Online security

Some thoughts on best online/WordPress security practices

As WordPress site owners and developers, there’s several steps that we could (should) take to enhance the security of our sites and servers. Here’s just a few that I do.

iphone-email

Obfuscating email addresses in WordPress

Sometimes, it would be nice to be able to put your email address on your site, without fear of it being scraped and subjected to spam. This simple shortcode solves that by converting characters to HTML entities so that it isn’t recognised as an email address to crawlers.

user-list

User switching – testing restricted parts of membership sites

The User Switching plugin is really useful for testing out what every part of a website looks like while logged in as any user on your site which is great for testing and troubleshooting.

Padlocks

Creating SSH keys and connecting to your server in the easiest way possible

SSH keys are the quickest and most secure way to connect to your server. This is how to set up your Mac for the quickest possible access to your server, without having to remember IP address, port numbers or key locations.

Cookies

How to set and check for cookies in WordPress

Cookies are a useful way to store information about a user so that you can show/hide content depending on whether a user has completed a form for instance, or to display a message to them under certain circumstances.

Scan Clef Wave

Clef – Log in to WordPress with your smartphone

Clef makes your WordPress installation immeasurably by replacing logging in with usernames and passwords with a 300-character password translated into a barcode that is scanned by your smartphone. This is revolutionary.

The UK Edge offers a range of "Standard WordPress Services"

Introducing “Standard WordPress Services”

The UK Edge offers a variety of “Standard WordPress Services” for common requests, that can be performed with a guaranteed turnaround time, and for a fixed price, so the user knows what they’re getting, when, and for how much.

Manage SSH Keys

How to Set Up SFTP with cPanel

SFTP is leaps and bounds more secure than FTP, and is my recommended way of connecting to your server. This is how to connect by SFTP using cPanel and the SFTP client of your choice (like WinSCP or Transmit)

Restrict Content Pro Settings Page

Creating a Premium Membership Site with Restrict Content Pro

WordPress has all the tools you need to build a secure premium content site – Restrict Content Pro is my plugin of choice for providing the membership element: it’s simple, powerful, clean and well-coded.

Spam

Block Bad Requests to your Server with Bad Behavior

Bad Behavior is an excellent addition to your spam fighting toolbox for WordPress, by analyzing both the content and context of each server request and filtering out the bad requests and known bad IP addresses.