WordPress Tip: Admin is NOT your Admin Log in Is It?

So you’ve bitten the bullet and gone with WordPress for your Web Site system, good for you! I like it, and have been using it for many years (although I am not a zealot either, whatever system works just fine, if you are comfortable with it).

One of the first security things you really should think about it is to change the Administrator account on your system. Why? Well if I look at Wordfence, to see who is trying to log into my system I see the following:

Vietnam Hanoi, Vietnam attempted a failed login using an invalid username “admin”.


Image courtesy of Stuart Miles, at FreeDigitalPhotos.neta failed login using an invalid username .

IP:  [unblock]
43 seconds ago
Japan Japan attempted a failed login using an invalid username “admin”.
IP:  [block]
10 minutes ago
Romania Sibiu, Romania attempted a failed login using an invalid username “admin”.
IP:  [block]
Hostname: 46-214-107-142.next-gen.ro
20 minutes ago
United Kingdom United Kingdom attempted a failed login using an invalid username “admin”.
IP:  [block]
21 minutes ago
Turkey Istanbul, Turkey attempted a failed login using an invalid username “admin”.
IP:  [block]
Hostname: www.beykoz.edu.tr
29 minutes ago

Let me assure you that none of these log in attempts are from me (given I am not in any of those countries), but do you see a trend here? They are all attempting to log in with the user name Admin and that is the first (and primary) attack vector for many of the hackers out there.

How to remedy this?

  • Go to the Users Menu on your WordPress site
  • Create a NEW userid, and call it what you wish (e.g. ThisIsNotAdmin ) that has Admin privileges, and give this user id a good password (not that crappy one you use for most sites)
  • Log out of your Admin account, and try to log in with your new Admin UserID, make sure you can do all you want, and that it is really an Admin account (be really sure before you do the next step).
  • From your new Admin userID, delete the Admin user id (maybe after you have done a full backup of your site just to be paranoid).

That is it, you have shut down the first attack vector for hackers, so your site is a little more secure (but don’t get cocky, there are many other ways into your site, this is just shutting off one of the easiest to attack).

Old Commentaries become Timeless

With over 2500 articles written over 10 years there are many of my commentaries that have faded in their significance, and the points made are no longer valid, however, that is easily remedied, with some judicious editing.

Many of my investing commentaries over the years leaving up to 2008, actually are becoming quite relevant to the current market situation, however, simply trying to pass them off as current commentary would be lazy and lacks a level of panache. If you add a simple preface to the post something similar to:

Do note the date of this original post, just before the great EXPLOSION of 2008, interesting the parellels eh? (When is next market crash 2007)

Suddenly that article becomes a foreboding warning, is it not?

Another simple tactic is just reading over a commentary about Debt and such and add in exact dates on when the commentary was being made, and remove any specific mention of coming current events (at the time), as I did with Great Canadian Debts, it had a reference to a coming provincial/federal election.

I am even following my own advice with this collection, updating Paypal Donation Buttons, which was previously a little short and didn’t really mention Paypal by name either. There are many similar posts here that really do need a bit of a clean up as well, and maybe some SEO work.



Twitter CAN get it done, but not For Very Long 3

I typically retweet many of my older posts (daily) to see if I can get some traction on older content that I had. Usually this only constitutes a bump of 10-20 readers a day, however, last week one of my older posts got picked up by a Twitter heavy weight who retweeted it and suddenly I received over 100 readers from Twitter.

The specific retweet was from Rob Carrick who has about 17K followers, but what was interesting was the effect really only lasted about a half an hour and then things went back to normal.

Social Media, Social networking

Social Media is Everywhere
Image courtesy of FreeDigitalPhotos.net


This seems to suggest that Twitter can be useful driving traffic in short spikes, but not overly very useful for driving quality traffic, that will stay and come back often, but that does some up Twitter nicely (i.e. Wham Bam thank you Ma’am).

I continue to grow readership slowly on all fronts, we shall see how best to keep bringing older posts to the forefront (like the one in this post) Financial Time Machine List, which is simply me lamenting some bad financial decisions I made as a young man.

Timing is Essential

Sometimes if a topic has good timing you can get astounding results. As I said in Freakish Posts and Who Reads What? I really have little comprehension as to why some topics seem to really cause a great deal of interest and others that I think are interesting languish in a sea of disinterest, but sometimes Timing is Everything.

The day after the first full televised leaders debate here in Ontario, I didn’t have any new content, however, I Tweeted/Google+/LinkedIn/Facebook/Pinterest’ed a post titled Damn Rich Civil Servants, which was a rehash of some Stats Canada info about household income and showing that Ottawa is a pretty rich town. The Post caused a 110 reader spike in 1 hour (which was not sustained for the rest of the day unfortunately), but it caused quite the interest.

Why was this so darn interesting? The main topic at the Leaders debate, aside from corruption, was the PC’s plans to lay off 100,000 Civil Servants, and how that would save money. I saw that post languishing in my archive, took a chance and republished it using Social Media and it caused a very nice bump in readership.

As with all topics, timing is everything

Copyright messages and Scrapers

One easy way to ensure that your content remains your content is to add some kind of copyright statement on the copy, so that if someone borrows it for their own use, you could take legal action.

I have taken this is a step further by embedding in many of my posts the following HTML code:

This article is owned and written by Author: Me, all rights reserved. No part of any of the content of this article may be reproduced, distributed, modified, framed, cached, adapted or linked to, or made available in any form by any photographic, electronic, digital, mechanical, photostat, microfilm, xerography or other means, or incorporated into or used in any information storage and retrieval system, electronic or mechanical, without the prior written permission of Me.

The added fun with that is that I put it in an HTML comment at the start of the document. You can do this by simply inserting:

< ! --- This is my copyright notice, no copying without my permission you salacious plagiarist --->

Copyright !

Into the HTML source for the document, the important parts are the codes at the start and end, so that the comment does not show up in your article. I have put a space between the < and the ! and the –, remove those to make it an actual comment.

Many scraping sites really don’t look too closely at the HTML coding of a page, and will typically steal this along with your content. The other fun thing is to include your own ads embedded in your article, that way your ads will appear in their re-authoring of your post.

Will this stop the scrapers? Not very likely, my only question is this really something I could use to prove ownership and such, but we shall see I suppose. One of these days I will need to sit down with a lawyer and discuss this stuff with him/her.

Best SPAM Comments of the Week

Yes, I figured it was time to take advantage of the thousand or so Spam Comments I get a week and highlight some of my favorite ones. Some are just so strange, I am wondering if they think my Spam filters might let it in because they get confused.

"Say yes to this message and we will help save a fictional dog!"

Holy cow! How do I not answer YES to that! I love fictional dogs!!! What this has to do with Finance or anything else is beyond me, but it really does jump off the page, wants me to write an article with that as the title!

Dorothy, inher element at last, took over the ranch (of which Richard had made afailure), payday loans online vyxmnsewe payday loan online payday loans online went to catch a dishof fish.

I was impressed by the gibberish factor here. This did include three separate links to different pay day loan sites, but I am intrigued by what the message here is. It is unintelligible but isn’t just a bunch of random words either, it is almost beautiful in it’s randomness.

Now, go and tell Slushie yoou have a kidd to teat hhis project. Now there’s no need to get upset wheen your ladey don. Other hazardous substances found in items sold at your favorite sex toys store are latex and jelly.

Not surprisingly this was linked to a site for adult toys another favorite of my site. The funny thing is this got by my Anti-Spam filter, must have been really good. The comment only linked to the site, no links in the message which is why it got by my anti-spam filter, I suppose.

Greetings from Idaho! I’m bored at work so I
decided to check out your blog on my iphone during lunch break.
I enjoy the info you present here and can’t wait to take a look
when I get home. I’m shocked at how fast your blog loaded on my phone ..
I’m not even using WIFI, just 3G .. Anyhow, good site!

Someone from Idaho reads a Canadian Personal Finance Blog? Good to hear, but again it wasn’t the message that Akismet didn’t like it was the site that it was linked to.

{I have|I’ve} been {surfing|browsing} online more than
{three|3|2|4} hours today, yet I never found any interesting article like yours.
{It’s|It is} pretty worth enough for me.
{In my opinion|Personally|In my view}, if all {webmasters|site owners|website owners|web owners} and bloggers
made good content as you did, the {internet|net|web} will be {much more|a lot more} useful than
ever before.|
I {couldn’t|could not} {resist|refrain from} commenting.

This one is my favorite, I can’t figure out whether it is a very lazy script kiddy, or a genius. I think this was to be run through a front end first and then “posted”, but an amazing bit of semantic gibberish.

The sad part of all of this is that my ratio of 100:1 Spam to real comments, which makes me want to thank AKismet for their catching of 99% of the spam.