25 {{ upvoteCount | shortNum }}
25 {{ upvoteCount | shortNum }}

Does someone knows a good WordPress installer?

by severt
22 replies
Hi,

I just purchased 10 domains that I need to get Wordpress on.
I've seen auto installers in the past that configure your WP with all the necessary plugins and a premium theme that can be used for many niches.

I prefer to have an installer with the Yoast SEO plugin included.

Can someone direct me to such an application?

Cheers!
Dennis
#good #installer #wordpress
  • Profile picture of the author AnniePot
    How about WP-Twin? From my understanding, you do one installation exactly as you require, then use WP-Twin to create multiple version.
    {{ DiscussionBoard.errors[5076627].message }}
    • Profile picture of the author severt
      Thanks!

      But I rather purchase something with also the first blog installed correctly. There are people out there that know the best setting and I don't want to change 10 blogs later on because I forget something...

      Originally Posted by AnniePot View Post

      How about WP-Twin? From my understanding, you do one installation exactly as you require, then use WP-Twin to create multiple version.
      Signature
      Never overlook the chase for the almighty dollar.
      {{ DiscussionBoard.errors[5076644].message }}
    • Profile picture of the author nickchou
      Why don't you install WP using Fantastico in your cpanel and then install the Yoast SEO plugin? It works for me for my 80+ WP sites.

      Nick
      {{ DiscussionBoard.errors[5076650].message }}
      • Profile picture of the author AnniePot
        Originally Posted by nickchou View Post

        Why don't you install WP using Fantastico in your cpanel and then install the Yoast SEO plugin? It works for me for my 80+ WP sites.
        Nick
        Not a good idea

        Don't you know,installing WP using Fantastico, immediately leaves you open to hacking? You should always install Wordpress using their 5 Minute installation.
        {{ DiscussionBoard.errors[5076675].message }}
        • Profile picture of the author Cru
          Originally Posted by AnniePot View Post

          Not a good idea

          Don't you know,installing WP using Fantastico, immediately leaves you open to hacking? You should always install Wordpress using their 5 Minute installation.
          I would like to hear more about this. I had never heard that and I've installed a lot of blogs with Fantastico.
          Signature
          {{ DiscussionBoard.errors[5076728].message }}
          • Profile picture of the author severt
            If Fantastico was really that bad then Cpanel would have deleted that feature instantly. Maybe there was a bug in it a while ago?

            But installing the Yoast plugin was just an example.
            I need a Cache plugin, Google Analytics and a few more, and all of this can be automated... And that's what I want
            Signature
            Never overlook the chase for the almighty dollar.
            {{ DiscussionBoard.errors[5076756].message }}
            • Profile picture of the author Cru
              Originally Posted by severt View Post

              If Fantastico was really that bad then Cpanel would have deleted that feature instantly. Maybe there was a bug in it a while ago?

              But installing the Yoast plugin was just an example.
              I need a Cache plugin, Google Analytics and a few more, and all of this can be automated... And that's what I want
              Your best bet really is to do all of the plugins yourself. If you do it yourself you'll learn what is good and not good about each plugin and which ones work for your type of blog the best. There isn't a catch all installation that is best for every type of website which is why I would urge you not to outsource that part. Play around with it for a week or two and get it set up exactly the way you want. Do some research on various plugins, the ones I like are All-in-One SEO, Bloggerhigh (for creating keyword targetted posts - a free alternative to SEOPressor), Easy Privacy Policy (required if you want to monetize your blogs legally), Google XML Site Maps, SEO Friendly images, and W3 Total Cache. These pretty much make it into everyone of my installations and I usually use the Socrates theme.

              Once I figured out exactly what were the common denominators were in all of my installs, I made a clone of it with WP-Twin. Now any time I create a new blog it saves me roughly 10 minutes per blog. When you create 10-20 per week it really helps out
              Signature
              {{ DiscussionBoard.errors[5076862].message }}
          • Profile picture of the author AnniePot
            Originally Posted by Cru View Post

            I would like to hear more about this. I had never heard that and I've installed a lot of blogs with Fantastico.
            Originally Posted by severt View Post

            If Fantastico was really that bad then Cpanel would have deleted that feature instantly. Maybe there was a bug in it a while ago?

            But installing the Yoast plugin was just an example.
            I need a Cache plugin, Google Analytics and a few more, and all of this can be automated... And that's what I want
            Originally Posted by waxingpoetic75 View Post

            Right? What is this about Fantastico and hacking. I've never had a problem. However, I don't want problems either.
            The big difference about Fantastico Wordpress security and the manually installed blog is, the SQL database name and username. A Fantastico installation automatically generates these names - immediately rendering them "hackable".

            A manual install is totally under your control. You can make sure that values in your wp-config.php are hard to guess. This will avoid a lot of MySQL injection attacks!
            {{ DiscussionBoard.errors[5076927].message }}
            • Profile picture of the author DianaHeuser
              Originally Posted by AnniePot View Post

              The big difference about Fantastico Wordpress security and the manually installed blog is, the SQL database name and username. A Fantastico installation automatically generates these names - immediately rendering them "hackable".
              Annie,

              Whenever I have installed WP with Fantastico, it asks me what name and user password to use for for WP? Are you saying that it generates a seperate SQL database name and username?

              A little confused here.

              Di
              Signature

              {{ DiscussionBoard.errors[5077036].message }}
              • Profile picture of the author Cru
                Originally Posted by DianaHeuser View Post

                Annie,

                Whenever I have installed WP with Fantastico, it asks me what name and user password to use for for WP? Are you saying that it generates a seperate SQL database name and username?

                A little confused here.

                Di
                Same here, I definitely configure my user name and password. I really can't believe that Fantastico would have the security hole you are describing.
                Signature
                {{ DiscussionBoard.errors[5077059].message }}
                • Profile picture of the author Istvan Horvath
                  Originally Posted by DianaHeuser View Post

                  Annie,

                  Whenever I have installed WP with Fantastico, it asks me what name and user password to use for for WP? Are you saying that it generates a seperate SQL database name and username?

                  A little confused here.

                  Di
                  Yes. Your blog's username (e.g. admin) and the related password has NOTHING to do with the MySQL database username/password... generated by Fantastico and other automated script.

                  Originally Posted by Cru View Post

                  Same here, I definitely configure my user name and password. I really can't believe that Fantastico would have the security hole you are describing.
                  See above.
                  And just because you don't believe it - doesn't mean it doesn't exist.

                  One of the most common issues with Fantastico: it always creates the database prefix as "wp_" = an easy guess to any hacker. The database name is also easy to guess: wrdp1, wrdp2... etc.
                  Also, the database name and the username is the same. Not good!
                  The process also creates a file fantversion.php - hackers will know to look for.
                  Quite often F. installs older versions because they are always behind the latest WP updates.

                  The more automated a process is - the more predictable and hackable it will become.
                  Signature

                  {{ DiscussionBoard.errors[5077212].message }}
                  • Profile picture of the author Cru
                    Originally Posted by Istvan Horvath View Post

                    Yes. Your blog's username (e.g. admin) and the related password has NOTHING to do with the MySQL database username/password... generated by Fantastico and other automated script.



                    See above.
                    And just because you don't believe it - doesn't mean it doesn't exist.

                    One of the most common issues with Fantastico: it always creates the database prefix as "wp_" = an easy guess to any hacker. The database name is also easy to guess: wrdp1, wrdp2... etc.
                    Also, the database name and the username is the same. Not good!
                    The process also creates a file fantversion.php - hackers will know to look for.
                    Quite often F. installs older versions because they are always behind the latest WP updates.

                    The more automated a process is - the more predictable and hackable it will become.
                    I just checked all of my database names and they are all based off of login name for cPanel. IE. cPanelLogin_wrdp1, cPanelLogin_wrdp2, etc.

                    Is there an easy way for them to be able to get the database name that I don't know about?

                    Edit: The username for the database IS the same as the database name, which I guess could pose a problem... however they'd need to know my cPanel Login name first before they could ever figure out what the username or password is (unless I am mistaken and the DB name is easily visible).
                    Signature
                    {{ DiscussionBoard.errors[5077257].message }}
                  • Profile picture of the author AnniePot
                    Originally Posted by Istvan Horvath View Post

                    Yes. Your blog's username (e.g. admin) and the related password has NOTHING to do with the MySQL database username/password... generated by Fantastico and other automated script.



                    See above.
                    And just because you don't believe it - doesn't mean it doesn't exist.

                    One of the most common issues with Fantastico: it always creates the database prefix as "wp_" = an easy guess to any hacker. The database name is also easy to guess: wrdp1, wrdp2... etc.
                    Also, the database name and the username is the same. Not good!
                    The process also creates a file fantversion.php - hackers will know to look for.
                    Quite often F. installs older versions because they are always behind the latest WP updates.

                    The more automated a process is - the more predictable and hackable it will become.
                    Thanks for adding to my earlier comments Istvan. In so many instances, there seem to be so many disbelievers whose voices drown out those who say anything other than what they want to hear...
                    {{ DiscussionBoard.errors[5077277].message }}
                    • Profile picture of the author Cru
                      Originally Posted by AnniePot View Post

                      Thanks for adding to my earlier comments Istvan. In so many instances, there seem to be so many disbelievers whose voices drown out those who say anything other than what they want to hear...
                      Nobody said you were wrong, I just said that I couldn't believe the exploit as you've described it could exist. I would still like further clarification on it as what was described by Istvan isn't my experience after checking my wordpress databases.
                      Signature
                      {{ DiscussionBoard.errors[5077393].message }}
                      • Profile picture of the author Your Brand Ebooks
                        For anyone wanting to harden their Wordpress security, just Google for "wordpress security" and check out the countless blogs/articles on the subject. Most of them are actionable lists (e.g. "11 ways to secure..." and "14 steps to harden..." etc) And most of these articles have overlapping in information, so just pick one or two and go thru their hardening suggestions. Then add some security plugins.

                        .
                        Signature
                        ONCE UPON A TIME there was a Warrior named Bob. He was sad. And frustrated. You see, Warrior Bob spent every last nickel on Internet Marketing e-books. But nothing panned out. No traffic. No sales. He was one sad Bob. Then one day Bob found a bottle. He rubbed it and out came a Genie who granted him 3 wishes. For Wish #1 Bob asked for a pet Dragon. Wish Granted. For Wish #2, Bob wanted Warriors' websites seen by 53 million TV viewers, for under $5 per broadcast. The Genie said... (click here)
                        {{ DiscussionBoard.errors[5077574].message }}
                  • Profile picture of the author Capitalist_Pig
                    Originally Posted by Istvan Horvath View Post

                    Yes. Your blog's username (e.g. admin) and the related password has NOTHING to do with the MySQL database username/password... generated by Fantastico and other automated script.



                    See above.
                    And just because you don't believe it - doesn't mean it doesn't exist.

                    One of the most common issues with Fantastico: it always creates the database prefix as "wp_" = an easy guess to any hacker. The database name is also easy to guess: wrdp1, wrdp2... etc.
                    Also, the database name and the username is the same. Not good!
                    The process also creates a file fantversion.php - hackers will know to look for.
                    Quite often F. installs older versions because they are always behind the latest WP updates.

                    The more automated a process is - the more predictable and hackable it will become.
                    What you are talking about is "Security through obscurity". It isn't real security, it's just theater.

                    If the attacker is logging onto your database server remotely, you have MUCH bigger issues - like an improperly configured database server.
                    {{ DiscussionBoard.errors[5077754].message }}
                    • Profile picture of the author Cru
                      Originally Posted by Capitalist_Pig View Post

                      What you are talking about is "Security through obscurity". It isn't real security, it's just theater.

                      If the attacker is logging onto your database server remotely, you have MUCH bigger issues - like an improperly configured database server.
                      You are right, I did more reading on the issue and it isn't an actual vulnerability, but it is easier to socially engineer the username and dbname due to the use of an automated system.

                      I am personally comfortable with my level of security using the automated system after doing the reading, but I can understand those who would prefer something a little more secure.
                      Signature
                      {{ DiscussionBoard.errors[5078045].message }}
                  • Profile picture of the author DianaHeuser
                    Originally Posted by Istvan Horvath View Post

                    One of the most common issues with Fantastico: it always creates the database prefix as "wp_" = an easy guess to any hacker. The database name is also easy to guess: wrdp1, wrdp2... etc.
                    Also, the database name and the username is the same. Not good!
                    The process also creates a file fantversion.php - hackers will know to look for.
                    Quite often F. installs older versions because they are always behind the latest WP updates.

                    The more automated a process is - the more predictable and hackable it will become.
                    Are you telling me that I have to re-install my blogs .... AGAIN?

                    Di
                    Signature

                    {{ DiscussionBoard.errors[5077759].message }}
  • Profile picture of the author Social Media Ava
    Right? What is this about Fantastico and hacking. I've never had a problem. However, I don't want problems either.
    {{ DiscussionBoard.errors[5076787].message }}
  • Profile picture of the author pacelattin
    Tons of hosts install for you.
    Signature
    {{ DiscussionBoard.errors[5077305].message }}
  • Profile picture of the author BabyMama
    Quickinstall is good on the cpanel although some people here may say that also leaves the site open for hacking. I have never had any trouble.
    Another thing to do is outsource the task to someone. Ask them to manually install wordpress to your 10 sites.
    You can probably get someone super cheap to do it on sites like odesk or elance.
    Signature
    $47 SEO Service - First Page Google Rankings - Over 150 SOLD!


    Ultimate Adesense Guide - Just $4.95!!
    {{ DiscussionBoard.errors[5077603].message }}
  • Profile picture of the author JeromyS
    You can of course use the installer built into most hosting accounts. But what it appears you want to do is pre configure and set up a Wordpress install and duplicate it across all your domains. The easiest tool I know of that does this is Backup Buddy. It is a paid plugin though. There was a premium wordpress template theme package I bought on WSO before that included Backup Buddy. It was like $10, so a steal when compare to the selling price of Backup Buddy, I bought it just for the plugin and never bothered to use the themes.
    There is a slower way with free backup/recover tools on the Wordpress plugin directory.
    Cheers!
    Signature
    How People and Businesses Make Money With Google

    Still Smoking?How I Quite Smoking, Cold Turkey, Easy
    {{ DiscussionBoard.errors[5078211].message }}

Trending Topics