Easy Privacy Policy WordPress Plugin is Spam

privacyRecently I installed Wordfence on a number of my WordPress web-sites to increase the security on it. While running a check on one of my sites if found that the Easy Privacy Plugin had been modified. The error that I got was:

Modified plugin file: wp-content/plugins/easy-privacy-policy/easy-privacy-policy.php

Filename: wp-content/plugins/easy-privacy-policy/easy-privacy-policy.php
File type: Plugin
Issue first detected: 4 mins ago.
Severity: Warning
Status: New

This file belongs to plugin “Easy Privacy Policy” version “1.02” and has been modified from the file that is distributed by WordPress.org for this version.

When I clicked through to view the file differences it pulled up the following line of code:

This policy was generated by Easy Privacy Policy Plugin <a title=”bet365 poker” target=”_blank” href=”http://poker.toolazy.me.uk/bet365poker”>bet365 poker</a> for WordPress.

That was the original line of the code. The modified version of the code on my web-site was:

This policy was generated by Easy Privacy Policy Plugin <a target=”_blank” href=”http://www.swiftcovercarinsurance.co.uk”>swift cover car insurance</a> for WordPress.

After coming across those lines of code I had another look at the plugin on WordPress.com and it seems that the plugin had been removed. The usual reasons for WordPress removing plugins from the plugin depository is because it contains Malware or Spam, which is certainly the case here.

Time to find another WordPress privacy plugin I guess.

One thing that this has highlighted to me is not only the need to keep up with plugin updates, but also to make sure that the plugins I am using are still “clean”. Wordfence is certainly going help me with that …

Image source: Sean MacEntee

Posted in Plugins | 11 Comments

Build a Restaurant Website on WordPress.com

I was recently asked by my neighbour about setting up a website for his restaurant. It’s something that I wish I could do, the income would be helpful, but with my current commitments it’s not something I am able to do.

After doing a bit of research I am thinking that the best solution for someone wanting a web-site for their restaurant is a managed service like WordPress.com. This would allow someone who is not too tech savy and doesn’t want to have to manage the technical aspects of a web-site to have a secure, fast, and stable web-site.

WordPress.com has recently launched a service specifically targeting restaurants, and it looks like a pretty good service. It has a lot of features set-up specifically for restaurants:

  • Hours & Location
  • Simple Menus
  • Menu Embeds
  • Reservations (Online with OpenTable)
  • Mobile Ready

They have even launched a few new templates specifically for restaurateurs:

Confit Menu Page

Although you can set-up a free web-site with a domain like http://your-restaurant.wordpress.com there are two upgrades that I would get for setting up a web-site on WordPress.com:

  1. Custom Domain (www.your-restaurant.com, $13/year)
  2. Ad-free (Removes Advertisements from the site, $30/year)

There are many other options that could be purchased, but I think that with those two options, for a cost of only $43/year, it would cover most needs for a restaurant web-site.

You can read more about the WordPress.com restaurant website service on their site, and you can also watch the video below:

Most good restaurant web-sites that you can find include high quality images of the food offered on the menu. In addition to the web-site hosting, a good place to invest some money is with good photos of the food, venue, and possibly some of the staff.

Posted in General | 9 Comments

Secure WordPress 2.0.7 Crashes WordPress Multisite

WebsiteDefenderI was following this guide to setting up a trial installation of WordPress Multisite. When I installed the third recommended plugin though, Secure WordPress, it crashed the site with this error …

Fatal error: Call to undefined function wp_get_current_user() in /home/imnet/public_html/wp-includes/capabilities.php on line 1451

Secure WordPress is a plugin that I use on many of my other sites, and is one of the plugins that I usually recommend for securing WordPress. It seems however that plugin is not compatible with WordPress Multisite.

Thankfully it is easy to fix this problem by logging onto your server using FTP or your hosts file manager and deleting the SecureWordpress folder in the /wp-content/plugins directory. After doing that I refreshed the admin area of the site and it had started working again.

Now that I have discovered that Secure WordPress is incompatible with WordPress Multisite I will be looking at other options to secure my Wodpress Multisite set-up…

Posted in Plugins | Tagged , | 8 Comments

Add a YouTube Gallery to WordPress

Listening to a recent episode of Weekly Web Tools by Dave Jackson made me aware of a very cool WordPress plugin called TubePress. TubePress is a plugin for WordPress that allows you to add a custom YouTube or Vimeo video gallery to a WordPress page or post very easily. Until now I have always done it manually, but I love how this appears to work …

TubePress Gallery Screenshot

There are many different ways that you can customise the look and feel of your video gallery including customising:

  • How the video plays (embed, popup, etc.)
  • Where the video plays (on your site or the original)
  • How many thumbnails are displayed
  • Size of thumbnails and of video
  • much more …

You also have quite a few options for where the gallery is pulled from. Some of the source options that I could see being very useful are:

  • YouTube users “Favourites”
  • Videos from a YouTube playlist
  • Videos uploaded by a specific user

TubePress-screenshot-2

You can see this plugin in action on my test site, http://billhutchison.org/wptest/videos/, and find out more about it on the TubePress web-site.

As of writing this post TubePress I have been experimenting with Tubepress version 2.58. According to the TubePress web-site they have recently released the final release candidate of TubePress 3.0.0 and should be releasing the new version soon, which includes some great looking new options.

Posted in Plugins | Tagged , | 1 Comment

How to Secure WordPress

In the last year I have had two web-sites hacked into, one personal site and one ministry site. Both of them were WordPress web-sites and since then I’ve made some changes with how I secure my WordPress sites.

When securing your site you want to look at a few different things including:

  • Content Management System (CMS)
  • Database
  • Passwords
  • Server

Security Plugins

Security LockHere are the security plugins that I use to secure my sites:

  • Limit Login Attempts – Limits the number of login attempts to the administration area of the web-site and blocks by IP or cookies after a certain number of failed attempts.
  • Secure WordPress – Performs basic security checks on your WordPress installation and makes suggestions for better securing your site.
  • WordPress Firewall 2 – Monitors web requests and blocks obvious attacks.
  • WP Security Scan – Performs security scan of your WordPress installation.

In addition to security of your site you also need to make sure that you have up to date backups.

WordPress Backups

In addition to the security plugins I also make sure that I have automated backups set-up of my site. When backing up you need to make sure that you back up all important files including:

  • Database
  • Uploaded Content
  • Themes
  • Plugins

I explain how to set this up in another article that I wrote, WordPress Backup in Only 8-Minutes.

WordPress Updates

Keeping your WordPress installation up to date is also very important. Although WordPress hasn’t had any major security holes since versions 2.7 you should still update it regularly.

One of the things that I really like about WordPress is how easy it is to apply the updates. It’s one of the reasons why it is my CMS of choice.

Deciding when to update WordPress can be challenging. I find that as you use more plugins or heavily customise your theme you increase the chances of something breaking when you do an update.

Usually the “smaller” updates (0.0.x) can be installed without problems. The larger updates though (0.x.0) have a higher chance of breaking things, so I usually wait a few weeks and take the time to check for plugin updates before moving ahead with those upgrades. Having a beta or test site is very beneficial and I do that with the main ministry sites that I am responsible for.

Secure Servers

A lot of your security also depends on your web host server. There are many quality web hosts out there but my personal choice is HostGator. All of my dealings with them have been good and I have not had any server related security problems since I started hosting with them.

One challenge with the shared hosting that I use through HostGator is that there are other people using the shared server. To really boost security you can go with a Virtual Private Server (VPS) or a Dedicated Server. Both of those involve higher cost than a standard shared hosting account but come with a more secure set-up. You can get both of these services also through HostGator.

Lock image by kchbrown

Posted in General | 16 Comments

Is Your Site Accessible for All Users?

Some quick Web Accessibility tips from the WC3As you develop your web-site or blog one thing that is commonly overlooked is the overall accessibility to your site’s content. WordPress does a pretty good job out of the box dealing with site accessibility for the platform, but not all themes maintain that accessibility, and you need to be especially aware of accessibility when writing your content.

WordPress has a pretty good page about accessibility that you can check out here. Usually when we think of accessibility we think about accessibility for blind users but WordPress not only addresses accessibility for the blind, but address it as an overall accessibility issue.

WordPress defines accessibility as:

Accessibility in web page design means creating a web page design that anyone can use. And that means anyone. Not just the visually impaired, handicapped, or otherwise challenged. This includes people in Russia and South Africa who are using outdated computers hooked up to generators that only run two hours a day, trying to connect to the Internet with old browsers and dial up connections. It’s about people from different countries who speak different languages and yet are trying to learn your language by reading your blog or site.

This also includes using cell phones and handheld computers to access your blog. Those people, including the approximately 25% of all Internet users who are physically impaired in some way, need access to web pages, and as a web page designer (or tweaker), you need to know about accessibility.

Here are a few key points from the WC3 – Web Accessibility Initiative that you should also keep in mind:

  1. Images & animations: Use the alt attribute to describe the function of each visual.
  2. Image maps. Use the client-side map and text for hotspots.
  3. Multimedia. Provide captioning and transcripts of audio, and descriptions of video.
  4. Hypertext links. Use text that makes sense when read out of context. For example, avoid “click here.”
  5. Page organization. Use headings, lists, and consistent structure. UseCSS for layout and style where possible.
  6. Graphs & charts. Summarize or use the longdesc attribute.
  7. Scripts, applets, & plug-ins. Provide alternative content in case active features are inaccessible or unsupported.
  8. Frames. Use the noframes element and meaningful titles.
  9. Tables. Make line-by-line reading sensible. Summarize.
  10. Check your work. Validate. Use tools, checklist, and guidelines at http://www.w3.org/TR/WCAG

Other sources for information about Web Accessibility:

Posted in General | 7 Comments

Finding Legal Music for your Ministry Video

It is said that the audio makes up at least 50% of the impact and quality of a video. Without good audio it is very difficult to get across your message to the people viewing your video. Part of the audio experience is the music that you choose…

Recently I’ve come across a number of YWAM Ministry videos that have had the sound removed. The reason why the audio has been removed is because the creators of the video used copyright music. One of the options available to the holders of the music copyright is to remove the audio from your video. They don’t just remove the copyright music, but all the audio, creating a silent movie for you.

The YWAM East Timor outreach video at the bottom of this post as an example of this happening…

It’s not hard to find free music if you know what constitutes “free”, and where to look…

What Can I Use as Free Music for Video

Pretty much anything that you hear on the radio would probably not be free and anything recorded or written in the last 70-years would also not be free if it was copyright when produced. That sounds pretty limiting, but if you are willing to look beyond the commercial music scene there is plenty of music available out there that you can use.

Some examples of music you could use for your Ministy video would be:

  • Music licensed under a Creative Commons license
  • Stock audio options (paid for licenses)
  • Post a request for music on the YWAM Music Network
  • Original music by local musicians

For all of these options you will need to be clear of what the license is and the specifics of what you can use the music for.

Two things that can catch you out is that even if you use a local recording of a song you need to make sure that the song isn’t copyrighted (ex. you can’t use a locally recorded version of a Hillsong song). By the same token you can’t grab a song that is older than 70-years old and out of copyright (ex. Amazing Grace) and use a modern recording of it.

Where Can I Get Music for my Ministry Video

If you want free download for your ministry video and don’t want to go through the process of arranging a local recording or working with someone from the YWAM Music Network, head over to Creative Commons and follow the links there to some of the featured web-sites.

Otherwise have a chat to some of your local musicians, or drop a message over at the YWAM Music Network and see what kind of original music you can put together.

Posted in Audio and Video | 7 Comments

Do I Need a Web-Site for my Ministry?

I was asked a question on Twitter about a good way to market a ministry training program. My first response was word of mouth from former students, staff or partners as the first person contact and testimonials generally has the most impact.

The follow up question I think needed more than 140 characters to reply to:

What difference do you think a nice web page makes?

A web-site is quite often the first point of contact that someone has with your ministry. Even if the person is a word of mouth referral the web-site is likely to be the first place that person has contact with your ministry. As such having an quality web-site is very important in communicating about your ministry.

What Do You Want to Do With  Your Web-Site?

When you start to look at what you want to include on your web-site you need to think about what the purpose of the site is. Do you want to get people to connect to you personally (phone call / social networks)? Do you want to simply provide information about your ministry?

If you are looking at a ministry training program the best thing to do is to try to connect with the person personally.

At the last ministry centre I worked at we my main goal with the web-sites I built and maintained was to get the potential staff and students in personal contact with one of our training staff. The personal contact is vital when we are looking at how we can serve the potential student and if our training program was right for them.

We spent countless hours building content and developing advertising campaigns for our web-site. The bottom line though is that you want people to want to contact you. You can help make people want to contact you in many ways, including…

  • Testimonies of other people’s experiences
  • News from currently running programs in your ministry
  • Compelling images and videos

In addition to making people want to contact you, you should also make it easy to contact you. You want to have as many points of contact as possible, and make those ways of contacting you easy to find. Some of the ways that you can include in ways to contact you are:

  • E-Mail
  • Phone Number
  • Physical Address
  • Facebook
  • Twitter
  • Google+
  • Skype

You want to provide people with as many ways to contact you as possible to provide the least amount of “friction” as you can.

Your primary “call to action” on your web-site should be to get people to connect with you. As you design your web-site you need to keep that foremost in your plans.

How Can I Build a Quality Web-Site?

The good news is that having a quality web-site is very achievable and affordable.

For virtually everyone wanting a web-site I recommend a self-hosted WordPress site. Although WordPress started as primarily a blogging platform it has developed into a full fledged content management system with hundreds of different plugins, and thousands of different themes. This makes it extremely versatile and easy to customise.

Although most of the sites I have built with WordPress are blogs there are a few that fit the more traditional definition of a site. Here are links to a few of them:

There are also many other ministry web-sites built on WordPress:

The versatility if WordPress is why I recommend it and use it for most of the web-sites that I develop.

Using WordPress you can have a web-site set-up within an hour.

The starter site could consists of a front page, about page, contact page and various pages for your ministries and training programs. Setting up the starter web-site is actually the easy part, the most time consuming part would be writing the content and finding the right photos to personalise it.

If you are interested in setting up a web-site, but are still unsure how, please contact me and I’ll see how I can help.

Posted in General | 2 Comments

Add Code to the Sidebar in Blogger

All of my personal web-site and blog development is done on WordPress, but I do occasionally get enquiries about other blog platforms. The latest question that I got was for a Blogspot blog on Blogger.

YWAM BloggersI set-up some Blog badges for YWAM Bloggers and someone asked me over Twitter how to add the badge to their Blogger blog.

I have a few old Blogger blogs floating around, so I logged on to see how to put the YWAM Blogger Badge in the sidebar of one of those old blogs.

  1. After logging into Blogger I clicked on the “Design” link for the blog that I want to add the badge to.
  2. In the sidebar I click on “Add a Gadget”.
  3. Go down the “Add Gadget Basics” List in the pop-up until you come to “HTML/JavaScript” and click on the + sign to add it.
  4. You can now give it a title if you want, or just paste the code from the badge in the content section of the next page and click on “add”.
  5. You should now be back on the design page and you can drag the new Gadget to where you want it to appear on your sidebar.
  6. Once you have the badge where you want it just click on the “save” button in the top right of the screen and you are done…
Posted in Blogger Blogspot | 6 Comments

Help Prospective Mothers in Papua New Guinea

The Mommyhood Memos Bloggers for Birth KitsSometimes it’s amazing how much you can help, through something so little…

In rural Papua New Guinea one in seven women die in childbirth! Yep, that’s right, 1 in 7 women die in childbirth! That’s a shocking statistic to say the least. To give birth to a child a mother has a 15% chance of dying, can you imagine?

A friend of mine, Adriel Booker, in Australia works with YWAM Ships, a ministry that is currently working on delivering medical help into Papua New Guinea. She is a Mom, blogger and fellow YWAMer who has a strong passion for helping other mothers in need. To help expectant mothers in Papua New Guinea she has started a program called Bloggers for Birth Kits to help reduce maternal mortality in rural Papua New Guinea.

The way to help is so simple that anyone can do it…

For as little as a $2.00 donation you can purchase a Birth Kit. The Birth Kit is very simple, but according to the Birthing Kit Foundation can greatly help to reduce the incidence of infant and maternal mortality and morbidity. The kit includes:

  • 1 plastic sheet to provide a clean birthing surface
  • 1 bar of soap for clean hands during the birthing process and to clean the umbilical stump
  • 1 pair of plastic gloves for clean hands
  • 1 sterile scalpel blade to cut the umbilical cord
  • 3 cords / pieces of strong string to tie the umbilical chord
  • 5 gauze squares to clean the baby and mother

The kit is simple, yet effective. Adriel made up her own (which you can watch on the video at the bottom of this post), but I think the most effective way for us to help is to donate.

If you do want to help with this great project, and for only $2.00 who wouldn’t want to help, you can read more about it at Bloggers for Birth Kits.

This post was originally posted on my personal blog at Help Prospective Mothers in Papua New Guinea – Bill Hutchison

Posted in General | 3 Comments