WordPress for Novices:
10ish Tips to Make WordPress Your Friend
Lehigh Valley WordCamp 2018

This is an updated version of my talk “Make WordPress Your Friend!”
Hope you learn stuff. I’d hate it if it weren’t useful.

Not sure why the embed version of this isn’t working.. but you can download the file here
Also.. I mentioned a plugin for making notes on your plugin list:: Plugin Notes Plus

Gutenberg vs Classic Editor

gutenberg text editorContent Editing in WordPress:
Now and …INTO the FUTURE

Comparing the existing (now called Classic) editor with the soon to be released Gutenberg editor
WordCamp Lehigh Valley WordCamp 2018

There are lots of differences. Existing users will have to learn the changes. New users seem to like it as it is.

Thanks to all the participants in Carlisle who helped me get clear on several details of the talk.

[slideshare id=110592030&doc=comparingwithgutenberglvpa2018-180819213547]

Obvious login name? Be careful!

password123Maybe it’s not just a good password that matters

You’ve certainly been hearing everywhere about the need for strong passwords.

According to RandomPassword.com, “password” is most common password. Their list of the top 10,000 most common passwords is pretty interesting reading. “Dragon” is number 7 above “baseball” and “football” at numbers 9 and 10! (Go figure THAT!?)

I like using four random words — that I could speak — substituting some other characters and capitals. But some sites remind us that you have to use a different password on each site.

There are strong password generators included with password manager services like lastpass.com, which helps you keep track of all those dots and dashes and numbers etc. (It’s a great service. I pay the $12 a year to help make sure that it doesn’t just go away!)

But  my new worry is highlighted by this fact: The WordPress plugin Wordfence just alerted me to several locked-out users trying to gain access to a website that I manage.

The attempted user names were NOT “admin” which is a common choice. The default login for the first user of a WordPress site used to be “admin.”  It might still be, but DON’T USE IT!

The new threat here was pieces of the words included in the domain name.

If the website domain name were, for example, dotsanddashes.com, some baddie might be looking for “dots” or “dashes” as a login name.

It also gives pause to using your first name as a login when you also show that as the author’s name on pages or posts.

So if you must use your name, be doubly sure that your passwords are unique!

WordCamp Lancaster 2016

Such a lot to learn at this great event!

If you’ve  never been, start looking for a WordCamp near you now.
Here are the slides from my jam packed session for new WordPress users in Lancaster, March 6

We covered:

  1. How to Evaluate Plugins and Themes
  2. A Little About SEO
  3. How To Manage All Kinds of Media: Audio and Image Galleries
  4. Getting help

Thou shalt have no ADMIN user on a WordPress site

NO ADMINI have been noticing a LOT of people named “admin” have been locked out of a few of my client websites.

That means somebody tried to log in and then used the wrong password or maybe just the wrong user name/password combination.

It happens.

You don’t remember if your user name is a short name or an email address. You try a couple combinations and finally get it right.

If you mess up too many times, you get a message that you’ll be locked out for a certain amount of time or until you call in someplace to have it fixed. (Banks are really big on that one and I’m glad!)

So why am I (website contact person) getting all these “locked out user” notifications?

I’m seeing these attempts since I recently installed the quite wonderful iThemes Security plugin.
It evaluates and protects a WordPress website from more than 30 vulnerabilities.

IF you install it AND set it up!

Notice of Rant starting
BTW, you know you have to do more than install this (or any) useful plugin?
You have to step through the suggestions for making your site secure and then DO WHAT IT SAYS!  Imagine it?

Recently I had a request from a client, named Gene, to fix a slow site. Gene thought it might be the host’s fault.

Nope!  Too many plugins, too many not updated, and WordPress too far behind.

But the worst was the plugins installed and activated that were not even set up to actually do the stuff they are supposed to do.

It’s kind of like buying a book and figuring that once you own it, so you know what’s in it.

And you know that’s not true, right?  RIGHT??!!

But I digress..

end of rant

 

 

Because I know that my sites do not have any of these user names, I know it’s some baddie trying to get in using brute force (big computers) to guess your password.

Pretty soon the baddies will find your actual name, “Gene,” so you probably have a user named “gene” and they’ll start working to guess that password..

and if they succeed, we got trouble…

right here in River City.
That starts with an S and that stands for you know what and it STINKS!

SO
Please log into your WordPress site. Change your password .. and I’m not saying change it from “password” to “123456”

I’m saying CHANGE IT FOR REAL!

Don’t use a word from the dictionary. Don’t use your birthday or your address. Don’t use your kids’ names.

Here’s a story about a guy who used his passwords to change his life.   It’s creative and affirming and that’s the way to really use a password!