Slides – Basic WordPress Website

Today, I presented for the NC Bar Association on the basics involved with setting up a WordPress website.  Here are my slides.

 

How a Strong Password Stopped a Password Attack

Strong Passwords Block Password Attacks

Prevent a Password AttackA website I run experienced a password attack. This means that someone, either by hand or computer, was repeatedly trying to break into the administrative panel of the site by guessing the password.

Why? Who knows. It may be someone who doesn’t like the company. It may be someone who likes to infect websites with malware. It could be for any number of reasons. But the important thing is that the person or people were  unable to break into the website.  Why? Because I have a very strong password for this website. And for every part of any website I manage. A strong password is a key defense against a straight up password attack.

What is Going On?

As it happens, the attack went on for several days. How do I know this? Because I get an alert every time someone tries and fails, or tries and succeeds to log in to the website. The emails show that someone was trying to log in using both the username “admin” (which does not exist on any site I manage) and the username used to post on the blog. The people trying to break in have been completely unsuccessful. That doesn’t stop them from trying though, and I didn’t wish the attack to continue, so I took additional steps to secure the site.

Failed Login Warning

Email providing failed login information. It includes the username the person tried to use and the IP address of the computer trying to log in. (click to enlarge)

Preventing the Password Attack in the First Place

Fortunately, I had already received permission to move this particular site to cloud proxy for additional protection. This change stopped the password attacks, because with cloud proxy, only people using certain IP addresses may access the site’s login page.  Given this, and the risks of password attacks, if you can afford the 10 bucks a month, add cloud proxy to your site and prevent the attack from even getting started in the first place.

Secure both the Web Host and the Administrative Access Page

Make sure you have a strong password for each and every part of your website control. This includes the web host, registrar and any administrative username through which you access your site. Make sure that usernames for people who are allowed to post on your site are strong as well. No one who is able to log in to your site should have a weak password. If you add cloud proxy, make sure Sucuri has a strong password too.

Picking a Good Password

I have noticed that a lot of law firms will use a portion of the firm’s name along with a couple of numbers as a password. Never do this. Such passwords are easily guessed. Your password should be something that makes absolutely no sense as a word and contains a mixture of letters, numbers and special characters. Those numbers, letters and characters should have nothing to do with anyone at the firm. Don’t use your birthday, children’s birthdays, dog’s birthday, you name it. When you make a password completely random, as well as long enough, it becomes almost impossible to guess.  If you want to see how hard your password is to guess, check out this site I learned about at ABA Tech Show: https://howsecureismypassword.net/.  I have to admit, I have never used this site to check out my passwords. The idea of typing in a password on some random site on the web freaks me out.

Plethora of Speaking Engagements!

Jennifer Ellis Speaking

Where Will I Be Speaking for the Next Few Months?   I never have the heart to say no to good organizations such as PBI, PBA and TASA.  As a result, I am speaking a lot this summer. In fact, I am speaking so much I had to postpone Jury Duty, … [Continue reading]

More About Sucuri – CloudProxy

CloudProxy

Sucuri CloudProxy   While I am discussing security and Sucuri, I'd like to talk to you about CloudProxy.  CloudProxy is a firewall for your website. You are no doubt familiar with denial of service attacks.  These attacks are used to take … [Continue reading]

Sucuri & Protecting Your Website

Keep Your Website Safe With Sucuri   I realized today that I am more inclined to give negative reviews than positive. Isn't that the way? So when someone asked me in response to my post on Sitelock if there are any good companies for keeping … [Continue reading]

Dress Right or Sit Down and Shut Up? Women Lawyers and Court Room Clothing

Woman Lawyers Clothing

Do Women Lawyers Still Have to Wear Skirts in Court Rooms? On the Women in the Profession listserv of the Pennsylvania Bar Association, we had a lengthy discussion about women and what they wear in court. The discussion began because a judge wrote a … [Continue reading]

Slides: SEO, Now What Does Google Want?!

Powerpoint Presentation for SEO Seminar   Here are the slides for my webinar on basic SEO. I am presenting this today for a group of approximately 500 attorneys. Thank you to MyCase for inviting me to present. While I am presenting to … [Continue reading]

Lawyers Don’t Need Websites?

Lawyers Absolutely Need Websites I remain surprised at the number of attorneys who do not have websites. I am also dismayed, because most of these lawyers are solos and smalls, and I am very partial to those folks. By failing to have a website, … [Continue reading]

Free Webinar on SEO

Free Webinar on SEO

Teaching Free Webinar on SEO - Thursday May 29, 2014 Tomorrow, I am teaching a free webinar on SEO basics.  The seminar is being offered by MyCase.  Sign up for free. My goal in teaching this webinar is to provide lawyers (and other business … [Continue reading]

WordPress in One Hour for Lawyers – Add Borders to Images

Add Border To Images

WordPress Upgrade Took Away Ability to Add Borders to Images Easily   If you purchased my book WordPress in One Hour For Lawyers you may be shaking your head about my instructions on editing images. This is because the newest version of … [Continue reading]

%d bloggers like this: