Site Statistics

The Indiana State Library has received several inquiries concerning site statistics on Connect IN sites.  Since self-hosted WordPress sites (such as those used by Connect IN) do not automatically track site statistics, each library will need to implement their own preferred method in order to do so.

Currently, the Indiana State Library recommends using the Jetpack plugin by Automattic, which is also the parent company of  In order to use Jetpack effectively, the library will also need to connect their plugin to a account.

Any library needing assistance in doing this can contact the Connect IN Helpdesk.

WordPress 5 Introduces a New Editor

Those who have upgraded to WordPress 5 may have noticed a radical change to its editor.  The new editor, known as “Gutenberg,” allows for a more modern site design using a new design technique called “blocks.”  More information on Gutenberg can be found on its WordPress reference site.

Unfortunately, having a new editor does require additional training, and tutorials will need time to catch up.  In the meantime, WordPress has established the Classic Editor plugin, which we recommend to all WordPress users until they have the opportunity to learn Gutenberg.

Adding the Classic Editor can be done via the Plugins section, using the “Add New” button, searching for “Classic Editor,” clicking the “Install Now” button, and finally clicking the “Activate” button.

Maintaining Secure Sites

With the recent push towards secure web browsing, all Connect IN sites will now be served over HTTPS.  Previously, HTTPS had been reserved either for user logins or for libraries who had already chosen to switch.  As concerns grow over sites’ authenticity, Connect IN is proactively taking this step towards a more secure experience.

At this time, HTTPS has already been enabled for all Connect IN sites.  Due to this, it is possible that some sites might need some touch ups if there are specific HTTP-sourced images, linked CSS or javascript, or other tags.  In most cases, this only requires changing the http in the source URL to https.  In addition, some browsers—such as Microsoft Edge—may even go so far as to say an HTTPS connection is not secure if some of the images use an HTTP source.

Any inquiries on how to make these changes can be sent to the Connect IN Heldpesk.

Thank you for helping us maintain secure browsing for our patrons.

Security Audit

In Dec 2016, we added required password rules for new Connect IN Email accounts and password resets.  At that time, however, we did not force users to change their existing passwords.

As part of a Security Audit of Connect IN services, we now ask that those who have not changed their Connect IN Email password since before Dec 2016 to please do so before February 1, 2018.

Any Connect IN Email accounts with passwords that have not been changed since before Dec 2016 will lose access on Feb 1, 2018, requiring your Email Administrator to change the password in order to regain access.

To change your Connect IN Email password, please visit the following site:

Thank you for your assistance in keeping Connect IN secure.

Password Resets

Given that Connect IN is run on free software, some additional steps are needed for certain password resets.  We ask that libraries using Connect IN keep the following in mind.

Password resets for a Connect IN Email address are to be handled by the appropriate Library’s designated contact for Connect IN, via the Connect IN Email Administration console.  In the event that the designated contact cannot access the Administration console, new passwords to the console will only be provided over the phone after a verification process.

Password resets for the Connect IN Web service are initially only allowed to be sent to existing Connect IN Email addresses.  In order to allow other email addresses to receive password reset requests, a plugin (such as WP Mail SMTP) must be installed and configured with an existing email account.

Connect IN Security

Since Connect IN hosts a large number of sites, it receives a significant number of attacks against it.  In order to mitigate these, we are continuously revising our security measures to prevent new methods of attack.

If a Connect IN site seems no longer to respond, it is possible that a security measure has been triggered.  (A common method of doing this is to continually guess a password within a short time frame.)  Thus, if this occurs, please provide your public IP address, obtainable through a site such as, to the Connect IN Helpdesk, and we will work to solve the issue for you.

Maintaining secure sites is an ongoing process, and we thank you for working with us towards providing better security for all who use Connect IN.

Dealing With Spam

Spam can be a problem for any email system as spam and/or phishing attacks attempt to find new ways to trick people into clicking their links or opening an attachment.  Connect IN uses multiple methods to prevent spam, but these methods may not always be successful.

The best practice for handling spam while using Connect IN is to keep spam in the Spam folder while keeping any non-spam out of the Spam folder.  Keep in mind it is still possible some false positives may occur.  Checking the Spam folder regularly to remove any false positives should correct this.  By following these guidelines, the system should correctly learn what is and is not spam.