| |
Posts Tagged ‘wordpress’
Tuesday, July 12th, 2011
If you know who John Battelle is, then you’re doing good. He’s one of the pioneers of the Internet and actually has quite a following. He recently decided to turn the comments to his blog completely off.
OK, so why should you care?
Because John’s blog, Searchblog, is not on WordPress. And why is that a big deal? As he mentions in the blog post.
Moveable Type’s spam blocking is terrible.
Woops!
Who knew John Battelle was using Moveable Type?
At one time, Moveable Type was one of the leaders in blog platform software. As was several other early blogging platforms like Greymatter. And it surprises me, but people still use that one!
WordPress, however, has emerged as the industry leader in blogging software. There are several reasons for this:
- It is free
- It is open source and therefore easily manipulated for one’s own purposes
- There is a strong support community
- There are tons of free themes as well as premium themes on the market for WordPress
- A virtual marketplace of free and premium plugins make WordPress infinitely more robust
- A huge development community is always at work to make WordPress better
- WordPress has natural built-in SEO benefits
If you know that you are going to start a blog for your business, don’t bother using another software. Go straight to WordPress. In addition to the above benefits, it has the strongest spam protection of any blogging software on the planet. And it’s easy to use.
Tags: blogging, wordpress
Posted in Blogging for Small Business | 4 Comments »
Sunday, July 10th, 2011
More and more, I’m seeing small business websites using WordPress as a CMS. Even churches and community service organizations are using WordPress as a CMS and designing their websites using this free open source software. Is that a good idea?
In a word, there is nothing wrong with using WordPress as a CMS. In fact, that’s what it is.
However, WordPress started out as a blogging platform and branched out from there. The reasons WordPress is such a good tool for building blogs and websites is because it is flexible, easy to use, and has natural built-in search engine optimization benefits. But it helps to know a little bit about web design before you use it.
There are a number of ways you can go with WordPress.
- Many businesses use the default theme, which is limited in its functionality and creative uses.
- A step up would be to find a free off-the-shelf theme that you can use, and perhaps customize.
- Another step up is to purchase a theme from one of the many WordPress theme websites online. You can often find a good theme that is used less than the free themes so it is a semi-original look. But you still need to make sure your theme has SEO benefits. Many don’t.
- Finally, you can go all out and spend money on one of the premium WordPress themes on the market. There are a number of these so shop around.
Each of the above options has its benefits and pitfalls. Some WordPress themes claim that easy design work is possible, but it helps to understand how HTML, CSS, and PHP work together, and if you can program in those languages then you can often build a much better looking and more functional website.
WordPress does make designing a website easier, but there is no substitute for experience. You can often find a WordPress web designer who can design your website for you, then teach you how to upload your own content.
Tags: CMS, SEO, website design, wordpress
Posted in website development | 3 Comments »
Thursday, October 29th, 2009
WordPress comes out with a new update two or three times a year. Should you upgrade to the new version every time?
Most marketers would probably tell you yes. And I think it might be good to upgrade most of the time, but not necessary every time. Let me explain what I mean.
Just a little over a month ago WordPress introduced version 2.8.4. The version was intended to be a fix for security issues found in 2.8.3 and earlier versions and which hackers were exploiting left and right. It was a good time to upgrade so I did. Now, just a month later, they’ve come out with version 2.8.5, a “hardening release.”
So what exactly is a hardening release? More or less, it’s a release intended to heighten the security fix that was attempted on the last effort. In other words, WordPress put out a poor update so it’s time to “harden” it and do it right this time? How do we know this update is any better?
The problem with so many updates is I end up spending all my time updating instead of blogging. So should you upgrade every time a new version comes out? I think you should upgrade every time a new version is introduced – for example, when 2.9 is introduced then you should upgrade.
You should also upgrade as needed in between. Otherwise, don’t upgrade every single time. Only do it when it’s necessary and don’t wait too long because if you go too long without upgrading you’ll most certainly find yourself victim to a malicious hack.
Tags: wordpress, wordpress upgrades
Posted in Blogging for Small Business | 1 Comment »
Thursday, October 15th, 2009
If you’ve been wondering where we’ve been for the last month, let me explain. The blog was hacked and we had some difficult at first detecting it. That’s because the hackers didn’t mess with the face of the blog at all. They only jacked with our Admin area. As a result, whenever we’d log in to make a post we saw a bunch of gobbledygook and it became rather difficult to discern the problem.
After calling our web host, who was unable to tell us what the problem was except that it’s possible their server was messing up WordPress, we decided we’d move to a new host. However, before we could do that, I got sick and there was a long delay in getting the blog moved to a new host before I could get well.
As it was, I had my webmaster take a look at the blog and we discovered that it was indeed hacked, so we fixed it. We’ve decided not to change hosts after all.
But here’s the take away for you: Hackers are getting more sophisticated every day. Not only are they inserting Javascript and malicious code in places that are hard to detect, but they are doing so in such a way that if you find it and delete it then the malware returns in a day or so. Malicious!
Another way hackers are getting in to your website is through the Admin area and all they are doing is jacking with it so you can’t make your posts – not even messing with the face of the blog or the content. So be careful. Protect your blog with hard to detect passwords and be militant in deleting bad comments. It would behoove you also to every now and then go through your subscriber accounts and delete any that are not commenters. Hackers often subscribe to a blog as if planning to comment then use their accounts to gain access to your server folders and drop code in your files. They’ve even been known to change their own subscription accounts to admin accounts to maintain access over long periods of time.
Yes, while you improve your skills, the hackers are also improving theirs. Make sure you increase the difficulty of the delinquencies to succeed.
BTW, look for us to add backdated content to this blog to fill in the dates that we’ve missed – all the way back to September 24. We hope you’ll go back and read those posts as we write them. 
Tags: hackers, malicious malware, wordpress
Posted in Blogging for Small Business | No Comments »
Wednesday, October 14th, 2009
If you find yourself the victim of repeated hacking into your WordPress blogging platform, try deleting your Admin account and establishing a new account with a different name. Hackers often try to guess the passwords of CMS and software account names. The Admin account name is the WordPress default and as such is the most targeted for hacker attempts. Delete it and a part of your problem goes away.
Notice that I said “a part”. Deleting the Admin account won’t solve all of your problems, but if your hacker is using the tactic that was prevalent with the 2.8.3 version of WordPress then it is likely that your Admin account will be a target of a hacker attempt.
Another tactic hackers have used, and this one is much more sneaky, is to set up a Subscriber account and use a bot to turn that account in an invisible Admin account. This allows the hacker to change your Admin settings without your knowledge. Hackers will often then insert JavaScript code into the files of your WordPress themes and it will be difficult to clean up because as Admin the hacker can do anything he wants to your files, including altering them. Here’s how to combat that:
- Delete all suspicious-looking Subscriber accounts in your Admin user area
- Delete any account using the username Admin or a variant
- Set the security settings to all of your folders, in the cPanel area of your hosting account, to Read – uncheck the Write option
It’s important, if you are deleting accounts – especially the Admin account – to move all posts made under that account name to another account holder. So set up an alternative account under a different username before you delete your Admin account. And use a password for all of your accounts that is difficult to guess. No single name passwords. Add some capital letters, special characters, and make it long.
Tags: Admin, hackers, server security, wordpress
Posted in website development | No Comments »
Saturday, September 12th, 2009
I don’t believe in updating every time some software developer comes out with a new version, but I do think now is the time to upgrade your WordPress. If you are on an earlier version of WordPress (current version is 2.8.4) then I think you should upgrade – fast!
There is a nasty worm going around preying on older versions of WordPress. Not all of them will be infected, but if you have an older version of WordPress then you are vulnerable. The worm works like this:
- A hacker registers as a Subscriber to your WordPress blog
- Once in, a bot changes the Subscriber status to Admin
- Malicious code is inserted on the index.php page of your blog
- You can delete the code, but it will come back and every time it comes back it also inserts itself on another page of your blog
- It won’t take long before the malicious code has infected several pages of your blog
As far as I know, the only way to combat this worm once infected is to delete all your Subscriber accounts. You could hunt for the one culprit and delete that account, but it’s a chore. It’s much easier to delete all Subscriber accounts and most of them are likely set up by spammers anyway.
The problem with doing this is that some of your Subscribers are actually legitimate commentators on your blog, not spammers. But they should understand if you explain your situation to them. We’ve recently had to do this on the Small Business Mavericks blog. If you have comments on the blog they are still published, but your Subscriber account has been deleted. We hope you’ll sign up for another account if you wish to continue commenting. And you’ll also need to sign in to your account every time you want to comment. I know it’s a hassle, but it’s a necessary security measure. These WordPress worms are getting nastier.
Now how about that upgrade?
Tags: malicious malware, upgrade, wordpress
Posted in Blogging for Small Business | 3 Comments »
Wednesday, September 9th, 2009
Andy Beal nailed WordPress pretty hard. And he actually makes a pretty good point. Until WordPress works to make its blogging platform more secure so that users don’t have to upgrade every two weeks the fact that you can now have immediate RSS delivery to ONE news reader is a bit irrelevant. Still, RSSCloud or not, I think it is important to upgrade to the latest issue of WordPress. There is a nasty worm going around and it’s not just a scare tactic.
When you see enough blogs get hacked and the blogging platform in need of re-uploading and re-uploading then you’ll value the necessity of the upgrades. Is it annoying that these upgrades come so suddenly and often with WordPress? Yes. But I like having a blog, don’t you?
If you have a WordPress blog I’d encourage you to upgrade to the latest version and if you are more than a couple of versions behind, you’d better upgrade in a hurry.
Tags: blogging, security, upgrade, wordpress
Posted in Blogging for Small Business | 3 Comments »
Friday, June 26th, 2009
Security is very important for any Web business or website. If you have a blog that runs on an open source platform like WordPress, it’s even more important. Hackers tend to target open source systems to gain access and do bad things like drop spam files and so on.
If you want to stop spam from entering your comments area then you need to use Akismet, a WordPress plugin that stops 99.9% of the spam that tries to get through. But beyond that, you can make your WordPress blog more secure by using a password that makes it difficult to hack. If you use a simple password that is a dictionary word then you make yourself vulnerable to hacks and attacks. Make your password longer and more difficult to guess.
A good password should consist of numbers, letters, special chacters, and lower and upper case letters. A word like “wordpress” is not enough as that is easy to guess, particularly by a robot that runs through the dictionary automatically guessing passwords. If, instead, you added numbers and characters as well as upper case and lower case letters then you’d have a more secure password. For instance, “W3ord&p2rEss!4″ is a lot more secure and more difficult to guess. For every character that you add you make your password exponentially more difficult to crack.
Blog security begins with your password. Make it something that is easy for you to remember but difficult for hackers and robots to guess and you’ll be much more secure.
Tags: blog, hackers, passwords, security, wordpress
Posted in Blogging for Small Business | 4 Comments »
Tuesday, August 5th, 2008
Google sent an apology to Blogger.com users for flagging their blog as spam. It occurred to me as I was reading this that this is one more reason to have your own standalone blog. For a small hosting fee each year you can have a blog that is brandable with your brand name and run on WordPress software (not WordPress.com, which is a free host like Blogger.com). It is very inexpensive for a marketing tool.
One popular blog in New Zealand called “No Right Turn” was one of the blogs that was erroneously charged as a spammer by Google, who claims that it was due to an algorithm gone wild. Here’s what Bloggernews is calling the moral of the story:
The moral to this story is that free is not always the best price. Free comes at a cost. And the cost is loss of control. I was pretty upset at the threat of losing two years worth of articles.
Any time you give someone else control over your content you are setting yourself up for a huge let down. And that kind of let down can cost you money. Do you really want to take that risk?
Learn more about blogging at Small Business Mavericks.
Tags: blogger.com, blogging, content, spam, wordpress
Posted in Blogging for Small Business | 1 Comment »
Monday, June 30th, 2008
I agree. Spammers are no fun to hang out with. That’s why you need to be real careful about your comment policy. WordPress automatically makes all links no-follow. That means a link that you create from a WordPress blog back to your own blog does not compute for link building purposes. Get all the links you want and you are not going to help your link building strategy.
But, wait a minute …
WordPress has a plugin. Bloggers who install the WordPress do-follow plugin are setting themselves up for spam. As soon as you make all of the links on your blog pass on the link juice then everybody and pet dog wants to get in on the action. You essentially become the easiest girl in your class. Is that the kind of reputation you want?
I understand the desire for webmasters to want to reward their comments with the much coveted link credit. But know that when you do that you are opening up the spam dam so the flood can rush through. A better alternative might be the plugin that passes do-follow juice only to the top commentators on your blog. New commentators must earn the right to get that juice by leaving well-thought-of useful comments over a period of time.
Sounds like a good compromise to me. I’m sure Matt will agree.
Read why blogging is an essential business practice.
Tags: blog, do-follow, no-follow, spam, wordpress
Posted in Blogging for Small Business | 1 Comment »
|
|
|
|
| |
|
