How To Make Your WordPress Site Unhackable

At Spectruss website security isn’t just important, it’s paramount.


The problem with security on the internet is that it’s unlimited with how much money you can spend and of-course nothing is guaranteed to work.

However, we have found a very low-cost and reliable system (after a lot of work) and I want to share it.

The system is based on our favorite wordpress security plugin: CLEF

The Clef mobile app provides two-factor authentication without you having to keep track of a password.  You download the plugin-in from WordPress and you download the CLEF app onto your phone.  Sync your phone with the Clef Wave to log in.

Aside from not having to remember passwords and two-factor authentication, it’s also free!

Jessica Riley who is in-charge of CLEF’s marketing had this to say when I asked her about CLEF and website security:

Clef provides businesses with fraud protection right where they need it most but control the least; user accounts. As more of our lives move online, Clef has provided a solution that empowers regular folks to act in their own best interest regarding their online security, which in turn fills the security gap that user accounts, and bad passwords, have created for online businesses. Most hacks happen through access provided through user accounts, often due to poor passwords or duplicated passwords across the web. Clef’s mobile cryptography bypasses passwords, removes a frustration point for people, and seals a major vulnerability for online business.

This plugin and app combo allows you to replace usernames and passwords on your WordPress site with your smartphone.

This is how it works:

Download the app directly from the Apple iTunes or Google Play stores.

Then download, install and activate the CLEF plugin from the WordPress Plugin Repository.

When you set up the smartphone app for the first time you create a profile on your phone. Clef uses that profile to generate a new digital signature each time you want to login to your site. Rather than login with a password, your login screen will be replaced with the “Clef Wave,” which you will need to sync with another Clef Wave on your phone.

The smartphone app will then grant you an hour-long session to use your site unless you increase the session time on your phone.  You can increase the time to “infinite” which obviously makes it a little less secure.


After you download the plugin in the WordPress directory you will see this:


Once you set-up CLEF you will see this:

Once you download onto your smartphone you create a PIN:


Now that you have CLEF downloaded to your wordpress dashboard and your phone you hold your phone over your wordpress site:


After you log-in and are set-up your phone will display the time you have remaining.  A benefit I have found is that it forces you to stay focused on writing.  This is why I don’t have the infinite time marked on my CLEF app.

Here is a great CLEF Explainer Video:


Clef from Clef on Vimeo.



We highly recommend you use both WordPress and CLEF for extra security for your website.  If you have any security questions about your website or just want to talk about your website – call or email us at Spectruss.


How To Skyrocket Your Return On Investment For Your Business

einstein quote on email

When company’s want to increase sales, the vast majority just start blindly spending money on advertising.  The irony is that advertising has one of the worst returns on investment for marketing dollars spent. did an extensive study on marketing spending returns on investment.

The design team at Spectruss took the data and made the image below.


Email ROI - Return On Investment

As you can see, email marketing dominates with SEO being a distant second.  Banner Ads are literally in last place for a return on investment.

Most people get intimidated with email marketing – however it’s exceptionally easy to get started.

Here are some places to collect email addresses to quickly build your list.


Facebook Messages

Recently a friend sent me a message asking for my email address.

I instantly gave it to him.

It turns out he is opening up a restaurant and wanted to invite me to the launch party.


Twitter has a very low response rate with just getting customers from this platform.  However, they let you set-up “cards” where someone can opt-in to your email list with just one click.

If you are already active on twitter I recommend this strategy.  You can create a twitter card and use it for free.  We will post an in-depth guide to this in the future.

Checkout Receipt

This should be very easy to do with your check-out system especially if you are online.

What’s more important however is that actual customer’s email is exponentially more valuable than an email from a non-customer.  Ramit Sethi from provided the following statistics:

You can see that it’s extremely valuable to get the email from people who have already trusted you with their money.


Giveaways are a great strategy to build a large email list in a short amount of time.  The key here is to make your giveaway relevant to your core customer.  For instance, if you owned a children’s boutique you don’t want to have a giveaway for a set-of tools.

Landing Page

This is an obvious one that made extremely popular.  The key with a landing page is enticing someone with something VERY valuable.  A limited-time discount code is a great giveaway as well as a free report or checklist.

Don’t overthink what you need to giveaway as an email opt-in.  A lot of people prefer short resource guides compared to large eBooks.


All Spectruss sites are fully integrated with the email service provider Mailchimp.

Do you use email in your business? The CAN-SPAM Act establishes requirements for commercial messages, gives recipients the right to have you stop emailing them, and spells out tough penalties for violations.

  1. Don’t use false or misleading header information. Your “From,” “To,” “Reply-To,” and routing information – including the originating domain name and email address – must be accurate and identify the person or business who initiated the message.
  2. Don’t use deceptive subject lines. The subject line must accurately reflect the content of the message.
  3. Identify the message as an ad. The law gives you a lot of leeway in how to do this, but you must disclose clearly and conspicuously that your message is an advertisement.
  4. Tell recipients where you’re located. Your message must include your valid physical postal address. This can be your current street address, a post office box you’ve registered with the U.S. Postal Service, or a private mailbox you’ve registered with a commercial mail receiving agency established under Postal Service regulations.
  5. Tell recipients how to opt out of receiving future email from you. Your message must include a clear and conspicuous explanation of how the recipient can opt out of getting email from you in the future. Craft the notice in a way that’s easy for an ordinary person to recognize, read, and understand. Creative use of type size, color, and location can improve clarity. Give a return email address or another easy Internet-based way to allow people to communicate their choice to you. You may create a menu to allow a recipient to opt out of certain types of messages, but you must include the option to stop all commercial messages from you. Make sure your spam filter doesn’t block these opt-out requests.
  6. Honor opt-out requests promptly. Any opt-out mechanism you offer must be able to process opt-out requests for at least 30 days after you send your message. You must honor a recipient’s opt-out request within 10 business days. You can’t charge a fee, require the recipient to give you any personally identifying information beyond an email address, or make the recipient take any step other than sending a reply email or visiting a single page on an Internet website as a condition for honoring an opt-out request. Once people have told you they don’t want to receive more messages from you, you can’t sell or transfer their email addresses, even in the form of a mailing list. The only exception is that you may transfer the addresses to a company you’ve hired to help you comply with the CAN-SPAM Act.
  7. Monitor what others are doing on your behalf. The law makes clear that even if you hire another company to handle your email marketing, you can’t contract away your legal responsibility to comply with the law. Both the company whose product is promoted in the message and the company that actually sends the message may be held legally responsible.




Spectruss Presents: Tim Hinck Performing Beethoven’s Diabelli Variations

Spectruss is pleased to announce our collaboration with musician and composer, Tim Hinck, in providing him with a new identity and web presence in time for his preformance this weekend. Starting tonight at the Chattanooga Theatre Centre, Tim Hinck will create a multi-sensory experience for his audience while performing Beethoven’s Diabelli Variations. Exploration and discovery are the fundamental elements of Hinck’s performances, and audience members are surprised every time they step into a performance.

Doors Open at 7:30. Show starts at 8:00.

Don’t miss this multi-sensory experience.