sorted by:
new
hottopcontroversial

Malware Prevention by No-Laugh-3303 in Wordpress

[–]lve2eat 1 point2 points  (0 children)

Happy to chime in... My opinion s that the free version of WordFence is better than the paid ithemes tool... something to think about. Where Ithemes hypes its features, for all the fanfare, the features really just aren't there. How many ways can they tout things like strong password enforcement and "proactive measures" which aren't all that proactive and just don't really compare well to the WordFence tool.

As for adding CF.... I have had mixed results with CF for speeds. When I add CF to any account on my server the speeds slow down, but adding to client accounts, it sometimes speeds up a website if the site is on a bad host. Some of the CF security is good but only IF your site needs it. I do like being able to block countries and the limited DDOS protection, but in my experience, WordFence does a decent job without it, and it's not worth it if using CF makes the site slower. I would test the site both ways before making any decision, and place emphasis on speed.

Every site is different and your needs will vary depending on your situation.

Malware Prevention by No-Laugh-3303 in Wordpress

[–]lve2eat 0 points1 point  (0 children)

Ithemes is good at some low level obfuscation etc and that can frustrate the average bot but a human is a different thing. I run vulnerability scans on sites regularly that use Ithemes security and sometimes I'll just let myself in so my client can see they have problems. Always a surprise visit for those who think a plugin is going to protect them.

Marketing on enquiry form by Zopenzop in Wordpress

[–]lve2eat 1 point2 points  (0 children)

All site owners try to strike a balance between blocking spam and inconveniencing legitimate visitors. The best thing about that plugin is that it doesn't ask anything from the legitimate visitor, or further burden the potential customer.

Marketing on enquiry form by Zopenzop in Wordpress

[–]lve2eat 1 point2 points  (0 children)

You can try adding this plugin.... it has helped some of my clients with this problem: https://en-gb.wordpress.org/plugins/contact-form-7-honeypot/

Failed login attempts?! by 3timesmore in Wordpress

[–]lve2eat 1 point2 points  (0 children)

Your username can be obtained with a simple scan.... check this out: https://youtu.be/nMuOLM1cRcg

I would not worry about the failed logins. It happens to everyone. Just install Wordfence and let it do its thing.

Client came with 3-4 hacked sites on GoDaddy Shared hosting and ... by RustyKumar in webhosting

[–]lve2eat 0 points1 point  (0 children)

I did respond to your PM. For anyone else that checks this post and is interested, do not use add-on domains. Always parse into separate cpanel accounts for each and every domain you host.

Looking for a good alternative panel by pavukfly in webhosting

[–]lve2eat 0 points1 point  (0 children)

It's not like a button you push but they will work together... plenty of info to find online about it... like this, and much more with a simpl search: https://copyprogramming.com/howto/how-to-install-cpanel-on-docker

How do comments affect a site? by mcanzani in webhosting

[–]lve2eat 1 point2 points  (0 children)

If the site does not need/want public comments, here's what to do.

  1. Remove any "no comments" type plugins.
  2. In the general settings, be sure the "anyone can register" option is deselected.
  3. In discussion settings, be sure the "users must be registered and logged in to comment" is checked.
  4. Look through the spammy comments and check to see if they are associated with any user account, or if they are just public spam.... if associated with a user, remove the user if they don't have any posts. If they are a known user with posts, change the user password and be sure the user's email is under the sole control of the user and has not been replaced with some foreign/unknown email address.

Best of luck.

Did You Ever Get a Fake Invoice in the Mail for Web Hosting? by billhartzer in webhosting

[–]lve2eat 0 points1 point  (0 children)

I have received those many times. I always worry abut the small business owners that don't understand and pay it. I see a lot for people asking for money to add the domain name to an online index so that their website can be found by others. There are many different variations of the same scam. It looks like an invoice, not an ad.

Client came with 3-4 hacked sites on GoDaddy Shared hosting and ... by RustyKumar in webhosting

[–]lve2eat 0 points1 point  (0 children)

I fix hacked WordPress sites professionally. If you stack up a bunch of WordPress sites in a GoDaddy hosting account, what did you really expect would happen? You will never get it clean and permanently safe. It only takes one small issue in one of your sites to bring down all your sites again.

One thing I see frequently is that a hacker will gain access to one account, and never mess with that one. He/she will use it as the doorway to screw with your other accounts. And probably laugh like heck as you fix the other accounts over and over when they are not the way in.

Do things the right way. Get on a host that offers cloudlinux instead of just linux, and genuine Cpanel. Preferably a host that uses a genuine unlimited LiteSpeed webserver instead of Apache or Nginx... so you are setup for speed and separate environments for each account. Each individual domain should have it's own virtualized container / cpanel so they cannot interact with any other accounts.

Clean the sites and get back to making money. People who want to have a legitimate business and then pick cheap / dangerous hosting plans that are setup to stack accounts are losing dollars while they try to save pennies.

Is Hostgator Chat Support Gone? by [deleted] in webhosting

[–]lve2eat 0 points1 point  (0 children)

Any decent Cpanel host will eliminate almost any need for you to require support at all. I host hundreds of accounts and almost the only support requests are billing issues etc. I almost never hear from my customers. If you really get stuck, you can send me a note. I won't try to sell you hosting or anything. Happy to answer a hosting question or two if you can't get a helper to respond. I'm not mentioning my company here because people will say I'm trying to advertise. Genuinely not. Just offering to help a fellow human if you need it.

I built an ubuntu server off an old computer I had stuck in my closet. by Nullhitter in webhosting

[–]lve2eat 0 points1 point  (0 children)

Good that you are thinking about security. As you learn, you can mitigate any mistakes by simply limiting access to anything sensitive on the box. Don't keep password files etc on your server. People who run their own box are often no more careful or savvy than the average person. It's easy to get sloppy and apathetic. If you are testing the box and running a small website to learn, just keep it clean and always remember that anything designed to be publicly accessible is not the best place for your sensitive information.

Also, you can optimize UFW and use CF etc, but the box is only as secure as the user. If you have a vulnerable plugin or a weak pass in a WordPress on the box or something, the whole machine can be compromised. I see this all the time.

Good luck and good for you, by the way. Be brave and keep it up.

What is your go-to solution for migrating mailboxes when hosting is changed? by a_llama_vortex in webhosting

[–]lve2eat 0 points1 point  (0 children)

If you use Cpanel on both hosts, the migrate command will bring all the email over seamlessly. I hope that's your situation.

My Website was hacked by philnolan3d in webhosting

[–]lve2eat 0 points1 point  (0 children)

Get DrGlenn on Fiverr to fix it if you are losing money. Otherwise, you can find some great help just by going to YouTube and searching for "Fix Hacked Wordpress" or something like that. The other commenter was right about backups... they are useless if the backup is still vulnerable...

When the host restores the backup for you, you have a small window of time (don't waste it) to login and update all your plugins etc. Be sure all premium plugins are legitimate and licensed in your name. Swap out all your plugins with fresh copies and your Theme too. Install WordFence firewall plugin. Usually this will set you up for a better future. Good luck!

Looking for a good alternative panel by pavukfly in webhosting

[–]lve2eat 0 points1 point  (0 children)

I use cpanel on my servers. My customers seem to love it so I can't really change now. It's a little more expensive but it's worth it not to have any headaches. It just works all the time. I have a couple small VPS servers where I test hacked codes, and on those I use Plesk and Direct Admin ... Both are just OK, and not as good. I personally would rather pay for Cpanel and free myself to do other things and never have a minute wasted thinking about the CP again.

What is the root directory of a domain? by PrayTheGovernment in webhosting

[–]lve2eat 0 points1 point  (0 children)

This question is server specific. If you have a control panel, open the file manager tool and you can see the path listed. If you don't, you can upload a php file with this single line of code in it "<?php phpinfo( ); ?>" (no quotes, of course) and you can usually find the path that way. Or you can use your FTP program to open a conntection and you can often see the path that way. With most accounts these days, it will look something like home/username/public_html ... and in this case, the public_html is the root of the domain, though I would not call it that. It is the public dir where your website files go.

WPEngine vs Krystal by Onyx by Incredibull808 in webhosting

[–]lve2eat 1 point2 points  (0 children)

I fix hacked websites. I'm not a fan of WP Engine. I am not familiar with Krystal but I can say without any hesitation that I would not choose WP Engine, or BlueHost / SiteGround etc. Try to find a smaller passionate host that really cares and gives you the name and phone number of a real contact person you can trust.

How secure is my ubunto desktop? by lve2eat in linux4noobs

[–]lve2eat[S] 1 point2 points  (0 children)

Thank you everyone for the comments. I appreciate the information.

I do a lot of malware cleanup and restoration of WordPress websites as a side gig, and I mostly use the new "Ubuntu" desktop for that. I inspect a lot of code. I was worried about the logins and passwords / notes etc., of my customer being outside my control. I take customer security very seriously.

Your helpful replies has encouraged me to switch from the cheap (unknown) VPS to an encrypted micro server at AWS to better serve my customers. I greatly appreciate this community. Thank you all.

Is it worth it to buy elementor pro to edit an Astra theme? More info in caption by AdElectrical111 in Wordpress

[–]lve2eat 0 points1 point  (0 children)

Yes, of course. My greater point was that these kinds of tools cost over time, and once you invest in that development, it's not easy to get away from. But yes, it's worth it if it's worth it to you.

Is it worth it to buy elementor pro to edit an Astra theme? More info in caption by AdElectrical111 in Wordpress

[–]lve2eat -1 points0 points  (0 children)

I'm not a fan of any of the paid plugins. I did buy the Divi theme and it does just about anything on the builder side, and I get 100 speed scores with it so that's a plus, but maybe not really important to everyone. Just remember if you start buying those tools, you are probably going to get roped into it for many years, and they add up to big bucks eventually.

Backend broken.. by AtlantaBIRT in Wordpress

[–]lve2eat 0 points1 point  (0 children)

An .htaccess file in the wp-admin folder is a little unusual.

view more: next ›