Sorry, yes I’ve been very quiet for some months now and I apologise for that – life just seems to have taken over and the months have rolled by without my even noticing how fast time flies!!
I felt that it was about time I brought you up to date on some of the things I’ve been doing with regards to testing various different schemes and systems for you.
This time however, I’m going to start this month by EATING MY OWN WORDS for a change…
you will no doubt have read my rave about FM Websites and, at the time of writing, these were absolutely brilliant and brought a few pennies in here and there – although nothing to break the bank but still successful given that the sites are supplied free of charge.
Well, now I have a major gripe and I’m slapping a HUGE NO-NO on these sites. The business was recently taken over by Dan Sumner and all seemed well to begin with UNTIL ….
This week I went to check on the three FM Websites I had running and, to my horror, all three of them had been HACKED!!
The original company who marketed these sites seemed to have their own security in place to prevent this sort of thing but it appears that the new owners have not added any such security to the files you upload to your hosting server but there is no opportunity within the admin panel to include your own security plugins – at least not on the FREE versions, there may be such choices in the PAID versions but I’m not about to shell out any cash to find out.
The whole mess caused me a huge headache as I was unable to find the hacking script – even my hosting providers who are amazingly helpful at all times, could not pinpoint the script causing the problems.
The RESULT – I took all three sites down and will not be putting them back up again – I HATE HACKERS – they’re no better than thieves and should be jailed if caught.
Anyway, the upshot is that I can no longer honestly promote Free Monthly Websites and have removed my rave review from this site. I can’t promote anything that is so poorly protected from the nasty scripts of scum-of-the-earth hackers.
Bear in mind though, I have only tested and used the FREE version of these sites. There is an option to pay for the sites, which apparently gives you more access and more functionality and may well be more secure – but I can’t comment on those since I’m not about to part with my cash just to find out if they’re less vulnerable than the free versions.
If you do decide to use FM Websites, I would suggest you first ask Dan Sumner [email@example.com] about the security of the files (or lack of it). If it transpires that there is no in-built security in the files to upload to your server then you need to make sure that you will have the option to add your own security plugins before parting with your cash.
As for security plugins for wordpress sites, I would recommend using the following two plugins, at least – both are FREE and work amazingly well to keep out hackers and bots:
Wordfence and Bulletproof Security.
A word about Bulletproof Security though – because it is extremely secure and rewrites your .htaccess file to keep your site safe, it also means that each time you update, add or remove a plugin you do need to recreate the secure .htaccess file. This is an easy task and completed through the dashboard of BPS but if you forget to complete this step you may have problems with the functionality of new plugins. However, you can rest assured that BPS will lock your site down tightly and keep the hackers and bots OUT – so it’s worth the extra few minutes it takes to recreate the access file.
Wordfence, on the other hand, doesn’t write to your .htaccess file and just keeps on working properly from the date you install it regardless of whether or not you add new plugins or remove old ones. Wordfence acts as a security scanner and regularly checks your site for problems, sending you alerts when problems are discovered. Sometimes this may just be a note to remind you to update some plugins but, more essentially, Wordfence will alert you when someone or some bot is trying to login to your wp-admin folder without permission or authorisation. I’ve found this to be invaluable because I can then take the offenders’ IP addresses from the alert notice and go into Wordfence to permanently block such naughty people/bots from ever trying to hack into my sites again. It gives me a great sense of satisfaction when I later check to see how many hits have been blocked by Wordfence and I hope it teaches the hackers a lesson:
I WILL NOT TOLERATE ANYONE WHO TRIES TO HACK INTO MY WORDPRESS SITES – they might try once but they will find themselves permanently blocked from ever accessing ANY of my sites in the future, since I repeat the IP address block across ALL my sites regardless of which site the person/bot was trying to access.
For me, BPS is my medi-guard and Wordfence is my front-line soldier – I thoroughly and wholeheartedly recommend using BOTH these plugins for your own peace of mind and total security on your wordpress sites.
OK that’s it for just now folks and thanks again for stopping by, check back later in the month when I will have some news on the latest money-making schemes.
Enjoy your day!!