Security | WPg

12 Best WordPress PDF Viewer Plugins

WordPress PDF viewer plugins come in every shape and price point, but choosing the one that works for your unique use case is a decision worth careful consideration.

PDFs are still one of the easiest methods for disseminating information in a convenient package that can be viewed, downloaded, and opened without a fuss on every platform: they’re integral to many WordPress websites, intranets, and workflows.

So when it comes to embedding PDFs in your WordPress blog, what method do you use? If you’d like to start passing out eBooks, short stories, contract templates, product manuals, design documents, registration forms, performance review templates, or any of a thousand other PDF options, consider these 12 WordPress PDF viewer plugins.

These plugins range from drag-and-drop solutions to feature-dense platforms, with prices all across the board.

(more…)

7 Sysadmin Certifications to Give You a Leg Up

By WP Glogin Leave a comment

Getting hired as a sysadmin is trickier than it’s ever been, but the right sysadmin certifications will keep you agile in a shifting marketplace.

With cloud and hybrid services disrupting the traditional model (in-house servers maintained by an in-house sysadmin), it’s vital that current and future sysadmins never stop learning. And while most sysadmin jobs don’t require more than a bachelor’s degree, it’s going to be your certs and your skills that put you in demand.

We’re going to guide you through the certifications for Windows, Linux, and cloud services that can bolster your resume, expand your skillset, and ensure that you’re positioned to look as attractive as possible in any job interview.

(more…)

8 Features Your Internal Company Wiki Needs

By Katherine

An internal company wiki isn’t just a convenience — it qualifies and quantifies information that could easily become “institutionalized knowledge.” Your internal company wiki must embrace the philosophy that no note is too trivial.

Your internal wiki is vital, and it must be concise, easily accessible, and frequently updated. Wikis are one of the best remote tools your company can use to increase communication and productivity.

The following eight features can transform your internal company wiki from “forgotten project” into “everyday resource” and not only shorten employee training time but also help prevent employees from getting stuck during their work.

(more…)

Intranet vs. Extranet: What’s the Difference?

By Katherine

Maybe you’ve just heard the terms “intranet” and “extranet” and want to know more, or you’re an IT tech who’s asked about extranets and intranets on a daily basis and would like a learning resource to point inquisitive people to.

In either case, we’re here to help explain the difference between intranet and extranet, explain what they’re used for, and even offer some strategies for safely setting up and maintaining your own external networks.

(more…)

Add a Google Login Button to Your WordPress Site

By Dan

Why should you add a Google Login button to your WordPress site? It’s simple.

It’s more efficient. Instead of trying to remember yet another password, Google’s one-click login allows access without having to reset accounts. (It takes far less admin work as well.)
It’s more secure. Particularly, if you opt for Google’s multi-factor authentication (MFA) solution, even if a hacker does get through the first wall — he or she will also have to track down a second piece of data, such as the user’s fingerprint or voice, to break in.
It improves the onboarding of new users. In the past, it took a while for a new WordPress account to be set up, leading to a greater potential for churn. With Google login, user profiles are automatically populated, leading to immediate engagement.

Read on to learn how to improve your site with Google login.

(more…)

15 of the Most Powerful WordPress Security Plugins for 2019

By Katherine

WordPress is the most popular CMS in the world. More than 409 million viewers browse over 20 billion pages every month. On the back end, there are over 55,000 plugins available to extend and customize the platform to fit your team’s needs.

WordPress is an incredibly powerful and versatile tool for publishers; however, because it’s so ubiquitous, it’s also ripe for hackers.

How do you ensure that your WordPress website is secure? Here, we’ve listed 15 of our favorite WordPress security plugins to install to shield your site from cybercriminals.
(more…)

5 Enormous Benefits of Using WordPress to Power Your Organization

By Katherine

You might already know that WordPress powers more than 30% of the web. It’s by far the most popular online publishing platform, and it hosts 70 million new posts per month.

But why is it so ubiquitous? And what makes it so powerful and instinctive for users? Here, we break down five of the key benefits of WordPress for current and potential users.
(more…)

Friendly usernames for auto-created WordPress users

By Dan

We originally published this piece in 2015. We’ve updated it with additional WordPress security advice in 2019.

Our Google Apps Login Premium and Enterprise plugins allow all users with an email address in an organization’s Google Apps domain to log in to the WordPress site with one click. If the user doesn’t have an account in WordPress already, one is automatically created based on their Google profile information — taking their first name and last name, for example. The plugin needs to generate a unique WordPress username, so the simplest thing is for the plugin to use the email address as the username directly. This ensures it is unique — but an email address can be long and cumbersome as a username when used throughout the site.
(more…)

Avoid These 5 Common WordPress Attacks in 2019

By Katherine

Open source WordPress powers more than 30% of the World Wide Web. Users publish over 41 million new posts on 15.5 billion pages for 409 million viewers every month.

This enormous surface area makes it a prime target for hackers. In 2018, 90% of all breached CMS sites came from WordPress according to a recent report by Sucuri.

[Source]

In this post, we break down five of the most common WordPress attacks — and offer solutions to mitigate risk. (more…)

Protect Your Google Apps Login From Phishing Attacks

By Dan

Following a series of Google Apps login phishing attacks (specifically on Google Docs) in 2017, Google made several improvements. At the time, while we welcomed Google taking steps to address the phishing problems, it caused issues for WordPress plugins.

Specifically, the updates made it challenging in cases where customer installation required individuals to create a Google Cloud project with their own OAuth 2.0 Client IDs.

To make things easier and safer for legitimate users who need to create Google applications, we recommended that Google:

Allow users to authenticate against an OAuth ID they created using the same account as the one being used to access the app.
Allow admins to whitelist specific ID/Secrets on their domain and also allow any regular Gmail account to whitelist for their own use.
Provide a simpler verification form, including clear and consistent wording (is a ‘project ID’ the alphanumeric string, or the integer?), plus no long text fields (‘the app needs calendar scopes in order to access the user’s calendar…’). There is no point checking the privacy policy for the app since it can be changed easily in the future and will presumably not be respected by phishers!
Provide a clearer error message where unverified apps encounter ‘Invalid Scope.’
Deliver documentation explaining the new verification processes they have rolled out.
Offer a more robust and selective solution than joining the ‘Risky’ Group (Google already confirmed to us they are aware this cannot be a permanent solution).

Since then, we have even more suggestions for WordPress users using Google Apps login to deter attackers.

(more…)