WordPress is updated again. This update, to 3.7, includes some security fixes that we strongly recommend you perform. The upgrade *may* require an update to your database (depending on your theme/plugin combinations that you have installed). Please let us (your system tech folks) know if you are uncomfortable with the install process and we will be happy to do it for you!
As always, please don’t hesitate to contact Ryan or Robin if you have questions, concerns or need help with your KLOW site!
Recently, some websites on the KLOW server reported virus alert messages appearing to website visitors when they visited their website with the Internet Explorer Browser. Â This was a result of some malware that was able to infect websites using a Trojan Horse virus, found in a WordPress theme.
The virus has been removed and the code the malware injected into websites has been cleared off of the server. Â Not all websites on KLOW were infected, but if you are experiencing any issues with your website or if you get any reports this week of virus alert messages appearing to those visiting your websites, please let the NEKLS Tech Team know via this Email: tech@nekls.org
In an attempt to protect KLOW websites against future attacks I have installed a few plugins on the websites that were infected and will continue to install them on more KLOW websites in the future.
They are as follows:
1. All In One WP Security – This gives your sites a security score and provides ways to easily improve that score.
2. Wordfence Security – This plugin quickly searches your sites for malicious code and informs you of it.
3. Anti-Malware by ELIÂ – This plugin does a full (long) scan of your website and gives you an option to remove any malicious code if it finds any. Â (I recommend running Wordfence to scan the website and then if it finds anything, run this plugin).
A picture of how the plugins appear on the side panel are found below, so if you see these on your website don’t worry. Â They are helpful plugins.
Anyone who reads this may be wondering what actions you can take to ensure your website isn’t infected in the future. Â If you are thinking like that – great! Â I have a few steps you can take to protect your website.
Step 1. Â Remove any unused plugins or themes. Â Unused Plugins and Themes can be a perfect exploit used by hackers or viruses to get malicious code onto your website so if you’re not using it, lose it!
Step 2. Update your plugins and themes. Â Oftentimes the way viruses get onto your website in the first place is by finding some code in a plugin or theme that isn’t secured properly, and exploiting that problem with the code to give them unauthorized access to the site. Â One way to combat this is to update your plugins and themes whenever there are updates available. Â Doing this increases the chance that any problems with the code contained on your website will be patched (fixed), and your website will be more secure as a result.
Step 3. Update WordPress.  When there is a new WordPress update available it is best practice to update to the newest version.  These updates often include security updates that make your site harder for viruses and hackers to attack. If you are worried about updating, check out this website first.  We’ll try to use www.mykansaslibrary.org to post any problems with updates when they are released.  If we don’t post anything then there likely aren’t any known issues we have discovered with using the new version!
Following those steps should help protect your website from the evils of the Internet and provide you with some security on your KLOW website. Â If you have any questions or concerns please send us an Email at: tech@nekls.org
Have a great day!
I wanted to send out a few updates on the KLOW service (My Kansas Library on the Web — WordPress).
1. NEKLS is in a transition period between system administrators, as Liz Rea, longtime NEKLS and KLOW systems administrator left NEKLS in late October. Robin Hastings (NEKLS Technology Director) has been doing a great job maintaining the existing KLOW server, but a few more interruptions in service than normal have been occurring. We appreciate your patience as we work through these issues; a new systems administrator will be hired soon.
2. Monday morning’s outage was the result of one of the KLOW servers running out of space. Once Robin migrated that server to a larger one, your sites were working again.
3. However, you may find you can’t upload content to your sites today. As a result, further server maintenance will occur tonight, after 9pm, when your libraries have closed. All KLOW sites will be down while the maintenance takes place. The sites will be back up by tomorrow morning.
4. UPGRADE WARNING: WordPress 3.5 has been released, and many of you may see an upgrade notice on your sites. Some of you may have already upgraded. I strongly ask you to wait on upgrading. The upgrade appears to have broken several plugins that many KLOW sites use, and I am still investigating why this happened. Stay tuned for more information.
Please let me know if you have any other questions.
The Northeast Kansas Library System is hosting a watch party on January 25 for the ALA TechSource online workshop, “10 Steps to a User-Friendly Library Website” with presenters Aaron Schmidt and Amanda Etches-Johnson. Â I thought I would share in case any of the other Systems or KLOW libraries were interested in hosting their own Watch parties. Â We have limited our NEKLS registration to 20, to allow for some lab time.
January 25, 2011
1:00 – 4:00 PM
Join us at NEKLS for a half day of website rejuvenation! This day will be a hybrid of live on-site work and virtual presentations.
1:00 – 1:30
NEKLS Tech Staff will introduce best practices and will help you set website improvement goals
1:30 – 3:00
Watch the ALA TechSource online workshop, “10 Steps to a User-Friendly Library Website” with presenters Aaron Schmidt and Amanda Etches-Johnson. A clean, well-designed website can mean the difference between an informed library user and a confused one. With a focus on the needs and wants of the library user, Amanda Etches-Johnson and Aaron Schmidt will help you develop the skills to make your library website easier to use and more interesting. Topics include: Determining the purpose of your website. Identifying your users’ critical tasks. Wrangling content. Writing for the web. How and when to conduct usability tests.
3:00 – 4:00
Optional time in the NEKLS lab, getting input on your website and making changes (bring a laptop if you wish)
Preliminary Reading Material
Please read or view the following materials in advance of the event:
From Liz, KLOW administrator:
WordPress 3.1.3 will be showing up as an available update — please don’t do it. It causes a problem that will keep you from uploading files to your site.  I will let you know when it is safe to update, or when I have a fix for the problem (if you have already updated).
I have a solution for the problem with the media library, but I will need to know that you have updated. If you have updated to 3.1.3, please contact me and I will apply the fix to your site.