tips

You are currently browsing articles tagged tips.

WordPress Security

April 19, 2009 in Guides, Site Development by admin | 3 comments

There are numerous actions a prudent web admin can take to make their site more secure. In an effort to place the key safety precautions you can employ on a WordPress site I have gathered a number of actions from multiple sources and placed them here.

Please note that this posting is not original content, rather it is a merged aggregation from the references listed below.

Item 1.

Always Upgrade to the current version of WordPress

Upgrade your WordPress as soon as possible. Most WordPress releases patch security loopholes, fixes which are essential for your continued protection.

Item 2.

Change Default Passwords

That is the first thing to do, if you are still using the default 6 lettered admin password which is sent to you via e-mail. Give a tight and secure password with numbers and letters and symbols jumbled up so that granny’s bruteforcing technique doesn’t cost you your blog. Don’t be too concerned about loosing your password and choose a simple password as you can always change your lost WordPress password.

Item 3.

Remove WordPress ‘version string’ in your theme files

1. Go to WordPress dashboard, click on presentation -> edit themes -> header.php
2. Find and remove this. bloginfo(‘version’) Save the file.

Explanation: Hide the version number of your WordPress such that it will be hard for hacker to find security loopholes for the specific version of WordPress.

Item 4.

Place empty ‘index.html’ file in the plugins folder

1. Open a text editor ’save as’ and save the file as index.html (be sure to change the filetype from text files to all files if you are running in windows)
2. Upload the file to WordPress wp-content/plugins folder in your web server.

Explanation: Hide the plugins used by your WordPress blog. It uses the same concept as above which is to hide security loopholes in the plugins.

Item 5.

Upload a copy of .htaccess file in the wp-admin and wp-includes folders

1. Using FTP program or your webserver file manager, go to the root folder of your server and download .htaccess file (set ’show hidden files’ first if you’re using FTP program such as FileZilla)
2. Go to your wp-admin folder
3. Upload the .htaccess file you’ve downloaded from the top level directory.

Item 6.

Use SSH instead of Telnet, SFTP instead of FTP

For real security use ssh to access your site instead of ftp which is inherently insecure and open to snooping of your account details as the authorization details (login & password) are transmitted in clear over the internet. With ssh you can use secure ftp protocol like sftp to do anything you can do with ftp. Similarly you can use ssh instead of telnet to securely connect to your Linux / Unix server

Item 7.

Create a robot.txt to place in your top level directory

Recommended contents include:
User-agent: *
Disallow: /cgi-bin
Disallow: /wp-admin
Disallow: /wp-includes
Disallow: /wp-content/plugins
Disallow: /wp-content/cache
Disallow: /wp-content/themes
Disallow: /trackback
Disallow: /feed
Disallow: /comments
Disallow: /category/*/*
Disallow: */trackback
Disallow: */feed
Disallow: */comments
Disallow: /*?*
Disallow: /*?
Allow: /wp-content/uploads

References:

  • http://www.bloganything.net/922/secure-your-wordpress-blog
  • http://blog.taragana.com/index.php/archive/20-wordpress-security-plug-ins-and-tips-to-keep-hackers-away/
  • wordpress codex

Tags: , , , , , , ,

Design Pointers

March 3, 2008 in Guides, Site Development, Web Developer by mark | No comments

The most important part of your web site is the actual text content. Use the following tips regarding content:

  1. Site Navigation Scheme – Using index cards or smaller pieces of paper, write down all the items that you want included in your web site (Brainstorm here!). Now separate them into Categories, understanding that one index card may end up in more than one category. When you have something that makes sense, you have just created one navigational scheme!
    • If you need more than one level of hierarchy, create additional piles. Ensure that those items which you know your audience will want to get to are not too far down in the navigational scheme. Will your audience have to click more than two times to get to the item? If so, consider using a Quick List on higher levels of your site which will get your audience quickly to these popular items.
    • Repeat the above process until you come up with one or more navigational schemes for your site. Now decide how you want to ” label ” each of the Categories so that it is brief and yet descriptive for your audience.
  2. Static vs Dynamic – Determine which elements of your web site will be relatively static in nature, and which elements are dynamic, requiring frequent updates. You may decide in this step NOT to include something on the web site, if you will not be able to maintain it.
  3. Page Size – For large documents, decide whether you will break it into separate web pages, making each page printable on its own.
    • Your alternative is to make one large document with a table of contents or index at the top with target links to specific areas of the document.
  4. Page Identity – Make each page in a group of web pages understandable on its own. This means that you will need to title each page consistently. If your site has several layers of content, consider the usage of footprints on your pages. (Ex.Home & gt; & gt; ITS & gt; & gt; Documents).
  5. Print vs Web – Content that typically needs to be revised when converting printed media to the web include:
    • contact points (email addresses in addition to mail addresses, room numbers and telephone numbers)
    • if you include a phone number, use complete phone numbers with area codes
    • when referring to a date, spell out the month. While the US uses month / day / year, the rest of the world uses day / month / year
    • for forms to be placed online, you will need to rewrite the instructions. For example, remove / reword sentences such as ” Complete back side of this form. “
  6. Link descriptions – Part of your documents will contain links to other information. These links should alert the user to what they will see if they select the link; in other words they should be brief and yet descriptive. In some cases, it is also appropriate to describe the ” where ” in the link. For example, if a link will take the user to another web site, convey that information in the link text. Avoid terminology like ” click here ” or ” press the right arrow “; browser methods of choosing links vary.
    • provide ” return to ” statements on pages of your web site to help users get back on track.
  7. Stale content – Tell users, in words, how often a page is updated.
  8. Original content -
    • Make the content of your home page original. Do not duplicate documents that appear elsewhere on the Internet. Instead, link to them
    • Be aware of copyright regulations that apply to existing Web sites.
  9. In development – Avoid under Construction pages. If you intend to eventually include an additional page or section on your web site, you may say so on a completed page of your web site, but do not put up a page which only states Under Construction.
  10. Spelling errors – Spell check and proofread your pages as you would any other publication.

Tags: , , , ,

Special Tips

March 3, 2008 in Guides, Site Development, Web Developer by mark | No comments

Special Tips

Be aware of the pitfalls of character sets . (Here comes a pound sign £ what did you get?) Currency signs are a real danger. It might be safer to write the currency in full. It is not just the signs that fail in some way; even those that do display may be misinterpreted. Let ‘ s say you are in the USA and write $25.00 without qualification. How much does that look like to a browser in Australia, Canada, or Hong Kong? If the local $ is worth more than the US$ then you risk someone dismissing a product as overpriced. If the local $ is less, your strangely eager customer may suddenly turn sour when she or he thinks you have been deliberately misleading.

  • ISO 8859-1 Character Set Overview
  • If you specify a background color or image, but don ‘ t specify text and link colors, the user ‘ s text and link colors will be used against your background. In some cases, there won ‘ t be contrast between the user ‘ s text and link colors and your background color or image, so your text and links will disappear. The rule of thumb is that if you set one color, then you need to set them all .

Tags:

Design Resources

March 3, 2008 in Guides, Site Development, Web Developer by mark | No comments

Top Ten Resources

  • Designing For Multiple Browsers Without Being Bland
    A concise, sober, and BRIEF description of a good Web authoring strategy. Other fine articles by the author include What You See is Not What Others Get and Widen Your Web Site ‘ s Audience . Stephen Traub.
  • Getting Started with HTML
    A primer to Learning HTML 3.2 by Examples , this is a comprehensive and succinct Guide to writing standard HTML.
  • Web Site Design Tips
    Web site design tips for the beginner to the expert. A great collection of classic web site design tips that will build a strong foundation for any new web designer. /a>
  • The Web Design Group Reference Section
    Excellent background information and technical details on HTML authoring. Web Design Group.
  • Designing for The Web
    A series of informative articles on Web site design, including A Web Site is a Harsh Mistress & Rules of Thumb. The special focus is on complementing Web design skills with competence in interface design . Don ‘ t miss Web Site Design. Diane Wilson.
  • Useit.com: Usable Information Technology
    An expansive resource on usability and user interface issues – - featuring several extremely challenging and well-researched essays on Web design and style. Jakob Nielsen.
  • Understanding HTML
    An outstanding presentation of HTML basics by an Australian with a fine writing style. Dianne Gorman.
  • Hints for Web Authors
    A short yet insightful historical analysis of conventional vs.web publishing , Hints for Web Authors is replete with solid recommendations on how to succeed with the latter, including a few pragmatic suggestions mixed in there for good measure, “… in hopes that others may find ‘ em useful. ” Warren Steel.
  • Dan’s Web Tips
    This huge resource contains a balanced summary review of most of today ‘ s important Web authoring topics. Daniel Tobias.
  • HyperText Markup Language
    World Wide Web Consortium (W3C) home page for HTML. Here you will find pointers to specifications for HTML, guidelines for how to use HTML to the best effect and pointers to related work at W3C. W3C.

Tags: , , ,

Style Tips

March 3, 2008 in Guides, Site Development, Web Developer by mark | No comments

Condense textual content to fit the time and attention constraints of today ‘ s busy Web users.

Use small (byte-wise) graphics so graphics load more quickly in graphics-capable browsers. (It is not advisable to use GIFs for everything. It ‘ s of the first importance to make the right choice between JPEG and a palette-based format. Avoid blindly choosing GIF and then trying to rescue yourself from the resulting problems.)

Tags: ,

Accessibility Guidelines

March 3, 2008 in Guides, Site Development, Web Developer, Web Standards by mark | No comments

Accessibility Guidelines and Tools

Quick Tips to Make Accessible Web Sites ” Quick Tips ” introduce key concepts of accessible Web design. Please note that these are not complete guidelines.
Web Accessibility Quick Reference A document created by AmbientWebs ‘ s Web Services to provide a summary of the items that must be done to accomplish web accessibility using the priorities established by WAI.
WebXact WebXact is a web-based tool that analyzes web pages for their accessibility to people with disabilities. The Center for Applied Special Technology (CAST) offers WebXact as a free public service in order to further its mission to expand opportunities for people with disabilities through the innovative uses of computer technology. To analyze a web page, type in the URL of the page that you want WebXact to examine and select Submit. WebXact will display a report indicating any accessibility and / or browser compatibility errors found on the page.
Checklist of Checkpoints for Web Content Accessibility Guidelines 1.0 This list of checkpoints is divided up into THREE levels of priorities.
Web Content Accessibility Guidelines 1.0 This is a very long document which outlines all of the guidelines. If you prefer to digest them all at once, you can read this entire document.
Techniques for Web Content Accessibility Guidelines 1.0 While Web Content Accessibility Guidelines 1.0 strives to be a stable document (as a W3C Recommendation), this document is expected to evolve as technologies change and content developers discover more effective techniques for designing accessible pages.
   

Other Web Accessibility Resource Links

Tags: , , , , , ,

General Tips

March 3, 2008 in Guides, Site Development, Web Developer by mark | No comments

These tips will help beginners to create highly functional and accessible Web pages. Some of the tips focus on writing valid HTML syntax while others focus on designing pages for ” ease-of-use. ”

General Tips

  • Write your pages for multiple types of Web browsers – - to provide trouble-free access to the widest possible audience. The World Wide Web is a multi-platform, non-browser specific medium. It should not matter whether people browse your Web pages using Netscape, Explorer, Opera, Lynx, WebTV, NetPhonic ‘ s Web-On-Call, Mobile Telephones, or Personal Data Assistants (PDAs, or palmtops, the little computers card). Each browser ought to render your informational Web pages without problems. If a Web page is designed properly, blind individuals, or anyone using text-to-voice or Braille displays, can easily listen to and review your work.
  • Run Web pages through a validator to test their compliance with common HTML (HyperText Markup Language) specifications. Modify pages until they validate, because compliant pages have a better chance of being rendered by various Web browsers, as the writer intends. However, if you intend something that is impractical with HTML, it will be no less impractical for being syntactically valid. Work with the strengths of HTML rather than trying to batter it into a WYSIWYG page design system. (WYSIWYG stands for What You See Is What You Get.)
  • Spell check and proof-read your documents.
  • Establish a routine for locating and fixing broken internal and external Web site links.
  • Include contact information and a copyright notice.

Tags: , ,

Improve the web with Nofollow Reciprocity.
6 visitors online now
6 guests, 0 members
Max visitors today: 10 at 12:24 am UTC
This month: 11 at 09-01-2010 10:26 am UTC
This year: 37 at 06-03-2010 11:01 pm UTC
All time: 37 at 06-03-2010 11:01 pm UTC