Web Dev Tool for Firefox
Web devleoper tool bar for Firefox
- Disable different actions like JavaScript, refreshes, page colors, CSS, and more
- Work with cookies right from the bar, like deleting them, turning them on and off, even adding them
- Play with CSS, forms, and images on the page
- Get all kinds of information about the page as you're viewing it
- Outline specific elements (like tables, headings, links, and frames)
- Validate HTML, CSS, accessibility
- Even change the viewport size to approximate different resolutions
- And so much more
- Every developer should use the Web Developer Toolbar
Scraped from Source Here
Get Validated
Designers listen up, code isnt perfect thats why its poetry, getting your site validated might save you a long night of Redbull and Mountain Dew hyrbrid cocktails. Its always wise to make sure your site isnt a sloppy alphabet soup mess, and there are several sites that can preform the validation process for you at no cost what so ever, the only price of admission is realizing you might have to work longer hours on cleaning up some of the chicken scratch you have add to your site.
Now it generally takes a pretty good coder to clean out the garage of junk code, and I myself wear as many as 6 hats all at once, so I'm constantly covered in post it notes reminding me to validate every so often to make sure your code is clean enough that search engines don't treat your site like the red headed step child. I've used http://jigsaw.w3.org/css-validator/ tons of times and its helped out a great deal. Make sure you get that parking ticket validated compadres.
Get Refurbed
For those of you apple enthusiasts, apple has quickly dominated the market and for good reason, they make amazing products. No one can deny that Apple products are sleeker and sexier, and many products are trying to emulate what Apple has done and for good reason. Laptops are quickly starting to look and feel like macs and proof of that is even in Windows Vista with use of widgets as well as Windows 7 which incorporates some of the same navigation that OSX did for mac. Now I'm no sales rep for Apple by far, but I do love their products.
That being sad, macs are not cheap by any means and should be considered an investment. In my experience, they have always been extremely stable and less likely for you to catapult your machine into a active volcano. If you have always wanted to be in the market for a Mac but just thought Apple products to be too pricey, Apples website has a refurbished area where you can shop for refurbished products. Generally shaving off a considerable amount off the original price tag, its definitely worth your while to keep a close look at the site.
Apple has an impeccable reputation for refurbished products and you can consider any product you get, to be in assembly line condition once you receive it. I've purchased both a Desktop G5 and Macbook Pro which came in immaculate condition, undistinguished from a new one if not for the box they came in, which indicate refurbished on the box. If you've always been curious but not in the market for a Mac, you can keep your eyeball pasted to there site here for new additions to there warehouse of goods and special deals.
Back to Black
Its been over a year now since I have started using WordPress as a web design instrument and since then I have made several changes to the theme I initially downloaded to get started. Read moreBlacklisted
If you are a WordPress developer, designer, or blogger, new or old, one area of concern is that wordpress has many loop holes for spam bots and hackers to get a hold of personal data. Recently while developing another site I encountered such an issue. Security is one area that should not be over looked when starting or managing your wordpress site. Plugins are a major component to wordpress, with hundreds available at no cost, you can easily download hundreds of plugins without any real knowledge of the developer or the possible loop holes or back doors to those plugins that can potentially allow hackers to access your data. Plugin Developers can have the best of intentions when creating apps that can maximize the functionality of your web site but also not every developer has the time, or has been paid, to fool proof those plugins. Leaving weaknesses in the structure and creating a soft spot in the shell of you're website.
One problem I detected was an unwelcome Iframe on the site I was working on. It was hidden within the index file in the root folder of the site, but thankfully it was detectable using the firefox web developer plugin for the firefox browser. Again I say it was detectable, but I had no idea where it was within the theme I used for this site. The iframe itself was 1 pixel in height and 4 pixels in width, located at the top left corner of the browser. The developer tool merely pointed it out, but did not let me know where the foreign script was hidden. From my research online, thankfully I found some helpful tools that can actually help detect where hidden iframes are hidden within your site.
NoVirusThanks
No Virus thanks is one option you have for locating hidden iframes that house potentially malicious scripts. The name isn't the most attractive as is it may just scare you away but its safe and extremely helpful. You will be provided with a search box where you input the site name and or file and it will search the site for hidden iframes, bare in mind you can also search for malicious code page by page. For example if you have a particuar page that you would like to search inside a theme folder you can input the address to that file as well. Every file or folder can be scanned by inserting address into the search field. By the way thanks to sites like NoVirusThanks & Unmask Parasites for providing tools like this.UnmaskParasites
Another option that provides the same assistance is Unmask Parasites. I made these two sites available for designers or developers less fortunate to have found a solution early on in there troubles, but also to create awareness, and hopefully derail unlawful entry into your site or database.Getting Blacklisted
Now this is only part of the problem, when you encounter hidden scripts or code that is malicious in nature you will have a second issue to address. This is where getting blacklisted comes into play. This term refers to searching engines basically putting you on a blacklist and sighting your web site as a malicious site with faulty code or harmful coding. This may possibly lead to a MalWare warning when visiting your site. This is one of the warning signs I noticed when dealing with this code. The more research I did, the more aware I became of how large the issue is. WordPress is one of the most widely used blogging apps for websites, and its security weaknesses have been exploited because of its popularity.
The strongest advice I have to offer is to update whenever possible, and updating wordpress has become impressively easier. WordPress now handles updates internally with little effort, so there is no excuse for not being up to date with the latest version. These updates address security patches and have aggressively tackled weaknesses in the framework, but its not perfect and certainly not hack proof. Here are some helpful plugins for your blog, that can help you sleep at night after reading this. If your are lucky enough to find where the invasion is coming from, that should help you get off the endangered species list, once the scripts are removed from your site search engines will remove you from the blacklist and you will be able to regain any lost ground. Hopes this helps, Happy Hunting!
1. WordPress Database Backup
URL: http://www.ilfilosofo.com/blog/wp-db-backup/.Description: This plugin does exactly what it says, it backs up your entire WP installation. This has got to be one of the first plugins you install upon first installation. You can back it up to your hard drive, on a server or even to a specified email address. Whether it be a rogue plugin or a hacker (or yourself) that crashes WP, WP Database Backup will reinstate everything as it should be. I like to think of it as my “WP system restore“.
2. Semisecure Login
URL: http://jamesmallen.net/2007/09/16/semisecure-login/.Description: Semisecure increases the security of your WP Login, it uses client-side MD5 encryption on the password. JavaScript is required to enable encryption. When JavaScript is not available, the password is transmitted in plaintext (as normal), but authentication still completes in this case.
3. AskApache Password Protect
URL: http://www.askapache.com/wordpress/htaccess-password-protect.html.Description: This will secure your WP Admin with a very powerful htaccess password protection, preventing all unwanted bots from entering your site.
4. Force SSL
URL: http://almosteffortless.com/wordpress/force-ssl/.Description: For those will an SSL certificate, the Force SSL plugin for WordPress forces for an HTTPS connection for security purposes. This is useful for those who with to enforce a higher level of security regarding the delivery of WordPress content to the browser.
5. WP Security Scan
URL: http://wordpress.org/extend/plugins/wp-security-scan/.Description: I love this plugin, it scans your site for security issues and checks passwords, file permissions, database security, WP version hiding and WordPress admin protection/security. It also makes me a little paranoid.
6. Secure Files
URL: http://wordpress.org/extend/plugins/secure-files/#post-271.Description: This plugin allows you to upload and download files from outside of your web document root for security purposes. When used in conjunction with a plugin that requires a user to be logged in to see your site, you can restrict file downloads to users that are logged in.
7. WP-SpamFree
URL: http://www.hybrid6.com/webgeek/plugins/wp-spamfree.Description: I had heard a lot about this plugin before I tried it, it said it is better than Akismet. To be honest I never noticed much difference (I get 500+ spam a day at the moment) between the two. User choice I suppose. I wish there was a way to stop the spammers instead.
8. BackUpWordPress
URL: http://wordpress.designpraxis.at/plugins/backupwordpress/.Description: Almost identical as the first plugin, just not as straight forward. The list of features goes on and on, this is for the WP Pro. Some features: Database backup including uploaded files, plugins, etc.; EMail notofication on new backups; Trigger backup manually; Set schedules for your backups; restore backups; Staggered SQL import; Automatically continue unfinished backups in background; Language Support. (And thats just the Easy Mode, wait until you see the advanced).
9. Anonymous WordPress Plugin Updates
URL: http://f00f.de/blog/2007/10/02/plugin-anonymous-wordpress-plugin-updates.html.Description: Anonymizes the plugin update checking system which is a new feature in WordPress 2.3. The plugin prevents WordPress from transmitting a list of active plugins, the blog url and WordPress version. Ideal for privacy-aware administrators of WordPress installation.
10. Replace WP-Version
URL: http://wordpress.org/extend/plugins/replace-wp-version/#post-2859.Description: (We have all read about the security issue of showing your WP version, this resolves it). If you’re running an older version of WordPress, anyone can view source to see what attacks might work against your blog. This plugin replace the WP-version with a random string < WP 2.4 and eliminate WP-version > WP 2.4
These are only Ten great plugins to look into when trying to secure your site, thanks to Specky Boy for compiling this list. You can also search wordpress plugins for more security options, and always keep in mind that you should cross reference all plugins to be added to your blog.
