WordPress has been hacked, how come my WordPress website has been hacked?

/0 Comments/in ,

You have a website that suddenly displays advertisements or forwards visitors to another website. Or worse, your website sends spam  (E-mails with unwanted advertising).

You haven’t changed anything on your website and yet your website was “suddenly” hacked.

Then the question arises: how come my WordPress website has suddenly been hacked?

  1. Would it be the programmer’s fault?
  2. Have I done something wrong in the website?
  3. Has someone deliberately hacked your website? The competition perhaps?

You have a lot of questions, but the answer is very simple on 99.9% of the websites:

A virus, script has modified your website. Completely automated and will affect thousands of other websites.

Is that so easy? Is there nothing to do about that? Who is behind those hacks?
Read on if you want those questions answered! (Brace yourself because it gets technical.)

The cause of most hacks: via outdated plugins and themes

Plugins and themes are responsible for 45% of hacked websites.
Hackers download the plugins and themes and test them for security vulnerabilities.
At wpvulndb.com you can see which plugins and themes are leaking.

A leak, what does that mean… it’s not a swimming pool!
A leak is a collective name for the possibility to give commands (hacking) to the server.
This can be done via input fields that are not closed, via files with wrong permissions, via incorrectly saved data and more.

Okay, now that you know that plugins and themes are 45% of the causes of a hacked WordPress website, you think: simply use few plugins and it’s solved!

But unfortunately, there are more security risks with a WordPress website. And that starts with the programmer who creates your website.

The security risks of your website in percentages:

de piramide van WordPress beveiling

As you can see, there are several factors that can make your WordPress website hackable.
The programmer, the web host, you as a user, the CMS itself and, as mentioned earlier, the themes and plugins.

Who goes to all that trouble to find and exploit security risks?

Hackers, cybercriminals, thieves.

And very occasionally ordinary citizens who live in countries where not enough money can be earned with the regular job. IT professionals who have been laid off but still have to support their families.
This can sometimes even involve intelligent ICT people with 20-30 years of experience. Or even entire IT departments…

Many hacks and attacks come from poor countries, since you only need internet and an old computer to write a virus/hack.

How does a hacker earn money from my website?

If you have a website that is about your family or about your hobby, you can’t imagine that a hacker can make money from your website.

Yet you can!

Link building
By placing links in your website, a hacker can increase his website considerably in Google.

Selling products through a wide range
The hacker uses your good name/website and that of thousands of others to sell his product.
Imagine you have a website with beauty products, and it contains a link to a product that prevents aging or other problems.
There are still a surprising number of people who buy such a product.

The product often costs 100-200 euros, has to be paid via the internet and ends up in an anonymous account. The product is not delivered.. and that gives the hacker a lot of money without incurring major costs.

And so there are many ways to make money when a website is in the power of a hacker.

WordPress seems very insecure, should I switch to another CMS?

It’s not WordPress that’s insecure, it’s the plugins, themes, and the aforementioned external factors that give hackers the ability to hack into your website.

WordPress is well maintained and secured, you just need to know how to handle it.

I’m just starting a new website, should I choose another CMS?

Every CMS has to deal with hacks.

The programmers of WordPress (Automattic) work daily to keep the CMS as secure as possible. New updates are regularly released to keep the system safe.

40-60% of all websites in the world run on WordPress, and for good reason.

WhyWordPress is a good basis for company websites, webshops and blogs

  1. WordPress is open source and can be downloaded for free at WordPress.org.
  2. You can expand your website with more than 55,000 plugins.
  3. For questions you can contact many WordPress programmers, designers and forums.
  4. WordPress is continuously being developed.
    (Think of the REST API, Gutenberg editor, Privacy options, SSL support)

What can I do to secure WordPress?

Install and configure a security plugin:
First of all, it is important that you a good security plugin a> installs. A security plugin works like Antivirus & Firewall for your website.

It is important to set up the security properly.
The security plugin needs to be tuned to best protect your website against hackers and hack scripts, but your WordPress website and plugins must have permissions to function.

Using plugins:
Limit the number of plugins, as each plugin contains a series of code that can be used by hackers to get into your website.

The hosting:
How do you know if a hosting party is good?
Make sure they have 1 of the most recent php versions.
Do not go for a budget package of 1 euro per month, but pay a little more to a hoster who also provides support by e-mail or preferably even by telephone.
Choose a hosting party that has been around for a number of years and that has many customers.
This way you have a reasonable chance of finding a good hoster, where your website is on a secure server under the supervision of specialists.
Note: They are responsible for the functioning and keeping the server online, they are not responsible for what you or a hacker does with your website. They can therefore not fully protect your website against hackers, that is simply not their job.

What does it cost if I have my WordPress secured?

We offer a monthly maintenance subscription where we secure WordPress and keep it up-to-date. We also check the website for break-in attempts and we actively prevent hackers.

You can easily request that subscription, click here for the current rate.

Yes, but my WordPress has already been hacked!

We can remove the hacks and ensure that the hackers no longer have a grip on your website.
We will not calculate the costs for this in 1x, but through an affordable subscription.

After removing the hacks, backdoors and blocking the hackers, we keep your website up-to-date and keep an eye on it.
This way you can be sure that you are rid of those miserable hacks and hackers, and that they will not come back!

Have your WordPress website now hack-free and secured by us.

10+ years of WordPress experience

We have been working with WordPress since 2007. We have developed hundreds of websites, all with WordPress. We have been doing the management and maintenance for our customers for years.
With us you can assume that your WordPress website, large and small, is in good hands.

But… everyone calls themselves a WordPress specialist, even people who can only read the manual of a theme or plugin…

And that is why we recommend that you contact us before you let someone work on your website.
Ask some questions, test the knowledge of the programmers, server administrators, designers.

And feel free to contact us, so that you can be sure that professionals are working on your website.

Click here for our contact options.

Interview From Ryan Dewhurst (WPScan) & Mark from WordFence on securing your WordPress website

/0 Comments/in

Ryan Dewhurst is the creator and founder of WPScan, in this interesting interview with WordFence he explains what WPScan can do and what that means for WordPress security.

What is WPScan?

WPScan is a program that runs in Linux (Currently installed by default in Kali Linux) that allows you to test the security of your WordPress website.

WPScan allows you to perform the following security tests that reveal both information and vulnerabilities:

  • User accounts
    WPScan will attempt to extract usernames/accounts.
    A username is 50% of the required login details to get into the WordPress administration panel.
  • Brute force testing on passwords
    With a large glossary, WPScan fires all passwords on the website. When the correct password is guessed you will see this result.
  • Checking the active plugins
    Both the plugins and the version of the plugin + the known vulnerabilities for that version are displayed.
  • WordPress leaks
    The current version of WordPress is searched for in 6 ways.
    If there are leaks in the relevant version, they will be displayed immediately.
  • And more..

With WPScan you find out where your website is leaking and what steps you need to take to make your website more secure.

WPScan is called a pen test. This is an abbreviation of “penetration test”. In short: how far does a hacker or hackbot get into your website.

The beginning of WPScan

WPScan was founded in 2011 as a tool to test WordPress websites for their security.

In 2014, the website wpvulndb.com was added, a public website where everyone can easily see which plugins, themes or WordPress core contains leaks (exploits) .

WordFence and WPScan

WordFence, who developed a renowned security plugin for WordPress, has long been using WPScan to improve WordFence. They look at the so-called exploits (weaknesses that can be exploited) that WPScan indicates.
They also use the information from wpvulndb.com to see which plugins are leaking.

Tips from a security expert

You can protect yourself against hackbots and hackers who use various methods to hack your website.
Ryan Dewhurst lists the 3 most important in the interview:

  1. Limit the number of administrators who can manage your website
  2. Use good passwords
  3. Install a security plugin such as WordFence

Addition: using a security plugin ensures that hackers get little information from your website. Hackbots’ requests are blocked based on patterns, the specific queries, and based on the number of requests.

We ourselves use iThemes Security PRO, but we recommend everyone who is not yet a customer of ours: put at least 1 security plugin in your website and properly configure that security plugin. Without a security plugin, your WordPress website is an open door that can be rattled until a hacker can get into the admin with and malware can places with all the consequences.

The interview

If you master the English language you can watch the full interview.

https://youtu.be/uiN1j3BvqIc

Is the video no longer available? Let us know info[a]wpbeveiligen.nl and we will look for an alternative on youtube.

Are premium / pro plugins more secure than the free version?

/0 Comments/in

It shouldn’t matter if you use a premium or free version of a plugin. The free version should also be safe! That is the responsibility of the plugin builder.

That’s how we think about it.

But…

Unfortunately, we have come across several examples that show that a premium / pro plugin is updated sooner in the event of a leak than the free version.

Various plugins have vulnerabilities not fixed for months in the free version!!

Some examples where the premium / pro version is more secure than the free version:

WordFence Security

WordFence is a plugin that protects your WordPress website. And yes, the free version is pretty safe and up-to-date as well.
But..

they update the free version once a month

As they say themselves “every thirty days“.

The premium / pro version you get paid for live updates. So immediately when it is needed. Both the files and the firewall that prevent hacks are kept up-to-date live.

iThemesSecurity

Also a plugin with which you secure WordPress. iThemes Security gives the paid version much more attention than the free version. A security update is implemented quite smoothly in the premium version but..

sometimes an exploit hangs for weeks to months in the free version

Various other plugins

There are many examples of plugins where leaks occur that the plugin builders get reported.
The patch (fix against the hack) will then be implemented in the premium / pro version after 5-10 days, but the free version will be left behind.

Sometimes a leak remains in the plugin for months after a leak is known and it even disappears from the WordPress plugins database

The good news

When free plugins are on WordPress.org, they will be removed until the leak is fixed.
There are several parties that report leaks to WordPress and there is a zero tolerance policy regarding leaky plugins.

A leak / exploit, what should I imagine?

Some examples of recent plugin vulnerabilities:

  1. The administrator leak
    It often happens that a vulnerability in a plugin allows an administrator account to be created.
    If a hacker or script has access with administrator rights, they can do anything they want.
    Usually advertising is placed in your website, or a script is uploaded that allows advertising to be sent through your website to thousands of addresses.
    And then the rest of the administrators will be removed. In short, you no longer enter your website to undo the hack.
    It goes without saying that when this vulnerability becomes known, it must be resolved as soon as possible and must not sit in a website for weeks or months.
  2. The database injection
    Plugins often have input fields on the front-end of your website. Think of review plugins, contact forms, etc.
    If those fields are not properly secured, a hacker or script can simply misuse them to put data in your database.
    Within 1 second, such a script can create administrators in the database, implement text changes throughout your entire website, with all the consequences that entails.
  3. The newsletter hack
    Do you have a newsletter form? Where visitors can register? In the past, leaks in such plugins have been found that allowed the hacker to add their email address as a login address. This means that every registration of a visitor was also known to him. You wonder what a hacker can do with that, but large numbers of email addresses with names are worth money. Advertising is sent to it. There are people who buy lists of email addresses and first + last names.
    Another leak that you don’t want to be exploited. You don’t realize it quickly, but your users suffer a lot because they get the spam.
  4. The WooCommerce leak
    Plugins that improve your webshop often have access to the database. Your database contains all the accounts of your customers. There have been several leaks in the past where plugins gave hackers access to the database and all customer information.
    It goes without saying that such a hack must be fixed immediately or ASAP once it becomes known!

Who tests my website for leaks?

Of course you don’t expect your webshop to be tested often. And that a leak can therefore not be abused so quickly.

Unfortunately, this doesn’t work the way you think.

When a leak becomes known, hackers write scripts that work like this:
1. The script searches for webshops on Google (You are also listed there)
2. The script makes requests on the websites to the known leaky plugins
3. When the leaky plugins found, use the script that known vulnerability to perform a hack

Safe with a security plugin, right?

Even when your website is secure, such a vulnerability can still be exploited. Security allows the (out) operation of plugins, otherwise your website could not function! Keeping the plugins up-to-date so that there are no leaks is therefore very important.

Conclusion

Now that you know that plugin builders are more likely to make the premium / pro version more secure.. you should consider buying a premium. Especially if you depend on your website for income, or if you have a webshop with many customers.

Premium still does not guarantee 100% security, but the examples have shown that it does make a difference.

 

Plugins, “the candy” of WordPress

/0 Comments/in ,

54 THOUSAND free plugins!

WordPress.org currently offers 54,826 plugins.

Plugins with which you can take your blog or company website to the next level.

But, it’s like candy: you shouldn’t take too much of it, otherwise it will work against you. Even if that is difficult, because it is sooo tempting to try them all.

And now you would say, we’ve read that more often. We know now, not too many plugins, security, speed of the website blah blah blah..

We manage many websites,  for 10+ years.. we can tell you: it is being made a mess!

Professional web agencies

Professional web agencies still throw too many plugins into the website. And not just too much, but also plugins that don’t work together.

Example: You can use 1 seo plugin, but you can choose from dozens on WordPress.org

You have a plugin to send Google, you have a plugin to create xml sitemaps, you have a plugin to display data in a structured way for Google.. etc
Downside: They all do a little bit of everything. They also overlap in functions. They do NOT work together! You will notice this automatically if you get unexpected results or problems with indexing in Google.

Anyone can install plugins, but setting them up properly is a study in itself.

Make the overloaded website faster with even more plugins?!

trage website door cachingAnother beautiful one. Every week we see websites that need to be fast, and are therefore equipped with multiple caching plugins.

1 for the speedtest, 1 for Google, 1 for lazy loading images, 1 for caching Html & Css and of course 1 that merges the queries making your website even faster! And to balance it all out a super caching to deliver static pages..

You can compare that with taking Energy drink for energy, a paracetamol against the headache of the energy drink and then get started with a stomach protector and an anti-nausea pill.
Madhouse, don’t!

OF COURSE you can use 1 plugin for speed and 1 plugin for seo, but do your research first. See what features they have, how they work and if you can set them up to your liking.

Another trap, premium plugins

Premium plugins are professional, so that’s okay!

plugins met te veel functies WRONG! Even if you buy plugins for $ 199, a team has been working on it that converts the plugin into an airplane cockpit.

Because the customer wants to be able to do everything! Being able to manage everything without writing a single letter of code, everything must be click and play.
Very nice, but you don’t want to know the impact it has on the website. Entire teams write months of code with a large number of functions and customization options for which jQuery databases are unloaded, inline code is thrown into the html.. all for the sale of that expensive plugin and for the wishes of the customer.

So be very careful with premium plugins.

Keep it at 5-15 plugins max!

Require your web builder not to use every feature with plugins.
We know, it saves him work and time, the costs remain low, but in the long term it almost always causes problems with updating and the functioning of the website.

As a website owner, don’t just throw plugins into your website.

But also you as the owner of your website, don’t just throw plugins into your website 😉
I know, you run into a problem and see that this is solved with 1-2 mouse clicks. But you may be destroying the structure of your website with the plugins you use.

Nice story WPsecure!

From the candy store to a story about what NOT to do. That makes us very happy!

Now that you know what not to do, we’ll help you on your way to doing it as well as possible.

Plugins, what to do:

  1. Find out which plugin works best through some research.Example: you want to use a caching plugin?
    Then search: best 5 caching plugin for wordpress in Google or duckduck 😉
    Buuuut, note the 1st and 2nd are often advertising. Both in Google and on the website in the article itself. Then they get a commission if you buy the plugin. So feel free to look at a free version and don’t take the “very best” where you only get a betaling or subscription. A free plugin is often just as good as a paid one.
  2. See the reviews
    Plugins have a “star rating”, look at the number of people who have given the rating and then the number of stars the plugin has earned.
    Check whether the plugin has been updated recently, and is therefore maintained by the developer.

Now a list of free plugins that have proven themselves in recent years:

  • Autoptimize – For the speed of your website.
  • WooCommerce – From WordPress itself, for a webshop
  • Yoast SEO – The best plugin for optimizing for Google
  • iThemes Security – Security is essential!
  • Count per day – Find out how many visitors your website gets
  • UpdraftPlus – For the backups, your hoster keeps limited

All found in the awesome WordPress.org plugin library

Do you have any top plugins? Or questions? Let me know in the comments!

But remember, not too many plugins at once!

The WordPress SiteDiagnosis – What can you do with it?

/0 Comments/in

Automattic (the creators of WordPress) have added a new tool to WordPress called Site Health.

This tool is primarily intended for advanced programmers and administrators.

Have you used Site Health before?
We dare to bet that you haven’t 😉

What can you do with Site Health?

Site Health provides you with technical information about your WordPress website.
This information is mainly interesting for programmers or webmasters who need to maintain the site.

Site Health, let’s be serious…

If you’re a good programmer, you would naturally look in the right places, such as the wp-config, the database, or the server itself. If there’s something wrong, you can fix it directly.

But you still want to use Site Health

We’ll guide you through the most valuable information from Site Health and explain how you can use that information.

Go to the “Info” tab in Site Health.

There you will see a section called WordPress. Here you can see the WordPress release that your website is currently using. Previously, this information was displayed at the bottom right of every admin page, but now it says “update to…” which directs you to this Site Health page to view the current WordPress version.

Next is the Directories and Sizes. You can check the database size here. It should be between 10 and 30 MB. For large websites, 50-90 MB is also possible, but if your database is 200-400 MB, you should take a look at the tables to see if everything is okay. Some plugins store so much information that it unnecessarily burdens the database and slows it down.

The Active Theme. It’s nice, but you can also see this in Appearance -> Themes.

Must Use Plugins. The translation is not great here, but what you see are plugins that are required. They are located in the multisite folder, and without that piece of code, another plugin won’t work. Usually, there’s nothing interesting to see here.

The Active Plugins. Does your website have more than 25 active plugins? Then take a look to see if there are any unnecessary plugins that you can remove. Each plugin adds a piece of code that slows down the website. Additionally, having many plugins increases the risk of malware. (Check wpvulndb.com for vulnerable plugins at the moment.)

Media Handling. Nothing to see here unless your images are not scaling upon upload. Although it’s more likely that this is due to the write permissions of the upload directories.

The Server. The PHP version is very important and should be somewhat up-to-date. For the security and speed of the website, it’s recommended to use one of the latest stable PHP versions. The PHP memory limit should be at least 64-96MB, but for a large website or webshop, 256-512MB is better.

The Database. For most people, the database information is too technical. This is hosting information, and you assume that your host has it under control. However, you can see the database prefix here, and if it’s the default and well-known “wp_” prefix, it’s better to change it (for example, with iThemes Security in the Advanced tab).

WordPress Constants. This is also information for seasoned programmers, and they wouldn’t go to Site Health for this 😉
But if you really want to, you can see here whether the debug mode is enabled or disabled, if debug logging is enabled, and if the paths to wp-content and plugins are correct.

Filesystem Permissions. Those terms… what translator came up with them?
Anyway, you can see if the most important directories such as the root directory, wp-content directory, plugins directory, and some other directories are writable.

Conclusion and closing

If you have ever used the Site Health tool in WordPress, let us know in the comments. Did you find it helpful?

Honestly, the information provided is mainly for advanced programmers, and they would directly check the settings in the actual locations instead of using this diagnostic tool.

Security

Gathering technical information about a website is the first thing a hacker does, so having a code that displays all the technical information on your website?
Not a good idea!

This plugin is outdated or untested with the current version of WordPress, now what?

/0 Comments/in

This plugin hasn’t been tested with the latest 3 major releases of WordPress. It may no longer be maintained or supported and may have compatibility issues when used with more recent versions of WordPress.

If you see this message when searching for a plugin on WordPress.org, you may be wondering if the plugin is still safe to use and whether you can install or continue using it.

First of all, if there is a known vulnerability, you can check it on the website wpvulndb.com. Use the search bar to see if the plugin is listed and if there is a vulnerability. A vulnerability means that hackers have found a way to modify your website through insecure code in that plugin.

What does “hasn’t been tested with the latest 3 major releases of WordPress” mean? It means that there have been new releases (updates) of WordPress and the plugin developer hasn’t confirmed testing the plugin on the latest versions of WordPress. This is not uncommon because WordPress releases updates frequently, and it can be challenging for busy plugin developers to keep up. It doesn’t necessarily mean there will be a problem if the plugin hasn’t been tested yet, but the yellow notification appears with every new WordPress release. Since WordPress is often “backwards compatible” and maintains older code to ensure compatibility with plugins and themes, the plugin will usually continue to function on newer versions of WordPress.

What does “It may no longer be maintained” mean? It means that the plugin may not be actively maintained or supported by the developer. You can check if the plugin is still being updated by looking at the last updated date on the plugin page.

last updated

5-10 months is generally not a problem. If a plugin hasn’t been updated for 1-3 years, it’s safe to assume that the developer has abandoned it and there will be no more updates.

If there are no updates at all, it is advisable to look for an alternative plugin.

What does “may have compatibility issues” mean? Compatibility issues can arise when plugins are not kept up-to-date. The plugin may no longer work at all, or it may disrupt the styling of your website or cause other functionalities to fail. Sometimes the plugin itself still works fine but triggers an error that affects the functionality of other plugins. As a result, you may mistakenly remove the wrong plugin, thinking it’s causing the issues.

Conclusion: If you see a yellow warning message stating that the plugin is outdated or hasn’t been tested with the current version of WordPress, you should check the last updated date of the plugin. Based on that information, you can determine whether you still want to use the plugin.

The yellow notification itself is not a reason to immediately remove or avoid installing the plugin.

 

 

Plugins, “the candy” of WordPress

/0 Comments/in

54 THOUSAND free plugins!

WordPress.org currently offers 54,826 plugins.

Plugins that can take your blog or business website to the next level.

But, it’s like candy: you shouldn’t have too much of it, or it will work against you. Although it’s challenging because it’s so tempting to try them all.

And now you might say, we’ve heard this before. We know, not too many plugins, security, website speed, blah blah blah…

We manage many websites, for over 10+ years… and let us tell you: it’s a mess!

Professional web agencies

Professional web agencies still load websites with too many plugins. And not only too many, but also plugins that don’t work well together.

For example: You can use 1 SEO plugin, but there are dozens available on WordPress.org.

You have a plugin to handle Google, a plugin to create XML sitemaps, a plugin to display data structured for Google… etc.
The drawback: they all do a little bit of everything. They also overlap in functionality. They don’t work together! You’ll notice this when you get unexpected results or indexing problems in Google.

Anyone can install plugins, but configuring them properly is a study in itself.

Making an overloaded website faster with even more plugins?!

slow website due to cachingAnother good one. We see websites every week that are supposed to be fast and therefore have multiple caching plugins.

One for the speed test, one for Google, one for lazy loading images, one for caching HTML & CSS, and of course one that combines queries to make your website even faster! And to balance it all out, a super caching plugin to serve static pages…

That’s like taking an energy drink for energy, a painkiller for the headache caused by the energy drink, and then using an antacid and an anti-nausea pill to deal with the side effects.
Crazy, don’t do it!

Of course, you can use 1 speed optimization plugin and 1 SEO plugin, but do your research first. Look at the features, how they work, and if you can configure them according to your preferences.

Another pitfall: premium plugins

Premium plugins are professional, so they must be fine!

feature-rich pluginsWRONG! Even if you buy a $199 plugin, there’s a team behind it turning the plugin into an airplane cockpit.

Because the client wants to do everything! Manage everything without writing a single line of code, everything should be click and play.
Sounds great, but you won’t believe the impact it has on your website. Complete teams spend months writing code with a multitude of features and customization options, unloading jQuery databases, throwing inline code into HTML… all for the sale of that expensive plugin and to meet the client’s demands.

So be very cautious

with premium plugins as well.

Stick to 5-15 plugins max!

Demand from your web developer not to use plugins for every little function.
We know, it saves them work and time, keeping costs low. But in the long run, it almost always leads to problems with updates and the functionality of the website.

As a website owner, don’t just throw plugins into your website without consideration.

But as a website owner, don’t just throw plugins into your website 😉
I know, you encounter a problem and see that it can be solved with 1-2 mouse clicks. But you might be jeopardizing the structure of your website with the plugins you use.

Nice story, WPbeveiligen!

From the candy store to a story about what you should NOT do. That really cheers us up!

Now that you know what not to do, let us help you do it right.

Plugins, what to do:

  1. Research which plugin works best. For example, if you want to use a caching plugin, search for best 5 caching plugins for WordPress on Google or DuckDuckGo 😉
    But beware, the first and second results are often ads. Both on Google and on the website itself. They get a commission if you purchase the plugin. So feel free to look at the free version and don’t go for the “best” one that requires payment or a subscription. A free plugin is often just as good as a paid one.
  2. Check the reviews. Plugins have a “star rating.” Look at the number of people who have given ratings and the number of stars the plugin has earned.
    Check if the plugin has been updated recently, indicating that it’s being maintained by the developer.

Now, a list of free plugins that have proven themselves over the years:

  • Autoptimize – For website speed optimization.
  • WooCommerce – From WordPress itself, for building an online store.
  • Yoast SEO – The best plugin for optimizing your website for Google.
  • iThemes Security – Security is essential!
  • Count per Day – Track the number of visitors to your website.
  • UpdraftPlus – For backups, as your host may have limited storage.

All of them can be found in the wonderful plugin library of WordPress.org.

Do you have any top plugins to recommend? Or any questions? Let us know in the comments!

But remember, not too many plugins at once!

Why is the price in the tens of euros per month

/0 Comments/in

We are a specialized WordPress website hoster & not a budget hoster.
We have over 15 years of WordPress experience.

Your website is in good hands with us, and you are not just a number like with budget hosters, where you get a different support representative on the line every time who is not familiar with your website and situation.

 

Using WordPress with the old editor – turning off Gutenberg

/0 Comments/in

The Gutenberg editor has been in use for quite some time now, and while it has several advantages, not everyone finds the Gutenberg editor pleasant to work with.

For some, the Gutenberg editor is a reason not to update WordPress to 5.0+. You cannot choose between the old and new editor because the creators of WordPress want to encourage everyone to use the new way of working with the Gutenberg editor.

This is understandable since they aim for unity in the WordPress community and a standard that makes WordPress workable for everyone.

Unfortunately, updating to WordPress 5.0+ is unavoidable because there are various vulnerabilities in the old WordPress releases.

But what about my beloved old editor?!

Fortunately, there are several plugins that allow you to bring back the old WordPress text editor.
You won’t be the only one swapping Gutenberg for the familiar old text editor of WordPress. At the time of writing, there are 5 to 8 million websites that use the Classic Editor, one of the plugins that removes Gutenberg and restores the old editor.

3 plugins to bring back the old text editor

Swapping Gutenberg for the Classic Editor

“The Classic Editor” is one of the most well-known plugins, and it does exactly what it needs to do: make Gutenberg disappear and display the old editor.

Download the Classic Editor

Switching between the Classic Editor and Gutenberg

The Classic Editor is great, but what if you still want to occasionally write a page or post using the Gutenberg editor? In that case, you can install the plugin below. You can enable or disable the plugin’s functionality under Settings > Reading.

disable Gutenberg

Download the plugin here

Using Gutenberg Editor selectively

But what if you have written many posts with another editor, such as Visual Composer? You would want to continue editing those posts, and you wouldn’t want to force the Classic Editor on those old posts because it would mess up the entire layout.

This plugin also offers the option to use the Classic Editor selectively. You can do this based on the user, post IDs, and more!

You can find the option to enable or disable Gutenberg specifically under Settings > Disable Gutenberg, where you uncheck the “Complete Disable” option to have the choice.

specific Gutenberg

Download the plugin here

 

 

Preventing others from stealing your texts for their own websites

/0 Comments/in ,

You’ve just written a great article or conducted an in-depth interview, and the last thing you want is for someone to simply copy your article and display it on their own website.

Everyone knows how easy it is to copy texts. You select the text, right-click – Cut, and Paste it on your own website.

Is it possible to completely prevent text copying?

Unfortunately, not entirely. Programmers and true content thieves know multiple ways to extract text from a website. But you can make it as difficult as possible!

Preventing text theft with a plugin

The “WP Content Copy Protection & No Right Click” plugin is one of the best ways to make it much harder to copy texts from your website.

Download the plugin for free

What makes this plugin a good solution against text theft?

  • The plugin blocks the ability to Cut & Paste through right-click
  • The CTRL-C & CTRL-V shortcuts are also blocked
  • The ability to select text by hovering over it is blocked

Finally, the plugin also includes methods to make it more difficult to copy images. “Save As” and dragging images are blocked.

How effective is this plugin?

The methods used by this plugin are 70% effective in preventing text copying for most visitors.

Well, has my text already been copied by others?

You can easily check if texts have been copied. When you enter a search query in Google, put the text in “quotes”.
As an example, just take a sentence from an article, put it in quotes in the Google search bar, and see if there are results from other websites.


If all goes well, you will only see your own website in the results 🙂

Copying Texts, to What Extent Is It Illegal?

Don’t immediately rush to write a letter to your lawyer.
Small pieces of text can be copied. A few sentences.
In this case, it is polite if they refer to the source, in this case, your website, but it is not mandatory.

When It Comes to Complete Articles, You Can Take Some Steps

Ask the owner of the website, or the person who posted the texts, to remove your texts or, if you are more interested, to show you as the source in or below the article.

If you do NOT suffer financial loss from it, consider the copying as confirmation that you have written a good article.
Don’t worry too much about it and continue writing new great articles!

But now with the plugin to make copying a bit more difficult?!