The Year of the Hack!

Some are calling 2013 “The Year Of The Hack”; it’s more important than ever to take the necessary steps to ensure your site is secure. Since 2008, almost half a million WP sites have been reportedly hacked and this number is sure to rise as WordPress gains more in popularity. Close to 19% of the world’s websites are powered by WordPress. By not keeping all of the plug-ins and themes associated with your site up to date, you could be potentially leaving it vulnerable to an attack.

Tips to reduce the risk of being hacked:

  • Keep software and all plug-ins updated
  • Remove all plug-in and add-ons not in use
  • Make security a priority when choosing a web hosting company
  • Use proper file permissions on your server
  • Use strong, varied passwords and don’t store them locally
  • Regularly scan your PC for malware

We are in an era where everywhere you turn, you hear stories of the latest hack, and it’s no secret that WordPress has received plenty of bad publicity regarding the topic. Recently, stories about hackers laying a massive, global siege on WordPress sites across the Internet have been everywhere. The main focus of these hacks was exploiting the default “admin” accounts and over 90,000+ IP addresses were involved in the attack. From this, companies scramble with their tail between their legs trying to patch up the security holes they swore never existed.

It should be made a general rule when owning a WordPress site to continuously stay current on the latest updates. Hacking aside, there are several additional benefits to keeping your website fresh and up to date. To put it another way, think about a car; you know the over-all cost of maintenance it is far less than fixing a problem should it occur. Keeping your website up to date, like your car, will be far less expensive in the long run and will give you more “mileage” out of your site.

Inspiring Work Spaces


This past week we had a contest across multiple social media channels asking people to submit pictures of their offices, work spaces, or simply the view from their perspective while working. In turn, the prize for the most “liked” picture would be an amazing custom designed TrevNet T-shirt.

We had some great responses from Twitter, Facebook and Instagram. Not only did we see pictures of your average indoor offices but we saw perspectives from military personnel, work-from-home professionals and some pretty creative perspective shots.

We are glad the winner wasn’t left up to us because it would have been hard to choose the best one. To give you an idea what amazing entries we had, check out all the submissions below:

Looking at all these offices got us thinking. You all need to decorate! Inspiration is hard to find so we figured we would help you out with some inspiration. Here are some great office spaces we found that would make anyone want to redesign:

And the Winner Is:

After a week of submissions, and 7 days of waiting (wait, a week is 7 days, right?)…the picture with the most likes, shares, comments (and views, but really – likes are the only thing that count here) is – drum roll please – Justin Willemsen!! Justin’s photo was posted to Facebook so, Justin, we will be contacting you via FB to get your information and send you your prize. Check out Justin’s amazing photo below; what an awesome shot. You got skillz, son.Justin

And Just because we are feeling super generous…

The picture with the second most likes will also be getting a prize! At a very close second, The Cupertino Soap Company Posted their work space view on Instagram and received quite a few likes. Check out how creative they got:


Thank you to everyone who sent us their photos, it was awesome to see how everyone works, what inspires people and just how different everyone’s work environments are.

What is your ideal work space look like? It’s not too late to send us a photo or drop us a comment. Keep an eye out for our next freebie; what would you like to see next?

WordPress Under Attack!

If you haven’t heard in the news already, hackers have been laying a massive, global siege on WordPress sites across the Internet. Their main focus is to exploit the default “admin” accounts WordPress sets up for you when you first start out. If these hackers gain access to your site, this could pave their way to potentially take control of your server.Wordpress Hack

Host Gator has run analytical reports and believes around 90,000+ IP addresses have been involved in this dictionary attack. According to TechCrunch, CEO Matthew Prince of CloudFlare, believes these hackers are using 100,000 bots strong for their strikes.

CloudFlare believes these attacks are being conducted using only low powered home PCs but feels these hackers’ intentions are to build a much larger army of botnet servers in order to carry out larger attacks in the future.

Steps to avoid your site from being compromised:

1. Choose a stronger password.

2. There are several WordPress plugins you can install to help ward off these hacks

An email was issued this morning from Mark Maunder, CEO of Wordfence also suggesting to “disabled and deleted all unused themes and plugins”. Read full email below.

Dear WordPress Publisher,

I'm sure you've seen the news reports during the last 72+ hours about a "massive" 
"global" "distributed" brute force attack on WordPress systems. 

Brute force attacks are ongoing, and this is simply an increase in frequency. To 
protect yourself, make sure all default accounts like "admin" have been deleted 
or renamed and that your passwords are very difficult to guess. A brute-force attack
is a relatively unsophisticated attack where one or more remote machines try to 
guess your password. 

The more successful attacks are attacks where a back-door known only to a hacker 
(a zero day vulnerability) is exploited to gain access to your system without 
logging in. The Timthumb vulnerability which I discovered and fixed last year is 
an example of this. I haven't seen any reports of a new "zero day" vulnerability
being exploited in this attack. 

The nature of the attack does suggest that a large portion of the brute force 
attacks currently underway may be originating from an individual or a single group. 
If successful this will result in a single individual or group having access to a 
large distributed network of compromised WordPress servers on relatively high 
bandwidth links. They can then launch further attacks from this platform. However, 
whether the attacks are being orchestrated by one person or one group should not 
affect how you protect yourself. 

In this case:

1. Make sure your "admin" account has been renamed.

2. Make sure all your passwords are difficult to guess.

3. Make sure you've disabled and deleted all unused themes and plugins. 

Don't be alarmed if you see an increased flow of login attempts on your Wordfence 
live traffic screen (The Logins and Logouts panel). As long as your passwords are 
hard to guess and you've removed the "admin" account, you'll most likely be just 
fine. If you're bored, you can manually block each malicious IP address using 
Wordfence, or even block the originating Networks. But I'm not doing this on my 
personal sites because I have strong passwords and no admin account.


Mark Maunder

Wordfence Creator & Feedjit Inc. CEO.

PS: If you aren't already a member you can subscribe to our WordPress Security and 
Product Updates mailing list here. You're welcome to republish this email in part or
in full provided you mention that the source is If you would 
like to get Wordfence for your WordPress website, simply go to your "Plugin" menu, 
click "add new" and search for "wordfence".

Despite this current attack, WordPress is still a leading website platform for several industries. If you need quick guidance as to how to change your username from admin to something new:

To rename your WordPress ‘admin’ user:

  1. Sign in as ‘admin’.
  2. Create a new user using the steps below.
  3. Choose a hard-to-guess username, but don’t make it so difficult that you’ll forget it.
  4. Make that user’s role “administrator”.
  5. Choose a password that has upper and lower-case letters and numbers in it. Symbols are OK too. Never use the word ‘password’ in your password, even if it has a different case and includes numbers.
  6. Click “Add new user”.
  7. Sign out as ‘admin’.
  8. Sign in as the new user.
  9. Delete your old ‘admin’ user and assign all posts/pages/comments to your new admin user.
  10. Congratulations, you now have a more secure WordPress system.
    Instructions provided by Wordfence

If you need further help, feel free to contact us and we’ll be happy to assist you.

Help Us Fight Breast Cancer

TrevNet Media is proud to support Breast Cancer Awareness this month. In honor of all those affected we will be donating to the National Breast Cancer Association and as an added bonus, every time somebody clicks “Like” on the TrevNet Media Facebook page, we will donate an additional 10¢ towards the fight against breast cancer. Our maximum goal is to raise $5,000 by the end of the month! Want to join us in the fight?

“Like” our fan page and help spread the word. Together we can help make a difference.

Click here to go to our Facebook page



Make Your Website a Priority

You have probably been postponing or brushing aside the idea of updating your website for a while, likely because you do not have the time or you think it is too expensive. In this day and age where a website is the main source of information for customers about a business, you cannot afford to leave it to chance. Your website acts as a 24/7 advertisement for your company. The look and feel of your site is very important. A FRESH SITE WILL DRAW ATTENTION!! You only have seconds to attract a customer and it is difficult to do with a site that is old and obsolete. You want to give your customer a reason to come back for more. This is why we believe it is crucial to stay up-to-date with the changing times and redesigning your website is one of the most effective ways to do it.

Great Reasons to Redesign Your Site

Keeping up with the Search Engines – it makes sense to rework the content of your website from time to time to include relevant keywords that will bring in more web traffic through higher ranking in the search results.

New Platform Integration – you may need to redesign certain aspects to make it compatible with latest software and browser technology. Incorporating new technology will enhance the site’s usability and effectiveness in the long run. Plus HTML5 is totally sweet!

Adding New Tools – Keep your clients informed with all the latest news about your company using tools like photo books, blogs, social media and forums. People expect interaction in this new “social internet” era.

Add Video –The closest thing to real life on the web today is video. By incorporating video into your website, you add that extra touch of reality that your visitors can connect with.

Staying Ahead of the Competition – as the popularity of the internet increases so does your competition. This means that your website needs to be at its best to stay ahead of the game. Almost everyone uses the internet to do their research before making a choice on a product or service. First impressions online are extremely important.

Don’t let updating your website go to the bottom of the to-do list. It is an easy way to keep clients coming and allows new clients to find you and see how your business can help them. If you need assistance don’t hesitate to contact us. We can provide you with all the tools you’ll need to maintain your company’s success. Take a look at the latest services we can provide your business.