Download link: http://bit.ly/webmaster-pro

If you are a webmaster you probably heard of Google Webmaster Tool. Both Yahoo and Bing have their own versions called Yahoo SiteExplorer and Bing Webmaster Central. With them you can check how your site is indexed (Webmaster Tool), get detailed statistics (Analytics Tool), earn money (Google AdSense) and more.

This plugin allows you to easily integrate them with your blog. It has option to add Google, Bing, Alexa, Blog Catalog, Yahoo’s Webmaster and Analytics code (meat tags). Single click sitemap submission to Google, Bing, Yahoo and Ask. In addition to that it has option to add tracking code for Clicky, Quantcast, Compete.com, SiteMeter.com analytics!! Site-Verification-Option, Google XML sitemap submission. There are more to come in next releases. Stay tuned.

NEW in All in One WebMaster PRO Plugin
================================
1) No branding and advertisement
2) Most popular StatCounter analytics option
3) Option to Exclude login user’s click/hit to get accurate analytics

Features
=======
1) Sitemap Submission Option to Google, Bing, Yahoo and Ask.com
2) Manual HTML Header / Footer section added
3) Now no need to install more plugins. You can just copy the code of any services in a textarea. No more things to do.

Webmaster Option for
=================
1) Google
2) Yahoo
3) Bing
4) Alexa Ranks (new)
5) BlogCatalog (new)
6) Facebook Insights

Analytics Option for
===============
1) Google
2) Quantcast (new)
3) GetClicky
4) Compete.com (new)
5) SiteMeter.com

* NEW: Updates the Asynchronous Tracking snippet to the latest version provided by Google
* Warning/Success/Failure messages added

Home Page & Screenshots: http://arpitshah.com/plugins/all-in-one-webmaster/

Update: New Button is already live on my blog

Though it has only been out for a few months, it seems as if Facebook’s Like button is all over the web. And despite some initial backlash, a lot of people seem to like it (see what I did there?). It now appears that Facebook may already be testing a new version of the Like button. [Update below]

As you can see in the screenshots in this post, the Like button now has the like count on the right side of the actual button in its own smaller box. When you click on this new button, it brings the number inside the actual Like box. Previously, it remained outside the box and the Like box simply turned dark blue indicating you had clicked on it. Now the box remains light blue — but again, this count is inside of it stating that “X people” liked the item.

A few quick things: this new Like button now appears to be the same size as both the Buzz and new Tweet buttons (and it looks more like each of them) — something which publishers will definitely appreciate. Also, this new button makes it hard to accidentally unlike something because you don’t just click the button again, now you have to hover over the thumb icon to bring up an undo arrow — this is something everyone should appreciate.

Read full article here.

Dear Users,

I have just added Twitter’s Official Tweet Button Support in “Twitter Goodies” WordPress Plugin. Version 6.0.5 just released with these changes.

Change Log v6.0.5:

• Major Upgrade
• NEW: Official Twitter's Tweet Button Option added
• Options to display Button on Page, Front Page, RSS Feed
• Options to display Button before content, after content, manual
• Button Style Option => Vertical, Horizontal, No Count
• Float Left/Right Option
• More configuration options related to official Tweet Button

More Screenshots:

Download Link: http://arpitshah.com/plugins/twitter-goodies/

After putting in all of the time, and perhaps money, into your WordPress website or blog, its now time to secure and protect it from outside enemies and general bad guys: hackers, spammers and all round tossers.

If your WP development knowledge is limited, your best option is to download and install plugins. They are easy to install and manage and will give you all the power and security you could ever hope for. Of course, no plugin is powerful enough to protect you from everything, we can only minimize the possible intrusions.

Below, we have twenty plugins that will help you protect your WordPress installation.

1) WP Security Scan

Link: http://wordpress.org/extend/plugins/wp-security-scan/
Description: Scans your WordPress installation for security vulnerabilities and suggests corrective actions.

• passwords
• file permissions
• database security
• version hiding
• WordPress admin protection/security
• removes WP Generator META tag from core code

2) Secure WordPress

Link: http://wordpress.org/extend/plugins/secure-wordpress/
Description: Little help to secure your WordPress installation: Remove Error information on login page; adds index.html to plugin directory; removes the wp-version, except in admin area.

• removes error-information on login-page
• adds index.php plugin-directory (virtual)
• removes the wp-version, except in admin-area
• removes Really Simple Discovery
• removes Windows Live Writer
• remove core update information for non-admins
• remove plugin-update information for non-admins
• remove theme-update informationfor non-admins (only WP 2.8 and higher)
• hide wp-version in backend-dashboard for non-admins
• Add string for use WP Scanner
• Block bad queries

This plugin requires the worlds #1 web server, Apache, and web host support for .htaccess files.

3) Chap Secure Login
Link: http://wordpress.org/extend/plugins/chap-secure-login/
Description: Whenever you try to login into your website, you can use this plugin to trasmit your password encrypted. The encryption process is done by the Chap protocol; this is particularly useful when you can’t use ssl or other kinds of secure protocols. By activating the ChapSecureLogin plugin, the only information transmitted unencrypted is the username; password is hided with a random number (nonce) generated by the session – and opportunely transformed by the MD5 algorithm. In the first login there will be an error, but don’t worry is only a tecnical error. Indeed in the next login’s operation, if the values are correct, there will not be errors, but you give mind because the password will sended in unencrypted way.

4) Invisible Defender
Link: http://wordpress.org/extend/plugins/invisible-defender/
Description: This plugin protects registration, login and comment forms from spambots by adding two extra fields hidden by CSS. This approach gave me 100% anti-spam protection on one of my sites.

The idea behind this plugin is simple: SPAMBOTs either fill every form field they find (generic spambots) or fill WordPress-specific fields only (spambots which will recognise WP or are targeting WP only). Therefore it is sufficient to add two extra text fields to form (one empty and one with predefined value), and check theirs values after form is submitted. 1st field (empty one) will be filled by generic spambots, and 2nd one will not be filled by spambots targeting WP only. With these two simple checks probably all spambots can be easily detected, so WP can return error “403 Forbidden” for them.

These two extra fields are hidden with CSS rule, so they will not be visible for most users. Only users with text-based browsers (and very old ones which not support CSS) will see them, but don’t be afraid – plugin has special message for them.

Not surprisingly, some spammers found Invisible Defender too and updated their spamming software to detect and bypass this plugin. Therefore I started adding new protection methods. First one is blacklist for heavy spammers; more will be added soon.

Invisible Defender also shows number of blocked spammers in Dashboard, so you can see that it really works.

5) AskApache Password Protect
Link: http://wordpress.org/extend/plugins/askapache-password-protect/
Description: This plugin doesn’t control WordPress or mess with your database, instead it utilizes fast, tried-and-true built-in Security features to add multiple layers of security to your blog. This plugin is specifically designed and regularly updated specifically to stop automated and unskilled attackers attempts to exploit vulnerabilities on your blog resulting in a hacked site.

You can set up Password Protection for your blog using HTTP Basic Authentication, or you can choose to use the more secure HTTP Digest Authentication.

The power of this plugin is that it creates a virtual wall around your blog allowing it to stop attacks before they even reach your blog to deliver a malicious payload. In addition this plugin also has the capability to block spam with a resounding slap, saving CPU, Memory, and Database resources. Choose a username and password to protect your entire /wp-admin/ folder and login page. Forbid common exploits and attack patterns with Mod_Security, Mod_Rewrite, Mod_Alias and Apache’s tried-and-true Core Security features. This plugin requires the worlds #1 web server, Apache, and web host support for .htaccess files.

Has a user-contributed attack signature system modeled after the Snort Intrusion Detection and Prevention system, Nessus Vulnerability Scanner, and the Web Application Firewall ModSecurity.

This plugin requires the worlds #1 web server, Apache and web host support for .htaccess files.

6) Admin SSL
Link: http://wordpress.org/extend/plugins/admin-ssl-secure-admin/
Description:

• Forces SSL on all pages where passwords can be entered.
• Works with both Private and Shared SSL.
• Can be installed on WordPress MU to force SSL across all blogs (only works if you have a Private SSL certificate installed) from WPMU 1.3 upwards.
• Custom additional URLS (e.g. wp-admin/) can be secured through the config page.
• You can choose where you want the Admin SSL config page to appear!
• Works on WordPress 2.2 – 2.7; it will not work on previous versions.

7) HTTP Authentication
Link: http://wordpress.org/extend/plugins/http-authentication/
Description: The HTTP Authentication plugin allows you to use existing means of authenticating people to WordPress. This includes Apache’s basic HTTP authentication module and many others.

8 ) Login LockDown
Link: http://wordpress.org/extend/plugins/login-lockdown/
Description: Login LockDown records the IP address and timestamp of every failed login attempt. If more than a certain number of attempts are detected within a short period of time from the same IP range, then the login function is disabled for all requests from that range. This helps to prevent brute force password discovery. Currently the plugin defaults to a 1 hour lock out of an IP block after 3 failed login attempts within 5 minutes. This can be modified via the Options panel. Admisitrators can release locked out IP ranges manually from the panel.

9) Akismet
Link: http://wordpress.org/extend/plugins/akismet/
Description: Akismet checks your comments against the Akismet web service to see if they look like spam or not and lets you review the spam it catches under your blog’s “Comments” admin screen.

Want to show off how much spam Akismet has caught for you? Just put in your template.

10) TAC – Theme Authenticity Checker
Link: http://wordpress.org/extend/plugins/tac/
Description: TAC stands for Theme Authenticity Checker. Currently, TAC searches the source files of every installed theme for signs of malicious code. If such code is found, TAC displays the path to the theme file, the line number, and a small snippet of the suspect code. As of v1.3 TAC also searches for and displays static links.

Then what do you do? Just because the code is there doesn’t mean it’s not supposed to be or even qualifies as a threat, but most theme authors don’t include code outside of the WordPress scope and have no reason to obfuscate the code they make freely available to the web. We recommend contacting the theme author with the code that the script finds, as well as where you downloaded the theme. The real value of this plugin is that you can quickly determine where code cleanup is needed in order to safely enjoy your theme.

I hope above list will help you to protect your blog 100%. Please provide your thoughts and comments in comment section.

Thanks,
Arpit Shah