WordPress updaten – Maak altijd eerst een backup!

/1 Comment/in

WordPress updaten. Meestal gaat het goed. Maar niet altijd! En dat is waarom je een backup van je WordPress website moet maken. Dit kun je doen met Updraftplus.

WordPress updaten, wat kan er verkeerd gaan?

  • De nieuwe plugins werken niet samen met de nieuwste versie van WordPress
  • Het thema werkt niet samen met de nieuwste versie van WordPress
  • De update is niet volledig afgerond door een serverprobleem

Is het ingewikkeld om een backup te maken?

Met Updraftplus is het maken van een backup gemakkelijk, en in feite gratis. (het neemt wel dataruimte in beslag op je hoster als je geen externe opslaglocatie kiest)
Het is een kwestie van een paar muisklikken!

Wat is Updraftplus?

Updraftplus is een gratis plugin die al heel wat jaren meegaat en succesvol backups maakt van WordPress websites. De WordPress basis en de database zijn daarbij het belangrijkste, maar UpdraftPlus maakt ook losse backups van je thema en de plugins.

Een backup maken met Updraftplus

Als je Updraftplus geinstalleerd hebt zie je een nieuw menu bovenaan je admin, daar klik je op Updraftplus en ga je naar Backup / Restore.

Gebruik de Backup Now knop om een backup te maken.

Daarna zie je de keuze om de database en bestanden op te slaan.
Laat die aangevinkt aangezien je een gelijktijdige backup van zowel de data als de database wilt.

De gemaakte backups zullen op dezelfde pagina in een lijst verschijnen.
Daar kun je de database, plugins of thema’s mee terug zetten naar de staat van de gekozen backup.

Zo gemakkelijk is dat!

Belangrijke tip: De WordPress core bestanden worden niet standaard meegenomen in de backup, die moet je handmatig aanvinken!

Ook al kun je de WordPress core altijd opnieuw downloaden van WordPress.org, het is goed om de specifieke versie bij de database te houden!
Zie de screenshot hieronder hoe je de WordPress core ook kunt selecteren.

WordPress widgets, here’s how it works!

/0 Comments/in

WordPress widgets are small plugins that you can place in the sidebar. They are easy to activate, move around, or temporarily remove.

There are many types of widgets, and WordPress comes with default widgets that display the latest posts, a widget for admin login, a widget to display posts per month, a widget to show the latest x number of posts, and a widget with a calendar. The most commonly used widget is the text widget, which allows you to display HTML and text.

As you can see, there are many possibilities, and they are highly flexible since you can simply drag and drop them without any programming.

Additionally, there are many modules/plugins that generate widgets, so you can use them in the sidebar.

This is how a widget looks in your admin

voorbeeld tekst widget

By default, the widgets are collapsed, but you can click on them to expand and make adjustments. Here you see a text widget, where you can set the name of the widget that will be displayed above the widget on your website. Below, you can place HTML and text.

To use PHP within your widget, you can download a module/plugin that allows PHP execution in the text widget.

After making changes, don’t forget to click the “blue button” to save the changes and publish them live.

Saving unused WordPress widgets

voorbeeld widgets die niet gebruikt worden

Imagine you have written some text in the text widget, or you have a widget with many configuration options. You might want to save it even if you don’t want to display it live at that moment. You can do this by collapsing the widget and dragging it to the “Inactive widgets,” where the settings will be saved until you want to use it.

Dragging WordPress widgets

wordpress widget slepen

Dragging is quite straightforward, but you need a theme with a sidebar to do it. If dragging or saving doesn’t work correctly, it may be due to insufficient browser support (old browser) or a malfunctioning WordPress admin. Tip: Trying again with another browser or re-uploading the admin might help.

5 super widgets!

  1. The “Count per day” widget displays the visitor count in your sidebar.
  2. The widget that comes with the Contact forms 7 plugin allows you to display a contact form in the sidebar.
  3. The WP Polls widget displays a poll in your sidebar.
  4. With the Nextgen Gallery plugin and its accompanying widget, you can display a slideshow or photo album in your sidebar.
  5. You can execute PHP in your widget with the PHP text widget plugin. By default, WordPress doesn’t allow PHP execution.

Making your WordPress website responsive without plugins

/0 Comments/in

A responsive website, you can either code it yourself or have it coded by a programmer/designer.

Why not use plugins?

There are various plugins that can turn your WordPress website into a mobile version, adapting the layout to fit tablets, smartphones, or wide monitors.

Every plugin you use is a potential security risk.

If you create a mobile site with plugins, such as a scaling plugin, a responsive menu plugin, a widgets plugin, an image resize plugin, etc., you might end up using 3-4 plugins just to display a mobile version to your visitors.

Moreover, the website might become slower and less secure, and it could have a completely different appearance, providing a different user experience for desktop visitors compared to what they experienced on their desktop devices.

Creating a responsive website without plugins

As a programmer, you can create a mobile site by using the existing elements of the site and providing customized formats based on screen width through a custom stylesheet (CSS).

If you don’t know how to start coding a mobile version, you can follow the tutorial below: “How to start coding a mobile version.”

If you are not a programmer, you can hire a programmer with experience in converting WordPress websites to mobile formats.

How to start coding a mobile version

The viewport

Easily forgotten, but very important! The viewport ensures that your media query knows the width of the screen.
<meta name="viewport" content="width=device-width, user-scalable=no">
This viewport meta tag can control the size that should be displayed for the whole device/CSS.

We have media queries

Where you can specify what to do with Divs, titles, paragraphs based on the screen size.


@media screen and (min-width: 600px) and (max-width: 900px) {
/* Your CSS here */
}

Everything you put between that media query for 600 to 900 pixels will be displayed at that screen size.

Don’t forget to close the query!

Extra clarification: If you already have CSS code with !important in your regular stylesheet, you will need to overwrite it with !important or remove the “importance” from your regular CSS. Otherwise, the element won’t be affected.

Does the media query work? Test to know!

You might add code for a specific size, but nothing happens. Make sure the CSS is actually being used for a particular size.

What I often do is first write some code that changes the background color of the entire body for a certain size.

For example:

@media screen and (min-width: 600px) and (max-width: 900px) {
body { background-color: red !important; }
}

Then you can view the website on your mobile device, tablet, or scale the screen in your browser and see if the background turns red between 600 and 900 pixels.

Fluid versus Fixed

Opinions vary widely on the choice between Fluid or Fixed, so just do what you find most convenient.

Explanation of Fluid and Fixed:

Fluid means setting the wrappers (outer divs) to 100%. It scales with the maximum possible width of your device.

This allows you to use the maximum width, but the downside is that each device has its own width.

Fixed means a fixed value. In this case, you determine the width of each wrapper per media query.

How do I determine the flexible widths?

This can also be done in various ways. For example, from 1000px, from 750 to 1000px, and from 250 to 750px.

Think of 1000+ as for computers, 750 to 1000 for tablets in landscape mode, and 250 to 750 for tablets in portrait mode and phones in landscape mode.

Note! These pixel widths may change yearly as tablets become sharper, and it becomes pixel-specific.

This was the starting point for creating a responsive website without plugins!

The important thing is that it is relatively easy to achieve without plugins, which provides a better foundation for the speed and security of your WordPress website.

Protecting a page with password in WordPress

/0 Comments/in

WordPress has a built-in feature that allows you to protect pages and posts with a password. You can set a unique password for each page or post.

Step 1: In your page or post, click on “Visibility: Edit” in the publish block.

Set password WordPress

Step 2: Select “Password protected” and enter your desired password.

Set password

Step 3: Publish the changes.

Publish changes WordPress

Done!

After these steps, you will see a password field on the page or post where you have set it.

Protect WordPress page

Simple, right?

Hide more than just the content?

With this function, WordPress only protects the content that is loaded with wp_content(), but not the custom fields that you have programmed in a page template or extra content areas via the Secondary content plugin.

If you also want to hide these, you can add this code to the template to hide that info:

<?php if ( !post_password_required() ) { ?>
This will also be hidden now!
<?php } ?>

Why you should not download illegal plugins or themes

/0 Comments/in

Everyone knows that there’s often a catch behind things that are offered for free, and the same applies to Nulled websites that provide free plugins and themes – they can be included in the list of scams.

These websites offer paid scripts that have been hacked and no longer require a license. It might seem tempting, especially if you want to test a paid script before purchasing it.

However, I strongly advise against downloading plugins and themes from illegal websites. These scripts not only contain simple pieces of extra code that can expose your website to hackers but also include sophisticated code that puts the entire server at risk.

The scripts are designed to execute a function for every visitor but remain dormant when you’re logged in, making them difficult to detect with security plugins like WordFence.

In summary, choosing cheap or free options can ultimately lead to costly consequences and invite troubles.

Download the whitepaper here for more detailed information.

Using WordPress plugins wisely

/0 Comments/in

WordPress for Businesses: Pros and Cons

When setting up a business website, you have various options. You can choose to hire a programmer-designer to develop a website with management capabilities, or you can opt for a WordPress website.
WordPress is currently the most popular Content Management System, and more and more entrepreneurs are choosing WordPress for their business websites. But what are the pros and cons of using WordPress for businesses? Read more about this in the following article.

The Advantages of WordPress for Businesses

There are several advantages to using a WordPress website for businesses. As a business owner, you can benefit from the following advantages:

  1. WordPress is user-friendly. Both beginners and experienced users can work with WordPress and develop stunning websites with this CMS.
  2. WordPress is constantly evolving. On average, there are eight updates per year for WordPress, which means the CMS is continuously refreshed and improved.
  3. WordPress offers numerous functionalities. There are over 40,000 plugins for WordPress, providing users with endless possibilities to style and customize their websites.
  4. WordPress pays great attention to search engine optimization. The technology behind WordPress for businesses offers many options for search engine optimization, enabling your website to be well-ranked in Google.
  5. WordPress is cost-effective because all the development work is already done. It is open-source. You don’t have to pay for the development of the system behind your website; you only need to pay for designing your WordPress website or even do it yourself for free.

As you can see, WordPress for businesses offers various advantages. It is no wonder that WordPress is the most popular CMS currently, and the number of users continues to grow. WordPress is a user-friendly and affordable system that is continually updated, offering many functionalities while considering search engine optimization.

The Disadvantages of WordPress for Businesses

Unfortunately, there are also some downsides to using WordPress for businesses. The most significant disadvantage is the fact that WordPress is not always secure. This is attributed to three factors:

  1. WordPress has an open-source code, meaning anyone can view the code behind WordPress. Unfortunately, some people use this information for malicious purposes, leading to inadequate security of WordPress.
  2. WordPress offers many functionalities in the form of plugins, but these plugins are not always secure. Many plugins are infected with viruses, or certain plugins make it easier for hackers to gain access to your WordPress website.
  3. While WordPress provides features to enhance website security, many users do not know how to use them properly. Since WordPress does not assist you in securing your website, you may need to rely on professionals like WPbeveiligen to secure your website properly. As a result, many WordPress websites are vulnerable to hackers and attacks.

Besides security reasons, using too many plugins can also impact the SEO and speed of your website negatively. Plugins add extra code to your website, and on average, they come with 300-400% additional code to make management easier for end-users. For a fast website with many functionalities, using the functions.php file of your theme or creating custom templates may be a better option.

This ensures that your website remains unique, less susceptible to hacking, and maintains good speed.

For individuals with expertise in setting up templates, unique layouts, and functions, OntwerpExpert can be of great help.

Conclusion

Using WordPress has various advantages. It is user-friendly, regularly updated and improved, offers thousands of functionalities through plugins, and considers search engine optimization. The only major disadvantage is that WordPress is not always secure. To avoid encountering viruses and hackers as a WordPress user, you must take certain actions or have your WordPress website properly secured. Since many users do not know what actions to take, they often face viruses and/or hackers.

Still uncertain about WordPress? Click here to compare!

WordPress for business: the advantages and disadvantages

/0 Comments/in

WordPress for Businesses: Pros and Cons

When setting up a business website, you have various options. You can choose to hire a programmer-designer to develop a website with management capabilities, or you can opt for a WordPress website.

WordPress is currently the most popular Content Management System, and more and more entrepreneurs choose it for their business websites. So, what are the pros and cons of using WordPress for business websites?

The Advantages of WordPress for Businesses

There are several advantages of using WordPress for business websites:

  1. User-friendly: WordPress is easy to use for both beginners and experienced users, allowing them to develop beautiful websites.
  2. Continuous Development: WordPress receives an average of eight updates per year, ensuring continuous improvement and enhancement of the CMS.
  3. Abundance of Features: There are more than 40,000 plugins available for WordPress, offering limitless possibilities to customize and optimize your website according to your needs.
  4. SEO-Friendly: WordPress is designed with SEO in mind, providing many opportunities for search engine optimization and enabling your website to be well-ranked on Google.
  5. Cost-Effective: WordPress is open-source, which means you don’t need to pay for the system’s development. You may only need to pay for designing your WordPress website, or even nothing if you decide to do it yourself.

As you can see, WordPress for businesses offers various advantages. It is no wonder that WordPress is the most popular CMS today, as it is a user-friendly and cost-effective system that continually evolves, providing a plethora of functionalities while prioritizing search engine optimization.

The Disadvantages of WordPress for Businesses

Unfortunately, there are also some disadvantages associated with using WordPress for businesses. The main drawback is the issue of security. This is due to several factors:

  1. Open Source Code: WordPress has open-source code, which means anyone can access the code. Unfortunately, some individuals misuse this information for malicious purposes, leading to potential security vulnerabilities.
  2. Plugin Vulnerabilities: Although plugins provide extensive functionalities, some plugins may not be secure. Many plugins are infected with viruses or provide easy access to hackers.
  3. Lack of Security Guidance: While WordPress offers features to enhance website security, many users lack the knowledge of how to properly secure their websites. As a result, many WordPress websites become vulnerable to hacking.

To mitigate the security risks, users of WordPress should actively take measures to improve website security or seek professional help, such as WordPress website security services. Unfortunately, due to a lack of security knowledge among many users, WordPress websites often become susceptible to viruses and hacker attacks, which is the main disadvantage of using WordPress for businesses.

Conclusion

Using WordPress offers various benefits, such as user-friendliness, continuous development, extensive functionalities through plugins, SEO support, and cost-effectiveness. However, the main drawback is WordPress’s susceptibility to security risks. To avoid encountering viruses and hackers, WordPress users must take specific actions to enhance their website’s security or enlist professional assistance. Many WordPress users often face security challenges due to their lack of knowledge about the necessary security measures.

If you are still unsure about using WordPress, consider comparing your options before making a decision.

Why would a hacker have hacked my website?

/0 Comments/in

Why Would a Hacker Hack My Website?

The question of why a hacker would target your website is something many people wonder about. The belief that hackers only target large websites or ones where there is money to be gained is outdated.

Hackers use websites to set up fake online banking pages where inexperienced computer users may unknowingly enter their personal information.

This fake website operates in the background, without you having any idea. For example, if you have a website called www.ik-brei-graag.nl, the hackers might create a folder or just a few files so that you get: www.ik-brei-graag.nl/nep-bank.html or worse: www.ik-brei-graag.nl/ing/inloggen.php.

Who Falls for This?

You might wonder, who falls for this kind of deception? Well, you might be underestimating the knowledge that hackers possess. They know how to make that fake bank page appear on your server’s Google search results. So when someone Googles ING or Rabobank, they end up on the hackers’ part of your website, where the bank’s website has been copied so convincingly that it’s nearly impossible to tell the difference between the genuine bank site and the fake one. (See example image below)

Hackers can also send emails from your website with messages like: “Your bank account has been compromised, click here to secure it now!” And yes, some people do click on the link to “prevent” their supposedly hacked account from being misused.

The purpose of these fake bank sites is not to be selective but to send mass emails through your expensive hosting package using your domain. They hope that 1 in 1000 people will actually fall for the scam and enter their details.

To clarify, a legitimate bank will never ask for your PIN code, and they will never handle important matters via email. Most banking matters require written communication.

Can You Spot the Difference?

If you still think you can easily distinguish between a real and a fake bank page, take a look at the example below. Do you see the differences? I made 3 changes to the right variant. Would you have noticed them if I hadn’t mentioned that there are differences? Did you spot them?

voorbeeld

  1. The lion image is reversed. Fake emails or websites often have logos that are different or out of proportion.
  2. It says “Zoutzak” instead of “Zakelijk”.
  3. Under the login, there is a different text: “Net echt he?” (which means “Looks real, right?”)

Illustration of the Reality

Imagine that a criminal hacker enters your home or store through the backdoor and tells every visitor that he is an employee of the bank and they can withdraw money from him.

However, when they try to make a transaction, he informs them that the transaction failed and blames their bank card or information. While they are distracted, he uses their information to withdraw money for himself.

That’s a brief explanation of how internet criminals operate. The worst part is that he was in your home or store (your hobby website or webshop), and the victims turn to you with the problem that their money was stolen. The criminal often remains out of reach.

In short: whether you’re from a local knitting club or a website selling electronics, hackers won’t be selective.

These hackers use scripts to test website inputs, and when they find one, they set up their fake bank on your web address.

How Can You Secure Your Website?

To ensure your website’s security, follow these steps:

  1. Set most files’ permissions to read-only (CHMOD 775/755 or even 444 for Htaccess/wp-config.php).
  2. Don’t display CMS version and type numbers on the website or in the source code.
  3. Use long and varied passwords.
  4. Install a good WordPress security plugin.
  5. Be cautious when using plugins made by third parties.
  6. Regularly back up your website.
  7. Sign up for Google Webmaster Tools and perform regular checks.
  8. Perhaps the best tip: have an experienced programmer secure your WordPress website.

Don’t

take risks, let a professional secure your WordPress website!

What is a DDOS attack?

/0 Comments/in

Understanding DDoS Attacks and How Hosting Providers Handle Them

DDoS stands for Distributed Denial of Service, which means that multiple computers continuously send requests to a server until its processing power or bandwidth reaches its maximum limit. Once the server reaches its limit, other requests (visits to websites) become impossible. Despite being fast, a server will continue to process requests until it can no longer handle them.

Can a Good Hosting Provider Be Temporarily Disabled?

Yes, any hosting provider can be affected, and even good hosting providers are susceptible to DDoS attacks because they often host important websites, making them prime targets. With enough people or infected computers, even a fast server with robust security can be overwhelmed, causing it to slow down or become temporarily disabled. This applies to large companies, informational websites, or web services alike.

Why Would Someone Launch a DDoS Attack on Your Hosting Provider?

DDoS attacks are sometimes launched by hackers to disrupt (often large) companies. The motivations behind such attacks can be due to political reasons, personal dislike for a company, or for possible financial gain. DDoS attacks are becoming more common because attackers can launch them easily from the comfort of their computers or network spaces, assuming they can remain anonymous.

DDoS attacks differ from DOS attacks, which are carried out by a single computer. DDoS attacks involve multiple computers or servers under the control of the attacker through a Botnet, which is a network of infected machines (e.g., Trojans, Worms).

What Can Hosting Providers Do About DDoS Attacks?

Hosting providers have several options, each with its pros and cons:

  1. Limiting the server’s speed in sections to ensure only a small number of websites go down at a time. However, this approach can still lead to an overload if a group of websites on the server receives a high number of requests, causing issues even with smaller attacks.
  2. Tightening security measures to reduce the number of requests and limit certain server functions. This approach affects all website owners as it restricts the functionality of their websites.
  3. Employing sufficient staff to monitor the server 24/7 and respond promptly to excessive requests. Some hosting providers adopt this strategy, but it is labor-intensive and costly, which may result in increased prices.

Does a Hosting Provider Have Poor Quality if Uptime Is Not 100%?

Not necessarily, occasional downtime can happen, but it becomes an issue if it occurs frequently or for prolonged periods. A good hosting provider should ensure that the server is quickly restored. This requires well-trained personnel who conduct preventive checks and act promptly when necessary.

Research and experience with various hosting providers have shown that many of them have uptimes ranging from 90% to 99%, which is high considering the constant global activity of internet criminals.

What Can You Do Against a DDoS Attack?

You can take several measures to protect your website from DDoS attacks:

1. Keep your website up-to-date to reduce the likelihood of hackers gaining access to the server.

2. Regularly create backups of your WordPress website. Store them securely at home or use an external backup service provided by your hosting provider.

By taking these precautions, you can minimize the impact of DDoS attacks and ensure the security of your website.

Help! My WordPress admin is not accessible

/0 Comments/in

Issues with WordPress Admin and Possible Solutions

WordPress users often encounter problems with their admin area, especially after updates or activating plugins or themes. If you face such issues, here are some common problems and possible solutions if you want to fix the website on your own.

If Your Admin Is Not Accessible After Activating a Plugin:

Sometimes, plugins can cause issues when they conflict with other components, resulting in a white screen or an unresponsive admin area. If you can’t deactivate the plugin normally, follow this possible solution:

Possible Solution: Use an FTP editor like Filezilla to navigate to the “Plugins” folder (wp-content > plugins). Rename the recently activated plugin folder. This will automatically deactivate the plugin.

If Your Admin Stops Working After a WordPress Update:

Always create a complete data backup before updating!

WordPress updates can sometimes lead to an inaccessible admin area. This may be due to a conflicting plugin that can’t handle the latest update, or the update itself might not have been applied correctly, causing missing code or files.

Possible Solution: Use an FTP editor like Filezilla to manually upload the WordPress core files to the server. Update the following folders: wp-admin, wp-includes, and the root files. However, avoid overwriting the wp-config file, theme, and plugin folders. Refer to the image below to see which files to keep and which ones to update.

Do not overwrite these files: wp-content (contains plugins and themes), wp-config.php (contains database connection information), and .htaccess (contains permalink structure).

Overwrite the other files with those from a new WordPress release.

wordpress important files

If your website still doesn’t work after manually updating the files, it might be necessary to revert to an older version of WordPress. This is not an ideal solution but could be necessary for plugins with outdated code.

Remember, it’s always best to keep your WordPress installation, plugins, and themes up to date to minimize the chances of encountering such issues. If you are unsure or find the process too complex, seeking professional assistance is recommended to ensure a smooth and secure website.