Category Archives: Tips

WordPress Cleanup Checklist

Whether you’re a seasoned blogger or just getting your site off the ground and going crazy with uploads and creating content, it’s always a good idea to keep your WordPress site storage in check. “But I have unlimited disk space!” That is probably not the case, unfortunately! A server is just someone else’s computer with a finite amount of disk space. “But I don’t have the time!” Let’s clean some things up together, it will be easier than you think!

Please note: Before removing anything from your website, it’s always a good idea to have a recent backup available in case something important is deleted.

Subscriber and Membership List Purge

Every subscriber is an entry in your site’s database which can (slowly) take up space. Subscriber lists are something that you will want to be careful about going through though; it’s probably best to do this manually. However, this will become less of a daunting task to do over time if you keep up with going through your subscriber lists. The key here, however, is prevention so you won’t have to spend so much time cleaning up spam users. A simple preventative of spam signups is making sure all submission forms have a CAPTCHA that spam bots can’t abuse.

Our recommendation: Google Captcha (reCAPTCHA)

Those Years Old Pending Spam Comments

Like we discussed with maintaining subscriber lists, the key to maintaining comments is prevention. If you do not have some sort of CAPTCHA, spam bots will use and abuse your comments section. Leaving pending spam comments unchecked can be a cleanup nightmare. If you want to clean this manually, it’s best to tackle this process after your site’s peak hours. This can be a resource-intensive process as it involves deleting entries from your site’s database. Having preventative measures in place will save you so much headache and time in the future.

Our recommendation: Akismet Anti-Spam and WP Optimize

Unused and Redundant Media Files

By default, WordPress creates 4 versions of an image when you upload it to your media library. WordPress will resize that image into a thumbnail, medium, large, and full-size version. That’s 4 times the disk space used! If you haven’t been blogging too long, going through media manually shouldn’t take too much time.

Our recommendation: Media Cleaner

Post Revisions and Drafts That Let’s Face It, You’re Never Going to Finish

Hiding in your database are all the saved post revisions that were created while you were working on content. That WP Optimize plugin we recommended above will remove such saved revisions, but you can also change how many revisions are saved per post. Adding WP_POST_REVISIONS in your wp-config.php file like so:

define( ‘WP_POST_REVISIONS’, 3 );

will set a limit of how many revisions per post WordPress will keep at a time. In this example, we’re telling WordPress to only keep 3 revisions at once per post. Uneasy about adding this to your wp-config.php? We can help!

Speaking of sneaky disk space users, let’s clean those abandoned drafts up too! Another alternative to just deleting those drafts if you can’t seem to let them go is copying them to a document and transferring them to an external location such as Google Drive or Dropbox.

Unused Themes and Plugins

This is something that we cannot stress enough and if we’ve worked on your site you probably have gotten a reminder from us! Deleting those unused themes you’ve tested and didn’t like and plugins you weren’t sure about is such a good idea for multiple reasons. Those plugins and themes still have all those site files and database entries that take up disk space. Deactivated or not, would-be hackers and bots can still exploit deactivated themes and plugins. It’s a double whammy if you’ve never updated them either. Keeping what you actually use trimmed down removes that much more points of vulnerable access and keeps your site that much safer.

We do realize the irony in suggesting all these plugins when we tell you to delete unnecessary plugins! Once you’re done with your site cleanup, make note of what plugins you’ve used for future reference and remove them! They can always be reinstalled at a later date for cleanup.

As always, please do not hesitate to contact us if you have any questions or concerns or just want to chat!

How to Use Gmail (not G Suite) with Your Domain

The Evil of Email Forwarders

When an email forwarder is created, all email is forwarded to that address. Bills, invoices, Twitter notifications, those hilarious cat videos from Bob in the cubicle just over the way, and spam. Our IP addresses are then sometimes blocked by third-party providers, such as Google, ATT, Hotmail, and others, due to the volume of mail being sent from them or the spam that is being forwarded from your account(s).

While the spam may not have originated from your email account and is only being forwarded, email providers do not care. They only care about preventing spam from reaching their mail servers. This is why, if you prefer to use Gmail (or whichever third-party email provider you utilize) for all your mail, we always suggest setting up your domain email accounts as POP accounts rather than forward every message from your account.

POP accounts, by default, download the messages from the server. They can be configured to leave a copy on the server but I generally advise against that. IMAP accounts are a direct connection to the server in which you make changes (mark as read, delete, move to different folders) on the server itself. Mail does not get downloaded to the email client being used.

Benefits of using POP in Gmail

  • We never block Google’s IP addresses.
  • You can continue to use the amazing Gmail interface to read and respond to your emails.
    • You will even be able to respond as your domain-based email address rather than using your Gmail address.
  • Spam messages will no longer be forwarded from the server (but rather retrieved by Gmail) which will help lower the chances the server being blocked by Gmail for sending spam.
    • Even if you are using something other than Gmail, if you can set up the account as a POP account in that email (Yahoo!, Outlook, Hotmail, etc…), the same concept applies of less spam being sent from the server.

Potential Downsides

The only potential downside we can come up with is that Gmail checks periodically (about every hour or so) so you may need to wait for it to automatically pull your new messages. Alternatively, you can initiate a fetch-request by clicking the Refresh icon within Gmail, not your browser Refresh icon.

Let’s Set It Up!

  1. Log into your Gmail account.
  2. Click the settings icon (gear) in the top right and then click Settings.
  3. Click the Accounts and Import tab.
  4. In the Check mail from other accounts section, click Add a mail account.
  5. Enter your email address and click Next.
  6. Select the default option (POP3) and click Next.
  7. Change the Username to your full email address and enter the email account’s password.
  8. Change the POP Server to your server’s hostname, generally something like river.blackchickenhost.com. If you’re not sure what your server’s hostname is, please reach out to us!
  9. Select port 995 and check the box for Always use a secure connection (SSL) when retrieving mail.
  10. Click Add Account.

  11. Once your account has been added successfully, you can set up the email address so you can send mail from that account. Click Next.
  12. You can change the Name if you wish, this is what will be displayed when sending messages from this email address. Be sure to leave the Treat as an alias box checked.
  13. Use your server’s hostname for the SMTP Server, ensure you use your full email address for the Username, and enter your Password. Leave the Secured connection using TLS option selected and click Add Account.
  14. The email address you are adding to your Gmail account will receive a confirmation code to enter here.

You should now be able to send and receive your domain-based email through your Gmail account!

As always, please do not hesitate to contact us if you have any questions or concerns or just want to chat!

Mindful WordPress Security Practices

Secure WordPress Practices

With WordPress, one of the easiest tasks to complete is to harden your site but it’s one of the most overlooked tasks! In this day in age with data breaches and hacks running rampant, it’s never too late to implement security practices on your website. While absolutely no site is 110%-without-a-doubt-no-way-in-hell-is-anyone-hacking-anything secure, there are many ways to minimize such risk. By not following any security practices or just “letting things go” you’re not only putting your site at risk, but you’re putting your audience at risk as well.

Quick Changes to Make Right Now

WordPress user practices

Please do not ever use the username of “admin” for your main administrative login. It is the WordPress default when creating a WordPress site, but it’s also the easiest to guess and easiest to start exploiting. Even if you use your email to log in to WordPress but still have your user created as “admin” you are still at a risk.

It’s always a great idea to periodically go through registered users and audit users that have any dashboard access whatsoever such as other Administrators, Editors, and Authors. That administrative user you made for a plugin support developer a few years ago that’s never been used again? You should delete that user ASAP. Multiple users with dashboard access are just more points of entry for bad guys.

Minimum password strength and password change schedule

Consider setting a schedule for yourself and additional users to change their login passwords. Your password that you haven’t updated since your site’s inception in 2013? Take a few seconds to change that today! We have a wonderful article on password security practices when creating new passwords. Try and put more thought into your passwords, and never use anything easy to guess like names and important dates.

If you care about your site at all, keep it up to date!

When Black Chicken Host receives a client request to install a new WordPress site, we always make sure to enable automatic core WordPress updates per our Terms of Service. Most likely if you’ve migrated to us you will need to enable automatic WordPress updates.

https://codex.wordpress.org/Configuring_Automatic_Background_Updates

Any theme or plugin developer worth their salt will test theme and plugin updates for compatibility with multiple versions of WordPress. While it is still an excellent practice to backup your site (you can ask us for help, we don’t mind!)  before doing major updates, unless your own website developer or “IT person” went to town with poorly coding your site, hit that update button!

…and just delete unused themes and plugins

The more themes and plugins, the more points of entry. Added bonus: reduces disk space!

Hide author usernames

Using your WordPress username as your “published” name on posts and pages is just handing people half of your login on a silver platter. But there’s a simple fix! Under your user profile, set a nickname for your user and change the “Display name publicly as” option:

“Advanced” Practices:

Change wp-login.php

One of the most common reasons we see for elevated server load/slow sites is IP addresses trying to brute force their way into your WordPress login landing pages. Since WordPress has a default www.yoursite.com/wp-login.php site landing page, this makes it easy for would be hackers and troublemakers to try and force their way into your WordPress dashboard. If your WordPress login landing page is a different URL that makes more “work” for the bad guys to try and locate and can help keep you safe!

We do not recommend editing your core WordPress files via FTP or File Manager to change your wp-login.php file or theme files. This can go wrong so quickly for so many reasons. There is however a myriad of plugins that quickly and safely change the default login landing page for your WordPress dashboard, just give a quick search! We’ve seen a few of our clients use WPS Hide Login.

Please note that if you do change the login for your site and later require our assistance with your site that involves logging into your site, please give us a heads up on what your login URL is. That will save us all some time and back and forth!

Use .htaccess to limit wp-login.php altogether

Via your site’s .htaccess file, we can deny all requests to your WordPress login page except for specified IP addresses. This is usually a last resort method as most folks do not have static IP addresses from their ISPs. So once your IP address changes, you will be locked out of your WordPress login page until your new IP address is added to your .htaccess file. If you would like assistance setting up this directive in your .htaccess, please contact us for assistance.

A Final Piece of Advice

Keep any computers and devices that access your WordPress site and email updated! If there are viruses to hack your email accounts, there are viruses to gain access to any site that requires a login. Make sure your computer has anti-virus setup and regularly updated, don’t slack on that! It’s an absolute nightmare trying to clean up an infected computer (we speak from experience).

When you don’t take your own computer and site security seriously, you aren’t taking your reader’s or customer’s security seriously. Data breaches aren’t just the huge ones you hear on the news, they can happen to any site no matter how small.

As always, please do not hesitate to contact us if you have any questions or concerns or just want to chat!

Why *Everyone* Should Have Off-Server Backups

We have all heard the horror stories, and indeed, some of us have lived them ourselves – my hard drive failed, and I lost everything. Backups are so very important! However, there are many different kinds of backups, and which of those backups we use is something we all need to think about before catastrophe strikes.

There have been numerous events across many major hosting companies, ranging from “unexpected thermal events” (which is to say, fires) to hardware failures to natural disasters, all of which have resulted in some measure of data loss. You can protect yourself from these events 100% by taking a few simple steps.

The Backup Lowdown

Before we get into those specific steps, though, let’s talk about backup security in general. Black Chicken Host provides on-server backups as a courtesy service; per our Terms of Service, these backups are not guaranteed. While they are typically very robust and trouble-free, it is possible something might happen to them rendering them unusable.

The most important step in obtaining additional backup security is to have off-server backups. You can set this up either with a WordPress plugin, such as BackupBuddy or Updraft, or you can manually download cPanel backups to your home or office computer.

Pro tip! If you are utilizing a backup plugin we recommend downloading those backups immediately. Otherwise, your disk space allowance will quickly fill up which can render your site inaccessible.

Your Options

For our Standard Shared clients, we have our courtesy backup system which backs up your sites once a month and several times during the week. You can manually generate and download backups via your cPanel account access too! The Backup Wizard feature allows you to create a full backup of your entire account for download (site files, databases, and email) or you can pick and choose which part of your account you want to backup. We always recommend having a full download of everything, just in case!

For our WordPress Only clients, we have a rolling incremental backup available of your site taken every morning. We highly recommend utilizing a backup plugin to keep local backups saved to your computer. Again, you will want to make sure you have these backup plugins download to your computer or other remote location (Dropbox or Google Drive) to keep your disk space allowance in check.

For our VPS server clients, we offer the widest range of backup solutions. Like our Standard Shared clients, we have our courtesy backup system which backs up your sites once a month and several times during the week. You can also manually generate and download backups via your cPanel account access. If you have a dedicated WordPress Only server, we have a rolling incremental backup available of your site taken every morning. For all of our VPS server clients, we also offer a paid-for, off-server backup option called “Time Snap”; this takes weekly snapshots of all files on the server, and retains four rolling restore points. Rather than restoring a single site or account, this restores the server as a whole, which is great in the event the whole server becomes unusable. The cost of these server-level backups is 20% of the server cost.

A Solution for Everyone

Our BCH Managed WP Services also include backup plans! Backups are stored offsite at the Amazon S3 infrastructure and retained for 90 days before being rotated out. We can also download, restore, and even clone your site with a few clicks of a button. Plans include Weekly, Daily, 2x Daily, 4x Daily, and Hourly. Learn more here!

As always, please contact us if you have any additional questions or concerns about site backups or what options are best for you.

New Anti-Spam Offering from Black Chicken Host

Hello, friends and teammates –

We have some exciting news, which might just make your whole day:

Black Chicken Host now offers SpamFreeze, a robust anti-spam solution, for only $5 per month per domain!

Our new SpamFreeze product filters, tags, or blocks spam entirely; you’ll never have to see it in your inbox again. Additionally, it offers another layer of security for your home and office computers, as it will automatically strip out viruses from any incoming email (or, if the virus cannot be removed, it will block the email entirely.)

If you are being repeatedly hit by email from the same IP address, the SpamFreeze firewall will begin blocking those emails after 50 are received within a 30-minute timeframe.

We can configure your SpamFreeze to either pass through all virus-free email and tag it with a “SPAM” tag for easy filtering into a separate folder, or to outright block anything the firewall detects as spam. I recommend starting out with tagging in place, so you are able to ensure no legitimate email is being flagged by the system; our false-positive rates are very, very low, but we wouldn’t want anyone to miss out on important mail.

Once you’re confident everything works to your liking, it’s a very easy matter to change from tagging to outright blocking.

Powering SpamFreeze is a robust cluster of Barracuda devices; they will not become saturated or cause delays in your email. Barracuda is amongst the most trusted names in security worldwide.

For only $5/month, you may never have to deal with spam again!

Get in touch with us today if you’d like more information, or if you’d like to sign up.

How to Unblock Your IP on a BCH Server

We have some pretty snazzy news to share with you; we’ve added the ability for you to unblock your own IP address from the firewall! 

Most of us have at one time or another entered an incorrect password one too many times, or have run afoul of ModSecurity triggers on our websites, which results in the server denying all traffic to and from our IP address.

Symptoms of a blocked IP:

* You cannot see anything on your site, and may receive a “request timed out” error
* You cannot check email if your domain is hosted on your server with us
* You are able to see blackchickenhost.com just fine
* The website http://www.downforeveryoneorjustme.com/ says it’s just you

I won’t go into all the technical details, but essentially, the server thinks you’re trying to do something mischievous (such as brute force attacking a password,) and has protected itself by blocking the IP. Our stringent security measures help to keep your data safe, but they do occasionally block a legitimate IP address.

Previously, if your IP had become blocked, you would have had to open a support request to get it unblocked. While we do our best to attend to all requests quickly, sometimes there is a delay and you of course want to get your work done. Thus, we’ve added the ability for you to unblock your own IP address without needing to contact us at all. This will only work for servers upon which you have an account, and only authorized Black Chicken Host customers can unblock IP’s.

There are a few steps in involved for security’s sake, which must be performed from the IP that is blocked in the firewall:

https://blackchickenhost.com/whmcs/index.php?m=csfmanager

Then, click “view details” next to the affected hosting account. On the following page, which may take a moment to load, click “Unblock IP” from the menu on the left. If the IP address you are writing from is blocked, it will automatically be detected by the software and the block will be lifted.

Or, you may enter a different IP address to unblock manually.

We are of course always happy to perform this task for you; this self-service option is for people who prefer to unblock themselves quickly.

There are advanced features available, too, such as proactively whitelisting an IP address for a certain period of time, and resellers are able to unblock their clients’ IP addresses, as well.

Please do let us know if you have any questions or concerns; we’ll be glad to help!

 

How to Make cPanel Work for You

Most of our customers never log into their cPanel account; they are completely happy to work within their WordPress Dashboards and never worry about what else might be available. This is, of course, completely fine; however, there are many things inside cPanel that might be beneficial for you to know about.

So! We’re writing this quick cPanel primer to help you learn about some handy features you can access therein.

What is cPanel?

cPanel is the user-level domain management control panel we use on our shared servers (and on many of our VPS and Dedicated servers, too.) It allows users to oversee and manage nearly every aspect of the domain, including backups, email and FTP accounts, bandwidth consumption, statistics graphs, subdomains, software installations and more – all within an easy-to-learn-and-use graphical interface.

How do I Access cPanel?

When you first signed up for your BCH account, you received a “Welcome” email that contained your cPanel URL, username, and password. If you don’t have the email anymore, we can easily re-send it to you.

The format of your cPanel URL will always be “https://” followed by your hostname (something like roost.blackchickenhost.com) and then “:2083” which is the port (to tell the server you want to access cPanel and not some other service.) An example would be:

https://roost.blackchickenhost.com:2083

If you can’t remember your server’s name, you can also use your domain name:

https://yourdomain.com:2083

The one caveat with using your domain is you’ll receive a security warning about the SSL certificate not matching the domain name. This is because the SSL is for our server’s hostname, not your domain – it is completely safe to proceed through the SSL warning here.

First steps inside cPanel

Once you’re in, what your cPanel looks like will depend upon which theme you have selected. Older accounts will have the x3 theme by default, while newer accounts will have Paper Lantern. You may change your theme by using the “Switch Theme” selector on the main page.

Despite cosmetic differences, the functionality remains the same. Most customers are interested in the following cPanel areas:

Backups

cPanel backups are outstanding – they are a full, exact snapshot of your entire account in one handy file. It will contain everything from databases to email to themes to widgets. If something goes wrong with your website which cannot be fixed or undone, reverting to the last cPanel backup will put everything back in place as it was at the time the backup was taken.

We strongly advise downloading a cPanel backup to your home computer from time to time, just in case of the unlikely event something catastrophic occurs within our datacenter.

Our courtesy cPanel backups are very robust, but they are a courtesy service only – they are not guaranteed.

You can access cPanel backups within cPanel under the Files area. If you click up Backup Wizard, you’ll see options to Backup or Restore.

Backup restorations are typically best left to us to perform, so I’m going to skip over that for now, and focus upon how to generate and download a cPanel backup.

Within the Wizard, please click on Backup, and then on Full Backup. On the next page, select Home Directory in the Backup Destination, and then enter your email address in the field below to receive a notification when the backup process has completed. Click “Generate Backup.” Depending upon how large your account is, the backup may take anywhere from 5 minutes to 2 hours.

When you receive the completion email, log back into cPanel, and this time, go into the Backups icon. In the Account Backups drop-down menu, select the date from the backup you took in the step above, and then click Download.

Voila! You now have an off-site copy of your entire cPanel account. It’s easy and worth the peace of mind.

Email

The next area we’d like to discuss is email. If you’d like to set up email accounts under your domain and are not using a third-party mail provider such as Google Apps, you can set up email accounts within cPanel.

Log into your cPanel account, and look in the Mail section. There are a lot of options here, and today we’ll just focus on a few: Email Accounts, Webmail, and Forwarders.

Email Accounts

This is where you will set up new email accounts, as well as editing or removing existing email accounts.

Creating a new email account is very easy. Let’s say I want to set up the address me@mydomain.com. Under Email Accounts, I would enter “me” without quotes in the first text box, and then make sure I have “mydomain.com” selected in the drop-down menu to the right.

Next, I select a strong password and enter it twice. Lastly, I choose how much disk space I would like to have the email account to be able to use. 250MB is the default, and you may enter any whole number in that field, or you may select “Unlimited.”

Click Create Account, and there we are – a new email account!

Changing Passwords

To change the password for an existing email account, we also go into the Email Account area. To the right of the email account, there will be a “Change Password” option. Click that, and enter the new password, then save it.

Once you change your password, do be sure to change the password inside all of your email clients (including on mobile devices!) lest your IP become blocked for too many failed login attempts on email.

Webmail

If you’re having troubles with your email client, or if you’re not on your own computer, webmail is a good alternative. You may access webmail by entering your hostname, followed by :2096 as in the following example:

https://hive.blackchickenhost.com:2096

Your username will be the full email address.

You may also access webmail from within cPanel under the Mail area, on the Webmail icon.

Once you’ve logged in, you’ll be presented with three options: Squirrel Mail, RoundCube, and Horde. I recommend trying all three to see which you like best, as the formats are quite different.

Forwarders

You may also set up automatic forwarders within cPanel. There are two options for these:

1.) Forward an existing email account
2.) Forward an email account that does not exist

There are two important differences here. When forwarding email for an account that does exist in cPanel, incoming mail will be delivered to that email address and then also forwarded to the destination you set up. When forwarding email for an account that does not exist, it will only forward to the destination, and will not be delivered anywhere locally within cPanel.

To set up a new forwarder, simply log into cPanel, go into the Mail area, and click on the Forwarders icon. Click “Add Forwarder,” and then enter the first part of the email address. From the example above, “me” would go here. Then, select the correct domain from the drop-down address.

In the Destination area, keep the first radio button checked and then enter the destination email address in full – like me@gmail.com. Then, click Add Forwarder. Boom! Now all email will be forwarded to me@gmail.com.

Summary

That’s a lot of information to throw out at once, so we’ll wrap this installment up for now. In coming cPanel posts, we’ll tell you about:

Bandwidth graphs
Server-side stats
Subdomains
Addon Domains
Hotlink Protection
CloudFlare
Softaculous

In the meantime, please feel free to open a support ticket anytime you have questions or concerns about cPanel functionality, or any other aspect of your hosting experience.

 

 

CloudFlare: What It is, What It is Not.

Black Chicken Host has partnered with CloudFlare CDN to bring you better load times and increased security at no cost to you.

CloudFlare Certified Partner

What CloudFlare is:

CloudFlare is a simple and free Content Delivery Network which places your website’s content closer to your readers all around the world. By caching your images and other static content geographically closer to your global readers, your website will load more quickly and consume fewer resources on the local server. The static portions are cached on the CloudFlare servers for a short period of time, typically less than 2 hours, after which time they check to see if your site has been updated. If there is new content, CloudFlare dumps their existing cache and starts fresh.

By automatically moving the static parts of your site closer to your visitors, the overall performance of your site improves significantly.

The overall effect is that CloudFlare will typically cut the load time for pages on your site by 50% which means higher engagement and happier visitors.

CloudFlare caches your content worldwide:

CloudFlare CDN Sites

Additionally, CloudFlare can save you money on bandwidth. On average, CloudFlare customers see a 60% decrease in bandwidth usage, and a 65% in total requests to their servers.

How does CloudFlare protect you from Distributed Denial of Service (DDoS) attacks?

Black Chicken Host already has impressive security metrics in place; utilizing CloudFlare’s service improves upon our already outstanding security. CloudFlare’s mitigations offer a broad range of protections against attacks such as DDoS, hacking, or spam submitted to a blog or comment form. What is powerful about the CloudFlare approach is that the system gets smarter the more sites that are part of the CloudFlare community. They analyze the traffic patterns of hundreds of millions of visitors in real time and adapt the security systems to ensure good traffic gets through and bad traffic is stopped.

In fact, CloudFlare was initially developed as a tool to increase website security – and its founders accidentally discovered it radically improved the load times of its customers. Now personally, I find that hilarious. And fantastic.

The CloudFlare servers filter out the bad guys before they even reach our servers or your website, blocking malicious traffic before it can do any harm. But how? Honestly? I have no earthly idea. It just… works. I suspect this graphic is slightly dumbed down:

CloudFlare - how it works?

That’s it in a nutshell – some magical thing happens inside that CloudFlare cloud, and it’s a black box for the rest of us. As long as it keeps working, I’m happy.

So, let’s sum this up:

  • Improved load times
  • Enhanced security
  • Less bot spam
  • Offline browsing potential
  • FOR FREE

Not bad, right?

CloudFlare: What it is not

The CloudFlare service is not an excuse to never update your software or not to use strong passwords. It’s an extension of our already superb security, but it is no replacement for common sense.

It is not a 100% guarantee of no down time, ever. However, should your server experience difficulties (high load, or even being offline for a short time,) CloudFlare can often keep your content flowing to your readers by utilizing their caching service.

It is not Google Analytics. CloudFlare offers statistics for your site, but they will vary from GA (they tend to report higher numbers, due to how they gather and parse the information.) They’re handy to track trends, but are not the best way to measure your audience (definitely use Google Analytics for that.)

Ok, I want CloudFlare! How do I get it?

For Black Chicken Host customers, enabling CloudFlare is as easy as pushing a button (provided you are using our nameservers.)  We are pleased to offer you the CloudFlare service for FREE. There is no commitment. Turning CloudFlare on and off takes two clicks of the mouse in your cPanel account, so feel free to try it out. If you’ve misplaced your cPanel login information from your Black Chicken Host welcome email, please just let us know via a support ticket.

How to Enable CloudFlare in cPanel

The one potential downside to using CloudFlare through Black Chicken Host (as opposed to signing up yourself and having to muck about with your DNS) is you must use www in your domain. Thus, if your WordPress site is set up using http://yourdomain.com right now, we’ll need to change that to http://www.yourdomain.com — this is an easy thing for us to help you with, and is only a matter of aesthetics.

Also, you must use Black Chicken Hosts’s nameservers. Nearly all of our customers already do, but it’s an important item to note.

CloudFlare also offers a paid-for “Pro” version, which of course offers more features and functions. You can read about that on their website. We offer the free version so you can take things for a test drive and see if you like it. If you do, the paid-for version might be something you’d like – it makes no nevermind to us, we receive no commission.

Here’s a short animated video which goes into far less detail than I have here… but it it gives a good overview:

Introduction to CloudFlare

Questions? Comments? Just let us know. If you’d like more information, or if you’d like assistance getting started with CloudFlare, you know we’re here and happy to help!

Best,

Erin D.

Edible Weeds

oxalis - an edible wild plantIf you have ever taken a wilderness survival or wild edibles course, no doubt your eyes have already been opened as to the plethora of freely available, wild edibles right at your feet – often, right in your own yard!

In addition to being incredibly frugal, eating wild plants is healthy, sustainable, and finding them can be a lot of fun, harking back to our hunter-gatherer roots. As with all things in the wild, we have to be certain we have the requisite knowledge to safely partake in this activity, however.

How do I know if a wild plant is safe to eat?

Remember, some plants are poisonous – even deadly in small amounts. We have to be careful of what we eat when its identity is uncertain. Some safe plants have close relatives which look nearly identical to the untrained eye, but are toxic to humans. For this reason, we need to be pretty darned sure we’re eating what we think we’re eating!

Too, some “safe” plants are only safe when cooked, or only have certain parts which are safe, while other parts of the same plant may be toxic. It’s always a good idea to do research before embarking upon a wild edible plant gathering trip.

Here’s how to verify the identity of your plant:

ingham county logo1.) Unless you are absolutely certain you have successfully identified a given plant, you should bring in some additional help. Nearly every county in the U.S. has an Extension Office. What’s an Extension Office? It’s a source of (often free) advice, troubleshooting, and plant identification, among many other things. In our county, it is an extension of Michigan State University, which is widely known for its agricultural expertise.

These offices are generally grant-based, and are staffed with people who really want to help others. I call ours often! They will be happy to help you identify a given plant, and there are some things you can do to help them help you: 1.)Bring in the entire plant, including any flowers, berries, roots, and foliage. If that’s not possible, many offices will attempt to identify a plant from a clear photograph or small sample. 2.) Make notes about its habitat, including sun/shade, soil conditions, and the other plants you see around it.

2.) If visiting an Extension Office is not possible, there are a wide variety of field guides available to help you identify your mystery plant. We recommend the following:

A Field Guide to Edible Wild Plants: Eastern and central North America (Peterson Field Guides) [Paperback] – A timeless classic from the master field guide, Roger Tory Peterson.

 

Nature’s Garden: A Guide to Identifying, Harvesting, and Preparing Edible Wild Plants [Paperback] – This comprehensive book covers not only identification and collection, but also preparation of the plants

 

Edible Wild Plants: Wild Foods From Dirt To Plate (The Wild Food Adventure Series, Book 1) [Paperback] – An excellent resource from a renowned wild edibles expert, also covering everything from identification to preparation.

 

3.) Use our friend, The Googles. Searching for “Wild edible plants” yields a veritable plethora of information, including photos, videos, recipes, and more. As always, when taking advice from The Internet at Large, use good judgment – only take advice from credible resources. I prefer using college and university websites, or established scientists and researchers in the field, with a few ad hoc experts thrown in for good measure.

Finally, when in doubt, don’t eat it!

If you cannot establish the identity of your mystery plant, be safe rather than sorry. If you can preserve the plant for future identification, awesome. If not, take a photo or sketch if possible. Those berries may look delicious, but are they worth a horrible bout of diarrhea, or worse?

If you’re in the wilderness and your survival literally depends upon finding wild edibles, you can always perform the very meticulous and very time-intensive Universal Edibility Test.

mayapple - an edible wild plant

Which plants have you eaten personally, and where are they found?

It’s been many years since I’ve taken any wilderness survival courses, so these days, I stick to the most basic stuff. However, back in the day, these found their way onto my plate:

Paul Wheaton (renowned creator of Permies.com) has several videos online covering the preparation and eating of stinging nettles.

dandelion - an edible wild plantMost of these are easily identifiable, and are abundant in Michigan; in fact, they are plentiful right in our own yard. Last year, I pitched more weeds than I ate, but this year I’m determined to do better. We have heaping tons of lamb’s quarters in our garden – why not make it into a salad green? We have a preponderance of dandelions in the yard, and last year I made salads and a sweet syrup from them – this year, I plan to do the same. Sadly, we don’t have much clover, but after it feeds the bees, it will feed us, too.

The photo below is the atrocious state of weeds in our garden last summer – things were out of hand. Thinking about how I either threw them onto the compost pile or just let them go is disheartening right now, but last year was truly horrible for gardening, and I largely gave up midway through for a variety of reasons. A lot of what you’re seeing below are sorrels and lamb’s quarters – totally edible!

a garden overgrown with edible weeds

Legalities of harvesting wild plants

Some wild plants are protected under the law – this means you cannot legally harvest them for food or for any other purpose. This link lists endangered plants in Michigan, and here’s a handy tool to search your area within the United States. Additionally, harvesting on public lands is often prohibited by local or state ordinance, so check all appropriate rules before you have a conversation with a Department of Natural Resources officer who catches you in the act.  “Take nothing but photos, leave nothing but footprints” is excellent advice when visiting public lands – don’t be a jerk!

If harvesting on private property, be sure you have the permission of the landowner; otherwise, you’re trespassing, and could be in violation of other laws, as well. If you’re harvesting common weeds, check with your friends and neighbors to see if they would allow you to harvest their weeds, thus saving them some work! Be sure to ask whether they have been sprayed with pesticides, herbicides, or fertilizer before you consume them.

Wild Medicinals

We’ll have a post in the future about using wild plants as medicinals/remedies, with expertise from a guest poster. There’s a whole medicine cabinet, likely right outside your window.

Mushrooms

chanterelle mushroomsHunting mushrooms is a science unto itself, and requires even more expertise than simply finding edible weeds. Some mushrooms are absolutely deadly, and have lookalike edible kin. I can’t offer any advice on mushrooming myself, but there are many resources out there; I recommend taking an in-person class which includes field trips. An important part of mushrooming is paying attention to habitat, and noticing subtle visual cues between species. Having an expert walk you through personally is invaluable. Right now, the only mushrooms I know I can identify are morels and chanterelles.

 Wrapping it all up

Wild edible plants are a free source of culinary delight and great nutrition, provided we research our species carefully, prepare them properly (if required,) and harvest them legally and sustainably.

I’d love to hear your tales of using wild edibles, from common back yard weeds to elegant and hard-to-find mushrooms – do tell!