Just a note to let you know that we will be closed for the holidays from Wednesday 20th December until Sunday, 6th of January 2013. New Year, babee!

Free free to chat amongst yourselves until next year, okay?

And, if you haven’t noticed yet, there’s a KILLER special on The Big Deal running for the holidays. 50% OFF! Go gettit!

*froggy foot-wave*

Well, we do too. And thanks to a creative handful of suggestions from users, we’ve be able to add some awesome ideas! These changes are just too legendary to hide under a pond-lily! The best part is that all the simplicity of the original WP Live Stream is still there.

Let’s take a look. We’ve included old and new features in the list below:

• Twitter Notification – Connect your Twitter account to WP Live Stream and send a tweet out with a link to your live stream when you start live blogging.
• Clear & Archive – Clear your database of previous tweets or archive them.
• Widgetized - Place your Live Stream anywhere on your blog that is widget-ready.
• Shortcodes - Configure WP Live Stream on a dedicated page on your website.
• Customize - Choose font colours, widths, background colours, update colours and much more.
• Improved Admin Settings Panel (NEW!)- The settings panel is categorized and simple to navigate
• Rich media (NEW!) - Attach images from your computer or by placing a image URL in your stream or uploading your own
• URL Shortening (NEW!) - Using your bitly credentials you can now utilize URL shortening for URL’s longer than 20 characters as you type
• Live Updates & Simple Resource Management (NEW!)- manage how often your users live streams are updated in realtime to find a balance between server load and keeping their feeds current.
• View Older (NEW!) - Allow your visitors to browse the streams history all the way back to when it began right inside the stream.
• Multiple Streams (NEW!) - Want to store or display multiple streams / event streams? Now just give your stream a unique ID of your choice and keep your streams seperate.
• Email Streaming (NEW!) – Email from your phone to your wordpress blogging address with “#livestream” in the subject line and stream from wherever you are.

Whoa! Hold your pond leaves. Did I just skim over 2 amazing features? Let’s look at those a little closer:

I now can have as many unique live streams as I want?

Why would you need this?. Well sometimes you whacky socialite tadpoles might be in 2 ponds at once, and need 2 streams going, or perhaps you have a general live stream for your blog and a live blog post for a current event. In the past, this wasn’t possible cause you only had one live stream, but just by supplying a “Stream ID”, now you can!

I can Live Stream from where-ever I am via email?

Yes you can, tadpole. Just by setting up your wordpress “Post via Email” settings found in your admin section under “Settings -> Writing” or installing the “Postie” plugin (which allows image attachments too!) you can email your live streams like you would a normal post, except now using “#livestream” in the subject line. Just like the screenshot below!

Is your mind blown yet? Should I send someone clean the pond? If you want it, come and get it. It’s still under the GPL so it’s free for all and to do what you will!

Happy streaming!

As we always say around here at the pond, we eat our own dogfood.
(Eww..Dogfood? Seriously? Who makes up these sayings?)

But we’re not too proud to feature the work of others, either. This little gem comes by way of teh awesome Brian Clark, who is founder of Copyblogger and co-founder of DIY Themes, creator of the innovative Thesis Theme for WordPress.

To expand on the title, it’s a classy, savvy look at the sometimes-daunting task of setting up a self-hosted WordPress blog, broken into seven easily manageable steps. And a marketing step for Brian

Enjoy!

Like this infographic? Get more WordPress and hosting tips from Synthesis.

The world of WordPress is always buzzing and vibing with new and exciting news. Here’s a selection of the hottest topics that the frogs around this pond have been reading, in the week that passed.

• WordPress 3.4.1 Maintenance and Security Release.
  WordPress 3.4.1 is now available for download. WordPress 3.4 has been a very smooth release, and copies are flying off the shelf — 3 million downloads in two weeks! This maintenance release addresses 18 bugs with version 3.4…
• SEO for startups in under 10 minutes.
  Maile Ohye from Google advises your startup as if she had only 10 minutes as your SEO consultant….
• Our readers’ favorite new features in WordPress 3.4.
  It was just a week ago that WordPress 3.4 came out, and from the sounds of things the upgrade went pretty smoothly for everyone. Last week we ran a poll asking you, our (rather handsome) readers, what your favorite new feature or enhancement in the new version of WordPress was your favorite. To be honest, the responses surprised me a bit…
• SEO: How To Promote Your Blog – 12 Simple Steps.
  Do you have a great blog with useful content, but are striving to make more people aware of it? Are you looking for simple ways to make your blog posts more popular? Luckily for you, Divvy HQ have created a helpful 12-step “Blog Post Promotion Checklist” you can follow for each blog post you write. With these simple steps you you will know how to promote your blog post.
• How To: Stop The Hacker By Hardening WordPress.
  Every day we service 100′s of clients and the question is always asked: How do you stop these hackers!!! Unfortunately, it’s perhaps the hardest to explain and understand for most. That being said, this post will be one of a series that talks to what end-users can do to help reduce their threat landscape.

If you’d like (and we really WOULD like you to), leave a comment, or hit us up on Twitter! And, of course, if you have a hot link or story to share with the team and the eFrog community, drop me an email at george@efrogthemes.com!

Till next time, be safe. Backup!
*froggy-foot-wave*

We’ve been getting a couple of queries from folks wanting to know the differences between the different versions of our Greyzed WP theme, particularly the version on WordPress.com, versus the latest version that we’re selling on eFrogThemes.com, and although we put a pretty informative post up when we updated the theme, it looks like it’s time to do that again, so here goes!

• Post Thumbnails. eFrog version only. Show a post thumbnail for any post, by setting the “featured image” property of the post, Easy. Elegant. Posts without featured images degrade gracefully. No ugly placeholder.
• Custom Menus. Because Greyzed was written before WordPress even had custom menus, there IS no support for this feature in the WordPress.com version. The eFrog version, however, fully supports custom menus.
• Fully Widgetized. The eFrog version has been fully widgetized. Widgets, widgets, everywhere! The WordPress.com version has limited support for widgets in the sidebar.
• Social Connections. The eFrog version has the very nice Social Connections widget, built into the theme footer.
• PSD Included. The full, layered PSD is included in the download package of the eFrog version. That’s worth the pricetag, all on it’s own.
• Support. Membership of our support forums. Get the support of the folks who made Greyzed, as well as the community that’s grown up around it. A veritable ocean of smarts.

There you go tadpoles! A nice concise list of the differences between the two major versions of Greyzed!

Time for your next helping of WordPress smarts. Around the pond, we normally like to write our own stuff, but every now and then we come across something that’s SO well done, and SO obvious and SO…GREAT, that we just want to share it as-is, verbatim. This is one of those times.

We’ve recently fielded a number of enquiries from folks who are using our themes, and want to change them, but are hosted for free, over at the fantastic home-of-the-free-WP-blog, WordPress.com. Now, we anticipated this (we’re smart frogs, y’unnerstand…) and we have some killer posts up on the subject, like our Your WP Blog: Soup To Nuts series, but when you see something THIS good? You have to share! (You can click the infographic for the full-size version.)

Our thanks to the great folks over at WPBeginner.com for the use of this awesome info-graphic. Cheers, guys!

As with any popular software, the more it’s used, the more it will be targeted for malicious reasons. Think Microsoft Windows; it’s easier to target something used on 90% of personal computers, than 10%. The return on investment is greater. The same rules that apply to your desktop, or laptop computer, apply to your web site. Apply updates and patches as they are released. They are released for a reason. What makes your site work is software, just like Word, FireFox or Photoshop, and you need to ensure that the software is updated with new versions and security patches.

What makes securing WordPress more complicated than a piece of desktop software, is that it’s not just WordPress that needs to be kept current, but also the plugins and theme that you use. Each comes with its own set of potential vulnerabilities and issues. The beauty of WordPress is that new versions are released on a regular base, and your admin interface will inform you that there are updates that need to be applied.

When you sign into your admin interface you will be informed that there are updates that need to be applied. Click through you will see  exactly what needs to be updated.

But there is a lot more you can and should do to secure your site.

Steps to securing your WordPress site.

Some of these will require some technical knowledge, so if you are not comfortable doing the required step, please find somebody who know what they are doing to assist you. Our sister company, The Forge Web Creations, offers Service Level Agreements specifically for this, so please feel free to contact them for more information.

Basic Steps.

Step 1
Stay updated – The most important step has already been covered above, but I’ll repeat it here for emphasis. Apply all security patches and upgrades as they are released.

Step 2
Change your database prefix – Every installation of WordPress defaults to the prefix wp_ for tables. Change it to something that is unique.


This is best done at installation. Be sure that you know what you are doing before attempting this as your site could become unstable or even go down if this is done incorrectly.

Step 3
Don’t use “admin” as your Username – Once again, this is something that every WordPress installation defaults to. And is something that is known by hackers making it easier to target your site.
Create a new user profile with admin rights and delete the default admin profile. As of version 3 of WordPress this is something that you can do at installation, but can also be done after the fact. Once you have created your new admin user, you must sign out as “admin” and sign back in before you will be able to delete the default “admin” account. In the deleting process you will be given the option to assign all posts and pages created by “admin” to another user.

Step 4
Use strong password – No matter how tempting it may be to use something that you can remember as your password, don’t do it. Brute force attacks will eventually prevail if you use your pets name or your wife’s maiden name as a password.
Make use of a service that generates strong password to generate your password for you, like Strong Password Generator or Secure Password Generator.
WordPress will inform you if the password you chose is Strong or Weak.

Step 5
Install WP Security Scan – Install the WP Security Scan plugin and run it every time you upgrade your site or install a new plugin. Provide you with security vulnerabilities and suggests corrective actions such as:

• Passwords
• File permissions
• Database security
• Version hiding
• WordPress admin protection/security
• Remove WP Generator META tag from core code

Some of the items that it scans for have already been covered here, but there is no harm in scanning for them again once you have addressed them.

Advanced Steps.

Step 6
Protect your main configuration file – All the main information for your blog or site is kept in wp-config.php and this file needs to be protected at all costs. One way of protecting this file is to deny access to it through your .htaccess file. Place the following code in your .htaccess file:

<Files wp-config.php>  

order allow,deny

deny from all

</Files>

Step 7
Protect your .htaccess file – Now that you are using the .htaccess file to protect your wp-config.php file it is also a good idea to protect your .htaccess file. You will use the following code in your .htaccess file to protect it:

<Files .htaccess>
order allow,deny
deny from all
</Files>

Step 8
Limit the number of failed login attempts – This is useful if somebody is trying to guess your password using brute force. You can use a plugin called Login LockDown to set a limit on the number of failed login attempts, to prevent this.

Conclusion

We have just touched on a couple of steps that you can take to secure your WordPress web site. Remember, protect your web site like you would any other asset that you value. You wouldn’t leave your car keys in the ignition while you go shopping, would you? Taking a few preventative steps now will save you a lot of heart-ache and aggravation further down the line. The most important step you can take to securing your site, is to keep it current with all updates and patches.

If you want more information on protecting your site there is always Google and WordPress have provided a very comprehensive guide in their Codex.

That said however, simply building that page from an aesthetic point of view doesn’t solve the underlying problem – someone landed on a bad link on your site. Somewhere out on the interwebs, there’s a link pointing to a non-existent page on your site.

Today we’re going to show you how to make a useful 404 page. Useful to both the user landing on that page, and to you – the site owner.

Here’s our final product:

Nothing exceptionally fancy – just a few loops to take people to other places in your site. The real magic however, happens in the background. When this page is triggered, an email is sent to the owner of the site with the details of the visit. It highlights the referring URL (ie what site is pointing to this bad link) as well as a legible dump of the $_SERVER value that’ll give you some extra information about the user that visited this page.

Let’s get to it. Firstly, lets skim over the 3 loops that we use:

The first loop gets our last 5 posts from the blog. The second loop fetches 5 of our categories. The last block shows our menu navigation as set in our WP Admin.

Let’s make it pretty:

And that’s pretty much that. What the user sees when he lands on this page is now sorted. You of course might want to tap your funny bone for something humorous to add in here – the sky’s the limit really. But from a functional point of view, the user has some options when he lands on a bad link.

Now let’s get to the email that gets sent.

Firstly, we set the referring URL into a variable along with a fallback in case there is no referring URL present.

Next, we set another variable that’s filled with a readable version of the $_SERVER dump

We want to be able to send this email with some HTML elements, so lets turn on HTML formatting. Note: We’re using the wp_mail() function to do the sending of this mail, so we use a WordPress filter to turn this on.

Now we want to start editing the settings of our actual email. We start with the to and from information…

… and the headers …

… and then the subject …

Right! The second last step is set what the email actually says

You can of course tailor this however you want it, but basically this gives us all the information we captured about the triggering of this 404 page.

Lastly, we do the obvious: send it.

Note: All this code is placed directly into your 404.php template.

Done! Not too difficult hey?

Let us know if you’ve implemented this and how you improved it to provide a heplful 404 page.

First up: The complimentary combination.

This is a kind of opposites attract idea. They can, when used carefully bring out good qualities in each other. Don’t use these if their purpose is primarily to display text.

Triadic scheme:

Using three colours which are evenly spaced in a triangle. Again, this is one to use with caution as the combination tends to be very vibrant and intense, even when you use these at low saturation. As with most colour combinations – especially when using 3 colours or more, it’s usually best to use one as a primary colour and the others as secondary or accents.

Split Complimentary:

Slightly easier to pull off than the triadic scheme, still selecting three colours – this is what happens when selecting the two colours that are on either side of the compliment, as opposed to the single compliment. It’s easier to pull off because the two colours that are adjacent to the compliment are more similar than those in the triadic, meaning there is less visual conflict with those two colours. It’s still a vibrant combination though, and often best used when the colours closer to each other taking precedence, and the more contrasting colour – the accent.

So there you go, some slightly more advanced colour combinations. In order to pull these off successfully, you have to give a great deal of thought into your selection, as well as the weight you give each colour. Have fun and good luck!

The world of WordPress is always buzzing and vibing with new and exciting news. Here’s a selection of the hottest topics that the frogs around this pond have been reading, in the week that passed.

• Embed Angry Birds into your Facebook Timeline, blogs.
  You can play Angry Birds on Facebook, but up until now, what the game on Facbeook lacked was the ability for your friends to compete with you on a very basic level. Rovio Mobile announced in a blog post that if you are particularly proud of a score…
• WordPress 3.3.2 is out.
  WordPress 3.3.2 is an update that all WordPress managers should install. It fixes a multitude of security vulnerabilities both in the main software and in external libraries for the blogging tool…
• WPEngine: New Feature. Download a ZIP of Every Restore Point.
  Remember a couple of months back when we released the Checkpoint and Restore and started backing up your sites once a day? Remember how we made it easy for anyone to make a full backup of their site, files and database? Ok, good! So, based on customer requests around Checkpoint and Restore, we’ve added another feature to the tool!
• 1,000+ WordPress sites compromised through automatic update feature.
  More than 1,000 WordPress blogs have been modified to redirect visitors to sites serving malware, affiliate and pay-per-click redirectors, and low quality PPC search result aggregators, through the WordPress’ automatic update feature.
• Find Friends Who Use WordPress.
  Are you curious to see how your friends are using WordPress? Give the new and improved Friend Finder a try to connect with your Twitter, Facebook, and Google contacts who have WordPress sites!

If you’d like (and we really WOULD like you to), leave a comment, or hit us up on Twitter! And, of course, if you have a hot link or story to share with the team and the eFrog community, drop me an email at george@efrogthemes.com!

Till next time, be safe. Backup!
*froggy-foot-wave*