Security

ETS is requiring that all web forms include a CAPTCHA field for security purposes. The CAPTCHA service has already been pre-registered with your WordPress site’s Gravity Forms plugin. A CAPTCHA is a program that protects websites against bots by generating and grading tests that humans can pass but current computer programs cannot. The term CAPTCHA ...
Read More Add a CAPTCHA Field to a Gravity Form

Guidelines for Safe Posting

Posted on Feb 27, 2015 in Content, Security

Site Administrators are bestowed a lot of power with an administrator account. But with that power comes great responsibility. Admins should be aware that they have the unfiltered_html capability. Editor and contributor roles are restricted from posting these types of scripts into the text editor. Upon save, any potentially dangerous HTML markup or JavaScript will get ...
Read More Guidelines for Safe Posting

Preventing Display of Usernames

Posted on Aug 14, 2013 in Content, Security

Overview The most frequent type of attack against WordPress is a brute force attack against the login page. Hackers will use automated software in attempt to gain access to a website by trying different combinations of usernames and passwords repeatedly, until a correct combination is found. When usernames are displayed, the hacker’s odds of finding ...
Read More Preventing Display of Usernames

Removing Inactive User Accounts

Posted on Mar 28, 2013 in Content, Security

If you are a website administrator, part of your responsibility may involve maintaining the users for your WordPress site.  It is good housekeeping as well as proper security practice to remove users that no longer need access to your website.  For example, if a user leaves your agency, you must remove their user account from ...
Read More Removing Inactive User Accounts