內容簡介
此外掛可以在 WordPress 網站上顯示您的 ActBlue 嵌入表單,只需在 WordPress 編輯器中任意地添加貢獻表單鏈接即可實現。其功能包括:添加 ActBlue 表單編輯器模塊,可從您的網站接受捐贈;添加 ActBlue 按鈕編輯器模塊,可創建在對話框中打開表單的按鈕;註冊自定義 oEmbed 提供者以支持 ActBlue 嵌入表單;在所有頁面上添加 actblue.js 腳本標籤,以支持分析和轉換功能。此外,此掛件是與 Upstatement 共同設計和建立的。ActBlue 是一家致力於授權小額捐助者的非營利組織。其在線籌款平台使基層支持者能夠發出聲音,幫助成千上萬的民主派運動、進步組織和非營利組織建立人民動員運動。使用 ActBlue Contributions 外掛程序時,還要更加小心,保護您的 WordPress 網站的安全性和操作。以下是一些小貼士可幫助您最小化風險:使用受信任的 WordPress 主機提供者;使用 HTTPS URL 保護您的整個網站,尤其是 WordPress 核心文件;通過創建強密碼和使用雙因素身份驗證等方式保護 WordPress 儀表板的訪問;限制管理使用者的數量;限制登錄嘗試等,以防止帳戶凭證的暴力攻擊。
外掛標籤
開發者團隊
原文外掛簡介
This plugin makes it possible to display your ActBlue Embed forms on your WordPress site by dropping a contribution form link in any WordPress editor.
Features
Adds an ActBlue Form editor block, which can accept contributions from your own site.
Adds an ActBlue Buttons editor block, which creates a button that will open a form in a modal.
Registers a custom oEmbed provider for ActBlue embed forms
Adds the actblue.js script tag to all of your pages to power analytics and conversion features
This plugin was designed and built in collaboration with Upstatement.
About ActBlue
ActBlue is a nonprofit organization dedicated to empowering small-dollar donors. Its online fundraising platform makes it easy for grassroots supporters to make their voices heard and helps thousands of Democratic campaigns, progressive organizations, and nonprofits build people-powered movements.
Security
WordPress’s mission to democratize publishing and embrace of open source has led it to be adopted by individuals and organizations of all shapes and sizes. The downside of this ubiquity, when paired with the ease of its famous five-minute install, is that it’s a frequent target of attacks and malware.
Additionally, use of the ActBlue Contributions plugin increases your responsibilities as a WordPress site operator/administrator. Your site will act as a conduit through which contributions flow. It is possible that a malicious WordPress plugin may hijack and redirect those contributions or contributor personal information to a malicious site other than ActBlue, so you must exercise increased care when configuring and operating your site.
Here are a few tips to minimize the risks associated with using the ActBlue Contributions plugin with WordPress:
Keep it secure
If you’re not using a fully managed service like wordpress.com, make sure you’re using a trusted WordPress hosting provider with a proven track record of security. Look for hosts that have a dedicated support team, provide SSL, manage WordPress updates, and proactively scan for vulnerabilities, misconfigurations, and attacks.
Use HTTPS URLs for your entire site, especially WordPress core files (starting with wp-). ActBlue embeds won’t work on non-HTTPS URLs.
Protect access to the WordPress Dashboard by using strong passwords and Two-Factor Authentication (2FA)
Limit the number of admin users by using user roles
Limit login attempts to prevent account credential brute force attacks
Disable file editing from within the WordPress Dashboard
Keep a WordPress activity log and web request logs and review them regularly for unexpected events. These may be an indication that an admin is behaving maliciously, or that an attacker has gained access to an admin account.
Be wary of email messages requesting that you log into your WordPress account (i.e. phishing attacks) and/or upload plugins manually
Protect against denial-of-service and other attacks by putting up a Web Application Firewall (WAF) such as Cloudflare in front of your site.
Set up routine audits of your site codebase using a malware scanning plugin such as WordFence, iThemes Security, or Sucuri Security.
Continuously back up up your site through your hosting provider or a plugin like VaultPress or UpdraftPlus.
Be careful when installing third-party themes or plugins
Only install plugins from trusted sources like the official WordPress.org plugin repository.
Do your due diligence — does it work with the latest version of WordPress? Has it been updated in the last two years? How many people are using it and are they happy with it? All of these questions are easily answered by reviewing the WP.org plugin listing and support forum.
Minimize the number of installed plugins on your site.
Keep it up-to-date
Enable automatic updates for WordPress core and third-party plugins or themes.
Make sure custom theme or plugin components are tested against new WordPress releases.
Make sure your server OS and system packages like PHP and MySQL are up-to-date. A good managed hosting provider like Kinsta and SiteGround will handle all of this for you.
Learn More
https://wordpress.org/support/article/hardening-wordpress/
https://www.wpbeginner.com/wordpress-security/
https://www.wpwhitesecurity.com/guide-choose-right-plugin-wordpress/
