WordPress 4.3: Better Passwords

What’s new in WordPress 4.3

WordPress 4.3 has been released, and our Managed WordPress subscribers are already enjoying the benefits of this major release. The rollout to 4.3 to all our subscribers has begun and will be complete within 24 hours. The next time you login, you will benefit from these great new features.

If you are not yet experiencing the benefits of our Managed WordPress 4.3 Deployment and Hosting service, make sure you contact us today.

Here’s an overview of what’s new in WordPress 4.3

Easier In-line Text Formatting

WordPress 4.3 Editor

One of the key focuses of this upgrade has been on simplifying the process of formatting your content. This means the improved ability to format your text as you type, without ever having to stop and click with the mouse. A hyphenated list intelligently becomes a bullet list, a blockquote can be created with a > and ## lets you enter a heading. These are just a couple of examples how WordPress 4.3 is improving your workflow, helping you get things done quickly and easily.

Improved Customize Feature

Another way WordPress 4.3 improves the user experience is to enhance the “Customize” feature, allowing you to take control of your site or blog.

Site Icon CustomizerSite Icons / favicon

Upload your logo and let WordPress do the rest. Your site icons and favicon will be automatically generated and included in browser tabs, bookmark menus, and even on the home screen of mobile devices as the icon for your site. You no longer have to add a special module or hack up your theme code only to lose the settings after an update. Site Icons are now part of WordPress 4.3.

Customizer Menu FeatureMenus With Live Preview in Customizer

Now, you can preview your menu in Customizer as you add or edit items. The streamlined interface allows menu revision to easily take place on either desktop or mobile devices. Navigation creation continues to get easier and faster with WordPress 4.3.

Improved Security

WordPress 4.3: Better PasswordsPassword System Enhancements

A feature that has been sorely lacking from WordPress is password strength enforcement. WordPress 4.3 now generates strong passwords, and gives visual feedback to the user when they change their password as to whether their choice is weak or strong. In addition to this, plain-text passwords are no longer emailed to users, further protecting you. Now, if you forget your password, WordPress 4.3 will instead send you a password reset link. The password itself will not be revealed.

And That’s Not All

This is only an overview. Further refinements have been made to provide a smoother admin experience across all your devices, and overall the intuitiveness of WordPress 4.3 is a step in the right direction. From a more technical perspective, 180 bugs were fixed, and a final point worth mentioning is that WordPress 4.3 makes way for the upcoming PHP7 release by deprecating some old PHP4 style constructors. WordPress is now ready for the upgrade when it arrives later this year.

All in all, WordPress 4.3 is another great update from the WordPress team. Positive E Solutions Inc. keeps our customers current and protected through our Managed WordPress services.

Enjoy the new version! We look forward to hearing your feedback.


— Update Wednesday August 19, 2015 4:43pm —
All customer web sites on our Managed WordPress service have been upgraded to WordPress 4.3.

Microsoft Windows Server 2003

The 60 Day Countdown.

After July 14, Microsoft will no longer issue security updates for any version of Windows Server 2003. If you are still running Windows Server 2003, you need to take steps now to plan and execute a migration strategy to protect your infrastructure.

The 60 day countdown is on.

Windows Server 2003 (all versions) is going the way of Windows XP as Microsoft officially cuts off support in favor of their more current products. As was the case with XP, the need to deprecate the old software is not optional. This is even more so the case with Windows Server 2003 in that it’s extremely unlikely that you’d have a Windows Server which is not connected to the Internet–whereas indeed some users still continue to safely use XP only because they are air gapped. Chances are your Windows Server is connected to the public network and therefore it is crucial that it be deprecated before July 14th.

The task is a daunting one to any business owner. That’s why Positive E Solutions Inc. offers headache-free on-site server deployment and business networking solutions.

Our approach is designed to ease the stress of transition for you and your staff…

  1. A qualified service technician will attend to your site in order to assess your needs. What software do you use? How will upgrading or replacing your server affect the operation of that software? Will your hardware continue to function on the new platform? These are just some of the items our technicians will evaluate in order to determine the correct course of action for your network.
  2. Your options will be clearly laid out for you and quoted to ensure there are no surprises.
  3. In the event new server hardware is required, Positive E Solutions Inc. will custom order the chosen product to meet your specific needs. We will then pre-configure it in our workshop, and make sure it is both up to date and ready to deploy prior to bringing it on site. This helps expedite the on-site service component and reduces (or in some cases, altogether eliminates) downtime due to the upgrade.
  4. Our technical team will arrive on-site at your place of business to deliver and deploy the ready-to-install hardware. It will be configured on your network, and your workstations, printers and other devices will be configured to operate with the new server.

The great service you receive from Positive E Solutions Inc. doesn’t end there. At your option, our technicians can return at regular intervals to perform preventative maintenance, and even provide speedy on-demand technical support to your business.

Call Positive E Solutions Inc. today–705-733-0171–to setup our initial visit. Let’s work together to ensure when Microsoft cuts off Windows Server 2003 in July, your company is ready, and your business network continues to operate at peak efficiency.

– Robbie

Angry man with mobile smartphone

Google’s “Mobilegeddon” is forcing your hand

Today’s the day! April 21, 2015. The Internet is calling it “Mobilegeddon” — the end of mobile un-friendly web sites at the hand of Google. It’s a funny nickname, I know… but don’t worry: it’s not the end of the world.

Is your web site ready for Google’s mobile-friendly changes?

Back in February, Google made an announcement that every web site it indexes will be measured for mobile friendliness, and web sites that were not built using the responsive design model would be penalized and bumped way down in the search results.

Starting today, the changes take effect. If your web site is not already responsive, you will begin to notice a significant drop in Google-generated traffic.

Being an old-school web guy myself (I’ve been building “web sites” since before the Internet existed) I find the ebb-and-flow trends quite astonishing. We’ve seen the rise and fall of PC dominance, we’ve seen web technologies like RealPlayer and Flash become “the thing everyone needs” and then crash to obsolescence seemingly overnight, and just a few weeks ago I was working on a customer site and reviewing their search engine results and amazed to see that more than 65% of the people who find them are searching using a mobile phone. That’s a big change from just two or three years ago. For the sake of examples, let’s pretend that percentage is the same for your business (it very well could be).

Times have changed, big time. To think that 65% of your potential foot traffic is generated by mobile devices should make you think: if your web site is not compatible with such devices, you need to do something about it. This is a big factor in why we had made the decision last year to start refusing to build anything but responsive sites for our customers.

Who is most impacted by Google’s changes?
I think the only people who don’t really need to give this serious consideration are those who do not rely on their web site for business: personal sites whose owners don’t really care whether they get good search results or not. For every business though, or blogger trying to make their mark, responsive design is not just a good idea anymore… it’s critical.

I like scenarios, because it helps me envision how this might impact the average person. So, imagine you run a coffee shop who had a nice little web site built for them a few years ago. People in town pull out their phone, and do a search for “coffee shop.” Google figures out their location and shows them a list of coffee shops relevant to their current position. That’s great–yours is nearby and they find their way into your shop. What today’s change does is weigh the fact that your site is not mobile friendly against the fact that this user is on a mobile device. Therefore, based on this new algorithm, Google doesn’t show your coffee shop in the results (even though just yesterday you were getting people walking in the door).

It makes sense, really. Why show results on a mobile device that are not going to work well on that same mobile device? Google wants their results to be relevant, and part of that is weeding out old, deprecated sites so the current, up-to-date sites can hold the top results. Google’s game isn’t about the quality of your product–you may have the best coffee in town. It’s a game of perceived relevance. They are putting their foot down and saying old sites that don’t work for 65% of search traffic are not relevant.

Is what Google is doing a bad thing? No. Quite the contrary as a matter of fact. They’re once again pushing people to have to update their aged technologies. Like when Google finally said no to Internet Explorer 6. As a web developer I did a little dance, because IE 6 was so old and a challenge to support. Microsoft did it when they finally cut off Windows XP. And Google is once again forcing your hand: if your web site isn’t mobile friendly, you will not get placement in their mobile search results.

I’m on your side, and I realize … well … this sucks. Especially for companies who had their web sites built or rebuilt in the past few years. To have to redesign your web site because Google made a change on this rainy day in April can be a hard thing to swallow. But, that’s where we have to think differently as we realize Google didn’t cause the change. Users did. 65% of your potential customers did.

Look at the cost of a web site broken down over the lifetime of that same web site. Your web site is the public “face” to your company. It needs to be up to date, modern and hey–if your potential customers are using smartphones to find you, you need to adapt. Your web site absolutely must work on all devices.

For every company who has ever said “we don’t need our site to be mobile friendly,” it’s a wake up call when you realize 65% of your search traffic just disappeared.

We want to help! Positive E Solutions Inc. builds mobile friendly web sites.

Check to see if your web site is mobile friendly. Visit https://www.google.com/webmasters/tools/mobile-friendly/ and test your web site. If you get anything other than “This page is mobile-friendly,” give us a call and see how we can assist.


Hand typing on laptop with credit card.

The Secure Connection Trap: Why Emailing Your Credit Card Number is Never Safe

“We’ll err on the side of caution and suggest that you never trust email with confidential information.”

A surefire way to make tech-savvy people shudder is to email them your credit card number to pay a bill.

It’s not that they don’t appreciate the transfer of funds to their account, but they understand that with email, you’re not just sending it to them. Any number of people in between (or computers, called “bots” in this context) can intercept, read, store, and potentially use that data.

When you send an email directly to a person, it’s not going directly to them.

We tend to think in terms of “sender” and “recipient” but forget to consider all the points in between. When you send an email, it has to go from your computer to your Internet Service Provider, and then from there, it is passed through possibly several other servers before it reaches the sending server. Once at the sending server, it is passed through the world wide web until it arrives at the recipient’s computer. Because it happens so quickly, we’re tempted to think it’s a direct connection, but let’s think about the origins of the term “world wide web” for a moment and consider what that might look like visually: many thousands of computers all connected together, passing data amongst each other. When you send an email, it is passed through many systems before it reaches the recipient.

Email is not encrypted.

Here’s the trap: when you login to your email, be it through an installed application or webmail service (Gmail for example), you’ll likely see that they are “secure.”  Email applications typically require encrypted authentication, and webmail services are actually secure sites themselves, much like online banking.

Email is transmitted in plain text, and can be read, analyzed and stored by any one of the computers it touches along the way.

With your email application, encryption happens during authentication. This means your username and password are encrypted (generally not readable by the systems it passes through), but the email itself is not (because email is not encrypted).

When you login to a webmail service, you may see the “secure connection” notifier–usually a little “lock” icon in your address bar–which may present the illusion that your email itself is secure, but it is not. Only the current browser session is secure. Your username and password are encrypted, and the data being shown on your screen is also encrypted for that session (the connection between the receiving server and your computer). However, all that email in your inbox had to be delivered to your service provider, meaning it went from the sender out to the world wide web in plain text through many computers before reaching your inbox. Similarly any email you send through that service leaves the secure session through email and enters the world wide web to be delivered to the recipient. Since your connection to the service itself is encrypted, what you see on the screen cannot be read directly by someone intercepting the data, however as soon as you hit “send,” it’s anyone’s guess how many people could potentially see it as it shoots out over the web in its unencrypted form.

Regardless of your trust for the recipient, there is no way to know whose servers the email is passing through, nor whether you can trust them. We’ll err on the side of caution and suggest that you never trust email with confidential information.

It’s not necessarily the service providers.

We like to believe service providers are honest and not skimming through emails to find people’s credit card numbers, and hopefully the bulk majority are. But the compromise doesn’t need to come from the provider themselves.

Viruses on infected servers could be monitoring email traffic passing through the server, software tools can be used by “hackers” to sniff unencrypted data as it passes through the coffee shop wifi, and shady “companies” have even been known to setup servers on the web specifically to collect this type of data as it passes through, which they may either use or sell.

The safe alternatives…

I can’t speak for all companies, but I would expect most connected companies offer some way to pay a bill electronically in a safe fashion.

Picking up the phone and calling in your card number is much safer than email, because it is a much more “direct” connection to the recipient.

For our customers, we offer a secure payment gateway at secure.positiveesolutions.com — this can be accessed via the “Pay Online” button on our web site. It is secure, encrypted, and no confidential data is transmitted or stored in an unencrypted form.

Regardless of the how or why, the simple fact remains: email is not secure.

Write your credit card number on a piece of paper and pass it around a full room of strangers. Surely, you would never do such a thing. That’s essentially what you do when you type it into an email and press “send.”

Be educated, be safe.


Powered by CREA's DDF® Data Feed, Budget Listing is a state-of-the-art responsive web site platform for REALTORS®.

Responsive Real Estate web sites powered by CREA’s DDF®

Positive E Solutions Inc. is a CREA Technical Partner.

The DDF® Data Feed is a complex and sometimes confusing offering from The Canadian Real Estate Association (CREA), but as a REALTOR® you know it is a powerful selling tool if implemented correctly.

At Positive E Solutions Inc., we take the difficulty out of implementing the DDF® with our Budget Listing service.

As a Budget Listing customer, your new real estate-driven web site will feature a responsive layout (it will work on computers, tablets, smartphones) and your full real estate listings (powered by DDF®) directly on your web site. That means, your site positions you as the buying agent for all listings in your feed, and the call to action always leads to you. And to boot, your own listings are always the most promoted on your site.

Budget Listing includes listing search similar to that of REALTOR.ca. Your site visitors can search by location, type of listing and even hone in on how many bedrooms or bathrooms the listings contain. We also offer a unique method of selecting the price range, making it much easier for users to find a listing that is suitable to them. And then, when it comes time for them to reach out, you’re the one who gets the email.

Each listing features a handy mortgage calculator, too! Automatically determine the mortgage principle, number of payments, and amount of each monthly payment right on the listing’s page.

We’ve built Budget Listing from the ground up to offer REALTORS® a one-stop web site hosting solution that they can “set and forget”. No more having to input your own listings redundantly on your own site. Just answer the calls and the emails that are bound to arrive and Budget Listing will take care of the rest.

We want to help you sell real estate–be it commercial, residential or vacant land. Contact us to discuss how we can make Budget Listing work for you.

And of course, please take a look at budgetlisting.ca for more details.


The trademarks MLS®, REALTOR®, and the associated logos are owned or controlled by The Canadian Real Estate Association. Used under license.

Phishing Scam

A warning about phishing scams.

The following is called a phishing scam, and was recently delivered to some of our customers:

From: Zimbra [info@zimbra.com]
Sent: December-16-14 5:48 PM
To: Recipients
Subject: Zimbra User:16/12/2014

Your Mailbox Has Exceeded It Quota/Limit As Set By Web Team, And You May Not Be Able To Send Or Receive New Mails Until You Re-Validate Your Mailbox. To Re-Validate, Please CLICK to Re-Validate Your Mailbox.

This email, at first glance, appears legitimate. After all, it says it’s coming from Zimbra.com. Unfortunately, this sometimes means that a user “falls for it” and clicks the link. They are then prompted to “login to Zimbra”, not realizing that you’re not actually logging into Zimbra, but instead submitting your username and password to someone looking to compromize your Zimbra account.

How can you protect yourself?
There is software that can help, such as ESET Smart Security (for home) or ESET Endpoint Security (for business). You can find that software here: http://positiveesolutions.com/eset-endpoint-security/… but is that the final solution? No. While incredibly helpful in identifying and blocking phishing emails, no software can replace

To really protect yourself, you need to be cautious, and you need to know four things:

  1. Email addresses can be spoofed… meaning a scam can look like it is coming from a legitimate email address–even someone you know–but could be falsified.
  2. The Zimbra service hosted by Positive E Solutions Inc. is located at https://zimbra.positiveesolutions.ca. If you hover over a phishing scam email’s link, you’ll notice that the web site address differs from the actual URL. Watch this trick email scammers use: hover over this URL: www.google.ca. Notice the little popup? It’s not actually Google! It is always safest, when in doubt, to not click a link in an email, but instead, type the known safe URL directly into your browser… or login as you normally do. By logging into your real Zimbra account, you would see that you indeed have not exceeded your quota, and therefore can discredit the email as a phishing scam.
  3. We, and other legitimate companies, do not send emails which require you to login to an account. If in doubt, again, refer to point #1: login via your normal means, don’t follow a link in an email.
  4. This is not just our Zimbra service. You may receive emails that appear to be from your financial institution, social media account providers (Facebook, Twitter, etc.) or other. Using the above techniques, you will outsmart the phishers and keep your accounts safe.

Have you fallen for a phishing scam?

Change your password immediately. Strong passwords are a must. Don’t make it something easy to guess.

Need to protect your business?

Check out our Endpoint Protector and ESET Endpoint Antivirus products. We also offer education for your staff, be it in an informal sit down with your users, or a talk to your entire staff. Just give us a call and we’ll be glad to help.


PES 2015 Web Site - Responsive Design

Our new web site has arrived.

The web changes at an exceptional pace, and we endeavor to change along with it. Our staff undergoes training and study on a regular basis in order to keep up with the times. After all, web development is part of what we do at Positive E Solutions Inc., and it was time to simplify how you access information about our services on our company web site.

You’ll find a wealth of content describing–with a purposeful lack of technobabble–the variety of services we offer at Positive E Solutions Inc.

From off-site data backup to WordPress web site hosting and business email services, we’ve put a lot of effort into answering the question, “What do you do at Positive E Solutions?”. Sometimes “Everything to do with your business networking and web needs” doesn’t quite cut it as a valid answer, as true as that is.

Don’t forget to check out our new web site–www.positiveesolutions.com–and please post your comments below or on our Facebook page!



Positive E Solutions Inc. is on Facebook

We’re on Facebook.

Please LIKE and SHARE our page, and post your own reviews of Positive E Solutions Inc.

Since much of our business is geared directly to a business audience, Facebook has never been a necessity to our own social workflow, while we do work extensively with it on behalf of our clients. However, as we grow and as we continue to provide social media services for our clients, it is becoming more important for us to “strut our stuff” on the media platforms we utilize on a day-to-day basis.

We look forward to integrating Facebook into our social media workflow, and thank you for liking our page!

You’ll find Positive E Solutions Inc. on Facebook here: https://www.facebook.com/pages/Positive-E-Solutions-Inc/495010930639292


Server migration complete.

Our fall 2014 server deployment is complete and all systems are functioning beautifully. The deployment saw the complete deprecation of aging hardware on our web hosting servers.

All hosting accounts have been moved over, and benefit from the increased performance, memory and capacity of our new servers.

Our new servers are bleeding edge, rock solid and extremely powerful. For the fastest, most reliable managed hosting solutions, Positive E Solutions Inc. once again shines as your go-to service provider in Ontario, Canada.

Find out more here: http://positiveesolutions.com/web-hosting/web-hosting.php

Windows XP Logo

Windows XP users: You must upgrade. Now.

Windows XP - Upgrade Now Header
On April 8, 2014, Microsoft will be cutting off all support for Microsoft Windows XP (and Microsoft Office 2003). Don’t misunderstand the significance of this: You must upgrade. Now. US Robotics v.92 modemWindows XP is very old: it was released in 2001. That’s three years before Facebook even existed and six years before the very first iPhone was announced. At that time, Google was a privately held company with just 400 employees, and US Robotics was excited to unveil its new V.92 dialup modem. Thirteen years is a long time for any software company to keep a piece of software running. But age is not the key factor here. Since Microsoft is pulling the plug on all Windows XP updates, it is not safe to continue running it. At all. Not on your own computer, not on a computer in the back room. Windows XP “just works”. Can’t I keep using it a little while longer? No. When Microsoft cuts off support for Windows XP on April 8th, all users of Windows XP will become targets for hacker attack–more so than ever before. Up until April 8th, the process goes a little something like this: Microsoft becomes aware of a severe security exploit. Their programmers then create a fix for that exploit and release it to your computer (be it Windows XP, Windows 7, Windows 8) via Windows Updates. Your computer is then protected from that particular attack vector–most likely before it ever becomes an issue. After April 8th, Microsoft will continue to do the same for Windows 7, Windows 8… releasing patches for all the security issues they find. However, since the patches are no longer released for Windows XP, this gives hackers an “easy alert” system when new exploits are found. They can then download the patch for Windows 7 or 8, reverse engineer it to find the software bug it sets out to fix, and then test Windows XP to see if that exploit exists on Windows XP. If it does, they can create tools, viruses, malware and malicious web code to exploit every Windows XP computer, and there will be next to nothing you can do to protect yourself. What could they possibly do? Hackers don’t do what they do just for the fun of it. The most popular motivations involve financial gain or identity theft. If you’re running Windows XP, beginning April 8th it will become progressively easier for hackers to steal your banking information, private company information, lock you out of your online accounts or even destroy all your files (both personal and business) and take over your computer–or worse. Do I have to buy a new computer? Realistically, you’re better off buying a new computer. Upgrading your existing computer could cost nearly as much as purchasing a new system, and you’ll still be on the old hardware–meaning chances are you might have to replace it soon anyways. That said, if your computer is reasonably new (say, less than 3 years old), you may meet the minimum specs for a Windows 7, or possibly a Windows 8 upgrade. If you believe your system may meet the requirements, you can use Microsoft’s Upgrade Assistant [Download] to test whether your system can run the current version of Microsoft Windows. Keep in mind, meeting the minimum (keyword: minimum) requirements does not mean your system will perform well with the new software. Whether or not this is an economically wise course of action will depend on many factors: do you have a current backup of all your files? Does your hard drive perform at the necessary speed or will you need to upgrade to an SSD? Do you have enough RAM and CPU power to perform well? Will your hardware outlive the warranty period of a new system? Do you require a technician’s assistance to perform the necessary upgrades? Will the downtime of the upgrade process affect your business? Buying a new computer with Windows 7 or Windows 8 already licensed and installed will mean you’ll be covered by the manufacturer’s warranty, and will have newer specs to run the more modern operating system and software which goes with it. Downtime would also be reduced since you can swap out the old hardware for the new and be up and running fairly quickly. In conclusion… If you’re on Windows XP, you need to upgrade. Be it the hardware or just the software, something needs to be done. For your safety as well as the protection of your confidential company and customer data, this has to be done before the cut-off date set out by Microsoft: April 8, 2014. Our technical team would be pleased to provide recommendations for individual computers or entire business networks. We can help ease the upgrade process by providing for all your hardware and software needs with courteous, knowledgeable on-site service. Call Positive E Solutions Inc. in Barrie, Ontario today to determine the options available to you and your company: (705) 733-0171. Stay safe! - Robbie