Tech Tips

How on earth did you create your blog? Part 1

By Sandra Clitter  |  2010/11/17 10:57 Posted in Blogging  |  Comments (5)

Since launching this blog a couple of weeks ago, I’ve had oodles of questions from people who want to know how I went about launching this blog, what they should do to start one, how hard the process was, etc. I’ll give a little background here, then expand on some of the areas in future posts (honestly, you don’t want to read it all at once).

Let me start by saying that I did NOT want to blog any more than I wanted to join LinkedIn (of which I am now an advocate) or Facebook (which I like for being able to connect with long lost friends, but not professionally because I have a B2B [I know, I know…businesses can use it, too]) or Twitter (whose point I don’t totally get yet – sorry – even though I have an account). I had to be shown why a blog would be beneficial to me. In other words, why a blog wouldn’t be more trouble than it was worth.

Ultimately, I started this blog because people often ask me ‘how do I’ or ‘how can I’ questions about technology. People are always looking for easier ways to do things on their computers, or they’re trying to figure out how someone else did something. It shouldn’t be a secret. These should all be ideas/thoughts that we can share. I run across ideas all the time – asking other people how they do something, or reading about interesting tools available out there. Face it, it’s impossible to know everything that’s out there for these suckers! Just like there are thousands of apps for my Android phone, there are literally thousand, perhaps hundreds of thousands or millions of different tools available to help your computing life go easier (or make it more complicated, for that matter – I want to focus on the ‘easier’).

When I decided that the best way to help people, and answer the world of questions that I get, would be on a blog, I set out to find a SIMPLE, INEXPENSIVE way to publish my newly conceived blog. Enter WordPress. That’s what we use here…WordPress.

Why?

1. WordPress is free (yup, FREE). Its free because developers from around the globe have worked to program it…all for free, so we get to use it free. It’s ‘open-source software’ (you might have heard that term elsewhere – it means that anyone who wants to can contribute to the development of the product can do so). People are always working to add to it or improve it.

2. WordPress can be run as a part of your website (that’s what we’re doing here) or on the WordPress website (you have limited control of the setup if your WordPress installation is a part of THEIR site). You just choose before you install. If you have a website that you can access and control, then install your blog as a subset of your own website. If you don’t have control of your website, then it probably makes sense to allow WordPress to host the blog portion of your site.

3. WordPress installs (literally) in under 10 minutes. They say they’re ‘famous’ for it. They were right.

UPDATE 9/8/15 – Someone who read this series of posts on blogging (there are two more after this one) took the time to email me with a link to an infographic that he had created which compares WordPress.org (host WordPress on your site) against WordPress.com (blog hosted by WordPress itself). Check it out – it gives a great visual:

Mike Wallagher’s WordPress.com versus WordPress.org infographic

Thank you, Mike!

(end 9/8/15 update)

4. I have a friend who has a WordPress blog, so I could ask questions. Don’t underestimate this aspect…it always helps to have someone you can call and say ‘hey…do you know how…’

5. You don’t need to be a programmer (remember, I’m not a programmer – I know just enough at times to be dangerous – ask the developers that I work with!)

6. Once installed, you can pick a theme to make the site suit your personality (the one we use here is a theme called ‘7color’ – we think it goes well with the look and feel of the main part of the website)

7. You can post articles immediately upon installation.

If you host your own blog (i.e. download and install it on your own site), you can then customize your blog with tools called ‘plug-ins’.

What’s a plug-in? Plug-ins allow you to customize and add features to a program. For those of you who use Firefox as a browser (among other programs), there are all kinds of plug-ins that allow you to alter the basic Firefox program. The WordPress plug-ins work the same way. Only features that you want to use are installed. You’re not stuck with a lot of features that you don’t understand or want. We’ll discuss the plug-ins that’s we’re using on this blog at a later date (it’s only a few so far – ya gotta give me time, gang!).

A friend of mine who put up a WordPress blog recently summarized it well – the base WordPress site installs easily, but finding/adding plug-ins isn’t necessarily intuitive. The documentation isn’t strong, but the discussion groups are. Remember, thousands of people are working to improve WordPress for no compensation. Therefore, the documentation isn’t phenomenal, but there are fabulous groups of people who are more than willing to help with just about any problem.

So, to summarize Part 1 of our “How did you create your blog”:

First, decide that you have something to share that others might want to read (or watch or listen to).

Second, decide whether you are going to host the blog on your website, or if you want WordPress (or another blog provider) to handle it all (that determines the ‘next steps’). A good comparison of what WordPress allows/does not allow you to do based upon whether you host or WordPress hosts can be found here: http://en.support.wordpress.com/com-vs-org/

Note: WordPress isn’t the only blogging software out there. It’s just the one that we chose. Blogger (found at www.blogger.com is another free blogging software (though I haven’t used it, so I can’t comment on it). Blogger is owned, I believe, by Google, so it’s probably as user friendly as other Google tools. Aweber (www.aweber.com) is a PAID tool ($19/month as of this writing), but allows you total flexibility. I’m sure that there are (literally) hundreds of choices. I chose WordPress because I knew about it, it was free, and I knew people who were using it. Not a scientific decision.

Third, just install it! As NIKE says, “Just do it”. It will NOT create itself. You don’t have to tell anyone you’ve started. Try it out, see how it feels, see if you can find your ‘voice’.

We’ll continue later with more aspects of the ‘how did you create it’, but hopefully, this gives you a good feel that getting started wasn’t hard…the procrastination took wayyyyyy longer than the doing!

Backing up your Outlook files

By Sandra Clitter  |  2010/11/10 12:53 Posted in Business Processes, Email Management  |  Comments (0)

The other day, we had a tip for the group of users who do NOT use Outlook as their primary mail program. Today, we have a helpful hint for those who DO use Outlook (as I do).

I don’t know about you, but I could lose a lot of files on my computer and still be OK – AS LONG AS I still had my Outlook file(s). Most every important document that I work on is e-mailed to someone at some point in time. I can probably count on one hand the other ‘critical’ files I have (those which don’t get e-mailed ever): Quickbooks would be #1, then my timesheet and a couple of Access databases. After that, the level of importance drops radically. I would be devastated if I lost my 5000+ songs for my iPod (I could probably restore those from the iPod itself), but my business wouldn’t come to a screeching halt – the plane rides would just get ALOT longer :-).

My ‘other’ critical files (i.e. those which are NOT Outlook) can fit on a flash drive – no problem. I can copy them to an external drive in seconds. My Outlook file (and archives) on the other hand are humongous. They are many GB…not just a few MB. And trust me, if those files went ‘poof’, I would be beyond devastated. So, it makes it all the more important for me to copy/copy/copy!!! How about you?

Luckily, I have a pretty good backup system. I test restoring files on occasion (probably not as often as I should, but I do test it out). Many people, however, do not have a good backup system, or want to keep a copy of their Outlook files for their own safekeeping. It is easy to do (no more difficult that copying/pasting from Windows Explorer to whatever external storage you would like to use)…as long as you can locate the actual Outlook file on your computer (or server). Aha! That’s the problem!!! Where is the file?

I ran across this article which has a great description of how to locate/copy/restore your Outlook.

I BEG OF YOU!!! Save copies of your Outlook files elsewhere (out of your office/house). You’ll be amazed if you ever have to use them in a catastrophic circumstance…your Outlook contains a vast array of your work history. As you can see from this article, it only takes a second to do.

Setting the default mail client to a web-based service

By Sandra Clitter  |  2010/11/07 15:09 Posted in Email Management, Web Tips  |  Comments (0)

Some people in this world actually do NOT use Outlook as their default e-mail client, but rather use Gmail, AOL, Yahoo, or Hotmail.  In fact, I would venture to say that a large portion of the population uses one of these web-based e-mail clients – at least in their private lives.

There is one consistent annoyance when trying to use a web-based e-mail instead of the ubiquitous Outlook (and, with the cost of Office, more and more people are not investing in this tool, opting for the free OpenOffice suite and web-based e-mail)…and that is when you want to click a ‘mail-to’ link on a web-page, and the computer you are on searches and searches and tries to open up Outlook to send the e-mail – regardless of whether or not you even have Outlook installed on that computer.

You end up cursing the computer, freezing it up, or generally frustrated.  RELAX!!!  Help is one the way :-).

There is a wonderful, FREE tool called GMailDefaultMaker (http://gmaildefault.codeplex.com/) that will allow you to set Yahoo, AOL, Hotmail or GMail as your default mail client.  You install it and forget it.  It does NOT take up system resources.  Simply download, install and forget it.  From that point forward, when you click on a ‘mail to’ link on any given web page, your web-based e-mail client will open instead of getting stuck with Outlook trying to open.

For some reason or other, the tool has not gotten a new name, but it should since Gmail isn’t the only web mail that it supports!

A funny thing happened on the way to my Google search…

By Sandra Clitter  |  2010/10/31 20:10 Posted in Web Tips  |  Comments (11)

Google is an everyday part of my life, as I’m sure that it is for many of you. I use iGoogle for my Home Page (that’s a personalized start-up page on Google, tailored to my specific wants and desires). Its not often that I use ‘classic’ Google. Sometimes I miss some fantastic Google Doodles because my iGoogle page uses the standard Google logo, and doesn’t substitute the Google Doodles.

For some reason, I used the ‘classic’ Google page the other day and was mesmerized by a Google Doodle that was a bunch of bouncing balls. Every time that I moused over the Google logo, the logo disbursed into a bunch of bouncing balls, then as I moused away, they settled back down into the logo. I actually commented on it during the day to a client or colleague…how incredible to have such a recognizable logo that you can afford to ‘mess it up’ on a regular basis. In fact, people COMPETE to mess it up. Now, THAT is brand awareness.

(forgive me, I digress on the way to my ‘real’ point today)

Today I happened upon ‘Google Instant’ which some of you may have noticed if you searched for something using Google yesterday or today…but only if you use the classic home page…not the iGoogle home page. Again, I was ‘out’ of my iGoogle page and on the classic Google home page. A funny thing happened as I started my search…the results appeared directly below what I was typing…I didn’t even have to hit ‘enter’. What’s going on here? Switch back to iGoogle…same old behavior…type the search string, hit enter, get results. Go to the classic Google home page a www.google.com and the behavior is different. What’s up with that?

Of course, I had to search ‘Google Instant’ to find out what was going on. In a nutshell, Google decided that their searches were taking too long (really!?), so in classic Google they have started showing the results underneath the search box as you type. This allows you to scan the results at the same time that you are typing, allowing you to more quickly locate the information you were searching. Google claims that it can save me 2-5 seconds per search (I really didn’t realize that I was wasting so much time!). More astonishing…Google estimates that it will save 3.5 BILLION seconds searching every day – that’s a productivity improvement globally of over 950,000 hours/day! Guess we’ve really been slackers, haven’t we?!

Be careful when relying on Flash for your website

By Sandra Clitter  |  2010/10/31 20:07 Posted in Web Tips  |  Comments (0)

I spent last weekend redoing my website which was only about 9 months old. If you look at it it doesn’t appear to have changed much. The change was to remove Flash from my site and made it strictly an HTML site. Why? There were a couple of reasons. First, because I found Flash very cumbersome and difficult to work in when I wanted to make what I felt were relatively simple adjustments to the site. Second, and perhaps most important, was the fact that Flash does not display on many Smartphones – most notably, the iPhone. So, if someone with an iPhone went to my site, they would get nothing.

Today, articles are appearing saying that Adobe (the maker of Flash) will NOT be releasing a version that will run on iPhones (Apple and Adobe have a long running feud). As portable devices such as various Smartphones (including the iPhone), iPad, etc. become more important in how people reach their information (most particularly the web), this becomes critical when constructing websites.

My recommendation (I believe in renting some of my scars from others and learning from their mistakes), use Flash only sparingly (if at all) on the web…trust me, ‘un-Flashing’ something takes some work!!! Most people aren’t on your website for the ‘glitz’, they are on your site for the content.

Here’s the article about Adobe’s abandonment of the ‘Flash on the iPhone’ project: http://tinyurl.com/y5rspbu

Has your computer ever…

By Sandra Clitter  |  2010/10/31 20:06 Posted in Tech Tips  |  Comments (13)

I could probably complete that line 100 different ways, and someone or someones would answer ‘yes’. We are all too familiar with the quirks of computers. Why does something behave this way on one computer, and that way on another computer? Sometimes the answer is obvious, sometimes not so obvious.

While I enjoy doing presentations (either in person or virtual), I tend to stress on ones that involve my computer, a projector or virtual sharing tool like WebEx or GoToMyPC, and/or Powerpoint. Why? Because something always seems to go wrong. Maybe the setup takes longer than expected. Maybe the projector refuses to display the screen. Maybe my assistant hits a key on my keyboard at an inopportune moment (some of you know that my ‘office assistant’ is a 16 lb. cat who believes that it is her God-given right to sleep across my keyboard whenever she chooses – I know, I know…shut the door to the office with the cat on the outside…got it!). Regardless, ‘stuff happens’. I’m sure that each of you has your own ‘moments’ and stories.

One issue that can happen all too often is that the presentation is going along just fine (maybe you’ve avoided the setup gremlins altogether), and you pause to answer a question, or review a topic in more depth. All of a sudden something catches your eye on the screen. You turn back to look at your computer screen and the photos from the last family camping trip in Yosemite are scrolling across the ‘big screen’. Oops…forgot to turn off screensaver. Or perhaps, the screen has gone black. WHAT THE HECK!!! It was probably the Windows ‘power saver’ settings kicking in to gear.

I just came across a nifty utility that will assist in bypassing such embarrassing moments. It is called ‘Mouse Jiggler’, and it simulates mouse movement, so that your computer thinks that you’re tapping away at the keyboard, and the computer stays ‘awake’. Its a tiny utility that can be downloaded from http://mousejiggler.codeplex.com/. Read about it here: http://tinyurl.com/254abqc. I think that I’m going to like this little guy :-)…I’m hoping it will save me from some embarrassing moments – be they in person or virtual ones!

OK…I’ve heard of ‘road rage’, but ‘e-mail rage’?

By Sandra Clitter  |  2010/10/31 20:03 Posted in General, Tech Tips  |  Comments (7)

Its the end of a long, difficult day. You’re driving home from the office or a client when this numskull cuts you off or almost sideswipes you. Your blood pressure elevates about 50 points, you try to think of suitable ‘retribution’, you come up with a perfect tongue-lashing (remember, you’re in your car), but by the time you have formulated a rejoinder, the offending car is far enough away that you can’t effectively ‘attack’. We’ve all been there. Substitute a careless pedestrian, ignorant shopper, you get the idea.

What ‘saved us from ourselves’? What kept our tongues in our mouth, or our cars in the proper lane? Oftentimes, it is not self-restraint, but lack of opportunity. By the time we knew HOW we wanted to respond, the opportunity was gone…just because the object of our ire kept moving.

Hmmmm…what does this have to do with e-mail? EVERYTHING!!!! I love this CNN article because it is so appropriate. There are times (and we’ve all had them) where we felt attacked via an e-mail. We’re blind-sided by a comment (direct or indirect) in an electronic missive. As the author says, “When was the last time you were driving down the digital highway and felt like you were shot by words?”.

I can think of an instance just last week where this happened to me. E-mail affords us the apparently ‘perfect’ opportunity to respond – often quickly and without thinking things through. The best idea offered? “Back away from the computer”.

Stop. Think. Compose the e-mail response but do NOT hit ‘send’. Sleep on it.

E-mail allows us to ‘knee-jerk’ react. That reaction can just escalate an issue which may (or may not) go away on its own. Imagine if all the people who cut us off on the road (or otherwise maligned us – either intentionally or unintentionally) were as ‘accessible’ as those who ‘attack’ us via e-mail? The world could get ugly – quickly.

Its good food for thought. Just because we have the ability to respond quickly to an e-mail doesn’t necessarily mean that we SHOULD respond quickly. Take your time. Get some perspective. Allow your blood pressure to return to normal. Then, and only then, respond in a manner that allows you to maintain your professionalism and your relationships.

http://tinyurl.com/2vjctq9

Be careful when applying security/anti-virus updates – make sure they are legitimate before clicking!

By Sandra Clitter  |  2010/10/31 20:00 Posted in Tech Tips  |  Comments (0)

Everyone has heard about various internet scams – like getting $1m from some Nigerian if only you hand over your bank account numbers – but increasingly, the scammers are getting smarter, and looking more ‘authentic’, and getting well-educated professionals to fall for their scams. Before you say, “Sandy, I wouldn’t be that stupid…”, make sure you’re aware of the current ploys that they are using.

I probably would have ignored this article (http://tinyurl.com/29tpjsg) a week ago, but two separate people – people that I respect – got ‘snagged’ by scams such as this. I’ll give you the examples…

In the first, a good friend and colleague of mine (a CPA) and I were chatting on the phone about an issue a mutual client was having. In the middle of the conversation, she says ‘Oh shoot (feel free to insert stronger language should you think it appropriate), my computer has a virus!’ When I asked her if her anti-virus software was up-to-date, she responded, ‘Yes, but this is a message from Windows telling me that there is a breach. I just clicked on the button, and it’s fixing it now’. ‘STOP’, I yelled into the phone, but I was too late. The virus (which had been ‘packaged’ to look like it was a Windows message) was already wreaking havoc on her system. Off it had to go to the computer hospital for emergency surgery.

In the second instance, my brother called me (thank goodness) before clicking on a link in an email that appeared to be from his internet provider. The first clue that it was a fake was that it was addressed to ‘Dear Subscriber’, rather than his name. There was no information contained in the e-mail that actually proved that they knew who he was – or which he could use to verify that the e-mail was legit. No account number, no subscriber name. He was insistent that it was legitimate because it LOOKED like the link went to www.aol.com/whatever. I had to explain to him that the link can actually go to www.themostharmfulsiteever.com and be masked to appear as if it were going to AOL. He wanted to click to prove it, and it took all my persuasive power to convince him that if he clicked to prove me right/wrong, then it was too late because he could have unleashed the virus/malware simply by clicking. Ultimately, I got him to stop from clicking by saying ‘If you were so sure that the e-mail was legitimate, why did you pick up the phone and call me?’. That one stumped him, and he decided to believe me.

Anyway, this is a long way around of saying – you KNOW how your operating system (be it Windows, MacIntosh or Linux) delivers its patches, as well as your Anti-Virus/Anti-Malware (be it Norton, McAfee, AVG, or any of a host of others). If it doesn’t look like the ‘typical’ delivery, then DON’T CLICK ON IT!!! Instead, take a minute, take a deep breath, and go to the website (via your browser, not by clicking on a link in an e-mail) of the software supposedly offering the update. Perform your system update via your account on the website, rather than by clicking a link or pop-up. If the update is legitimate, it will get downloaded that way. If you take this additional minute to navigate to the appropriate website yourself, and log in to your account, you will get all the legitimate updates.

That said, McAfee just had a MAJOR meltdown this week. It distributed a legitimate anti-virus update that had a bug in it and wiped out many a computer. McAfee promises to ‘do right’ by its customers and offer them some compensation (I have no idea what, and if you lost a couple of days dealing with the issue, then I’m sure you’re not impressed by the gesture), but it just goes to show that even ‘real’ updates can go awry. Don’t make it worse by accepting illicit update offers.

Quick and easy way to cut your printer ink charges

By Sandra Clitter  |  2010/10/31 19:59 Posted in Tech Tips  |  Comments (0)

I don’t know about the rest of you, but I get really irked at the cost of ink for my inkjet printer. The printer cost me about $1.99 (well, not really, but after several years the cost of the printer is insignificant compared to the cost of the ink that I’ve fed it). The ink costs go on and on. I try to be aware of the environment and recycle all my printer cartridges (gotta love the Staples $3.00 rebate on all HP cartridges), but still, the cost burns.

I DID invest in a printer which has a different ink cartridge for blue, pink, yellow and black (not the names that the ink manufacturer uses, I think that ‘cyan’ replaces ‘blue’ and ‘magenta’ replaces ‘pink’, but you get the idea), which makes printing more efficient. The ‘all-in-one’ cartridges force you to throw them out (or recycle them) before all the ink is gone – you have to replace it when the first color runs out.

But I digress…that’s not what I wanted to talk about today! I came across this article http://tinyurl.com/ybms6tq (and others referencing the same change) which say that switching from Arial to Century Gothic as your default print (in Word and e-mail) will save roughly 30% (yes, THIRTY percent) on printing costs because the font is so much more ‘efficient’. Now, I have no idea what makes a font efficient or inefficient (aside from assuming that bold takes more ink than normal font), but I found this astounding. I believe them, but I’m still shocked.

So, I’ve gone into my default settings in both Word (<Format><Font>, change font, click ‘Default’, say ‘Yes’) and Outlook (<Tools><Options><Mail Format>, click ‘Font’, select new font, click ‘OK’, ‘Apply’ and ‘OK’), and adjusted my font to Century Gothic (these commands are for Office 2003). Hopefully, I’m helping the planet AND saving myself some money :-)!

Is your website safe from hackers? Probably not (but this isn’t meant to be a scary story)…

By Sandra Clitter  |  2010/10/30 22:29 Posted in Web Tips  |  Comments (0)

For the second time in less than a year, I found myself spending time this week dealing with a website that was ‘hijacked’ by someone with less than honorable intentions – it had been ‘hacked’.  What does that mean?  Do you need to worry about it?  How do you fix it if it happens?  While I’m not an expert on web-security, I now have a bit of experience (albeit hard-earned through the remediation of the impacted sites) and I figured that I’d share some of what I’ve learned.

If you have any form on the web that allows users to enter information, then press a ‘submit’ button, your site is probably vulnerable.  Why?  Well apparently, people with evil minds can paste code into the entry fields (e.g. Name, Address, e-mail or other fields), then activate the code by pressing the ‘submit’ button.  Rather than sending you, the owner of the website, an e-mail saying that So-and-So wants more information on your business (or whatever the ‘submit’ button was supposed to do), the submit button launches script that was injected, and “other” things happen.  Those “other” things can be almost anything from a nuisance to a serious breach.  Last year, on my own website, when the hacker hit the ‘submit’ button, they replaced my ‘normal’ home page with one which said “Beware of Palestein”.  Seriously.  They replace my home page with an ‘alternate’ page.  There were images of flames, etc., but the key point was that my site had been hijacked by the Palestinians (or someone claiming to be working on their behalf).

While putting up my original home page again was a snap, the more severe problem created by the ‘evil’ script was that search engines who probe for ‘evil’ sites found the ‘malware’ on my site and shut it down.  SHUT IT DOWN!!  Once I had remediated the problem, I had to resubmit the site (via a process offered on Google) as a ‘good’ site, explain to them what had happened and the steps I had taken to prevent the problem from occurring in the future, and wait for it to be ‘cleared’.  As soon as they cleared it, the ‘good’ site came back online.

The entire process (from when I found the sites had been compromised to when it was back up live) took several days in one case, and over a week in the other).  Bottom line:  You don’t want your site to be vulnerable to such attacks because you can’t afford for your website to go down.  Your website is the ‘front door’ to your business.

So, how do you prevent this from happening to your site?  There are a few simple steps to follow which should help.  That said, remember that hackers are forever working to ‘beat the code’, so they’ll keep trying…you just want to make it more difficult than it’s worth, or to be able to catch the breach before it becomes a problem.  Here are my experience-based recommendations:

1.      Make sure that the passwords used to publish your website to the internet (commonly called ‘FTP passwords’) are STRONG passwords.  We all know what those are – letters AND numbers, upper AND lower case, AND special characters.

2.      If you have a form with a ‘submit’ button, ensure that the person who developed the site employs data validation during the ‘submit form’ process.  What the heck do you mean by that?  Simply put, if someone enters their phone number, make sure that the phone number contains only numbers.  Similarly, a zip code should contain only numbers.  A name field should NOT contain special characters (other than perhaps a comma, apostrophe or period).  Typically, special characters are required to run ‘evil scripts’ (aka ‘malware’).  Even more wide-open fields (like ‘Comments’ fields) should prevent characters such as <,>,|,~, etc.  Most ‘comments’ can be submitted without the use of such characters, but malicious code almost requires that they be included to be effective.

3.      If you have a database that resides under your website, use similar logic as described above – strong passwords, and data validation every time that information is being written to the database.

4.      Visit your own website often (at least once a week) and click around.  Seriously…if you don’t check it out, you might not know if there has been a breach.  A breach will be OBVIOUS (the site works or it doesn’t).  If you have a web-browser OTHER than Internet Explorer (e.g. Firefox or Safari) use the NON-IE browser to check on your website.  Why?  Because internet Explorer continues to display compromised websites far longer than Firefox or Safari do.

Someone who doesn’t know you and hits a ‘roadblock’ while trying to view your site won’t know how to contact you to tell you there is a problem.  I don’t know how long my site was down – it took a friend going online trying to find my e-mail address – to call me and say ‘Did you know…’.  I’m embarrassed to say that my site could have been compromised a month earlier – I probably wouldn’t have known.

5.      Make sure that your website has been formally submitted to Google via ‘Site Verification’.  If you have done this, then Google will communicate with you in the event that they find a web ‘emergency’ on your site.  Trust me, Google may well know before you do if your site was hacked!  In the event of a breach, Google will send you an e-mail telling you if it finds that your site has become infected with malware – letting you know ASAP that you have an issue.

Google sends an e-mail to ALL of the following addresses – make sure that you have ‘real’ people receiving at least a few of these (you don’t need them all, 1-3 will do):  abuse@mydomain.com, admin@mydomain.com, administrator@mydomain.com, contact@mydomain.com, info@mydomain.com, postmaster@mydomain.com, support@mydomain.com, or webmaster@mydomain.com.  If possible, have different people receive the different addresses.  That way, if someone is out of the office, or doesn’t have access to e-mail for a while, the notice won’t be ‘lost’.  Additionally, make sure that ‘noreply@google.com’ is set as a trusted sender (you don’t want that e-mail to get caught in your spam filter).

6.      I’m going to state the obvious, but sometimes the obvious needs to be stated – make sure that you have a pristine copy of your website on your LOCAL computer/server.  Keep it safe and secure.  Refresh it after you make changes to the web, but do NOT use it as your main ‘publication’ folder.  Yes, this means having two copies of your site – one that is a working copy that you edit/publish from.  The other is a ‘pristine’ copy.  After you’ve published changes, when everything is working well, refresh the ‘pristine’ copy from the working copy.  Having this ‘pristine’ copy will save you from accidentally overwriting ‘clean’ pages with ones infected with malware.  If it happens (and there are a myriad of ways that it could happen which I won’t try to go into here), you have only to recover the affected pages from the ‘pristine’ copy.

If you implement all these things, does it mean that your site is ‘bulletproof’?  Nope.  Not a chance.  The hackers are working hard to breach the web wherever they can.  They find new ways every day.  Don’t get wound too tightly on the issue, but use common sense, to try to thwart the ‘bad guys’.  Remember, they’re likely to head to the easier sites to hack – they’re probably not going to invest extra effort trying to get around the roadblocks you’ve put up.  They’re going to go to a site that didn’t take the precautions that you took.  What’s the old adage – the thief is going to steal the car with the keys in it before they try to hot-wire a car.  Don’t leave the ‘keys’ in your website!

Finally, one of the first questions that I asked was ‘Why on earth would they care about SLC Consulting’?  It’s precisely BECAUSE it isn’t a ‘mainstream’ site that they chose it.  From my innocuous site (and the other one that I had to remediate this week fits that same description), the hackers could ‘jump off’ and go far and wide doing ‘bad’.  Then, those ‘bad things’ could, potentially, be traced back to the original site that was hacked.  It really is far easier to ‘take the keys’ and ‘lock the doors’ on the site beforehand.  While It is not a guarantee, it is hopefully, a deterrent.