hi Adam been following you for years! thanks for everything you do! i just updated to wordpress 6.5 and i dont see this auto update option. was it discontinued by wp?
Hi Adam, What a great video! I have been thinking about improving the security of my website. I recently helped my sister set up a WordPress website as well, and I think she will appreciate this video as well. I gained a lot of information that will be very helpful in the process. I really appreciate you sharing the top problems with security. I realized I have been making some mistakes with the security of my website. Thanks a lot for sharing this, it was a great help.
That was a Great video, Adam. I do have a couple of questions: 1. What do you think about "Solid Security"? (they were used to be called "iTheme Security") 2. What do you yourself use for Anti-Spam in your Comments area and can you please do a video tutorial on it?
Hey, great vid as always! It made me think of my next planned website. Can you tell what exactly is needed, how many plugins to make a (smallish) e-commerce website secure? Like what is needed to make a website secure as possible: SSL, Sucuri and so on. It would help lot of viewers to ease their minds as website creation or making a website as secure as possible can be really overwhelming.
Really ultime security but didn't cover basic infor such as Such as wp-amdin extension change, free plug in to block brute force attack, hardening of files ect. Can do all this with free reputable plug ins.
Like any other software your server uses, you should maintain the latest stable release version of PHP because it contains all bug fixes which might address security issues.
I'd advise against automatic updates as it can cause stability issues for your website better to check every week or so for a new updates manually that way if anything does go wrong you'll have a much easier time troubleshooting
I want to live with you, guys can you just imagine having this guy in the next room as you. OMG, I would have some serious websites, much better than the ones I have currently. Adam knows everything such a mentor... Anytime I get stuck.. Ohh you whoooo! Oh Adammmm my Bosom Buddy
I've noticed on the WP plugin repository that most of the 1-star reviews for the iTheme Security plugin are all recent, (and the 5-star reviews are months old) with most saying the update has ruined a great plugin and asking them to roll back to a previous version. Have you evaluated your glowing review of the plugin for current WP versions? Do you still feel the same, or did they make a misstep and it's no longer a good choice?
Thank you for putting in the time and effort to create these tutorials. PS: I'm curious -- has anyone here ever used one of the referral links and got rewarded with a premium course as promised? If you have, kindly reply. My experience suggests that the offers might not work exactly as promised. So I would like to know if it's just me or if that's a general experience.
A former dev of mine uploaded a file into wp content containing some files such as a .htaccess file. He did never mention anything. Is this something really bad? And how can he upload it? I didnt give him FTP, only admin for the website, meaning he could go into ghe backend
That's a tough question to answer. That file controls the web server rules for who can access the contents of that directory. Depending on what's in that directory the rules might or might not be appropriate. It's instructions for your web server on how that directory can be accessed by users, if at all.
GPL license has no effect on the security of plugins and themes only use what you need and install plugins from trusted sources will go a long way in securing your wordpress site
If hacked couldnt you have your host to reset everything reinstall Wordpress and roll the backuped paged back ? I know you have to know which exploit the hackers used to fix that after a reset.
hackers can infect backups with malware they can also include logic bombs so you won't know that they were infected with malware until it's too late you must do a full analysis of your server and figure out how the hackers got in before you can do something like restoring from backups there is a reason why when companies get hacked it takes them a while to sort it out
Hi, i don't mean to be picky, because this is an important video. But can I ask you to do a yearly update for us? It makes sense to keep it recent. Thanks for the awesome videos :)
Dont understand how you can trust a Company that as you said they were a new Company that didnt do what they promised. And you got hacked with their services installed
I think it’s about how they (the company) responded to their error. If they owned it, apologized for it, and talked about how they’d make sure it didnt happen again - and then follow through on it - then it’s worth giving them a second chance. Paul didn’t go into it, but I suspect they must have found a way to convince him to give them that second chance.
Yea I hear ya. I think they oversold what they were capable of in their early days and we were simply unprepared for a zero-day attack. They have since gotten their act together and are making good contributions to WordPress as a whole.
Allowing developers access to administrator accounts is a major security breach. Some developers claim they cannot solve bugs unless they have access. That is a lie. There are other ways to debug plugins. I do NOT allow them access. They have to fix their plugins some other way. Did not mention state-sponsored or commercial espionage which not includes spying but also sabotage. A good security scanning firm like Cleantalk will deal with many problems.
Hello Adam, Great video! Great content!!! I am just wondering when you place subscriptions and tiers on your website, how google crawl your new content if it's locked for everybody now that you are asking for people to subscribe and pay you for different tiers in order to have access to your content? And also, I follow some of your tutorials and when I place the payment method with Paypal, they charge a whopping 10% of the total amount charged. I think is too much. Do you have any solution to lower the amount we have to pay to these big companies? Thank you for all you do for us!!!!
Hi sir, love your videos from India. I am a Web Designer wants to share something good with you, could you plz share your email where I can contact you.
There's literally a section in the video description titled 'CONTACT WPCRAFTER'. If you're unable to find that on your own I doubt what you have to share will be of any use to Adam.
hi Adam been following you for years! thanks for everything you do! i just updated to wordpress 6.5 and i dont see this auto update option. was it discontinued by wp?
Hi Adam,
What a great video! I have been thinking about improving the security of my website. I recently helped my sister set up a WordPress website as well, and I think she will appreciate this video as well. I gained a lot of information that will be very helpful in the process. I really appreciate you sharing the top problems with security. I realized I have been making some mistakes with the security of my website. Thanks a lot for sharing this, it was a great help.
Very thorough video about the rigors of modern website security.
Great video as always. Really appreciate your work.
Thank You for all of your videos that you did. I am enjoying all of them
That was a Great video, Adam.
I do have a couple of questions:
1. What do you think about "Solid Security"? (they were used to be called "iTheme Security")
2. What do you yourself use for Anti-Spam in your Comments area and can you please do a video tutorial on it?
I'm the 900 Like! =) Thanks for the great content you provide.
How good is iThemes Pro Security plugin?
what about blue host, host gater and similar?
Great video! Any videos or guides on securing our own VPS such as from Vultr?
+1
Is CLoudways the same as Digital Ocean? DO is terrible...
I really appreciated your video and big thanks...Hats off to you!
another great video Adam, thank you.
Hey, great vid as always!
It made me think of my next planned website. Can you tell what exactly is needed, how many plugins to make a (smallish) e-commerce website secure? Like what is needed to make a website secure as possible: SSL, Sucuri and so on. It would help lot of viewers to ease their minds as website creation or making a website as secure as possible can be really overwhelming.
Green Mart theam not visible cliparts.. please tell me how can get.....
why is there no support with hostinger
would you please share how to keep a device safe from hackers as well not just a website? and what about apps, please? thank you.
What about image etc upload that customers can order? T-shirt, mug makers or even a photographers can face that issue.
Awesome video, Adam you are the best!
Hey Adam.
Thanks for the video. What's your take on Itheme Security? Worth it?
any info on this please BPS Alert: Hidden Plugin Folders|Files (HPF) Alert -
How does that work with Privacy laws, specially GDPR, when you use Cloudways, a Pakistan Hosting company?
I thought they're based in Malta. In any case, isn't the website owner responsible for GDPR compliance rather than the web host?
@@yak28 Malta is just an empty shell address.
Really ultime security but didn't cover basic infor such as Such as wp-amdin extension change, free plug in to block brute force attack, hardening of files ect. Can do all this with free reputable plug ins.
Could the php version play a role on security? The php8 is more secure from php7?
Yes, php 8 is more secure because the last version has more bug and vulnerabilities issues fixed
Like any other software your server uses, you should maintain the latest stable release version of PHP because it contains all bug fixes which might address security issues.
Product again buy reminder email, like if user buy product after 45 days he get email again buy this product .. any plugin
Is there a way to set an update time for the auto-update? It would be good if that is during the night....
I'd advise against automatic updates as it can cause stability issues for your website better to check every week or so for a new updates manually that way if anything does go wrong you'll have a much easier time troubleshooting
Man, you are so professional.
Is GPL Themes and Plugins are pirated? If no, can I use these to my clients or personal sites?
I want to live with you, guys can you just imagine having this guy in the next room as you.
OMG, I would have some serious websites, much better than the ones I have currently.
Adam knows everything such a mentor...
Anytime I get stuck.. Ohh you whoooo! Oh Adammmm my Bosom Buddy
Sounds like u want him to make u bite a pillow
I've noticed on the WP plugin repository that most of the 1-star reviews for the iTheme Security plugin are all recent, (and the 5-star reviews are months old) with most saying the update has ruined a great plugin and asking them to roll back to a previous version. Have you evaluated your glowing review of the plugin for current WP versions? Do you still feel the same, or did they make a misstep and it's no longer a good choice?
Great assessment.. wonder if he'll answer this tho
Thank you for putting in the time and effort to create these tutorials.
PS: I'm curious -- has anyone here ever used one of the referral links and got rewarded with a premium course as promised? If you have, kindly reply.
My experience suggests that the offers might not work exactly as promised. So I would like to know if it's just me or if that's a general experience.
Good tips. Also choosing the right hosting is crucial.
A former dev of mine uploaded a file into wp content containing some files such as a .htaccess file. He did never mention anything. Is this something really bad? And how can he upload it? I didnt give him FTP, only admin for the website, meaning he could go into ghe backend
That's a tough question to answer. That file controls the web server rules for who can access the contents of that directory. Depending on what's in that directory the rules might or might not be appropriate. It's instructions for your web server on how that directory can be accessed by users, if at all.
Hello, great video. Pls what about this Itheme security plugin? Is it good
Very good work!
Thanks Adam
How about using GPL-licensed plugins or themes?
GPL license has no effect on the security of plugins and themes
only use what you need and install plugins from trusted sources will go a long way in securing your wordpress site
Your connection is being protected 😊
If hacked couldnt you have your host to reset everything reinstall Wordpress and roll the backuped paged back ? I know you have to know which exploit the hackers used to fix that after a reset.
hackers can infect backups with malware they can also include logic bombs so you won't know that they were infected with malware until it's too late
you must do a full analysis of your server and figure out how the hackers got in before you can do something like restoring from backups there is a reason why when companies get hacked it takes them a while to sort it out
Why didnt you talk about VirusDie?
Is host gator not recommend?
definitely not!
Well noted and thanks Adam
Can l ask for personal help please
Thank you!
Thanks for sharing this information .
What about itheme security??
It’s really good. But it doesn’t proactively protect you from threats.
Hi, i don't mean to be picky, because this is an important video. But can I ask you to do a yearly update for us? It makes sense to keep it recent. Thanks for the awesome videos :)
i have continue to enjoy your video, sitegroung host have you stop recommened it ? no mesion of it in this video
Dont understand how you can trust a Company that as you said they were a new Company that didnt do what they promised.
And you got hacked with their services installed
I think it’s about how they (the company) responded to their error. If they owned it, apologized for it, and talked about how they’d make sure it didnt happen again - and then follow through on it - then it’s worth giving them a second chance. Paul didn’t go into it, but I suspect they must have found a way to convince him to give them that second chance.
Yea I hear ya. I think they oversold what they were capable of in their early days and we were simply unprepared for a zero-day attack. They have since gotten their act together and are making good contributions to WordPress as a whole.
Allowing developers access to administrator accounts is a major security breach. Some developers claim they cannot solve bugs unless they have access. That is a lie. There are other ways to debug plugins. I do NOT allow them access. They have to fix their plugins some other way. Did not mention state-sponsored or commercial espionage which not includes spying but also sabotage. A good security scanning firm like Cleantalk will deal with many problems.
Does goDaddy purposely create issues and force customers to buy options to protect the sites or Sell anything?
Very helpful.
Thank you.
Nice one.
Hello Adam, Great video! Great content!!! I am just wondering when you place subscriptions and tiers on your website, how google crawl your new content if it's locked for everybody now that you are asking for people to subscribe and pay you for different tiers in order to have access to your content? And also, I follow some of your tutorials and when I place the payment method with Paypal, they charge a whopping 10% of the total amount charged. I think is too much. Do you have any solution to lower the amount we have to pay to these big companies? Thank you for all you do for us!!!!
Why don't you like cPanel brother?
7:32
Bye Bye Bluehost!!
💯
Hi sir, love your videos from India.
I am a Web Designer wants to share something good with you, could you plz share your email where I can contact you.
There's literally a section in the video description titled 'CONTACT WPCRAFTER'. If you're unable to find that on your own I doubt what you have to share will be of any use to Adam.