1st February 2019: I have just deleted a file named wordfenceScanner.php.bin from my PHP .opcache folder on my server. Wordfence had detected it contained the TimThumb script which is considered to be unsafe. I must look into methods of cleaning my PHP cache. It looks as if it contains some outdated files.
2nd January 2019: Again I couldn’t get my WP v5.0.1 to update to v5.0.2 so I followed Wordfence’s instructions and upgraded it manually. I made a good job of it and searched for the cause of the problem. It turned out to be caused by the plugin DGXPCO which is designed to improve Core update security.
Hopefully if the Core updating server got hacked and a false Core program was sent this plugin wouldn’t allow it to be applied due to manual intervention. Well that manual intervention failed to allow valid Core updates through so I have deactivated that plugin for the time being.
21st December 2018: I just upgraded my server from PHP 7.2 to PHP 7.3. I had an immediate problem with the plugin Taxonomy List Widget. I have sent a comment to the author Erick T. Hitter asking him to look into it. Otherwise so far so good.
14th December 2018: Having experimented with the new Gutenberg editor for over a year I was finally able to update WordPress to version 5.0.1 with Gutenberg in core yesterday. I couldn’t do it last week due to a technical hitch resolved by 1&1 IONOS. I then deleted the Gutenberg plugin, which had already been de-activated by the update. That caused a block editing problem where I only had Classic Paragraphs instead of Gutenberg Paragraphs. That was resolved by me de-activating TinyMCE, a plug in to enhance the original editor.
I can now report that I have adjusted some posts created or edited using various versions of Gutenberg to be editable using version 5.0.1.
2nd July 2018: I have added the Google Translate widget from Jetpack and put it at the top of my sidebar. Just select your desired language from the drop-down list. I apologise to all readers for not doing this sooner.
29th June 2018: Any post containing a WP Google Map is currently unable to display it. I have attempted to fix the problem but the adjustments I made have not worked. I hope to resolve the problem in the near future.
As of 26th February 2018 I have installed a badge on my site just to indicate to visitors that I protect my site with the free Wordfence Security Plugin. Wordfence give me a firewall and perform some scans. Visitors selecting the badge will be directed to the Wordfence web site where they can find out for themselves what Wordfence do. I am not paying for their Premium service yet but I am contemplating it.
It’s 23rd February 2018 and I just realised I haven’t got a GravityScan badge. Not because I’m on a blacklist this time, but because GravityScan is no more. They had to wind up their business due to insufficient take up. There is obviously a lot of educating to do among thousands of WP bloggers if they don’t grasp some of the basics of security. This badge was free. Now we’ll just have to go and pay for one. They probably haven’t converted their sites to https either.
On 3rd February 2018 I posted an article written entirely using the Gutenberg editor. I know we’re advised not to use it to edit real sites yet but I wanted to give it a go. I was so pleased with it that I’m well on the way with my next post using Gutenberg too. I can’t justify text to make it line up on the left and right margins, and the Text used for image titles doesn’t look correct because a different construct is being used to manipulate them. There is also a problem turning Comments on. I have to redo it using Quick Edit after each edit of a post.
Nearly 2018 (its 30th Dec 2017) and I haven’t had any further problems with Gravityscan since I got the badge back in September. I’m very pleased with it.
I’m also pleased that Wordfence is protecting my site adequately.
It’s 5th October 2017 and I have just asked 1and1 Internet (they run my server) about what Sitelock scans. I had a trial of their premium service running. That scans up to 500 subpages. I asked what constitutes a subpage. They gave me the impression that with WordPress each post is a subpage and each image (JPEG, PNG, etc.) that can be selected from a post and shown in its own page as an enlargement is also a subpage. If that’s the case then I must be near to the 500 subpage limit. They told me Sitelock can’t test more than 500 subpages. Logically I think there is something wrong here. There must be professional websites that need protecting with more pages than I have. I would expect Sitelock Premium could be sold to them. Anyway until I get more information I have removed my site from the Sitelock scheme before the end of the 30 day trial. I will continue with Gravityscan alone as it seems very good so far.
Tag Clouds are back (2nd October 2017). After probably 2 years, at least, tags can be seen in one place again. They went away when my tag plugin reacted badly with other plugins. They’re on the Posts & Tags menu. You will find them in groups. Mostly they are in alpha-numeric groups but some are more easily found in Places or People for example.
I am also trying to redirect links as a result of post title changes and picture name changes. With this I am having limited success. I have 8 yrs of problems to fix. The problems are not on this site they are caused by others saving links which are now out of date. I can observe 404 errors seen by others.
It’s 20th September 2017 and my Gravityscan Badge is back, after 8 days, as you can see. I’ve learnt a lot in the last week. I now understand that my IP address is shared so I take the rap for the actions of others. For now I’ll wait and see what the future holds. You may see the badge come and go as a consequence.
Well on 12th September 2017 I had a Gravityscan setback. My 1&1 server was found to be on a spamming blacklist. Why I don’t know. Gravityscan have not found malware on my site. I have now deployed Sitelock too and that hasn’t found a problem with my site either. I will automatically be removed from the blacklist after 7 days if there are no more spamming incidents in the meantime. Meanwhile I don’t have a Gravityscan Trust Badge but I do now have a Sitelock Badge.
I’m currently trying to improve older posts which have fallen foul of theme changes and don’t have satisfactory images.
I consider the action I took on 13th August 2017 to harden my header against Cross-site Scripting, Cross-site Tracing, Clickjacking, MIME Sniffing and Directory Listing by sending messages to the server from my .htaccess file to be ineffective. I will try again.
I took on the benefits of Gravityscan as of 28th July 2017. It checks this site for malware every day as you can see from the Gravityscan Trust Badge in the page header. Gravityscan have changed the date display to an international format yyyy-mm-dd. Selecting (clicking on) this badge will take you to the Gravityscan website.
On 30th June 2017 I took the step of securing my server communication with browsers by using 1&1 Internet’s TLS and certificate services. So now my main URL is HTTPS://helpfulcolin.com. Readers will see a padlock in their browser as a consequence.
I have also taken two more domains onboard “helpfulcolin.co.uk” and “helpfulcolin.uk”. Connections to them use HTTP not HTTPS but security is maintained by them redirecting links to “HTTPS://helpfulcolin.com”.