KillerSites Blog


How to make WordPress More Secure

June 8, 2014

A lot of people use WordPress and WordPress is hacked all the time. How do you prevent WordPress from being hacked? My top 4 things to do:

  1. Great passwords that contain both upper and lower case letters, numbers and a symbol or two like underscores, dashes etc.
  2. Keep WordPress up to date! Fortunately in 2014, WordPress can be set to auto update. Do it and save yourself headaches.
  3. Don’t use plug-ins unless you absolutely have to. Do some research to be sure that they are safe and secure.
  4. Delete any unused themes. WordPress comes installed with a few themes … delete them because they could be a place for hackers to drop in malicious PHP files.

I recently had an old WordPress based site hacked and though I had updated it to the latest version of WordPress, will still found a malicious PHP file in this folder:


… Yes, inside the images folder. That’s one example of where these bastards will stick their malicious code. Remember, they don’t want you to find it. We don’t know for sure but I am guessing they got in the file BEFORE I updated WordPress.

Final Comments
I have to tell you that over the years, the few times we’ve been hacked … it’s always been via WordPress.

We are really reconsidering our use of WordPress, since it can be such a liability. We are asking ourselves, how much does WordPress really bring to the table(?) and weighing that against the risks.

BTW, I am not picking on WordPress, all the major CMS’ out there (Drupal, Joomla) are major points of attack. The open nature of these products, makes them that much easier to hack than closed-sourced (code is not public) private software.

For our new projects, we are rolling out our own blog tool – with all the advanced PHP frameworks out there and given that our needs are fairly simple, it makes sense to us.

If you do end up using WordPress, be sure to follow the above steps.

I hope that helps,

Stefan Mischook

read more

WordPress and Security

January 13, 2014



Anyone who knows me knows that I am an advocate of WordPress, especially from the point of view of a web designer since so many small business websites use WordPress.

… Being a WordPress web designer will unlock many more job opportunities for you. Especially if you add in a little PHP and JavaScript knowledge into the mix.

Not all is well in the world of WordPress

The sad thing is that with great popularity and ease of use, comes great evil – WordPress has had a plethora of security holes and can be the source of many of website headaches because of all the hacking that can likely be subject to. Here are some WordPress safety tips:

1. Keep WordPress up to date!

It seems that the WordPress nerds update this popular CMS every 2.6 seconds! Though annoying, these updates are made with good reason: to plug security holes and other bugs.

Thankfully, the in WordPress update feature (as of WordPress 3.x) works very well. You don’t have to go through the 10 step process anymore to update it – just click on the update button and WordPress takes care of it for you.

read more

New WordPress Themes Tutorial!

April 5, 2013



We just released a brand new WordPress training course that teaches you from scratch, how to create a custom WordPress theme. Some details:

In this series,  the viewer is taken through the entire design and development process, starting with doing the design in Photoshop, then building an HTML/CSS template, and finally integrating that template into a fully functioning WordPress theme.

The author demonstrates a wide range of WordPress functionality, including WordPress search, menus, sidebars and widgets, and how to theme posts, pages, categories and archives. In addition, install and use a favorite WordPress plugin: the Advanced Custom Fields plugin.

This course is aimed at intermediate designers/programmers. To follow along, you are expected to have a basic understanding of Photoshop, HTML, CSS and PHP. The author demonstrates WordPress using a local install on a computer, meaning that web hosting isn’t required to follow along.

Video Highlights:

  • Advanced custom fields
  • Widget Sidebars
  • WP Menus
  • Specially designed home page
  • Videos featured in Web Designer Magazine

Thanks for reading,

Stefan Mischook

read more

Do you want to learn WordPress?

April 4, 2013


I just wanted to announce my new Beginners WordPress video tutorial course. Here are some of the details:

This video tutorial course is designed to take beginners and teach them the basics needed to know to setup and create a website running on the worlds most popular blogging engine, WordPress!

It is assumed that the viewer understands HTML and a bit of CSS. A basic understanding of PHP is helpful, but not required.

While its best to follow along and write the code, the project files are still included in this video – for those lazy folks out there!

  • Installing and configuring WordPress
  • Custom Taxonomies in WordPress
  • Working with Custom Post types
  • Videos featured in Web Designer Magazine
  • Running time: 4 hours 25 minutes

Thanks for reading,

Stefan Mischook

read more

WordPress Updates Super Easy!

December 12, 2012


There once was a time (6 months ago) where updating WordPress was a real pain in the butt. Fortunately for us lazy nerds, those days are past us!

WordPress 3.5 Upgrade is Flawless!

We just upgraded a few of our WordPress based blogs (as you should!) and the one click upgrade worked for the for time for us. And in fact, it worked on many sites. So my congrats to the WP nerds for finally getting this right.


PS: If you are interested, we have a video course on how to create WordPress themes with Dreamweaver CS6.

Stefan Mischook

read more

Dreamweaver vs WordPress?

November 7, 2012

Dreamweaver vs WordPress?

What is the difference between WordPress and Dreamweaver? …This is a question that is popping up a lot … so I figure I should answer it.

First of all, though they look the same from the non-nerd’s perspective, they are in fact very different from each other:

Dreamweaver is a web design program that you install on YOUR computer. WordPress is a content management system (basically a bunch of php pages) that you install on your web server – not your home computer.

A website built with Dreamweaver can be uploaded to any web server. When you build a website with WordPress, the website and WordPress become one. You need to have WordPress running to run the website, because the website is dynamically being generated by the WordPress engine.

Dreamweaver is like a set of power tools, that can speed up the web design process. WordPress is like a Lego game, where all the pieces are already made, and all you have to do is snap them together.

… Finally, WordPress is free and Dreamweaver is a commercial product that cost hundreds of dollars.

Read the rest of this article on

Stefan Mischook

read more

Learn a CMS or Learn Dreamweaver?

June 15, 2012

Hey everybody!

Recently someone asked whether they should learn Dreamweaver OR whether should they jump into a CMS like Joomla or WordPress.

What is a CMS?

CMS is short for Content Management System, and are web based programs that you upload to the server and they provide word-processor like capabilities to your website – and much, much more.

To make an analogy: you can think of a CMS as being a restaurant buffet, where you have many prepared dishes to choose from, that you can use to create your meal. Where Dreamweaver is like an electric appliance, that helps you create a meal from scratch.

You can learn more about it here:

… The above link points to an older blog post, but it is still good.

Anyway, the core of this person’s questions, comes down to skill-set choices and choosing the best technologies to be able to:

1. Get the most work as a web designer.
2. And to be able to build the best websites.

Here is my answer:

read more

WordPress, Joomla and Drupal in Web Design

May 3, 2012

I was recently asked a question about the future of web design:

I have a short general query about the Future of Web Design: do you think that we are going towards a trend where, particularly with the use of Web environments like WordPress or Joomla, programming skills will be more and more oriented towards updating and customising plugins?

My answer:

I have been a long time believer in this strategy of using a CMS as the basis of almost all your web design projects. I wrote about this back in 2010, talking about the ‘WordPress Web Designer‘.

I use WordPress for my web sites, but Drupal and Joomla can do a great job too. You just have to figure out which one suits you best.

Learning PHP and JavaScript:

Since Drupal, Joomla and WordPress are built with PHP and JavaScript, it makes sense (if you really want to learn how to use these tools to their fullest,) that you should learn at least a little programming. You don’t have to become a full-blown nerd coder, but you should be able to write simple scripts and modify existing PHP and JavaScript code. It will make your life so much easier.

For a more detailed discussion, watch my video below:


Stefan Mischook

read more

New WordPress 3.x Videos out and on the Way.

December 4, 2010

We have the following WordPress videos coming out, which are based on the current version – WordPress 3.0.2:

– Custom Taxonomies in WordPress
– Working With Custom Post Types in WordPress

… Both can be found on the Killersites video tutorial subscription service.

WordPress and Dreamweaver CS5

We should have a the first free sample videos out this coming week from a new series that teaches people how to work with WordPress via Dreamweaver CS5.

… This latest version of Dreamweaver, has a bunch of tools specifically for use with WordPress. Our video course will not only teach you Dreamweaver’s WordPress tools, you will also learn a lot about WordPress theme creation along the way.


Stefan Mischook

read more

WordPress Privacy Settings and the Search Engines.

June 16, 2010

Over time, as you learn more and more, you’ll soon find that knowledge that you once had, will slowly seep out of your brain (through the ears I think …) and soon stupid mistakes will be made.

Being an old time nerd, much has slipped away over the years – too much. Recently I relearned a basic setting in WordPress that controls whether or not the search engines will read and index your site – an important thing for most websites out there!

Anyway, watch the video and learn to not make the same stupid mistake I made with WordPress:

As some of you may know, I am a big advocate of WordPress (or some other blog or CMS) in day-to-day web design work. You can learn more about WordPress on


Stefan Mischook

read more