Don’t Use Admin As Your WordPress Username

We create, host, and manage a number of sites for churches, non-profits, community groups, and businesses. As a part of that, we also spend a good deal of time “behind the scenes” keeping these websites safe and secure. Our clients often don’t realize how much work that entails in 2014 / 2015 with the ongoing proliferation of sophistication and the sheer numbers of bots and bad folks looking to exploit poorly constructed sites or social media accounts to use for other nefarious purposes (nor should they).

Setting up a WordPress site on your own is not hard to do. You have to find a host, click a few selections for your server, then run through the install. It’s gotten tremendously easier over the years. However, if you’re setting up a self-hosted WordPress site, you have to take security seriously.

For example, the screenshot above is just a small sampling of the attempts to “brute force” access to this site from this morning. There are hundreds of these everyday for this site and I see thousands daily for some of our larger clients. You’ll notice the attempts are all trying to gain access to the site with the username “admin.” Before WordPress 3.0, the default for new site installs was to use “admin” as the username. Combine that with the terrible passwords that most people online use, and it’s not hard to see that with enough permutations, the math is there. It’s fairly easy to buy a list of the most commonly used passwords on the web if you know the dark parts of the web to look, as well.

Here are my surface level and generic recommendations if you do decide to set up a WordPress site for your church, group, or business after about a decade of working in this area…

1) Don’t use admin as your login username for WordPress or for any other account whether it will just be you logging in or a team of people.

2) Don’t use a short or “dictionary” phrase password. Use something unique to you and combine numbers, letters, etc as much as you can. That’s not fool proof and there’s research showing that doing so isn’t as effective as it was previously, but it’s still a good practice. Even if you’re “bad at passwords” as most humans claim to be, figure out system for a stronger password. It’s worth your time and it’s important no matter how small or large your site or social media account will be.

3) Use a good plugin such as Sucuri to keep track of security audits, reviews, and monitoring. Again, it’s worth your time and easy to set up email alerts for certain events.

4) Keep track of installed plugins and make sure that no one has installed a plugin that is actually a piece of malware or using your WordPress install for nefarious purposes. This is important especially if you are working with a number of people on a WordPress site and sharing a common user account rather than setting up various users (which you should do for a number of reasons).

5) Update, update, update. Keep your WordPress version, plugins, and themes as updated as possible. That usually means at least a couple of times a month.

Of course, there are many other things to consider but I get this question frequently and wanted to make my initial thoughts easy for others to find. Setting up a WordPress site is a great idea and it’s not terribly difficult. However, do it the right way and make sure you are keeping your brand, visitors, and users free from any potential threats that you can avoid with a little time investment.

School Lunches

Soylent Green is people (but seriously, this looks terrible)!

Students have posted their photos of mystery slop and scant portions after Mrs Obama spearheaded the United State Department of Agriculture’s "Let’s Move!" initiative to crackdown on obesity by reducing fat, simple sugars and salt in school food.

via Hungry students send messages to Michelle Obama over sloppy school dinners – Americas – World – The Independent.

Books Aren’t Just Commodities

Worth your time (and I love the dig at Amazon and the cartel of book publishers):

Books aren’t just commodities; the profit motive is often in conflict with the aims of art. We live in capitalism, its power seems inescapable – but then, so did the divine right of kings. Any human power can be resisted and changed by human beings. Resistance and change often begin in art. Very often in our art, the art of words.

via Ursula K Le Guin's speech at National Book Awards: 'Books aren't just commodities' | Books | The Guardian.

My Interstellar Review (Spoiler Free!)

I was excited to see Interstellar last weekend. I’ve always been impressed with Director Christopher Nolan’s movies and the artistic vision he has brought to everything from Batman to Inception.

It’s hard to write a full review of something as expansive as Interstellar, especially since I’m not a film critic and there are a number of supposed plot twists, surprises, and a “big reveal” at the end that I’m guessing was supposed to move viewers in a Sixth Sense manner. Accordingly, this will be a short review.

Overall, I was disappointed.

The music score was beautiful, the sound (Merianna and I saw the film in its intended IMAX experience) was deafening but very well done and effective. There were grumblings from early reviewers that the awesome (I use that word in its intended case) sound of the movie drowned out dialogue in key parts. Nolan later revealed that was intended. I would argue that’s probably a good thing because the dialogue we are left with is trite and oozes with sappiness that a movie of this intended grandeur should not include. The exception was Murph as a young girl, who was fantastic. The special effects were incredible and definitely kept you engrossed despite all the plot holes (some as big as a black hole) and inconsistencies of actual science as applied in the movie.

Yet, the movie kept trying to be something bigger than it was. It was reaching to be the 2001: A Space Odyssey of our generation. It fails to do that.

Perhaps my disappointment in the movie is my own fault because I love “hard science” sci fi and I’ve seen 2001 too many times. For a casual movie goer who wasn’t a science teacher, it’s probably incredibly moving and scientifically “awesome!”.

I’ve tried to like the movie all week in my head. As a final attempt, Merianna and I watched 2001 last night because of my grumblings about how similar Interstellar tried to be to that classic. 2001 holds up well, in my opinion and is much more of an expansive, intimate, and anxiety causing experience (about our own humanity, about our place in the cosmos, about the still small voices in our head etc). Compared to 2001 and the oblique absence of dialogue or emotions from the humans (HAL 9000 is the most emotive character), Interstellar is closer to Armageddon (I’m sorry).

What really let me down the most about Interstellar besides the cheesy dialogue, the utter ridiculousness of attempting to make love some sort of quasi-scientific force akin to gravity or electromagnetism, the plot leaps (why is the rocket facility that close to the farm??… I could go on and on but don’t want to spoil anything) was the ending. I won’t reveal anything, but it’s terrible.

The first 20 and last 20 minutes of 2001 are dialogue free. There’s only music. It’s moving, strange, and engrossing. Interstellar attempts something similar and when Cooper (Matthew McConaughey) has a similar experience to Dave (from 2001) at the end of the movie, I was impressed. Interstellar reaches its moving crescendo and leaves room to breathe emotionally, visually, and even a little philosophically. I was sure the movie was done and started mentally preparing to try to find our way out in the crowded theater. But Interstellar didn’t end. It kept going. And it sucked for those last 20 painful minutes.

It’s a fun movie. But it could have been so much better had Nolan left room for the audience to explore themselves. For all of its celebration of humanity as a species of explorers, Nolan treats the audience like a group of primates protecting a watering hole on an African savanna rather than an advanced life form. Too many banal chalkboards, whiteboards, sappy conversations, and drippy conversations for me to elevate this movie to where I’d hoped it would be.

WSJ: You Can Ditch Your PC Now

Completely agree with the main idea of this article… Chromebooks (and tablets to some extent) are mature platforms and great devices for both creating and consuming content for personal and business use:

In short, I’m done with PCs—at least as they are conventionally defined. And I think the majority of long-suffering PC users would be too if they weren’t so accustomed to thinking of computers in the same way they have for decades. Building new technology is easy compared with changing the habits of those who use it.

via You Can Ditch Your PC Now – WSJ – WSJ.