In this podcast episode of the Post Status Happiness Hour, Michelle Frechette is joined by her friend and WordPress security expert, Kathy Zant. They delve into various aspects of website security, focusing on WordPress. Kathy discusses her recent security courses aimed at demystifying WordPress for beginners and emphasizes the importance of proactive security measures. They highlight the critical role of regular backups and the potential risks of automated updates. Kathy shares practical security tips, such as using strong passwords and enabling two-factor authentication. The episode is both informative and engaging, filled with personal anecdotes and humor, making it a valuable resource for listeners.
Top Takeaways:
- Importance of Security: Both Michelle and Kathy emphasize the importance of understanding and implementing robust security measures to protect websites from hacks.
- Criminal Behavior: Kathy highlights that criminals (including hackers) often look for the easiest targets. If a website or home has visible security measures, they are more likely to move on to an easier target. However, if a determined attacker sees something of value, they might still find a way in despite the security measures.
- Auto Updates: Kathy advises against relying solely on automated updates, especially for websites that are crucial for business. She recommends a process of updating on a staging environment first, ensuring everything works, and then updating the production site. She highlights real-world scenarios where automated updates have caused issues, leading to downtime and confusion over whether a site was hacked or simply experiencing an update-related error.
- Content Creation and Community Engagement:Kathy discusses her responsibilities at Motivation Code, including managing content across different platforms and facilitating challenges to foster community interaction. Despite facing technical challenges with platforms like LinkedIn, she remains committed to creating engaging content and moving activities to more effective platforms like Facebook.
Mentioned In The Show:
- Shopify
- Wix
- Squarespace
- Motivation Code
- CrowdStrike
- StellarWP
- WordCamp US
- Nathan Ingram
- Mark Westguard
- Kathy’s website
🙏 Sponsor: WordPress.com
Build and manage professional sites with secure managed hosting on WordPress.com. Beautiful themes, built-in SEO, and payment tools, and access to over 50,000 plugins. Everything you need for your business, plus 24/7 support from WordPress experts.
🐦 You can follow Post Status and our guests on Twitter:
- Kathy Zant (CEO, Zantastic LLC)
- Michelle Frechette (Director of Community Relations, Post Status)
- Olivia Bisset (Intern, Post Status)
The Post Status podcast is geared toward WordPress professionals, with interviews, news, and deep analysis. 📝
Browse our archives, and don’t forget to subscribe via iTunes, Google Podcasts, YouTube, Stitcher, Simplecast, or RSS. 🎧
Transcript
Michelle Frechette 00:00:02 We’re live with the next Post Status Happiness Hour. And today I have a guest and good friend, Kathy Zant. Hi, Kathy.
Kathy Zant: Hi, Michelle. How are you doing?
Michelle Frechette: I’m good. We talk all the time for our other podcast, so I’m used to saying, Happy Thursday, Kathy or Happy Tuesday or whatever, but but yeah, I’m very excited to, to have you as my second guest on our new, Post Status Happiness Hour. So how are you? How are things going?
Kathy Zant: Good. Busy week. Really busy week. But everything’s going really well. How are you?
MIchelle Frechette: Also very busy week, so. Yeah, I totally get that.
Kathy Zant: Yeah, I actually have, like, Stellar sales. I remember the Stellar sale.
Michelle Frechette: Yeah, it’s a Stellar sale week, and I just came from a Retro on the Stellar Spark from last Friday. And that one I think went really, really. That that really everybody was happy. It went really well. So yeah. Good things.
Kathy Zant: Yeah
Michelle Frechette 00:00:56 Good things for sure. So I promise people that we were going to talk about things that you talk about and things that I don’t necessarily have a lot of, what’s the word I want a lot of experience with, which is basically security. I know what it’s like to be hacked. We can talk about that.
Kathy Zant 00:01:22 I think everyone knows what it’s like to be hacked or socially engineered or phished?
Michelle Frechette 00:01:24 Yeah. For sure.
Kathy Zant 00:01:25 It’s ubiquitous these days. Hackers gonna hack.
Michelle Frechette 00:01:29 This is true. This is true. So. Yeah. But, so you though, are starting some courses and some things that people will be able to share about so. Well, I find the link for this and posted in Slack because Brian Henry gave a great idea, which is get more people watching. If I posted a Slack, you tell us a little bit about what’s going on with your courses.
Kathy Zant 00:01:49 Yeah, so well, I launched one a few months ago. I just did sort of like a WordPress security mini course.
Kathy Zant 00:01:58 And I have like a full, like, in-depth WordPress security course that I am in the midst of doing. But then I was like, I, you know, do other stuff. I’m not just the security lady, right? And I was in this one group and people were asking all these questions about WordPress. And so I reached out to the guy who was running the group, and I’m like, you know, I could do like a quick little answer all those questions and help these people. And he’s like, yes, please! So I did that little course for him. And I’m like, you know, there’s enough content here for like a little mini beginner’s course. I’m just gonna take out his stuff and also share it with, you know, other people, like most of us have Post Status. People are gonna look at it and like, yeah, whatever, we know all this stuff. But for new people who are just like, you know. What themes should I use? Like what is a what is full site editing? What is a black theme? Like they don’t understand all of this terminology and I wanted to demystify it for this.
Kathy Zant 00:02:56 Like one group, there are about a thousand people in there and I’m like, I do not want these people to be like scared when they start diving into WordPress and get scared by all of the stuff that we talk about, like, and you go on YouTube and you, you search for like some I just want to I just want to build a website and run my business, like, how do I do this? So I wanted to make it super blazingly easy for everyone and may I talked up Kadence and and generate press a little bit there. You know, old habits die hard.
Michelle Frechette 00:03:26 Oh for sure.
Kathy Zant 00:03:26 But yeah so but that one I’m I’m just going to give that one to anybody who’s, who’s like signed up for my security courses. And you know just because it’s basic stuff for them. But they might find it useful or they might be able to say, hey, you know, my my sister in law wants to develop a website and, you know, they’re talking about using Wix. Please help me stop them.
Kathy Zant 00:03:47 So it’s those kind of folk.
Michelle Frechette 00:03:49 Agencies can use it to persuade their their potential customers. Why not to use Wix, too?
Kathy Zant 00:03:55 Yes, yes. And just to kind of demystify it’s it’s not like a okay. Well I do go through like, okay, here’s how the block editor works. And you know, basically like what what is list view or the document overview and like what are all these things just so you can get like but it’s like strategic like, why should you be using WordPress over Squarespace and Wix? And why should you choose WooCommerce over Shopify? Like, what is the long term strategic decisions that you need to make? And when you’re trying to evaluate a plugin, like, what are the things that you look for so that you’re making a, you know, I mean, the worst thing in the world is you sign up for a form plugin and then six months later, you’ve got all these form entries in there and it’s like, well, it doesn’t do everything I need.
Kathy Zant 00:04:39 Like, what do I do now? And you’re, you know, deeply ingrained into sort of an ecosystem that’s that can be very painful. So kind of just helping people strategically think about WordPress for the long term. So yeah, that’s been fun developing some overviews and WordPress just to help, you know, I mean, I’m not looking to retire on any of this stuff. It’s more like just stuff up here. It should not just stay up here. I think anybody who’s got any experience even, you know, I mean, there’s some people on YouTube who are like, this is how you get started with WordPress. I think each one of us in WordPress has a voice and has an experience, has something to contribute. We should all be helping everyone that we can understand the ramifications of the decisions that they make, and why they should choose open source versus lacking into an ecosystem like, you know, Wix and Squarespace. Sorry, Wix and Squarespace not picking on yet, but you know, this is Post Status, so maybe a little.
Michelle Frechette 00:05:43 Wait if I, if I, if I do the thumbs down, am I going to get the. Yeah. There we go. The thumbs up.
Kathy Zant 00:05:47 There you go.
Michelle Frechette 00:05:50 I love it. now that’s great though I can I, I think I’ve told you this maybe I don’t know. I told you my hacker’s nightmare. Like being hacked. Nightmare story I was. Gosh, what year was this? It was pre-pandemic. So it was 2018, 2019. Okay. So it was a while ago. and I still had a ton of personal customers because I came in to Give in 2018, having been a freelancer for all those years. I do not manage very many customers anymore, just a couple close personal friends. And that’s about it, right? But I was driving to Montreal for WordCamp Montreal.
Kathy Zant: Yeah.
Michelle Frechette: In my car. And my phone rings, and it’s one of my local customers here, and I made the mistake of answering it because my site’s down. I don’t know why my site’s down.
Michelle Frechette 00:06:39 Well, I’m going to be in the car for the next five hours, so I’ll take a look at it when I get there and let you know. So basically, the site, one of the sites, I had 11 sites sharing a hosting area, and one of those sites got infected, which then infected.
Kathy Zant: Ouch.
Michelle Frechette: It was like the internet version of Covid like patient zero was one site and then all the other ones that shared hosting space also got infected. And I was not somebody to, understand, like the importance of occasional backups, not just the when I first made the site because I didn’t have any of the updates. I couldn’t just redeploy the site from the first backup I had because so many changes. So I literally stayed up all night. The night before, I was giving a talk to go through line by line by line of code that I was being told from the host was the infected stuff. So I cleaned it all up and they.
Kathy Zant: Wow.
Michelle Frechette: And the hosting company said, good, you’re good to go.
Michelle Frechette 00:07:41 The sites are back up like four in the morning. And I had to be like by 9:00, registering right for the next day.
Kathy Zant 00:07:47 Wow.
Michelle Frechette 00:07:49 And yet that afternoon, guess what happened? It all happened again. And I will tell you why. Because nobody ever told me to check that they hadn’t created their own admin account on your site when they infected you, so I cleaned up hundreds, if not thousands of lines of code, but I still left the back door open for them because I didn’t know that was a thing. And so, I mean, I know now, like every time I log in to any website, I go and I look at the admins and make sure there’s I’m being the only people who should be in there are assigned. But there are so many things. It’s not just code. There’s so many ways that people can infiltrate your website. So all of that to say, I need to take your courses.
Kathy Zant 00:08:33 Yeah, yeah, I did training for Solid yesterday and auditing.
Kathy Zant 00:08:40 And so I have this whole audit procedure and you have to look at every single thing like that. Right. Like even looking at, you know, on the general settings anyone can register. Is that checked. And then default role administrator I’ve seen hackers do that a lot. So then they just go oh there’s an administrator again. Like yeah. you know they can do it. They’re clever.
Michelle Frechette 00:09:04 Yes they are.
Kathy Zant 00:09:05 Can be scary. Yeah. But you gotta check out everything. And I just went through all of I, you know like oh in an hour. It was just like firehose all of the information. And immediately after that, someone, one of my friends whose I help out every once in a while. I think my site’s hacked, Malwarebytes is alerting, and I’m just like, well, let’s go through this. I have to go through the procedure. And it was false positive. But yeah, fun stuff.
Michelle Frechette 00:09:32 I think the funniest WordPress hacker, I mean, don’t I’m not trying to give anybody ideas, but the funniest thing would be all you do.
Michelle Frechette 00:09:40 You hack the website and make every logo bigger. Like who made the logo bigger?
Kathy Zant 00:09:49 Is the client hacking their own site again.
Michelle Frechette 00:09:53 Like literally every client would be like. Finally they made the logo bigger.
Kathy Zant 00:09:58 Hire that hacker. We’ve got a new web developer.
Michelle Frechette 00:10:04 Oh my goodness. So funny. But yeah, there’s there’s definitely, definitely a lot to learn about how to I guess we got hardening your website, protecting your website, securing your website I recently so I’m going to ask you a question that I, I’ve heard so many different answers to. And I want to know, is there any true benefit to changing your login from WP-admin to something else? Because we hear that all the time like, oh, you should change your login screen. Other people say it doesn’t really do anything. So I’m going to ask you the expert about that.
Kathy Zant 00:10:40 Most of the brute force hacking attempts aren’t looking for your login screen. They’re not looking for you. No WP login. They’re looking they’re using XMLRPC a lot of times.
Kathy Zant 00:10:51 And it’s just bots spraying. You know, they they basically have a script that they tie to stolen passwords and they just spray and pray and see if they can get in and they’re using XMLRPC. So it if you’re going to change anything and you’re not using Jetpack, which is typically the plugin that uses XMLRPC the most, just turn off XMLRPC. The problem with hiding the login screen is that so many people forget where they hid it. It happens so much. And then. And it’s just security. They call it in the security world. Security through obscurity. You’re just you’re hiding something. It doesn’t mean that the login can’t happen. It just means that you’re hiding it. But it’s not going to stop those brute force attempts. And more often than not, you’re just complicating things for yourself, and you’re going to end up having to go in to FTP or whatever, turn off your security plug in and, you know, get the old way back, that type of thing. So I don’t see any benefit to it.
Kathy Zant 00:11:54 It’s much more advantageous to turn off XMLRPC and put two factor authentication on your site, and that’s going to do way more for you than hiding the login screen.
Michelle Frechette 00:12:06 So I did have a customer back in the day. Want me to do that. Right. To to change it to something that they could remember and it wasn’t even for it was more so that they can remember where it was because for whatever reason, WP dash whatever didn’t make sense to them. It was a religious organization. So I changed it to Matthew 778, which is the Bible verses says knocking the door will be opened unto you. That’s where I guess I have a sense of humor about these things.
Kathy Zant 00:12:36 Yeah. That’s it. Well, I’m all for that if you can make it comedic. So security should be funny. Hackers are just children playing practical jokes is how it all started. Really,so.
Michelle Frechette 00:12:47 Yeah, like, can I? If I can, I want to kind of thing.
Kathy Zant: Yeah.
Michelle Frechette: For sure I think sometimes like like if my website is my house.
Michelle Frechette 00:12:57 Right. So like I have walls, I have windows, they have locks on them, I have a security camera through my ring doorbell on the front. And I think I told you in a, in another place about what happened. I was like, it was last fall and I, my lights were still on in my living room because I they’re just not a time where they shut off whenever. And I’m in my bedroom and I get an alert that somebody’s at my door. So I open up and I’m watching this video. It’s like 11:30 at night, and there are these people who open my screen door and try to just come into my house by turning the handle and just trying to walk in, and the one turns, the other says, is this the right address? Yeah, this is the right address. And then, so they’re still trying. And then like the guy jumps up and tries to look through, you don’t get those high windows that just let out a Little bit of light in your door.
Kathy Zant 00:13:43 Yeah.
Michelle Frechette 00:13:44 Tries to look into my house through those little windows. Like, I mean, I’m five feet tall, that I’m never going to jump that high, but this guy could. And then the other person backs up, it looks down the street, it goes. Actually, I think it’s the next building over and my heart’s pounded out of my chest. I’m like, what is going on here? And they start to walk down the road, and then the guy comes back and says into my ring doorbell. Sorry about that.
Kathy Zant 00:14:09 Oh that’s hilarious.
Michelle Frechette 00:14:11 But they didn’t breach my house. Could somebody break into a house that wanted to? If you’ve got your doors and windows locked, of course. But you’ve taken the precautions that you can, right? Of course.
Kathy Zant 00:14:23 Yeah, well, I mean, what they’re going to do, think about criminality. They look for the lowest hanging fruit. They look for the easiest one to get into. So if like your house is in a neighborhood and you have a security system and nobody else does, they’re going to avoid your house and they’re going to go to the houses that don’t have a security system or the ADP sign in the front yard type of thing.
Kathy Zant 00:14:45 So they’re looking for the easiest way in. But if they want in and they decided that your house has something of value that they want. You know, for whatever reason. Maybe you did a live stream and showed off your collection of something for your Wonder Woman collection, right? And they’re like, oh, we want that. And we know where it is. And they want into your house. Nothing’s going to stop them. You know, they’re going to use a brick and throw it through the window, and they’re going to find a way in. So,
Michelle Frechette: Exactly.
Kathy Zant: The thing is to just like, like with your WordPress site is making sure that you’re hiding certain information like you don’t you don’t have your PHP info file like so. You can’t do like your domain. Meet michelle.info and then slash info PHP and it gives you like all of the information of your PHP settings that could be chained together with a vulnerability. You just want to make things really hard for them, and you want to make sure you have a firewall that blocks like the most, you know, common types of things, and you patch your vulnerabilities and you do that basic stuff, they’re going to move on to, you know, Sally’s Cat blog and Sally’s too busy at the cattery, you know, taking care of the cats. And she’s not updating her WordPress plugins. Oh Sally, Sally.
Michelle Frechette 00:15:57 Exactly. We love Sally. Sally’s a little silly though, but yes.
Kathy Zant 00:16:02 Yeah yeah, I got to fix you. Site actually is broken right now. Oops.
Michelle Frechette 00:16:08 So sometimes vulnerabilities aren’t your fault at all. Right? So we know that things crash anyway. So one of the things I posted about today was the CrowdStrike issue last Friday.
Kathy Zant: Yeah.
Michelle Frechette: And I want to hear what you know about that because I only know what I see in Twitter. So I haven’t done any deeper than that. So talk was just for access. But she says poor Sally. Yeah.
Kathy Zant 00:16:32 Exactly. Sally. Yeah. Sally has been through so much. Yes.
Michelle Frechette 00:16:37 So what do you know about the CrowdStrike issue? I know that that was not a hacking situation, I don’t think. But tell us what you know.
Kathy Zant 00:16:43 Yeah, well, I thought about I actually do want to make a video about this because I think there’s some lessons for WordPress users.
Kathy Zant 00:16:52 Of course, we have the ability to turn on auto updates for all of our stuff. You know, auto update, core, plugins, my theme, whatever. Like I just don’t want to do updates. Well, this CrowdStrike thing first. Well, first of all, they’re rolling out updates like to everyone all at once, not just like, okay, let’s do a test rollout. You know, subset, subset group A, you know, like A/B test your your stuff, make sure, you know, do a small set, you know, pick it. Go update Sally’s CrowdStrike installation. Like do a little bit of a test before you roll it out to every single human being. Right.
Michelle Frechette 00:17:33 Every time you say, Sally, I’m going to put her on the screen. Like a drinking game. No drinking game. Just kidding.
Kathy Zant 00:17:39 Well, it’s just water, but yeah, I’ll take a drink for Sally woo. Everybody take a drink for Sally.
Michelle Frechette 00:17:46 So yeah. It’s continue, yeah.
Kathy Zant 00:17:49 So so there’s that. Right. Like, now in operations, like I’ve had to manage, you know, servers, in operations there is a difference between attended updates, which is an update. That is, I’m laughing at Jess because I can see her comment.
Michelle Frechette: Yeah. me too.
Kathy Zant: So there are attended updates. That means you are there with the server you’re holding little Bobby servers hand while the updates are happening, making sure that the updates are okay for little Bobby server versus unattended updates where you can just they run in the middle of the night, and you wake up and find out that Bobby had a heart attack at 3:30 in the morning. You know, that type of thing. We’re going to have to drink for Bobby, too. Bobby.
Michelle Frechette: I was going to say. Your people are in a whole mess of trouble here.
Kathy Zant 00:18:40 Well, when I when I told my former boss I didn’t want to be operations anymore, I’m like, I already raised my children. I don’t want to babysit little Bobby server at 3 a.m..
Kathy Zant 00:18:48 I’ve already raised children. So. But the thing is, is, like with your WordPress site, it’s the same type of thing. If your WordPress site is an asset and it is bringing in money, if you’re making money while you sleep because of your WordPress site and an update runs and it takes everything down, wouldn’t you rather know that it’s going to like that’s happening and be there and holding little Bobby servers hand or your WordPress site’s hand while that update is happening so you can fix things right away. Or, you know, are you just going to, like, set it and forget it because it happens sometimes the number of what, 60,000 plugins that might have some incompatibility, you know, some freak edge case code that just doesn’t play nicely with some customization that you’ve done. I just do not. I feel like CrowdStrike is just kind of like this warning this canary in the coal mine that automated updates aren’t a good thing if you just let the updates roll and you don’t like plan for them.
Kathy Zant 00:19:52 and be there when they’re happening, these types of things can happen. Now that’s at a very grand scale. I mean, the the fix for that is you had to be there with the server and like log in and delete a certain file in order to fix it. But I mean, I’ve seen WordPress sites go down with automated updates. I’ve cleaned hacked sites that they’re convinced it’s hacked because it’s white screening, and they can’t figure out what the 500 error is. And it’s an update that isn’t playing nicely with their version of PHP, a plugin update. And it happened in the middle of the night. They woke up and they’re convinced their site is hacked. And it’s really just, you know, an update that went wrong. So I am not a fan and I know a lot of security people are out saying, oh, just, you know, if you’re not going to log in and do your update, set your automated updates on. But I think if your site is an asset, make the time to do a process of update on staging, make sure everything’s okay, update on production, make sure everything’s okay.
Kathy Zant 00:20:52 So there’s my soapbox moment for automated updates.
Michelle Frechette 00:20:57 So Tim Nash the other day made a comment during this week in WordPress. The podcast on Monday mornings.
Kathy Zant: Yeah.
Michelle Frechette: And he said, like somebody had said, they pick and choose which plugins to have automatic updates on and not and not others. And Tim said that is the way to crash your website. So like to choose only some to update and not others. And I was curious about that and to hear what your thoughts on that are, because I wasn’t sure I knew the logic behind what he was saying. And I, I understand the logic of don’t do any automatic updates because like you said, you could wake up to a site that looks like something’s gone, hacked or something when it just wasn’t. But what do you think about that?
Kathy Zant 00:21:43 Well, okay, you have to assess the risk for each site. Like I’ve got ten, 20 different test sites and most of them are set with automated update. So I break my own rules there, but I have a few sites that bring money in for me my husband’s site, my courses, my personal blog which is now I’m like, it’s now an asset.
Kathy Zant 00:22:11 It’s now important to me. It is now my public, you know, face to the world. It’s important. So those sites have a different risk profile than, you know, my dog’s test site that I use for just showing people how WordPress works, like those automated updates. I don’t have to worry about it. So rather than doing that by a plugin, by plugin basis, do it by assess your asset right. Assess like your house versus the shed where you keep the, you know, gardening supplies. You’re going to secure the shed differently than your house. Your, you know, your stash of precious metals you’re going to secure differently than, you know, your vitamins. I’m trying to think of.
Michelle Frechette 00:23:00 My piles of gold, and I wish I had piles of gold. So Brian says, for example, I trust WooCommerce and Delicious brands have quality control. So all updates on those are probably safe. So one way to look at it. Right. So yeah, if you if you trust them like I used to do.
Kathy Zant 00:23:18 For everyone and every site is going to be different. So I can’t say that that’s wrong because, Brian, if that’s something that you have experienced and trust with, but for me, for a WooCommerce, if you have money coming in in the middle of the night, I would definitely do the updates of I’m going to test and update on staging first, and then if WooCommerce is happening, if there’s any kind of money coming in, I would do the staging. Production, and no auto updates for something like that. But if it’s, if you’re cool with it, who am I to judge?
Michelle Frechette 00:23:53 Right. Yep. There are, I sat back in the day when I was freelancing again. I had, you know, 100 different sites. I was working on any particular time, and so I can’t remember the plug in I use that kind of was allowed to like, go in and update from a third party site. Right. So I could go in and say the site needs all these updated.
Michelle Frechette 00:24:11 I trust these ones. I don’t think those are going to break anything. And I would, you know, double check. But I there were some, some plugins I would do that for across the board for like these five sites all have XYZ plugin update. Go for it. Right. And then but I still would go back and forth and look at the sites and make sure they were really working like they were supposed to.
Kathy Zant 00:24:29 Yeah. Or you know, there’s tons of like, services out there that will check the integrity of your site. So they will you can set them up. I can’t even remember some of the names of them. I think I have like up to Uptime Robot. There’s a bunch of different ones. But you there’s certain words that you have on certain pages, and you want to just test to make sure that those words are still showing up. And that means, you know, you’re not 500 erroring. You’re not having any kind of like scripts erroring out. You know that the site is available and still up those types of things so that you have some kind of alerting system that if there is a problem that you, you know, you know, you’re not like going three days and, and don’t realize that there’s a major problem with your site, you don’t want that.
Michelle Frechette 00:25:17 I didn’t do an update in a timely fashion recently to one plugin. It didn’t break anything except that plugins functionality. When I went to that website and I looked for that particular thing that it created, all I saw was a shortcode and I was like, oh, that’s not good. So I logged in, I update, I did the update for that plugin, and then the thing that was supposed to display displayed again and I was like, oh, I wish I had update. Auto update that one. So never broke, but you never know. So it’s good that I, I caught it. I checked these things at least once a week. Some of these sites that I, they just they’re not changing. Right. So they’re not asking for updates and things like that. So I just I do a scan once a week of all those little kind of brochure sites that are sitting there, make sure that they’re still working. And I was like, oh, they didn’t tell me it wasn’t working.
Michelle Frechette 00:26:09 I saw that it wasn’t working. I was able to fix it. But yeah, yeah, interesting stuff. But so, so so the CrowdStrike, what do you think is the fallout from that or is there fallout from that.
Kathy Zant 00:26:19 They’re giving out. Did you see they’re giving out $10 DoorDash or Uber Eats or tickets? I’m like, does it even buy a Chipotle burrito anymore? Ten bucks doesn’t.
Michelle Frechette 00:26:29 Even cover the delivery cost.
Kathy Zant 00:26:32 I saw that today and I just started laughing. I’m just like I did. I see I was researching should I do a video on this or not? And I started like going into like I went down a conspiracy hole trying to find out if it was like some kind of weird thing. And then that was just like, come on, you guys. Whenever you can say that this is incompetence versus malice, it’s probably going to be incompetence. but yeah, I think it just it to me, it just underscored the importance of being there when updates happen. And just being, like, really aware of all of your stuff.
Kathy Zant 00:27:11 I mean, I woke up last week and, somebody was trying to get in my Twitter. Somebody was trying to get into my Facebook. So then I was just like, I went over everything like, yeah, just check everything. I’ve got two factor on everything. So that’s why I could see all the stuff happening. But I mean, that’s that kind of stuff happens. And when somebody’s, like, targeting you, you’ll, you’ll know, the one coolest hacking story that I always go back to is when this one guy, he, he had his Coinbase account, the cryptocurrency account drained, when he got SIM swapped and he saw signs of it before he was going to bed. His phone wasn’t connecting to the cell tower, and he’s like, well, solve it in the morning. And he went to bed and he woke up like $100,000 poorer.
Michelle Frechette: Nnnoooo.
Kathy Zant: And that was just like the story over everything there. And so now for me, whenever I see any sign or hear somebody says, hey, something’s weird with my thing, and I’m just like, drop everything, let’s investigate. Let’s just like, rule out anything going on.
Michelle Frechette 00:28:14 So yeah. So Konstantine made a comment that says the White Screen of death with an HTTP 200 response code is still technically up.
Kathy Zant 00:28:25 Yeah. And that’s why we do the test to make for a certain word like is the is a certain word on the screen, like if it ever disappeared. Which of course is terrible when somebody goes into the site and edits it and takes that word out that has happened before at your previous job. Like what? That word. Why that word? But like checking just to make sure that, you know, that that certain phrase or word or whatever that shows integrity of the site, that it’s up. That’s why I always go with that, because yeah, that white screen with 200, 200 code is technically up. You’re absolutely right.
Michelle Frechette 00:29:04 My, my one of my least favorite things. Oh Jess says hey, something’s weird with my thing lol. One of the things that I hate to see on people’s sites isn’t even like the white screen, right? Like white screaming something catastrophic happened.
Michelle Frechette 00:29:19 They have to fix it. Whatever. What I really hate is when I see the lines of code that says there’s a string error and that kind of thing that’s right across the top of somebodys website, because, like, the site’s still technically up, but it’s just told me that nobody’s tending like the chickens are in the yard, but nobody’s feeding them, like, you know, like, I don’t know why I’m making up really silly sayings, but.
Kathy Zant 00:29:39 Because I’m here with you, that’s what we do.
Michelle Frechette 00:29:41 That’s what we do. That’s right. Yeah. But that to me is like, oh, I was one of the like go right to their contact page and go, can you please check XYZ plugin because I think it needs an update.
Kathy Zant 00:29:52 Yeah, I, I have sites that I developed like in the mid like before Clara was born that are still up. You know, God knows how they look on mobile. I don’t know, but like stuff I did for my husband way back in the day and stuff and they’re still up and I’m just like, they don’t break, though. They’re just fine because it’s such simple. I mean, I think I only used it. They’re just like simple HTML, simple CSS. There’s nothing like super complicated. It was like they’re not WordPress sites. And so I don’t need to like really update them. I use PHP on them just because I wanted header and footer, like give me a header, give me a footer and give me, you know, each page has its own like little bit of content type of thing. They’re really simple. But yeah, the worst is when you get like those weird errors.
Michelle Frechette 00:30:42 It just looks bad, yeah. So yeah. So I’ll tell you a funny story from last week where I thought a site had been hacked or something catastrophic happened to it. I was I was trying to share. So it’s my massage therapist website that I built in trade for 20 massages, right? So like I got a really good deal out of this, but and I was meeting with somebody who’s like, oh, I want their information.
Michelle Frechette 00:31:06 I’m looking for somebody who does in-home massage too. So I went to pull up the website to share with her, and I had a weird Cloudflare thing on the screen. I don’t remember what it said. It was over a week ago now, and I was like, oh, this can’t be good. So I didn’t tell her. I’m like, oh, let me get this information. I’ll send it to you, because I wasn’t gonna be like, here’s the website I built that looks like it’s gone right now. So I could not remember where I told him to host and pay for his hosting. So I had to go back through my text messages because I couldn’t. The site wasn’t up. I couldn’t find it that way. So I finally found that it was where it was hosted. And so I reached out, you know, I know people at almost every hosting company, which makes it a little bit easier to reach out to people and say, okay, this is my customer site. Can you tell me what’s going on with it? Because I’m getting this Cloudflare error.
Michelle Frechette 00:31:55 And, I said I don’t remember the client’s login to their hosting. And so I get a screenshot cancellation request notice a cancellation request exists because the the my customer said I started a new job recently. They don’t have enough money to keep paying for it monthly, at least not right now. So they cancel their hosting without telling me, and I didn’t want to tell them that their site was down because I was like, I can’t go tell the site is that until I fix it. So I actually saw him last night. he and his partner came over and helped me get some packages in the house, and I said, let me tell you a funny story. I go, I have I’m not mad that you took your sight down. I’m not mad about any of it. But I have to tell you, tell me next time. So I’m not in a panic. I’m afraid to tell you that your site’s not working. So anyway, it wasn’t hack. Bottom line is he hacked his own website by not paying for anymore hosting.
Kathy Zant 00:32:50 Yeah, clients do crazy. I had a customer who, he he really liked his dot net domain. That was his favorite. And I’m like, you know, really, people are going to look for you with the.com. So he went and registered the.com and I built the site and referred to.com because that’s how I think. Right. And then he decided one day without telling me that he didn’t want that.com anymore and he let it go. We let his.com go and I’m just like, dude. So of course.
Michelle Frechette: It’s only a year. That’s it.
Kathy Zant: Yeah I know, I know. And it was just like, so all the images are broken, I’m hacked, I’m hacked, and I’m like, where’s the.com? And he’s like, I don’t want that. Anyway. I’m like, okay, dude. I’ll go fix it.
Michelle Frechette 00:33:32 Communication is key.
Kathy Zant 00:33:35 Yeah, yeah. And he’s. Yeah. And here’s the weird thing like that site I still like have it on my hosting stuff, like he’s a friend of my husband’s and stuff, and I just he passed away and I think his wife might have passed away too.
Kathy Zant 00:33:51 And I don’t know, the kid. Like, I’m just like, yeah, I guess I’m just going to keep updating it. Like, the dude is like a famous author and like, what am I supposed to do?
Michelle Frechette 00:34:03 There’s not much you can do, really. I mean.
Kathy Zant 00:34:05 R.I.P like update. I hope this theme keeps working forever. I think it’s been. It’s been over ten years since I developed. That forum. It’s just there.
Michelle Frechette 00:34:17 Yeah. Now I know that you you post on YouTube quite a bit. Or at least I mean, not as often as maybe Jamie Marsland, but you do post on on YouTube. And you’re growing that channel too. And you have your courses. I, I, I’m not sure where you have your courses, but I’m going to put on the bottom on the screen here how to find you on YouTube. So you’re just @Kathy, I love that you have such a unique name, right? Like @KathyZant Everywhere. Like there are so many Michelle Frechette and Michelle Amess in the world that,
Kathy Zant: Are there?
Michelle Frechette: Oh yeah, it’s a big name in Canada for some reason. But yes. And they’re all Michelle Marie Frechette, just like me.
Kathy Zant: Really?
Michelle Frechette 00:34:57 I have people friending me on Facebook because we have the same name.
Kathy Zant 00:35:01 There’s a couple of Kathy Zant’s around and I’m just like, I, I’m sorry. I’ve grabbed everything. So sorry. And then there’s a there’s a Kathy Van Zant, and I actually, like, just friended her on Facebook and I’m like, close enough, let’s be friends. And then I know we kind of lost touch, but yeah, I just grab it all. What? Oh, new social network. Well, let’s see. Do I want to wade in that pool? Yeah, I’ll just grab the name. I don’t have to look at it.
Michelle Frechette 00:35:29 And then if people want to follow you, they can get all the details for all your stuff at your website. Right. So zant.com.
Kathy Zant 00:35:35 And the courses will all be up there too. I’m putting them actually on a different domain just because I’m neurotic that way.
Kathy Zant 00:35:42 Like, okay, Learndash is over there and WooCommerce is over here. And.
Michelle Frechette 00:35:48 Yeah, it’s like if you break into my house and you go right for the jewelry box, you’re only going to find the low cost jewelry, like I’ve got the other stuff. Stash other places.
Kathy Zant 00:35:57 There you go. That’s the way to do it.
Michelle Frechette 00:35:58 Oh, yeah. Oh, yeah. I’m not going to tell you. It’s all under the toilet paper underneath it. No. I’m kidding. Oh my goodness gracious. So yeah. So CrowdStrike, courses what else. What else I can’t remember what else you said we should talk about today. I could go back to my notes.
Kathy Zant 00:36:17 We could talk a little bit about motivation code because I keep going deeper and deeper into that. I just interviewed Sean Haskell that I work with. He is just an inmate, like one of my favorite people. Like it is a blessing to work alongside him. And he just did this course and he put, you know, he’s just amazing. And he put his heart and soul into this.
Kathy Zant 00:36:38 So I’m going through the course myself because I just don’t feel like I know there’s so much behind motivation code. I mean, it’s like, yeah, okay. I’m a visionary with, you know, influencer, achiever, you know, it’s all of that stuff. But there’s so much more underneath it. And I like, I gotta talk about this and I don’t feel like I know. So I’m really learning from Sean and taking this course. So I just interviewed him and I’m just, like, so impressed with what he’s doing. Yeah. This course is just really cool. And the more I dive into like, what Motivation Code is like telling me about myself, like, what does it mean to be a visionary? Like, guess what it means? It means I am not going to worry about typos. I am not that person. I am the person that’s like, you know what we’re going to do? We’re going to do a movie or we’re going to do this like one day event and we’re going to do this. You know, I come up with these like big ideas and drag people like you along with me. Let’s go do this big thing. Right.
Michelle Frechette 00:37:37 I’ve never done that to you.
Kathy Zant 00:37:39 Yeah. You do. You. You’re a visionary. I’m sure you’re like visionary. Influencer. Like you’re top dimensions too.
Kathy Zant 00:37:46 Because because you’re just like that too. But I beat myself up. I realized just recently I beat myself up a lot, trying to be like the perfectionist and trying to do everything like, like an optimizer or an orchestrator or a one of the one of the people that I’m not and I just like and also just Chris Lama is just, like super supportive of all of us. And he’s just like, lean into who you are. He’s really like, we eat our own dog food, right? You know, we’re like using motivation within our organization to really, like, get to know ourselves, get to know our coworkers and stuff like that. So I’m like on this sort of quest of like self-knowledge and self understanding through this lots of science behind what this assessment is.
Kathy Zant 00:38:32 So I’m having a lot of fun with that too. That’s been really kind of cool.
Michelle Frechette 00:38:36 Yeah, that sounds awesome. What is the website for that? So I can pull it up for us?
Kathy Zant 00:38:40 Yeah. MotivationCode.com.
Michelle Frechette 00:38:42 Okay, I wasn’t sure how to find it. so what what is what do you do there? What is your role?
Kathy Zant 00:38:51 I am I do content and so I write blog posts and I. Excuse excuse me. When I’m not sick and coughing my hat off. I am posting YouTube videos there and and some stuff I ran a challenge on on LinkedIn, which I’m not too fond of LinkedIn groups, and it just doesn’t work well. So we’re going to move it over to Facebook and do some more challenges and content within that that group. So that’s starting pretty soon. But just get on the Motivation Code mailing list or follow me. And because I joined my mailing list, because when I start doing stuff like that, no matter where I’m doing things, I tend towards, you know, promoting that as well.
Kathy Zant 00:39:35 So it’s, it’s all about just like personal empowerment and, and really inspiring people to get beyond limiting beliefs and really get to the core of who they really are so that you can really express who you are and find greater fulfillment in your life. And I’m at the age of my life where it’s like, you know what? I’m done not doing stuff that doesn’t make me happy. So.
Michelle Frechette 00:39:58 Yeah.
Kathy Zant 00:39:59 Happy to be in a place that I get to be valued and do things that feel very fulfilling, and I get to help other people. So it’s kind of cool.
Michelle Frechette 00:40:10 Helping other people is like one of the best things in the world. When you can help somebody and you see like that aha moment, the understanding you’re teaching them something, or the relief when you’ve helped them do something they couldn’t accomplish for themselves, that’s just an amazing feeling.
Kathy Zant 00:40:27 It is. And it’s what it’s what makes it’s what makes WordPress work. Right. It’s not I, you know, with with apologies to everybody who is a code contributor.
Kathy Zant 00:40:38 It’s the people element and the people contributors who really make the code contributions valuable. So it’s, you know, people who lift each other up at WordCamps or Meetups or people who are online, like Post Status, what post status does, and really sort of taking out the friction of communication across organizations, Stuff like that is really. It’s what what WordPress is all about. So to have sort of go into this world where I can now do this not only just for WordPress, but helping other organizations do this, people who have never even touched WordPress, like I can help, you know, impact so many more people. So it’s it’s kind of exciting. But yeah, it’s pretty cool.
Michelle Frechette 00:41:25 We have a comment from Jess. Oh, she made such a long comment. We have to raise our heads up so that we’re not going off. Haha.
Kathy Zant 00:41:32 I go.
Michelle Frechette 00:41:33 I just, not a sponsored comment. She says she highly recommends taking the full test. I’ve done a ton of them and wow, this really nailed me and helped me understand why I felt so stuck, which helped her get unstuck. I love that, that’s awesome.
Kathy Zant 00:41:45 That is awesome. Yeah. It’s really it’s really insightful. Yeah, it’s really insightful. So, and I’m just like, I’m into all that kind of stuff. Anyway, I’ve done the Enneagram and the Myers-Briggs and the what other ones? Oh, the ones I’m into now is like Gene Keys and Human Design and all of this, like more esoteric types of stuff. And then that and it’s really kind of cool because I do that stuff and it’s like, oh, that lines up with this stuff in the Motivation Code too. So it’s like this full on, you know what? Kathy Zant is done not being Kathy Zant. I just there’s my like there’s my quotable for the day. I am just like going Motivation Code and doing all of my other like work on myself. I’m just like really leaning in to who I am and valuing myself at a new level right now. So. And Motivation Code has really helped me helped me do that. So I’m so glad that Jess has had that great experience too.
Michelle Frechette 00:42:44 I feel like I have to go take the test now because now I want to know, you.
Kathy Zant 00:42:47 You do. You do.
Michelle Frechette 00:42:49 I took the you you mentioned the Myers-Briggs. I took the Myers-Briggs back in like, 1999, 2000. Like when I was in my MBA program, they had us take that test. And so I took the test and I ended up nobody surprised that the E part of me with the X that I’m an extrovert, right. But I ended up ENFJ. And you know, when you looked at all the boxes and for this, because it was at a business school, it told you what percentage of the people that take this test actually go to business school. And like ENFJ, it was like 3% like it was the lowest percent everywhere. And I was like, and every one of those 3% is a marketer, I promise you that.
Kathy Zant 00:43:31 Yeah, yeah.
Michelle Frechette 00:43:33 Because that’s what we do.
Kathy Zant 00:43:35 Yeah.
Michelle Frechette 00:43:36 Yeah. That’s too funny. Too, too funny. So what what things are coming down the line that you’re really looking forward to? I know we’ve got courses coming out. You’re working with Nathan on courses?
Kathy Zant 00:43:49 Working with Nathan on courses. Courses to help agencies. And that’s that’s coming up pretty soon. So I won’t tease too much on that, but, it’s mostly his idea, and I just kind of curated all of the content together. And he’s Nathan. Just Nathan.
Michelle Frechette 00:44:08 Ingram
Kathy Zant 00:44:08 A joy. Nathan Ingram is such a joy to work with anyway, so he kind of came up with like the bigger idea and structured it all. And I’m like, cool, here’s the content, you know? And so it’s been really super cool working with him. So that’s coming out pretty soon to
Michelle Frechette 00:44:28 Yeah.
Kathy Zant 00:44:29 I don’t know what else. All I mean, I there’s so much I get ideas and it’s just like, boom, let’s go do this. So, yeah, I’m sure more more is coming. I’ll be at WordCamp US and hopefully if you’re at WordCamp US and you have taken the Motivation Code, I want to talk to you. So write me because, we’re going to be doing a little project.
Kathy Zant 00:44:53 Sean. I’m dragging Sean into it. and we’re going to be doing a little project and really exploring more of how it’s impacted people. So that’s that’ll be pretty cool. And what other things, I don’t know. We gotta do some more stuff.
Michelle Frechette 00:45:10 I, you and me, we have a podcast that the episode has not yet for this week because this week has been slammed, but, it’s coming up by tomorrow, I promise, before we record the next.
Kathy Zant 00:45:22 Stellar sale. I do this because that’s all I do for Stellar sales. Like, oh, I failed everything.
Michelle Frechette 00:45:26 It’s a lot of work. It’s a good sale, though. It’s a really good sale. But, yeah, it’s a it’s a lot of work. I mean, they’re not sponsoring us. I do work there, so I will say it’s 40% off everything this week. If you go to StellarWP.com.
Kathy Zant 00:45:41 It’s a great price. It is.
Michelle Frechette 00:45:42 Yeah. It’s a good thing. I don’t think I knew you were coming to US, so I’m excited to see you at WordCamp US this year. Yeah, that’ll be fun for sure.
Kathy Zant 00:45:50 I have to bring my daughter to keep her out of Ttrouble, you know?
Michelle Frechette 00:45:52 That’s okay.
Kathy Zant: Go hang out with the WordPress people and stay away from all the crazy friends that you have who make you do crazy things.
Michelle Frechette: Meet your mom’s crazy friends.
Michelle Frechette 00:46:03 Yeah, yeah. And I’m going to close today with talking about how you and I are not only impulsive with some things, but we have ideas that we follow through on too. So it was over. It was almost two years ago now that we started. WP Motivate.
Kathy Zant 00:46:24 Is it two years.
Michelle Frechette 00:46:25 Coming this fall I believe. So I’ll have to go back and double check that for sure. But you I messaged you on a Friday morning and I’m like, I want to do a project with you. Do you want to start a podcast together? And you didn’t say, like, oh, what kind of podcast? Or what do you want to do with it? You were like, yes, I’m in like, boom, done. And so I think we were. I’m like, okay, let’s record one this afternoon and see how it goes. It was.
Kathy Zant 00:46:52 Yeah. It was that fast.
Michelle Frechette 00:46:53 We recorded our first episode on Friday. We didn’t even have the website yet. We built the website over the weekend like messaging each other back and forth, and we published our first episode on Monday morning. So not only do we have good ideas, but we execute well and we execute quickly. So we are the kind of people that people want to know because we get stuff done.
Kathy Zant 00:47:13 Okay. I’ve done big ideas and we get stuff done and yeah, yeah. And like I watched parts of when I could steal some time away. I watched parts of Stella Spark last week, and you did such an exceptional job with that.
Michelle Frechette: Well thank you.
Kathy Zant: And yeah, a lot of fun.
Michelle Frechette 00:47:32 A lot of fun. I will say though, the opposite of that is I get these great ideas and they just sit on a piece of paper for a month, a year or two years, five years. I own one domain. I’ve never I’ve never done anything with. I refuse to let it die. I pay for it every year because someday I’m going to build that website. It’s going to be freaking awesome. So? So yeah, motivation comes in different ways just saying that.
Kathy Zant 00:47:58 Yeah.
Michelle Frechette 00:47:58 But also you need to understand timing. Maybe we’ll talk about that on our, our other podcast this week is talking about motivation and and timing and how to know when is the right time to strike. Because you got some good ideas between you and me. So yeah. Anyway, I’m going to wrap us up and say thank you so much. You’re my second guest on this new endeavor we have over at Post Status and very excited to, to be able to share people’s thoughts and ideas and not only current events, but what they’re working on and the things that motivate us. How’s that for, like, a little tie in for you?
Kathy Zant 00:48:28 Nice. Love it. That’s beautiful. That’s why you’re the marketer.
Michelle Frechette 00:48:32 There you go.
Michelle Frechette 00:48:33 Anyway, thank you so much, Kathy, for being our guest today. And we’ll see. Oh, let me. I have a banner. Wait, I have a banner. Okay. Yes. Next week’s guest is Mark Westerguard. we will see you.
Kathy Zant 00:48:43 I was before Mark.
Michelle Frechette 00:48:45 You were.
Kathy Zant 00:48:46 Wow. I’m going to pull the tiara out and wear it for the rest of the day. I feel very special.
Michelle Frechette 00:48:53 You should. He would agree. You should wear the tiara. We should always wear the tiara.
Kathy Zant Wow.
MIchelle Frechette: Where did I put mine.
Kathy Zant 00:48:59 Wow Mark I beat you.
Michelle Frechette 00:49:02 I’ll find him. I don’t think he’s watching, but if he’s not watching, I’ll make sure he sees that. I thank you again, Kathy. Everybody will see you. Everybody else will see you next week. We’re going to talk to Mark about forums and WordCamps and all the things that are happening at US forums. So we’ll see you for that. Thank you.
Kathy Zant 00:49:22 Bye.
