Your site does not use HTTPS

/0 Comments/in

HTTPS is the secure connection that is established when you have an SSL certificate and your website is accessed via https://.

This is no longer a luxury; at the time of writing, HTTPS is a necessary setting if you want to ensure that Apple devices and various browsers display your website.

Google, as a search engine, also values HTTPS.

Does your website already have access to an HTTPS / SSL certificate or secure connection?

First, check if your web host has a certificate ready for you.
You can test this by finding your license.txt file and adding https:// in front of it.
Example: https://your-domain-name-here.nl/license.txt
If that file is accessible with a secure connection, you just need to switch WordPress to HTTPS.
Note: it may be possible that the license.txt file is not present. To confirm that this file exists on your server, search for it without HTTPS. So simply use http://

Switching your website to HTTPS when you already have an SSL certificate

One way is to install the “Really Simple SSL” plugin. (Via your admin > plugins > add new plugin)

If you don’t have an SSL certificate yet

If you don’t have an SSL certificate installed on your server, you can request one from your web host.
Sometimes a Let’s Encrypt certificate is available (often free), but sometimes you need to purchase an external certificate or order a certificate through your web host by choosing an option.

Your site is set up so that visitors can see error messages

/0 Comments/in

An apparently harmless notification. The error messages of code are visible to visitors.

However, these error messages can provide hackers and scripts with valuable information, such as file paths, used plugins, version numbers, your root address, and more!

disable debug mode in WordPress

If you encounter this notification, it means that the debug mode is set to TRUE in your wp-config.php file, and you need to change it to FALSE (capital or lowercase letters don’t matter).

One or more recommended modules are missing

/0 Comments/in

One or more recommended modules are missing… When you see this message in your site diagnosis, it usually means that the “imagick” module is missing or, more accurately, not being used by the server in 99% of WordPress websites.

Is it a big issue if the imagick module is missing?

No, in most cases, your server has an alternative (the GD module) for image manipulation and editing.

What does the imagick module do?

The imagick module allows for image manipulation, such as scaling, cropping, and resizing of images.

How can I make sure that the GD module is present on my website and replaces imagick?

How can I be certain that the absence of the imagick module doesn’t cause any issues?
Upload an image in WordPress and try editing it. If you can successfully make changes and save the file, it means that the alternative GD module is functioning properly. You can then ignore the notification about the missing imagick module.

Uptime monitoring

/0 Comments/in , ,

Uptime monitoring is one of the ways we keep an eye on your website. It allows us to track whether the server hosting your website is stable and if your website is consistently accessible. If any issues arise, we are notified.

We also receive reports on the website’s uptime over the past months. These reports help us identify server time-outs, instances when the server was offline and the website was inaccessible, errors that rendered the website completely unavailable, and more.

There can be various reasons why a website may experience periods of inaccessibility, such as plugins, an overloaded server, or an unstable data network.

If we notice frequent occurrences of downtime, we can work towards resolving the issue or provide guidance on how to approach your web host.

We have been utilizing uptime monitoring for all our clients for many years.

With our Package 2, uptime assistance is included by default. If your website experiences downtime due to a server issue, we assist you by communicating with your web host or providing you with the necessary information to address the problem.

Uptime assistance and monitoring are services that we consider standard practice, especially for critical business websites and online stores.

Finding a hack in the uploads folders of WordPress

/0 Comments/in

The chance is high that during your search for a hack or malware on your website, you didn’t even think about the uploads folders.
But did you know that this is one of the most commonly used places for hacks?

The uploads folders are writable

The uploads folders are writable, and it’s a good hiding place.
Both plugins, the theme, and WordPress itself have permissions to place files there.

Finding a hack in the uploads folder from 2015

How quickly can you find a hack that is in the folder 2015 / 07?! You wouldn’t expect it, but that’s where the uploads from 2015 are, right?!

Resetting the upload date

The trick they use is resetting the upload date.
Scripts can manipulate that date to make you think they have been there for years.
That means they upload the hack, the backdoor this week or month, but manipulate the file’s write date so that you won’t discover it easily.

They make it look like the file has been there for years!

Okay, all these tricks from hackers and their scripts are worthless, but with this knowledge in mind, the question remains:

How can I find a hack, malware, or backdoor in the uploads folders?

Search for PHP files
A hack file usually serves a purpose, and it can only do that if it’s a PHP file.
So, you take an FTP program like FileZilla and press F3, which opens the search window. Then you search in the uploads folders for a file with the name or extension PHP.

Is a PHP file all you should look for?
No, unfortunately, hackers also know that you and scanners search for PHP files. Additionally, security plugins are aware of that trick and restrict PHP execution in the uploads folders.
So, what hackers do is upload a file with the name server-att.php.jpeg (for example).

What does the scanner think? It thinks it’s a JPEG file because that’s the last part of the extension.
Meanwhile, another script still loads this file as PHP and executes the hack.

ICO files, JPEGs with a PHP extension in the name, also require attention.

External scanning

It may be necessary to scan the files for Trojans, malware, and backdoors.
As you just read, advanced hacks are hidden.

Download your uploads folders to your PC/Mac and run them through your antivirus scanner.
You can also upload the files to virustotal.com.
This website checks the files against a large database of antivirus software, increasing the chances of detecting a hack file.

Note: The virustotal website does not accept gigabytes of information, so you’ll need to compress and/or split the files to scan them.

Found a hack in the uploads folder, what now?

Once you’ve discovered it, simply delete it. Then check if the rest of your website is not infected because such a hack file usually serves a purpose and doesn’t stand alone.

But

I don’t have time, it’s complicated

If you’re too busy or find it too complicated, I understand. It’s a specialized field.
You can also leave this work to us.

We remove hacks, secure WordPress websites, and ensure that YOU have no worries.

Take advantage of our service or contact us for any questions!

 

Why is my e-mail not arriving?

/0 Comments/in

Emails are increasingly not being delivered to recipients. But why isn’t my email getting through? You might be wondering. Everything seems to be in order, just a simple business email or a photo to a friend.

There are several factors that can cause email delivery issues. First, check the simplest things:

  1. Did you enter the recipient’s email address correctly?
    Make sure there is an “@” symbol and a dot (.) in the email address. Is the dot mistakenly a comma (,) instead? The difference may be small, but the impact is significant.
  2. Is the extension correct?
    For example, is it outlook.com or live.nl, gmail.com or did you enter gmail.nl? Double-check this.
  3. Is the attachment, file, or photo too large to send?
    If you attached a photo or file that is larger than the allowed limit (e.g., 10-20 or 30MB), it may not go through. The maximum size you can send varies depending on the email program or service. It might work with Gmail but not with Outlook. Additionally, large attachments can be blocked by Gmail or Outlook.
  4. What text is in the body of the email?
    If the recipient’s email system has a spam filter that scans for specific keywords, the email might be blocked or not delivered.

Testing

Try the following tests:

  1. Does your email get delivered if you insert NO text or different text?
  2. Leave out the attachment or send it using WeTransfer.com.
  3. Can you send emails to other email addresses?
  4. If you use a different email address, does the email reach the RECIPIENT?

Sometimes, sending to a specific address is not possible due to an issue with your email, but it is also common for there to be an issue on the recipient’s side.

Identify the Pattern

Conduct these tests to identify any patterns and determine where the issue lies.

  1. Is the issue related to your sending address? Gmail, Outlook, or webmail?
  2. Does the recipient experience issues with receiving Gmail, Outlook, or webmail?

Resolving the Issue

If the issue is with one specific address:

If it’s just one recipient or one email causing the problem, you can temporarily work around it by using a different sending address or asking if the recipient has an alternative address you can use.

If your emails are not reaching anyone anymore:

If you find that your emails are not being delivered to most recipients or not being sent at all, it becomes more complicated. However, there are solutions, albeit more technical:

  1. If you encounter a persistent issue, contact the support department of your email provider, web host (if using webmail through your domain), or even your internet service provider, as they may sometimes block emails.
  2. Switch to a different email provider and try using Microsoft Exchange or another dedicated email service.
  3. Consult an IT professional who specializes in email-related matters.

Note: We provide information and tips. If you are unable to resolve the issue with the provided information and tips, it is best to seek the assistance of an IT professional. We only offer advice and

information, not services.

More and more themes and plugins up-to-date

/0 Comments/in

In WordPress 5.5, the jQuery Migrate script was removed, and a new version of jQuery was introduced in WordPress 5.6. As a result, many themes and plugins were not prepared or updated, causing issues with websites.

During that time, the jQuery Migrate Helper plugin was installed on many websites to compensate for the missing jQuery Migrate functionality.

Fortunately, we have seen that many themes and plugins have made the necessary adjustments, rendering the temporary solution of the jQuery Migrate Helper plugin unnecessary.

If you have updated your themes and plugins, it is likely that you no longer need the jQuery Migrate Helper plugin and can remove it from your website.

WPML still often unused

/0 Comments/in

WPML is a plugin that allows you to display your website in multiple languages.

It is noticed that WPML is activated on many websites even when it is not actually being used. Why is the plugin installed but not used?

There could be several reasons for this. Sometimes the translation is not completed, or issues arise with translating elements in the theme, such as widgets in the sidebar and footer.

It is also possible that certain plugins do not work well with WPML, preventing the translation of specific components.

In any case, if you have WPML installed but haven’t used it for years, it is recommended to remove the plugin, especially if you are using an older version that contains a vulnerability.

If you are actively using WPML, make sure it is up-to-date, along with its accompanying extensions such as WPML Media, WPML String Translation, and WPML Translation Management. Keeping all components updated is important for security and functionality.

The desired loading time of a site is getting faster and faster

/0 Comments/in

In the years 2015-2020, you could get away with a website that loaded within 5-7 seconds, but now you’re already penalized if your website takes 3-5 seconds to load.

In fact, there are tests indicating that a website with a load time of 2.8 seconds is “not fast enough” for mobile visitors. Users browsing on their smartphones have little to no patience and a short attention span.

Internet speeds have been increasing for years, even for mobile users. We’ve seen the transition from 3G to 4G, and now 5G is being rolled out as of the time of writing.

Secretly, expectations for websites are also rising. If a video can start playing within 1 second, why should a webpage take 5-7 seconds to load?

We have all been spoiled by speed, but we have also become more impatient.

Anyway, this piece of news has gone on for too long. Time to scroll on!

Waarom is de prijs in de tientallen euros per maand

/0 Comments/in

We zijn een gespecialiseerde WordPress websitehoster & geen budgethoster.
We hebben meer dan 15 jaar WordPress ervaring.

Je website is bij ons in goede handen en jij bent geen nummer zoals bij budgethosters waar je iedere keer een andere supportmedewerker aan de lijn krijgt die jouw website en situatie niet kent.