BuyHTTP Company Blog

Brian Teeman is running a Joomla developer showdown, similar to extension competitions that are done with other systems. These competitions often lead to some of the most used extensions so it will be exciting to see what will be produced. Visit his site for info on the competition and how to get involved.

Do you use the cPanel x3 theme with your BuyHTTP hosting account? We have added a series of 21 new tutorials to our tutorials page. There are now 376 flash tutorials in our collection. We have also streamlined the design making tutorials easier to find.

Shortcodes allow you to show data simply by adding [shortcode] to your WordPress site. This article includes 9 very cool shortcodes you can add (it also shows the format for creating any of your own) and a list of already included shortcodes.

SEO is a critical part of getting people to your site and these WordPress plugins help you acheive your goals quickly and easily.

HeadSpace2

The most important on page factor in SEO today appears to be your title tag. HeadSpace2 allows you to easily control the layout of all title tags on your WordPress blog. Along with title tag management you can control all of your description tags which, while not very important in SEO, can be very important in attracting people to click your site in the SERPs.

Redirection

What happens when you change a post’s URL? Do you know when your visitors are getting 404 errors? With Redirection you get everything you need to easily redirect posts and log any 404 errors.

Meta Robots

Until Meta Robots there hasn’t been an easy way to keep WordPress from allowing the indexing of certain pages on your blog. Now you can easily prevent the indexing of any pages/posts on your blog.

SEO Slugs

Including works like “in” and “the” in your post slugs doesn’t really do your SEO any good. SEO Slugs automatically removes all of these types of words from your slugs.

If you are looking for any Joomla related services there is a new easier way to find what you are looking for. resources.joomla.org has been created due to intense community desire. This is also a great way to get your Joomla services company more exposure.

One very popular way for hackers to try to gain access to your Joomla administrator is to brute force attack to guess your password. Using this method they bombard your admin form with thousands of usernames/password until they find the right combination. Since Joomla doesn’t let you choose the admin username when installing they already know the username, this makes it twice as easy. Fortunately is is easy to add several layers of protection.

1. Change the admin username

The first step you should take is changing your admin username. Login to cPanel, go to phpMyAdmin, select your Joomla database, browse the jos_users table and edit user id 62, this is the original super admin user. Change the username to something other than admin. This step will already almost eliminate any chance of your login being guessed since most hackers will just use admin for the username.

2. Improve your admin password

Next you’ll want to make sure your admin password is sufficiently difficult to guess. You’ll want to have at least 8 characters with a mix of lower case letters, upper case letters, numbers and special characters. A good password generator can be found here.

3. Add .htaccess protection

The firewalls on our Joomla hosting accounts automatically check for failed login attempts on .htaccess logins, so potential hackers will automatically be blocked after 5 login attempts. To add .htaccess protection login to cPanel and click on the Protect a Directory button. There you will be able to select the directory to protect (in this case your “administrator” directory) and add users who can login.

Taking this steps will help protect your Joomla admin login from would-be hackers.

We get asked regularly how to add Google Analytics tracking to WordPress sites. A quick search of the WordPress plugins directory shows about 60 results for “Google Analytics” so there are no shortage of ways to add it. The plugin we prefer to use is WP Google Analytics. With WP Google Analytics you can not only add your tracking code easily you can choose to log 404 errors, searches and outgoing link clicks as well as disable tracking for any role you want, like administrators, editors, etc.

To install WP Google Analytics you just need to download the .zip file from the plugins directory, go to your WordPress admin dashboard and navigate to Plugins > New > Upload. Upload the .zip file and activate the plugin. You can then change the settings and insert your tracking code.

We get asked all the time how to add Google Analytics tracking to Joomla sites. Until now we’ve recommended doing it manually because that was the only way to get the code just above the </body> like Google recommends. All the modules would place the code in the middle of your page. There is a new plugin that allows you to get the code inserted just above the </body> without needing to edit the template file.

BIGSHOT Google Analytics is a free Joomla 1.5 native plugin that allows you to insert your Analytics tracking code from the administrator with no file editing required.

It would be nice if the plugin allowed the option to prevent it showing if you are logged in as various levels on the frontend if you didn’t want to track admin or editor visits.

Hackers love to use dictionary or brute force attacks to try to get admin logins into sites. What they do is find your admin login page and continue to try hundreds or thousands of passwords until they find yours. There are 3 pretty easy ways to prevent this from working:

1. Change your admin username.
2. Use a hard to guess password.
3. Install Login LockDown

Changing your admin username

To do this you will need to login to cPanel and go to phpMyAdmin. Select your WordPress database and browse the wp_users table. Edit the first entry which should have the username “admin” and change the value to something else.

Use a hard to guess password

Your password should be at least 8 characters with a mix or upper case letters, lower case letters, numbers and special characters. If you would like a secure password generator you can find one here.

Install Login LockDown

Login LockDown allows you to set a threshold for failed login attempts before a user is blocked. From their WordPress plugin directory description:

Login LockDown records the IP address and timestamp of every failed login attempt. If more than a certain number of attempts are detected within a short period of time from the same IP range, then the login function is disabled for all requests from that range. This helps to prevent brute force password discovery. Currently the plugin defaults to a 1 hour lock out of an IP block after 3 failed login attempts within 5 minutes. This can be modified via the Options panel. Admisitrators can release locked out IP ranges manually from the panel.

Installing Login LockDown is just like any other plugin. Download the .zip file from the plugin directory. Go to your WordPress admin dashboard and navigate to Plugins > New > Upload. Upload the zip file and activate the plugin. You can the setup your rules.

I’ve installed the MiaCMS 4.9 beta to get a look at the new features and am liking what I’m seeing so far. The two big differences you’ll notice are the new bookmarking system (I wrote one back in the Mambo 4.5 days so it’s nice to see functionality like this in the core) and the tag cloud module. I didn’t dig into the code on the tag cloud but from what I can tell it searches all articles to create it, I didn’t see any way to create tags when adding or editting content. This sould slow things down with thousands or articles, but maybe they have a caching feature in it to prevent that (and knowing these developers it wouldn’t surprise me).

There were also several updates behind the scene, not the least of which is that MiaCMS now requires PHP5. This is good news since there are functions only available in PHP5 that will help the code execute faster, and no host should be running PHP4 anymore.

I didn’t notice any bugs while I was playing around which is always a good sign. I wonder if this will be the last major release before we see joint Aliro/MiaCMS code?