Postman SMTP

Some sites, and some hosting platforms, have difficulty handling email, in which case we have to add a plugin to ensure email delivery goes through smooth. Here are the steps for adding our preferred plugin, Postman SMTP, to a WordPress site:

  1. Find the plugin within the repository. It is https://wordpress.org/plugins/postman-smtp/
  2. Have at the ready an email address, preferably a gmail, and log in to it. You’ll need this address to set up the APP, API Key and App Secret.
  3. Enable the plugin and go through the Setup Wizard. It will ask you the email address and name. If a gmail address, it will go through the next two steps without any input needed.
  4. In authentication, click the link to the Google Developers Console Gmail Wizard to set up the App.
  5. In the Console, it will ask you to create a project and if you agree to the terms of service. This will enable the API.
  6. In the first step, you are using a Gmail API. In the second step, you’ll be calling this from a Web Browser (JavaScript). Next, click on User Data as the data you will be accessing. Then click on What Credentials Do I Need?
  7. The Console will ask you for the Authorized JavaScript origins and Redirect URI, which are in the current screen of Postman SMTP. Add those to the console and click on create the ID.
  8. Still in the Console, add the email address and add a Product Name of your choosing.
  9. This will give you the Client ID. Copy it and paste it into Postman SMTP’s settings.
  10. To get the Client Secret, click on Credentials in the left menu, then click on the name of your APP. This will give you the Secret. Add to Postman SMTP.
  11. You’ll have to enable the APP, which Postman will prompt you to do.
  12. You’ll also need to go back into the settings, and change the transport type to Gmail API from SMTP.

And that should be it. Next, test the form to make sure everything is in order.

Reviews Format

Want to know what people are saying? Take a look at our various reviews profiles below, and feel free to leave your own comments! We greatly appreciate hearing feedback from our clients. Please note that many of these sites require accounts to discourage inauthentic reviews. To find us on Yelp, simply search “XXX” near “XXX”


Facebook

*Requires Account


Google Plus

*Requires Account


Yellow Pages

*No Account Required


Yelp

*Requires Account

Master List of Spam Referral Sources

This post is no longer in use because there is a built in Google feature you can enable on the view settings of each account.

These are to be added to iThemes as blocked user agents.

  • 4webmasters.org
  • free-share-buttons.com
  • buttons-for-your-website.com
  • Get-Free-Traffic-Now.com
  • free-social-buttons.com
  • event-tracking.com
  • guardlink.org
  • best-seo-offer.com
  • trafficmonetize.org
  • www8.free-social-buttons.com
  • www.event-tracking.com
  • 100dollars-seo.com
  • sitevaluation.org
  • webmonetizer.net
  • floating-share-buttons.com
  • www4.free-social-buttons.com
  • site1.floating-share-buttons.com
  • site2.floating-share-buttons.com
  • site3.floating-share-buttons.com
  • site4.floating-share-buttons.com
  • site5.floating-share-buttons.com
  • success-seo.com
  • buttons-for-website.com
  • www1.free-social-buttons.com
  • www2.free-social-buttons.com
  • www3.free-social-buttons.com
  • www5.free-social-buttons.com
  • www6.free-social-buttons.com
  • www8.free-social-buttons.com

 

Permanent redirect all pages to HTTPS on WordPress

In the past we have modified the standard WordPress snippet in the htaccess file to add this redirect code. It is best to add this as a separate section in the htaccess file to prevent it being overidden by security plugin or a WordPress update.

# https
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^(.*) https://%{SERVER_NAME}/$1 [R,L]
# end https

The Boom Visibility Parent Theme

Adapted from the WordPress Twenty Twelve Theme

Sliders and Tabs use Bx Slider

Photo Galleries and Single Images Use Osvaldas Responsive Gallery Script

The responsive Menu uses slick nav.

A copy of the parent theme can be worded on and experimented on PhilaDirectory.com.  Don’t assume the latest version is on there though.

bvi-twentytwelve-15-4

Added columns shortcode and newsletter sign up code for gravity forms.

bvi-twentytwelve-15-3

Reorganized style.css into areas with their own sets of media queries.  Add PDF jQuery script to assign class to PDF’s and open in new window. Removed UL LI grids.

bvi-twenty-twelve-css

Charlie’s Version of the parent theme deviated from the Saas build.

bvi-twentytwelve-scott

Scott’s Version of the Parent theme deviated from the Saas build and a few additional sites.

Required

  • Advanced Custom Fields
  • Gravity Forms

Setting Up Gravity Forms Notifications Settings

Gravity Forms notifications are set up in the individual settings of each form. Under notifications, select Admin Notification (the default).

The Send to Email should be set to the email addresses the form should go to.

From Name can be set from the drop down to the right. The First Name should be selected, then a space, then Last Name.

From Email should be set to something like wordpress@<site URL>.

Reply to should be set to the user’s Email address (again, in the right hand dropdown).

BCC to admin email address.

Subject remove all but New Submission Form and add  First Name , then a space, then Last Name, as before.

If this form is in a sidebar, add Embed Post/Page Title into the Message.

 

Post-Hack Procedures

Reset FTP passwords

Reset all admin passwords

Reset database password

Reset WordPress SALTs

Check to see if any new users have been added

Replace all WordPress core files outside of Wp-content, except for WP-config.php.  Visually check over this file, if you are unsure then copy the database specs to the wp-config-sample.php and rename it.

Within WP-content.

Manually go through all of the folders within the uploads folder.

Manually review all files in the active theme folder.

Delete the cache folder it is there.  Delete unneeded themes.  Remove unneeded or unused plugins.  For any remaining plugins delete the folder and redownload them from the repository.

Run WordFence scan.

 

 

Configure iThemes Security

Within Global Settings:
Write to Files: Allow iThemes Security to write to wp-config.php and .htaccess
Set notification email and backup email to web@ address
Send Digest Email
Enable Blacklist Repeat Offender
Add Current IP to Whitelist
Enable Infinite WP Compatibility

Within Banned Users:
Enable Ban Lists

Within System Tweaks:
Protect System Files
Disable Directory Browsing
Disable PHP in Uploads

Within WordPress Tweaks:
Remove the Windows Live Writer header
Remove the RSD Header
Reduce comment spam
Disable XML-RPC (unless using Jetpack)
Block Multiple Authentication Attempts per XML-RPC Request
Protect System Files

We also change the login URL, which is especially important if the site has a history of malware. This is in the Advanced Tab as Hide Backend. In this setting, you can change the login URL to anything you would like.

Setting up Contact Form Goals on Google Analytics

  1. Create a thank you page.  Take note of the page title and the URL.  Use a unique title if setting up multiple forms so its easy to find this page.  For example ‘Thank you requesting a consultation’.
  2. Go to the advanced tab of the Yoast portion of the page and exclude the thank you page from the sitemap and set it to noindex.
  3. Go to Forms > Selected Form > Confirmations – Select a page confirmation and choose the newly created thank you page as the confirmation.
  4. In Google analytics go to the Admin menu and select Goals > Custom Goal > Destination.  Use the partial URL of the page include leading and trailing slash. (/thanks-quick-contact/)