Jonny Vaughan

About Jonny Vaughan

Jonny is the founder of 10° - a specialist WordPress development company. Jonny has 10 years experience in the web industry developing sites using WordPress and ecommerce sites using Lemonstand.

Website Security Bulletin 26th April 2013

Over the last few weeks there have been some mainstream media reports of website security issues – some surrounding WordPress and some around website security in general.

A number of our clients have asked us for more information on these reports.

As a website hosting company we take security issues very seriously and continue to do everything we can to minimise the risk of websites being compromised. As part of our hosting service, this includes:

Keeping abreast of new threats on a daily basis.
Ensuring core website software is kept up to date.
Maximising the security of our servers to reduce the risk of hacking.
Updating website plugins as & when risks are identified.
Working with our providers when network issues are identified (such as ‘denial of service’ attacks).

One example in the news recently is the report of a network of 100,000 hacked computers being used to target WordPress sites in an attempt to guess passwords to gain access to websites.

We blogged about this issue when it happened and quickly implemented the recommendation of changing admin usernames and passwords.

More recently two website performance plugins were found to be vulnerable to a particular type of attack. We immediately updated all affected clients.

Whilst we can’t blog about every issue that we identify, we continue to work in the background supporting our clients websites.

Questions about website security or our hosting service? Leave a comment below or get in touch.

What we’re doing to protect our clients against the global WordPress attack

You may have read in the news that WordPress websites are being targeted by a huge network of hackers (think 100,000 computers all aimed at hacking your site). The news of this has been spreading over the weekend as more & more sites fall victim to this unprecedented attack.

“One of the concerns of an attack like this is that the attacker is using a relatively weak botnet of home PCs in order to build a much larger botnet of beefy servers in preparation for a future attack,” security and website performance firm CloudFlare said in a post Friday.

The primary method of attack is trying to use brute force to guess the password of the default ‘admin’ user that is set up on the majority of WordPress sites. To mitigate this issue we’re checked all our clients’ sites and removed the default admin user. Our firewall will also be providing a high level of security against these attacks through IP filtering.

Not hosted with us? Here’s what you can do

If you’re not hosted with us then please check your own WordPress users screen and remove the ‘admin’ user if it exists:

wordpress-users

If you want added protection for your site you can also install a login limiting plugin that will block brute-force attempts at guessing passwords.

This global attack is aimed at creating a larger network of compromised servers which could be used at a future date to target government or financial institutions. An attack similar in size was reported by many network providers last month.

We’ll be closely monitoring all our hosting clients to ensure their sites do not get compromised.

We’re Hiring! Junior Developer Required

We’re recruiting for a junior developer to join our team in Wokingham to help support our rapidly growing web development business.

We’re looking for someone with a passion for web development and a keen interest in helping develop a small business. At the same time we’ll help develop the right candidate’s skills as a full time developer.

Location: Molly Millar’s Lane, Wokingham, RG41 2PQ
Start Date: Immediate

The role is a temp position for 6 months. For the right candidate there will be the opportunity for a permanent role at the end of 6 months.

Job Description

The primary purpose of the role will be to code HTML/CSS markup from Photoshop PSD designs. You will be trained to create W3C compliant code, use jQuery to develop interactive front-end functionality and will preferably have experience with using WordPress.

Some coding experience is essential (PHP/Ruby/Perl/etc) as you’ll be working with WordPress and other CMS systems to develop templates & functionality.

Key Responsibilities

PSD to HTML/CSS/jQuery code
WordPress PHP template development
Daily support to existing clients – good communication skills are a must
Desktop & mobile browser testing
Basic web server administration

Your Skills

The successful candidate will be able to demonstrate the following:

HTML5/CSS/jQuery
PHP & MySQL (or other scripting language/database combo)
Basic use of Photoshop & Illustrator

We will be looking for candidates that have:

Experience with using or developing for WordPress.
The ability to solve challenges using a number of different web technologies.
Familiarity with Apple OS X.
Experience in Linux server administration.
A strong desire to learn and help shape the future of 10°.

About 10°

We are a small family business looking to expand our development team in Wokingham. We primarily work with creative agencies as technical partners to create websites from their designs. We also offer technical consulting services during the spec & design phase of projects. 10° also takes on direct clients for which we design as well as build sites.

You’ll be a core part of the team and expected to communicate professionally with clients on a daily basis.

How to Apply

For more information about the role or to apply, please email us your CV and any examples of your work.

Strictly no agencies.

UK Cookie Law – What Small Business Owners Need To Know

On May 26th 2011, Directive 2009/136/EC became law in the UK – the government gave us a one year grace period to implement the required changes to all business websites – this period expired at the weekend.

The new law aims to protect internet user’s privacy by determining how and when web browser cookies can be used and as business owners we must give visitors the option to accept or decline cookies.

Throughout the year the exact requirements have been changing, including some very last minute changes to the legislation that were communicated last week. Therefore the full impact of the legislation was not known until then.

If you have a business website then this law affects you so please continue reading.

Continue reading →

Desktop Wallpaper With Screen Resolution Marks

Part website testing includes testing sites in a variety of different screen resolutions. To make this easier I created a desktop wallpaper with screen resolution lines so I can resize my browser window to the right sizes. Continue reading →

UK Web Browser Usage – Why It’s Important To You

As of July 2011, StatCounter has placed Google Chrome just ahead of Mozilla Firefox in web browser usage across the UK. This is the first time Chrome has captured more users than Firefox and marks a significant point in time for Google’s relatively new web browser.

Does your website look consistent across browsers? If not you may be deterring some of your customers from dealing with you.

Continue reading →

How to use the WordPress SEO Plugin by Yoast

All the WordPress sites I develop include a certain level of search optimisation but I’m often asked about the more technical aspects of SEO and what people can do to improve their search rankings.

In a previous blog post, Beginner’s Guide to Search Optimisation, I explain about keyword analysis, page titles, copy and linking. In this post I’ll be explaining a bit more about how to use that information with an SEO plugin in WordPress. Continue reading →

Beginner’s Guide to Search Optimisation

Get to the top of Google with the right keywords

Search optimisation is a topic I’m always asked about when I first meet a client requiring a new website. It’s obvious that anyone wanting a new website will want it optimised for search engines so that when it’s launched it has the best chance of appearing high on search results pages.

Often considered a ‘black art’ but it’s really quite simple. Here I’ll be discussing a number of primary factors which dictate how well a website will be ranked on search engines. Continue reading →

Lorem Ipsum WordPress Plugin

Web designers & developers often need to enter placeholder text into pages and posts because content doesn’t yet exist when developing new websites.

I did a quick search of the WordPress plugin repository to see if anything was out there to let me do this. I found a few plugins that created the pages, posts and comments automatically but I needed something a bit less automated that I could use when editing. Continue reading →

Six Things You Need to Know About WordPress 3.2

WordPress 3.2 has arrived and there’s some great new features to be seen once you’ve upgraded. But before you do, check out our quick guide to what’s new and what’s changed in version 3.2.

Continue reading →