It is simple to install and caches the archive content, so it’s loads faster. You can see it in action here, and since I don’t write so much… I made a simple change to not display the date of the post.

Regards.

Google updated it’s “Terms and Conditions” and asked all publishers to read it. I use Adsense lightly here and kept getting this message everytime I log into my Adsense account. They set a deadline for reading and agreeing to their updated terms to end of May.

The terms requires all publishers to display a privacy policy on their sites. See a snapshot

You must have and abide by an appropriate privacy policy that clearly discloses that third parties may be placing and reading cookies on your users’ browser, or using web beacons to collect information, in the course of ads being served on your website.  Your privacy policy should also include information about user options for cookie management.

Thanks to Eric Giguere who created a plugin for wordpress that will create a page for you with all info you need.

The plugin installs like any other plugin. It has an admin setup that will appear after activating it under the options menu.

You can simply create a new page titled “Privacy Policy” by clicking a button from the plugin’s admin page.

I just installed it with no issues.

Here is the link: Privacy Policy plugin download link.

Happy Friday.

WordPress Version 2.0 introduced the concept of Roles.

Each Role has a set of permissions or is allowed to perform a set of tasks called Capabilities.

If you allow anyone to register to your site, choose the “new user default role” from the general options menu to be “contributer”. This is the user with the least privileges.

Contributers can only create and edit their own posts.

They can’t publish their post or have any other privileges.

Roles Manager Plugin let’s you easily configure Roles and Capabilities of users of your site in a very easy to manage and granular way.

You can easily create new Roles and assign them any Capabilities you like.

The plugin has a great admin panel, you can access through the Users menu option.

To find more about it and download, click here.

After 3 failed attempts a message comes like “Your exceeded your login attempts. Please try later or contact our account reps”

Brute Force Attacks or multiple failed login attempts are sometimes used by malicious users to gain access to your account. Most major installations protect against it this way.

There is a plugin by Michael VanDeMar, that I strongly recommend you to download.

It will secure your your WordPress installation in the same fashion.

This plugin will record the IP address and timestamp of every failed login attempt.

Currently it defaults to a 1 hour lock out of an IP block after 3 failed login attempts within 5 minutes.

The great thing about this plugin is that it comes with an admin interface, where you can configure all these timings in any way you like. ( see below default values)

To download or see more click here.

User supplied input to the parameter “id” could be exploited by malicious users to inject SQL.

Here is how a visitor to your site can inject SQL through the plugin:

From the URL of the browser, they can simply type:

http://your-domain-name/plugins/wordspew/wordspew-rss.php?id= any SQL statement

You can still safely use the plugin, if you implement changes that I suggested in my previous posts:

1- Change your table prefix from wp_ to any difficult to remember prefix. No one will be able to guess your table names and tamper with your data.

2- Change the permissions on your database via cPanel. Simply, don’t allow truncating the database.

If you implement these steps, be sure to keep using all your plugins without fear of any malicious SQL Injection related attacks.

Regards.

You don’t want to make your site an easy target. right?

Well, ideally you should always upgrade to the latest version, but to be honest a lot of us put this at the end of their to do list and might never get it done.

David Kierznowski of blogsecurity.net lately released a simple plugin to hide your wordpress installation version number.

The no version plugin is a simple plugin that will replace the version number with blanks, so anyone doing a view “page source” from the browser on your site will not be able to see your wordpress version.

Click here to read more and download it.

Another tip is to disable directory browsing to your plugin directory.

To check it out do a http://yourdomain.com/wp-content/plugins ( where yourdomain.com the domain of your site) and hit enter.

If you see your plugins files, then you have a security issue.

Here is how to fix it:

Go to your plugin directory in your file manager, and create a . htaccess file if there is no one.

Add the following line:

# disable plugin directory browsing
Options -Indexes

Go back and TEST. You should be fine now.

If you need any help, don’t hesitate to contact me.

Installation is pretty simple and quick, however you will need to proof listen to your post in addition to proof reading it.

This plugin is provided for free by Odiogo. They have a mechanism that will parse your content and convert it to audio upon a click on a play button.

The reader (a man ) sounds very professional, however when you write you have to be careful with punctuations. I would recommend writing short sentences, or pay attention to adding commas in longer sentences. This will allow the audio to pause and make your content more understandable.

Make sure you comment any html, javascipt or php samples in your post. The audio will not be able to read it. It will either skip it in the middle or keep spelling it which sounds really difficult to follow. Proof listen, change you text, proof listen till you are happy with your post.

Pros:

- Easy installation.
- Free.
- Great ( Near-human ) quality text-to-speech sound and voice projection.
- Additional channel of distribution to you content, specially for the reading impared.

- Works on WordPress, Blogger, TypePad and Terapad platforms. More info in their blog.

Cons:

- The latest post usually doesn’t show immediately, however for faster availability of audio with XML-RPC check this post.
- Player has no volume control slider
- You need to spend extra time to comment any text that audio will not read
- You need to spend extra time to proof listen to your post

Install:

1. Sign up at odiogo.com

You will receive an instant email for signing up and an email in a couple of hours with your account setup info.

2. Download the plugin after receiving a second email.

3. Upload directory odiogo_listen_button to your /wp-content/plugins directory via FTP

4. Login to your WordPress admin account and activate the Odiogo Listen Button plugin through the Plugins menu

5. Click Menu Options > Odiogo Listen Button

6. Enter your Odiogo Feed ID and click Save ( Feed ID provided in email )

If you have a widget ready wordpress theme and want to display Odiogo Subscribe button on your sidebar
7. Click menu Presentation > Widgets (or Sidebar Widgets depending on your WP version)

8. Drag and drop Odiogo Subscribe Button from Available Widgets to Sidebar

9. Save changes.

If you don’t have widget ready wordpress or want to just custom add your Audio Enriched RSS Feed:

7. Add a link to http://podcasts.odiogo.com/tdot-blog/podcasts-xml.php

and replace tdot-blog with your site url

8. Upload your changes.

ENJOY, and let me know what you think about it.