By their own admission WordPress boast about their Famous 5 Minute Installation. There are many web hosts that offer it for free as part of their $1/year hosting package. Its free, takes 5 minutes to install and there are all these dummies guides for WordPress. There are thousands of plugins, and I am smart bloke, I know how to use a mouse, I grew up on the good side of town, so what gives. Why are there Web Designers and Developers out there charging for this. Surely if it only takes five minutes these guys are ripping me off. Hell I can do that job myself, 47 million people can’t be wrong.

At this point in time my sarcasm is shining through, but I can assure you that many people see it that way.

My point is that all too often I see the efforts of web developers and designers severally de-valued.

There seems to be a trend out there that everybody can be a web developer. I installed my own WordPress website, it looks good, so I can now carry on with my normal business.

The job is not done just because you have finished the five minute install. Now your site needs to be maintained, whether it’s WordPress, Joomla or Drupal to name a few. They are all software, and all software has bugs. Tasks such as maintenance, security checks, software updates, patches, backups, optimization all need to be performed regularly. If you don’t do these tasks and more, I can assure you, you will get hacked. Performing these tasks are of paramount importance, but still all too many of them don’t see the value.

I was talking to a colleague today and here is his school of thought.

The more websites that get hacked the better. Just let them install it, don’t worry about security updates, get them to install as many plugins as their hosting package will allow. When they get hacked, and that when, not if, then they will come calling. They will get hacked because they deserve it. These are the consequences for making a bad judgement call and under valuing the industry. I call it the Charles Darwin theory of natural selection off weeding out the wannabe wed developers and webmasters. If they suffer financial loss, then that’s the tipping point by which they see the value of professional web developers and webmasters.

Many people I have spoken to trivialize hacking. They think that hacking is just something 16 year old geeks do to get their kicks. They are a nuisance because they deface your website and put up porn links.

Hacking is organized crime. People hack because, on the internet, crime pays very well !!

The potential amount of vulnerabilities and hacking opportunities that can be found in 47 million+ websites is a goldmine.

It is important to remember that savvy hackers, such as the ones from Ukraine will hack into your site and you won’t notice a thing wrong with your website.

From your site they gain access to your computers, tablets, phone. Here they gain access to your data, steal your identity and can financially ruin you in seconds. Like a mosquito you won’t feel the pain until it’s too late.

If you are not a web developer or webmaster get find someone to do that for you. It will lower your risk of being hacked by having competent resources looking after your site on secure systems. If you are hacked they will know what to do. Think of it as an insurance policy for your online investment.

It was found that sponsored adverts using keywords for Honda, Harvey World Travel, Alpha Dog Training and Just 4X4 Magazine were delivered by Google and led consumers to rival competitor websites. While Google argued that it should not be “responsible for the content of four particular ads on its platform”, the court said: “It is Google’s technology which creates that which is displayed.

This sends a clear message that Google and other search engines using similar technology are directly accountable for misleading or deceptive paid search results. Google, however, is adamant that the advertisers should be responsible for the ads they create on the AdWords platform.

The sponsored adverts in this case pertain to Google AdWords, and the search engine giant is believed to be considering its options as a result of this outcome.

So what does this say about SEO practices?

You could argue that Google are taking the hit for the practices of Black Hat SEO operators. These are people who participate in illegitimate methods and practices to attain favourable results. Contrary to Black Hat SEO (Search Engine Optimization), White Hat SEO (Search Engine Optimization) follows more rigorous ethical standards.

Whilst Black Hat techniques were considered legitimate and widely used ten years ago, these days Black Hat techniques are considered cheating. It comes down to how much risk you want to take for short term gains.

The problem here is that there are too many ways to cheat and to fool search engines to rank for specific keywords. Google does not help this, as they are always changing their algorithms in secrecy and behind closed doors. As Google does not release this information it leaves much speculation and uncertainty about SEO. It also creates a dilemma, as what is a White Hat today, may be Black Hat tomorrow, or the other way round.

For this reason, my advice is to stay well away from anyone claiming to be an SEO expert or rank you at the top. In fact, I would go as far as recommending you go with an SEO company that promises you the least.

Or you can spend several years or research and do it yourself.

I am talking about McAfee and their mxlogic.net spam filtering. This Saas based “cloud based” service filters your mail before your your email server to eliminate junk mail. sounds GREAT right, but if you are an end user and send an email to someone who uses one of your services, beware. Mx Logics mail servers could reject your message without giving you any logical explanation as to what went wrong.

The end user then in frustration calls his ISP.

His ISP looks at the mail server logs and find a similar entry to below

2012-03-06 09:03:52 1S4g0R-0003ac-L5 ** gmancini@blahblahblah.com.au R=lookuphost T=remote_smtp: SMTP error from remote mail server after end of data: host maparchitecture.com.au.inbound10.mxlogicmx.net [208.65.144.2]: 554 Denied [CS] [848355f4.0.125264.00-2360.212489.p01c11m096.mxlogic.net] (Mode: normal)
2

The key is 554 Denied [CS]. Why of course, we all know what that means don’t we,,,,,, NOT.

If not, you can the world-class McAfee SaaS Email and Web Security customer support team on 1-877-695-6442, who are available 24/7, 365 days a year. Great for the minority of people who are not based in the US. After contacting support, their support team is in no position to help you out since you’re not a paying customer of theirs. They ask everyone to “contact the user who you’re trying to send to and have them open a ticket”.

So you cant send them an email, so you have to call them by phone. During the call I strongly suggest you convince them to open a ticket to their accounts department, and request immediate cancellation of this horrible service. This will save you and others hours of wasted time. It will relieve your ISP of having to provide Free McAfee support.

Don’t take my word for it, google “mxlogic.net” and “how to remove listing” to find thousands of articles written by frustrated people just trying to get their user’s email delivered.

If you visit a website and don’t happen to proceed to make a purchase, you’ll then you are targeted to continue to see ads from that website on other websites you visit.

One particular site is LiquidWeb. I don’t know why I visited their site but now I see their adds pushed in my face with just about every website I visit., hence the motivation to put up this post.

So how is this possible?

It seems that good folks at Google have managed to turn Google AdSense into a great success, since it is activated on just about every website I visit. Once I took the bait, every AdSense enabled website simply continues to bombard me with adds for LiquidWeb.

The final answer for me was to clear my browser cookies and cache. I am sure Google and LiquidWeb must be disappointed with my actions of pulling the plug on their game.

So should I really have to delete my cookies just to free myself from this ad.

I am not saying LiquidWeb are a bad company or have bad services. No not at all, in fact I ask you to try it for yourself. Visit them at LiquidWeb and then watch as your Internet experience turns into a LiquidWeb billboard freak show!

If you do use Google AdSense please re-consider using the behavioural retargeting feature.

We have chosen CloudFlare as a partner as they have developed an effective yet simple solution which protects and accelerates websites. Once your website is a part of the CloudFlare community, your users will experience faster page load-times and improved performance.

What is CloudFlare?

CloudFlare is a CDN (Content Delivery Network) with a security layer.

CDN is a collection of servers which are distributed across many global locations to deliver your website content faster and more efficiently to your users. Depending on the users location, CDN selects the server which is nearest to the user and loads your website content from that server.

It works in conjunction with your existing hosting service and caches static content for your site. This lowers the number of requests to your servers. There are several advantages in using the CloudFlare system.

Advantages of the CloudFlare system:

• Site Performance Improvement: CloudFlare has proxy servers located throughout the world. Proxy servers are located closer to your users, which means they will likely see page load speed improvements as the cached content is delivered from the closest caching box instead of directly from our server. There is a lot of research which shows that the faster the site, the longer a visitor stays
• Bot and Threat Protection: CloudFlare uses data from Project Honey Pot and other third party sources, as well as the data from its community to identify malicious threats online and stop the attacks before they get to your site. You can see which threats are being stopped through your CloudFlare dashboard https://www.cloudflare.com/your-websites.html.
• Spam Comments Protection: CloudFlare leverages data from third party resources to reduce the number of spam comments on your site
• Alerting Visitors of Infected Computers: CloudFlare alerts human visitors that have an infected computer that they need to take action to clean up the malware or virus on their machine
• Offline Browsing Mode: In the event that your server is unavailable, visitors should still be able to access your site since CloudFlare serves the visitor a page from its cache
• Lower CPU Usage: As fewer requests hit our server, this lowers the overall CPU usage of your account
• New Site Stats: You have good tools to evaluate human traffic coming to your site, but no insight into search engine crawlers and threats. With CloudFlare, now you do.

How does it work?

CloudFlare powered websites see a significant improvement in performance and a decrease in spam and other attacks. People view your site through an accelerated path that uses the shared security knowledge of thousands of other sites to automatically detect and block malicious traffic.

The end result being that your pages load faster and are more secure.

Unable to fulfil its role as an accredited registrar, auDA gave NetRegistry Pty Ltd its consent to acquire Distribute IT’s .au registrar accreditation and customer base on Wed, 22nd June.

The security attack was so sophisticated and calculated that customer data, emails and websites hosted on four of its servers were deemed by experts to be unrecoverable. Subsequently, Distribute.IT advised that 4800 accounts had been affected by the hack. The demise of Distribute.IT looks well and truly sealed.

Distribute.IT had always been a valuable supplier to Net Solutions. Alex, Carl and the rest of the team were always approachable, helpful and provided superb support. This is a devastating situation, and I sympathise with everybody who lost their content.

So what can we take away from this?

The domain names were largely under control with many resellers hitting the airwaves at whirlpool.net.au. Net Registry’s Larry Bloch and Brett Fenton were there to listen and offer support.

Some 4800 customer websites were totally wiped with no chance of recovery. Even though Distribute.IT had backed up data from their clients’ sites, all the backups were on-site and subsequently targeted by the attackers. Some customers found themselves scraping the ‘Way back machine’ to recover whatever they could.

What I can suggest is backup, backup and backup! Backup your data on the server, backup your data off-site and backup your data locally or to your computer. It’s not good enough that your only backup exists in the same place as your website does. Ask your web-host about backup options. It will more than likely cost you more money, but ask yourself what would it mean if you lost all your data and how much would you be prepared to pay to recover from a disaster such as Distribute.IT’s.

For CMS’s and Blogs use a tool like MarsEdit to write posts and duplicate them. There’s a lot of information and plugins out there to help you backup your data easily and seamlessly.

You cannot afford to be too over-protective of your data.

The original post is at http://wordpress.org/news/2011/06/passwords-reset/

“The WordPress team noticed suspicious commits to several popular plugins (AddThis, WPtouch, and W3 Total Cache) containing cleverly disguised backdoors. We determined the commits were not from the authors, rolled them back, pushed updates to the plugins, and shut down access to the plugin repository while we looked for anything else unsavoury.

We’re still investigating what happened, but as a prophylactic measure we’ve decided to force-reset all passwords on WordPress.org. To use the forums, trac, or commit to a plugin or theme, you’ll need to reset your password to a new one. (Same for bbPress.org and BuddyPress.org.)”

Some people have interpreted this to mean that WordPress itself has security problems which has caused concern from some of our users.

Please note that this exploit does NOT impact individual WordPress installations that individuals have installed through their cPanel or had Net Solutions install for them.

If, in the last week or so, you have installed updates for the WPTouch, AddThis or W3TotalCache I would suggest you check your copy from the repository (or plugin search) ASAP. The particular exploit gained access to WordPress.org and the plugin repository.

There are always risks associated in hosting any CMS but many of these risks you can mitigate through good password management, security updates and choosing a great web host that offers WordPress maintenance.

You also must not forget to do frequent off-site backups to deal with any potential catastrophe.

It is not unusual for self employed individuals such as web-designers, plumbers and electricians to operate using a P.O.Box. They don’t want users to know where their office/bedroom is located if they must publish their home address. To simply assume that businesses who operate using a P.O. Box is illegitimate is just not helpful to small business owners, who are the very people that Google to help.

Lina Paczensky from Google explains this decision as follows:

“Google Places is meant to facilitate customer interaction with brick-and-mortar businesses and service providers. Therefore, the business owner or employee who is officially authorised to represent their particular business location must have a physical address in order to comply with our quality guidelines. P.O. Boxes are not considered accurate physical locations. Listings submitted with P.O. Box addresses will be removed.”

With a major shift towards online local search, a free business listing in Google Places is very helpful.

So what does one do? A few small business owners I know have simply lost their Google places listings as their address was a P.O.Box Numbers?

They were not given the opportunity or notified to edit their listing, instead it was removed and they had to go through the process of recreating a new listing. They need to lease an office or publich the location of their bedroom/office.

Since SMS verification has also removed during the application process, you need to wait for your postcard to arrive.

Have you suddenly found that your Google Places listing has been removed?

If so, we would love to hear from you.

Updates

The only constant thing is change, so as Operating Systems and Virus definitionas get updated, Softwares must also be updated. The Internet is made up of the good, the bad and the ugly. People will attempt to break into your website on an hourly basis and if you fail to secure your website, they will get in. You have to take proactive measures to check and update all software used on your website.

Check

Despite all your attaempts to keep a site perfect some site errors are just inevitable. Broken links, slow page loads, codes or pieces of software that suddenly stop working. All these things can affect the browsing experience for your users. Aside from these, and perhaps even more important, is to check for security loopholes or areas where a website is vulnerable for malicious attacks. This is critical especially if important transactions are being conducted through the website.

Repair and Clean Up

if errors and other defects are found, they must be addressed right away. Installing security patches, new tools and softwares, removing unnecessary programs or even re-writing code maybe needed to keep the website in optimal state.

Back Up

E-commerce and business websites often keep a database of sensitive information. Nobody wants to lose such a valuable asset that’s why having a backup is a must. Websites run on servers and servers are not immune to disk crashes and other faults leaving the webmaster powerless. For this reason proper backups should be performed on a regular basis regardless of maintenance schedule. This is to ensure that when the unwanted happens, a backup will come in handy to save the day.

What is Website Maintenance?

Website maintenance is an activity that aims to keep a website maintained and running as expected. Regular maintenance is critical to the function of a website. Websites, like cars and computers, must be tuned-up and checked for errors to ensure that it will serve its purpose well. Ideally Website Maintenance should be performed on a regular basis.

What Goes On During Website Maintenance Period?

During website maintenance, any one or all of the following may be carried out:

• Check for errors and broken links
• Check for security holes
• Install new tools, plugins and functions
• Update contents
• Update back-end platfom and software patches
• Back up database and content

Because of this, a website may be required to temporarily shut down in order to facilitate these maintenance activities. If this is the case, a webmaster can send notifications to users and readers, put up a “maintenance page” whenever someone views the site, or redirect the visitors to another site or page providing them with limited but important functionalities to ensure that business or transactions will be not halted completely.

Why do websites need to be maintained?
The answer is obvious. A website needs regular website maintenance to function properly amidst update and changes on the internet, malicious attempts and attacks, data server crashes and other online issues.

Why aren’t I coming up first on Google?
We used to be ranked higher, now we are lower, why?

Search engine optimization (SEO) is a technical process that optimizes Web pages to rank high in search engine returns. This is accomplished by optimizing certain sections of web pages so that when read by search engines and, depending on the level of optimization, can create a greater probability of free referral traffic.
Once an high degree of understanding of how search algorithms work, SEO becomes a powerful marketing tool. The end goal is to create pages that contains words for which people will likely search when looking for information such as that contained on your site.

Also, it important to note that when I say search engine, I mean Google. It appears as though the others don’t matter anymore, especially sensis.com.au.

SEO can be a 60-minute job or a recurring activity. For instance, if you are a leader for rare keywords, then you do not have a lot to do in order to get good placement. But in most cases, you will need to pay special attention to keywords used in your pages, because in the eyes of Google, you are an individual just like everybody else.

Here is some free advice

Since SEO relies so heavily on these keywords, the most important keywords and key phrases should be used liberally in the first two paragraphs of the content of each page. They are then sprinkled throughout the body and once again be keyword rich in the last paragraph of every page.

A suggested rule of thumb is to reach for keyword density between 5-15%. Judgment must be used to invoke keywords liberally without getting too repetitive. It may also help to use bold or italics on a keyword or two, but avoid doing this to excess. Another important placement for keywords is in the H1 and H2 header fields of each page. The most important keywords or key phrases should be found here.

Other strategies include naming image files and anchors with keywords. Anchors, also called crosslinks, are references to other pages within the site. Finally providing links to and from external sites, called backlinks is also important, as search engine spider bots navigate by links.

Sounds really easy doesn’t it. Well thankfully there are many SEO companies that will provide this as a service. However, caution should be used in securing a contractor to make sure that what is being promised is feasible, realistic and cost-effective.

But even if you engage a contractor to do your SEO, don’t just expect to be ranked at the top Unless you have keywords that standout ahead of everyone else on the internet.