WordPress Security

Posted by Trase on September 19, 2011

There is a new piece of malware affecting WordPress users that is apparently widespread, known as Troj/PHPShll-B. This malicious bit of software likes to embed itself into a WordPress installation and then infect subsequent visitors to the WordPress based website. There is a catch, however – it only affects visitors using Internet Explorer. Or, as we have called it for several years now, Internet Exploder! We’ve advocated the use of alternative browsers, such as Google Chrome, Firefox, and Safari, to our clients, friends, and family for many years now, and this is a prime example of why it is in your best interests to avoid IE. Aside from the security concerns, Internet Explorer does not adhere to web standards, as defined by, oh, you know, the rest of the world, so you can’t be sure that a website developed within an IE environment is going to look great anywhere else. It’s also why folks like us end up pulling our hair out at times to get code that is compliant with web standards to work properly in IE.

So, how can you protect yourself against this malicious code?

  • Don’t use Internet Explorer. Tell everyone you know to cut it out, too. Get Google Chrome, Firefox, or Safari. And to answer your question, yes, those can be targeted, too, but they simply aren’t as frequently attacked as IE.
  • Use a quality anti-virus/anti-malware product, keep it updated, and run it often. We like Avast** for home use, and Sophos for business use. If you think your computer is infected, and multiple scans within your operating system are not finding anything, allow the anti-virus product to do what is known as  ”boot-time scan” – meaning, it will scan your system before the operating system starts up – when the screen still looks like the old DOS system you may remember from the 1990′s. Let it remove anything it finds.
  • If you have a website running WordPress, make sure you are at the latest stable version (3.2.1 as of the time of this writing). Make sure that your login password is complex. (At least 8 characters in length, no dictionary words, a mixture of uppercase and lowercase letters and numbers or better yet, symbols.) Check your site code to make sure nothing malicious has embedded itself. You do not want visitors to your site either being infected, or alerted by their anti-virus that an injection of infected code was attempted by your website. You want to talk about a sudden decline in visitors? That’ll do it for you! If you don’t know how to insure your site’s security, you may need to hire someone qualified to do a health check and correct any problems.
  • Keep aware of the threats out there. A great way to do this is by checking the Sophos Naked Security website, becoming a fan of their Facebook page, or following their Twitter account(s).

A check of all of our current client’s websites was made today, and all of those are running the latest stable version of WordPress.  We are hoping that an update to WordPress which addresses this code injection problem is released soon, and we’ll be sure to update all client websites with that code when a stable release is made to insure their security.

If you have any questions or concerns, please don’t hesitate to drop us a line.

**9/20/2011: After hearing some feedback from one of our clients about the latest version of Avast, we can no longer recommend it. However, we can suggest AVG as an alternative.

Category Categories: Website Services  |  Tag Tags: , , ,  |  Comments No comments

Our Latest Offerings

Posted by Trase on September 6, 2011

Thanks for stopping by the site! We’ve been busy the last few months with our family farm (including its website) and building several client sites, which you can check out here.

Have you been considering having us build a website for you, but have been on the fence, perhaps price-shopping around? Well, I’d like to take this chance to explain to you why we are a great option! Instead of providing a complicated old-school website, with a bunch of confusing code that is difficult or impossible to update when you’d like to add more content, we build your site within a content management system. This means that everything is managed from within an online control center that you will be able to access, and very easily do things like add text, photos, and videos.  The interface is very similar to a word processing program, like Microsoft Word or OpenOffice Write, so you are able to use your knowledge of those types of products and update your website with ease. In fact, you can see the interface “in action” in the graphic below. Just click to enlarge, and you’ll see this very post being written within it!

We are also offering some additional services to our menu. With over thirty years combined experience, we can offer you service on your personal computer – whether it’s removing an infestation of malicious software, installing and configuring new hardware, or just about anything else. We have experience and know-how that extends far beyond what you will find in a big-box retailer.

Does your business need to implement a new email system? Are you looking to virtualize some of your servers? Experiencing unexplained slowness on your network? Our experienced, industry certified infrastructure specialists can help!

If you’d like to get in touch about any of the services we offer, please email us or call during business hours:  810.354.5613

We look forward to hearing from you!

Category Categories: Business Infrastructure Services, Computer Repair & Service, Website Services  |  Comments No comments

Site Update

Posted by Trase on March 29, 2011

Welcome to the newly redesigned site for Trasentino Consulting! We’ve been so busy with our farm and its website, Serenity Acres Now, as well as other client websites, that our own site here has been on the back burner for some time. But it was overdue for an overhaul, and so here it is!

If you’ve enjoyed reading about our adventures on our farm blog, and would like a site of your own, we offer Website Services, including site builds, graphics work, content composition, and assistance with domain registration. We are a small business specialist, are especially qualified to help family farms, orchards, farmer’s markets, and other small agriculturally based businesses, due to our own farming knowledge.

We’ve also added Computer Repair Services to our offerings – if you are in Wayne, Oakland, Livingston, and Genessee counties, please contact us to see if we can service your area. With thirty years of combined experience in the information technology field, we can service and repair your computer, get the bugs out, and help you to avoid future issues. We translate the “geekspeak” so that you can better understand your computer.

In addition to computer repair services, we are also offering Business Infrastructure Services to the same areas. If you have a small business network and need to implement or troubleshoot services like virtual servers, messaging systems, etc., our MSCE, CCNA, VMWare Certified Professional Infrastructure Engineer can help.

So please, have a look around, and if you have any questions, please don’t hesitate to get in touch. We look forward to hearing from you!

Category Categories: Uncategorized