leslie g stewart

Update to: secure your wordpress installations, really

A while back I posted “secure your WordPress installations. really.” and since that time, I’ve been making additional recommendations to the list of WP security plugins I listed in that post, so it’s time for an update.

In that post, I recommended, the following plugins: Login LockDown, Secure WordPress, WP-Malwatch, and WP Security Scan. Ditch Login LockDown, keep the rest. Why get rid of Login LockDown? It hasn’t been updated since 2009, and it’s only reported by its creator to work up until version 2.8.4 of WordPress.

A better replacement, with a lot more features is Login Lock. It still lets you set the number of incorrect login attempts prior to locking out an IP address, but it gives more options like enforcing strong password policies, forcing a password change every 30 days, disallowing the use of old passwords once they’ve been changed, and more.

I addition to the 3 recommended plugins above, I recommend adding the following:
Bad Behavior: This, along with Akismet, can help keep your comments link spam free.

Block Bad Queries (BBQ): This plugin helps protect WordPress against malicious URL requests. It just quietly does its job.

Ultimate Security Checker: This is a very extensive plugin that will alert you to potential issues, and provide you with the info you need to fix them.

A heads-up, that Ultimate Security Checker doesn’t seem to recognize when you have Block Bad Queries installed, and will recommend that you install it, or rather copy the BBQ code it will provide, and create a file with it. The code it provides is identical to the code in the BBQ plugin file, so I suspect that it can’t read the folder the BBQ plugin is in. It’s a minor inconvenience, but not a serious conflict.

WordPress Firewall 2: This plugin is sort of like a visual version of BBQ, in that it identifies and blocks certain types of attacks. Unlike BBQ, it actually notifies you when an attack has been detected and blocked, and tells what type of attack it was. It also provides the IP address the attack originated from, so you can take additional steps to deal with it.

None of these plugins is a substitute for keeping your WordPress core, plugins, and themes up-to-date.

Secure your WordPress installations. really.

In the past 4 weeks, several Media Temple clients have been reported having their WordPress installations hacked. The cause of the hacks is inconclusive. Media Temple is blaming their customers for not having secured their WordPress installations. Their customers are blaming Media Temple, especially since this sort of widespread hacking was aimed at Media Temple users last year as well. More info about the recent Media Temple hack and fixes can be found here: http://wordpress.org/support/topic/was-my-site-just-hacked-found-random-script-in-all-pagesposts

Continue reading: Secure your WordPress installations. really.

Model releases on the go

This quick tip is for filmmakers, videographers, and photographers who make use of model releases. Even if you have verbal permission to film or photograph someone, it’s a really good idea to have the subject(s) sign a release. Normally, this means keeping printed releases with you. I always keep a bunch in my camera bag, but I don’t always have the bag handy, and sometimes I simply run out.

If you have an iPhone or iPod Touch, you can install the super handy app called mRelease. It will allow you to create, store, and email pdf copies of model, location, property, and crew releases. Your subject can sign the release on your iPhone/iPod Touch (a stylus comes in handy for that). If you’re using an iPhone, you can take a quick photo to embed in their release, which makes identifying people in your footage/photos a snap.

mRelease will set you back $2.99, and it’s nice addition to add to your film/video/photography toolkit to keep things organized.

Image editing without breaking the bank

One of the keys to building websites, is properly preparing images to help pages load as quickly as possible. Generally speaking, programs like Photoshop, Illustrator, and Fireworks are used, but they can be quite spendy, ranging in price from $300 – $1000.

If what you primarily need to do is crop, resize, and compress images for the web, all of those programs can be expensive overkill. You could use programs that come with your computer, like iPhoto on a Mac, or Microsoft Photo Editor on Windows, but there are other, and sometimes much better, options.

Continue reading: Image editing without breaking the bank

Sometimes, we all need time out

I do my best to maintain regular business hours, but as a self-employed owner of 2 businesses, I have a tendency to work far too much. I spend the majority of most of my days sitting in front of 2 monitors, which is not good for my eyes, body, or brain.

I’ve worked from home for several years, but the same was true back in my on-site freelancing days. Back then, some of my co-workers would take frequent breaks to step outside for a cigarette. They’d get to walk away from their desks for 10 minutes and get some not-so-fresh air. We non-smokers were left sitting in our cubicles. In retrospect, I don’t know why we didn’t just get up and take similar breaks.

Continue reading: Sometimes, we all need time out

1 2