WordPress Security

Security is one of the major purposes behind custom software development, alongside functionality, performance, interoperability, and support. Our clients mostly shop for new functionality for their WordPress powered websites. While security isn’t typically much of a selling point, it should not be just an afterthought. Security as a concept is part of almost every piece of software in use. Security requires continual attention from all parties, and separates amateur from professional developers. Installing WordPress themes and Plugins from unknown developers opens-up all sorts of security risks that all webmasters should be aware of.

When security problems arise, they tend to be major. So a little preparation can save a lot of fan cleaning! To use another cliché: Once bitten, twice shy. Security is a topic that evokes many stories and charged emotions. Everyone we know has had run-ins with security. For example, ourselves and a couple of our clients were hacked in the past by robots spidering for known vulnerabilities seeking to install malware.

What does the malware that typically affect websites do? It usually causes pop-ups containing scams or trojan horse software that seeks to charge you money, steal your contacts, steal your visitors’ information, or infect your personal computer. While these automated robots don’t usually cause irreparable damage to your website, they do rattle your nerves and waste a ton of your time doing clean-up work on your live website that your visitors and clients are looking at. The vast majority of these security breaches are bots rather than “black hat” hackers. These breaches are intended to go undetected for maximum exposure.

Continue reading →

Advertisement

Theme and Plugin Differences

Randy and I had a fun discussion the other day about the programmatic differences between themes and Plugins. For the most part, anything you can program within a theme can be programed into Plugins, and anything you can program into Plugins can be programmed in a theme. So how do you decide which to use for a particular purpose? The answer is simple—PLUGINS!

As we tweaked our site’s theme, Boldy, we had to decide on whether to strip functionality that we didn’t need out of the theme, replace functionality with other Plugins, or move functionality into new Plugins for eventual release to the WordPress Plugin Directory for community benefit. For example, the “Share” button on the bottom of blog posts (below). The design of the button was part of the original theme. We moved that functionality over to a plugin, which could potentially be replaced with something such as ShareThis or AddThis. We decided to make this a plugin, because it represents functionality more so than page design, and could be useful to other sites—not just ours. We did the same thing with the contact form that was part of the original theme.

Other examples of functionality built into the theme we found were (1) Smooth Navigational Menu, (2) prettyPhoto lightbox, (3) Twitter integration, (4) Cufon font smothing, (5) Nivo Slider, and (6) custom search box. All of these features should ideally be built into Plugins, not kept within the theme. We might get to moving those someday!

Continue reading →

Tweaking Boldy

Our recent site relaunch was based upon a free Premium WordPress theme, Boldy by Site5. Leading up to our new site release and since that time we’ve released significant updates to this theme. There have been so many rather bold adjustments that we decided we would let the world know what exactly the process of tweaking an existing theme entails. We’re also planning future posts on the related topics of performance, security and interoperability.

Here’s what all we did to make “beBoldy”…

Continue reading →

Why WordPress?

Many months back we refined our core service offering from working on any PHP based website to concentrating on the most popular open-source CMS systems: WordPress, Joomla!, Drupal and Magento. We recently announced narrowing our concentration to WordPress exclusively. Here’s why…

Continue reading →