10 WordPress Security Tools That Will Send Spammers and Hackers Packing

With security issues like Heartbleed and hackers breaking into even what we thought to be the most secure areas of the Internet, we all need to start taking some more precautions when it comes to the security of our websites. I know I felt like I needed to take a look at my own security practices and decided to put together a list of tools I’ve used for preventing hacks, security issues, and spam. Most of these are WordPress specific, but some can be applied to any site.

When looking to put a list like this together, I usually reference Annie Cushing’s Must-Have Tools Doc, which has a Spam/Hacking tab. Some of these tools have now been added to that list and you should probably check out not only the security related tools but all of the other great tools in there for marketers and webmasters.

security

1 – WordPress Firewall

WordPress Firewall blocks hacking attacks on your site by investigating suspicious-looking web requests, detecting SQL injection attacks, and having an option to email you attack reports upon blocking potential hacks. The plugin allows you to set up whitelists for pages and IP addresses that you know can be trusted. You can also set WordPress Firewall up to send a user to a different page if the plugin detects an attack.

Pro tip: Setting up this plugin worked best for me when I uploaded the file to the FTP server, then activated it from the WordPress user interface.

security filters

white list

2 – Login Lockdown

Login LockDown records the IP address and timestamp of every failed login attempt. The plugin locks down access to your WordPress site for a range of IP addresses if login attempts exceed a certain number. This helps to prevent brute force password discovery. Administrators can release locked out IP ranges manually from the admin panel.

options

locked out

 

3 – iThemes Security

IThemes Security fixes security holes, stops automated attacks, and strengthens user credentials. The tool blocks users deemed as harmful and increases the security of vital information such as passwords and login information. IThemes Security also makes regular backups of your WordPress database and detects hidden 404 errors in your site that can negatively affect your site’s visibility to search engines.

dashboard

security status

 

4 – Akismet

Akismet automatically detects comment and trackback spam. Each time a new comment, trackback, or pingback is added to your site it would be submitted to the Akismet web service which runs hundreds of tests on the comment and returns a thumbs up or thumbs down. They have 20 other plugins for users not on WordPress that also work against comment spam. You can also access Akismet directly through their API, without the use of a plugin.

Pro tip: When registering for an API key, you can choose a personal subscription and set the money paid monthly to $0. The plugin is free for personal use.

activated

server connectivity

 

5 – BulletProof Security

BulletProof Security protects your site from various kinds of hacking attempts by using .htaccess WordPress security protection. The tool uses .htaccess files because they are processed first before any other code on your website. Ergo, hackers’ malicious scripts are stopped by .htaccess files/Firewalls before they even have a chance to reach the php code in WordPress. Some of the hacking attempts that this plugin protects against include XSS, RFI, CRLF, CSRF, Base64, Code Injection and SQL Injection.

bullet proof security

logins

 

6 – Sucuri SiteCheck

Sucuri SiteCheck will check your site for malware, blacklisting and other security issues like .htaccess redirects, hidden eval code, and other issues. The plugin detects SPAM injections, website errors, disabled sites, database connection issues and code anomalies that require special attention. Sucuri SiteCheck also has an option to verify all WordPress core files for changes, which can be useful to detect hidden backdoors.

You can also check for malware, blacklisting, and overall security status without a WordPress account by scanning a site for free at SiteCheck.Sucuri.net. If you need a more extensive recovery plan because your site has already been hit, or need a more comprehensive non-WordPress solution, you can buy a plan with Sucuri.

scanner

hardening

 

7 – MX Toolbox

MX Toolbox allows users to check the status of a submitted URL, IP Address, or host name to see if it was blacklisted, check its MX record, DNS servers, and SMTP diagnostics. There are also a number of other services that can be requested via commands before the submitted text. If you click the “Other tools” link below the list of commands you can use any of the command functions’ individual search bars. Links in the results will guide you to other relevant tools and information.

mxtoolbox

commands

network tools

 

8 – Google’s Safe Browsing Tool

Google’s Safe Browsing Tool will let you know if your site is hosting any malicious software. Add your site to the end of the URL (replacing mysite.com) and get the current listing status of your site, what happened when Google visited the site, and other history records. The tool also reports when the last time Google visited the site was and whether or not suspicious content was found in the last 90 days.

google safe browsing

 

9 – BackWPUp

BackWPUp allows you to download a backup of your site with one click. However, it provides options to customize your backup too, such as adding a WordPress XML export, choosing what files get backed up, selecting your preferred backup file format, and specifying where the backup is stored. The plugin can also be used to save your complete installation including /wp-content/ and push them to an external backup service such as Dropbox, S3, FTP and more.

dashboard

new job

 

10 – VaultPress

VaultPress provides daily and real-time syncing of all your WordPress content. The tool performs security scans daily and allows users to review and fix threats. Options are available to view all of your past backups and restore your site back to any of its previously saved versions. Users are also able to set up multiple sites with VaultPress and manage them all from one tool.

Unfortunately, this is the only plugin listed here that doesn’t have a free option, but it was created by the same people who created and manage WordPress, so it’s a high-quality tool.

vaultpress security

restore

 

What website security tools are you using? Feel free to share in the comments!

Are You Branding Yourself or Just Your Company?

thrilledThis is not a how-to post, this is a think about it post :)

I wrote about this in January, but I want to revisit the topic. The search industry has a lot of really talented people. Often they are scooped up by different companies and they spend the next few years really working on increasing the visibility of the company they work for. This isn’t a bad thing and it is great to love the company you work with. However, you have to take the time and make the effort to brand yourself.

Jobs don’t last forever, no matter how much we want them to. If you are seen in articles, events and conferences as only a part of a specific company then that is how you will be remembered. I am not saying that you shouldn’t represent your company, because you really should. If you work with a company and your job is to promote them then you must do it and do it well. I just don’t want you to forget that you and your name are essentially a brand.

 Make sure you are marketing who you are and the skills you have as well.

 Ideas

If you are a writer, spread your knowledge around. If you know about PPC then write for a PPC blog and perhaps an overall search blog. But, if you also know how to speak and create awesome PowerPoints as well then write about that somewhere else. Spread your wealth of knowledge around with your name. Don’t limit yourself to a small group of industry blogs. The bigger the visibility the better.

This same strategy goes for videos, social media networks, forums, G+ communities, conferences and events.  Let your diversity show and spread out beyond your niche/industry.

Be ready to answer questions on social networks and other sites. Often people get more out of conversations after articles than they do the articles themselves. Be helpful, educate others and be seen. Find ways to be seen.

This Year’s Business Cards

This year I took everything off my business card but my name and my Twitter handle. I want people to know that it is ‘me’ the person, not the business, that has the skills. The idea behind it, get to know me and my skills instead of the company I work for (which, by the way is my own).

I know that not everyone can do this because their boss may not be too happy about it, but you can have two business cards for events; I know many people that do.

You Have So Much to Offer

If you start thinking about your skills, list them all out, and then begin to think about what great advice you have to offer you can find a lot of ways to get more exposure for yourself. There is nothing wrong with beginner’s information because so many people need it!

Don’t underestimate yourself. People can learn from your skill set, so take the time to get the information out there. If you do you may be ensuring that you will always have job options in the future.

Excel 102 (Excel for Noobs in GIFs!)

This is the next step in the Excel for Noobs series. If you missed the first one, check out how to make format your data, organize it in a table and create a simple bar graph. This tutorial will go over conditional formatting!

beforeafter

Let’s start with this first step, making it pretty. Just as I said in the last post, making your data pretty is essential for readability and clear communication to everyone who isn’t an excel nerd.

In my last post I went over a few simple ways to make your data prettier. Here is the list of items, but feel feee to referenced my last post if you don’t have these committed to memory yet. Hide gridlines, delete or hide unnecessary data, give the document a title and add a 10px cell padding in A1.

Everyone Loves Colors

wind

Conditional formatting is a quick and easy way to visualize the data you want to show using color coding. There are many different ways to use conditional formatting. So many, that it could merit its own blog post. But today, we’ll focus on simple cell coloring. We’re going to take the ranking data from your AuthorityLabs export and color code it with green and red gradients to show improvements or losses in a month of rankings.

To do this you will need to set up your export as I’ve set mine up. You can download what I’ve done so far in my document.

basicformatting

formatting: hidden gridelines, basic table, A1 cell padding

So, let’s start painting.

You’ll want to start with F4, this cell is what we will be comparing the rankings to. The whole idea is that we want to see if the ranking for that keyword has gone up, down, or stayed the same in the past month.

Start by selecting F5.

Under the Home tab select the Conditional Formatting> Highlighted Cell Rules > Greater Than…

 Next…

Select the cell E5 and get rid of the dollar signs so that it is a relative selection. This way we can drag down the formatting to the other cells.

Then change the formatting.

Select Format and under the Font tab select red.

Next, you will add two more Conditional Formatting rules for this row of data.

One will be Less Than which is the color green, and Equal To… which is the automatic black text formatting. The final product will look like this.

Here’s the easy part!

With the cell F4 selected, click the Formatting Painter which is under the Home tab. Then drag the Format Painter down your column of cells. It should look like this:

The final touch is to add a pretty gradient behind the formatted cells.

This is makes the data really pop. To do this, select that table column (4/1/2014) and open the Conditional Formatting > Manage Rules. In this dialog box you can select a rule by clicking on it.

Then, click on the Format button to get the formatting options.

Under the Fill tab select Fill Effects. From here I selected a darker and lighter shade of red and green to create gradient backgrounds.

step7

Now time for a victory dance!!

You have successfully used Conditional Formatting to show the behavior of keywords over the past month. Stayed tuned for more Excel geeking out in the next post!

mission accomplished

Want more Excel help? Join our first AuthorityLabs 101 Wednesday hangout on April 30th! You will be able to ask me questions about Excel tabling and graphs.

 

Search Industry News, What You Might Have Missed – April 11

newsIt has been a busy couple of weeks and there has been a lot of big news for our industry, and anyone else that uses the Internet. There is news about Facebook, Twitter, Adwords, a new conference and of course Heartbleed!  So let’s jump in and see what has been happening.

Facebook News

So, Facebook is going to insist that iOS and Android users download an app to use the Facebook messenger and they have decided that they are going to take significant steps to clean up their feeds. Check out the latest below:

Twitter News

Twitter has a new look that is kind of like Facebook…yippee (not). There are going to be sticky tweets too and pretty soon there will pop-up notifications when people engage with you. All of these ideas kind of stink in my opinion and seem very ‘Facebook’ like. Twitter was great and simple and I like Twitter how it is, but it isn’t my choice. :) Here is some info about these changes:

Universal Analytics is Here

You won’t lose the traditional functionality, but you will have new and better information as well. Google describes it as:

Universal Analytics is the re-imagining of Google Analytics for today’s multi-screen, multi-device world and all the measurement challenges that come with it.

Some helpful info:

Heartbleed Bug

The Heartbleed bug is being discussed everywhere everyday, but we figured we need to discuss it and fill in our customers.

Heartbleed is a security vulnerability in OpenSSL, a popular software library used to secure data transmitted online. OpenSSL is used by Amazon AWS Elastic Load Balancers, which AuthorityLabs uses for performance enhancement of our users’ accounts. AWS has patched their servers and as a safeguard we have updated all of our SSL certificates on all servers. An audit of our systems shows no evidence of any attack, but just to be safe we are recommending that all users update their AuthorityLabs password.

Some things you need to know:

Google AdWords Data Goes Not Provided

Well, people really lost it when the search industry lost keyword data in analytics. Many times I heard, “We still have AdWords data!”. Guess what, now we are going to lose that data too! Here are some articles you might want to check out.

Another Industry Conference – MarTech

Third Door Media has created another conference called MarTech and it is for people pioneering the field of technology-powered marketing. The first conference will be in Boston, August 19-20th. It looks as though they will be focusing on strategy and management, not just marketing. You can sign up for more information here http://www.martechconf.com/boston/agenda/.

 Barry Schwartz’s News Recap

Barry clarifies some not provided issues with AdWords, Matt Cutts, Google business schema adding customer support and more. So check out this video to really get filled in.

A Google+ Business Resource for Agencies and Consultants

I am a firm believer in educating clients, but I am also aware that there are often skeptical clients that can be difficult when a consultant is trying to explain the reasons behind doing one thing or another. Every once in awhile a resource will come along that I think could be helpful for agencies and consultants because they are simple enough for the non-online marketing folks to understand.  Today I want you to look at this infographic by Milestone Insights on Google+ Best Practices for Businesses.

There are some great suggestions, but more importantly it will show businesses what has to happen to handle this social network correctly. I think it is a good way to show that the business will need the right person in place or will need to hire someone that can handle the job correctly for them. I think it is also an indicator that time and effort will be required for success.

Also, check out How to Build Your Brand with Google+ Hangouts On Air. I think it is a great resource as well.

Click to expand infographic.

HowtoUseGoogleforBusiness

 

 

Unleash The Power Of Gmail On Your Business In 10 Easy Steps

Power

Let’s face it, each time you hear “You need a blog,” “All your competitors are on social media,” or “Google’s latest algorithm…,” your eyes glaze over and you wonder, under your breath, “When will I have the time to worry about any of this stuff?”

We feel your pain. As a small business owner with too much to do, squeezing more tasks onto a to-do list that already looks like Lindsay Lohan’s rap sheet is not going to happen.

But, what if we gave you a simple way to more effectively use a tool you already have at your disposal? What if we told you the tactic would take less than 10 minutes a week, but has been shown to be one of the most effective content marketing ideas and applications? Interested?

We thought so.

Using Email the Way It Was Meant To Be Used

The tool is email. (Stop rolling your eyes!) But the tactic we’re referring to is using it as a relationship-building growth engine for your company.

Everyone uses email, but not everyone uses it to its full potential. Most use it out of necessity: to correspond with co-workers, employees or vendors; to touch base with friends or family members; or to contact a prospect for potential work.

What few of us do, however, is use email to grow the business with our existing client base, by using the medium as a touch point to enhance rapport and build top-of-mind awareness.

Gmail’s “Canned Response” function allows you to create and save common messages that can be shared later to different parties, averting the need for separate emails for the same or similar audiences.

For example, say you always send a personalized note to your main vendors at the first of each month, but you’d rather not have to blind copy everyone. Using canned responses, you can save messages for each group and then send them at your leisure, only needing to change the name and the email address each time.

There are numerous benefits to using Canned Responses

  1. Saves time from having to send separate emails.
  2. More personal than blind copying everyone on an email.
  3. Makes it possible to stay connected with important parties without a huge investment of time.
  4. Is one of the most effective but underutilized methods of marketing for businesses.
  5. You can save messages for any and all audiences.

The Nuts And Bolts Of Canned Responses

All you need to get started is a Gmail account. Follow these simple steps:

1. Log in to your Gmail account and click on the sprocket on the right side of the screen. (This is the Default Inbox view.)

 Gmail Canned Response

 2. You’ll then get a drop down menu. Click the “Settings” button.

Gmail Canned Response

3. You’ll then be taken to the “Setting” page, where you’ll find and click on “Labs” at the top of the page.

  Gmail Canned Response

 4. Click to “Enable” Canned Responses.

 Gmail Canned Response

 5. Save your changes at the bottom of the page, and you’re almost done.

Gmail Canned Response

6. Hit “Compose” and you’re cooking with grease.

 Gmail Canned Response

7. Type up your message, leaving the “To” “Subject line” and “name” blank in the email. Again, the purpose of using a canned response as opposed to a “Blind Copy” email is to create personalized messages for people without having to create each one separately. So once the message is created, all you have to do before sending it is adding name, “To” and a subject.

I created the message below for retailers I worked with, but you can create one for each group of vendors you work with frequently and want to build a rapport with. Such emails take 5 to 10 minutes to craft but are worth their weight in gold.

 Once the message is complete, click on the upside-down triangle at the bottom of the message.

  Gmail Canned Response

 8. Click Canned Response on the bottom right, then you’ll see a new dropdown menu open above it. Click “New Canned Response.”

  Gmail Canned Response

9. You’ll get a prompt to name the message. Click “OK,” and you’ve just created your first Canned Response.

 Gmail Canned Response

10. The next time you compose a message and click on the upside down triangle, you’ll see your message along with options to insert, delete or save it. To create a message using a saved response, simply click “Insert.”

Gmail Canned Response

Using Email Smartly to Grow Worthwhile Connections

Now that I’ve bored you to tears with the setup—which, honestly, takes less that 45 seconds—l want to share how you can use such messages to set your business apart.

Everyone talks about texting, social media and whatever app they use as a business hack. But you know what? Your customers and clients crave a human touch more than anything. They don’t have time to read lengthy emails or to field 20-minute phone calls.

However, they do have time to read three lines of text. Also, they want to do business with people who take the time to form a connection with them, who reach out to them at times other than when there’s a sale to be made. What’s more, you owe it to yourself and your business to make the time to craft such messages, even if it’s only one a month.

Greasing the Skids

When I worked as a B2B magazine editor, 60 percent of my job was “sales”, which included staying in touch with clients, greasing the skids for my sales team. So each day, without fail, I’d send a minimum of two personal notes to vendors, clients and sundry people in the industry. Many of these folks were never going to do business with my company, but that didn’t matter. My goal was to ensure that no matter what company my salespeople called on, the person on the other end of the phone already knew they had an ally looking out for them and their business. It worked.

I once had the executive vice president for a client representing $2 million in business say to me, “I want you to know that the only reason I do business with your company is you. You go out of your way to help the people of this industry, and we want to support you.”

And it’s not just me that’s had success using this technique. I’ve interviewed some of the most successful sales people on the planet. Their secret? They never have to “sell” their existing client base. They spend the bulk of the year relationship building, so when it comes down to do business any impediments have long since dissolved.

Give Canned Responses a try in this way. I’m convinced they can work for you as well.