Category: Sin categoría

We live in an era where cyberattacks are only getting increasingly worse.  

From 2015 through 2016, for instance, there was a significant 32% increase in the number of hacked sites, and an 18% increase from 2017 through 2018.

And here’s another very startling fact: out every ten cyberattacks in the world, at least seven are aimed at small to medium sized businesses, or businesses that have two hundred and fifty employees.

What’s more, is that most of these small to medium sized businesses do a rather poor job with cybersecurity, having a greatly underdeveloped and underfunded IT team in contrast to larger organizations.

It’s really for this reason that the websites of small to medium sized businesses are the most vulnerable.

So as the owner of an SMB yourself, you shouldn’t hesitate to ask yourself if your website’s security strategy is in need of any revamping or modifications.

But how do you know if your website’s security strategy needs to be reworked? If any of the following are are a reality:

1. You Lack A Security Response Plan

A response plan to a cyberattack is something that is vitally importnat for any business to have. At its heart, this means that an employee needs to know what to do when a breach does occur.

Be honest with yourself…  

Have you asked yourself how you will respond when you suspect a cyberattack has occurred?  

How will you find out which type of attack has occurred?  

How will you know the full extent of the damage?  

And how will you take action to ensure that this never happens again?

In short, what you need is a Cybersecurity Incident Response Plan. A good plan will secure participation from the key stakeholders, assign roles to your employees, ensure proper communication, and run tests and exercise on a regular basis.

2. You’re Not Automating Security Updates

Automating security updates of your website or blogging plugins, your themes, software, and so on is a good way for you to keep your security fully up to date while also requiring very minimal work to you.

In order to automate the scanning and patching of your website’s various features, you’ll need to either implement a security solution over your website that gives you this capability, or otherwise partner with an outside vendor who can do this for you.

Remember, so long as your themes, software, plugins, and so on are from reputable developers, they will consistently be working around the clock to ensure that their programs are kept up to date from a security standpoint.

Running automatic updates ensures that your website is kept safe as soon as a new update is made.

3. You’re Not Using Firewalls

Your firewall, or a network security system designed to prevent unauthorized access to your website, is your first line of defense against hackers.

In fact, the FCC goes as far as to recommend that all small to medium sized businesses set up a firewall over their networks in order to create a wall between cyber attackers and your data.

You’ll want to have both a standard external firewall as well as internal firewalls for an extra level of protection. All in all, if you don’t have a firewall set up, that’s a clear sign that the security of your website is very weak at best.

4. You Haven’t Backed Up Your Data

What happens if your website is hacked and shut down?  

That’s right, you’re going to lose all of your data.

But you won’t lose all of it if you take action to backup your website instead.

You need to create backups of your website regularly, and you also need to store those backups in multiple locations.

You can backup your website in a number of ways, including by using a plugin (such as UpdraftPlus if your site is run on WordPress), using your web host, or by using the cloud. If anything, you should be storing more than just one backup.

5. You Haven’t Trained or Educated Your Employees

Last but not least, you can know all there is to know about cybersecurity, but what about your employees.

A basic rule at your company needs to be that any employee accessing your network need to be taught and informed on good network security practices and receive updates on protocols. Most employees (and people in general), lacking direction, will use whatever software they are most comfortable with.

That could mean common out of the box applications by Microsoft or Apple, or it could mean any number of open source tools. In either case, many popular apps – whether paid or free – are fraught with security holes. To ensure that employees use the right software, they must be trained and re-trained. (They need “updates” too!)

Without You should also have your employees sign documents confirming that they have been taught your security practices and understand the ramifications that will come with failing to follow the security policies of your company.

Conclusion

To conclude, if you’re currently making any of the above mistakes, then your website security strategy is probably in dire need of some fixing.

Website security is so important because hackers are becoming more advanced in their methods day by day.  And since small to medium sized businesses are currently the biggest target for hackers, it is absolutely critical that cyber security be a top priority for you.

Another excellent plugin which haven’t been saw so much is the addon WPeMatico publish 2 Email.

Can you imagine a website taking post from different feeds or websites and sending them as emails to different accounts? WpeMatico publish 2 Email can make this to happen and so much more. It is thinked to take each post automatically from every feed of the created campaigns and send them to an email account which will be checked for some automatic service to publish it, for example, in another WordPress, an emails list, forums or any service that allows posts or distribution by email.

This Add-on allows to use WPeMatico from a WordPress website and to send the read posts from each campaign to an email account. Each campaign allows sending content to different email accounts.

Therefore, it can post from a unique website with WPeMatico plugin to many different WordPress websites.

Take advantage of the 25% discount code! Coupon code: [JUN1725] (Fill in the code and get the discount in the Checkout screen.)

Since version 1.2 there have been several releases of WPeMatico FREE & PRO plugins, testing the automatic updates and many other new features that were added to the free version and the Premium.

Notable among these are true functions using CURL optionally for obtaining remote files either for full content or images. Testing several alternative methods if any fails.
Better treatment of image names in repeated files is also achieved.
The title links to the source site was broken with new filters added in the last WordPress theme and this was also solved.
Also solve some fields with regular expressions were saved wrong.
Custom filters are added to extend the capabilities of the plugin. So you can modify the file extensions allowed, the names of the images obtained, as well as the fields before inserting the post. (There is an example at the end of this post to remove HTML tags from the titles of the posts.)

Password encryption is added to the Settings page in the case of sending emails using SMTP. But because of this many servers began to treat this file as a hack attempt and erased the file settings_page.php

This was very frustrating as looking plugin security, this file was treated as infectious and deleted without notice in many cases.
To solve this new functions were created to encrypt and decrypt the password. Thus removing false positives given by the antivirus.

In this latest version 1.2.5.1 white screen that was obtained in the Settings page, in smaller versions of PHP 5.4 is solved. This error was taken for a PHP function used in the page that started in the PHP version 5.4 and then was replaced by a custom function.

In the wordpress support forums they were asked to remove HTML tags that bring the titles of some feed.
https://wordpress.org/support/topic/strip-out-html-tags-in-rss-feed-title

This feature is included in the PRO version, and you can select the option within each campaign. But you can also do with a specific function for new filters added, as follows:

Functions.php file in your wordpress theme, add the following code:

add_filter('wpem_parse_title',  'strip_tags_title',10,1 );
function strip_tags_title($title) {
	$title = strip_tags( htmlspecialchars_decode($title, ENT_QUOTES) );
	return $title;
}

Updated Aug 2, 2018 Basic instructions for the Free and Pro versions to correctly get images and make featured from the feeds or from source websites with WPeMatico. (This can change for future versions You can
set an image as featured in a WordPress post if it was previously uploaded and attached to the same post. WPeMatico doesn’t do this with its configuration by default when installing because we don’t want a lot of files starting to be uploaded to our own
Wordpress without control. So, although it is very easy, requires a few steps with configuration settings of the plugin and options inside the campaign.

Upload and set Featured Image

• First at all, we need a feed with image in every item content. Like the image below. An easy way to see a feed content, is with firefox browser. If you have PRO version and will use Full Content feature, then this step can be ignored because will
  use the content of the source page instead of the item content.

• Second step consists in setup the plugin for download images to your wordpress website and then attach them to the post that being created.
• Here you can choice Store images locally (upload), attach images or just Set first image in content as Featured Image like in the image. Over the mouse over the blue info icons in your Settings to get more
  help.

• Use custom upload is not recommended unless you have problems with standard uploads.
• If you don’t want to link external images to source site, check: Remove link to source images, then If an image upload gives error, this will delete the ‘src’ attribute of the <img>.
• As last advise, don’t check Strip HTML Tags if you want to keep the images in content.

Enclosure and media tags in the feed items.

• Some feeds have no images in content, but have special ‘enclosure’ or ‘media’ tags with links to the images.

Firefox showing a media enclosure in a feed item.

• Professional Addon have some extra features like support for enclosures and media images and also others that you can see at the image below.
• There are special cases that the images have queries variables in the same url of the image, avoiding that WordPress uploads the image. Professional Addon support this by checking Strip the queries variables in images URls. For free version see the filter code below.

• Also with Professional Addon you can filter images by size and remove them from content by higher or lower size.
• Another way to strip the special chars from image url and allows to upload is by adding an external filter in your functions.php file. You can copy paste from here below.

add_filter('wpematico_img_src_url', 'myfunction_img_src',10,1 );
function myfunction_img_src($imagen_src_real) {
// Find only image filenames after the / and before the ? sign
	preg_match('/[^/?]+.(?:jp[eg]+|png|bmp|giff?|tiff?)/i', $imagen_src_real, $matches);
// First step of urldecode and sanitize the filename
	$imgname = sanitize_file_name(urldecode(basename($matches[0])));
// Split the name from the extension
	$parts = explode('.', $imgname);
	$name = array_shift($parts);
	$extension = array_pop($parts);
// Join all names splitted by dots
	foreach((array) $parts as $part) {
		$name .= '.' . $part;
	}
// Second step of urldecode and sanitize only the name of the file
	$name = sanitize_title(urldecode($name));
// Join the name with the extension
	$newimgname = dirname($imagen_src_real) . '/' . $name . '.' . $extension;
	return $newimgname;
}

Open Graph, Facebook and Twitter images

Full content Addon has the feature to read from the sources the full content and establishes the og:image url or the Twitter: image if the first fail as featured image.