CleanTalk's blog

    Sign up

    Category: CleanTalk

    • Spam attack on the CleanTalk Service

      Good day!

      We must inform you that some days ago we have been attacked by spam on our service. Spammers used species emails xx**@*******lk.org to send spam comments/registrations / subscriptions. At the moment, the attack affected about 4,000 websites. This is not the first such attack on our service, just a couple of weeks ago we faced with a DDoS attack, which we are pretty well blocked.

      PS

      A little add the message to avoid misunderstandings.

      It was not a spam via SMTP and the substitution of the sender’s address. This spam is caused by the fact that spammers use your public email for subscriptions to news and stuff on other websites.

      The problem is actually much wider, we are a small company and we have not caused any difficulties. But for large companies, which business is tied to e-mail, receiving orders for example?

      Let’s say John Doe took for the example online shop, took them the email address for type orders or***@*****le.com and signed up with this address on 10,000 newsletters at different sites. Every day, this address will be sent news and other mailings, the work of the sales department in this store can be significantly slowed down and cause losses for business, including reputation ones.

      There are several problems here:

      1. Websites are poorly protected from spam.
      2. The company may have problems because it starts receiving a lot of messages.
      3. Reputation losses. Site owners see spam from you, the visitors of websites can see spam from you.

      What do you think, how we can avoid it?

    • Auto-Update for CleanTalk Anti-Spam Plugin

      Updating plugins and themes on the site can be a problem for website owners. This is especially true for webmasters who support several websites, you have to go to every website and make an update, and it takes your time. We have released an update that will perform this routine task and will update CleanTalk Anti-Spam on all sites at once.

      CleanTalk Dashboard allows you to select several websites and update the plugin at once on all sites one click or you can setup auto-update for all websites or separate websites.
      Note: there is 24 hours delay before auto-update will do. This delay allows needing to avoid any issues. All updates that made through CleanTalk Dashboard manually will do immediately.

      How does it work?

      • Manual update on all or selected websites at once.
      • Auto-update on all or selected websites at once.

      Please, go to your CleanTalk Dashboard.

      • Choose a website that needs to update the plugin.
      • Click on the link Update app.
      • Next step, in pop-up you can choose:
        do a manual update and the plugin will be updated immediately. You can do this action for all websites
        or
        set auto-update, in the next time plugin will be updated automatically.

      In the end, enjoy you saved your time.

      Auto-updating system will work from CleanTalk Anti-Spam version 5.88

    • Changing SSL Policy Requirements

      Changing SSL Policy Requirements

      Hello,

      We want to inform you about changes in our SSL service providing.

      The Comodo Certificate Authority will make a change in Certification Authorities’ policy requirements, reducing the maximum lifetime for all TLS/SSL certificates to 825 days, which is just over 27 months. This is a reduction from the existing maximum term of 39 months, meaning the maximum validity for an SSL certificate is now two years, and not three.

      As a result, Comodo CA will adopt these new lifetime requirements effective March 1, 2018 and three-year certificates will be removed as options from all prices.

      So, you don’t have a much time left to buy SSL for 3 years and forget about re-insurance your SSL every year.

      Look at our SSL offer.

      Thank you!

    • CleanTalk Released a MOD for the Protection of XenForo 2 Against Spam and Spam Bots

      CleanTalk completed the development MOD for the XenForo2, to protect your online store against spam and spambots.

      The anti-spam MOD is compatible with XenForo versions v2.x. and approved on the XenForo official catalog.

      This extension allows users to quickly and easily connect to CleanTalk anti-spam service. Its service provides 100% protection from spam bots and provides a simple and convenient commentary/sign-up form for visitors.

      This MOD allows protection from automatically distributed spam, as well as from spam bots registrations. The protection method offered by CleanTalk allows users to switch from the methods that trouble the communication (CAPTCHA, question-answer etc.) to a more convenient one.

      CleanTalk saves time and resources spent on moderation and verification of questionable users or comments. Unnoticeable Protection from spam and registration forms, which does not require the visitor to prove who they are, increases the conversion in registration and is not annoying.

      CleanTalk is a cloud service, security module, installed on a website, which sends the behavior parameters of the visitor or spambot. These parameters are estimated, and the service makes a decision – to post a message or to define it as spam and reject.

      On the basis of such checks, the service forms its own list of email addresses used by spambots. Likewise, the registration of visitors is checked. The service adds not only email addresses to the blacklist but also IP addresses and domains of the websites that are promoted through spam mailout. The CleanTalk company developed unique algorithms to assess the behavior of the visitor, and with 100% accuracy, we keep spam messages at bay. All of this happens automatically and requires no action from the administration of the website.

      You can now download CleanTalk Anti-Spam from XenForo official catalog.

      The Company provides automatic spam protection services for popular CMS: WordPress, Joomla, phpBB, Drupal, DataLife Engine, IP Board, vBulletin, MediaWiki, SimpleMachinesForum and API for PHP, Perl, Python, NET.

    • 18 ways to improve Speed of your WordPress Website

      18 ways to improve Speed of your WordPress Website

      If your e-commerce website makes the customer wait for more than 3 seconds, don’t expect any sale; says a study. Things are very similar for the business and blogging websites, where website speed significantly affects conversion rate. If your site does not have a quicker approach to load and performs against the other available sites then it will automatically not deliver results you want. Therefore, you must always look for the ways by which you can improve your website’s speed.

      18 best tips to optimize WordPress website’s speed are mentioned here:

      1. Taking Pingdom Test

      One of the effective ways that you can try is doing the Pingdom Website Speed Test for your website. This test will help you in knowing the speed of your website along with finding the reasons that are responsible for the slow speed. This is the ultimate speed test that you can take for your WordPress site.

      All you have to do is to enter the URL of your site and then selecting the location before clicking on the ‘start test’ option.

      With this test, you can get the complete insights of your website with all the facility to access all the amazing features that it offers to your website.

      This performance metrics, in turn, will improve the speed of your website.

      From content to site structure, Pingdom will analysis everything from you.

      2. Select a good host

      One of the major reasons for the slow speed of the sites is due to the insufficient and incapable host provider. Thus to better up the speed of the WordPress website, it is important to hunt for the best host. Considering the shared hosting option may seem good in the beginning but with time it will eventually cost you way too much. The shared host will make the speed of your website really slow or may keep the site down most of the time. It, therefore, becomes a must to have a high-speed host for your WordPress. You may ask the other bloggers which host are they using or you can search the market with the good reputed names by yourself to get the best host that can make things easy, simple yet effectively fast for your WordPress website.

      3. Minimizing the widgets

      Having some amount of ads, widgets and badges are oaky for any blog. No doubt they add a little personality to the blog. Some of the users find the extra ads, widgets, etc. on the blog useful as they can get some beneficial information for them. But most of the users get really annoyed if there are too much of widgets, badges, and ads on your WordPress website.

      The users when encounters too many ads feel that they are being used for no reason. Also, your users are not interested in knowing from where the other visitors are coming on your site. Therefore you must try and keep these ads and widgets on a very minimal note.

      4. Choose a relevant theme

      Having the right framework, theme or template for the website – This may not get your attention in the beginning but sooner you will realize that the template you choose for your website is one of the contributing factors that affect the loading and response time of the website. Don’t go for too much of everything; rather be specific and limited in reaching to your customers with your vision.

      If you have chosen the template or theme that has a lot of extra factors that are of no use those factors will take a significant amount of time to load and hence will reduce the performing time of your site by reducing its speed. Thus don’t go for glitters but choose the real gold for your website.

      5. Image optimization

      All the marketers that work hard for attracting the customers know how important the role of an image is in attracting and retaining the customers. An image with clear and smooth pixels will speak and convey your message way louder than using many words. Thus you must be very specific in choosing the images that you will be uploading on your websites.

      Choosing only the relevant images will also help in reducing the loading time of those images. Unnecessary uploading any type of images on your site will enhance the overall loading time of the site by combining the loading time of all those images. Therefore you must use a minimum number of images that can be uploaded within a specified time limit.

      6. Remove excess buttons for sharing

      It is quite obvious that we all want our website to reach to as many people as possible and to achieve this we are always ready to experiment with a number of options, ways, and methods. In order to improve the visibility of our site, we often tend to do too much on the site. One such thing is using too many share buttons on the website hoping to reach a huge amount of people.

      Using too many sharing options on the website destroy the speed of the site like anything. With too many linking to the various other platforms, you cut down the loading and performing time of the website. Rather you can try and use only the sharing buttons of those sites from where you expect a huge amount of traffic and leads. After doing this, you can remove all the other buttons and can focus on optimizing the use of the available buttons on your website.

      7. Content management

      Website is not a place where you can put each and everything about your business or work. It is a place that gives an idea to your audience about the type of work that you are doing along with the manner in which you target it. Therefore, the role of content management comes into the picture. Knowing and managing the content that you are uploading on your website will help the audience to understand your business and working more effectively and easily.

      Content management will also reduce the efforts and time that you would have to invest for managing, balancing and correcting the data on your website. Along with this basic benefit, you also get the benefit of reduced uploading time of the content which directly affects the loading and response time of your website. Hence, you must only put the relevant data on your website to avoid the unnecessary delays in uploads.

      8. Reduced number of comments

      Your audience will be very much interested in knowing the information that you are putting on your WordPress site in the form of the article. Having some comments on your post is okay and acceptable but allowing any type of comment to be visible in your posts is not acceptable.

      Rather you must reduce the number of comments that appear on your post and manage it to only a relevant number with relevance to the post. This will cut short the time the post will take to upload and also will help the readers to get the genuine idea about the content of the post’s information.

      9. Compressed format

      Remember how easy it is to use the compressed form of data for uploading, transferring, etc. The same ease can be felt when you are dealing with your website. Compress the entire data that you are sending, uploading or transferring from the website. This will reduce the overall time that you require and thereby increasing the loading and response time of your website by making it perform better and effectively.

      10. Enable content delivery network

      It is a not so common fact but the speed of your website depends upon the two major locations. First is the location where you are locating and the second is from where the website is hosted.  If there is not a balance between these two then there will be certain delays in the performance of the website’s loading time.

      A content delivery network helps in managing all the data of your website and putting the files on the static servers which are located very near to the client side. Whenever the client request for any of the service from your site, these servers will help the files reach to the clients as fast as possible. It is just like reaching your destination via the shortest route.

      11. Homepage optimization

      The very first thing that the visitors will notice about your WordPress site is your homepage. The visitors will get the very first impression of your website from the homepage of your website. Thus you must always take necessary steps when optimizing the homepage for the website. Optimizing the homepage and making it relevant to your work will help it get loaded easily and quickly and thereby increasing its speed.

      One of the ways by which you can optimize your website is by removing the irrelevant and unnecessary data from your site. Only keep the data and things that contribute to the relevance of your work.

      12. Ditch hotlinking

      Hotlinking is the process when the other sites directly link from their articles the various links on the images which are available on your website. This direct linking to the various sites adds to the loading time of your website and thereby reduces your performance. This can also cause unnecessary scrap posts being linked with your site’s images that have no relevance to your site and this will downfall your reputation in the market.

      Thus, you must reduce the use of hotlinks as much as you can in order to avoid unnecessary of the linking of other sites to your websites. This will automatically increase your site’s speed.

      13. Optimize database

      This is something that most the people ignore and don’t take into account. As most of the people concentrate only on the outer side of the website and don’t really bother with what’s going on inside. But along with managing the outer performance of the website, it is equally important to balance the internal functioning of the site.

      Optimizing the database of your website is one of the tasks that you must take care when trying the various ways of improving the speed of your WordPress site. You can try the plugins like WP-Optimize or WP-Database Manager for enhancing the process of database management.

      14. Fix all broken points:

      One of the easiest ways to make your website work and load really fast is by fixing all the broken points that it has. For this you would have to analyze the website on regular basis and then to note down all the points where you find the performance of the website is lacking. This can help in fixing the damaging part and thus to make the website perform better on those fronts.

      15. Minify your CSS and JS files:

      You can make your website perform faster and better by minifying the various CSS and JS files available. The process to minify the CSS and JS helps in removing the white space, combining the various files along with reducing the number of unnecessary comments on the posts. This in return helps the site to get rid of the not so necessary complications and help it to load and perform at a much faster speed than ever.

      16. Try faster plugins

      To improve the speed of your website, it is recommended to use less number of plugins. No doubt plugins are important for the speed of the website but that does not mean that you have to use each and every plugin that you know or come across. Rather you should select and reduce the number of plugins to only those that actually contribute in the enhancement of the website’s speed.

      17. Disable trackbacks

      If your WordPress site is accessing the trackbacks, then it is obvious that it will interact with the other blogs and blogging sites that are equipped with the same. However, this interaction may not seem any trouble initially but will increase the loading time after some time. Whenever any of the other blogs and blogging site mentions your site anywhere, you will get a notification for the same. This will keep updating the data in the post. It doesn’t require much of an explanation that too much of data on the post can reduce its performing time by increasing the loading time.

      Thus to avoid any such problem, it is always advisable to turn off the trackbacks by making adjustments in the settings of your website.

      18. Use the best plugin for cache

      Plugins are one of the essential factors that help any site to reduce its loading time and enhance its speed. Just like the other sites, WordPress also uses a number of plugins for the same. However, it is always beneficial to use those plugins that are in the caching category. These plugins provide all the required benefits to the sites that it need to improve their speed and reduce the loading time.

      Out of the many, W3 Total Cache is the most popular one that is trending in the market and is being used by all the leading blogging sites. The other popular cache plugins that are used are WP Rocket, WP Super Cache, Comet Cache, etc. These can be easily installed along with offering easy and reliable use.

      These are some of the basic ways that can enhance the speed of your WordPress site along with delivering you better and optimized results. How do you keep your website speed and load optimized, any other way? So, CleanTalk optimizes their anti-spam and security plugins to improve your website speed and these plugins are one of the fastest.

    • 20 Tips for Effective SEO and Content Management for WordPress

      Undoubtedly, WordPress has immensely outgrown its inception image. WordPress has moved from supporting the blogs to be the best platform for high-end websites. Even today no other platform can beat the Content Management functions of WordPress. As a website platform, you can extend and expand a WordPress website functionally to a tremendous extent. Built-in search functions and SEO enables each page to be optimized right from inception.  

      The search engines get cruel with websites. The best WordPress theme and most creative content would fall flat if it is not optimized. WordPress powers you to build excellent websites do not let them get lost in the sea of websites without SEO and Content Management.

      SEO and Content Management tip for a WordPress Website:

      1.  Create Clean Permalinks:

      WordPress is notorious for creating irrelevant permalinks (URL structure). By default, WordPress inserts the day and name into the URL making it unreadable. Google and other search engines rank the URLs that are optimized. The title and keywords in the post URL are liked more by the search engines.  

      Check out the permalink setting and check the “Post name” option. It is clean and gives you the liberty to add the keyword in the URL. When you change the permalink after the posts have gone live and the links have been shared, you must redirect the preceding link to the new permalink. Now that the permalink has been modified you will not be able to direct traffic using the older links

      2. Always have a Focus Keyword

      Keywords are the indispensable part of any web content. Google and other search engines are merely algorithms (agree they are quite strong), and they rank your content based on the keywords. Insert the focus keyword naturally and never overstuff your content with the keywords.

      Publishing long content, well-researched content or regular post will not drive sustainable traffic unless they are keyword optimized. Extensive research is required to find out the keywords that are relevant to your content and will rank it higher. Avoid the occurrence of any negative focus keyword in the blog comments section. It is not in your control, but you can use CleanTalk anti-spam plugin to keep your website from ranking high in negative keywords.

      3. Optimize the Meta descriptions

      SEO ranking is not directly linked with Meta description but a keyword rich Meta description increases the CTR. Indirectly a good CTR brings you into the focus of search engines, and they alter your rankings. You can set the Meta description manually using the Yoast SEO plugin.

      Google allows a limit of 156 characters on the Meta description ensure you create and put pretty content with the focus keyword. The focus keyword is set to bold on the search engines producing even more engagement. You must include the power words or the words you see in competitor AdWords Meta description.

      4. Never miss the Header Tags

      Header tags are crawled by the search engines before they craw the entire content. A heading with proper tags is an excellent practice. The header tags H1, H2, H3, create a hierarchy as H1 is the most important. Ensure the H1 has your focus keyword and you can add multiple H2 and H3 in your content.

      WordPress automatically assigns the title to your post but make sure the header tags make the content more readable rather than confusing. Many WordPress themes do have the header tag insertion integrated, and you may not have to depend on any plugin.

      5. Focus keyword in title and first paragraph

      As discussed in point 2, Focus keyword is very important for your content. What makes the more significant impact is the position of the keyword. A focus keyword in the title and first paragraph increases the stay time and ranks your post higher in the search engine.

      The web crawlers check the content from top to bottom. When they find the focus keyword on top, they rank you higher. If you use Yoast SEO plugin, it intimates you whenever you do not follow this practice in the post.

      6. Content word count:

      Genuinely speaking, producing a high-quality content is best you can do for your website. More extended content work better than the short contents. The effectiveness of content length plays an important role in rankings. Long form content provides you the advantage of long-tail keywords. Experts have noticed that the traffic from all the long-tail variations will surpass focus keyword traffic.

      The average content length that helps rank well is more than 2500 words, and lots of stats prove long-form content works.

      7. Create short URLs

      Clean and structured websites are loved by the search engines. Short URLs are the best form of a clean website. A well-defined URL helps you improve the CTR.  A short URL gives you lead ahead of your competitors. A WordPress website automatically creates shorter URL’s, but you can also go ahead and shorten them.

      Always remember you cannot keep two URL names same, they have to be unique.

      8. Use optimized Image File Names

      Must admit this is not significant, but you must never do it wrong. A little boost this Smart image file names practice provides becomes substantial when the competition is close.

      Three points must be considered while naming the files:

      • Name them with actual words rather than the names they get from the device they were clicked from.
      • Use hyphens in the title.
      • Add the keyword in the file name.

      9. Add Interlinks

      Linking is important between your posts. Link to your landing page or another post by adding Interlinks in the content. It increases the stay time on your website when you provide useful and relevant links. Recommended is to keep at least 3-5 interlinks on your site.

      WordPress offers you a hyperlink option to insert interlinks and maximize your websites stay time.

      10. Add High Domain Authority External Links

      While interlinks increase the website stay time, you must consider adding some external links to authority sites. This strategy helps your WordPress SEO and puts your website across as one that connects to high-quality content with authority sites.

      Make sure you add two high domain authority website links in your content. You can start connecting to the other brand and try to get free traffic from their social media sharing

      11. Sitemaps

      Sitemaps do not directly assist you in SEO but using them assists web crawlers to utilize the hierarchy and structure of your WordPress site. Having a sitemap ensures your website gets crawled better. They are not a must for the site but did you know they help you with more detailed reporting data. You may utilize the data plugin the weak areas. The Yoast SEO plugin can automatically generate your website sitemap.

      Create your XML sitemap file and submit it to Google Search Console so that you can access additional data on the status of your WordPress site.

      12. Build backlinks

      Backlinks are an essential part of white hat SEO. Search engines use backlinks for passing link information from one website to another ensuring the authenticity. When a high domain authority website links to you, it earns you a lot of online credibilities. Backlinks are a significant factor for ranking.

      Search engines rank your WordPress website high if the number of referring domains is more. Developing more backlinks threatens your website for security issues. Phishing website tries and gets backlinks from your site to improve their site’s PageRank such websites tend to send spam and viruses and may damage your reputation online. CleanTalk security plugin protects your website from such attacks.

      13. Content that is always liked:

      Work hard to develop content that needs to be referred now and then. A strategy like this gets you sustainable organic traffic. Best practice of maintaining the content is updating it quite often so that it ranks high and is always offering more to its readers.

      Developing evergreen content works long term, and you can keep sharing it again and again over social media and get backlinks. Make your content long lasting by writing on topics that meet a need, high-quality unique content, readable, engage the audience for a long time and does not outdate quickly.

      14. Negative SEO

      It can be lethal to your years of hard work. You competitors or other websites might try to tarnish your reputation but create backlinks from your website or spam commenting on your blog bringing you the bad name.

      You must be vigilant and monitor any such attacks on your website. There have been instances when the site was attacked overnight and developed terrible backlinks that took years to clean. You may use additional plugins to stop negative SEO.

      15. Local SEO

      Never ever skip local SEO. Register your website in existing local portals like yellow pages and Google business to develop your own customer database from their rankings.

      As both such websites are free and provide you organic results, you may top their list and rank high while someone is searching for local services.

      16. Website Speed

      Did you know Google has openly declared the time it takes to load your website affects your ranking? Build a beautiful but heavy website may not work in your favor. Google bought this element into your ranking because they know visitors will not stay on a site longer if it is heavy. High speed is the better for SEO and helps you rank in search engines. You can help your website speed with CleanTalk plugin that has the function of Spam Fire Wall.

      The tendency of people, who use Google is to abandon a website that takes more than 4 seconds to load. Optimize your sites, use plugins but never make it too heavy for the mobile or the desktop.

      17. Track Keyword rankings

      Never stick to one focus keyword. Keep checking the trend of relevant keyword that can bring you stable traffic.

      You must update your content or create new content if the focus keyword ranking has shifted down. Keywords are ranked on the basis of how many searches are made by web searches using these set of words.

      If you spend time enough time on creating optimized content, then you must try to use it for long terms. Updating the content on new keywords is an excellent strategy for long-term content.

      18. Comment management

      It may make or mar your website reputation. With the cutthroat competition, sledding other website reputation is very common. Competitor website may spam your site with comments, emails, and subscriptions. All this may work against you as nothing is hidden online. You cannot do anything about it once the damage is done. To control the spam of comments and content, you can use the CleanTalk anti-spam plugin that has the function of stop words.

      19. WordPress SEO Plugin

      What if we tell you that specific WordPress SEO plugins are inherently capable of creating SEO along with the website creation? Have a complete control on your website with Plugins like Yoast SEO or All-In-One-SEO pack that have end-to-end optimization potential.

      20. Title tags

      You must have your “focus keyword” in the title tag. Placing the Focus keyword at the beginning of the title is most recommended. It may not always be possible, but you must still put it somewhere in the title. The Google search engine can display only 65 characters of Title so make sure the focus keyword appears within that limit.

      Make most of the above tips to rank your website and content higher in the search engines and improve engagement. Some say SEO is dead but it is not dead has just changed. If you are starting with WordPress, you may be overwhelmed with the tips. SEO and content is a grey area, and you need to keep trying till your website hits the jackpot rank. The above tips have helped various websites go a long way, now it is your chance!!

    • Changes in the logic for the spam_check API

      We plan to launch API logic changes for the method “spam_check“. Parameter Appears will be modified.

      Parameter Appears — shows presence of record in the CleanTalk Blacklist Database.

      How it works right now — “appears”:1 returns in cases when spam activity was registered 3 and more times no matter when it happened even if this activity was a year or more back. It raised questions from our clients: why the method returns 1 when the CleanTalk website shows “Not in list” status?

      How it will be — “appears”:1 will be displayed only when a record has “blacklisted” status in the CleanTalk Blacklist Database, and will match its status on the website. If it is necessary for you to get information as it was before, that is based on the parameter “frequency” = 3 and higher, it still shows spam activity independently from time.

      Changes will be launched on Nov 6, 2017.

      If you have any questions then, please, contact us and we will gladly assist you.

    • ‘WordPress Security by CleanTalk’ Review– Is it Potent Enough to Safeguard you?

      ‘WordPress Security by CleanTalk’ Review– Is it Potent Enough to Safeguard you?

      WordPress is a very popular open source website creation tool. But this is not only a blogging platform, WordPress is an open source content management system used by millions of people worldwide. It is popular mainly because WordPress is very easy to use and easy to start with. Also, very good support from WordPress itself and different forums are available. According to a research, more than 22.5% of the websites are powered by WordPress in 2017.

      Due to its huge popularity and continuous growth as the world’s most used CMS, WordPress is naturally vulnerable to security threats and attacks. WordPress security attacks from the very beginning are handles by WordPress security releases. But there is new type of attacks is coming in the picture every day and everything does not come under WordPress Security Release. Here comes the WordPress Security Plugins.

      WordPress Security by CleanTalk is one of the most important security plugins which helps your WordPress site protected and secured from the Brute Force attacks by creating a firewall. Check out what kind of attacks your website may face and how can you secure yourself from these attacks:

      Why does a WordPress site is attacked anyway?Why does a WordPress site is attacked anyway?

      There is a cut-throat competition in the market in any venture and everyone wants to get the success at the end of the day. Due to the huge pressure, hackers want to access your website to get all the sensitive information, block your access from the site, redirect your users to any other malicious websites, remove or delete your user and all the content from the website or simply use the backlinks from your website. Stealing your backlink information and using it in their website will just improve their page ranks in any search engine.

      Most of the popular websites get thousands of attacks every week or even every day.

      How does a good security plugin work to prevent a different type of attacks on a WordPress site?

      There are several types of security attacks a WordPress website gets every day. A good security plugin applies optimized algorithms to prevent those vulnerabilities and keep the website secure. Following are some form of security threats a WordPress website gets:

      1. Malicious Software: After hitting your website, hackers leave some malicious software or script, also known as malware into your website. Your security plugin should scan all the files, contents, data files, database, changes in the DNS, comments or any kind of post to find out the malicious code that could possibly be hidden in the website’s source code, or URL. These malwares are scanned and removed by the WordPress security plugin.

      2. Brute Force Attacks: This type of attack is performed using permutation and combination of possible login information. Hackers attempt to log in to the website using thousands of possible username and password combination through automated scripts. Security plugins block the users with the attempt of too many login attempts or clicking on forgot password option. It also prevents WordPress from giving sensitive information like username or password hints etc. or multiple entry point options to the hackers.

      3. Zero Day Exploits: There are some obvious vulnerability issues in WordPress websites or any kind of website. Hackers attack those using bots. The security plugins use known algorithms and security firewall for these already published vulnerabilities and stop them.

      4. Spear Phishing and Social Engineering: Spear phishing & social engineering are among some techniques through which hackers can crack the most difficult password too. Security plugins provide a two-factor authentication which can neutralize the risk of password cracking. This facility is used by banks, financial institutions or websites with very sensitive data.

      5. Rate Based Throttling: This type of attack is the most critical type till date. Hackers overwhelm your website, database, servers and network, all resources using bots or automated scripts. This will prevent your genuine customers from accessing your website and search engine crawlers. Also, script crawlers aggressively crawl the website to overwhelm the website contents and resources. Security plugins provide security through IP blocking. If access request exceeds the accepted threshold of a maximum number of requests from any IP address, security plugin blocks that specific IP address. It also prevents the bot crawlers from aggressive crawling.

      6. Country attacks: Hackers using IPs of different countries and networks attack the WordPress websites to find vulnerabilities and overwhelm its resources with aggressive crawling. Security plugins use the same mechanism as rate based throttling, blocks the specific countries from accessing the website.

      7. Password Cracking: Security plugins use password auditing to find out the password of your admin account is weak or strong; suggest changing the password or making a rule to change the password monthly etc. This will prevent attackers to use password cracking or brute force attacking using the similar script.

      8. Spam Ads: Hackers often use the website they have compromised to post spam ads. These ads include a link to some other malicious website or simply a virus to download. Security Plugins scan your site regularly to check if there is any kind of spam ad that has been posted, identify and remove it.

      9. Hacker Reckon: Hackers find vulnerabilities using the information like software version, operating system version, and software installed etc. and security plugin prevents your WordPress website from giving this information anyhow to these hackers.

      What is WordPress Security Plugin by CleanTalk? 

      WordPress Security Plugin by CleanTalk is a premium security plugin for WordPress Site. This is an end to end protection system for a WordPress site which helps to prevent and securing a site from brute force attacks, brute force account counting, blocking IPs and users using a firewall, providing security for WordPress forms and backend filter malicious IPs, networks or countries.

      It also sends daily security logs, audit logs and reports through emails to the users so that user can analyze and monitor vulnerabilities to their WordPress Websites.

      How to Install Security Plugin by CleanTalk?

      Installation of Security Plugin by CleanTalk is very easy both through the automated and manual way. Following are the steps to follow to install WordPress Security by CleanTalk into your WP.

      Automated Installation

      1. Go to ‘Plugin’ option at the left panel of your WordPress and click on it.
      2. Search ‘WordPress Security by CleanTalk’.
      3. It will show the plugin on the page.
      4. Click on ‘Install Now’ button.
      5. Now click on the ‘Activate’ button
      6. Click on ‘Get access key Automatically’
      7. This will take you to the ‘Security Log’ page of the plugin.
      8. Click on ‘Save Changes’ option.

      Manual Installation

      Installation can be done manually too.

      1. You need to go to ‘https://wordpress.org/plugins/security-malware-firewall/#description’ and click on Download button.
      2. Zip file with an Installer will be downloaded. Save the installer and login to your site’s WP Admin.
      3. Click on ‘Add New’ button and then click on ‘Upload Plugin’
      4. Select the Zip file from the Dialog Box and click OK.
      5. The plugin will be installed. Then click on Activate
      6. The rest of the steps are similar.

      Features of WordPress Security Plugin

      Brute force attacks

      Brute force attacks are very different from cracks or in layman words ‘hacks’. Brute force attackers try to login into the WP admin using the easiest method of login, i.e., the username and password. They use permutations and combinations of common and most possible username and password to try logging in until they are successful. The easiest attack is the weakest link and username like ‘admin’ and password like’12456′.

      1. Brute force attacks come from different countries and IPs. If you have single access and IP, it is easy to block all the IPs other than your IP using the .htaccess file. But, if you have multiple users, log in from multiple locations, it is very difficult to identify the IP of the attacker and prevent it.
      2. WordPress Security plugin, blacklists all the IPs and users with too many attempts of login, scripts, failed attempts of forgot passwords. It also prevents WordPress from providing users multiple login points and giving away login information to the hackers. WordPress security plugin blocks or locks out any user who is using an invalid username and password.
      3. It sends email to the user as soon as a brute attack attempt is done. It also shows the attacker’s IP, location, and country through the email.

      Cleantalk Security Log

      Along with the plugin, Cleantalk security log is the additional feature which helps the user keep track on the logs for different events performed on their website.

      The security log consists of Date, Status, IP, Country and other details for the Admin Login for the user’s website for events like Login, Logout, Invalid Username, Invalid Email, Authentication Failed and Invalid Email. Logs can be filtered for different services like Anti- Spam, Hosting Anti-Spam, Database API, Site Security or SSL Certificates.

      Email Notifications

      Email notifications are very important and must have feature for any security firewall to have. Emails are sent to registered admin user’s email whenever an activity is logged in a WordPress site. WordPress Security by Cleantalk sends email for the following activities:

      Admin Login:
      It sends email to the registered admin user’s email so that the user is aware that an admin login has taken place on his website.

      New installation and Signup:

      Cleartalk WordPress Security plugin sends a notification to the user’s email when he installs and signs up for the plugin.

      Access Key:

      Email notification is sent when a user opts to get access key manually.

      Daily Security Report:

      Daily security Report email notification is sent to admin user which includes information about the SITE Time, Username, IP and Country and a number of brute attacks, failed login and authentication failures have taken place.

      CleanTalk Security Firewall

      The WordPress Security plugin security firewall works like a fence against the security attacks to a WordPress website. It uses CleanTalk database of bad IP’s and blocks the vulnerabilities from compromised IP’s. Firewall runs even before other codes run including the WordPress site and this prevents the security threats to attack the WordPress site. The firewall shields the site and blocks the threats even before they appear.

      And provides the WordPress sites security features like

      • Personal Blacklist Management
      • Country and IP blocking
      • Protection from aggressive users and web crawlers

      Traffic Control Analysis

      Traffic analysis is one of the important features for any WordPress website, in terms of security and CPU overloading. From which IP, country and location traffic is coming, the users that are online, who is on your page and how much time they have spent, etc. information is easily provided by the WordPress Security Plugin to the admin user.

      Unlike other plugins, it enables traffic control analysis to all the visitors even if they have not enabled javascript in their browsers. It gives information about visitors on traffic parameters like:

      • Date and Time of the visit to the website
      • Visitor’s spent time on the website
      • Source Country
      • Visitor’s IP Address
      • Browser
      • Operating System and version
      • Type of the visitor – Person, Bot, Search Bot or suspicious bot, script etc.
      • Number of page hits

      Cleartalk Traffic control can block the IP addresses from any country or any network from the interface itself. IP addresses will be automatically blocked by the Traffic Control if they exceed the threshold of the average page visit quantity. This helps the monitoring and blocking of the traffic real time.

      BlackIP Database

      This is the new feature launched by CleanTalk. BlackIP database is the collection of blocked or blacklisted IP addresses. This database helps to analyze which type of IPs, locations or countries from which the most frequent brute attacks come from. You can also manage the blacklisted IPs from your CleanTalk Dashboard-> “Use CleanTalk Database of Dangerous IP Addresses”. If you want to add an exception to your blacklisted IP addresses, you may add any IP to the whitelist IPs and it will not be blocked.

      Generic Tips and Tricks to keep your WordPress website safe:

      Other than using CleanTalk’s WordPress Security plugin and its advanced features, you can use these simple tricks to keep your WordPress website safe and secure all time:

      • Use email for login other than username. Usernames are easy to predict but hackers can’t easily guess any unique email ID. WordPress use unique email Id as login identifier for each user.
      • The default login URL for all the websites are similar. For example: wp-login.PHP, /wp-admin/ etc. You should change them to something your unique and own. This will prevent the hackers to get the admin logged in page’s URL or the dashboard URL.
      • Password of a WordPress site should consist capital letters, small letters, numeric and all type of symbols. Generally, an eight character password is considered as a strong password. Make it 16, it will be stronger and permutation and combination will be difficult.
      • Secure the WP-Admin directory from getting accessed by hackers.
      • SSL should be used to encrypt your sensitive data.
      • If your site has multiple admins, add them carefully after thorough scanning.
      • Admin username should not be kept as “Admin”.
      • Keep backup of your site regularly. You may buy professional services for backup and recovery routine.
      • Protect your wp-config.php file from hackers by keeping it one step higher than the root directory.
      • If you have multiple admin access, just do not allow the dashboard to be edited, by changing it in the wp-config.php file.
      • You should disable the directory listing using .htaccess.
      • Update your plugins and themes regularly.
      • Do not download or install any theme from an unknown site or provider. You do not know what is written in their code.
      • Plugins and WordPress itself should be updated regularly to get all the new security features.
      • Last but not the least, take precaution before installing any plugin. You should check the documentation, ratings, and reviews before installing them and that should be from a trusted source.

      Conclusion

      WordPress Security Plugin by CleanTalk is one of the best world-class security plugins for WordPress which facilitates your WordPress Website an end to end security solution and helps to grow your business without getting the headache of being attacked. CleanTalk’s Security Feature plugin is regularly updated with new features to cope with the new type of attacks and threats and to provide you smooth and flawless security services. Follow the tips and tricks and install a good security plugin will provide all round your WordPress website.

    • CleanTalk Released an Extension for the Protection of OpenCart Against Spam and Spam Bots

      CleanTalk Released an Extension for the Protection of OpenCart Against Spam and Spam Bots

      CleanTalk completed the development extension for the OpenCart, to protect your online store against spam and spambots.

      The anti-spam extension is compatible with OpenCart versions v3.x. and approved on the OpenCart official marketplace.

      This extension allows users to quickly and easily connect to CleanTalk anti-spam service. Its service provides 100% protection from spam bots and provides a simple and convenient commentary/sign-up form for visitors.

      This extension allows protection from automatically distributed spam, as well as from spam bots registrations. The protection method offered by CleanTalk allows users to switch from the methods that trouble the communication (CAPTCHA, question-answer etc.) to a more convenient one.

      CleanTalk saves time and resources spent on moderation and verification of questionable users or comments. Unnoticeable Protection from spam and registration forms, which does not require the visitor to prove who they are, increases the conversion in registration and is not annoying.

      CleanTalk is a cloud service, security module, installed on a website, which sends the behavior parameters of the visitor or spambot. These parameters are estimated, and the service makes a decision – to post a message or to define it as spam and reject.

      On the basis of such checks, the service forms its own list of email addresses used by spambots. Likewise, the registration of visitors is checked. The service adds not only email addresses to the blacklist but also IP addresses and domains of the websites that are promoted through spam mailout. The CleanTalk company developed unique algorithms to assess the behavior of the visitor, and with 100% accuracy, we keep spam messages at bay. All of this happens automatically and requires no action from the administration of the website.

      You can now download CleanTalk Anti-Spam for OpenCart from the official catalog.

      The Company provides automatic spam protection services for popular CMS: WordPress, Joomla, phpBB, Drupal, DataLife Engine, IP Board, vBulletin, MediaWiki, SimpleMachinesForum and API for PHP, Perl, Python, NET.

    • AI will play an increasing role in online security

      AI will play an increasing role in online security

      Neural Networks were introduced as far back as the 40’s of the 20th century and first works about them started in the 50’s. Nowadays this technology is being used in different fields. We believe that the CleanTalk machine teaching technologies of spam detection could be upgraded with the help of Artificial Intelligence and the CleanTalk features could be expanded to define an emotional aspect of a comment.

      Theoretical researches of spam filtering with Neural Networks say that these algorithms could achieve 100% efficiency.

      The CleanTalk Company has started to develop Neural Networks Algorithms for spam presence analysis of comments and messages which could provoke negative effects, rudeness, abuse or fraud in discussions.

      There is a big data safety problem in online security. There are too much data to process anomalies that could be the signs of spambots presence.

      There are about 1.5 millions of requests the CleanTalk Cloud processes every day and each request contains set of about 40 parameters. The Cloud uses them to decide whether a request should be approved or blocked so AI could improve our possibilities in spambot patterns detection.

      We intend to supplement technology of spam protection and moderation with more reliable feature and take into account such things as slang, typos, context and other traits of a visitor behavior.

      About CleanTalk

      CleanTalk is a SaaS spam protection service for Web sites. CleanTalk uses protection methods which are invisible for site visitors. Connecting to the service eliminates needs for CAPTCHA, questions and answers and other methods of protection, complicating the exchange of information on the site. Their solutions are reliable, easy and efficient. The module is completely invisible to the visitors and allows you to permanently abandon the ways of protection that impede the communication of visitors to the site (CAPTCHA, question-answer, etc.). CleanTalk allows you to automate protection against distributed from spam and registration spam bots.

      The CleanTalk team has been developing a cloud spam protection system for 5 years and has created a truly reliable anti-spam service designed for you to ensure your safety.