WordPress Security: Change Admin Username

September 7th, 2014

Whenever you’re setting up your WordPress website, the default username is always admin. In the excitement of getting started we ignore making any changes to the username and complete the installation. Unfortunately, this makes it easier for a Hacker to run a brute force attack as he now only needs to work on finding the password to get to your website’s admin dashboard. If you’ve committed this innocent mistake then it’s time to rectify it for the safety of your own WordPress website.

How to change WordPress ADMIN username

  • First you need to login to your website’s admin dashboard.
  • Hover over Users [left hand menu] and click on Add New.
  • You will need to fill in all the fields that include username, email, first name; last name, password etc [Choose a good username and a strong password]. Before clicking on Add New User don’t forget to change the role to Administrator.
  • You will now find the new user created in the Users section. You’ll then need to logout from the admin dashboard.
  • Now login again into your Admin dashboard with the new username and password.
  • Click on Users on the left the hand Menu and then click on Delete just below the old admin user. *We recommend taking a backup of your WordPress Website before you delete the old admin user*
  • You will now be taken to a screen where you will need to attribute all posts of the old user to the new one that you just created. Ensure you check the radio button Attribute all posts to and then select the new username from the dropdown Then click on Confirm deletion button. [If you don’t do this correctly, all posts that were attributed to the old username will be lost.]
  • You will now see that the old user has been deleted.

That’s how simple it is to fortify your WordPress security from a Brute force attack. Hackers will now have a tough time trying to guess the username and the password of your website.

Must have plugins for a new WordPress Website

August 23rd, 2014

You’ve probably heard this a zillion times “WordPress is the most popular and used Content Management System”.  There are many factors that play a vital role in the success of WordPress and one of them has got to be the thousands of plugins that are freely available. Although having so many plugins is a good thing, deciding which ones to use for your first ever WordPress website is going to be a bit intimidating. But we’ve got you covered with this list of must have plugins for your website.

1] BackUpWordPress [Backup] – When you’re site breaks due to a bad code or a hacker attack, the one thing that will save you from starting all over again is a backup of your website. BackUpWordPress plugin is a simple plugin which can help you take backups of your website. You can schedule and also exclude files and folders from your backups. You also get an option to send your backup file to your email which is a welcome feature. If you’re not sure how to take a manual backup of your WordPress website then this plugin is what you’ll need.

2] WordPress SEO by Yoast [SEO] – Optimizing your WordPress website for search engines is not an easy task. There are loads of things involved when it comes to SEO and getting them all right is going can be a daunting task. Fortunately, you can use WordPress SEO by Yoast for all your SEO needs. This plugin combines all required settings under one roof making it easier to manage your SEO efforts. We loved the simplicity of this tool and the way each and every setting is explained with warning notifications.

3] BulletProof Security [Security] – Security has always been a major concern with WordPress websites. If you don’t take adequate measures to fortify the security, your WordPress website is going to take a beating for it. You can safeguard your website with the BulletProof Security plugin which just needs one click to setup. This plugin modifies the .htaccess file of your website, which probably is one of the best ways to secure a WordPress website. The plugin can also take backups of your website and display a under maintenance page when you’re working on a major upate on your website. You’re website is also safeguarded from Bruteforce attacks thanks to the Login Security & Monitoring Website Security features included within the plugin.

4] Akismet [Comment Spam] – No sooner you launch your WordPress website, you’ll notice that your website’s hit with loads of spam comments. If you want to avoid comment spam, simply install Akismet plugin and you’re good to go.

5] Share This [Social] – Most of the new WordPress themes come along with social media buttons for sharing. In case if your theme doesn’t include it, you can use the plugin Share This to add this functionality to your website. Social sharing buttons gives your website visitors an easy medium to share your content. This gets you more visibility and hence installing this plugin is definitely a good idea.

These five plugins will give you a head start with your new WordPress website. You can explore more plugins as and when you need it. Just a tip, always update all plugins and delete unwanted ones to avoid any potential issues.

Do you know of any other awesome WordPress plugins that we’ve missed? Share it with us by leaving a comment below.

Security tips for your Joomla website

August 20th, 2014

Website security has become the talk of the internet. With security loopholes discovered almost every other day, we know you’re concerned about your website. We recently shared a few easy ways to secure a  Drupal website and this time we want to talk about a few tips to secure your Joomla website.

Tips to secure your Joomla website

1] Updates: Your Joomla website and the supporting extensions should always be updated. Updates add more features or a security patch which is essential for your website in order to block any possible loop holes. These updates are generally very easy to install and won’t take much of your time. Think about this, it’s easy to update your website and it’s components than to figure what caused your website to crash and rebuild it again. Remember to take a backup before you apply the updates.

2] Delete unwanted extensions: Keep only those extensions that are required for your website, the rest need to be deleted. Many beginners tend to try a lot of extensions to see how it will help them with their website. Only a few extensions end up actually giving value to the website, the rest are just lying there with absolutely no additional benefit to the website. They simply take up your hosting space and can also become a potential threat to your website if they are not regularly maintained (updated).

3] Use strong login details: We are all aware that we need to set up strong passwords to secure the login page but we also need to setup an equally strong user name. The default usernames are generally ‘admin’ or ’administrator’ which are vulnerable to brute force attacks. Think of usernames as passwords and make it strong and not easy to guess. This way you’re adding another barrier for an attack on your website’s login gateway.

4] Setup right permissions: A very important tip to secure a Joomla website is setting up correct permissions for your website’s files and folders. We recommend setting the permissions of the folders to 755 and the files to 644. If you’re not aware on how to make changes to the permissions then you can check out this blog post.  Never use 777 for either your files or folders as this gives read, write and execute rights to everyone.

5] Security extensions: If you need an easy solution to take care of your website’s security then you can utilize one of the many security extensions available. You can try jSecure security extension, which covers a lot of security features that you will need to secure your Joomla website.

These tips should be good enough to give you a head start in securing your website. We would love to know of any security tips that have worked like a charm for you. Don’t forget to share them by leaving a comment below.

Three easy ways to secure your Drupal website

August 9th, 2014

Website hacking is on the rise and thousands of websites are becoming victims each day. You may be running your website on WordPress, Drupal or any other Content Management System but the risk of being hacked is almost the same for all. We are here today to share with you 4 very easy ways that will help you secure your Drupal website.

Three ways to secure your Drupal Website

1] Did you know that you could actually limit the number of login attempts to your account? Brute force attacks are common these days and the only way in, is through the login page. You can use a module called Login Security to temporarily or permanently ban IP addresses that are attempting a brute force attack on your website.

2] You need to enable auto logout for all the users of your Drupal website. Incase if your laptop gets stolen and you are still logged in then they can mess up your entire site. You can check out the module Automated Logout which will log out users after a specific amount of time.

3] Finally you need to update the Drupal core and all modules that are supporting your Drupal website. This will ensure that the any vulnerability with the older versions is taken care of. We recommend that you always take a backup before performing any update.

We do agree that there are more complex ways to strengthen the security of your Drupal website, but think of this as the basics which have to be done. You can start by setting up strong alpha numeric passwords for all your website users. Sometimes the biggest of the issues arise due to the smallest of the problems hence all precaution measures need to be taken.

Do leave a comment below if you have any crucial ways to secure a Drupal website.

How to improve your Website’s Search Engine Ranking

August 3rd, 2014

We live in a time when almost every argument will end in “Google it.” Search engines have evolved so much and have become a part of our life. Need to research for an assignment, find cheap airline tickets or even find new places to hangout, search engines have always come to the rescue.

Search engines over the years have become smarter and more efficient in providing you with great websites for information. With improving algorithms and technology, the search engine industry has taken a very positive change. This has ensured that we have access to quality content at the quickest possible time. But not everyone has been too happy with these frequent algorithm updates. Many site owners have been impacted and have seen their search engine ranking go down considerably.

The only way to survive has been to abide by the ever changing rules. Honestly, it’s difficult to go back and make changes to all your previous work but unfortunately that’s the only way about it. Now you can’t really blame the search engines for this. They want to provide the best experience to their users and by coming up with these algorithm updates they are ensuring that they become more efficient at how they deliver good search results.

We understand the plight of all site owners that are affected but it’s time that we make search engines our friend. Let’s not fight the changes but embrace it and use it to benchmark your work and understand if you need to push a little more, to make it to the first page of every search engine.  We want to help you achieve this by providing our two cents on how to get your website ranking up. So let’s begin.

1] Only Quality Content

Avoid writing for the sake of creating more content. Always focus on writing AWESOME quality content which your users will actually want to read. There are big websites out there like Social Sprout and Mashable that churn out tons of research backed content and in return they are always rewarded with good traffic. The content is also so good that people will want to share it thus creating a very positive ripple effect. Search engines are taking quality content very seriously and they are always looking for value addition that your content can bring to its end users. Does your content bring value add to your visitors? If not, then it’s time to re-evaluate your content strategy.

2] Inbound Links:

This one aspect is very critical in improving search engine ranking. Google assigns a domain authority score to every indexed website. This score can be improved by the number of websites that link back to yours. Basically, link backs will notify search engines that your website is a resource to them. So more the number of link backs better your domain authority score will get and better domain authority score will only mean better search engine rankings for your website. But we also need to understand that quality is always better than quantity. A website with a high domain authority linking back to your website will always be better than 100 websites with a low or moderate domain authority score. So a link back from a Mashable or a Social Sprout is definitely going to drive your search engine ranking upwards.

3] Be Social: Social networking sites like Facebook, Twitter, Linkedin etc have given everyone another medium to reach thousands and sometimes even millions. It is become a crucial tool for businesses to create awareness of their products. Your content will get shared if the shareable quotient is really high. Again the point no. 1 of writing quality content comes to play here. If your content has got value for your readers then the chances of it getting shared multiples 10x, this means more people are going to see your work. If your work is exceptional, then get ready to see it go viral. This only means that you are going to see a lot more traffic moving to your website. Search engines also do evaluate the social quotient of a website to rate it higher in rankings. So going social with your work is definitely a good idea.

These points will help you get started in your venture to improve your website. Honestly we have only scratched the surface here and there’s a lot more that you will learn and need to apply to ensure that your website keeps moving higher. Think of it as your first trek, where you have the equipment but you never know what difficulties you may face. But getting out of it will mean that you have learnt something new and this will make you better for your next trek :-)

So what do you think about these points. Do drop a comment below if you have any tips and tricks to share.