fbpx
 

Welcome to Insta Hosting, Providing Reliable Hosting for Small Businesses

Archive

How to secure a WordPress website?

WordPress is vulnerable, so its advisable to follow and integrate some important features that makes the WordPress website secure!

  1. Enable 2fa – To enable 2fa we will use a plugin called word fence 2fa. It’s a plugin used to enable a 2fa on our site with the help of any authenticator app on our phone. As if a attacker hacks our WordPress website and he got to know the username and password but he still won’t be able to login to WordPress as he doesn’t knows the 2fa code.
  2. Update WordPress core – You should keep WordPress core updated as it is necessary for security the WordPress team keeps on stopping WordPress vulnerabilities and keep more security practices. Hey, it also gives new and new features in WordPress and also helps to fix many WordPress issues.
  3. Update themes and plugins – Themes and plugins developers keeps on fixing vulnerabilities in the plugins and themes . And so its too necessary for security. If you don’t want to update plugins one by one you can also enable auto-updates as it automatically updates a plugin whenever an update is available this can be done by cPanel softaculous or by going to WordPress dashboard – Plugins- And then click enable auto updates.
  4. Keep antimalware – You should have an antimalware installed on your WordPress website as it helps in stopping ongoing attacks ( Jetpack by WordPress is also good as it stops brute force attacks, Gives a free CDN, also gives us a free feature to let us know whenever our website is down or is in downtime.

What are the Common WordPress errors & how to save your website?

Today lets discuss about what are the common WordPress errors

But before that, if you have an issue with your website, always backup your site before repairing WordPress.
Whenever we try to repair WordPress errors or any other problem it might lead to some unexpected changes. So we recommend backing up your site before repairing WordPress or any of its errors.

  • WordPress Not Sending E-Mails.

WordPress most typical reason for not delivering email is that your WordPress hosting server isn’t configured correctly to use the PHP mail() function. Many email providers have tools which detect spam. These tools try to understand if an email is coming from where it claims to be from.We recommend using WP MAIL SMTP plugin for this error your host might provide you with a business email So, just login to your business email and there you will find the SMTP credentials in the very first email. SMTP doesn’t use the PHP mail() function. It uses proper authentication which help in great email deliverability rates INSTA HOSTING provides business emails with most packages.

  • Maximum file size reached , Unable to upload media.

This is the most common WordPress error which doesn’t allows a user to increase files after a maximum size in this problem you can use the plugin called TUXEDO BIG FILE UPLOADS. After installing this plugin go to media scroll down and you’ll find the maximum upload limit by default after installing the plugin its set to “0” Which means that the user can upload files of any size so you might let it remain the same.

RECOMMENDED – Change the size to 64 or 128 MB or the size you want rather then making it unlimited.

  • WordPress login redirect LOOP.

There might be a error on logging to your WordPress dashboard. This can really be frustrating. You should clear your cookies to resolve this error . WordPress tries to find login details in cookies. To clear your cookies in google chrome Go to chrome settings – Advanced and then clear the cookies.

  • WordPress plugins issue

Whenever any WordPress plugin issue occurs you should login to your hosting provider’s C-Panel and locate file manager there you can find the wp-content folder move in it then locate plugins folder rename it as n_plugins then Reload your WordPress site. then again locate to n_plugins folder and rename it to plugins the folder name before. Then find the plugin which was causing the error just delete it others will be deactivated by default just activate others and you are good to go (after renaming the plugins folder and on logging to dashboard you may see all plugins are deactivated don’t worry just activate the rest instead of the problem causing one.)

Are you using Outdated WooCommerce and Yoast plugins in your website? then read this!

Are you using Outdated WooCommerce and Yoast plugins in your website? then read this!

We wanted to bring to your attention recent malware exploits within outdated versions of two WordPress plugins, WooCommerce and Yoast.

What’s malware? Malware is specifically designed software to disrupt, damage or gain unauthorized access to a computer system. It can be a big worry when there are breaches within plugins as it causes major vulnerabilities to your system and business.

Since the details regarding these latest malware issues in Woo Commerce and Yoast were released, we’ve had many clients come to us with the same concerns and our malware detection systems have been working hard to keep our platform safe.

We want to work with you to make your website safe again, in the quickest and easiest way possible.

So, here’s what you need to know:

Yoast SEO versions 1.2.0-11.5 and below are vulnerable to an Authenticated Stored XSS attack.
WooCommerce version 3.6.4 and below are vulnerable to a Cross-Site Request Forgery and File Type Check.

How to solve it:
Solving the issue is as simple as updating the plugin concerned. Both WooCommerce and Yoast have released updates to patch the exploit.

Yoast 11.6 was released 7 days ago and has resolved the Authenticated Stored XSS attack risk
WooCommerce version 3.6.5 has also been released which patches their exploit.

It’s important to keep all your plugins updated via the WordPress dashboard, particularly as by default, WordPress doesn’t update these automatically. The longer a plugin is left without any updates, the higher the risk of malware issues occurring.

Does plugins cost you Speed issues in WordPress?

We all know WordPress is an open-source platform and as a result there are many great plug-ins out there, ranging from site security to additional functionality. It’s easy to install them all and call it a day – but how many is too many, and what it means to your website?

Crashing issues & conflict errors

The more plug-ins you install, the greater the chance of things going wrong. Some plug-ins tend to not play well with one another plugin or the theme, and others can cause crashes and general unreliability. With so many plugins in the WordPress repository, it’s impossible for developers to compatibility test them all. The more you install, the greater this risk is exacerbated.

For best practice, try not to install more than one caching plug-in at a time. Sometimes it seems like a good idea to get two plugins that do the same thing – perhaps one offers minification and the other does caching well, so you run them together. It sounds good in practice but in reality, it is going to cause you a headache.

It’s best to find one plugin that does the job for caching and another for optimizing various aspects of the site. Some good choices would be a combination of Autooptimize and your favourite caching plugin (making sure to turn off any additional features for merging and minification as auto-optimize will handle this part for you).

Image Courtesy: Unsplash

 

Poor performance

Each plug-in you install is adding more scripts to your site which is more code that needs to be loaded. There’s going to be an increase in HTTP requests from the additional CSS styling, images and JavaScript in order for them to run correctly.

With those HTTP requests comes increasing usage of server resources and depending on the specs of your plan, this could cause slowdown, crashing or worse. Visitors won’t be able to browse your website if it happens to crash. While caching can often help with this, it’s better to avoid the problem entirely by only installing what you really need.

Security Risks

Plug-ins also need to be kept up to date, otherwise, they may fall victim to recently disclosed vulnerabilities and security holes that leave your site open to attack.

If you have any questions about plug-ins, our support team are available 9 AM to 8PM  Just get in touch with us here.