Website Tips

how to block spam emails in wordpress

WordPress Tips: How to block spam emails

By Website Tips No Comments

We constantly get questions from clients about how to avoid spam emails coming through the online forms on their websites. This is the first of two articles about how to block spam emails. First, let us say the most important thing about blocking spam:

NO anti-spam system is 100% effective

Sorry, spam is here to stay. It surely boggles the mind that there are companies spending obviously hundreds of thousands of dollars on spam techniques and technology. All I can say is that they must keep doing it because it works. Unfortunately! So, No anti-spam system is 100%. The tech world’s best efforts against spam are mostly a game of catch-up figuring out what the spammers are doing, and methods for overcoming it. Every solution is quickly met with the spammers’ next curveball.

Top that off with low-exchange rates with other countries where it is super cheap to pay someone–real human beings–to spam you. There are no easy ways to block this kind of spam that aren’t also dramatic (i.e. blocking the original IP and anyone else attached to it).

So…Here are our Top Three EASY solutions for blocking MOST automated spam on WordPress sites and SOME spam generated by human beings.

1. Use Akismet

Akismet has been in the spam-blocking game for many years. They have free versions available but we also encourage contributing to the service so they can keep up the good work. Simply install the Akismet WordPress plugin, create your Akismet account, and activate the Akismet plugin on your site using the Akismet API key. Not only does this filter out many to most spam comments on your site, it also blocks emails if you’re using Contact Form 7 for your forms.

2. Use an anti-bot system like CAPTCHA

This also doesn’t work against real-people spam, but it does a great job at blocking automated spam. Not much more else to say about this solution without making this a step-by-step tutorial (which this is not because there are already tons of good tutorials out there). Here’s an example of Google’s reCAPTCHA:

google recaptcha example

You’ve probably had to use this feature on other websites.

3. Manually block domains or IP’s

WordPress has a built-in feature for blocking spam messages or comments. This doesn’t really work until you’ve received a spam message BUT it will block any future messages so it’s still worth doing. To implement this method

  • Go to ‘Dashboard > Settings > Discussion’
    how to block spam emails in wordpress 1
  • Go to ‘Comment Blacklist’
  • Enter the domain you wish to block
    See the screenshot above for where to place it. You find the domain from the spam email you received. If sent you an email about starting a bank account, you copy and highlight everything AFTER the ‘@’ symbol (don’t include the ‘@’ symbol). Place the domain (e.g. in the Comments Blacklist and this will work with Contact Form 7 to never send emails to you. As you can see from our example above we use this method ourselves.

    It’s unfortunate that you are going to receive spam from time to time. Start with the methods above. Most of your automated spam will stop. When the odd spam message does get through you can block the domain and stop future emails. Mostly. Spammers are bound and determined to get through, and they get very creative about how they do it. What’s worse, your domain or email can end up on spam lists that are shared with others. But, online forms are a VERY important way for your ideal customers and prospects to get through to you so we recommend keeping a form active on your site when at all possible.

    Hope these tips helped!

    Photo credits: d3images

website security wordpress security

Three website security tips for your WordPress website

By Website Tips No Comments

Website security has become an increasingly important topic over the last few years. It has become so important that even Google has taken steps to prioritize websites that use secure hosting — even if the site doesn’t perform any functions like processing credits cards. Since we deal mostly with WordPress we care specifically about WordPress security. Below are some of the most basic and most important steps you can take to protect your site from malicious behavior, hacks or malware injections.

1. Create regular backups

This is easily the most important thing you should do for website security. WordPress operates in multiple parts: tables, content files and code files. By creating regular backups of your WordPress website you will always have a working copy of your site. If your site goes down or gets hacked you can easily restore it to the most recent working version. How often to backup? The more frequently you edit or add content to your site, the more frequently you should backup your site. We recommend weekly. If you don’t change content very often you can get away with backing up your site monthly. We also recommend a regimen of automated backups with manual backups just to be safe.

2. Update WordPress Version, Plugins and Themes

This is the most important preventative action you can take for website security. One thing we love about WordPress is that it is open source and is backed up by a thriving community of fans and expert coders. WordPress is constantly upgraded to improve the security of its coding. Granted, weaknesses are usually identified after they’ve been exploited, but teams of crack coders work to fix the weaknesses and improve WordPress security. The same can be said for GOOD themes and plugins whose creators actively update their coding. You should keep your site updated to the most recent, stable version of WordPress as well as plugins and themes. Otherwise, your site will be vulnerable to hacking.

3. Use Security Plugins

Over the years, two WordPress security plugins have risen to the top of our favorites list. We recommend them highly. They both have free and premium versions. The free versions have awesome features, and if website security becomes more of a concern, we recommend the premium versions. We’ll just highlight our favorite features. You should check out these plugins fully.

iThemes Security Plugin

Hide Backend: This feature hides the typical login page for WordPress. Hackers frequently try brute force attacks by bombarding pages like the login page with bogus login attempts. If they can hack your login they can do anything they want to your site. This is no good! By hiding your login page URL you can prevent an enormous number of these kind of brute force attacks.

404 Detection: This is another way hackers frequently attack a site — by searching for known page URL’s on other sites. If your site doesn’t have the same URL’s these hackers will generate an unusually high number of 404 errors. iThemes Security Plugin allows you to limit, even block IP’s that are acting suspiciously on your site.

Banned Users: This is by far our favorite feature. You can permanently ban suspicious or malicious IP’s from your website. Talk about website security! Once a spammer or hacker finds your site they can be relentless at bombarding your site with spam or hack attempts. Once you detect them you can block them from even getting to your site. It’s a beautiful thing 🙂


Live Traffic: Live Traffic allows you to view real-time activity on your site. Wordfence does a pretty good job of determining whether that activity is a human, a bot, or potentially dangerous. You can view in real-time if something suspicious is going on and then determine what action to take.

Blocking: You guessed it. We love blocking malicious activity. Wordfence provides multiple ways of blocking IP’s. Probably the coolest is in the Live Traffic feature. If you see someone (or a bot) trying to exploit WordPress weaknesses you can immediately block them right then and there.

Firewall: Wordfence’s Firewall feature is not too shabby! They’ve even built in the ability for it to “learn”. By monitoring the behavior on your site it tries to differentiate automatically between normal behavior versus suspicious behavior. And, when it detects suspicious acting IP’s, it goes into action protecting your site.

If you take the above security measures you can eliminate 99% of your worries about your site being hacked. The nicest thing about these website security tips is that they are free and easy to do. If you invest just a little time each week to monitoring and maintaining the security on your site you will easily stay on top of things and keep your website safe.




free stock images for blogs and websites

Best, FREE stock images for blogs and websites

By Website Tips No Comments

The demand for free stock images for blogs and websites has always been high. I mean, with the advent of WordPress, one of the driving themes has been creating a blog or website on a shoestring budget (or no budget at all). But what is a website with out images? Boring. That’s what. We are visually driven creatures by nature. Do we really buy magazines for the articles? Maybe a little, but what really grabs us are the images. The same goes for blogs and websites.

Until the last year or two, finding quality (emphasis on quality) free stock images for blogs and websites has been a real chore. That has changed, however. Several sites have really stepped up their game and have become great resources for free images and free stock photos. We thought we would share some of the top sites we use and recommend to clients.

Unsplash is by far our favorite website for free stock photos. The site is 100% photographs taken by professional-grade photographers. The images are stunning, high grade, and very useable for any level of site, whether free blog or Ferrari-quality website. What’s more, the images are completely free to use. You don’t even have to give the artists credit. That’s pretty damn cool.

You know what else is pretty damn awesome? Giving the artists credit! Hey, they did you a solid. It’s just common decency. In a world where we all help each other out, great things happen. (You’ll notice we used an image from Unsplash for this blog post AND credited the artist! 🙂 )

Freepik is our other #1 stop for quality free images. (Again, emphasis on quality.) They have some pretty cool copyright rules. You can either credit the artist (which it’s just fair and decent if you do anyway), or you can purchase a VERY reasonable monthly membership and not have to credit the artist. Either way, it seems like a win-win situation.

Another important way Freepik differs from Unsplash is that it has a wider array of graphics available. Not only does it have basically free images for blogs, it also has vector graphics and other art that are great for websites. Check ’em out!


This may seem a teensy bit out of place, but for those of you looking for a great stock VIDEO resource, we recommend Super, super awesome resource. It gives you great videos for truly amazing prices. Granted it’s not free, but it is practically free. We use this resource liberally and have been extremely happy with it.

Check ’em out!


Here are some other resources for free stock images for blogs and websites. If we don’t find what we’re looking for at the above resources, we frequent these sites:


There are lots and lots of stock photos and free images sites nowadays so it’s easy to do an internet search for ‘royalty free images’. Browse several of them and find which one gives you the best results for your style.

Remember to give credit to the artists. These people work hard to make your site look good!

Photo credit: Teddy Kelley

error 404

How to fix error 404 on your website

By Website Tips No Comments

You may have been browsing the web and come across an error 404 that looks something like this:

HTTP 404 Not Found Error

When you hit an error 404 web page like that it can be alarming and a little scary. If you saw something like this you probably hit the ‘Back’ button immediately and went to another website.

But wait…If you own a website you want to make sure your site doesn’t have any 404 error on it, right? I mean, if people were landing on a page like that on your site, you would want to fix it — ASAP!

You might be thinking, “Why would I have an error 404 on my site? I haven’t done anything to create any errors. I’m good.” Danger Will Robinson! 404 error’s are more common than you might think. And they can mean different things. This article will share some causes of 404 errors as well as how to find and fix them. If you don’t fix an error 404 on your site, you could be missing out on vital web traffic AND business.

What is a 404 error?

Luckily, a 404 error is not as scary as it sounds. It simply means, “There is no page on this URL.” If you were worried, you can wipe your brow. Your site hasn’t been hacked or anything. But, don’t rest easy yet, you have work to do.

How to find error 404 on your site

There are many ways to find 404 errors on your website. Since we’re specifically talking about WordPress sites, I will share my favorite two.

1. Redirection

The WordPress plugin called Redirection by John Godley is by far my favorite WordPress plugin for finding and fixing 404 errors. Once you install and activate the plugin on your site, all you have to do is:

  1. Go to Dashboard > Tools > Redirection
  2. Click ‘404’ on the top navigation area (screenshot below)

fix 404 error redirection plugin

Once on this page, the plugin tells you basically all the 404’s your site is getting. We’ll show you how to fix the 404 error right then and there, next. But first…

2. Google Search Console

…Our other favorite source for finding an error 404 on your site is Google Search Console (formerly known as Google Webmaster Tools. Don’t ask me why they changed their name, I suspect it’s because Bing and Yahoo created their own ‘Webmaster Tools’ and Google had to stay unique). Once you’ve created your account, simply click on the ‘Crawl Errors’ button and voila! Google shows you the history of 404’s found on your site. It also gives you the opportunity to notify Google that you’ve fixed the issue.

So I guess that means we should talk about…

How to fix a 404 error on WordPress

If you are in the Redirection plugin on the 404 page, all you have to do is hover over a listed 404. You’ll see a link pop up that says: “Add Redirect”. Click it. A window pops up with the 404 already pre-populated. Enter the link where you would like the traffic to go. Click the “Add Redirect” button. All done!

Important Note!

You want to see if you can guess where people are trying to get when they land on your error 404. For instance, if they landed on a page that has to do with buying a product, redirect them to a similar product. Or if is looks like they were trying to contact you, redirect them to your actual contact page.

If you find a 404 using Google Search Console you can still use the Redirection plugin. Simply navigate to the plugin page and scroll to the bottom of the page. There is a section to create a redirection for any link you desire. It’s so easy to use. We love it!

What causes an error 404

Lots of things.

  • Maybe you changed the name of a page or post
  • Maybe you deleted or hid a page
  • Maybe someone entered a typo in a link
  • Maybe someone has an old link to your site
  • A hacker could be looking for weaknesses in your site

It’s a long and endless list, to say the least. You can find all this information out via your 404’s. Cool, right?

The main point is that you find the 404’s and fix them. If someone has an old link, you can fix the 404 on your own site. You should also ask them to update their information, but you don’t have to wait for the issue to be solved. As for the hacker bit…

A kind of different fix for 404 errors…

The Redirection WordPress plugin by John Godley has some cool features in it. One we’ll make special note of is that you can see the IP address that generated the 404 error. An IP address is just the ‘computer address’ of the person or bot using that computer or server. Using this plugin you can detect some potential malicious behavior on your site. For instance, if you find that a 404 was generated for a page like /wordpress/wp-login.php or /users/register you can tell that this user or bot is trying to find the login page to your site.

Oh no!!!!!!

That’s not good. Now, you can’t use the Redirection plugin to block that IP. But you CAN grab the IP address and block it.

First, do some research. Look the IP address up here: Review comments left by others for details about potential harm. Then click the red ‘Blacklist’ button. See if that IP has been registered as harmful.

Next, If you determine the IP is harmful, or potentially unsafe, block it. We use our htaccess file and the iThemes Security plugin to block malicious IP’s. That is a whole other blog article which… we’ll write about soon. For now, install the Redirection plugin and start using it immediately.

If you don’t, your visitors are going to get that scary error 404 message and click that ‘Back’ button, which means you lose their business and lose out on helping people who need it.

Happy Redirecting!!!!!

Photo credit: @pinnacleanimates

how to stop unwanted emails

How to stop unwanted emails after domain registration

By Website Tips No Comments

We get this question a lot:

“I just registered my domain, now I’m getting tons of email spam and phone calls! How do I make it stop????????”

Many people who register a new domain want to know how to stop unwanted emails and phone calls. Even if they never had a problem with other domains, they might be getting targeted by email spam the very next day after registering a new domain. So here’s the skinny — why you might be getting new spam emails and how to stop unwanted emails.

The bad news

ICANN regulations require that your contact information be both correct AND displayed to the public. If you have business contact info you don’t mind being public, and a good spam filter, you might not mind this. However, if you have to use personal information or can’t handle the hassle of email spam, this is bad news. I disagree with the regulation of publicly displaying private information to the world, but that part is out of my hands.

The ugly news

Not only may you get bombarded by spam, it is also a major concern for identity theft. In this day and age, identity theft is a major problem. Just ask anyone who has ever had their identity stolen. It becomes a lifelong battle for many.

The good news

You are allowed to use ICANN-approved proxies or intermediaries who verify your contact information then display their own contact info for the domain rather than yours. If you want to know how to stop unwanted emails, this is the best way to go. I mean, you could go get a special email and phone number dedicated simply to registering your domains, but that is neither cost nor time effective.

How to stop unwanted emails

If you register your domain with we protect your private information for only $5.95 per YEAR (ask for bulk rates). This is a small price to pay for peace of mind and protection from annoyance AND potentially harmful activity. For more information, view the ICANN website.

Contact us today to register or transfer your domain and to get the protection you deserve.


learn wordpress free!

Learn WordPress — Free!

By Web Ninja Updates, Website Tips No Comments

We are excited to announce the launch of our Weekly WordPress Training Webinars where you can learn WordPress — free! WordPress is an amazing web creation tool, but it comes with a learning curve. Rather than watch our clients and fans struggle, we have decided to help you overcome your worries and obstacles. Why?

We want you to succeed!

That may sound altruistic, but it’s also a little selfish. When you succeed, we succeed. So — let’s succeed together! Our business model is built on the Pay-it-forward philosophy, so this is one of the ways we’re paying it forward to you.

Many businesses get WordPress because it allows them to edit their own content. But it turns out to take more learning than they bargained for. They seek WordPress training but then that can be expensive or take even more time or not answer their basic questions. We wanted to provide a setting where solopreneurs, entrepreneurs and even small or large businesses can learn WordPress free — AND get their direct questions answered.

Free WordPress Training

So, we created a Weekly WordPress Webinar. It’s a coffee-klatch type setting. Relaxed atmosphere. We are going to cover Beginner to Intermediate topics. These will be enough for you to manage your website, update your content, protect your site from spam, hacking or malware, track visitor behavior, and more!

So — Join our WordPress Webinars. It’s free! Click the button to sign up.

Learn WordPress Free

You’ll learn:

  • How to create Posts and Pages
  • Add images and downloads to your content
  • Use SEO on your site
  • Create contact forms
  • Protect from spam comments, hacking, malware
  • And much more!

Learn WordPress: Free WordPress Training.

Your business will thank you 🙂

Learn WordPress Free
one page website

Why a one page website is all you need!

By Website Tips No Comments

You may have been seeing more one page websites out there as you browse the web. As web designers go, there are schools of thought that hate single page websites. Some schools of thoughts love them. One page websites were sort of thrust upon the world before technology was really ready to support them, so we here at Web Ninja can see both sides of the argument.

So, now that web and mobile technology has kind of finished its “Responsive puberty”, we kind of love one page websites. In fact, a single page website is all you really need to launch your business or brand. At least to start.


NAVIGATION. User-friendly navigation is one of the most important aspects of a website. If visitors can’t find the information they need — instantly — you are likely to lose valuable visitor traffic. A one page layout keeps navigation simple. A visitor need only scroll up or down to find the information they need.

LASER-FOCUSED CONTENT. If you’re going the route of a one-paged website, you don’t have infinite room to work with. Yes, your page could scroll on and on forever, but no one in their right mind would do that. Having space-constraints makes you laser-focus and power-pack your content. Get to the good stuff, then move on. Visitors love it because they’re scanning your content anyway, rather than stop to read every word. Higher-quality content is more likely to convert.

RESPONSIVE DESIGN. It’s official — most web surfers are surfing on mobile devices. Responsive design is essential for you to succeed online. One page website templates do a fantastic job of making your site look great on whatever device it’s being viewed on, AND make it easy. Bear in mind, most of our clients’ purchasers buy on laptop and desktop computers so again — responsive design is essential for you to succeed online.

CALL-TO-ACTION MAGIC. A strong Call-To-Action (CTA) is where the magic happens on your site. Ideal prospects have one question on their mind, “What do I do next?” A strong CTA tells them and invites them to connect with you. Now, remember, your visitors are scrolling. This gives you opportunity after opportunity to post multiple Calls-To-Action or your clients. As they scroll they are prompted again and again to take the action you want them to.

EASY ON THE BUDGET. No explanation needed here. Save some of that shoestring budget for other important parts of your business. Your website can adapt and grow with your business. Grow and develop your website as you have the budget for it. Invest your money wisely.

QUICK TURNAROUND. A one page website can literally be created in a day. Of course, it normally takes a little longer than that but most of that is decision work on your end: What content to write? Colors? Basic layout? Imagery? You have some decisions to make and some homework to do. But isn’t it nice that once you have your ducks in a row you can get a beautiful website fast and budget-friendly?


These are just a few of the major benefits of single page websites. If you need to get your business online fast and have a modest budget, start with a one page website. We have a great services package you and your customers will love. Chat with us, ask us your questions. Let’s get your site launched so you can go kick butt!

Photo credit: Carl Heyerdahl. Thanks, Carl!

Celebrate Freedom: Freedom for All

By Website Tips No Comments

By now you’re probably thinking we like to celebrate, here at Web.Ninja. Well, you’re right. We work hard and we play hard. Life is short so we are making the most of it. Life is also precious, that is why today and tomorrow we celebrate freedom — freedom for all.

I was curious about the symbology and history of the Statue of Liberty so did some research (always good to keep learning new things). We all know the French gifted the Statue of Liberty as a symbol of the French-U.S. alliance during the American Revolution. What I didn’t know was how deep the meaning went for the French.

France, at the time, was going through their own revolution, the rise of the Enlightenment — a movement that sought life, liberty and the pursuit of happiness. However, at the time, “liberty” suggested violent revolution. The architects of Lady Liberty believed that peace and freedom could be attained without the use of violence. The Statue of Liberty was named Liberty Enlightening the World and was designed to “be above conservatism and liberalism and above radical revolutions and political turmoil.”

Now THIS was a revolutionary idea. It STILL is. Now, war only happens because people pick up guns or bombs or other means of violence. But, that doesn’t create peace, or freedom for all. Freedom and peace happen when we all choose NOT to use violence. It is a stretch, and it is a dream, but that is why we celebrate freedom. If we all celebrate freedom each and every day, we will count our blessings. We will see the good in others. We will see others’ suffering and lend a helping hand. We will listen more than we speak, and when we speak we will use words of kindness, compassion, and goodwill.

So, today, let us all celebrate freedom by creating peace and freedom for all. The power is in our hands.

Peace to you. Peace to all.

Photo credit: Daryan Shamkhali
Quote credit: National Park Service

celebrate diversity, celebrate pride, celebrate life

Celebrate Diversity, Celebrate Pride, Celebrate Life

By Website Tips No Comments

In May of 2016, President Obama declared June 2016 as “Lesbian, Gay, Bisexual, and Transgender Pride Month.” Along with that he stated, “I call upon the people of the United States to eliminate prejudice everywhere it exists, and to celebrate the great diversity of the American people.”

So, we’re picking up that flag again this June and declaring, as President Obama stated, that “love is love and that no person should be judged by anything but the content of their character.”

Here at Web Ninja, we celebrate life. Life provides an endless rainbow of diversity. And while some see differences as threatening, we view differences as enriching, inspiring, enlightening, and a wonderful way to experience all the wonderfulness this life has to offer.

Celebrating Pride is about celebrating life and celebrating diversity. It’s about seeing the good in everyone. Pride isn’t just for the LGBT community. It is for everyone. So find a local Pride festival and hold those rainbow flags high. The bright colors of the rainbow represent you. And me. And all of us, and all our bright, beautiful differences.

Celebrate Diversity. Celebrate Life. Make the most of the time you have. Give love, love, love.

See you at the festivities!

kick butt

“Houston, we have lift off.”

By Website Tips No Comments

We’re really excited here at Web Ninja to launch our new brand and site. We are a cadre of web, marketing and business experts who help individuals, entrepreneurs and businesses like yours succeed on the web. And not just succeed, we want to help you kick butt!

You see, we’re not just interested in building websites and running ads. We want to change the world. That means empowering you and your clients, your fans, your community to live better lives and achieve their goals. So excited are we, we’re shouting,

“Houston, we have liftoff.”

There’s no turning back. Just upward and onward. To the stars. We have high hopes and and ambitious goals for helping lots of people, and lots of businesses. So, join us.

Join us in helping your fans-clients-customers-prospects-community. Help us in changing the world.

What are your goals?

What do you hope to accomplish? How are you going to accomplish it? You will need to use the web to reach your audience both near and far. With us as your Web Team we can accomplish great things.

Let’s get your message out to the world and build your business. Build your community. Let’s get your own website launch together so you’ll shout your own “We have liftoff.”

Well, we’re gonna sign out for now. Lots to do. For now — welcome. Check out our services. And then, get in touch with us. Let’s see how we can help you kick butt.