought up. I’m probably what some of you would call a perfectionist!

When I was speaking to Randy Smith a while ago now, he mentioned the fact of how he believes that I’m scared of my own success! I’ve never told any of you this, but it wasn’t until I got an email from another marketer, that I started to see what Randy was talking about here! – You see, there are still some things which I’m scared of, and it’s not just that either. If I think about it in a little more detail, I keep putting things off for no reason. Now in my eyes, and I’m sure others, it all boils down the fact that I’m scared of what’s going to happen!

It isn’t even going to stop there, as I’ll make sure I post loads more content on the blog for you all to read, absorb and learn from. If you want me to cover anything in a particular post, then don’t be afraid to shoot me a support ticket, and I’ll do my best to write one up and publish it!

(I’d also like to take this moment to wish you a Happy New Year, and as always, your comments are appreciated!… Have you got any posts from my blog that you liked and aren’t in the top 10? Why not post a link to them too then?) ;)