I creating a website and have decide to use WP as the platform. I have a few questions for the forum since many has used this platform for a while. Any information would be of great help to me. Thank you very so much in advance. 1.) Is there a difference between One Click Install or self install? 2.)I have seen a couple of threads about WP being h@cked, what are some things I can do to decrease the chances of WP site being hacked? 3.)What can a beginner do to prevent being hit from Google Panda? Any plugins or modifications to certain files? 4.)Does most plugins play nicely with Free and Premium Themes? 5.) Besides the "All in One SEO", What are some others must have plugins a beginner should know about?
Here are some quick thoughts... 1) Not sure what kind of difference you're asking about, but the biggest one is 1-click installs are easy and self installs are a little more complicated. Depending on where you host, sometimes 1-click installs install more stuff than you want, but you can't beat them for easy. 2) To decrease the odds of being hacked, there are a number of WP plugins that you can use that secure some of the more vulnerable aspects of WP. Also, set a very secure password (upper case, lower case, numbers and symbols) and don't save it in your browser or any other thing that will auto-fill it for you. 3) To avoid being hit by Google Panda, use original content, avoid auto-blogging techniques, don't close WP sites, and stuff like that. That's just a few examples but providing good, valuable, unique content is your best defense. 4) This question is too broad to answer well, but in general the plugins that are worth their salt generally play nicely with free and premium themes. Just be sure to deactivate them before you update WP and reactivate them afterwards. 5) Some other really good plugins to have include something that backups your database regularly and emails you a copy. Having a good Google Analytics plugin is a good idea, as well as a Google XML sitemap plugin. If you are doing anything with Adsense, you'll want a good plugin to make inserting Adsense easier. If you are using a social bookmarking strategy you'll want a bookmarking plugin. Most install include the Akismet plugin, use it, it's a good one. There's probably a few more, but those are the ones at the top of my head. Best of luck!!
DamonMack, there are a threads on DP and other websites on the web that shows you how to increase the security on your WP. I have been doing some research as well because I am getting ready to start one of my own. I know WP often update the platform and close up security holes. Some of the websites I visited date back to 2006, 2008 and some are 2010 and 2011. My concern would be does the information from further dates still apply now? __________ Thank you WildChild for answering these questions as it helped me out as well. ______ Some of the security protection measures I found through-out the DP forum and other sites are: 1.) Remove "Powered By WordPress" at the footer 2.)Change the default user to anything other than "Admin" 3.)Remove Wordpress Version 4.)Change WordPress DB Table prefix to something other than "WP_____" 5.)Download Plugin Bad Behavior 6.)Download Plugin "WordPress Security Scan" 7.)Insert the code below into your .htaccess file in your "WP Admin" not the Root Folder: order deny,allow allow from xx.xx.xx.xx <<Your IP>> deny from all 8.)Change List of Plugins---<<have no idea how to do this>> 9.)Admin-- encrypted connection (SSL) <<<have no idea how to do this>> 10.)ChMod all files to 664 11.)Install "Limited Login Attempts" 12.)Hide Your Login with "Stealth Login" Plugin 13.)Install 'One Type Password' plugin to ensure stolen passwords only work with one session. 14.)Install 'Login Encrypt' to prevent anyone from stealing your login details by hiding or encrypting password when entered. 15.)Install 'Wordpress Last Login' to detected the last time and IP that logged into the account. 16.)Simple copy and paste the code below to your .htaccess in the root to prevent script injection and unwanted modification: # protect from sql injection Options +FollowSymLinks RewriteEngine On RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR] RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR] RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2}) RewriteRule ^(.*)$ index.php [F,L] 17.)No Browsing of Directory- copy this code into your .htaccess in root directory: # disable directory browsing Options All -Indexes 18.)Protect WP-Config.php, add code to .htaccess in root directory: # protect wp-config.php <files wp-config.php> Order deny,allow Deny from all </files> 19.)Protect .htaccess, place code in domain's root .htaccess file: # STRONG HTACCESS PROTECTION</code> <Files ~ "^.*\.([Hh][Tt][Aa])"> order allow,deny deny from all satisfy all </Files> 20.)Change the Name of your .htaccess 21.)Block SE Spiders From Indexing The Admin section. Create a robot.txt file in your root directory and place code below: # User-agent: * Disallow: /cgi-bin Disallow: /wp-admin Disallow: /wp-includes Disallow: /wp-content/plugins/ Disallow: /wp-content/cache/ Disallow: /wp-content/themes/ Disallow: */trackback/ Disallow: */feed/ Disallow: /*/feed/rss/$ Disallow: /category/* Here is most of what I have found through out the forum and other sites about Wordpress security. Would some or all of these still apply to the new wordpress today or are most of these old security fixes that WordPress has already closed up?
I wish I could answer all your questions but the last one stuck out to me most. If you want to make money online, you have to know the ins and outs of the game. What I mean by this is that you have to know the demographics of your customers and who's buying your products as well as how are they finding out about your website. The reason I brought this up is that there is a great plugin called Pretty Link which basically helps you track where your clicks are coming from. It's extremely easy to set up and they provide a video as well. So essentially, if a lot of your clicks are coming from a forum, then you should promote more in the forum so you make more money. If it's from article marketing then you create more articles and then video marketing is the same thing. Whatever gets you the most traffic and sales is where you want to promote more aggressively.