KillerSites Blog

Blogs and CMS

How to make WordPress More Secure

June 8, 2014

A lot of people use WordPress and WordPress is hacked all the time. How do you prevent WordPress from being hacked? My top 4 things to do:

  1. Great passwords that contain both upper and lower case letters, numbers and a symbol or two like underscores, dashes etc.
  2. Keep WordPress up to date! Fortunately in 2014, WordPress can be set to auto update. Do it and save yourself headaches.
  3. Don’t use plug-ins unless you absolutely have to. Do some research to be sure that they are safe and secure.
  4. Delete any unused themes. WordPress comes installed with a few themes … delete them because they could be a place for hackers to drop in malicious PHP files.

I recently had an old WordPress based site hacked and though I had updated it to the latest version of WordPress, will still found a malicious PHP file in this folder:

/wp-includes/images/smilies/ajax.php

… Yes, inside the images folder. That’s one example of where these bastards will stick their malicious code. Remember, they don’t want you to find it. We don’t know for sure but I am guessing they got in the file BEFORE I updated WordPress.

Final Comments
I have to tell you that over the years, the few times we’ve been hacked … it’s always been via WordPress.

We are really reconsidering our use of WordPress, since it can be such a liability. We are asking ourselves, how much does WordPress really bring to the table(?) and weighing that against the risks.

BTW, I am not picking on WordPress, all the major CMS’ out there (Drupal, Joomla) are major points of attack. The open nature of these products, makes them that much easier to hack than closed-sourced (code is not public) private software.

For our new projects, we are rolling out our own blog tool – with all the advanced PHP frameworks out there and given that our needs are fairly simple, it makes sense to us.

If you do end up using WordPress, be sure to follow the above steps.

I hope that helps,

Stefan Mischook
killerSites.com

read more

WordPress and Security

January 13, 2014

wordpress-logo

Hi,

Anyone who knows me knows that I am an advocate of WordPress, especially from the point of view of a web designer since so many small business websites use WordPress.

… Being a WordPress web designer will unlock many more job opportunities for you. Especially if you add in a little PHP and JavaScript knowledge into the mix.

Not all is well in the world of WordPress

The sad thing is that with great popularity and ease of use, comes great evil – WordPress has had a plethora of security holes and can be the source of many of website headaches because of all the hacking that can likely be subject to. Here are some WordPress safety tips:

1. Keep WordPress up to date!

It seems that the WordPress nerds update this popular CMS every 2.6 seconds! Though annoying, these updates are made with good reason: to plug security holes and other bugs.

Thankfully, the in WordPress update feature (as of WordPress 3.x) works very well. You don’t have to go through the 10 step process anymore to update it – just click on the update button and WordPress takes care of it for you.

read more

New WordPress Themes Tutorial!

April 5, 2013

boxshot-wordpresstheme

Hi,

We just released a brand new WordPress training course that teaches you from scratch, how to create a custom WordPress theme. Some details:

In this series,  the viewer is taken through the entire design and development process, starting with doing the design in Photoshop, then building an HTML/CSS template, and finally integrating that template into a fully functioning WordPress theme.

The author demonstrates a wide range of WordPress functionality, including WordPress search, menus, sidebars and widgets, and how to theme posts, pages, categories and archives. In addition, install and use a favorite WordPress plugin: the Advanced Custom Fields plugin.

This course is aimed at intermediate designers/programmers. To follow along, you are expected to have a basic understanding of Photoshop, HTML, CSS and PHP. The author demonstrates WordPress using a local install on a computer, meaning that web hosting isn’t required to follow along.

Video Highlights:

  • Advanced custom fields
  • Widget Sidebars
  • WP Menus
  • Specially designed home page
  • Videos featured in Web Designer Magazine

Thanks for reading,

Stefan Mischook
killersites.com

read more

Do you want to learn WordPress?

April 4, 2013

boxshot-wordpressbasicsHi,

I just wanted to announce my new Beginners WordPress video tutorial course. Here are some of the details:

This video tutorial course is designed to take beginners and teach them the basics needed to know to setup and create a website running on the worlds most popular blogging engine, WordPress!

It is assumed that the viewer understands HTML and a bit of CSS. A basic understanding of PHP is helpful, but not required.

While its best to follow along and write the code, the project files are still included in this video – for those lazy folks out there!

  • Installing and configuring WordPress
  • Custom Taxonomies in WordPress
  • Working with Custom Post types
  • Videos featured in Web Designer Magazine
  • Running time: 4 hours 25 minutes

Thanks for reading,

Stefan Mischook
killersites.com

read more

WordPress Updates Super Easy!

December 12, 2012

Hi,

There once was a time (6 months ago) where updating WordPress was a real pain in the butt. Fortunately for us lazy nerds, those days are past us!

WordPress 3.5 Upgrade is Flawless!

We just upgraded a few of our WordPress based blogs (as you should!) and the one click upgrade worked for the for time for us. And in fact, it worked on many sites. So my congrats to the WP nerds for finally getting this right.

🙂

PS: If you are interested, we have a video course on how to create WordPress themes with Dreamweaver CS6.

Stefan Mischook
killerSites.com

read more

Dreamweaver vs WordPress?

November 7, 2012

Dreamweaver vs WordPress?

What is the difference between WordPress and Dreamweaver? …This is a question that is popping up a lot … so I figure I should answer it.

First of all, though they look the same from the non-nerd’s perspective, they are in fact very different from each other:

Dreamweaver is a web design program that you install on YOUR computer. WordPress is a content management system (basically a bunch of php pages) that you install on your web server – not your home computer.

A website built with Dreamweaver can be uploaded to any web server. When you build a website with WordPress, the website and WordPress become one. You need to have WordPress running to run the website, because the website is dynamically being generated by the WordPress engine.

Dreamweaver is like a set of power tools, that can speed up the web design process. WordPress is like a Lego game, where all the pieces are already made, and all you have to do is snap them together.

… Finally, WordPress is free and Dreamweaver is a commercial product that cost hundreds of dollars.

Read the rest of this article on how-to-build-websites.com

Stefan Mischook
killerSites.com

read more

Learn a CMS or Learn Dreamweaver?

June 15, 2012

Hey everybody!

Recently someone asked whether they should learn Dreamweaver OR whether should they jump into a CMS like Joomla or WordPress.

What is a CMS?

CMS is short for Content Management System, and are web based programs that you upload to the server and they provide word-processor like capabilities to your website – and much, much more.

To make an analogy: you can think of a CMS as being a restaurant buffet, where you have many prepared dishes to choose from, that you can use to create your meal. Where Dreamweaver is like an electric appliance, that helps you create a meal from scratch.

You can learn more about it here:

http://www.killersites.com/blog/2008/blog-cms-wiki-compared/

… The above link points to an older blog post, but it is still good.

Anyway, the core of this person’s questions, comes down to skill-set choices and choosing the best technologies to be able to:

1. Get the most work as a web designer.
2. And to be able to build the best websites.

Here is my answer:

read more

WordPress, Joomla and Drupal in Web Design

May 3, 2012

I was recently asked a question about the future of web design:

I have a short general query about the Future of Web Design: do you think that we are going towards a trend where, particularly with the use of Web environments like WordPress or Joomla, programming skills will be more and more oriented towards updating and customising plugins?

My answer:

I have been a long time believer in this strategy of using a CMS as the basis of almost all your web design projects. I wrote about this back in 2010, talking about the ‘WordPress Web Designer‘.

I use WordPress for my web sites, but Drupal and Joomla can do a great job too. You just have to figure out which one suits you best.

Learning PHP and JavaScript:

Since Drupal, Joomla and WordPress are built with PHP and JavaScript, it makes sense (if you really want to learn how to use these tools to their fullest,) that you should learn at least a little programming. You don’t have to become a full-blown nerd coder, but you should be able to write simple scripts and modify existing PHP and JavaScript code. It will make your life so much easier.

For a more detailed discussion, watch my video below:

Thanks,

Stefan Mischook
killersites.com

read more

Building a CMS from Scratch

November 22, 2011

Every so often people ask about building a CMS (content management system) and so, I decided to included a snippet from an email I recently sent. One point I want to make clear; you can build a CMS using any server side programming language (PHP, Ruby, Java etc …) I just recommend PHP because I think that for most people out there, PHP makes sense.

From the email:

Before you can Build a CMS, you need to understand PHP basics … I would recommend either you get some of the basic PHP courses or you get our Complete Programmer package:

http://www.killervideostore.com/video-courses/complete-web-programmer.php

… I can almost guarantee that PHP and JavaScript will sink in after doing these courses. We don’t have the fanciest graphics but we do have the easiest courses to understand out there.

To be clear, to tackle the CMS course, you don’t need to do everything in the Complete programmer package … these should get you there:

PHP Basic – 274min
PHP Misc. – 141min
PHP and MySQL Basics – 105min
PHP CRUD + Pagenation – 90min
Beginners Javascript – 301min
PHP and Javascript Form Validation – 60min

… And that is probably overkill. I just want to be sure.

It may seem daunting, but you will find that it moves fast once you get into it. And of course, we have our active web community ready to help should problems occur.

Stefan
killerphp.com

read more

New Video: Build A Content Management System with PHP

June 1, 2011

I am happy to announce yet another screencast tutorial for all you nerds out there: Build A Content Management System.

OK, not the most exciting title, but still an exciting course for those PHP nerds who want to go from PHP basics and get into building a full-fledged PHP application from scratch.

Learn how to build a content management system that provides a website all the tools needed to allow basic web users to manage the website content with ease. Over 6.5 hours of tutorials over 41 videos!

Here are some details about the video tutorial:

This course is aimed at intermediate level web developers, demonstrating how to build a basic PHP based content management system that uses object oriented programming techniques and implements the MVC pattern.

Along the way, I cover a wide range of technologies, including HTML and CSS, a bit of javascript/jQuery/AJAX and PHP/MySQLi. I also show how to integrate Colorbox (a jquery plugin) and TinyMCE (for the WYSIWYG functionality.)

Read more: Building a PHP based CMS

Check out the CMS course sample videos

Thanks,

Stefan Mischook

read more