What exactly is JQuery? Is it safe?

/0 Comments/in

JQuery has been in use since 2006, yet many programmers still find it challenging to use. However, JQuery is an excellent library of JavaScript actions that can be easily used by any programmer. It allows you to perform dynamic actions on website elements with just a few lines of code.

Here are some key facts about jQuery:

1. jQuery is free to use by any programmer.
2. It is widely accepted by 90% of browsers.
3. jQuery can be used to manipulate the DOM and CSS.
4. It is a library of code that needs to be loaded into the website.
5. Many major websites, including Google, use jQuery.
6. Over half of all websites online use jQuery.
7. jQuery contributed to the decline of Flash on websites.
8. jQuery is fast, lightweight, and suitable for mobile devices.
9. It is regularly updated to stay compatible with the latest browsers.

The difference between jQuery and jQuery minified is that the standard jQuery library is well-documented and includes spaces and enters for better readability. On the other hand, the minified version (jquery.min.js) is stripped of any comments or explanations, resulting in a smaller file size and potentially faster loading times.

As for the updates, jQuery started with version number 1.0 in 2006, and new releases have been introduced annually or even more frequently. The latest release at the time of writing is version 2.0. It’s worth noting that jQuery dropped support for Internet Explorer 6, 7, and 8 in April 2013 and later added support for various new versions of Opera and Safari.

Some common dynamic functions in jQuery include manipulating CSS by dynamically adding and removing classes, and resizing and repositioning divs. These simple functions alone can achieve a lot on a website.

Is jQuery safe? While jQuery files are generally safe, JavaScript files, in general, are targeted by hackers and hack scripts due to their dynamic and loaded nature. To ensure security, make sure that the files are not modifiable by others.

However, since many jQuery scripts are loaded externally, it is essential to be cautious about the source from which the data is coming. External scripts can be vulnerable to alterations by the source at any given time.

Finding a hack in a JS file is similar to PHP files, where the malicious code is usually placed at the beginning or end of the code, and it is often encoded with numbers and characters without formatting.

In conclusion, jQuery is a powerful and widely accepted library that makes dynamic web development much more accessible. However, like any other technology, it’s essential to ensure proper security practices while using it.

How fast does my website load?

/0 Comments/in

You can easily find out whether the slow loading of your website is due to your internet connection or the website itself using the website http://tools.pingdom.com/ (free at the time of writing). After entering your website address, you will see global information, the number of requests, the load time, and the page size displayed clearly at the top of the website.

snelheid test

The speed of your website depends on the slowest file. That’s what you might be waiting for sometimes. Fortunately, the website mentioned above also shows how long it takes to load a file and the size of that file. You need to compare this information to get a good indication of whether the issue is with a file that is too large or if the code is significantly slowing it down.

Errors in code and files that are not in the correct location can take up a lot of time during server loading. This tool is a great way to test your website and see which files need to be optimized to make the website faster!

And for the programmers among us…

You can also see the speed of a website using the “Network” tab in the element inspector of a browser like Google Chrome.

snelheid inspector chrome

Now that you know how to identify what is slowing down your website and how many seconds it takes to load, you can optimize your website.

Here are some tips to make your website faster:

1. Resize large images using Photoshop.
2. Deactivate and remove unused plugins.
3. Review errors with the element inspector and fix them.
4. Ensure that links to files are correct.
5. Enable a caching plugin like WP Super Cache.
6. Use a security plugin to ban bots (fake visitors).
7. Load as much code as possible from your own domain instead of externally.

Remember, less is more when it comes to website speed optimization!

WordPress installation issues

/0 Comments/in

As passionate WordPress programmers, we are well aware that installations do not always go smoothly. While WordPress itself is reliable, external factors can sometimes require adjustments or manual settings.

Here are some common installation issues and their solutions:

WordPress Installation Problem #1

The wp-config.php file cannot be written to.

Solution: Copy the wp-config-sample.php file and remove the “-sample” part from the filename. Then, manually add the MySQL database information to the file. You can find the wp-config.php sample file in the httpdocs directory, where the wp-config.php file should be placed.

WordPress Installation Problem #2

The admin system is not functioning correctly, showing error pages, or indicating missing files.

Solution: It is likely that you uploaded a WordPress download to the FTP, and some files were not transferred to the server or were incomplete. To resolve this, copy the files again to the server, overwriting the existing files to ensure complete files are in place.

WordPress Installation Problem #3

The admin system was working after installation, but it hangs after adding plugins.

Solution: A plugin is causing the error, and it may seem impossible to deactivate it since you cannot access the admin system. The best approach is to rename the plugins. Add a hyphen to the plugin’s folder name on the server. This will make the plugin inactive, and you will know which plugin is causing the error. Sometimes, plugin development lags behind the latest WordPress releases, leading to compatibility issues.

WordPress Installation Problem #4

After completing the installation, when creating a new post, you are unable to upload an image.

Solution: Sometimes, the uploads folder is not immediately writable, which is essential for uploading images. Navigate to httpdocs > wp-content > uploads, right-click on the folder, and choose File Permissions or CHMOD. Set the write permissions (usually 777), and the issue is likely to be resolved.

WordPress Installation Problem #5

You cannot change the permalinks because the .htaccess file is missing or not writable.

Check if there is a file named “.htaccess” in the httpdocs directory of your hosting/server space. This file is crucial for permalinks. If it is missing, create a new file and set its permissions to 777. Generate the permalinks in your admin panel under Settings > Permalinks. Once done, remember to set the permissions to 444 (read-only) to prevent hackers or hackbots from redirecting your website.

5 Problems and 5 Solutions

These are some common problems and their solutions. If you encounter other issues or need assistance, we have been working with WordPress for years, primarily focusing on restoring and securing WordPress websites. Feel free to contact us for availability, as restoring and securing WordPress websites is our priority.

A WordPress webshop with WooCommerce

/0 Comments/in ,

WooCommerce is indeed one of the most popular and widely used webshop plugins for WordPress, and it has gained its reputation for being a powerful and versatile solution for creating online stores. Here are some key points about WooCommerce:

What is WooCommerce?

WooCommerce is a webshop plugin for WordPress that is available for free. It allows users to turn their WordPress websites into fully functional online stores. Due to its popularity, there are numerous plugins available that further extend the functionalities of WooCommerce.

How to Install WooCommerce

You can find WooCommerce in the plugin database of WordPress, or you can download it from the official WooCommerce website. Installing WooCommerce is a straightforward process, but it requires proper configuration after installation.

Keeping WooCommerce Secure

While WooCommerce itself is a stable plugin for building webshops, it is essential to keep your WordPress website secure to prevent potential hacks. If your WordPress website gets hacked, a hacker can manipulate your WooCommerce webshop in various ways, such as stealing user information or adding their own products to your shop.

The downside of using free webshop software like WooCommerce is that anyone can download it and explore potential vulnerabilities to exploit or inject malicious code. Therefore, it is crucial to have robust security measures in place on your website.

A reliable security plugin, such as iThemes Security PRO, can help protect your website by blocking suspicious injections, blocking users or bots after a certain number of login attempts, preventing hacking attempts, hiding your WordPress admin panel, and keeping track of server activities.

WooCommerce and SSL

WooCommerce supports various Payment Gateways, which are payment methods that allow buyers to pay easily through your website using options like PayPal or iDeal. However, these payment gateways involve the transmission of critical customer data through your website to the bank.

To ensure that this sensitive information does not fall into the wrong hands, it is crucial to set up an SSL certificate. With an SSL certificate, your website will have an HTTPS link that securely encrypts the data before sending it over the internet. Even if intercepted by cybercriminals, the information remains encrypted and unreadable.

A Solid Start with WooCommerce

Before adding products and launching your webshop online, it is essential to set up WooCommerce securely. Just like you wouldn’t open a physical store without securing the backdoor, ensuring proper security measures for your online store is equally crucial.

By taking the necessary security precautions and using WooCommerce responsibly, you can have a solid foundation for building a successful and secure webshop on your WordPress website.

Antivirus for WordPress

/0 Comments/in

Whether antivirus for WordPress is necessary depends on your specific setup. If you are using WordPress without many plugins and have a unique theme that is not widely used, then antivirus for WordPress may not be essential. WordPress itself is a stable and reasonably secure system to build your website on.

However, it is important to note that plugins can be the source of security issues. Free plugins available on WordPress.org can be downloaded by hackers, who then test them for vulnerabilities that they can exploit to take control of WordPress websites. Once they have access, they may use the website to promote their own products or engage in other malicious activities.

Hackers are not selective about the websites they target. Any website that can link to their products or improve their website’s status is of interest to them. They often use automated scripts to carry out their attacks.

Hackers may exploit hacked websites for various purposes, including sending spam emails through your server and IP address, placing links on your pages to gain more visitors, and adding links to the hackers’ products to improve their website’s ranking in Google search results (a crude form of backlink SEO).

To protect your WordPress website from hackers, antivirus for WordPress can be beneficial. It can do the following:

1. Stop Brute-Force attacks: Antivirus for WordPress can prevent scripts from launching thousands of password attempts per minute on your admin login to eventually gain unauthorized access.

2. Create database backups: In case of any issues or a successful hack, you can restore your website from the backup.

3. Hide wp-admin: Antivirus for WordPress can hide the standard URL for wp-admin and other links to access the admin area, making it less accessible to potential attackers.

4. Manage user behavior: Antivirus for WordPress can enforce strong password usage for you and your writers. Additionally, some security plugins may prevent the default use of email addresses for logging into the admin panel, which can improve security.

5. Block DDOS attacks: Antivirus for WordPress can prevent DDOS attacks carried out through XML-RPC, stopping pingbacks from being abused to bring down other sites.

A popular and effective antivirus for WordPress is iThemes Security Pro. It provides comprehensive security features to protect your website from various threats.

The ease of habits

/0 Comments/in

I make use of people’s habits when hacking a site. For example, I exploit their tendency to use easy-to-remember usernames and passwords. People often use their first or last names, maybe followed by a birthdate, and sometimes add a few numbers.

We dislike complicated passwords because there are already so many we have to remember. I like to take advantage of these habits.

Another example of habits

When you think of a hacker, you may envision a stereotypical bad person. After all, who would want to learn how to break into someone else’s system?

And rightfully so, there are very few who would go to the trouble of hacking just to earn a living through hard work.

But they exist, white hat hackers

white hat

 

White hat hackers hack for the thrill, for amusement, without causing harm to a website with hacks. They approach companies and inform them about the hacks they found.

Or they simply help someone regain access to their site if they forgot their password.

Hacking sites can be a fun activity if you know what you’re doing. I do it for the entertainment, which is why I’ve become a guest blogger on wpbeveiligen.

For your convenience, you can call me Hacker Anno. Hopefully, you will learn from the tricks I will describe in the coming weeks, and understand that there are also good hackers out there.

Best regards,
Anno

Dé WordPress Hack Check

/8 Comments/in

Wil je weten of je WordPress website gehackt is? Of je WordPress website op dit moment hack-vrij is of malware bevat? Of hackers nu toegang hebben tot je website, tot je admin?

Dan ben je bij ons aan het juiste adres!

Wij zijn al jarenlang full-time actief als beveiliger en onderzoeker van WordPress websites.

De officiële Hack Check

Wij hebben de officiële Hack Check ontwikkeld voor WordPress websites, webshops en hele grote WordPress websites.

Aan de hand van een uitgebreide checklist lopen we door de gehele website op zoek naar hacks, backdoors, malware.

Wij controleren grondig en effectief. Binnen 48 uur weet jij of je website door een hacker geïnfecteerd is en krijg je een uitgebreid PDF rapport.

Vraag de Hack Check nu aan

Updates, implemented immediately?

/0 Comments/in

Updates are important. We won’t deny that!

But…

You want to avoid problems in general. What are the chances of getting hacked due to an outdated plugin, and how likely is it that a new plugin conflicts with other plugins or with WordPress itself, causing errors that make your website non-functional?

The chances are higher that your plugin encounters an error and your WordPress stops working due to conflicts with other plugins or WordPress than the chances of your website getting destroyed by a hack.

Examples

We often come across WordPress websites that stop working, for example, because themes with WooCommerce templates use code that suddenly doesn’t work anymore in the latest WooCommerce update. Suddenly, your online shop stops functioning!

Or plugins that were coded 2 years ago may not work with the latest version of WordPress.

Plugin compatibility can also be an issue. For instance, translation plugins may be coded to work together with certain themes, WordPress, and other plugins used at that time, but after a year, the code may no longer be compatible.

Plugins still need to be updated

We will never say that you shouldn’t update your plugins. But as a tip, we suggest updating them regularly after making a backup, and update them all at once, not for every single release but on a regular basis.

Unless you want to run a backup of your data and database with each release so that you can roll back in case of any issues.

A new release

A new release or update is tested in advance, but it can never be tested on all platforms with every PHP version that exists. So, if it is found to have issues, the feedback will be posted on forums, and the developer will release a new update. Therefore, it’s advisable to wait at least 3-5 days before updating a plugin or WordPress, so you avoid being in the test phase.

It’s just a tip, do with it what you want 😉

An error 500 in WordPress … now what?

/0 Comments/in

WordPress is essentially “foolproof.” You can set up a WordPress website as a beginner and play around with it freely. You can create posts, install themes, customize settings in WordPress, and more.

WordPress is designed to keep working no matter what you do with it.

The admin panel is separate from the website and the theme. It has a separate code in a separate folder.

And when you are in your admin panel, you can do various tasks without affecting the WordPress core.

But occasionally, Error 500!

Error 500?? What is that now.. and just when you uploaded some new plugins and your website was becoming amazing.

What now?

Error 500 is a server error, and as a result, your entire website, including the admin panel, is no longer visible.

Time to panic!

No, calm down. Think about the last plugin you installed. That plugin or sometimes even the theme is likely causing the server error, and you can solve this by deactivating that plugin.

How?

You need to rename the plugin. That is often enough for WordPress to stop using the plugin, which will make your website and admin visible again.

How do I rename a plugin when I can’t access it via the admin?

You have access to the server through your hosting package, either via a hosting panel or FTP details.

If you have a hosting panel

Do you have DirectAdmin or cPanel? There is likely a file editor in it that allows you to navigate to the plugins and rename the file.

The plugins are located in > httpdocs or www > wp-content > plugins

directadmin file aanpassen

If you have FTP access

Enter your server details in a free program like Filezilla, and you will be able to see the server folders in Windows/Mac style, making it easier to navigate and rename the specific plugin or theme.

Simply add a hyphen before the name of the plugin.

Filezilla naam aanpassen

That’s enough for WordPress to deactivate the plugin or theme, making your website visible again, and allowing you to manage the website!

And then you can continue playing around in WordPress to create the website just the way you want it 🙂

Goofballs and Malware

/0 Comments/in

The internet is anonymous, and as a customer told me last week: ”The internet is full of weirdos and malware.”

Types of individuals we deal with:

Regarding hacks and malware, we encounter a wide range of individuals, but of course, we never get to know the person behind it since every “weirdo” has the intelligence to hide behind a proxy.

Professional Programmers

An example of brilliant programming work:

Today, we came across JPEG images in the uploads folder.
Not strange, right?

Until you open the file with a PHP editor and find code that opens up your WordPress website to hackers.
The hackers go beyond this trick and provide a good piece of programming work to make these files executable.

voorbeeld

The Script Kiddies

An internet term used to refer to individuals who simply execute a script to “hack your website.”

This is a large group, mainly consisting of young people. They watch some YouTube videos and follow the steps taken by seasoned hackers to hack a website.

Unfortunately, with the average WordPress website lacking additional security, they still have a chance of success.

The Weirdos

There’s a group of hackers seeking “fame”. It doesn’t matter which website they breach, as long as their name or advertisement appears on the site.

In some cases, you might end up with an entirely new homepage with a fictional alias and an image displaying their logo clearly. Most of the time, however, your website unknowingly promotes expensive products that you have nothing to do with. Sometimes legally, sometimes illegally.

Conclusion

Individuals from all over the world target WordPress users, ranging from brilliant people doing it for “big money” to those who only have a computer and deep debts and want/need to earn something because they don’t receive benefits in most countries, and their entire family is suffering.

Each person has their motive for engaging in these illegal activities, and it is our responsibility to ensure they can’t access your WordPress!

Our website is full of articles and tips on how to prevent weirdos and malware. Feel free to read more!