Posts Tagged ‘three months’

17
Aug
2009

What’s Wrong with WordPress?

1 Comment

Welcome to my blog, please feel free to subscribe to my RSS feed, join me on Twitter or leave a comment.

There’s a giant pink elephant in the WordPress forum that nobody seems to be talking about and it’s been staring at my peanuts for the past few weeks, so let’s take a moment to ask ourselves how safe the platform really is.

WordPress, for those who don’t know is a blogging platform turned website manager which makes it fantastically easy to build, deploy and manage websites. It’s the best platform on the market for doing this, and it’s free. That’s a pretty powerful endorsement right? Well, it’s true … except … it the past few months the people who run WordPress and are responsible for it have been getting sloppy. Let’s take a look at some of the recent security holes.

Security Holes

The 2.8.4 release this weekend was due to a newly discovered hole in WordPress. In fact, the whole (which seems to have appeared in 2.8) was so big, it allows anybody with even a basic understanding of web technology to reset your admin password whenever they want. When 2.8.3 was released on the 3rd of August, it was to fix security flaws overlooked in the 2.8.2 release from July 20th. In fact, every release since 2.8 has been to fix major security flaws in the core WordPress application. Here’s how WordPress describes their 2.8.1 upgrade:

WordPress 2.8.1 fixes many bugs and tightens security for plugin administration pages. Core Security Technologies notified us that admin pages added by certain plugins could be viewed by unprivileged users, resulting in information being leaked [emphasis added]. Not all plugins are vulnerable to this problem, but we advise upgrading to 2.8.1 to be safe.

If you think I’m being tough on the people at WordPress, take a moment and read the release reports on WordPress.org, it shows nearly three months of security blunders by the world’s most popular package and if you think that you’re immune, think again. In March, Ashley Morgan who runs Upstart Blogger was the victim of a cyber attack, in June my website was hacked and trashed by somebody promoting links to flu vaccines and earlier that month we suffered hacks on both Tinker Priest Media and my partner’s website BavotaSan.

Ashley’s advice is strong, make sure you update your backups daily and always download the latest security updates from WordPress, especially when they’re released on weekends. Take my friend Chris’s advice and remove reference to your WordPress version, install some basic security on your WordPress blog and always remember that there are people out there who want to hack your site.

Tags: , , , , , , , , , , , , , , , , , ,
Posted in Blogging, WordPress Help

read more
09
Feb
2009

I want to sell you a new website, because you need it.

4 Comments

The other day I was at a business lunch and learn and somebody asked me why I wanted to sell them a website, I couldn’t imagine such a silly question and so I answered him ‘because you need it.’ Sadly, it wasn’t just me being snarky (I don’t get to use that word often enough) it was the simple truth and most likely, you need one too.

This isn’t a sales pitch, you’re welcome to contact me if you feel you need a new website design or help with your WordPress installation and my portfolio is always online if you’d like to see the type of work that I do but I’m not writing this piece to convince you to buy from me, I’m writing this piece to help you understand that you should buy from somebody.

Most websites fall into one of three categories, and each has points that damage your businesses ability to compete in the modern world of technology. Remember, in 2009 people are more likely to visit your website than visit your office. If your website doesn’t fall into these three categories, congratulations you’re one in a million:

Out of Date

Web sites are like living, breathing organisms. You have to constantly feed them and that takes fresh content. Every web page on your website should be reviewed and updated at a minimum every three months for accuracy.  Your home page should change once a week at the very least, which is where a blog comes in handy. Blogs (web logs) are used to promote events and feature news from key employees much the same way newsletters used to reach clients.

Unlike other forms of technology, websites are still relatively young and the basic technology which makes up a website is still evolving. To determine if your website is compatible with the majority of web browsers today, test both your home page and an internal page (such as the about page) with the W3C validator.

Effective modern websites should make use of Cascading Style Sheets and feature tableless design. This is critical to meeting the needs of 10% of the population as websites which feature tables are poorly interpreted by  web browsers for the visually impaired. You can test if your website has tables by viewing the source code of your document (often found under the Edit menu of your web browser) and you can also test the quality of your CSS using an online validator.

Modern websites are not strictly used as online brochures, they are also feature rich tools for social networking. This “web 2.0″ technology allows users to access data from your website using a number of tools including XML (extendable markup language) sitemap documents, RSS feeds and interconnectivity to tools such as Twitter and Facebook. Each of these technologies has it’s own place in making your website a successful online tool for both yourself and your prospective clients.

Difficult to Use

One of the biggest problems facing website owners is a misunderstanding of the purpose of a website. Web sites are sales tools, not technology projects. Web Sites use technology to deliver your message, don’t be a slave to what your web design can (or can’t) do and don’t assume that your IT person knows the first thing about websites.

I have an image in my mind of some printer in the 18th century buying a brand new printing press only to discover it didn’t ship with the letter R so instead of admitting he couldn’t do the job right and hiring another printer to get his clients work out the door, he pinted eveything using othe lettes o wose simply didn’t do it at all. That’s what I think most web designers are doing, they lack the skill to do it right so they don’t do it at all.

Here’s the honest truth, there is no reason your website doesn’t work as well as Apple’s or Dell’s. Go on over to those websites and try to order a computer. See how easy it is to find what you’re looking for? Notice that it’s easy to order? Guess what, they’re using the same HTML as your website uses so there’s no reason your website sucks.

Poor Representation 

Take a good long look at your website, now take a good long look at the business that you’ve spent years building up and ask yourself honestly if what you see on screen is what you want the public to think of your business. Ouch. I have no tolerance for bad web design and even less for business owners who allow it to happen. The web is the great equalizer, you can do anything your competition can do with a website and you can do it faster, cheaper and more often than any other time in history so honesty ask yourself … does your website represent your business in a positive light? If the answer is no, then fire the team you’ve working with and look around for a new team.

Conclusion

So, if you don’t need a new website and you’re proud of what you have … leave a comment with the URL to your site below and I will feature it in a new write up, people need to see great websites.

Tags: , , , , , , , , , , , , , , , , , , , , , ,
Posted in Blog Posts

read more
28
Jan
2009

My WordPress Dashboard disappeared!

2 Comments

So for about the past three months my WordPress Dashboard was completely gone. I swear, everytime I clicked the Dashboard link to the left all  I got was a big white area to the left. It wasn’t that big a deal or I would have worked on fixing it months ago but … it was annoying so this morning I sat down at my computer and fixed it completely by accident.

It seems that the WordPress Dashboard is subordinate to the index.php file located in your /plugins/ directory. How’d I figure that out? As part of my desire to secure my own blog a little more, I placed a blank index.php file in there months ago but this morning I decided to be a bit of a smart ass and change it to automatically tell people to stop looking there … worked perfectly until I clicked the Dashboard tool in WP and was told to stop trying to look at my dashboard which made me look at the URL for the Dashboard link with was index.php?page=index.php

So … long (and fairly dull story short) … placing an index.php file in your plugin folder will over ride your wp-admin dashboard, but an index.html file will tell people to politely stop looking at your code.

Tags: , , , , , , ,
Posted in WordPress Help

read more
04
Jan
2009

How to get a PageRank of 5

55 Comments

For those of you who know nothing at all about PageRanks and Alexa rankings, let me explain that they’re the modern equivenant of a Nielsen ratings for websites. 

Alexa measures your website performance by volunteer users, in effect millions of average people agree to allow Alexa to collect statistics about their surfing habits and from that data, Alexa tracks and monitors activity on the Internet. At Halloween this year, Alexa ranked my website at 2,291,883. Today it’s at 231,354 which is a 1790% improvement for spending about 20 minutes a day on my website.

Google on the other hand ranks your website by looking at who your website connects to and in return, who connects to your website. That’s a pretty over simplified way to look at it but it’s also the general gist of the method. It’s a bit like a popularity contest, Google believes that if websites with high page ranks (the system is from 0 to 10) link to you consistently, your content must be of a certain value.

So now that you understand what a PageRank and Alexa ranking mean, here’s how I earned my respectable rankings in both … (drum roll anybody?) … quality content, consistently posted.

I know that you’re all hoping for a much better answer than that but sadly it’s the truth. My very good friend Chris Bavota jumped from a PR0 to a PR4 in just three months, doing exactly the same thing … he posts great articles that people love to read and he makes sure that he does it regularly.

Chris and I followed some easy to understand advice:

Once that was done, both Chris and I did what any self respecting blog owner would do:

  • we used deep linking techniques to ensure our readers know about related content on our website
  • we posted links to other peoples blogs, helping our readers find similar content
  • we let other blog owners know that we had articles of interest for their readers

There are no scams, no black hat SEO techniques, no short cuts and no tricks. Quality rankings on a quality search engine takes nothing more than a little bit of effort, quality content and the determination to contribute something positive to the Internet as a whole.

Tags: , , , , , , , , , , , , , , , , ,
Posted in Search Engine Optimization

read more