Archive | Security RSS feed for this section

The #1 Anti Virus solution in the US…and it’s free.

July 19, 2012

3 Comments

According to OPSWAT the number 1 Anti Virus tool (in market share) in the United States is Microsoft Security Essentials .  It is number 2 in the world just behind avast!.  It’s incredible that both of these products are FREE!

I have been happily using Microsoft Security Essentials for several years on several computers and have been very pleased with the results, or should I say the lack of problems.  Of course, Anti Virus software is only one link in the security chain and you should also use a software firewall as well as a firewall in your cable modem/router.

Try out Microsoft Security Essentials, I think you will be pleased as well.

Continue reading...

Forget what I said about using the Login Lock Plugin

July 18, 2012

2 Comments

Well, I’ve learned several good lessons in the past few days.  More on that at the end of this message.  My problems started when I couldn’t complete logging in as the administrator on this website.  The login page allowed me to enter the username and password but then it would just hang and would not let me go further.  That was on Internet Explorer.  Next I tried Firefox and after I entered my username and password, I got a “cannot redirect” error.

At this point I didn’t know what had happened.  I didn’t know if someone had hacked my website, or whether a recently installed plugin was causing the problem or what.  I logged into Cpanel for my site and looked at log files and anything that might show what was going on.  I didn’t see anything that led me to resolve the problem.

I decided to restore the website from a backup I had just taken using the DUPLICATOR WordPress plugin.  This would prove that my backups worked and would only take a few minutes.  My website is in a directory on Hostgator called TIREDOFTHECUBE so I renamed the directory to TIREDOFTHECUBE_OLD.  That would allow me to keep my website in case I needed anything from it.  Next, I created a new directory called TIREDOFTHECUBE and copied my 2 backup files there via FTP from my home system.

The instructions told me to run the install.php file so I double clicked on the file and install.php opened on the screen showing the text inside the file.  Instead it should have started restoring my website from the backup.  I couldn’t get the install.php file to work.  “What was I doing wrong”, I asked myself.

Instead of double clicking on the file to run it, I should have opened a browser and typed in the URL TIREDOFTHECUBE.COM/install.php.  I actually knew this but was having a brain dead moment I guess.

I finally got the website restored and the problem remained.  I restored several other earlier versions and still had the problem.  Finally, I got on an electronic chat with Hostgator support.  We discovered that the Login Lock Plugin was the problem.  The support guy disabled the Login Lock plugin and things magically worked.

So, I have loved using the LOGIN LOCK plugin, but I can no longer recommend it.

LESSONS LEARNED:

Go to Login Lock support page, or the support page for whatever product you are having problems with to see if others are having the problem and whether a fix exists.

Do backups often.

Let the support folks help you.

 

Continue reading...

WordPress breakins thwarted with Login Lock

July 14, 2012

0 Comments

 

I installed a Plugin called Login Lock by Mark Edwards and I’m so glad I did.

Login Lock is doing a great job protecting my sites and letting me know what IP address is trying to break in to my site.  On one of my other sites, I’m getting more attempts to break in every week.  Right now I only have one user on this website.  If someone attempts to login they need to know the username and password.  The default username is Admin.  However, I have changed the username on all my websites from Admin to, well… something else, and I would suggest you do the same.  After a few unsuccessful attempts to login, the Login Lock plugin disables access from that particular IP address and sends a message like the following:

This notice is to inform you that someone at IP address 88.99.999.999 tried to login to your site  and failed.

The targeted username was Admin

The IP address has been blocked for 120 minutes.

 

As you can see the person trying to break into my site was counting on the fact that most people do not change the default username (Admin).  Once I get this message, I block that IP address from ever connecting again by using the IPdeny tool in Hostgator’s CPanel.

So, change your WordPress username and always have long passwords on all your accounts.  I would suggest 14 characters at least on all your passwords, whereever you use them.  Also, your password should contain UPPER CASE and lower case characters as well as numbers and special characters.

Let me know if you have any questions or comments.

Continue reading...