Securing mail from your website to a mailbox

By default a wordpress installation uses a method of sending mail that does not use a mailbox to send the message and does not encrypt the message. Email cannot be confirmed to be end to end secure unless you know the receiving or sending person is using encryption and is set up correctly; you can encrypt mail in the places where you control email so that it is encrypted from the website to the mailbox. If it is your mailbox, and you know that your mail client is set up correctly with encryption, then you have end to end security. If the website is running over SSL and the address starts with https:// (98% of them are now), then a user entering information into a form is also encrypted. So the path from the users browser, through your contact form, from the website to your receiving mailbox is encrypted and cannot be intercepted as plain text.

How do I make the changes

Log into your website and go to Plugins.
Seatch for WP Mail SMTP, locate it and install it. Continue reading Securing mail from your website to a mailbox

Facebooktwittergoogle_plusredditpinterestlinkedintumblrmail

Do You Send Newsletters?

New recommendations for Newsletters

Some of you are using Mailpoet on your websites to generate newsletters. I have run into a lot of problems sending out my newsletter this month, I have had to send it three times. I checked through my logs and found that a very small number came out last month as well. I have been investigating what has happened.  The top two entries in the image below show there is a problem because rather than a 65%+  opening rate, there is a 4% opening rate.

Continue reading Do You Send Newsletters?

Facebooktwittergoogle_plusredditpinterestlinkedintumblrmail

New Guidance on Contact Forms

On many sites there are one of two contact forms used, one is called Form Manager (generally very old sites) and the other is called FS Contact Form. Neither of these form handlers are available now through the WordPress repository. Neither of them are supported any more by their authors. It is very much in your interests to replace them.

I am recommending the removal of the existing contact forms on all websites and replacement with Contact Form 7 and another plugin called Contact Form Redirection.

Both of these are supported contact forms and have current versions compatible with WordPress version 4.9.5.

By using these two plugins it will be possible to achieve the following:

  • Contact Form similar in appearance to your current form
  • Ability to upload an attachment
  • Supports Google Recaptcha version 2.00 (to reduce spam).
  • On screen message to sender to confirm message has been sent
  • Redirection to a Thank You page
  • Ability to format the message that is returned to your organisation
  • Send a copy of the submitted message to the author to confirm submission

It can probably do many more things, but these are a superset of what we are currently supporting on the most advanced sites.

The downside is Contact Form 7 is not that intuitive to use if you are a novice user compared to the former versions. However it is one of the most popular plugins for managing user forms.

Contact me if you need some help. 

Facebooktwittergoogle_plusredditpinterestlinkedintumblrmail

Google Recaptcha v1 Withdrawn

YOU ONLY NEED TO TAKE ACTION IF YOU CHECK YOUR SITE AND SEE A MESSAGE LIKE THE ONE ABOVE. IF YOU DON’T SEE THE MESSAGE YOU ARE UNAFFECTED.

It seems that Google have withdrawn Google Recaptcha Version 1 function that is used on some contact forms wef 31/03/2018. Please check your contact form now and see if this has happened to you. It was withdrawn yesterday. If you have this problem on your site nobody can send you a message so it is important to resolve it quickly.

Self Help

This is what you need to do:

Login to the site go to Forms in the sidebar menu and select it.

This for most people will show a single form or multiple forms. Select a form and open it in the editor and check to see if the bottom most item says New reCAPTCHA.

If you have that on your form, delete it. Then save the form.

Check ALL of the forms on your site if you have more than one. Save each one.

On completion go into your site as a user would, and locate each form and send a message to confirm it is working. Check the form still makes sense as well.

This has removed the Spam Protection mechanism used in this form. So your spam count may go up as a result of making this change.  However your visitors can still send you a message.

This particular form plugin is no longer supported by the author, so we should probably find an alternative form. Check back on this site later for a solution that uses the new or an alternative Google ReCaptcha function.

If you immediately start getting hit by an increase of Spam let me know please.

Facebooktwittergoogle_plusredditpinterestlinkedintumblrmail

GADWP and why it is important

GADWP panel in the WordPress Dashboard
GADWP panel in the WordPress Dashboard

Over the past two weeks I have been working my way around all websites, I still have a few to go, but for most of them I have installed a brilliant plugin called GADWP. It is tied to my Google Analytics Account and allows you to see how many visitors you get over various periods, what they are looking at, and lot of other useful information.

When you login you will see it on your dashboard. There are many different views available. You can select them from the two drop down selection panels in the top left of the panel.

Why is this important?

Continue reading GADWP and why it is important

Facebooktwittergoogle_plusredditpinterestlinkedintumblrmail

Handling Spreadsheets in a website

(Introducing TablePress)

I am sure most of you are familiar with tables of data in WordPress sites and how to create one and populate it. I have recently been developing a Community Transport website which is nearing completion.  I have done one before, but this was some time ago.

One of the issues with publishing timetables is that the it can be done by simply publishing an image of the timetable. In most cases a JPG or PNG would do the job. It looks ok to people visiting the site, and if we also make a PDF version available as well so someone can download and print a high resolution version, it ticks all of the boxes.  Well not quite.

A computer cannot read an image

Continue reading Handling Spreadsheets in a website

Facebooktwittergoogle_plusredditpinterestlinkedintumblrmail

More on Fast Secure Contact Form

Many of the newer sites use Fast Secure Contact form. This plugin was withdrawn last weekend following the discovery that someone who had acquired it had attempted to manipulate it to show adverts for payday loans and other things. In this case it never got to the stage where it showed adverts, and everyone that has come back to me has confirmed their site has been upgraded to remove the advertising (or spamvertising as it seems to be called) code.

This is a great shame because the original plugin by Mike Challis worked really well and had a few side benefits from the earlier form manager I used about 6 years ago.

Continue reading More on Fast Secure Contact Form

Facebooktwittergoogle_plusredditpinterestlinkedintumblrmail

MailPoet 3

I flagged up that MailPoet 2 was being superseded by MailPoet 3 and it was a complete rewrite. There seems to be something going on with MailPoet 2 that is causing problems on some sites generating lots of requests to a housekeeping function called CRON which is a background process running on the server. I have looked at several sites and they were all the same. Mailpoet creates too many requests for attention, which causes the server to no longer respond to requests.

It appears that some time during one of the later releases of MailPoet 2 this problem has been created, perhaps it is something to do with advising people version 3 is available.  The symptoms are that some housekeeping functions will fail to run, notably the backup, but there are no doubt other things as well.

Am I affected?

Continue reading MailPoet 3

Facebooktwittergoogle_plusredditpinterestlinkedintumblrmail

Fast Secure Contact Form

Some of the websites I have built use a plugin called Fast Secure Contact Form. It was a very popular form handler highly regarded by users written by Mike Challis.  The plugin was sold to a third party in June of this year and the new owner attempted to manipulate the code in the plugin to set up adverts.

Please check ASAP whether the version that is currently in use on your website is version 4.0.56. You can do that by logging in, and going to the Plugins page and look down the list. You will see an entry similar to the one below which includes the version number.

If you have version 4.0.56 you are OK! Don’t panic. 

If your site is at an earlier version contact me immediately and I will sort out updating it. 

(update: 6:00am 27/9/17 Nobody has reported a problem so far, all sites have upgraded automatically. That was to be expected. If you cannot find Fast Secure Contact form another method is used for forms on your website. Probably Form Manager. You are not affected by this notice.)

Why is this important?

Continue reading Fast Secure Contact Form

Facebooktwittergoogle_plusredditpinterestlinkedintumblrmail

Facebook Feed

I have recently been around all of the websites and backed up everything locally on my systems. I do this generally every three months and also check the site infrastructure to make sure everything is up to date.

I can see some people prefer to use Facebook for news rather than the news page on the website. This is understandable for two reasons. Your audience if it is under 35yrs is more likely to be active in Social Media than the group that is above 35yrs. In practice it is a good idea to add news to the site and to add entries to your facebook group page linking them back to the website by copying the link to the news item on your site to Facebook.  Here you fix two problems. One is the duplication of news, you don’t want to write everything twice. The other is catering for two audiences.

Continue reading Facebook Feed

Facebooktwittergoogle_plusredditpinterestlinkedintumblrmail