With Gary unavailable, Andrew and Geoff take to the couch for our Lunchtime Live Q&A. Today they discuss:
- What to do when your WooCommerce notifications aren’t being received
- What to do when you get locked out of the WordPress Dashboard, and
- What to do when your website has been hacked.
As always, if you have any WordPress questions that you’d like us to cover, get in touch and we’ll answer them on our next Lunchtime Live Q&A session.
Andrew Marks: [00:00:00] Hello everybody.
Geoff Franklin: [00:00:00] Hello. Surprise.
Andrew Marks: [00:00:02] No Gary today. I’m Andrew. This is Geoff. You haven’t seen me for a while. I’ve been sidelined by this talented…
Geoff Franklin: [00:00:12] I thought I’d share the spotlight with him today.
Andrew Marks: [00:00:14] All I had to do to get on the couch again it was push Gary down some stairs. So, I’ve made it, I don’t know where Gary is. He’s in a pile at the bottom of the staircase. But yeah, we’re here to answer your questions today. We’ve got a few e-mails here, which is awesome. Thank you for getting involved everybody. We will dive right in, but as always, if you catch us alive, we’ll keep an eye out for your questions on the screen. Otherwise, we’ve had some questions emailed through. So we will start there and hopefully you join us shortly. All right. You ready to go.
Geoff Franklin: [00:00:50] Oh yeah, we can, we can. Like I said, we’re sharing the spotlight today. Let’s do this.
Andrew Marks: [00:00:57] Ok so the first question we have was sent in by Kimberly from Cairns and she says “I’ve got a WooCommerce store that pushes through lots of orders and I’m getting some customers saying that they aren’t getting their order emails coming through, but some of them sometimes do. I’m not sure what’s going on. Do we have any ideas okay?”
Geoff Franklin: [00:01:22] Well firstly that’s great. You’re getting lots of orders. That’s a good problem to have, right? Yeah. So it sounds like perhaps that’s an issue with your hosting. Sometimes if you’ve got a lot of email notifications coming out of your server, it can tend to bottleneck and that kind of thing. So typically a solution we put in place for this is using a SMTP – a simple mail transfer protocol – plugin. So, a plugin. That basically helps to route the emails from your server through an email service like Outlook or Gmail or Hotmail. You know, a third party. So you could, if you’ve got one like a Gmail account, it’s the quickest and easiest to set up. And the plugin we like to use is, the one I like to use, is WP Mail SMTP plugin. Really really simple to set up when you know what you’re doing and it’s got some instructions there and you’ve got to do a few things, like you’ve got to set up an API, this and that. But the instructions are out there if you’re willing to give it a crack. But that potentially is what’s going to solve that issue right there for you and there’s probably a few other things going on, but that’s what it sounds like to me.
Andrew Marks: [00:02:43] Yeah. I think that’s the clue is some people are receiving them and some people aren’t. And yeah, if we dive into who was and who wasn’t, you’d probably see that people on one service were, but people on a different service weren’t. And what might be happening is the emails that get sent directly from WordPress are using a PHP function rather than being sent properly through the SMTP protocol. And that can seem spammy to some mail providers, and therefore they might just junk the emails, and that’s why someone wouldn’t be receiving them. So yes, SMTP plugin. It’s almost a good idea to set one of them up if your website’s going to be sending emails as par for the course, you know, purchase notifications, that sort of thing, it’s probably worth just setting one of them up, just so you’re assured that you’re getting the best delivery that you can, I guess.
Geoff Franklin: [00:03:44] Yeah. Yeah. So you have peace mind like, even if you got a membership site, you know, lots of people signing up. Just putting that in place before you get started as the way to go.
Andrew Marks: [00:03:55] It is. Absolutely. All right. Well so Kimberly in Cairns. I hope that helps. Get WP… what was it called?
Geoff Franklin: [00:04:02] WP Mail SMTP.
Andrew Marks: [00:04:05] Mail SMTP. WP hyphen Mail hyphen… Anyway, just search for that, you’ll find it. And yeah, it is very simple to set up. It’s just, as if you are setting up an email address in your Outlook or something like that. You just need your outgoing mailserver details, all that sort of stuff. Very simple. That’s a good place to start. Kimberly, as always, if that doesn’t solve your problem, get in touch with us and we can absolutely help you out. For those people who are new to WP Butler, the way we work if you have a problem, we sell $99 Priority Support Tickets. So you purchase a ticket on our website, it asks you for, you know, your login details and that sort of thing, all the elements that we need to solve your problem. Once we receive that ticket, we jump straight on it. Alrighty. So how we go in with eyeballs? Not too many. We’re waiting. Come on, come say hello! Alright. We’ll dive into the second question here. Rob from Darwin, in the Top End. Here we go. Let’s see. “Let’s just say I’m not the most tech savvy guy.”.
Geoff Franklin: [00:05:11] That’s ok Rob.
Andrew Marks: [00:05:12] That’s alright.
Geoff Franklin: [00:05:13] That’s what we’re here for.
Andrew Marks: [00:05:15] That’s a good start. “But I’m finding that I keep getting locked out of my website for periods of time when I try to log in. Maybe I’m typing the wrong password, but either way do you know what’s going on? It could be one of the security plugins I have running.”
Geoff Franklin: [00:05:33] Uh huh. Yeah. Think you said it right there, in that last bit of your question, Rob. So yeah, it could be, it sounds like it’s one of your security plugins doing its job. It’s detected perhaps maybe you are typing in the wrong password or something like that. And let’s just say, I mean, there’s a few security plugins that we’ve used that do this kind of thing as a security precaution and block people, like Wordfence is the first one that comes to mind. It has an option in there to do just that. Too many attempts to login and it will block you for a period of time. And the way to get around that is if you’ve got access to your web hosting, and you’re comfortable going in through say, you know, if it’s a cPanel, you got cPanel hosting and you’re comfortable going into the File Manager. You basically can browse your server like you would on your computer through you know File Manager on your computer on a Windows or Finder on your Mac, and navigate your way to the plugins folder and if you rename the folder, it’ll basically manually turn off the plugin that way, and you should be able to log back in. If you really need to get back in your site straight away, you can do that, or wait the period of time it takes. It depends on the settings of the plugin. Could be 5-10 minutes, an hour, I don’t know. That’s the way to get around that Rob, if you if you need to get back in your site in a hurry.
Andrew Marks: [00:06:57] Yeah. That’s right. If you do if you are typing in the wrong password and you get it wrong X number of times, I think by default it’s something like, if you get it wrong three times you get shut out for five minutes, and then if you get shut out for five minutes three times, then you’re in trouble. Then you shut out for like a day or something like that. So the lesson there is get your password right. What we recommend is using a password manager. Now, we’ve been using one called LastPass for a very long time now. When I first signed up for a password manager, I was a bit hesitant because you’re like “Oh all my passwords in the one spot, that doesn’t sound real secure, does it? But as long as you’re using a secure password, a very secure password, to secure those other passwords, then you fine. And you know, they integrated in your browser, and then when you go to log into your website, you don’t have to remember the password each time, it just prefills it, and you’re straight in. So yeah, WordFence. Well again Rob, it sounds like you know that you have some security plugins there. WordFence is the one that we recommend. Another one that I use is the iTheme Security. So iThemes are the people that make plugins like BackupBuddy. They have a pretty cool security plugin that you can use. There’s a free version. There’s also a premium version, but the free version is pretty much all that you need. Same with WordFence, the free one is all you’re going to need. Those two plugins I find work really well in conjunction. But now we’re going off on a tangent because, you’ve already got your website secure. You just need to be able to log into it. So, I hope that’s helped. I hope that’s helps. But as we said, Rob, if you continue to have problems, let us know. Send us the correct password and then we’ll be able to log in and see if we can help. All right. How are we going? We’ve had a few eyeballs. We’ve got a few likes. Hello everybody who’s watching. If you’re expecting to see Gary…
Geoff Franklin: [00:09:07] No deal.
Andrew Marks: [00:09:09] No Gary today. OK. Last question from our emails. Trevor from Bundaberg says “I think my Web site has been hacked. I’m seeing these random bits of jargon appearing all over my site and I don’t know what to do. Help!”
Geoff Franklin: [00:09:26] Oh boy. Okay. It does sound like your site’s been hacked. Without even seeing it. So yeah we we actually provide a service that would prevent any of this from happening for you. But that doesn’t help you right now. But what can help you right now is… What we do in this instance is, you know, head on over to wpbutler.com.au, buy a priority support ticket and straight away, with that, we can get in and run a security scan of your site. We’ve got a few security plugins and tools that were used to scan the site, check for any malicious code and that kind of thing, and it sounds like that’s what’s there. And then when we find what it is, we can start to clean it up however we need to do that. And touch wood, you’ve got a backup. We can then use that. But it just depends on the extent of the damage. But once we get in there and assess the situation, we can we can take care of that for you.
Andrew Marks: [00:10:26] Yeah. Absolutely. We were actually talking this week that hackers don’t always deface websites. When they get access to your website, they might keep it quiet because what they’re actually trying to do is get access to the server resources to then send spam or try and introduce malware to people who visit your website, that sort of thing. So it seems counterintuitive but you might be one of the lucky ones that just got defaced because usually that’s pretty easy to fix. And we can absolutely help you there if you don’t have that backup. But, number one, you should have had a backup. Sorry Trevor from Bundaberg – should have had a backup! That is the number one security recommendation for any website. You know, you can always put security plugins on, and you can do this, you can do that. You can take all these steps to protect yourself, but then if your password gets hacked, if you use the same password for everything and somehow did that password gets found somewhere then there’s no stopping people getting access to your website. So number one security recommendation is make sure you have a backup. We have a SiteCare plan where we not only backup your website, we keep everything up to date, we… What else do we do?
Geoff Franklin: [00:11:49] You get monthly reports on the activities we’re doing, all that good stuff, it’s all in a report, there’s a lot that goes on.
Andrew Marks: [00:11:58] There’s optimisation, speed optimisation, make sure that the site is chugging along nicely. Clean up that database. Over time, your database tends to fill up with records that you don’t need. So we keep your website lean and fast and backed up and secure and all of that. So if you are interested in that sort of thing, if you don’t rate yourself to take care of it and you don’t want to put your head in the sand and go “Oh, I haven’t been hacked yet” because you know, eventually, you might get hacked. It’s not a good thing. So yeah, get in touch with us. Check it out wpbutler.com.au/sitecare to see our maintenance and SiteCare plans. All right. That was quick and easy today.
Geoff Franklin: [00:12:45] Oh yeah.
Andrew Marks: [00:12:45] We have… Hello everyone. Anyone want to ask a question while we’re here? Or do we get an early lunch?
Geoff Franklin: [00:12:57] Either way. We’re here to help.
Andrew Marks: [00:12:58] We are here to help. Look if you’re watching this at a later date and you’ve probably seen some of our videos where we introduce these questions separately and go into a bit more detail. But essentially if you’re not watching this live, if you’re watching it at a later date, we are here to help. We are your WordPress experts. Get in touch with us and we can assist you. WordPress Expert.
Geoff Franklin: [00:13:22] That’s us.
Andrew Marks: [00:13:24] Look at us huh. Experts! Awesome. All right, well thank you everyone for joining us. We are at your disposal. Shoot through your questions. Don’t forget to join us every Friday on the couch at 12:30pm. If you haven’t liked the WP Butler page yet, jump on that and like it so we can notify you when we go live. But yeah, otherwise check out wpbutler.com.au for all the information about who we are and what we do. Otherwise I guess we will see you guys next week.
Geoff Franklin: [00:13:57] Bye bye.