WP Minder

wordpress security

Weekly Links Roundup – Collapsing Nav Menus, Translation Plugins, Affiliate Plugins, WordPress Security Myths

by 1 Comment

This week’s top WordPress and web marketing links.

This morning I was putting together a mega menu (think: a really huge menu) for a new site. You know when you have a lot of links in a menu, how hard it gets to move things around in that menu in the WordPress dashboard? I have a fix for that – check out Nav Menu Collapse. It will let you collapse and expand individual menu sections or the entire menu. This functionality should be part of WordPress core, it’s so essential for large sites.

That same new site also needs to be multilingual. The client isn’t interested in manually translating the entire site at this time, but we are going to take advantage of Google Translate and have quick language switching functionality. Learn about different ways to make your site multilingual. And, here’s a review of the 11 best WordPress translation plugins if you want more choices.

Another new client was looking to set up an affiliate program that would let friends and customers sign up to promote the site. A user signs up as an affiliate and then gets a special link to share with others. When someone uses the link, that affiliate gets rewarded. Here’s a review of 10 WordPress affiliate plugins. I’ve heard many good things about AffiliateWP, which integrates with WooCommerce.

Security is an important part of WP Minder’s services. Here’s a quick post about the top 5 security myths surrounding WordPress – and how they have all been debunked. Keep in mind that the biggest security issue with WordPress is user-related; not updating plugins, themes or WordPress core is the number one reason WordPress sites get hacked. If you don’t want to do this yourself, give WP Minder a try and let us handle site security and updates for you.

Did you find this information useful? Please share with your friends and colleagues! And comment below with questions or observations.

Friday Link Wrapup – WordPress Statistics, CMS Woes, Booking Plugins, Security Quiz

by Leave a Comment

This week’s WordPress and web marketing links.

The big giant list of fun and useful WordPress statistics.

No, a CMS like WordPress is not a magical silver bullet that will make all your content problems go ‘poof.’ Learn more about how to overcome them.

If you need to take appointment requests from clients, here are a group of booking plugins for WordPress that might help.

Finally – think you know all about WordPress security? Take this quiz and see (and yes, I got a perfect score).

Sucuri’s Website Hacked Report for Q1 2016

by Leave a Comment

Today, web security services company Sucuri released its Website Hacked report for the first quarter of 2016. There’s some really interested and important info in here for WordPress site owners and managers – you can get the report yourself here, but I’ll summarize some of the key findings below.

Over a third of the websites on Earth are powered by one of three CMS (content management system) platforms: WordPress, Drupal, and Joomla. Of those three CMS platforms, WordPress has a 60% market share.

This report included data from over 11,400 websites Sucuri worked on during January-March of 2016. Of those, 78% were using WordPress; Joomla was second at 14%.

Over 50% of those hacked WordPress sites were out of date.

Key point: Sucuri says that “in all instances, regardless of platform, the leading cause of infection could be traced to the exploitation of software vulnerabilities in the platform’s extensible components, not its core. Extensible components directly relate to the integration of plugins, extensions, components, modules, templates, themes and other similar integrations.”

This means that it’s not WordPress core files that are the cause of these infections, instead it’s plugins and (secondarily) themes.

Image by Sucuri from Website Hacked report Q1 2016
Image by Sucuri from Website Hacked report Q1 2016

The top three outdated plugins for WordPress, accounting for 25% of all vulnerabilities, were RevSlider, Gravity Forms and TimThumb. Each of these has had a fix available for at least a year, and sometimes for multiple years, but hadn’t been updated.

Sucuri says this shows “and reiterate(s) the challenges the community faces in making website owners aware of the issues, enabling the website owners to patch the issues, and facilitating the everyday maintenance and administration of websites by their webmasters.”

If you’d like to read more, view the complete report here.

This is one of the reasons WP Minder exists – to keep things up to date so that the risk of being hacked is reduced. WP Minder also uses Sucuri’s excellent Website Firewall (WAF) for our Small Business, Business and Premium Plans to help stop exploitation of plugin and theme vulnerabilities and keep sites from getting infected. Check out our Plans here.

This site uses cookies to enhance your experience. By continuing you agree to the use of cookies. View privacy information.