Archives for April 2013

Post Navigation for Use with Types & Views and URL Parameters

This code is an example of post navigation for use specifically with Types & Views. The post navigation works well in tandem with View’s parametric search forms, and can output next/previous post links based on URL parameters that indicate custom taxonomies and fields.… Read More »

Join Mm at the PROPEL Business Growth Program: Entrepreneur Showcase


The event is at Runway Style House in the Cathedral Building ~ seen here from our office window.

For the past few months, MIGHTYminnow’s Kristin Long has been participating in Alliance for Community Development‘s PROPEL Program, which seeks to give Entrepreneurs and Business owners the necessary tools to manage and grow their business. At the Showcase, you will hear the goals of all the entrepreneurs with artisan products and professional services for consumers and other businesses. That includes Kristin! Come out Tuesday April 30th and support the local community, listen to some great companies, and enjoy local food and wine, including Urban Legend Cellars – our FAVORITE!

Minnows at MAX!


In just over a week, the entire MIGHTYminnow crew will be packing up and flying to LA from May 5th to the 8th. We will be attending Adobe MAX and learning about all the upcoming features in the software we use to build your websites. Kristin will even be speaking at the conference! Because we will be learning so much, we will not have much time to work, so let us know if you have any projects you need us to get done around this time so we can fit this into our schedule.

WordPress sites under attack. Please read.

There is a very bad and very brutal attack happening right now to WordPress based websites. Please read about this here:

This is a very serious issue and it requires taking action to safeguard your WordPress sites. We highly recommend you take the steps below. Please consider ALL of the websites you have – some of you may have one WordPress site, and some may have many. These steps should be taken for all sites.
1 – Install and activate the “Limit Login Attempts” plugin. This will keep malicious bots from trying repeatedly to access your site by trying password after password.
  • Go to your dashboard
  • Go to plugins > add new > search for “limit login attempts”
  • install and activate this plugin
  • Go to settings > limit login attempts
  • Check the settings. Either leave the defaults or change as desired.
2 – Make sure your WordPress username is not “admin”. To do this, log in to your dashboard, go to users, and look through the usernames for the default username “admin”. If it is, this will need to be changed.
To change the username:
  • Go to your dashboard
  • Go to plugins > add new > search for “admin username changer”
  • Install and activate this plugin
  • Go to the left hand navigation of the dashboard. Toward the top, it should say “Admin username”. If you click on that, you can change the admin username to something other than “admin”.
  • Once you have changed the username, you can go back to plugins and deactivate this plugin as it is no longer needed. Please note you will use your new username in place of “admin” to log in.
3 – Make sure your passwords are STRONG, and change any weak WordPress passwords. Please do this for ALL of the users that contribute to your site.
  • Make the password at least eight characters long.
    A longer password means it’s harder for someone to guess. 12 or 16 characters is even better.
  • Use a mix of upper and lower-case letters.
    Passwords are case-sensitive, so alternate your caps occasionally throughout the password to increase its strength.
  • Throw in some numbers—especially in the middle.
    Numbers at the beginning or end of a password are easier to guess or crack than those stuck right in the middle.
3 – Consider signing up for Vaultpress
You can use to safegaurd your site and allow you to restore your site easily if something happens to it. Adding it is pretty straightforward and their help is pretty helpful though there are sometimes delays. This is not free. There is a fee per site, per month. We believe this is worth the expense as rebuilding your site will be more costly and painful than setting this up and paying for it. If there are things in the setup you do not know the answers to, like your FTP username and password, contact your hosting company. Vaultpress requires that you have a username and password – this is different than your dashboard username and password – and you may need to set up a fresh account. That username and password will be important, so be sure to keep track of it.
4 – If you don’t set up VaultPress, at least back up your database (if you don’t already know this is happening). This is not as good as using a service like Vaultpress that backs up your whole site. This method just backs up the *content* and the settings, not the images and the look of the site.
  • Go to your dashboard
  • Go to plugins > add new > search for “wp-db-backup”
  • Install and activate this plugin
  • Go to tools > backup
  • Check all of the tables in the database and download a copy of the database to your hard drive so your site backs up now
  • Then, under “Scheduled Backup”, set the site up to email you a copy of your database at a set interval (depending on the frequency with which you change the content).

NOTE: The scheduled backups don’t work on all hosting and don’t work if your site is too huge, so after backing up to your hard drive and setting the schedule, you will want set a note in your calendar to see if the scheduled backups come in. If they do not, log back in periodically and download a backup of your own.

There is another plugin referenced in the article noted above called “Better WP Security” that requires more advanced setup. If you feel comfortable to install and configure it, you can, but it allows you to change very technical settings that could easily break your site. Do this with caution.