Select Page
These Are The Three Best WordPress E-Signature Plugins

These Are The Three Best WordPress E-Signature Plugins

Signing a paper/document is very important, as your document will not be valid unless signed. In the digital era, you have the opportunity to use technology for signing your papers, without being physically present. Have you wondered is it possible to find a WordPress plugin that will enable you to sign your documents digitally? Which one is the best? Which one will work flawlessly? Well, there are several good plugins that perform this task and we will present the best ones in this article.

First of all – why do you need this plugin?

TitleThe plugin will be of great beenfit to all users who run digital business where they need to sign papers and approve transactions or confirmations to the clients. Instead of signing papers physically and then sending them through the post office, you can use your digital signature and cut down costs and time. Very convenient, isn’t it? Well, if you are one of those people who need this kind of service, pick one of the best WordPress digital signature plugins that we are presenting below. Note that each of these performs basically the same thing and they are all working great.

WP Online Contract

This is the premium WordPress plugin for digital signature. It allows you to create easily contracts through the editor that allows you to create and save templates for future contracts. The best part is that the plugin is compatible with almost all devices, ranging from the handheld to MAC devices. The plugin stores your  IP address and timestamps when you sign digitally your paper. It supports also the integration of other payment systems and gateways, which makes it versatile and very welcome when it comes to online payments. Though the premium versions is not free, it is worth every penny!

WP – E-Signature

This plugin is the best one if you are planning to sign legal documents and you only need to pay once for the plugin so you can use it as my times as you want to. You manage it and set it up through the WordPress platform and allows you uploading, sending, editing and receiving the signed papers from your clients. It is UETA and ESIGN compatible, which means you can use these in the court if needed to. People who often deal with the legal documents and signing the contracts will have a great benefit of this one, though the price tag is not that small. However, it works perfectly well so do not regret money if you need this!

WooCommerce

WooCommerce-ExtensionFor all those who are running e-commerce, this plugin is the way to go! It helps you to manage large amounts of purchases on your site and allows easy validation of transactions and orders. However, in order to function well, the customers will have to have the support for e-signatures, otherwise, they will not be able to make an order and pay for it. This one distinguishes among others as it allows you to create PDF files, upload signatures in emails and a lot of customization options!

WordPress Plugin To Stop Trackback Dos Attacks

WordPress Plugin To Stop Trackback Dos Attacks

Living in the internet era, you have to know all the things that could potentially make harm to your business, as the number of hackers has never been bigger than now. Hackers get hired by the competitors who want to disrupt their competition and take over the market and the hackers use various techniques to disrupt the targeted website. While WordPress is the most known platform for website development, there are useful plugins that can prevent these attacks, including DDOS attack. The DDOS attack is one of the most used techniques as it is relatively easy to create and deploy so a lot of people use this to destroy websites at least for a while.

What is DDOS attack ?

The DDos attacks are one of the oldest ways of disrupting the website and these had been present for more than two decades in the online world and the world of the Internet. The term means Distributed Denial Of Service and it is an attack method where an attacker sends a huge amount of traffic/requests (usually a programmed line of code) through different computers with the goal of disrupting the target so it eventually stops working and accepting the requests and users. It works by maxing out the network’s bandwidth which slows down the server’s response time and makes it useless eventually.

In order to DDOS attack becomes efficient, a hacker must build a botnet. The botnet is actually a network of computers with the real users who are not aware that their computers contain a program that serves as a weapon during the DDOS attack. The hackers use experience and knowledge to install these on computers without anyone noticing this activity. The very next time your PC becomes slow unusually, try to scan it with the updated antivirus program. If it is not working, delete the OS to make sure you eliminated the infected program.

WordFence is a must!

This security plugin can successfully protect your WordPress site as it monitors every request and user that visits the site. The embedded security script analyzes resources and monitors the resources allocated for the attack, as well as the time of requests. The complex procedural function compares all the data and determines if the DDOS attack has been performed. In case it is, it activates the security firewall and script that does not allow any further requests that are suspicious and marked as threat.

PAD – Protection Against DDos

This is not a standard plugin, but you must find it manually and install on your site. The plugin routinely inspects the memory and monitors if there is a bottleneck that is unusual or comes from the unusual source. Once it identifies that the DDOS attack has been performed, the plugin automatically terminates and blocks all the suspicious requests, so memory leakage would not appear and thus the website will not go offline. PAD is a cool plugin that is praised by many users so consider one having in your library as you never know when someone will shut down your website, at least for fun.

Here Is How You Can Prevent WordPress To Show Sub Categories

Here Is How You Can Prevent WordPress To Show Sub Categories

Using the WordPress platform, you must have had a situation where the WordPress does something that you do not like and you would like to prevent that. The problems may vary from loading the inappropriate homepage to the wrong redirection of URLs. One of the problems that might be bad for users, especially when it comes to staying within the good SEO limits, is showing the child categories or sub categories. While there are some plugins that eliminate this problem, the bigger problem is that it does not work every time. So, how can you solve this problem efficiently?

The problem of subcategories

Let’s say that you have a category “weather” and inside this, you have two subcategories: “world” and “the US”. When a user visits your site and presses on the “weather” category, he will see all posts from that category but will also see these two mentioned child categories. Now, this becomes irritating and sometimes bad for your SEO so you will probably want to eliminate this feature and allow only to see the main category.  Even Google can ban your site as it can think that you are duplicating the content by adding the same post in two different categories, so the experienced developers will want to get rid of this problem. Even if you are not that experienced, do not worry as you will be able to solve this problem easily.

Sub CategoriesDo not worry really, the solution is not far away and everyone who has at least a basic understanding of coding can perform this on his own and solve the problem.  Even if you do not have, just follow the instructions that are described below. So, how to solve this problem, you might ask? Should you use plugins? Yes, there are plugins that solve this, but very often they crash and the user still can see the child categories. To avoid plugins, you can use a simple hack that will solve this.

How to solve it without a plugin?

First of all – back up your archive.php and category.php before you do anything! You do not want to lose your posts and archive! Open archive.php and inspect the code. Try to find a line that is similar to this:

“<?php while (have_posts())” : the_post(); ?>”. Once you find this line, you need to add another line, AFTER THIS LINE. Now, add:

“<? if ((is_category()) &amp;&amp; in_category($wp_querry->get_queried_object_id())) {?>”.

The function of this line is to assess whether we see a category and that the post we are looking at is a righteous member of this category. Now, find the line:

“<?php endwhile; ?>” and add the following line before it:

“<?php } ?>”.

You have basically added this small modification that will prevent the WP to show subcategories, but only the parent category. It is required to have some posts in the “weather” category in order to function correctly. So, you did a small modification to your WP theme!

PHP Nonce Library

PHP Nonce Library

We’ve recently developed our own PHP NONCE library for use with custom programming. Our version is loosely based on the implementation found inside the core WordPress software. We would like to thank to the WordPress development team as we have used their software to develop our own library! Without their software, we would have to start from scratch!

What is a nonce?

Literally, the term refers to a number used once. In software development, it is often used as a security measure to ensure that certain links or forms are only available once, thereby preventing malicious attacks against the system.

Where would I use a nonce?

PHP-Nonce-LibraryAn NONCE offers an additional level of security where sensitive actions may take place within your application. Take the following line of code as an example:

<a href=”delete_post.php?post=003″>Delete Post</a>

This link was poorly thought out if the application has no other security measures in place. Anyone could begin deleting posts by simply pointing their browser at the above link and changing the post number.

Well designed applications would only make that link available if the user was logged into the system with appropriate permissions. Furthermore, the delete_post.php script would ideally check to see if the user was logged into the system and if the user had appropriate permissions to delete that post. Is this enough security though?

Here are just two scenarios that could circumvent the above security measures:

  • Depending on how the application’s user authentication works, it is certainly possible for a malicious user to spoof an authenticated user or to otherwise crack the authentication.
  • Additionally, if you are a legitimate admin of the above mentioned application it would be possible for me to trick you by sending you a link or to this script. Once you clicked it, the post would be deleted.

How an nonce prevents the above attacks

An NONCE is successful as an additional layer of security because it prevents actions initiated by links or REQUESTS from being used more than once. Every time a link or a form is printed on the screen, your NONCE functionality embeds a key / value pair to be sent to the receiving script. Every time that script is called, it checks for the key / value pair and then authenticates it on a pass / fail basis. If it passes, the action is performed, if it fails, the action is not performed.

The above link with an NONCE applied to it would resemble something like the following:

<a href=”delete_post.php?post=003&_nonce=9c5fbfabb1″>Delete Post</a>
The receiving script would then do the following:

  • Check to see if the user is logged in with appropriate permissions (standard security)
  • Check to make sure the NONCE key / value is set
  • Authenticate the received NONCE using a library of functions.

How does an nonce create and authenticate its key / value pairs?

The process of generating NONCE is a bit complex than usually. While there are no hard and fast rules for creating an NONCE, most libraries will include the following components when generating an NONCE:

  • A secret key or ‘salt’ stored only on the server
  • A user ID (optional – makes the NONCE only work with a specific user)
  • An action name: ie: ‘delete-post’
  • A timestamp (allowing the NONCE to expire if never used)
  • A database of used NONCEs (optional and not used in our library)

Using all of the above components, an NONCE may be generated like this: secret-salt + user ID + action-name + timestamp. All of this is thrown into a hash that the receiving script can unpack and authenticate (Most of the time, the timestamp will be modified before being included and hashed).

The receiving script doesn’t actually ‘unpack’ the received key, rather it recreates it and compares. For instance, the delete_post script would combine the secret salt (which it knows) , the current users’s ID , use the delete-post action name, and a timestamp (modified appropriately). If any one of those components are off, the NONCE value generated by the receiving script will not match the one sent by the initial script and the NONCE will fail to authenticate.

How to use our nonce library

  • Download the zip file and unpack
  • Include ft-nonce.php inside all your applications pages
  • Embed one of our two generating functions in your links or forms
  • Call the validating function at the top of your receiving scripts and do as you wish based on the validity of the NONCE.

If you need further example, you can check out the example here. The PHP file source file is included in the zip .

Feedback

We’ve only deployed this once and value your feedback. We will be more than happy to modify, enhance, and correct bugs as reported. Feel free to test our feature, implement it in your projects, but do not forget to inform us about the quality of it! Feel free also to send us suggestion! The more people use this feature, the more valued our work is and that is why we encourage people to use it and test as many times as possible!

How To Create A Password Protected Children Pages?

How To Create A Password Protected Children Pages?

Today’s technology has so evolved that our little children from early age know how to use the web and browse it. Sometimes, we just want to protect them from seeing inappropriate content that is not age-relevant, so we want to add the password to a certain page, especially if you own a website. In any way, a password protected page is something that you can create and eliminate the possibility for children to see something that is not appropriate for their age. How to do this in WordPress? Is it complicated or you can do it on your own?

WordPress allows you easy password set up

Hiding your content from a certain audience (children in this example) is a common task that administrators do. You can even lock the whole website that you cannot access to unless you have the right password. WordPress is the best online platform for creating your website and allows easy updating, managing and publishing of content. On top of that, you have useful commands like the password protection to ensure that only people you want access to your website or a post. Do follow the small tutorial below in order to set the password protection.

The very first thing you need to do is to log in to your website as the administrator so you could make changes and have permissions for such actions. Now, go to the page or post you want to protect and click on EDIT command. Once you slick, you will see in the upper left corner EDIT THE VISIBILITY and click on it. The next thing is to click on PASSWORD PROTECTED and type in the password you want. Make sure you use the combination of upper case, lower case, numbers and special characters in order to produce strong password. Once you type it in, click on OK, and click on UPDATE button in the lower right corner of the window. Now just publish the post/page, load it again and check if it asks for password to access it.

You can check all the pages and posts that do require a password to access them in the list of all pages and posts. Also, you have the ability to mark it as PRIVATE so no one could see it except the EDITOR and ADMINISTRATOR. Though this is not very useful for restricting the content, it may come useful when you want to publish a post or a page just to see how it looks like on your website.

Use strong passwords!

Kids often want to break the password and will try in many different ways to do this, so make sure you use very strong password that has a lot of characters. This will make it impossible to crack it as the combinations are endless and no CPU could calculate all the combinations for it. Always use upper case, lower case, numbers and special characters to increase the strength of your password.