Dive into MiddCreate Applications RecapClarissa and Evelyn explore various applications on MiddCreate, including Docuwiki, vTiger, Collabtiv, Lime Survey, Known, and Omeka. Read the full post here.
How to Be Secure on the Web“Managing your own content means you must also take responsibility for the security of your sites. It’s tempting to procrastinate about web security because let’s be honest, it seems tedious and boring…Being proactive about web safety can help you avoid the unpleasant experience of being hacked, saving you a ton of time and trouble.” Read the full post here.
Expanding MiddCreate with Open Source Apps“One of the great things about having your own domain is the power to manage your own files. This means you can endlessly expand the utility of your domain by installing any application that will run on a LAMP (Linux, Apache, MySQL, PHP) server, which is what we use for MiddCreate.” Read the full post here.
Easy!AppointmentsEasy!Appointments is a free, customizable appointment scheduling web application. The Digital Learning Commons recently investigated this app as a possible way to streamline our appointment bookings. Here are some of its features:
- manage multiple services and providers
- show each provider their appointment details in a unique calendar
- send email notifications
- display user interfaces in multiple languages
- sync your data with Google Calendar
- integrate Google Analytics
- access all of your customer info and their appointment history
- embed your booking form into a WordPress site with the Easy!Appointments plugin
How and why do sites get attacked?
How to keep your site safe
Keep Regular BackupsAlways backup everything! Prepare for the worst so that even if your site gets hacked, you’ll be able to restore it. Seriously, if you think you’ll forget, set up a reminder in your calendar right now to make sure it gets done. The cPanel has a Backup Wizard that lets you easily backup and restore all or parts of your domain files and databases. A full backup will create an archive of all the files and configurations on your website. You can only use this to move your account to another server, or to keep a local copy of your files. You can’t restore full backups through your cPanel interface. In order to restore files, you’ll need to download partial backups.
Secure Your LoginPreventing hackers from cracking your login using trial-and-error brute force attacks can be as simple as setting up some additional security layers and maintaining good password habits.
- Create a strong password: it should be long, complex (include numbers and special characters) and unique for each site. If you have trouble coming up with one, use a password generator or passphrase (such as an unusual sentence, memorable poetry/movie lines, or summary of a quirky event from your life)
- Make other users do the same (if you can) by changing your settings to force strong passwords
- Store your passwords in a secure place, such as a password manager (e.g Roboform, KeePass, LastPass, 1Password, or Dashlane)
- Limit login attempts
- Use two-step authentication so that you can only log in to your account if you also have access to your cell phone or social network credentials
- In WordPress, avoid using the “admin” username, which is a common default and often targeted by hackers. You can also set your display name to something different than your actual username by going to Users on the lefthand sidebar menu from your Dashboard. Learn more about password and username security on WordPress in this video from WMUP DEV.
Choose Plugins and Themes WiselyA high percentage of attacks occur due to vulnerabilities in plugins and themes. Only use up-to-date plugins and themes with well-written code by trusted developers.
- Choose from products available in an application’s plugin and theme browsers. Look for ones with a high rating from a decent amount of users. If you’re unsure about its quality, click on ‘More Details’ or the author names to do more research. Check out the author’s history and assess their security measures. Look for stamps of confidence issued by reputable security solution providers or other evidence that the product has been submitted for a code audit
- Plugins with a high number of installs could potentially be greater targets, but also likely to have better documentation, support, and have security issues reported quicker
- Look for plugins that are properly maintained: check when it was last updated (the more recently the better) and whether it’s compatible with your version of WordPress before downloading
- Delete every plugin and theme on your site that isn’t strictly necessary. To delete a theme in WordPress, go to Appearance > Theme, then click on ‘Theme Details’ and hit ‘Delete’ in the lower right corner
- Add security plugins that will configure a range of security options for you (e.g. WordFence for WordPress). You can also use free security scans that will look through your site’s code for malicious scripts
- Keep up-to-date: many minor updates specifically address vulnerabilities, so make sure you have the latest versions of everything you use. It’s always a good idea to perform plugin and theme updates manually to avoid accidentally breaking the functionality of your site
Manage User and Access PermissionsA benefit of managing your own site is being able to control every aspect of how visitors and users interact with it. It’s very important to configure these permissions when you first set it up.
- Review your site’s access permissions to edit how much outside visitors and users can see and do in your site. Typically you can assign users different “roles” with varying levels of privileges. For example, there are six user roles available in WordPress
- Disable or limit open registration: this is extremely important if you’re using an application like DokuWiki that allows visitors to join and contribute content
- Require a CAPTCHA (e.g. for access, page editing, contributions, etc.) to fend off bots
In July, the Digital Learning Commons held a series of exploratory workshops lead by Evelyn and Clarissa that provided an in-depth look into how to use six MiddCreate applications.
MiddCreate provides domains to members of the Middlebury community where they can explore and connect their learning, experiment with digital tools for teaching and collaboration, and create a digital identity that is owned and managed by them.
The workshops were attended by students, faculty, and members of staff interested in learning new ways to take control of their presence on the web. There’s a daunting variety of applications available in MiddCreate, so we’ve outlined the six featured in the workshops below to give you an idea of what’s possible. We encourage everyone to explore how these new tools can be used to share, collaborate on, and enhance your work!
This app has all of the core features you need from a wiki, such as cross-linking pages, revision and access control, and configuration in 40 languages. You can use it to collaboratively draft outlines, keep track of a project, plan events, or create a knowledge resource. The look of your wiki can be fully customized within the app and by accessing its files from the MiddCreate dashboard.
Vtiger is a customer relationship management (CRM) software that can be used as a database to track information about large numbers of people. For example, the DLC is currently exploring this application as a means to track who uses its services and where we should target our support and training.
Explore the features of this CRM in Clarissa’s demo.
This project management tool enables virtual teams to work in close collaboration. It represents projects by tasks, milestones, related files and messages. Time worked can be tracked on a task-by-task basis. Furthermore, the software supports more than 35 languages.
Check out this example created by Evelyn.
A survey making tool that lets you to easily create and execute a wide variety of assessments. It supports an unlimited number of surveys in 80 different languages, with over 28 different question formats and conditional logic options available. It also generates survey result statistics reports and charts in HTML, PDF, or Excel format.
Known is very easy to use and works like a Facebook group or Tumblr, but doesn’t require that you be a member of those platforms. A personal Known can be configured to syndicate the content you post to your other social media accounts. You can invite up to 200 users to collaborate by sharing posts, status updates, photos, events, and audio. Students can use Known to showcase personal projects, get feedback on their work, reflect on and discuss course content with their peers, or refer to it as a knowledge bank.
This app is a flexible web publishing platform for the display of library or museum archives and scholarly collections. It’s a great way to share a variety of items and exhibits, including audio, documents, or visual media. It adheres to Dublin Core standards and allows you to expand its core functionality with plugins to create unique maps, allow users to contribute items, tag favorites, and comment within the site.
Explore the diverse ways Omeka is being used at MIIS and other institutions.
Be on the lookout for future MiddCreate workshops! If you’d like help getting started in MiddCreate, feel free to drop by the DLC Learning Lab or make an appointment with a DLC staff member.