The developers of Divi announced on Jan 17th that All WordPress sites using Divi or the Divi builder must update their plugin or theme. it is always important to keep up with updates on any WordPress site. If you don’t then you could be at risk.
See the announcement from Divi – Elegant Themes on Jan 17th.
Today our core product framework was updated to fix an unintended information exposure within password protected post excerpts. This includes all of our WordPress themes and the Divi Builder plugin. Updating these themes and plugins to their latest versions will patch the flaw, keeping your website content secure.
The Problem
WordPress allows posts (and Pages) to be password protected. When password protected posts are viewed or displayed within a post feed, post content is hidden pending password authentication. Our products did not treat these posts correctly when displaying excerpts. Post excerpts for password protected posts (and Pages) were mistakenly displayed on theme index pages and within post-based Divi Builder modules. Excerpts typically include the first ~40 words of a post unless otherwise defined. Full post content and individual post URLs were correctly protected.
Are You Affected?
This problem only affects customers who have published password protected posts and pages. Only the brief excerpts of these posts were potentially exposed within front-end website content. This does not affect WordPress admin authentication or any other password authentication on your website.
How To Fix It
Updating your themes and plugins will fix this problem. You can update your themes or plugins from within your WordPress dashboard, or you can download the latest versions from the member’s area and update them manually. This affects all Elegant Themes themes and the Divi Builder plugin. If you are using any of these products and you have published password protected posts, we recommend updating to the latest version.
What If You Can’t Update Right Now?
If you are unable to update your themes/plugins right away, you can use our security patcher plugin to patch the vulnerability without updating your products. This is a free download for all customers. Installing this plugin will fix the problem, and you can continue to use the security patcher plugin until you are able to update your products to their latest versions.
If you need this security patch then you need to contact us at immediately.
Has Your Account Expired?
We are making these updates available for free to all expired accounts. Even if your account has expired, you can still update your themes or plugins to their latest versions via your WordPress dashboard. Expired accounts will not be restricted from updating.
We Are Here To Help
Security is extremely important to us and we take a number of precautions to help mitigate issues like this. Unfortunately, something slipped through the cracks this time, but we will continue to work hard to prevent similar mistakes from happening in the future.
If you have any questions or concerns, please know that our virtual doors are always open. If there is anything we can do to help, just let us know.
Best Wishes, Nick Roach www.ElegantThemes.com
More from Coffee Web Design Team
Since many of our clients do not have an Elegant Themes account, then you need to contact us so that we can make sure that your site gets updated ASAP.
To date, we still feel like the Divi theme is one of the best WordPress Themes we have used in building designs for WordPress sites. If you would like to have your own account to manage your Divi theme, then you can purchase the Divi theme membership through Coffee Web Design and we will be happy to adjust your settings in your WordPress site, so you have all the latest news and great stuff coming into Divi future versions!
Simple step by step instructions and features to set up a Facebook™ business page for your business, entertainment or services. This will get you started and show you tools available that you can use for a Facebook™ page for business.
Creating a Facebook page – Lets get started!
From your personal account click on the drop down arrow in the top blue menu
Select “Create a Page” (see the difference between aPAGE and a GROUP)
Select which best describes the category your Facebook page will go into
Select a sub-category (if prompted) and fill in any information needed to start your page set up
Follow any steps that you need (each category is different) to continue to set up your page
How to design and use tools in your Facebook business page
How to find your page that you created?
Click on the down arrow in the upper right of the Facebook menu. Select which “page” you want to go to (some people are set as administrators of many pages so if you do not see your page, you would want to select “see more”)
You can view messages left on pages managed here too!
Change your page images by clicking on any of the camera icons on the page.
Write something so your audience and followers can see by clicking next you to icon and “write something” You can also publish URLs here to share information that will drive your audience back to your web site for sales and information!
There are easy to use tools that you can use for your followers
See the weekly analytics of how your page is doing with viewers! The more you share your page and likes you get, the more you will see these numbers change.
See reviews that people leave for your page. Encourage your FB viewers to leave their reviews, though an ultimate guide would have them leave them on your web site for products and services you offer.
You can edit any information on your page by viewing icons or edit links to help provide all the best information for your business. The more complete your profile looks…the better!
Use the side menu, add a call to action button for people to use, change your information and category as your business changes.
How to create a FB business URL
Many people would like their own URL for Facebook so to create your own, under GENERAL (see image above) > edit – will prompt you to create your own to share on other sites, friends and associates.
We hope this was a simple way of explaining how to set up and use your Facebook business page to get your started!
If you like easy instructions like this, give us a thumbs up on our Facebook page!
Sometimes we have events or family outings where we have a multitude of photos we want to share on social media or for others to download. if you have a Google account, you can store your photos directly into your Google Drive under Google Photos.
Google Photos is probably one of the most useful photo resources you can use, mainly for its powerful automatic backup feature. And since you probably already have a Google account, getting set up will be easy.
You can access it on the web at photos.google.com or simply download one of the free Google Photos apps to automatically upload all photos you take with your devices. They’ll all be synced up right across your account and accessible from anywhere. Look for the Google Photos icon in your Google Apps.
You can also use Google Photos to edit your photos, organize them according to people/places/things and share them online even with non-Google Photos users. The more you use Google Photos, the more it learns about your photo habits so that it can take some of the manual work off your back by automatically organizing your photos for you.
Best for: Automatically backing up photos that you take, uploading large quantities, uploading high-quality photos, editing them, organizing them, and finding them again later using visual search.
Max image size/storage: Unlimited free storage for photos taken by smartphones and point-and-shoot cameras (16 megapixels or less) plus the option to alternatively use your limited storage space from your Google account for photos taken by DSLR cameras. You can also upload videos in 1080p HD.
By using Google Photos in your google account, you can share with others so they can download their favorite photos!
We found this video tutorial that shows a lot of the features that also comes in the Google Photos Feature.
2017 is going to be probably the most secure year for website owners because Google released updates to force people to get site SSL ready.
In the coming year, Google’s browser (Chrome 56) will begin to show warning message as “Not Secure” to all HTTP sites to make the web safer and secure (less hackable) place.
SSL certificate is used to make the encrypted connection between browser and server. Therefore, Google has already moved their almost services over HTTPS encryption technology. Even WordPress has announced that they will no longer promote hosting partners until they provide SSL certificate by default in their accounts.
Don’t worry, we will be looking into some affordable ways to do this and making arrangements for installations.
Essentially, WordPress hacking and insecurity has been on the rise. The number of reported hacks is in the hundreds of thousands.
What about those that go unreported? Of course, you might be wondering why anyone would even want to hack your website. However, you should remember that most attacks are automated.
These days, hackers have created various bots before releasing them into the web to look for vulnerable websites, just like yours.
When hackers have thousands of sites in their control, they are able to use them for database scraping, mass email sending, and black hat SEO. To them, that’s pure gold.
So, before you start a blog it’s important to know that WordPress security is not automatic. Although WordPress is one of the most awesome platforms around, it does have its fair share of problems. As a user, you should take care of the most basic security and safety measures.
Proper Security Measures
Beginner’s Level
So, how do you go about doing this? Here are some tips:
Secure administrator account
Use your editor account purely for content work
Strengthen your WordPress password
Limit your login attempts
Secure your PC
Automatically update your WordPress
Update your plugins on a regular basis
Backup your website/blog
Only use legit web hosts
Download themes and plugins from well-known sources
Advanced Level
On the advanced level, you can do a number of things to further bolster WordPress security and safety. These include the following:
Deleting plugins you do not use
Reducing the total number of plugins you use
Installing well known security plugin
Protecting your website from brute force attacks
Using CloudFlare
Monitoring for Malware
Performing theme checks
Blocking trackbacks and pingbacks
Pro Level
Pros do more than just the above to ensure that their WordPress accounts, websites and blogs are safe and secure. They will, in most cases, do any or all of the following:
Generating new security keys
Changing the database prefix
Using .HTACCESS protection
Disabling XML-RPC
Disabling all PHP error reports
Tracking the WordPress dashboard
Watching their Google Console
Reading Sucuri
Checking out all un-secure plugins
Using SSL
So, how would you like to go about ensuring your WordPress security and safety? We are going to discuss the above points slowly but surely.
WordPress security and safety is not something to joke about. If your blog site gets hacked, you will have to spend countless hours trying to fix things that you might not even understand.
Similarly, a hack could potentially make everything start performing in a weird way on your WP account, website, and blog.
At the end of the day, any sort of attack will give you a difficult time. However, you can guard against such attacks.
This is why we created this guide: How to prevent your WordPress website from getting hacked.
Here’s what we’re covering:How to Safeguard Your WordPress Site (Infographic)The Current State of WordPress SecurityProper Security Measures
14 Steps You can Take Today to Improve Your WordPress Security
