semi blurred computer screen with wordpress plugin code in editor
How Do I Choose Secure WordPress Plugins?

Trawling through the WordPress plugin library, you will see thousands and thousands of plugins.  The WordPress plugin database comes with no guarantees that each plugin is secure, efficient or that it is not already compromised or contains malware.

So how do you choose which ones you should use?

A number of plugin traits to look for are

  • How many times has the plugin been installed? If the plugin you looking for is not a niche plugin, then you should expect it have been installed in the thousands if not tens of thousands.

     

  • Do the plugin reviews average a high rating?

     

  • Was the last update recent? I would call recent the last six months. Plugins are vulnerable just like any other pieces of code – if the developers are updating the plugin constantly, the it is more likely to be more secure than not

     

  • Does the developer list terms of service or a privacy policy?

     

  • Check to see if the plugin is compatible with the latest version of WordPress

     

  • Browse through the plugin’s support forum to see if there are potentially any issue that you might face by installing it.

     

 

Related Reading:

How to minimise WordPress spam
What is hacking? and how to best avoid being hacked
What is Spam?

Shadow Hand typing on a blurred keyboard maliciously
What is Hacking and how to best avoid being hacked?

Hackers are basically crooks that want to steal information from you, or manipulate your website to their advantage. They crack or hack the credentials of your site to obtain access to the backend where they are not supposed to be. Once there, depending on their motivation – anything is possible.

· Insert unwanted links to other sites onto your webpage
· Use your system to spread a political message
· Use your site as a host for all types of malware and to spread infection
· Gain knowledge of other sites or email login credentials
· Simply annoy and be an expensive nuisance

The best things that you can do to help avoid being hacked is to have a strong password. There are many applications out there that can create good strong random passwords. Another thing that really is a must do, is keep your WordPress up to date. Log into the back end of your site and ensure that all the updates are done.

Another great tool is to install a WordPress firewall plugin. Look in the WordPress plugin directory or google ‘WordPress firewall plugins.

Also, remove unused or unwanted plugins. Allowing unwanted plugins enabled or disabled to sit in your WordPress installation increases the chance of the site being compromised.

Related Reading:
Do I need to buy a SSL Certificate
Which SSL certificate is right for me?
How to minimise spam – WordPress

.auda domain administration logo
Can I have ID Protection available for .AU domain names?

ID protection is not available in the .au domains namespace. auDA (.au Domain Administration) does not allow ID protection on the .au domains.

Unlike other gTLD domains (.com, .net), there is less information shown on a standard whois search for .au domains.  Only the Registrant/Entity data is shown including ABN, ACN, Trademark, etc along with the name of the person who is the Registrant and Technical Contacts appear.

No postal address or phone numbers are shown on any whois search.

The only time an email address is shown on a .au domain whois search is when the search is conducted when the whois site is protected by a captcha.  This ensures that ‘robots’ or ‘scripts’ are not trawling through whois site’s collecting data.

Other technical data is shown like nameserver entries and some other

You’re able to check out the details on your domain (or any for that matter) at http://whois.domaintools.com/ .  Check out their other suite of tools while your there.

Here is a sample whois for the domain aussietechheads.com.au:

Domain Name: AUSSIETECHHEADS.COM.AU
Registry Domain ID: D407400000001128840-AU
Registrar WHOIS Server: whois.auda.org.au
Registrar URL:
Last Modified: 2019-07-08T00:35:13Z
Registrar Name: Synergy Wholesale Pty Ltd
Registrar Abuse Contact Phone: +61.383999483
Reseller Name:
Status: serverRenewProhibited
https://afilias.com.au/get-au/whois-status-codes#serverRenewProhibited
Registrant Contact ID: DIT-1077761
Registrant Contact Name: Glenn Goodman
Tech Contact ID: DIT-1077762
Tech Contact Name: Glenn Goodman
Name Server: NS2.VPS1.ATHWEBHOSTING.COM.AU
Name Server IP: 139.162.58.184
Name Server: NS1.VPS1.ATHWEBHOSTING.COM.AU
Name Server IP: 139.162.58.184
DNSSEC: unsigned
Registrant: GOODMAN, GLENN
Registrant ID: ABN 86169818682
Eligibility Type: Sole Trader

Related Reading:

What is DNS ?
Frequently Asked Questions

Three monitors across looking across lake to city with binary numbers ina globe shape superimposed
What is DNS propagation and how long does it take to complete?

DNS propagation is the process of DNS settings (like nameservers) updating around the world.  Each user’s browser will pick up changes at different time intervals based on the ISP they are with.

Generally DNS is refreshed every 2-4 hours.  A lot of hosting companies will advise that DNS propagation can take up to 48 hours.  It can take as little as a couple minutes, but generally you will see the changes between two and four hours.

When editing DNS settings, you will see a TTL (Time To Live) entry.  The TTL is meant to advise how frequently the DNS should be checked for new records – please be aware that TTL is a guideline and isn’t always followed.

Related articles:
How long does it take to transfer a domain ?

What is DNS?

laptop connected to image of world
What is DNS?

Think of DNS (Domain Name System) as the phone book of the internet.  Humans read words, computers read numbers.  So when we type into our web browsers things like www.blueoceanwebhosting.com.au, we can read it but computers cannot.  To enable web browsers to load the correct page we are looking for, web browsers like Google Chrome or Microsoft Edge interact through Internet Protocol (IP) addresses.

The DNS translates the domain names we read into IP addresses that the computer/browser can read.

Each device connected to the internet has its own unique IP address which other computers/devices use to find it.  It is much easier to remember www.blueoceanwebhosting.com.au than 139.284.36.84 which the computer/browser can read.

The process of delivering a web page to your browser involves converting a hostname (example.com.au) into an IP address (262.258.36.365).

When you type in example.com.au, a request is sent to a DNS server to look up the domain you are trying to access.  The DNS server (which there are multiple around the world) translates example.com.au into and IP address.   The DNS server points your browser in the right direction as to where in the world that IP address is located – connection is made with the IP address, and the computer/device on the other end, starts serving the web page your after back to you.

This is DNS in its most simplest form – There are many more aspects to DNS eg the routing of mail.

DNS is very complicated business and incorrect DNS settings can be the reason for a lot of headaches.

Further suggested reading…..

What SSL Certificate is right for me?