Categories
KLOW News Tutorial

WordPress Security Center

The folks behind the Wordfence plugin have created a new security center for WordPress that might be relevant to your interests! The site, at https://www.wordfence.com/learn/, is free to use and covers several different topics, including:

  • Security threats specific to WordPress
  • Phishing and other social engineering type of threats
  • How to tell your site is hacked
  • How to clean a hacked site

and many more. Enjoy the free videos and do let me know (rhastings@nekls.org, as always) if you have questions!

Categories
KLOW News

WordPress 4.4 and Ninja Forms both have updates

Most of you have automatic upgrades to the new versions of WordPress set up – but if you notice that your site hasn’t updated yet and want to do that now, feel free. This site has already updated and no problems have been noticed, so yours should be fine, too! Ninja Forms, a plugin that is commonly used to create contact and registration forms for library websites has been updated as well – that one you’ll have to update manually (by clicking the “update” link on the plugin page  – the rest is done for you by WordPress), but I encourage you to do so. I also am encouraging everyone to make sure they have the Wordfence plugin installed and running on their sites. I’ve been talking to the system techs over the past weeks to help them make sure the plugin is there and working – there is a rash of pharma spam attacks going on that you might not notice (nor will your patrons, generally, unless they are using VERY old browsers – the attack is meant to improve the spammer’s link counts, not necessarily to actually advertise the pharma products to your patrons) that Wordfence can help find and root out. Talk to your system tech person if you have questions about those plugins, the upgrade or anything else – or you can, as always, contact me at rhastings@nekls.org if you run into problems! Thanks!!

Categories
KLOW News

Another WordPress Issue

Hello and welcome to yet another edition of WordPress vulnerabilities! Today’s edition consists of a fairly nasty hack that is outlined at http://arstechnica.com/security/2015/09/active-malware-campaign-uses-thousands-of-wordpress-sites-to-infect-visitors/ (at the very bottom is a link to the Securi website scanner that will help you find out if your site is compromised). In case the article is more than you want to read right now… the general idea is that there is a hack that is suspected to use vulnerable plugins that hijacks a website to make it deliver malware to visitors. There is no information on what the vulnerable plugins might be or whether they are the latest version, but it’s always a good idea to make sure yours are up to date on a *very* regular basis!

Please let me know (rhastings@nekls.org) if you have any questions or concerns!

Categories
KLOW News

WordPress 4.2.3

There has been a new version of WP released overnight. Some of you who have already been moved to our new server might already have had the update automatically applied to your site. If you log into your WP dashboard and see the version is 4.2.3, you are fine. If not, however, this is a pretty major security release, with lots of bug fixes thrown in, so it would be a good idea to log in and do your updates as soon as you can.

Details about the update are at https://wordpress.org/news/2015/07/wordpress-4-2-3/ if you want more information. So far, no issues have cropped up, but please let us know if something happens to your site!!

Categories
KLOW News Library News

Akismet – Getting your own license

Janelle from SWKLS wrote:

I *think* when KLOW first started several sites were sharing an Akismet key, but I could be wrong in this thinking. I think this key may have been set up when the sites were installed. I just thought I would give you a heads up in case other sites have issues. Although, it may just be us. I am working on getting these two sites setup with their own private akismet accounts…

Thanks Janelle, as an admin who isn’t always in the know, your message prepared me for  when I received a  call about the same problem.

If you are having this issue your library will want to  head to your plugins in the WordPress dashboard, from there, open the Akismet Settings page and choose “Disconnect This Account”. Follow the prompts to set up your own license key by entering your own email address. You will create an account and then after donating ($0.00 and up), you will be given a key that you can enter back into your Aksimet plugin.

-D