CleanTalk's blog

    Sign up

    Category: WordPress

    • A Beginner’s Guide: How to Install WordPress Step by Step

      A Beginner’s Guide: How to Install WordPress Step by Step

      Welcome aboard the WordPress express! Today, we’re rolling up our sleeves to install WordPress from scratch. Don’t worry if tech stuff seems like a foreign language; I’ll guide you through each step with crystal clarity.

      1. Pick Your Host

      Selecting the right hosting provider sets the foundation for your website’s success. It’s akin to choosing the perfect spot for your dream home. Take into account crucial aspects like pricing plans, available storage, customer support responsiveness, and server uptime reliability.

      With a plethora of hosting options out there, ranging from big names to smaller, niche providers, you’re spoiled for choice. Some offer user-friendly interfaces, while others prioritize lightning-fast servers or round-the-clock support. It’s like browsing through a buffet—each option has its unique flavors, catering to different preferences.

      So, take your time to explore the offerings, read reviews, and consider your priorities. Once you’ve found the host that ticks all your boxes, it’s time to make it official. Sign up, secure your digital plot, and get ready to build your online empire with WordPress!

      2. Launch One-Click Install

      Once you’ve got hosting sorted, log into your hosting account. Look for the “WordPress Installer” or a similar tool. Click it, follow the instructions, and boom! WordPress is now installed on your hosting server.

      3. Installing WordPress Without One-Click

      If your hosting provider doesn’t offer a one-click WordPress installation option, fear not! You can still install WordPress manually, and it’s simpler than you might think. Here’s a step-by-step guide to get you started:

      • Download WordPress: Visit the official WordPress website and download the latest version of WordPress. It will be a zip file, so make sure to extract its contents to a folder on your computer.
      • Create a Database: Log in to your hosting account’s control panel (usually accessed through a link provided by your hosting provider). Look for the “Database” section and create a new MySQL database. Note down the database name, username, and password—you’ll need these later.
      • Upload WordPress Files: Using an FTP client like FileZilla, connect to your hosting account. Navigate to the directory where you want to install WordPress (usually the “public_html” folder) and upload all the extracted WordPress files.
      • Configure wp-config.php: In the WordPress folder on your hosting account, you’ll find a file named “wp-config-sample.php.” Rename this file to “wp-config.php” and open it in a text editor. Enter your database details (database name, username, and password) where indicated, and save the file.
      • Run the Installation Script: Now, open your web browser and navigate to your domain name (e.g., www.yourdomain.com). You should see the WordPress installation wizard. Select your language and click “Continue.” Enter your site details (title, username, password, email) and click “Install WordPress.”
      • Complete Installation: Once the installation is complete, you’ll receive a success message. You can then log in to your WordPress dashboard using the username and password you set during installation.
      pasted image 0

      pasted image 0 2

      4. Choose a Theme

      It’s time to spruce up your site with a theme. Head to “Appearance” > “Themes” in the dashboard. Browse the free themes or consider purchasing a premium one for extra features. Click “Install” and “Activate” to apply your chosen theme.

      pasted image 0 3

      5. Customize Your Site

      Personalize your site’s appearance by tweaking settings in the WordPress Customizer. Change colors, fonts, and layouts to match your style. No coding is required—just click, preview, and save your changes.

      pasted image 0 4

      6. Add Essential Plugins

      Plugins are like apps for your website, adding extra functionality with a few clicks. From your dashboard, go to “Plugins” > “Add New.” Search for plugins like Yoast SEO for better search engine visibility or Contact Form 7 for creating forms. It’s a good idea to shield your website from spambots—they’ll know about it in the blink of an eye, and you’ll be attacked by virtual armies in no time. Also, you might want to exclude the possibility of your work being ruined by malware programs. For both of these problems, a good solution is Anti-Spam and Security plugins by CleanTalk. 

      Click “Install” and then “Activate” to start using them.

      pasted image 0 5
      pasted image 0 6

      7. Start Creating Content

      Time to unleash your creativity! Click on “Posts” or “Pages” in the dashboard to write articles or create new pages. Use the intuitive editor to format text, add images, and publish your content. Don’t worry about making it perfect — editing is your friend!

      pasted image 0 7
      pasted image 0 8

      There you have seven straightforward steps to install WordPress and kickstart your online journey. No tech wizardry required, just a little patience and a willingness to explore. So go ahead, dive in, and start building your dream website!

    • Critical Security Vulnerability in Shortcode Ultimate Plugin for WordPress

      Critical Security Vulnerability in Shortcode Ultimate Plugin for WordPress

      During routine plugin testing, we discovered a critical security vulnerability in the Shortcodes Ultimate plugin for WordPress which has 600,000+ installations. This plugin, widely used for adding powerful shortcodes to enhance website functionality, is currently vulnerable to a severe security flaw that could potentially allow attackers to exploit and gain unauthorized access to your WordPress site.

      The exploit allows contributors to embed malware JavaScript code into new posts via shortcode, subsequently facilitating admin account creation. By exploiting this flaw, attackers can gain unauthorized access and wreak havoc on websites.

      Vulnerability detailed CVE on WPScan: https://wpscan.com/vulnerability/9eef8b29-2c62-4daa-ae90-467ff9be18d8.

      How to secure your site from the vulnerability

      Don’t rush to delete the plugin. To mitigate the risk you should just update your Shortcodes Ultimate plugin to the latest version. Additionally, implementing robust security measures, such as regular vulnerability assessments and user role restrictions, can fortify defenses against XSS attacks.

    • CleanTalk SpamFireWall Sets New Record: Blocking 777 Million Bot Requests in April

      CleanTalk SpamFireWall Sets New Record: Blocking 777 Million Bot Requests in April

      In April, CleanTalk SpamFireWall achieved a significant milestone by blocking an impressive 777 million bot requests. This accomplishment underscores our commitment to enhancing digital security through cutting-edge technology and vigilant monitoring.

      This feat serves as a reminder of the persistent threat posed by automated bots in today’s interconnected world. SpamFireWall plays a crucial role in safeguarding online platforms from exploitation by swiftly identifying and neutralizing suspicious activities.

      We owe this success to our team’s dedication and our customers’ support. Their invaluable feedback and collaboration have been instrumental in achieving this remarkable milestone.

      You can find our latest spam stats here for those interested in more detailed statistics on bot activity and SpamFireWall’s performance.

      SpamFireWall, an optional feature of the CleanTalk Anti-Spam Plugin, enhances website security by blocking access for spam-active IP addresses, effectively denying them entry (via blocking GET requests). By intercepting spambots before they reach the website, SpamFireWall prevents the loading of pages for these malicious bots. This action alleviates the burden on your web server, reducing the load on both the database and server resources.

      Moving forward, SpamFireWall remains committed to staying at the forefront of cybersecurity. We will continue to innovate and adapt to emerging threats to ensure a safer digital landscape for all users.

      This achievement in April reflects our unwavering resolve to combat cyber threats and uphold the highest standards of digital security. Together, we will continue to protect online ecosystems and instill confidence in users worldwide.

    • Strengthen Your WordPress Defense: The Ultimate Brute Force Protection 

      Strengthen Your WordPress Defense: The Ultimate Brute Force Protection 

      In the vast world of the internet, your WordPress site faces constant threats from brute force attacks. But worry not! Security & Malware Scan by CleanTalk is here to fortify your digital fortress and ensure it remains impervious to intrusion.

      In WordPress security, the login form is both essential and vulnerable. Hackers target it with relentless brute force attacks, exploiting weaknesses in passwords and outdated software. Once inside, they wreak havoc, defacing sites or stealing sensitive data. However, with measures like two-factor authentication and regular updates, we can strengthen our defenses and keep our digital kingdoms safe from harm.

      Enhance Your Security: Key Features

      • Security Firewall: Guard Your Gates

      “Build a sturdy wall around your website! CleanTalk’s Security Firewall filters out malicious IPs and halts DDoS attacks, safeguarding your WordPress site from harm.”

      • Malware Scanner: Detect and Remove Threats

      Hunt down hidden dangers! CleanTalk’s vigilant scanner identifies and eliminates malware, ensuring your WordPress files stay clean and your site stays secure.

      • Brute Force Protection: Keep Intruders Out

      “Block unwanted guests from your site! CleanTalk’s Brute Force Protection plugin limits login attempts and adds delays on failed logins, effectively thwarting brute force attacks.

      • Two-Factor Authentication: Double Up on Security

      Add an extra layer of protection! CleanTalk’s Two-Factor Authentication ensures that only authorized users gain access to your WordPress domain, boosting security for your peace of mind.

      • Custom wp-login URL: Hide Your Entry Point

      Keep your login page under wraps! CleanTalk lets you customize your login URL, confusing automated login attempts and safeguarding against unauthorized access.

      Secure Your WordPress Stronghold

      With over 20,000 active installations and nearly a perfect 5-star rating on WordPress.org, Security & Malware Scan by CleanTalk stands as a trusted guardian in the realm of WordPress security. Its widespread adoption and high user satisfaction attest to its effectiveness in fortifying websites against cyber threats. From thwarting brute force attacks to detecting and eliminating malware, Security & Malware Scan by CleanTalk offers a comprehensive suite of features to keep your WordPress site safe and secure. 

      Don’t overlook the critical need to fortify your digital defenses. Stay informed with CleanTalk Research, your indispensable source for real-time alerts on plugin vulnerabilities and PSC plugin security certificates. Subscribe to our Telegram channel and stay one step ahead of cyber threats. Learn more: Subscribe to CleanTalk Research

      Choose Security & Malware scan by CleanTalk and protect your WordPress kingdom with ease and efficiency. Your digital fortress awaits its impenetrable shield!

    • Survey: Would You Like to Have a User Verification Badge ✔️ in the Comments/Reviews on your Site? 

      Survey: Would You Like to Have a User Verification Badge ✔️ in the Comments/Reviews on your Site? 

      Many online comments and reviews are helpful, but some might not be written by real users. A special verification badge could indicate if a comment/review is confirmed to be written by a real person. This might help you decide which reviews to trust more when reading/discussing online.

      Vote in the survey   or use the widget below if you see it ↓

    • Preventing Stripe Fraudulent Payments

      Preventing Stripe Fraudulent Payments

      Fraudulent payments occur when the cardholder has not authorized the transaction. Most fraudulent payments are made using stolen credit card information. When the cardholder notices an unauthorized payment or reviews their card statement, they contact the card issuer to dispute it. It is crucial for businesses accepting online payments to be aware of different types of fraud.

      Website owners mainly encounter two types of fraud: purchases made with stolen cards and card testing.

      Stolen Cards:
      This type of fraud involves using stolen credit card data to make purchases online. When the cardholder discovers fraudulent activity, they dispute the payment with the card issuer. If the dispute is resolved in favor of the cardholder, the business suffers losses equivalent to the payment amount and the value of goods or services provided. Additionally, the business may face dispute fees.

      Card Testing:
      Card testing is the practice of validating a card’s authenticity on one website before using it for fraudulent transactions on another site. Websites with an open payment form on the page can be subject to card testing.

      To reduce the risk of fraud, businesses can take measures to block automated bots used by card testers.

      CleanTalk Anti-Spam is a tool that can identify bots during order submission and block the form if it detects automated activity and this occurs before the payment for the order proceeds.. This helps safeguard against disputes and fraudulent purchases.

      CleanTalk Anti-Spam is already being utilized by numerous WooCommerce sites and other online other online stores, donation forms and other payment forms, with positive feedback on its contribution to reducing fraud in online stores.
      https://wordpress.org/support/topic/this-saves-lots-of-work-and-it-pays-for-itself/

      Installation on WordPress only takes a few minutes, providing protection against fraud and spam. 

      To install the Anti-Spam plugin, go to your WordPress admin panel → Plugins → Add New.

      How to install CleanTalk anti-spam

      Then enter «СleanTalk» in the search box and click the Install button for «Spam protection, Anti-Spam, FireWall by CleanTalk». After installing the plugin, click the «Activate»‎ button.

      WordPress Installation of CleanTalk anti-spam

      After it is done go to the plugin settings and click the «Get Access Key Automatically» button. Then just click the «Save Settings»‎ button.

      Getting the CleanTalk Anti-Spam key

      Go to the checkout page in Incognito mode. Place your order and use the test email address *@*******lk.org. When you submit your order, it will be blocked for a reason:
      *** Forbidden. Fraud prevention. Sender blacklisted. Anti-Spam by CleanTalk. ***.

      *** Forbidden. Fraud prevention. Sender blacklisted. Anti-Spam by CleanTalk. ***

      So, the CleanTalk Anti-Spam installation process is complete.

      For users of Drupal and Joomla or other CMS, instructions for installation are also available. 
      https://cleantalk.org/help/install

      Bot Detector  – You can use this integration API method using our library without using plugins. You will need programming knowledge to create the integration.
      https://github.com/alexandergull/cleantalk_api_check_bot

      By being proactive in detecting and preventing fraud, businesses can safeguard themselves from financial losses and disputes.

      We will be happy to respond to your comments.

    • We have added a new feature to Security Protection – File System Watcher

      We have added a new feature to Security Protection – File System Watcher

      Introducing File System Watcher, a new feature of our Security protection. It helps to track changes in your site files to detect suspicious ones in time. File System Watcher has already been added to all plans and is enabled by default.

       

      How the feature works

      The feature takes a snapshot of the file system during a selected period and allows you to monitor which files on your site have been modified between selected dates. The snapshots are stored for 7 days.

      You can control the frequency of snapshots in the plugin settings. Alternatively, you can run the snapshot immediately by clicking the Create File System snapshot button and refreshing the page.

       

      How to use the feature and see results

      1. Go to your WordPress site dashboard and go to SettingsSecurity by CleanTalkFile System Watcher.

      2. Select the dates you want to compare and click the Compare button.

      3. Click the View link and you will see the code for the modified version of the specified file.

      To use this feature you have to have a Security & Malware scan plugin installed to your WordPress. Feel free to download it in WordPress catalog.

    • Hubspot emails going to spam – fixing the issue

      Hubspot emails going to spam – fixing the issue

      Hubspot users frequently encounter the issue of their email newsletters being classified as spam, despite having appropriate content in the emails. Even though the email content, headers, and text are all in compliance, you can still see the emails flagged as spam. Let’s investigate the possible reasons behind this occurrence.

       

      Why email from Hubspot going to spam

      • Exclamation points or certain phrases in the “subject” line
        Avoid using exclamation points or specific phrases in the subject line that may trigger spam filters, such as “Make money,” “Free,” or “Not spam.” It is advisable to steer clear of these types of triggering phrases to prevent your emails from being classified as spam.

      • The Unsubscribe Button is missing
        It’s important to keep in mind that if an email is not pertinent to the recipient and lacks an Unsubscribe option, the only recourse for the recipient to cease receiving the email is to flag it as spam.

      • Irrelevant offer
        If multiple individuals label your email as spam, it could result in your future emails being automatically directed to recipients’ spam folders.

      • Blacklisted or unreal email in your email list
        We believe you can handle the changes above yourself, but this one requires some help to check email addresses. Since so many bots use subscription forms and use either fake addresses or stolen ones. If you have blacklisted and unreal emails in your email list, spam filters can recognize it and put your emails at risk of going into the spam folder.

        Mailing to such addresses will not be useful, so we made a web service that clears your email list by checking it through a database of 6M email addresses for fake addresses and spam. Use the instructions below to clean your mailing list of “bad” addresses.

       

       

      How to protect your HubSpot forms from spam bots

      The Anti-Spam plugin for WordPress by CleanTalk has direct integration with HubSpot and blocks any spam bots even before they reach your website. Follow this guide to protect your HubSpot forms from spam.

       

      How to clean email list of non-existent or spammers email addresses

      1. Visit the SpamBots Check page, where you can clean your email list by inputing your email list by either copying and pasting it into the designated field or uploading a file using the Browse button. Click the Clear my list button to initiate the process. That is the moment when all the non-existent or spammers email addresses are recognized and filtered. You need to register to check more than 5 emails, and it only takes approximately 30 seconds to complete.

      2. Once the email list has been processed, you will be presented with a summary of the checked emails along with their corresponding outcomes. You can easily download CSV and JSON files or share the check results by utilizing the provided links located in the upper right corner of the page.

      URL to results – share the check results or reset to the full list, including both good and bad lists.
      Good list – remove emails that are suspiciously active or invalid.
      Bad list – leave only emails that are suspiciously active or invalid.
      Copy – copy the entire list of emails.
      CSV – download results of the check in CSV-file.
      JSON – download results of the check in JSON file.

      3. Access the CSV or JSON file and select the emails that are not on the blacklist for copying.

      4. Access your HubSpot newsletter, paste the list into the designated area, and then click on the Continue to organize button.

      5. Next, proceed with the regular process of creating your HubSpot newsletter.

      By utilizing confirmed email addresses, you can prevent your HubSpot messages from being marked as spam, ensuring that more of your newsletter emails are successfully sent and read. Remember to validate all email lists to minimize the risk of your emails being flagged as spam. Email verification is essential for cleaning up email lists, enhancing email deliverability, and boosting engagement rates.

       

      Check my email list

       

    • FluentBooking spam protection for WordPress

      FluentBooking spam protection for WordPress

      CleanTalk added spam protection for FluentBooking using direct form integration. Always be sure to use the most effective Anti-Spam plugin. For example CleanTalk Anti-Spam will guarantee your FluentBooking spam protection in about 5 minutes.

      Once the CleanTalk Anti-Spam plugin is installed it starts to protect all of the existing forms on your WordPress website. It may not only be FluentBooking but many other forms.

      Download CleanTalk Anti-Spam plugin | Download FluentBooking 

      How to install CleanTalk Anti-Spam plugin

      To install the Anti-Spam plugin, go to your WordPress admin panelPluginsAdd New.

      Then enter «СleanTalk» in the search box and click the Install button for «Spam protection, Anti-Spam, FireWall by CleanTalk».

      After installing the plugin, click the «Activate»‎ button.

      After it is done go to the plugin settings and click the «Get Access Key Automatically» button. Then just click the «Save Settings»‎ button.

      That’s it! From now your WordPress website and FluentBooking are protected from spam.

      You can always use our detailed installation instructions.

      How to check your FluentBooking spam protection in about 5 minutes

      You can test the work of Anti-Spam protection for your FluentBooking forms by using a test email s @ cleantalk.org (without spaces). First, open the form in an Incognito browser tab. Fill in all the required form fields and send a form. After submitting the form, you will see a block message about the block on the form submission.

      If you have any questions, add a comment and we will be happy to help you. Create your Cleantalk account – Register now and enjoy your spam-free FluentBooking.

      You may view a complete list of CleanTalk Anti-Spam plugin features here. https://cleantalk.org/help/introduction 

      WordPress spam protection

    • Divi spam protection for WordPress

      Divi spam protection for WordPress

      CleanTalk added spam protection for Divi Builder email opt-in subscription form using direct form integration. So in case, you prefer using Divi subscription form be sure to use the most effective Anti-Spam plugin. Read the guide below and learn 4 steps to protect your Divi subscription form from spam.

      Once the CleanTalk Anti-Spam plugin is installed it starts to protect all of the existing forms on your WordPress website. It may not only be Newsletters subscription forms but also many others.

      Download CleanTalk Anti-Spam plugin | Download Divi Builder email opt-in 

      How to install CleanTalk Anti-Spam plugin

      To install the Anti-Spam plugin, go to your WordPress admin panelPluginsAdd New.

      Then enter «СleanTalk» in the search box and click the Install button for «Spam protection, Anti-Spam, FireWall by CleanTalk».

      After installing the plugin, click the «Activate»‎ button.

      After it is done go to the plugin settings and click the «Get Access Key Automatically» button. Then just click the «Save Settings»‎ button.

      That’s it! From now you How to completely protect your Divi Builder email opt-in subscription form from spam.

      How to check spam protection for Divi Builder email opt-in

      You can test the work of Anti-Spam protection for your СonvertKit Forms by using a test email s @ cleantalk.org (without spaces). First, open the form in an Incognito browser tab. Fill in all the required form fields and send a form. After submitting the form, you will see a block message about the block on the form submission.

      If you have any questions, add a comment and we will be happy to help you.

      Create your CleanTalk account – Register now and protect your Divi Builder email opt-in from spam in 5 minutes

      Update

      The protection works only for website visitors, not for website admins. Be sure to test the form protection using Incognito mode.

      Additional features

      • CleanTalk protects all forms at once: comments, registrations, feedbacks, contacts, and reviews.
      • Installation takes about 1-2 minutes.
      • Smart 99% protection against spambots.
      • Always online – 24/7 technical support.
      • Logs, SpamFireWall, personal lists, country filters, stop-words, and many others.

      Discover the complete list of CleanTalk Anti-Spam plugin features here.

    CleanTalk

    About

    Dashboard

    Pricing

    Sign up / Sign in

    Solutions

    Anti-Spam for websitee

    Blacklists

    Filter fake emails

    Gantt charts

    Hide contact data

    Stop spam emails in Contact form 7 (CF7)

    Stop spam in Elementor form builder

    Stop spam in WPForms

    Website malware scanner

    WordPress Security & Firewall Plugin

    Documentation

    API

    Help

    License agreement

    Privacy Policy

    Refund Policy

    Signs of Malware

    Contact us

    Create a support ticket

    Telegram

    Contact us