WordPress is the most popular CMS in the world. In fact, it powers more than 32% of the entire web. But that doesn’t mean it comes fully optimized for you or your team. WordPress plugins exist so that you can tailor your workstream to the platform.
From integrating with Google Apps to efficiently scheduling your posts, WordPress plugins allow you to take your projects to the next level.
Below we’ve highlighted nine of our favorite plugins to boost your productivity — even on this already powerful site. (more…)
Thought you knew WordPress? Think again.
Even savvy WordPress users, who work with cutting-edge WordPress plugins, often don’t understand the full power of the platform.
Check out these facts and stats below to get a full picture of the technology you’re working with — and discover ways to improve and optimize your site. (more…)
Open source WordPress powers more than 30% of the World Wide Web. Users publish over 41 million new posts on 15.5 billion pages for 409 million viewers every month.
This enormous surface area makes it a prime target for hackers. In 2018, 90% of all breached CMS sites came from WordPress according to a recent report by Sucuri.
In this post, we break down five of the most common WordPress attacks — and offer solutions to mitigate risk. (more…)
Following a series of Google Apps login phishing attacks (specifically on Google Docs) in 2017, Google made several improvements. At the time, while we welcomed Google taking steps to address the phishing problems, it caused issues for WordPress plugins.
Specifically, the updates made it challenging in cases where customer installation required individuals to create a Google Cloud project with their own OAuth 2.0 Client IDs.
To make things easier and safer for legitimate users who need to create Google applications, we recommended that Google:
- Allow users to authenticate against an OAuth ID they created using the same account as the one being used to access the app.
- Allow admins to whitelist specific ID/Secrets on their domain and also allow any regular Gmail account to whitelist for their own use.
- Provide a clearer error message where unverified apps encounter ‘Invalid Scope.’
- Deliver documentation explaining the new verification processes they have rolled out.
- Offer a more robust and selective solution than joining the ‘Risky’ Group (Google already confirmed to us they are aware this cannot be a permanent solution).
Since then, we have even more suggestions for WordPress users using Google Apps login to deter attackers.
Why should you add a Google Login button to your WordPress site? It’s simple.
- It’s more efficient. Instead of trying to remember yet another password, Google’s one-click login allows access without having to reset accounts. (It takes far less admin work as well.)
- It’s more secure. Particularly, if you opt for Google’s multi-factor authentication (MFA) solution, even if a hacker does get through the first wall — he or she will also have to track down a second piece of data, such as the user’s fingerprint or voice, to break in.
- It improves the onboarding of new users. In the past, it took a while for a new WordPress account to be set up, leading to a greater potential for churn. With Google login, user profiles are automatically populated, leading to immediate engagement.
Read on to learn how to improve your site with Google login.
[Image via Pexels
A popular feature of Google Apps Login Enterprise version has always been the ability to specify role mapping rules – so that members of different Google Groups can have different WordPress roles assigned to them.
The only problem was that some companies didn’t have relevant Google Groups already set up (e.g., for firstname.lastname@example.org to contain their Marketing team) but instead had their G Suite domain arranged around different Organizational Units to control access to various G Suite features.
Google recently rolled out ‘Team Drives’ to their G Suite business customers. One big problem for enterprises using Drive is that there is always one ultimate owner of any files shared within Drive. So popular files can be shared by employees, but if the owner happens to leave the company, or decides to reorganize their own ‘My Drive’, the files can be lost to everyone else.
Team Drives aim to overcome this by providing storage space completely outside of anyone’s ‘My Drive’, truly belonging to the organization rather than any individual.
Google has announced a new name for the Google Apps product – it’s now known as G Suite!
The change was made on 29 September 2016, and you can find out more from Google here.
There appear to be no major changes to the product. Google Apps has simply been renamed – in no way to make things confusing for users!
During the transition, we will use “Google Apps” and “G Suite” interchangeably on this web site and throughout our products. Over time, as everyone adjusts to “G Suite”, we will phase out use of “Google Apps”.
Green Dot Public Schools is a non-profit organization founded in 2000 to help transform public education in historically underserved communities in the USA.
The U.S. Department of Education considers Green Dot to be a national leader in school turnarounds, and they are the only charter school operator to lead the successful turnaround of a 3,000-plus student high school.
They have been using our Google Apps plugins for WordPress for a few months now, and reported to be very happy with them! We caught up with Rena Banka, IT Project Manager at Green Dot, for a short interview to find out how they are using our plugins to integrate Google Apps and WordPress.
[Image via Pexels]
Let’s say you want better security for your WordPress site. Maybe you want your employees to always access their WordPress account by authenticating through Google (which you see as easier than requiring all users to maintain separate usernames/passwords for WordPress as well as Gmail).
You’ve also read about brute force attacks on WordPress, so hope that a Google login will guard against those. You might also have installed a plugin such as Limit Login Attempts to prevent multiple login attempts from the same IP address — likely a sign of a brute force attack (although increasingly such attacks are performed from distributed IPs).