Monetization Magic

Colorado Website Development

Is YOUR WordPress website being hacked?

By

BruteForce+AttackI received this notice from the boys and girls that provide security over my website:  “As of 11am eastern time this morning, we are monitoring the largest distributed brute force attack on WordPress installations that we’ve seen to date.”

Do you have a security program plugged into your website?  Do you know when your website is under attack?  Do you know HOW people are trying to attack your website?

I use a plugin called WordFence for my security on my websites and I love it!  I am immediately notified when anyone logs into my account with administrator privileges (including me).  I also know when someone attempts to log in to my account and uses the wrong password.  I am also able to block specific individuals from logging into my account.  There is no danger in blocking someone because they are there to do harm not to work with me.

Most WordPress developers know this already; however, I’ll mention it again here: do NOT use the default username of “admin” for your WordPress website.  When you do, the potential hacker already has 1/2 of the equation to breaking into your website.  Once they’re in that far, all they have to do is to employ a password guessing tool and before long they’re in your website as the administrator and they can do anything they want to once inside…just like you can.  It is also advisable not to use any derivatives of “admin” as well such as “admin123”.  If you already have your administrator account set up with the user name of admin, go now and create a different administrator account and remove the default administrator account.

How to Install the Latest Release of WordPress 3.0.5

By

WordPress 3.0.5 Addresses Security Vulnerabilities

2 Vulnerabilities:

  • Could have allowed a Contributor‐ or Author‐level user to gain further access to the site.
  • An information disclosure issue has also been fixed that allowed Author‐level users to view the contents of posts which they should not be able to see, such as draft and private posts.

I have prepared a step-by-step video to assist you through the process of updating WordPress to the latest release or you can follow along with the detailed instructions below the video.

In WordPress, log in to your dashboard.  In the dashboard at the top of the screen in the gold bar, you will see a message that advises that WordPress 3.0.5 is available.

On the left at the top of the screen underneath Dashboard, you will see an option called Updates with a circle and a number in the circle.

Go ahead and click on Updates.  You will now see a screen for WordPress Updates.  Click on the Update Automatically button which will launch the update process.

Once it has successfully loaded, it will display a screen telling you the steps that it is undertaking to update WordPress

As you can see, WordPress has updated successfully.   From here, you can click on the Go To Dashboard link to return you to the dashboard.

If you have any questions, submit your question on the Ask SoftwareGirl tab.