plainbeta

Don’t Get Hacked!

As some of you may have found out, the incredible graphic and logo designer, David Airey, has been hacked.
You can learn more about it on his post: David Airey.com Hacked.
As well as his post on GMail security: WARNING: Google’s GMail security failure leaves my business sabotaged

This brings up some security issues.
What can you do to prevent hackers?
Well, there are many things you can do, so let’s look at them.

First of all, if you’re using GMail - you’re vulnerable. Check out David Airey’s post on GMail security for more info.

Keep Wordpress Updated

If you’re using a self hosted blogging platform, be it Wordpress or something else, keep it updated!!!
Security issues are resolved in almost every update. Don’t leave your blog vulnerable!
If you’re using Wordpress, don’t be daunted by the update process. It looks hard, but it’s not.

Step 1: Back up your files.
This is something you should do periodically anyways, but you should definitely do it before you update. I had a scare once when I was updating Wordpress. I thought I had lost all my posts! I ended up saving them, but save yourself that scare. It’ll add years to your life. (My New Wordpress Disaster)
You can backup your posts by clicking on Manage > Export > Download Export File.
It doesn’t take much, so do it.
I would also recommend backing up everything that is in your wp-content folder. It’s just an extra safety net that helps keep your mind at rest.

Step 2: Download the latest version of Wordpress.
You can download the latest version of Wordpress on their download page.

Step 3: Deactivate your plug-ins.
This is easy. Go to Plugins on your WP control panel, and click ‘deactivate’ on all your plugins.

Step 4: Upload the new version of Wordpress.
This is the scary part.
Upload the new version of Wordpress via FTP - but do not upload the wp-content folder or the wp-config-sample.php/wp-config.php file.
During that process your blog will go down temporarily. Thus, I recommend you do it late at night and use the Maintenance Mode Plug-In.

Step 5: Update Wordpress
Visit blog root / wp-admin / upgrade.php to update your files.
Make sure to do this. If you don’t, your blog won’t work right. I forgot to do that the last time I upgraded Wordpress and I scared myself half to death.

If you want to learn more, visit the Official Wordpress Upgrading Instructions or the Extended Wordpress Upgrading Instructions.

Get Rid of the Version String

If someone knows what they’re doing, they can figure out what version of Wordpress you’re using and hack into your blog through already known security issues.
If they don’t know what version of Wordpress you’re running, then it will be harder to hack and the potential hacker may just move on.
Thus, access your header.php file (which can be found here: Presentation > Theme Editor > header.php) and change this:

<meta name=“generator” content=“WordPress <?php bloginfo(’version’); ?>” />

To this:

<meta name=“generator” content=“WordPress” />

Protect Your Plugins

Again, if someone knows what they’re doing, they can find out what plugins you have installed and get into your Wordpress through potential plugin security issues.
And again, if the potential hacker doesn’t know what plugins you have, then it will be harder to hack.

Therefore, you should put a blank index.html file into your plugin folder (which can be found here: your wordpress root > wp-content > plugins.)

(Thanks Pingable)

Do NOT Share Your Password

Your password is key. If someone gets your password, or can figure out your password, you’re in trouble.
Use a Password Checker and use a strong password.
Don’t share your password with anyone - and don’t have it on your computer.
Have a stack of 3×5 cards next to your computer with your passwords. Do not use a master password or a password management program.

That’s all I have in the way of security at the moment.
Does anyone have any other pointers?
If so, share them!

A New BlogRush?

Remember the BlogRush Hype in Mid-September? And then the big let down? Yeah.
Not to long after that, I urged everyone not to throw BlogRush out just quite yet. The reason being, BlogRush was going to re-vamp their services and increase the traffic.

Well, BlogRush is back!
And not only is it back, but it’s better than ever! Supposedly.

With the new launch, BlogRush threw out a somewhat poorly done, long, and boring video about their new features. I wouldn’t reccomend watching it. But I did, so I’ll share some of the key elements I picked up from it. In the video, John Reese, the founder of BlogRush, explored the stats of Internet Marketing Sweetie - which were fairly impressive. But what was not so impressive was the click through rate. One of her posts was featured on BlogRush widgets throughout the net 1,240 time and was only clicked on twice.

John Reese said they were going to increase that click-through-rate by making bloggers move their widget further up, add yet more catagories (coming this Friday, Nov 2nd) and add a new sister service - TrafficJam.com. TrafficJam will feature the post popular BlogRush Posts and, supposedly, increase the clicks yet further.

Furthermmore, John Reese is saying to not be discouraged by the low click-through-rate, it shall go up. And… Fellow bloggers will click on the widget and find quality blog posts, link to them, and send hundreds of visitors through that link.

So, we have more promises.
Can BlogRush keep them?

My conclusion is the same as before - wait a little longer before casting your final verdict on BlogRush. I think it is a perfect example of launching a product that is not quite ready. BlogRush set high expectations, didn’t meet them, and got dismissed as a failure.
BlogRush still has potential.
We just need to give it a few more weeks.

As you can see, I have added the BlogRush widget to my sidebar again. I am currently on a BlogRush test drive to see if they really did improve it.
I’ll share my verdict with y’all in a few weeks or so.

In the mean time, try it out yourself!
Sign up for BlogRush, and get your own opinion!