SiteCare

Making the web inclusive matters! We're proud to be sponsoring this year's WordPress Accessibility Day! Accessibility = better user experience, improved SEO, and happy users! Register for the FREE virtual event, which takes place on October 9 and 10: https://hubs.li/Q02RLRrN0 #WordPress #Accessibility #WordPressAccessibility #WPAD2024

October is Cyber Security Month and we are here for it! We'll kick this month off by sharing our top tips for ensuring your site is locked tight against hackers. 🔒Keep Core, Themes and Plugins Updated: Regularly update your WordPress core, themes, and plugins to the latest versions. Often, these updates include security patches! 🔒Enforce Strong Passwords and Two-Factor Authentication: Ensure all site users use a strong, unique password. As an extra measure, enable two-factor authentication to further secure things! 🔒Web Application Firewall (WAF): A WAF can help protect your WordPress site from common attacks, such as SQL injections and cross-site scripting (XSS). Not all WAFs are the same! Look for ones that balance security with performance. We at SiteCare love Patchstack! 🔒Security Plugins: Install a reputable security plugin for malware scanning, brute force protection, and additional hardening. 🔒Limit Login Attempts: Restrict the number of failed login attempts to prevent brute force attacks. 🔒Limit Users and Roles: Each additional user account, especially admin accounts, increases the potential entry points for hackers. By limiting users and ensuring they don't have more permissions than necessary, you reduce the number of potential vulnerabilities. 🔒Hide Your Login: It's easy to tell if a website is built with WordPress, and all WordPress sites have the same login URL by default. Setting a unique URL for your login page makes it harder for hackers to find! We take the security of our client's websites seriously and try to implement each of the above security tips on as many sites as possible. Want to make sure your WordPress site is secured? Leave a comment below to learn more about our SiteCare plans! #CyberSecurity #WordPress #WordPressSecurity

Hey Everyone! If you'll be at #wcus we'd love to chat with you about our WordPress Developer position. You can find all of the pertinent details and apply here: https://lnkd.in/gR7hvfN2 If you have questions and will be at the camp, introduce yourself to Ryan Sullivan or Matthew Zak. We'd love to connect!

Videos can be a great marketing tool for your WordPress site, but if done incorrectly, they can be a bandwidth hog and possibly a costly problem. Bandwidth is the amount of data that can be transferred from a server to a user. Most hosting plans have bandwidth limits and exceeding those limits can lead to throttling or strongly recommended upgrades. One major bandwidth hog can be videos. Videos are typically much larger than other resources you may have on your site like images. If you have a bunch of users landing on a page and being served the same 20MB video, that'll eat up your bandwidth very quickly. So, what's the best way to add videos to your site? That depends on the file size, the number of videos, and, ultimately, your preference. Externally Hosted Videos—Ultimately, we recommend hosting all videos on a service like Vimeo or YouTube. Uploading and embedding videos on your site is typically straightforward. When choosing Vimeo or YouTube, you'll have to consider a few things like cost, privacy settings, and player controls. We recommend reading up on the differences between the two services and choosing the one that's right for you: https://hubs.li/Q02LPq560 Self-Hosted Videos—You can still upload your video to the Media library and embed it that way, but we recommend being selective and intentional about this. Make sure your videos are compressed as small as possible and that you don't have a page with several videos or other large resources present. It would also be a good idea to check previous stats with your host. Have you gotten close to your bandwidth usage or are you well below the limit? If you decide to host your videos on your site, make sure you monitor your bandwidth and be prepared to upgrade your plan switch out the videos for YouTube or Vimeo if it becomes too much of a resource hog.

Let's talk about protecting your site from content scraping. First, what is content scraping? It's the process of data being copied from a site. It can be a person or a bot collecting that data, and it isn't always a bad thing. Crawl bots or spiders for search engines are technically content scrapers but are the kind users typically want on their sites so that their pages get indexed. But what about the other scrapers, those who are stealing data and content for their own selfish needs? You've put your blood, sweat, and tears into writing great, searchable content for your site. Of course, you wouldn't want someone stealing it! We've put together these 5 tips to help you protect your content from scrapers. 1. Block the Scraper—Review the access logs. If any IPs are sending too many requests, it's possible that it's a content scraper. The solution is easy, add "Deny from *IP Address*" to your htaccess file or firewall and continue monitoring your access logs 2. Limit Requests—This is typically called rate limiting. You can set a number of client-to-server requests for all or a specific IP. If or when this limit is exceeded, the request will be denied. 3. Disable or Adjust Your RSS Feed—By default, RSS feeds on WordPress sites are enabled and set up to use the full text of your posts. In the Reading settings, you can switch the RSS feed off or from "Full text" to "Excerpt" to protect against scrapers. 4. Use a Security Plugin—A visit from a scraper vs a human typically looks different. Some security plugins can recognize these visits and block the IP address of the suspected scraper for you. 5. Don't Do Anything—If your worry is scrapers causing performance issues, then you likely don't have to worry. Most good hosting packages include enough bandwidth and resources so that scrapers shouldn't slow things down. If you're on a budget host, this may not be the case. For those concerned about their rankings, search engines have become very sophisticated and can often figure out what content is the original and what was scraped. Make sure you're using an XML sitemap and your rankings shouldn't be affected. If you think you're having a scraping problem and need help taking action, leave a comment below! #wordpresssecurity #contentscraping #wordpress

We'll bet you can delete at least one plugin from your website after reading today's post. When it comes to plugins, less is often more. With more plugins comes more code and unnecessary bloat, so we welcome WordPress core releases that make certain plugins obsolete. It can be hard to keep up with all these changes, so we've curated this list of notable WordPress features that once required a plugin or custom code to accomplish. 👍 Auto-update plugins and themes—As of WordPress version 5.5, auto-updates are available for all WordPress sites, making plugins whose sole purpose is to update your site obsolete. ⏪ Rollback theme and plugin auto-updates—WordPress 6.6 introduced the ability to roll back plugins and themes that were automatically updated and caused a fatal error on the site. 🖼️ Lazy load images—when optimizing a WordPress site, one of the first things people do is lazy load images. This ensures the browser doesn't try to load images out of view and bog down load time. As of WordpRess 5.5, lazy loading images is standard for all WordPress sites. However, it's not perfect. Always run tests on your site using GTmetrix or Pagespeed Insights to ensure the native lazy loading WordPress offers is working for your site. 📄 Post listings—Gutenberg has provided many great features, but one of the best is creating your own query loop to display posts on archive pages or related articles on posts. The Query Loop block makes it so plugins to display related posts are no longer needed. With a little customization, you can create a query block that displays exactly how you want it. Just add the query loop block to any page, post, or template! 🗺️ XML sitemaps—WordPress 5.5 was packed with new features! Another one being XML Sitemaps. Search engines use these to learn about the contents and structure of your site. Before 5.5, you used a plugin like Yoast SEO to create a sitemap. 📱 Responsive images—WordPress 4.4 released automatic responsive images. Now, any time someone visits your site, they're automatically served an image at the size that's optimized for their browser. We love how the WordPress team incorporates these features into Core releases. Leave a comment below if you've been able to get rid of a plugin or two thanks to and WordPress update! #wordpresscore #wordpressupdate #wordpress #wordpressfeatures

There's nothing more frustrating than trying to edit a page or post a new blog, and the WordPress dashboard seems to be moving at a tortoise's pace. Issues like this can cause major bottlenecks in your workflow. There are so many causes of a 🐢 slow dashboard, but we'll talk about the more common ones: - Outdated technology is one of the first things that comes to mind when we experience a slow dashboard. Whether it's your PHP or WordPress version, having an outdated site can lead to some serious loading issues. Make sure your site is running the most up-to-date version of WordPress and PHP. If it's many versions out-of-date, thoroughly test these upgrades on a staging site before proceeding with the upgrade on your live site. - Resource-hogging plugins can also cause a slow dashboard. Use the free Query Monitor plugin to pinpoint resource-heavy plugins that could potentially be slowing down your dashboard. Once you've figured out what plugins are hogging the resources, you can decide whether to remove, replace or keep them. - Bloated databases also come to mind when experiencing performance issues on the dashboard, especially if your site is an eCommerce, membership, or course website. Large, cluttered databases can take a long time to parse through, which is why regular maintenance and trimming might be necessary to keep your site running in tip top condition on the dashboard and the front-end. - Your WordPress Memory Limit may need to be increased. You can see what your memory limit is currently set to by checking the Site Health under the Tools menu, reviewing your hosting dashboard, or checking the wp-config file. Your memory should, at a minimum, be 128MB, and some hosting providers recommend as much as 256MB. If your site requires more than 512MB, there is likely another underlying issue. - Finally, your server may be lacking the necessary resources. If that's the case, an upgrade or a new hosting provider altogether may be required. If you're using a budget host for your WordPress website, or your traffic or users have grown, but you haven't changed your hosting plan, it's likely there aren't enough resources for your site to run optimally. Look into Managed WordPress hosting providers and shop around for one that fits your budget and performance needs. If you're already hosted with a reputable hosting service, you may need to upgrade your plan to allocate more resources to your site. If you're site seems to be dragging on and you want WordPress experts to take a look, then leave us a comment below to learn more about our plans. We include enterprise level hosting in our plans and can troubleshoot your site to pinpoint the performance issues. #wordpress #slowdashboard #websitespeedup #wordpresstips

Plugins are wonderful tools that help extend and improve WordPress sites but with over 60,000 free plugins available on WordPress (that's not including premium plugins!), it can be hard to figure out which plugin is right for your site. Not all plugins are equal. Some aren't updated frequently, others are riddled with bloat. So, how do you figure out which plugin is the one? Read our blog where we've simplified the process into 5 easy steps to choose a plugin so that you can make sure the plugin you're choosing will help and not hinder your site. https://hubs.li/Q02L9VJR0 #wordpressplugins #wordpress

You've implemented password security measures on your site, such as two-factor authentication, limited login attempts, and strong password requirements, but with all these measures, you accidentally got locked out of your site. What do you do? You can let out a sigh of relief 😮💨 because this issue can usually be easily fixed. Resolve a lockout with any of the options below (easiest to hardest!). ➡️ Try logging in via your hosting provider's dashboard. Many hosts now provide a one-click login experience from the hosting dashboard. If your host offers this, you may be able to regain access to your site by logging into your web hosting account. However, depending on some of the security measures you've put in place, this may not work for you. ➡️ Reset your password and wait out the lockout. Many plugins that limit login attempts have a waiting period before you can try again. If you're not in a rush, request a password reset and wait out the lockout to try logging in again. If the password reset link doesn't send an email, your site may not be configured to send emails properly, and you'll have to try another option. If this is the case, learn about our 100% Email Delivery guarantee included in all our plans to fix email issues on your site! Never miss a password reset email or contact lead again! ➡️ If you're in a rush and can't wait out the lockout or your password reset emails aren't being delivered, ask another admin on the site to reset your password or create a new account for you. These next steps are more advanced and may require additional tools to accomplish. We don't recommend attempting these fixes unless you know what you're doing. And as always, create a backup first! ➡️ Temporarily disable any password security plugins you have installed. To do this, you'll need to access the site's files by logging in via SFTP or a file mananger. Simply renaming the plugin's folder or moving it to a new folder named _deactivated will disable it for you to regain access. ➡️ Update your user or create a new one via phpMyAdmin. To do this, log into your hosting provider and find your phpMyAdmin access. From there, navigate to the wp_users table for your site and find your username or create a new admin account. ➡️ The last option is to use the Terminal (on Mac) or the Command Line (on PC) to use ssh, which is a method for securely sending commands, and wp cli to reset your password. You can view the commands available for a password reset here: https://hubs.li/Q02KB0fb0 Again, the last three options are typically reserved for advanced users! So, if you've been locked out of your site and are unsure how to regain access, contact us to learn more about our plans. From our account managers to our developers, we've ensured our team is packed with advanced WordPress users and can help you regain access to your site. #passwordsecurity #wordpress #wordpresssecurity

Yesterday we showed you how to clean up a hacked site, and today we’ll show you how to protect it once the hack has been resolved. Once your site is squeaky clean, it's time to protect it from another hack with the five steps below. 1. Change all passwords—Every user on the site should be forced to change their password. In addition to changing their password, they should also set up a strong password and two-factor authentication when possible. This goes for WordPress passwords, SFTP, and any other password associated with accessing your site's files or database. 2. Remove all unnecessary users—If they don't do work on the site, they don't need a login set up. 3. Set up a firewall—If you didn't have a firewall already, this is the time to set one up! Cloudflare, Patchstack, BlogVault, and other services offer great firewalls to protect your site from a hack. 4. Disable editors—WordPress comes standard with the ability to edit your plugin and theme files from the dashboard. Disable this functionality to prevent hackers from easily injecting code into your files if they gain access to your dashboard. 5. Keep your site up-to-date—Make sure all plugins, themes, and WordPress core remain up-to-date. Monitor vulnerability databases like Patchstack to see if one of the tools you're using on your site has been flagged for containing a vulnerability. A hack can happen to any site, but with the right preventative measures in place, you can protect your site. If your site has been hacked or if you want to make sure it's as protected as possible against hacks, then comment below to learn more about the proactive threat protection and hack clean-ups included in all of our SiteCare plans. #cybersecurityawareness #wordpress #websitesecurity