Posts Tagged ‘Wordpress (WP)’

How to Protect Your WordPress (WP) Website & Blog from Hackers

Tuesday, March 3rd, 2015

Each passing day brings with it news of a brand new leak of personal information over the Internet. Be it credit card information belonging to millions of users or their email IDs and passwords, the world of hackers has democratised the internet and its lack of security at every possible level. You might now be wondering what this has to do with your innocuous little blog or website that does not carry users’ credit card information or other informations. Well, hackers can turn your nondescript website into a malicious spy bot in a matter of minutes, sending sensitive user data to hackers without you even realizing it. Worse, they can hack into your website databases and destroy or manipulate important information, injecting your content with malicious links and even hijack the hosting server to be used in botnet DDoS attacks.  But there are things that you can do to secure your website from hackers and becoming a target for online vandals. Some of them are

Keep All Software Updated

As a site owner it’s your job to ensure that every piece of software you run is up to date. CMS providers like WordPress, Joomla work round the clock trying to plug any holes in their systems and release regular patches and updates that make their software less vulnerable to attacks. Ensure that you run these updates and have the latest version supporting your site at any given point in time. If your site uses third party plugins, keep track of their updates and ensure that these are updated on time as well. Clean out your website of any unused, old and non-updated plugins — they are the ones for hackers to be used as a gateway to enter your site and wreak havoc on it.

Use Strong Passwords, Change Regularly

Strong passwords are not just a requirement for your email or financial transactions online, they are also imperative for your website server, admin and database passwords. Make sure your password is a combination of alphanumeric characters, symbols, upper and lower case characters and is at least 12 characters long to prevent brute force attacks. Do not use the same password for all your different website logins. Change your passwords regularly to keep them doubly secure. Store users’ passwords in encrypted form. This ensures that even if there is a security breach, attackers do not get their hands on actual user passwords.

Don’t Use Generic Usernames

A shockingly high number of people leave their administrator account labeled as “Admin”. This means that if the hacker can guess this account name, they are halfway to making sure that they can access your site and lock you out of it! Instead, create another administrator account, and delete the “Admin” account. It’s simple, fast, and effective!

Use Discreet Error Messages

Have you ever mistyped your password and gotten an error message like, “incorrect password.” Seemingly harmless, right? This message is helpful, but you never want to be helpful to people who mean you harm! Keep the error message discreet. For example, if you use the error message “incorrect username/password combination,” a potential hacker isn’t informed they may have guessed half right. This is a small detail, but it’s a good, simple way to make sure that you stay safe.

File Uploads

Allowing users to upload files to your website can be a big website security risk, even if it’s simply to change their avatar. The risk is that any file uploaded however innocent it may look, could contain a script that when executed on your server completely opens up your website. If you have a file upload form then you need to treat all files with great suspicion. If you are allowing users to upload images, you cannot rely on the file extension or the mime type to verify that the file is an image as these can easily be faked. Even opening the file and reading the header, or using functions to check the image size are not full proof. Most images formats allow storing a comment section which could contain PHP code that could be executed by the server.

Hopefully these tips will help keep your site and information safe. Thankfully most CMSes have a lot of inbuilt website security features, but it is a still a good idea to have knowledge of the most common security exploits so you can ensure you are covered.

CNY Closure


TC Electronics Solution Website

Wednesday, November 12th, 2014

Design Workz is proud to announce that TC Group Limited, a leading broadcast and telecommunication systems solutions and services provider in Vietnam, re-launch its new website with WordPress (WP), a Content Management System (CMS). This gives TC Electronics an advantage to increase in products and services exposure. Customers can communicate directly with a contact form to link up.

Having a professional team working on the website ensure the look and feel enhances the overall presentation and prestige of the company. Now that the website is setup under CMS, it is much easier to add content to the website. Potential customers will be encouraged to browse through the website and make enquiries.

It is our pleasure to work with TC Electronics Solution.

TC Electronics Solution

Disk Precision Website

Monday, October 20th, 2014

Disk Precision is our latest client to go onboard to cyberspace. We are privileged to develop a WordPress (WP), a Content Management System (CMS) website for Disk Precision featuring their products and services. CMS is available since 1990s and are favourites among corporate and marketing websites. There are many advantages using CMS. For example, the system owners are in control of what to put in the content. It is easy to add content as the business grows and making the company website more robust. With this website, communication comes easier and safer. Customer can approach directly without the fear of viruses and junk mail. Product will get more exposure that will generate interest and ultimately turn it into sales. As a design company, it is our job to present an attractive “Store Front” for our client.

Disk Precision