WordPress Security

WordPress SECURITY from Sucuri

sucuri-website-logo

https://sucuri.net/guides/wordpress-security

Keep WordPress, themes and plugins updated.

When a new update is available, you’ll be notified in the Dashboard > Updatesmenu.

You should always apply updates as soon as possible. Logging into your site on a frequent basis will ensure that you’re aware of updates as they are released. If you cannot update your site for any reason, consider using a website firewall to virtually patch the problem and minimize the risk.

Plugin Security

You can assess the security of WordPress plugins and themes by reviewing a couple of important indicators:

  • Does the plugin or theme have a large install base?
  • Are there a lot of user reviews, and is the average rating high?
  • Are the developers actively supporting their plugin and pushing frequent updates or security patches?
  • Does the vendor list terms of service or a privacy policy?
  • Does the vendor include a physical contact address in the ToS or from a contact page?

Carefully read the Terms of Service – it may include unwanted extras that the authors didn’t advertise on their homepage. If the plugin or theme doesn’t meet any of these requirements or has recently changed owners before the latest update, you may want to look for a more secure solution.

See more at: https://sucuri.net/guides/wordpress-security

WordPress User Roles

User roles determine the access level or permissions of a person authorized (invited by an Administrator) to use a WordPress.com site.

Summary

  • Administrator – nothing is off limits* (see note below)
  • Editor – has access to all posts, pages, comments, categories, tags, and links.
  • Author – can write, upload photos to, edit, and publish their own posts.
  • Contributor – has no publishing or uploading capability, but can write and edit their own posts until they are published
  • Follower (public sites) / Viewer (private sites only) – can read and comment on posts and pages

Each user role is capable of everything that a less powerful role is capable of. (In others words, Editors can do everything Authors can do, Authors can do everything Contributors can do, and so on.)

All of your site’s user roles can see the stats: Administrators, Editors, Authors, and Contributors.

When you install WooCommerce on the WordPress.com Business plan, two additional user roles are created: Customer and Shop Manager. Information about these can be found in the WooCommerce documentation.

Administrator

An Administrator has full power over the site and can do everything related to site administration*. Administrators can create more Administrators, invite new users,  remove users, and change user roles. They have complete control over posts, pages, uploaded files, comments, settings, themes, imports, exports, other users – the whole shebang.

Nothing related to site-administration is off-limits for Administrators, including deleting the entire site. This is why we recommend having only one administrator per blog.

*Note: Administrators are not able to transfer site ownership if they do not own the site. Administrators are not able to revise or manage paid upgrades that are owned by a different user on the site.

Editor

An Editor can create, edit, publish, and delete any post or page (not just their own), as well as moderate comments and manage categories, tags, and links.

Author

An Author can create, edit, publish, and delete only their own posts, as well as upload files and images. Authors do not have access to create, modify, or delete pages, nor can they modify posts by other users. Authors can edit comments made on their posts.

Contributor

A Contributor can create and edit only their own posts, but cannot publish them. When one of their posts is ready to be published, or has been revised, the Administrator needs to be notified personally by the Contributor to review it. Furthermore, once a Contributor’s post is approved and published by an Administrator, it can no longer be edited by the Contributor.

Contributors do not have the ability to upload files or images, but they can see your site’s stats.

Follower

Followers do not have any editing privileges on your site whatsoever; they are simply people who have signed up to receive updates each time you publish a new post. The only thing they can do on your site is leave comments (if you have them enabled), though they do not have to be a Follower to do so.

If your blog is public, anyone can follow it, but you can also send out invitations to specific people you’d like to share your blog with.

If your blog is private, nobody will be able to follow it unless you specifically invite them, at which point they become a Viewer.

Viewer

Viewers are users who can only view private sites. Like Followers, Viewers do not have any editing privileges. All they can do is simply read the private site they were invited to and leave comments on it (again, only if you’ve enabled them).

Note: If someone is a Follower of your public site, and then you set that site to private, they do not automatically become a Viewer. Viewers must always be specifically invited. Viewers must also sign up to follow a private site if they would like to receive updates each time you publish a new post.

Adding Users to Your Site

If you’re an Administrator and you’d like to make someone a Contributor, Author, or Editor on your site, please follow the directions on adding users.

Important: Be mindful of the roles that you give users on your blog. For example, if you add a user as an Editor and then they delete all the posts on your blog, they have not “hacked” your site or done anything they were not permitted to do. For this reason, we recommend only adding users whom you trust to your site.

To see more on how to add or remove users, see on WordPress.com at: https://en.support.wordpress.com/user-roles/

SOURCE: https://en.support.wordpress.com/user-roles/

USS Pocono

USS Pocono (AGC-16) was an Adirondack class amphibious force command ship named after a range of mountains in Eastern Pennsylvania.

USS_Pocono_(LCC-16)_c1969

USS Pocono (AGC-16) was an Adirondack class amphibious force command ship named after a range of mountains in Eastern Pennsylvania. She was designed as an amphibious force flagship, a floating command post with advanced communications equipment and extensive combat information spaces to be used by the amphibious forces commander and landing force commander during large-scale operations.

An amphibious force flagship, the Pocono’s keel was laid 30 November 1944 and launched 25 January 1945 by the North Carolina Shipbuilding Company, Wilmington, N. C., sponsored by Miss Mary V. Carmines of Messick, acquired by the Navy 15 February 1945; towed to Boston for fitting out; and commissioned 29 December 1945, Captain H. A. Sailor in command.
Pocono was recommissioned on 18 August 1951 to serve as flagship for Commander, Amphibious Force, Atlantic Fleet. She operated in this capacity in the Caribbean and off the East Coast of the U.S. until 1956.

On 31 October 1956, during the Suez Crisis, the Commander-in-Chief, Naval Forces, Eastern Atlantic and Mediterranean, embarked in Pocono, and remained on board until 13 December.

From late 1965 through early 1968 Pocono participated in further operations in the Caribbean and off the east coast of the U.S., returning to Norfolk on 24 February 1968.

Decommissioned on 16 September 1971, she was stricken from the Naval Vessel Register on 1 December 1976. Pocono was sold for non-transportation use 3 December 1981 to Union Minerals & Alloys of New York, NY and scrapped.