Google+ & Jetpack

Since September 2013, I have been using Jetpack to push my posts from this website to Twitter (@cathtechnogeek ) and Facebook (https://www.facebook.com/catholictechnogeek), but I never set up anything with Google+. Maybe it is because I, like so many others, had already got caught up in Facebook. Whatever the reason, I neglected Google+, I finally decided to create a presence in the Google+ Sphere.  So I thought I would create an account for CatholicTechnoGeek.

I first tried to create an account as CatholicTechnoGeek.com, and soon discovered that Google+ wanted me to create a business account instead of a personal site. I was afraid Google was going to ask for a credit card when I began to create the site, but the account is free. After entering the standard set name, email, etc, information to create the account, the Google+ account was running.

I hopped into Jetpack, went to my publicize settings and added the Google account. I then went and posted and then checked the Google+ CatholicTechnoGeek.com page and noticed my post was not on the site. After I did some digging, I found the Google+ site defaulted my WordPress posts to private.

To change your posts to public, you need to go into settings, scroll down until you see the “Apps & Activities” section (see photo #1). You have to click on the “Apps” tab (see photo #2) and you should find the window labeled “WordPress”. (Click on image to magnify) Once you click on the edit, you can change it so the WordPress app defaults to the setting you wish. I have changed my posts to public so anyone one can view the posts. However, it possible to restrict posts to a circle if you want.

#1
#1
#2
#2

 

 

 

 

 

After testing a few more posts, I placed some graphics and I am working on completing my profile.

Wordfence – Slowed Site to a Crawl?

I recently found one downside to Wordfence recently. On a website I manage, it used up enough resources that slowed down my website to a crawl even with cache option enabled. I was using a high-speed connection and yet it took about 2-3 minutes for the site to display.

The way this website is constructed is more to blame than Wordfence. In an effort to compartmentalize various aspects of the website, is made up of seven WordPress installs under the same domain. So in this case the site was using 7 times the resources a normal website might use. Wordfence simply pushed it over the limit.

The moral of the story most likely Wordfence won’t usually crash your website, but it may slow it down depending on the limits of your web sever.

Wordfence Revisited

As I continue to use Wordfence and have started to use it on other sites, I grow to appreciated more and more. I already mentioned the ability to block specific IP addresses in an earlier post “Wordfence Live Monitoring Plugin for WordPress” and some of the reports the plugin is able to generate. Today, I would like to focus on some of the Firewall options in the free version.

Image #1
Image #1

When you fire up Wordfence and look up the options, you will notice that the plugin defaults to Security Level 2. As you can see in image #1,  Wordfence recommends this setting  for most websites.

Shows settings of level 2 default in wordfence.
Image #2

Scrolling down to the Firewall Rules, you will find additional security options (see image #2). These change as you change your security levels. I should also stress that these rules only affect the firewall for your WordPress site and do not change the firewall settings for your computer or server.

I have been personally debating both the level 2 and level 3 defaults. At level 2 they don’t really do anything, and at level 3 they only throttle back a crawler or human being who is searching your website. So rather than staying at the default level 2, I have set some of the option myself to actually block rather than throttle down after what I feel is a reasonable request per minutes. The danger here is you can actually block legitimate crawls by search engines, negatively affecting all the hard work you are someone else has done for search engine optimization (SEO). So you might want to leave these alone unless you are sure you need to need to tweak a setting.

Image #3
Image #3

The other area that is affected by changing the basic security leve setting is the Security Login section (image #3). This area controls the complexity of your users’ passwords and how soon the will be locked out of the site if they fail to enter the correct password.

Again, I find the settings a little lax for my taste, so I have beefed them up over the default level 2 setting you see here. I would be careful how far you tweak this setting or you could be flooded with a lot of users complaining that they were locked out.

Under options you will also find a spot to input an email address. The plugin will then email you when people successfully login to your WordPress Dashboard or when someone has been blocked. So if you aren’t able to watch you site, you at least know if someone has logged into your site and potentially damaged your site.

The most common report I get from Wordfence is a report of someone trying to use ‘admin’ as a user id and was locked out. (A good reason to assign an existing user administrator rights and then deleting the default admin account, or creating a user with administrative powers and then deleting the default admin account.)

I highly recommend this plugin if you have a WordPress site! It is fairly intuitive and does a good job blocking attacks.

 

Wordfence Live Monitoring Plugin for WordPress

log in attempts listing
Just a short list of attempts to break in.

A goal of every blogger and website designer is to have people view and read you site. It is only natural. After all we spend countless hours trying to design a great looking website that is easy to use with content that people want to read.

However, one of the things that will ruin any site, no matter how well designed and how terrific  the content, is a website that is compromised. In other words, outside parties hack the website.

I know this from personal experience. This particular site was hacked and the site gained a poor reputation quickly. It has taken me a lot of work to prove to various people that I have cleaned up the site and it is safe to visit.

 

To help protect this website, and you the reader, I have installed various plugins to help monitor activity on this website. One plugin I have recently installed is Wordfence. While I am still learning about all the program’s features, I am impressed so far.

Wordfence is a plugin that monitors activity on your webpage.  On function is it keeps track of log in attempts. As you can see from the snip from above, I have people trying to sign in as an administrator and gain control of my website. To help prevent this type of break-in, I do not use “admin” as a user on my WordPress website. I also use a password consisting of random letters, numbers, and characters and is longer than 6 characters making it more difficult to break into.

Another function of Wordfence is to track hits on the website. As you can see from the photo below, my site has gained the attention of someone from the Netherlands (most likely a crawler or spider program) who has hit my site 1170 times. While some of these hits are for legitimate reasons, like listings for various search engines, most likely the large number of hits from the Netherlands is not for legit reasons.

Visitors or Hackers
Visitors or Hackers

In Wordfence, I can issue block a particular ip address, preventing a that particular computer from visiting my site. Unfortunately, it is a temporary block if you have the free version.

In premium version you more advance blocking features such as country block. This premium feature allows you to block any hits from a particular country(ies). You can do a simple blanket block, or you customize the block so that legitimate users you know can enter your site.

As I stated before, I am still learning all the programs features, so I can’t give a full review. However, I do urge you do take a look at this WordPress plugin.

WordPress, Carrington Build, and a Child Theme

One of the benefits of using WordPress to build a website is that you can change the look of a website usually in a few minutes. All you have to do is load and activate a new theme that contains all the code to modify your website.

However, being the geek I am, I always like tweaking something on the site. Maybe it is a color, or perhaps a column width. In this particulate case, I was adding Carrington Build by Crowd Favorite (http://crowdfavorite.com/carrington-build) to the website.

I love the functionality of the Carrington Build, but felt the theme that Crowd Favorite developed to highlight the feature was getting old. I had been using it for about four years on Nativity Church’s website (http://www.nativitycatholicchurch.net). Recently, I decided WordPress’ Twenty Fourteen theme might lend itself to the website nicely.

After installing the Carrington Build feature into the Twenty Fourteen theme (sorry but I cannot reveal the process since Crowd Favorite supplies this information to licensed customers only), I went into the WordPress Admin Panel, clicked on Appearance and then Themes. From there I found the Twenty Fourteen theme and Activated it. In a second or two, my new theme was running.

However, after a few minutes I noticed my RSS feeds were not showing the titles or dates. However, when I placed my cursor over the area where the title should be, the tile would appear. Thus, I knew everything was working and I needed to tweak a color on the titles since it appeared the titles showing as white on white.

Using Development Tool

The process of isolating the necessary CSS code was time consuming. (Partially because I do not regularly code websites, and partially due to the amount of tags used to code the site.)  Using Chrome Development Tools (it is built into Chrome – see https://developers.google.com/chrome-developer-tools/ for more information) I was able to isolate the necessary tags to change the title and date and wrote the necessary code:

.rss-date {
color: #41a62a;
}
.rsswidget, .widget-title a {
color: #41a62a;
}
li>.rsswidget {
color: #41a62a;
}

Because from time to time WordPress updates a theme to stay compatible with a newer version of WordPress, I created a child theme. If you directly modify the theme’s code, you often risk losing changes you make when you update because many files are overwritten. A child theme allows you to keep your changes.  Rather than write a long narrative on how to create a child theme you can visit WordPress’ Codex site at https://codex.wordpress.org/Child_Themes or simply search for “WordPress child theme” on your favorite search engine.

Once I created the child theme, I inserted the above code into the style.css file located in my child theme. After loading the changes and activating my child theme, I had my titles showing without fear of losing my changes. (I personally like using FileZilla (https://filezilla-project.org/ ) to move my files between computer and my web server. I also like and Notepad ++ (http://notepad-plus-plus.org/ ) as an editor.)