Plugins

I’ve been testing plugins and the cascading style sheets in a blog I call My Sandbox Blog. If something crashes, which it has already, then hopefully the damage is just done to the sandbox blog. When a it did I tossed it and started over.

I’ve tested and am now going to add to this blog:

• Thesis theme for WordPress
• Plugin Central
• WP Security Scan (another plugin)
• BackUpWordPress

I uploaded the Thesis theme for WordPress and the custom.css file. In My SandBox Blog I have everything and the kitchen sink in the custom.css file. Because this blog, the TopColorBlogs.com, needs clean lines, I do not plan on altering it very much. I will do a LOT of altering for the TopBlueBlog.com.

I will only add one line at a time to the custom.css file for this blog.

I use Plugin Central to easily upload my plugins. The WP Security Scan does what I need it to do when activated. I will need to go into BackUpWordPress to tell it my preferences.

In BackUpWordPress I have to tell it the path of where I want my backups to go on my hard drive. They offer a suggestion and so far I have always taken it. Until I know better, right now I have Full Backup Weekly scheduled to run automatically. I also have the SQL Only Backup Daily scheduled to run automatically.

Thesis Theme

I need to change the config.php file and make the RSS feed point to my Feedburner address. I did this and noticed that Feedburner only grabbed the last 10 posts initially. I’ll have to see if they get all my posts listed.

I did make one change to the custom.css file for Thesis for the TopColorBlogs.com. I changed the background color just a little using the .custom #container { background-color: #E4E4E4 } variable.

I like the idea of protecting the database against…. well ….  ME! I like backups.

I like this plugin because I can schedule the backups and I do not have to do them manually. For the totally paranoid, you can even have your backups mailed to you. Nice way to keep them on a different server.

I clicked on View in the Backup Presets area to see the full backup information. Now this is on a blog I just installed 30 minutes ago.

Your Database holds 349.85kB of Data.

Your Wordpress files in this backup use 5.4 MB of disk space.

Your Backup Archive filesize saved with preset full backup will be about 3.02 MB

Wow! I will try having it emailed to me just to see if it gets through with being such a large size.

I clicked on BackUp WordPress Now button that is on the BackUpWordPress tab. It took less than a minute to run. Check it out, my full backup size was only 1.7 MB, well under the predicted.

I do not plan to use the .htaccess or the AskApache Password Protect just in case this is what causes my database to crash.

I like this plugin because it hides the WordPress version number and it removes the wp id meta tag.

I deleted my last sandbox blog while having the problem with the WP Security Scan. It changed something on my database that made my other programs broken. My ISP has that fixed now.

I am setting up my new sandbox blog better this time thanks to the lessons I have learned.

1. I changed the Database Table Prefix from wp_ to something else.

Changing it from wp_ makes it harder for a bad robot to find it.

2. Delete the admin account

Add a new user with full access then delete the admin account. This eliminates brute force attacks that use the username admin.

3. I add the plugin Plugin Central

The only plugin I have to upload. I can easily add all other plugins by using this one.

by Yancey Grantham

Thanks to the security scan of plugin WP Security Scan, I found I needed a .htaccess file.

I searched and found this page on the askApache.com web site, Password Protect your Blog with Apache .htaccess and .htpasswd. This article explains why you would want it. And links to:

AskApache Password Protect

I opened Plugin Central and simply typed “AskApache Password Protect” into the Easy Plugin Installation field and hit “Install plugins” and it was done quicker then it took me to write this.

Now when I go to Security it shows that .htaccess exists in wp-admin/

I stumbled upon a nice list of security plugins for WordPress. The second plugin I’m going to install comes from this list by Speckyboy.

WP Security Scan

I typed just “WP Security Scan” into the Easy Plugin Installation field and it worked great.

Now that it is loaded, there is a “Security” next to the “Comments” on the top links.

Clicking it I find that I should NOT have used wp_ as my table prefix. I can see how changing this would make it harder for hackers to identify WordPress table entries.

I clicked the “Click Here” to change it. I’m told to make a backup of my database but since this is my sandbox, I’ll just go as it is. I typed in my change then hit “Start Renaming.”

Ouch, it kicked it out saying “Your User which is used to access your Wordpress Tables/Database, hasn’t enough rights( is missing ALTER-right) to alter your Tablestructure. Please visit the plugin documentation for more information. If you believe you have alter rights, please contact the plugin author for assistance.”

I think I will do it from my database control panel. Humm, not so easy to do. I’ve read the documentation but for the color blogs, it might be just a quick to re-install them where I change the prefix from the beginning.

He also suggests getting rid of the admin so brute force attacks can’t use that username. I had already moved away from admin but did not think to delete the admin.

It is also telling me that I don’t have a .htaccess file in the wp-admin. I have now read that having this is like another layer of firewall to keep bots from attacking your blog. I found the plugin AskApache Password Protect and I’m going to install this to see if it will create this extra layer of protection.

Thanks to WP Security Scan I will be reloading WordPress for my top color blogs and will be renaming the prefix!

EDIT: NEW INFO

I crashed the Sandbox!!! Good thing I had it! I activated everything in the WP Security Scan and it did NOT like it. Something caused the database to deny me access. I’m re-installing the WordPress setup and will see if I can at least get some of it to work.

I can’t get things working again. I’m going to have to go to my ISP with my tail between my legs and have them reset a few things.

The first plugin I am going to install is Plugin Central.

I’m testing it for the features:
- Install by typing the name of plugin or URL (no downloading then uploading)
- Multiple-plugin control with moving of plugins to other blogs
- Plugin status

Being my first plugin to install I went to WordPress to read Managing Plugins.

The steps I am taking:

1. Downloaded Plugin Central to my hard drive
2. Uploaded the plugin folder to my WordPress plugin directory wp-contentMplugins
3. Opened my WordPress blog admin area
4. Clicked on “Plugins” in the upper right corner
5. asdf

When I first clicked on the Plugins link and got to the Plugin Management page, there were already two plugins there. The Akismet and Hello Dolly plugins by Matt Mullenweg. Akismet is for fighting spam and the Hello Dolly is just a fun, insider joke plugin. I have activated both. In the description of the Akismet is an ad for Matt’s WP Stats plugin. I’m sure I will be adding this one soon.

I had to sign up at WordPress.com for a user name so I could get an API for Akismet to work.

I’m now going to use Plugin Central to install a new plugin.

I bought the WordPress theme Thesis, reviewed in my June 26th, 2008 post.

Before uploaded Thesis I need to change the configuration file.

————————
Step 1. Change your feed address.
————————

Changing your feed address sounds simple right? Well, let me tell you after spending hours reading about feeds I’m totally full. I’ve had feeds in the past so I’m not too much of a noobie. There were many things to consider.

- Do I go with the wp-rss2.php WordPress standard feed?

- Do I get a feed maker for images in my feeds?

- Do I use Feedburner or not?

I looked at WordPress plugins, I read FeedBurner specs, I read bloggers bloggings and now I feel all feed up. All pun intended.

In the FeedBurner Help Center I was reading about creating a feed in WordPress. They suggest using the FeedBurner FeedSmith plugin.

The main reason I can see using a plugin is the ability to forward your comments feed.

This is where I will start, with installing the FeedBurner FeedSmith plugin.

If you are following along the order goes like this:
download theme >
need feed address >
decide on feed feeder >
need plugin for Feedburner

This leads us into the land of plugins. Before we can install the feed plugin I need to install a plugin organizer and then some security plugins.

I’ve also created one more WordPress blog for experimenting on. My Sandbox blog will be for testing plugins.

If a plugin is corrupted or wants to leave tables behind after it is un-installed than I would rather it happen here. I’ll install and test each plugin here before I decide to use it on the other blogs.