An Email From A Web Security Expert

I received an email today via the contact form on our e-commerce website. It said that the website was accessible at /wp-admin/. The message read:

You probably would have known, how important is to secure your website from an unauthorized intrusion? …

Fortunately, I did a quick rundown of your website and noticed that it can be possibly compromised very easily with little efforts by a hacker…

Kindly let me know, if you would like to tighten your website security. I look forward to hearing from you.

I decided to take a look at the website of this security expert. It was nicely laid out, but with a problem with the English as you can see with the sentence “WordPress is so elegant unless you protect it.”

I can’t think what word to replace ‘elegant’ with. Maybe ‘vulnerable’, but then what is the ‘so’ doing in the sentence?

OK, jokes aside, the part that made me sit up were these testimonials.

Nice photos. They look unconvincing. I took a screen grab of the photo of the woman and put her into Google Image Search. Ah, she is Jennifer Tress, an author mentioned in an article in Marie Claire and elsewhere. Good old Google Image search.

The man was almost too easy – Google tells me he is Iain Banks, the famous Scottish author who died in 2013.

So the testimonials are fake.

Let’s see where this leads. If I fell for this pitch I would no doubt have to give my sign-in credentials to this firm of web security credentials. And then what?


About Iain Banks – I had to check the date of his death. Was it really 2013? We were living in Edinburgh until the end of last year, so there was more in the news about his death than if, say, we were living in London. Still, I would have guessed it was last year that he died. 2015 at most. Four years already? Unbelievable.

The Chat Bit

Idly scrolling through the list of widgets in the admin panel, I came across tlk.io, which describes itself as a simple web chat.

I put the widget in the sidebar and if anyone feels like chatting using it, go ahead. I have no idea how it is supposed to work, but maybe we’ll find out.

By the way – no guarantee it will be there in a couple of weeks time or whenever a reader of the future happens on this post. But it’s there for the moment.

No More Ads

I paid for the ‘no Ads’ upgrade. No ads, no brainer. It cost almost nothing more than the cost of the domain. So that is done for a year.

The ads have been screaming at me for months. Screaming quietly, so you may not have heard them.

Actually, this is their second or third bout of screaming. I thought it was all bluster, and I ignored them. But the sight of them started to jangle and I submitted.

It’s a funny thing, is it not, this new economy of being given something for free but with an annoying bit tacked on. And you pay to get rid of the annoying bit. It’s clever, isn’t it?

For Those Who Are Not Familiar With How WordPress.com Works

for those who are not familiar with the ‘system’ I should explain how ads work on WordPress.com sites.

This site is hosted with WordPress.com and after some or all of my posts there are ads that only people who are NOT logged in to WordPress.com see. [I ranted about it here a couple of years ago.]

I don’t want ads after the posts on my site so I paid WordPress.com to remove the ads on my site that visitors would otherwise see.

WordPress offer a range of plans that you can see here: WordPress Plans, but this – at a glance – is what they offer.