Disable Browser Window Resize

It’s hard to know what to call this post but if you have a modern laptop, you know the problem. Seemingly for no reason, your browser window resizes itself, making the text so small that can’t read it or so large it looks like a first grade reader. Here’s how to stop that, once and for all.

1. You may not know it but there is a bit of software that controls your trackpad. In our case that software is put out by Synaptic. On the lower right corner of your taskbar there should be an icon that looks something like this:

Photo of Touchpad Icon
The icon may not look exactly like this but we’re quite sure you have one on your laptop.

2. If you can’t find it, you’ll have to look in your Control Panel. Once CP is open, look for Hardware and Sound then either Touchpad/Mouse or Device Manager. Find your pad there, right click it and choose Properties.

3. In the Properties window, look for Pinch Zoom. Depending on who made your laptop, the actual wording may vary. Here’s what you might be looking at:

Photo of Disable Pinch Zoom
Disable Pinch Zoom. That’s what you’re looking for, depending on which company made your laptop.

4. Basically, you want to disable zoom, no matter what it’s called on your laptop. Once you do that, click OK and/or Apply and the window will close. No more of that annoying resizing!

Let us know if you have a problem with this or anything else to do with computers, tech, software, Facebook, WeChat…you get the idea.

Comments and questions are welcome but  Likes on our Facebook page get immediate attention.  Here’s the link: Computers Made Simple on Facebook . Thanks for reading!

Lock Down WordPress – Part Two

Our last post was about WordPress usernames vs. names that are publicly displayed in various places on your site. Whatever you do, don’t reveal your username and, more importantly, don’t leave the username set to ‘admin’.

Today, we’re moving on to two plugins that really lock down your WordPress site. One, Wordfence, is something we’ve written about before. Check that out here:

Wordfence

Wordfence aims to lock out intruders, anyone who uses the wrong username and/or password. It can also lock  you out of your own site but that is easily corrected. This photo will give you an idea of how often WordFence steps into action on this site:

Photo of Wordfence report.
This photo shows the attempts to break into this site. Most are from Russia, is that a surprise to anyone?

This list of countries is not complete, Israel should be on the list but isn’t. We were surprised that hackers from Israel would be attacking this site but anything is possible, right?

The various options that Wordfence offers are too complex and detailed to explain here. Check out their site, read about the premium option (we don’t think it’s worth it) and install it from your WordPress dashboard. You’ll be glad you did.

The second plugin that we use on this site is Google Authenticator.  Again, this is a free plugin, one that locks your WordPress site down if the correct code isn’t entered. Install it on your WordPress site from your dashboard then install the app on your mobile device, it’s available for Android, iPhone and Blackberry. Once the plugin is activated, you’ll see a code like this on your phone:

Photo of Google Authenticator code
Enter the code within the time limit and you’re in.

There is a time limit on the app, not on your website. It the clock is close to the top, let it go past 12 and enter the new code.

With these two plugins, you can pretty much relax in the knowledge that your WordPress site is secure and safe from hacking. Good luck!

Comments and questions are welcome but  Likes on our Facebook page get immediate attention.  Here’s the link: Computers Made Simple on Facebook . Thanks for reading!

 

Lock Down WordPress – Part One

Believe it or not, this site averages 650 hacking attempts every day. There are so many attempts to get into it that we’ve stopped the email notices from the main plugin that we use to keep hackers out. Computers Made Simple is reasonably popular but it’s not remotely near the top of the list. Despite that, we get hundreds of hacking attempts every day. Here are some tips on how you can protect your WordPress site, big or small. Even if your site is brand new, hackers are trying to get into it.

We’ve written before about keeping your WordPress username separate from your posting name. Here is a link to that post: Username/Posting Name Should be Different 

While the two steps mentioned in our previous post are good, we’ve discovered a way that hackers can see your username, even if you have it set to something different than your posting name.

TIP: If you run a site with several contributors, make sure they read this post.

WordPress now allows you to have your author’s name displayed publicly as something different than your username. The importance of this can’t be ignored. If a hacker is able to discover your username, they are 50% of the way into getting access to your site. Don’t let them! If they don’t know your username, even if they somehow divine your password, they won’t be able to get into your WordPress installation.

Head to Users then edit your admin account, the one that has admin privileges, in other words. Hopefully you’re not still using admin as your username, right? If you are, it’s even more important to change it now.

Look for this section on the editing page:

Photo of WordPress page
Make your first name that does not resemble your username. Your nickname could be anything, or blank. Display name will be your first name.

 

The important thing here is to make sure your username is:

1. Not Admin

2. Not in the ‘Display name publicly as’ space.

Nickname is not required, so don’t worry about it. If your username is still admin, change it using these instructions:

Protect Your WordPress Site

At this point you’ve prevented hackers from discovering your username. As long as it’s not ‘admin’, they won’t be able to get in, even if they know the password.

In our next post we’ll detail another way to lock down your WordPress site.

Comments and questions are welcome but  Likes on our Facebook page get immediate attention.  Here’s the link: Computers Made Simple on Facebook . Thanks for reading!

 

 

FatCow Rating -D – Part Two

In our last post we described how FatCow hosting had shut down our sites because of a false positive on an automated malware scan. That false positive involved a perfectly safe file that is found in every WordPress installation.

Today’s post has to do with FatCow suspending our forum’s email account…without telling us that they had done so. Some of this involved fairly technical details so we’ll just give you the basics. This is, after all, Computers Made Simple.

Our forum, GTWorld.ca , has been around for almost two years. It’s a small forum, perhaps 500 members, and we only use email to notify members of their successful registration, forgotten passwords, etc. We have never done mass emailing and we do not publish a newsletter. That’s important in this saga.

The forum uses the phpBB platform. It’s not necessary to know that but if you’ve been having problems with a similar platform, we’d suggest you read farther to see what the problem might be. phpBB is a self-contained package that uses the PHP scripting language. It sounds more complicated than it is but, once you get the hang of it, it’s reasonable simple to use.

We’d noticed recently that we weren’t hearing back from prospective members when we reminded them by email that they’d been approved. We’d also head that some members who’d forgotten their passwords were not being prompted by email. We weren’t sure what the problem was but we set out to fix things up.

For the next week or so, we basically took apart our phpBB installation, piece by piece, to see if we could track down what was happening. We also enlisted the help of FatCow’s support department. After days of trying, they couldn’t find the problem either. Finally, frustrated and tired, we posted questions about the situation on the phpBB support forum.

It didn’t take long before one of the experts there figured out that FatCow themselves were preventing our emails from going through. At first, we couldn’t believe that this could happen. Our own hosting company suspending our site’s emails without even telling us? No way. Turns out, that was exactly what they were doing.

Somehow, most likely through an automated scanning program, our very tiny amount of email had triggered yet another false positive, this time for spam. Once we had an inkling of what the problem might be, we asked the FatCow support staff that had been helping us. Here’s our query:

Is FatCow marking these emails as SPAM? Is that why they do not go through? The board has no spam, the emails we are trying to send are activation emails, notices from admin, etc. Is FatCow blocking them?

FatCow responded:

We sincerely apologize for the inconvenience caused. I have tested the functionality and verified the logs. The emails sent are dropped as spam by our spam scanner. So, I will be handing this ticket over to one of our System Administrator to reset the spam score and fix the issue. I have also handed over all my findings to that specialist. You should be hearing from them within 12 – 24 hours.

What followed were several very heated messages that we won’t share here. Here’s one of our final messages to FatCow:

I will be polite and say thank you but I solved this problem myself, right? I discovered that FatCow had marked my totally safe emails as spam. Support tried to help but it was FatCow themselves who caused the problem.

FatCow responded:

Your email content were flushed by our spam scanner considering it as spam. The email might be flushed due to low reputation or email content might have including some links/spammish pattern. Yes, you have provided the information which helped us to resolve the issue.

 

Spammish? That’s a new word, isn’t it? At least they admitted that we had solved the problem ourselves. Apology? None received yet. Admitting the FatCow was at fault? Nope, nothing remotely resembling an apology has ever come my way in either instance. FatCow still maintains that the site was at fault, not their scanners.

Since our forum has only one administrator, we know full well that there was never any spam emanating from it. The only time we encountered spam, and that was less than five times, were emails sent from the main page of the site using the ‘Contact Us’ link that is standard on every installation of phpBB’s forum software. Those emails went directly to the gmail account of the administrator, nowhere else. We’ve removed that link from the main page of the site. The spam emails, by the way, were not sent by members but by strangers who happened upon the forum.

FatCow hosting is a good deal, we can’t ignore that, but if you want a responsible hosting company, one that understands your needs and offers you smart, intelligent support, look elsewhere. Once we find a reputable hosting company, we’ll post a link to their site.

Comments and questions are welcome but  Likes on our Facebook page get immediate attention.  Here’s the link: Computers Made Simple on Facebook . Thanks for reading!

FatCow Rating – D-

We’ve been with FatCow hosting for quite a while. Up to this year, they’ve been an inexpensive, reliable company. Two incidents in the last six months changed all that. They’ve lost our support. Here’s why.

WordPress Sites Shut Down  Because of a False Positive on a Default WordPress File

Every WordPress installation includes many default files, we’re talking thousands of little bits and pieces that make WordPress what it is, a reliable platform for bloggers.

Back in May, FatCow’s  scanners decided that the standard WordPress file, moxieplayer.swf, was malware. Here’s the email we received:

 

Hello,

A routine scan of your account has found the following malicious or infected files:

wp-includes/js/tinymce/plugins/media/moxieplayer.swf

As a result, we have suspended your website, to avoid problems for website visitors or other customers. Please remove the malicious code, through FTP or the File Manager. I would recommend deleting and republishing your entire website from a clean copy; this should then erase any other code which may have

been injected into your pages to allow back-door access by unauthorized people.

You should immediately change your password through the control panel for the account, and most importantly, you need to make sure any application in your account are completely up-to-date as far as versions, security patches, etc. are concerned. This applies not just to the core application, but also plugins,

themes, modules, etc. If this is not done, your account will remain vulnerable to future attacks of this kind.

In order to secure your web application,you can use SiteLock Fix product which scans your website daily and removes any infected files. To learn more about SiteLock, please go to: (url removed) /product/sitelock

Sounds serious, right? FatCow did more than warn us, they suspended our websites. That means that FatCow removed access to them, no one could view any of our eleven websites.

In this situation, we had to go through every installation, find the suspicious file and delete it. We’re quite surprised that our WordPress installations still worked after they were put back online.

Once the sites we up again, we began to do some detective work. That file, moxieplayer.swf, is a standard WordPress file. It comes with every WordPress installation. When we notified FatCow of that, here’s what they said:

Comment:
It is possible that a few lines of malicious code was found within the file as opposed to our scanner considering that the file as a whole was malicious. I’m going to try to have this looked into a little further, but with the files already gone we might be limited in what we can research. I’ll get back to you if I find out more information.

Guess what? FatCow never bothered to get back to us. You will note that in the first message, FatCow was pushing Sitelock, an extra-cost feature that they recommended. Fatcow flagged a perfectly safe WordPress file then tried to sell a premium product using scare tactics.

FatCow never admitted their mistake. Every other company that we’ve dealt with over the last twenty years has taken the blame for their own errors. Not FatCow. Despite having our sites shut down for absolutely no reason whatsoever, FatCow never offered compensation either. In their ads and on their site, FatCow pretends to be wholesome, efficient and friendly. Trust us, they’re not.

Stay tuned for Part Two of our rating on FatCow Web Hosting. Once we find a reputable hosting company, we’ll come back a post a link to their site.

Comments and questions are welcome but  Likes on our Facebook page get immediate attention.  Here’s the link: Computers Made Simple on Facebook . Thanks for reading!

a little bit of hi-tech, a little bit of common sense and a lot of fun