4 best ways to secure your WordPress Website ?

by Amrinder | Apr 17, 2017 | Tips and Tricks, Wordpress | 0 comments

Now a days, most of the web applications are being build using WordPress CMS. Being a freelancer, i have seen many people facing security issues in their wordpress websites. They often complain about their website been hacked or compromised and most of the time they think that it is due to WordPress.

I am a WordPress Developer since last 6 years and now i have seen WordPress improve with enhanced features and added security.

I assure you that WordPress is a secure CMS

I will outline you the the best 4 strategies which will secure your wordpress website, rather than going for multiple ways, if you follow these four methods it will do the work for you.

1. AVOID SHARED HOSTING :

This is the root cause, as shared hosting means you are sharing servers with other people and it is the easiest way to get infected by virus or malware from other people websites.

Solution : Go for DEDICATED Server if you can spend approx 250$ per month on hosting and your website has high traffic. However, if you don’t have too much traffic and are looking for a cheaper yet powerful solution, i with my personal experience recommend you to buy Siteground Hosting as they are one of the best shared hosting service providers and is also offering at fair price. They have firewalls setup and is thus more secure than other cheap shared hosting service providers.

2. USE STRONG PASSWORDS:

I have seen many people using “admin” as the username and a very simple phrase as a password which is easily hacked by automatic scripts. In a wordpress website, an admin has to make sure that the database password used in wp-config.php and password of an administrator has to be strong and alternatively there are many websites online which generates strong passwords and you can use them. Check this website for reference https://strongpasswordgenerator.com/

3. AVOID Using wp-admin / wp-login.php as url for admin logins

The default url for an admin login in wordpress websites is wp-admin or wp-login.php and all of the automated scripts use this url to get into the backends.

To reduce the number of attempts, we can change the admin login url to something else with the help of some plugins like WPS Hide Login and many more available in the wordpress repository.

4. Use SUCURI FIREWALL

The Sucuri Firewall is an innovative cloud-based Website Application Firewall (WAF) and Intrusion Prevention System (IPS) for protecting websites.

i) Distributed Denial of Service (DDoS) Protection

ii) Brute Force Prevention

iii) Stop Website Attacks and Hacks

iv) Malware Prevention

Increased Performance of Websites (Speeds up the website)

The Sucuri Firewall runs on a Globally Distributed Anycast Network (GDAN), built and managed by the Sucuri team. The GDAN configuration allows for high availability and redundancy in the event of any failures in the network. Sucuri currently manages six Points of Presence (PoP)

Buy Sucuri Firewall

If you want to get your website protected, contact us here.

Comments will be appreciated.

Problem Solved: upgrade.php?_wp_http_referer=%2Fwp-admin%2F

by Amrinder | Feb 19, 2017 | Code Snippets, Development, Wordpress | 17 comments

This is a very common issue which happens when WordPress was not successfully updated. If this happens, then the admin is not able to log into wordpress dashboard as it redirects to this url Problem Solved: upgrade.php?_wp_http_referer=%2Fwp-admin%2F .

Below are simple steps to fix this issue in 2 minutes.

Open File manager through hosting account or using FTP.
Go to the wordpress installation directory and under wp-content folder, rename plugins folder to plugins123.
Then go to your website url and write /wp-admin after the url.

You will see the dialog as below:

Click on UPDATE WordPress Database and the problem will be solved.

Cheers and comment for any issues.

Modifying Jetpack Social Media Icons LinkedIn Url Issue

by Amrinder | Feb 13, 2017 | Development, Tips and Tricks, Wordpress | 0 comments

Recently, while i was working for one of my clients website, there was an issue which i saw in the Jetpack Advance Widget called Social Media Icons.

The issue was that jetpack developers has hardcoded www.linkedin.com/in in the code and due to this if any company url doesn’t have /in in their linkedin profile, it was resulting in wrong links. Like for example my clients linkedin official link was https://www.linkedin.com/company/vane-airport/ but when i was entering username, due to hardcoded code it was coming out as https://www.linkedin.com/in/company/vane-airport/ and was a big issue.

So, in order to fix this, open jetpack using any file editor and then look into directory widgets which is located at

\jetpack\modules\widgets

and under widgets open the file called social-media-icons.php and on line 70 remove /in and save the file.

        $this->services = array(
'facebook'   => array( 'Facebook', 'https://www.facebook.com/%s/' ),
'twitter'    => array( 'Twitter', 'https://twitter.com/%s/' ),
'instagram'  => array( 'Instagram', 'https://instagram.com/%s/' ),
'pinterest'  => array( 'Pinterest', 'https://www.pinterest.com/%s/' ),
'linkedin'   => array( 'LinkedIn', 'https://www.linkedin.com/in/%s/' ),
'github'     => array( 'GitHub', 'https://github.com/%s/' ),
'youtube'    => array( 'YouTube', 'https://www.youtube.com/%s/' ),
'vimeo'      => array( 'Vimeo', 'https://vimeo.com/%s/' ),
'googleplus' => array( 'Google+', 'https://plus.google.com/u/0/%s/' ),
'flickr'     => array( 'Flickr', 'https://www.flickr.com/photos/%s/' ),
'wordpress'  => array( 'WordPress.org', 'https://profiles.wordpress.org/%s/' ),
'twitch'     => array( 'Twitch', 'https://www.twitch.tv/%s/' ),
'tumblr'     => array( 'Tumblr', 'https://%s.tumblr.com' ),
);

This will fix the issue.

Cheers

Top 7 Business apps for Professionals

by Amrinder | Oct 26, 2015 | Softwares, technology, Tips and Tricks | 0 comments

Want to manage your business properly?

Today, you manage many things at a time with a good smartphone or IPhone in your hand, then why not business management? Yes, you can better manage your small business with these smart revolutionary apps in your pocket.

Business apps for Professionals

These cool business apps assist you in your business.

Zendesk

It is a cloud-based customer service solution app. It helps its users to improve customer satisfaction and lowering the costs at the same time. It has got great self-service tools which are quite easy to use. Also, it offers one on one customer support in it. You can get a trail of the app for free and then get it if you like.

ConcurMobile

This free app allows its users to create detailed expenses report easily. This app is specifically designed for small businesses whose employees travel quite frequently. With this app, you can track travel expenses of your employees and also can book hotels and flights for them. You can link your credit card with this app for automatic transactions once you approve the travel expenses.

Parature for Facebook

Parature allows you to link a dedicated 24*7 customer service center along with your business page on Facebook. This app is cloud-based software which offers you with Parature’s self-service knowledge base to the Ticket support system and chat. Its cost varies with the number of clients attached with your business.

QuickOffice

If you want to quickly view your business documents, then this is the best app for you. With QuickOffice in your mobile phone or tablet, you can open, edit and save your office documents very easily.

Shoeboxed

Shoeboxed is a free expense tracking app which allows its users to capture receipts and then file them for reimbursement. If you are falling short of time, then you can mail all the receipts to the company and they will input the receipts for you. And, at the same time you will get detail of your expenses in the form of a digital file.

Agenda

As soon as you get up in the morning, you can view the agenda of the day with this Agenda app in your phone. This is a smart app which will make its own guesses for the things that you wish to do or that you add into your agenda. Thus, this app will assist you to plan your day in an organized manner.

Pocket

Pocket is a great app for collecting the things of your taste or related to your business. Whether it is a blog post, an article, images or anything related to your work, it will be saved in this app so that you can read them whenever you find time.

Digital India – A Blessing

by Amrinder | Oct 18, 2015 | technology | 0 comments

A plan to make INDIA a Digital Nation by The Narendra Modi – Prime Minister of India by the end of year 2019.

Aim: This campaign aims to create a digitally empowered nation and knowledge economy.

Vision: The Digital India campaign is centered on 3 key areas rendering the Department of Information Technology and Electronics. These are:

Providing digital infrastructure as utility to common man
Providing governance and services as per demand
Empowering the Indian citizens digitally

This includes internet as a care utility, mobile phones and bank accounts for all the citizens so that they can make transactions electronically, enabling cashless services in real time. Also this includes universally accessible credentials of every citizen of India through digital lockers.

Listed below are the nine pillars of Digital India:

Public internet access
Broadband highways
E-governance
eKranti
Jobs in IT
Early harvest
Electronics manufacturing
Knowledge and information for every citizen
Universally accessible phones

To make this campaign a reality, The Government has started working on it. Just take a look what has been done till date to make India a Digital Nation:

in: According to the PM, e-governance is the need of the hour. For this, mygov.in named website has been launched on 26/07/2014 so that each and every citizen of India may participate in its governance.
gov.in: The government employees of India are known for their lazy work style. With this website, one can track the government employee attendance online with the help of newly installed Biometric Attendance System.
New e-ticketing platform: The newly launched IRCTC website is fully loaded with enhanced features for booking capacity of 7,200 tickets/ minute. This will help to book tickets easily in no time.

Few applications have also n=been launched to make Digital India program a reality. Few are listed below:

IRCTC connect: This app allows its user to book tickets, check the reservations, train routes and many more.
Karnataka Mobile governance: The users of this app can pay bills, property tax, apply for driving licenses and fill IT returns etc.
Incredible India: This app focusses on tourism of India and one can easily access the information on Ministry of Tourism.

Apart from these apps the government is has started .bharat as a domain to enhance the reach of internet to every nook and corner of the country.

However, the Indian Government has started many new projects to empower the Nation digitally but still this is a very long way and there are many challenges in the road of success of this ‘Digital India Program’.