Tag Archives: wordpress hosting

Is My WordPress Site Vulnerable To Hacking?

WordPress websites have always been a sweet target for hackers and script kiddies looking to have some fun at the cost of damaging and defacing websites. In July 2014 the popular plugin “MailPoet Newsletters” was exploited to cause damage to over 50,000 websites across the internet. For a hacker, it is also worth investing time and money in identifying vulnerabilities, since millions of site’s across the world use WordPress, and being able to compromise one of them may lead you to be able to replicate it for other site’s with the same vulnerability as well.

The website WPvulndb.com lists all the known exploits and vulnerabilites and categorizes them under WordPress Core, Themes and Plugins. This article explains how you can test if your WordPress site is vulnerable and what precautions to take before you fall prey to an attack.

Plugins

In August 2014, the Custom Contact Forms Plugin allowed alterations and modification to the database using a flaw in the system. This affected thousands of websites which had downloaded and used that plugin. The security company Sucuri, tried to contact the developers but to no avail. They finally posted this message on their blog:

“Due to the unresponsive nature of the development team, we’d encourage you to pursue other sources for your WordPress form needs. There are various options with developers that are very responsive and are actively concerned with your security needs.”

Many free plugins for WordPress, maybe outdated, vulnerable, badly coded and may no longer be supported by an active development team. This means that using such a plugin may be detrimental to your website’s security and may lead you to being a hacking victim due to the flaws in that plugin. Always install plugins which have good reviews, good ratings, are compatible with your current version of WordPress and which are regular updated by an active developer team. You can see the plugin details and inspect them before integrating it with your website.

Themes

The same applies to WordPress Themes as well. Always read the theme reviews and see their rating before you choose a theme. Also, just because you pay for a theme does not mean that it is more secure or has no vulnerabilities, the only advantage will be that you will be able to contact the developers to patch your theme or update it. Bad coding in the themes may lead your site to become slow or open it up for hackers to exploit.

Update

Always keep your WordPress major version and all other themes and plugins up to date. You can do this manually or if your web host provides you with an auto installer, you can allow the auto installer to update WordPress, the themes and the plugins through a scheduled cron command. Keeping your site in sync with the latest version will prevent hackers from exploiting old vulnerabilities, for which a fix is already available. Although this is a very simple and easy counter-measure, keeping updated software can go a long way in ensuring security.

Backup

Always backup your site regularly and maintain a remote backup location in case of a disaster or damage to your site. Keeping a remote backup location is ideal, so that you “do not keep all your eggs in one basket”. Make sure that your backup is easy to restore in the event of an emergency. While you can backup parts of your website separately Eg: Database, Files, Image etc. you can also have a compressed zip backup of your entire website in a single file. Auto Installer software allow you to schedule nightly backups and set the backups to happen automatically.

Testing

Don’t forget to test your website for any known exploits or vulnerabilities before the hackers do. Free online tools like Sucuri Website Scanner will scan your website and suggest some security measures. They will also alert you of any major flaws in the system and will also indicate any outdated WordPress versions. Better scan your website before the hackers do.

Is Managed WordPress Hosting Worth The Money Or Can You DIY?

Leave a reply

Is Managed WordPress Hosting Worth The Money Or Can You Do It Yourself?

WordPress websites require constant care and attention, especially when the site has a large number of daily visitors. “Managing” WordPress includes optimizing WordPress for Speed, Security, Efficiency, Fault Tolerance, Scalability and even Disaster Recovery. This means ensuring that the WordPress website is always available to visitors and there is minimum downtime. This article discusses whether you really need “Managed” WordPress Hosting or any ordinary shared hosting will also suffice. The aim of this article is to introduce a newbie or a novice WordPress Webmaster from deciphering the jargon and hype created about “Managed” WordPress Hosting.

What is Managed WordPress Hosting?

Managed WordPress Hosting is when you outsource the management of your WordPress installation to your hosting company (or to a specialized agency, which will handle it for you). It may be called a special type of hosting which may have been optimized for WordPress or special tools which will enhance the overall WordPress experience.

Most “managed” hosting providers provide services specially fine-tuned for WordPress which can broadly be categorized as Caching Tools, Web Application Firewalls, Version-Control Tools, Content Delivery Network (CDN) routing, Staging Areas and more.

Is there a difference between ordinary shared hosting for WordPress and Managed WordPress Hosting?

Yes and No. Some hosts who provide managed WordPress Hosting indicate the exact distinction between their WordPress Plans and ordinary hosting plans. They also mention that you can add more features for a price. They often sell features like CDN and Version Control as add-on packs which you have to pay for. If a provider has not specifically mentioned that they offer “Managed” WordPress hosting, you can assume that their WordPress plans have minor variations from their regular shared hosting plans.

Can you “Do-It-Yourself” for WordPress Hosting

Can you “Do-It-Yourself” without Managed WordPress Hosting?

The short answer is Yes but with certain limitations. Lets take a look at some options which the “Managed WordPress” providers sell and also list the alternatives which are available on ordinary shared hosting.

Website Speed

Content Delivery Networks (CDN) cache the static parts of your website like images and directly provide the visitor with the images from their servers. You can always purchase a CDN solution to boost your website’s speed and availability. This can be purchased independent of your shared hosting account. Options like CloudFlare, Photon, MaxCDN can be purchased separately as and when you need them. WordPress also includes great plugins like W3 Total Cache, WP Super Cache and WP Fastest Cache which will do the caching in your hosting account. This will be a similar technology used by the Manage WordPress Providers. However, some providers will have their own proprietary software to do the caching, which maybe significantly faster or use a different technology. Many of them also use HTTP Accelerator’s like Varnish to speed up pages at the Web Server level, something which you maybe able to achieve only if you have your own server.

Website Security

Most hosting providers have multiple levels of security implemented by default on their servers. This means that Web Application Firewalls are implemented by default. You can also use reverse-proxy services like CloudFlare to enhance the security level.

Developer Tools and Aids

While you may not be able to setup a professional staging area for your website, you can make do with a couple of plugins for WordPress, which will be able to provide you some limited functionality for staging. An ideal plugin is SitePush which can easily move content and code between WordPress sites and also pull your site’s database to a development site or push new code to a staging site. The same applies to version control tools like git as well. However, some of these software’s may need you to have server level control, which maybe possible only if you have your own server. This maybe an expensive affair and taking the managed solution maybe worth it.

Do you really need Managed WordPress Hosting?

Managed WordPress services hand-hold you and perform routine tasks on your behalf. They may also have some unique technology to offer. They do come at a price, but if you feel that you cannot handle your website on your own, you are better off with such a service. If you are even a little tech savvy and have a bit of programming knowledge, you can Do It Yourself and achieve reasonably good results without having to pay a fortune. Having a managed service on a very high traffic site will definitely show some performance improvements. But if your daily visitors are in the thousands, then you will notice only a marginal difference. Be sure to do a cost-benefit analysis and take a trial account before you actually put your money into it.

Do You Need An SSL Certificate For Your WordPress Website?

Leave a reply

Do You Need An SSL Certificate For Your WordPress Website?

SSL Certificates have been in vogue in the recent past, partially due to the high level of education on website security and PCI Compliance and also due to the fact that many people are ignorant about what it is and just want to go with the flow. Even webmasters who own a simple blog want to sport the https:// in their URL without any other reason. However, having an SSL certificate even if you don’t need it, doesn’t do any harm to your website. This article explains the hype about the SSL Certificate and whether you need one for your WordPress website. We will also take a look at how the SSL Certificate can be helpful in building your online reputation.

The Hype About SSL Certificates

in May 2014, we had a couple of clients asking us whether we provide SSL Certificates and how we could implement it on their websites. You also need to take a dedicated IP Address for your SSL Certificate, so that your website can be uniquely identified on the internet. This can be a bit expensive, especially if you don’t need it. When we visited the client’s website, we noticed that they were running nothing more than static HTML pages on their website. They had an order form page, for which they specifically wanted the SSL Certificate. We did explain to them that the SSL Certificate will encrypt data being sent from the users browser to our server, so that it cannot be intercepted in between. However, since there was no critical information like credit card numbers or passwords being transmitted, having an SSL Certificate would not achieve much. The cost of the SSL Certificate and Dedicated IP Address would cost much more than the average amount of payment orders that they were receiving from the form.

Where an SSL certificate is really required

An SSL Certificate is highly recommended when you are carrying on financial transactions and storing personal / sensitive information which if leaked or intercepted could cause financial loss or personal injury. The SSL Certificate is just a Proof of Identification which groups the domain name with the server name or hostname. It allows cross-verification and lets your computer know that you have reached the correct server, which has been verified by a certifying authority.

Does your WordPress website or blog need one?

Generally, a personal blog or website does not benefit significantly by having an SSL Certificate. It does not prevent hack attempts or brute force attempts on your web server. An SSL Certificate cannot shield a weak password or bad coding. It will not prevent a vulnerability in the WordPress system from being exploited, neither will it protect an obsolete software from security bugs.

Along with an SSL Certificate you need to take a dedicated IP Address, and may also need to take professional help to install the certificate. If you are doing it just for fun or to show off, it’s just not worth it.

With a recent announcement by Google, that having an SSL Certificate does give you preference in the Search Engine Rankings, many people are rushing to buy them. However, you may want to weigh the costs and benefits before you do it. Although there no harm in having an https website, it may be expensive to maintain.

Web Hosting Companies Being Over Run With Competition, Fair Competition And Unfair Competition

Leave a reply

The web hosting industry is bustling with activity. There are new companies coming up and old loss making companies selling out. Competition is very hard. Some web hosting companies such as India Access are still selling web hosting at outrageously high prices. For example, India Access is selling merely 250MB of web space at $136 per year. At the same time, other companies such as Blue Host sells unlimited hosting for $47 per year. There is such a huge difference in price, and such a huge difference in the amount of space offered. Why is this so ?

Are you intending to upload your wordpress blog, and create a quick website using wordpress ? You need to understand what you need and why you are buying hosting from a particular company. If you are intending to use wordpress, you probably don’t need more than 100MB of space. Why buy unlimited space then ? The idea is, not that you can use hundreds of GB of space, but you can be rid of the mental worry of planning the amount of space you need. You can worry more about developing the website, as you really need to.

On the other hand, if you want merely a small 10-15 page website, you need not pay for “unlimited”. If you can make a rudimentary estimate of the number of pages you need, and you can significantly save even more. Siteground offers 10GB space at $3.95 per month, and at the same time bluehost offers unlimited hosting at $3.95 per month - why would you chose to take only 10GB ? I will explain now that, you are better off, by choosing the 10GB one.

When you pay for a certain determined amount of space, you get much more bang for your buck. This means that you are able to use more resources in terms of CPU processes, RAM allocation and simultaneous processes. You will almost never find these details on the website of any web hosting company. This is a well guarded secret of the industry. Why do they not tell you this ? They need to constantly change those things so that all the users can use the servers. Imagine this, there are 200 users on one server - one user is using a ton of CPU in a very complex php script, but all the other users have only HTML pages. At this point, you can afford to allow that one user to use the excessive CPU usage that he needs. But now imagine that all the users need a ton of CPU ? What do you do now ? You have advertised unlimited space, and packed the customers on one server like a pack of sardines. The only option is to start restricting the CPU and add more hard drive space to the server, or buy a new server. Buying a new server is very expensive and would affect your bottom-line. So, what do you do ? You go ahead and restrict the CPU. Why would this not happen if you had a restricted space account ? This would not happen, because almost always, all users having restricted space account would be on one server, and all users having unlimited accounts would be on another server. The total users having limited space accounts are generally relatively low - which gives you a larger share of the overall resources.

Don’t fall for tricks and fancy advertisements. Be smart and estimate your requirements. Most of the users who take unlimited accounts, think they are getting a good deal by doing so. But that is not always the case. Estimate your needs and buy smart.

At HostingXtreme, we offer wordpress hosting, web hosting and domain name solutions at competitive rates. We have both restricted space accounts and unlimited web hosting accounts.

The Advantages Of Creating A Blog To Market Your Product Or Service

Leave a reply

A blog is really a useful tool to communicate with your customers and users. It allows you to transmit vital information via a web based interface. In just a few minutes you can have a personalized blog up and running, you can make it look professional, aesthetically pleasing and functionally outstanding.

Blogs are quick and easy to create
In fact, creating a blog is little more than child’s play. There’s no need for a script or expensive software to create a blog. Using wordpress, you can install a blog in under 5 minutes. You just need to sign up with any blog providers such as Blogger, Godaddy, typepad, etc. Once you sign on, you have just three main steps to have your blog;

1. Come up with a name for your blog,

2. Chose a design template (blog providers have a variety of templates) and;

3. Start posting text and images.

Once it’s up, the world will see your information, google will index your information, your customers will see what you post, and information flow from you to the rest of the world.

Blogs are simple to maintain
Just as easy as it was to create your blog, it is easy it is to maintain your blog. All you have to do is go online to make all the updates. Some blog scripts even offer updating services via email. After you have created your blog, just sign in to your account and begin to customize, create or edit a post. You can replace your current blog template, and customize your blog settings easily. No matter where you are - whether at home or across the world, all you need is an internet connection then you can access your blog and update your blog with content. Your blog may already be able to automatically move newer posts to the top, while archiving posts either by topic or date so you don’t have to bother with moving your content around.

Search Engines will give you importance
Blogs are not so different from traditional websites so search engines will index your site. The biggest advantage of having a blog with regularly updated content is that search engines give significant priority to newer content that users find relevant and recent. A blog is very unique from a search engine perspective for you, since each post of the blog is assigned a different URL addresses. The search engines will give you more importance for the extensive content, given that each blog post would be treated as fresh and relevant content. Creating good posts to focus on a specific topic will give you the power to chose your keywords while describing your posts. The search engines will give you important power to chose which keywords you want to rank for in search engines, and rank for those keywords. This will enable your site to having greater chances of ranking well within the search engines. Since blogs tend to be updated regularly, search engines can “crawl” through them quickly and easily to index them accordingly, because search engines notice the newest posts first.
Blogs give you the ability to interact with your customer
One of the main ideas behind the blog is interacting with your customer. This is done by enabling a comment field to your posts which allows readers to offer their comments. This encourages the visitors to come back which allows you to get a better understanding of your customer’s needs.

Most blog hosts inexpensive
Web hosting for your blog can be very cheap if all you need is a blog. Anyone can start a blog within a few minutes. A blog gives you all the features provided in the blog site, and this can sometimes rival some full-blown websites. Blogs can also allow you to earn money as a blogger. This is done by displaying advertisements, sometimes you can earn up to $10 per click!

Blogs provide you with virtually unlimited space, because all you need is text, which is really tiny in terms of the disk space it occupies. You can load as many posts as you like on your site. It can be as many as a thousand or even a million; the blogs can handle it. Besides all this, you can upload as many videos and images as you like in your blog. The main purpose of the blog is to be online presence which can help build your business. With the blog you can show products and product demonstrations and comparisons with complete pricing.

In short, the blog is quick to setup, versatile, cost effective, easy to maintain and so much more.

At HostingXtreme, we can set up your blog by providing you wordpress hosting. Our starter pack, starting at $1.51 per month is perfect for a starting out blog. It provides you all the features you need to start out, with a blog and provide your business the required visibility needed for marketing and providing you a platform to put your business out there.