Tag Archives: Content Management Systems

Search Engine Optimization & Search Engine Marketing

 

Back in the day, SEO was a far simpler proposition. A website owner could put some ‘keywords’ into their website content and maybe write an article or two once in awhile and throw that out onto the internet. You could actually see the result very quickly and celebrate success. You could easily measure this bottom line and take it to the bank. Today is a totally different matter. It’s very sophisticated and ever changing. You could learn it! The Internet is full of online schools, YouTube has free video tutorials, and many articles are posted online for free. Question is, do you have the time or inclination to go and teach yourself how to do this? Aren’t you far too busy doing your own job? Add that to the fact that ‘experts’ are not hatched over night – they grow in experience… they’ve spent time ‘treading the boards’ and they accumulate knowledge. If they do this job full time, they will be staying in touch with what’s happening now, they will not continue to ‘ride’ what worked yesterday.

Q&A

Q: Why should I hire someone to help me with my search engine optimization?

A: Because if you hire someone who actually knows what they are doing, you’ll be investing in the most cost effective way to sell your products and services.

Q: What exactly is ‘SEO’?

A: Search Engine Optimization is a methodical process of getting your website to appear more frequently and higher up on the pages of major search engines such as Google. This means that more visitors visit your website and since they are arriving to your site having been screen for relevance, then SEO essentially translates into more sales…or ‘good conversion rate’ as it’s called. Visitors don’t just ‘hit’ your site, they stay awhile they ‘stick’ on the website and shop. You sell plus they buy equals happy customer, happy company!

Q: How does someone know exactly what to do in order to attract the right visitor who will be more likely to purchase from the site?

A: A good strategist, a webmaster who is informed, makes it his or her business to know how each search engine works, that is, what content is it likely to see on a site & what terms does it respond to when it sets out to look for any given website.

There are so many ways to optimize ‘searching’ a website; the SEO developer can target different kinds of searches such as an:

Image Search
Local Search
Video search
Academic Search
News Search
Q: What are some of the ways n’ means an SEO Expert applies to a website in order to ‘pull’ traffic to it that’s relevant and can be converted into an actual sale?

A: An internet marketing strategist first runs a thorough site analysis. He or she ascertains what, if anything, is obstructing the search engines activities that, when unencumbered, can more easily pull traffic to the site. Some of these obstructions are the following:

How is the website coded? Is it up to speed, as in the current HTML5 Google preferences? A website is in essence – cyber architecture. There are ways into the site and exits just as there are ways to go in and out of a house.

Are there keywords that need removing or adding to enhance the websites indexing activities.

Is there video production content on the site and is that video encoded so that the search engines can locate and index it?

Does the website development have back-links to assist it in being indexed?

The technician can also detect an unfavorable ‘Crawler ‘, that if left unmanaged can hinder the websites development on the internet. They can submit and place code to tell the ‘bot’ to not crawl the site.

Q: How does the Webmaster determine whether you should buy online advertising?

A: There are many types of analytics that help determine what type of advertising, if any, needs to be included into the SEO & SEM activities. Pulling this information together is like a harvesting process, then you must site and sift thru what’s working and what’s not working.

Google states that there are more than 200 indicators they employ when searching for and indexing websites. How many do we know, is a good question!? Lol If we build websites and launch them to sell our products and services, then wouldn’t it make sense to put a bit of effort into getting the website found?

It’s shouldn’t surprise anyone to learn that the very way in which the site is built can help or hinder it’s performance. The website development, what code was used, what content is on the site, how it’s initially registered in the search engines determines a lot about how it’s indexed. Think ‘filing cabinet’ here…search engines are methodical devices that only understand pure logic. They do not go into the file folder that says “J” and look for “S”.

There is a way to build, maintain, and manage a website that can reduce your sleepless nights and move more of your product.

The main obstacle towards hiring an SEO Website Developer is a very understandable one; it’s a reatively new industry and knowing when and who to hire is often a major stumbling block. To the novice, until you see your sales increased, you haven’t a lot to go on except the monthly statistical reports regarding the websites activities.

Besides, if you are a small business owner, you built your business a brick and a board at a time… sweat and sacrifice a plenty! So, if you’re a typical small business owner, you’ll not part easily with your money. You may even be tempted to stick with the tried, tested and true local press, media and yellow pages! Not a good idea. Not today. Today, you need to be online, with a strategy and at the very least video content on your website.

Do yourself a favor: Do it right from the start. Get the website built/ constructed correctly, hire some help to draw up a strategy / a plan and work the plan.

One way to understand SEO & SEM and how they actually works is to visualize the inner parts of an antique watch. Every wheel or gear is connected to another one…and sometimes one gear can move six other wheels and gears. If one of those gears or wheels is ‘hung-up’, not turning at all, then everything that follows on is also stagnant. Could you imagine anything more futile than winding up a clock, by using it’s stem, winding and winding…when the clock has no hands to turn on the face of it? How would you ever know what time it is. This is exactly what happens when you hire a so called website developer who cannot prove to you that they have generated sales for their clients.

An SEO Web Developer is worth their weight in gold if you find an honest and committed one. Ask and get referrals; if they are good, their clients will be able to show you results from their efforts. Don’t settle for someone who just exercised their bragging rights. Search until you have one who has proved their worth by making their clients money.

Pay attention to the results the SEO Website Developer puts in front of you. Let them measure continuously….harvest the websites data, trim what needs trimming, add what needs adding and don’t pinch pennies if they suggest to you that you need to modify certain features in your website. The environment that we call the ‘internet’ is dynamic…it changes all the time and some of these changes are crucial and need to be applied to your website.

Let your webmaster cultivate the website within the arena you want it to grow in.

Then you can count your money! Play another round of golf, get to the kids baseball game on time and still be able to take your spouse out to dinner and get up late the next morning!

Do this:

Hire the same quality of expert as you are, hire someone who works as hard as you do to stay ahead of the game… hire them and then take their advice, and let them do their job.

Attacks On WordPress Websites – Is It A Hoax?

Wordpress Website Under Attack

Matt Mullenweg (WordPress founder) recently posted in his blog “Right now there’s a botnet going around all of the WordPresses it can find trying to login with the “admin” username and a bunch of common passwords, and it has turned into a news story (especially from companies that sell “solutions” to the problem)…”

Here’s what we know. We currently lease a large, high speed server for the 53 WordPress websites we manage for our clients. On Thursday April 11, around 12 noon we noticed the server response time was slightly slower than usual. When we checked our server load we found it to be significantly higher than normal. Upon further investigation we noticed a large number of hits to the file wp-login.php on nearly every website on the server. We immediately called our server farm. We were informed this was occurring on every server in the farm with WordPress installations. Needless to say we dropped everything to ensure all of our wordpress installations were secure.

While there have been many reports about these attacks floating around the internet, it wasn’t until today we received verification from credible sources as to the nature of these attacks. Around 6:00am ET today, BBC News released a report stating “WordPress has been attacked by a botnet of ‘tens of thousands’ of individual computers since last week, according to server hosters Cloudflare and Hostgator.” This evening, NBC news released its report stating “WordPress, a popular blogging platform used by individuals as well as big businesses including UPS and eBay, is the target of a widespread botnet attack.” NBC news continues by saying “The vulnerability that allows hackers to get into WordPress accounts and take them over for other purposes: user accounts where the word “admin” is the username. The advice for immediate action: Change admin to a different — and much stronger — username immediately.” Unfortunately, while this is great advise it will not completely protect your WordPress installation from this attack.

The clincher is the alert we just received from The Department of Homeland Security’s Computer Emergency Readiness Team (US-CERT). In their alert, The Department of Homeland Security stated “US-CERT is aware of an ongoing campaign targeting the content management software WordPress, a free and open source blogging tool and web publishing platform based on PHP and MySQL. All hosting providers offering WordPress for web content management are potentially targets. Hackers reportedly are utilizing over 90,000 servers to compromise websites’ administrator panels by exploiting hosts with “admin” as account name, and weak passwords which are being resolved through brute force attack methods.” They go on to say “CloudFlare, a web performance and security startup, has to block 60 million requests against its WordPress customers within one hour elapse time. The online requests reprise the WordPress scenario targeting administrative accounts from a botnet supported by more than 90,000 separate IP addresses. A CloudFlare spokesman asserted that if hackers successfully control WordPress servers, potential damage and service disruption could exceed common distributed denial of service (DDoS) attack defenses. As a mitigating strategy, HostGator, a web hosting company used for WordPress, has recommended users log into their WordPress accounts and change them to more secure passwords.”

While we have much respect for Matt Mullenweg, his attempt to downplay this attack is both foolish and dangerous. This attack is real and widespread. If you have a website powered by WordPress, you need to take steps to secure your installation now! Here is the minimum you should do to secure you website:

  1. Make sure your WordPress installation and all of your installed plugins are updated.
  2. Make sure your administrator’s password is secure. We recommend at least a twelve character password with at least one lower case letter, at least one capital letter, and at least one number.
  3. If you have a user account with the username “admin”, create a new administrator account with a different username and remove the old “admin” account.
  4. Install the security plugin WP Better Security. Activate the plugin. Go to the settings page and set up the plugin with the “basic” settings.

Completing the above steps will protect your website from being hacked, however do to the large number of ip address used by the hackers, you will still be vulnerable to hacking attempts. As we stated in our previous posts, the hacking attempts can put an extremely high load on your server causing your website to load slowly, and possibly crashing the server. The WP Better Security settings need to be tweaked to further protect your website from this threa.  We will post the details of these tweaks in an update tomorrow.

Our reply to Matt, there is a real news story here because the internet is facing a serious threat, and we are not selling a solution. The solution is in the above steps and the FREE plugin WP Better Security. Also, we do not have any association with the developers of the above plugin. We just know it works and want to help protect the internet for everyone.

Worldwide Attack Now Targets Joomla And Drupal Sites

WordPress Joomla Drupal Under Attack

If you manage or own a website on a content management systems (CMS) you know that invalid login attempts are an everyday occurrence. We see literally thousands of invalid login attempts from dozens of different IP addresses in the course of any given day. This is considered normal. However hosting providers worldwide are reporting they are seeing a systematic, well organized attack. The attacks on content management systems are well above average and often times at catastrophic levels.

This attack started on or about April 8th, but the hackers became extremely aggressive overnight on April 12th. They have already shut down 10’s of thousands of servers running WordPress. They have also affected the performance of many other servers. The attack started with WordPress installations, according to Sophos EndUser Protection (a major player in the web security industry), Joomla and Drupal website are now also getting hit.

The attack began with a botnet made up of at least 90,000 hacked home based computers. This is not a “brute force” attack like we see every day. This onslaught is using what is known as a “dictionary” attack. This is where the hacker uses a list of the most likely usernames and possible passwords and tries those in very quick succession. Even when the attack fails, the load the attacks on multiple websites puts on a server can cause it to crash.

The early indications are that hackers are installing malicious scripts in the content management systems that have been compromised. These malicious scripts turns the infected website into an attacker to hack other websites. This is the reason this attack is going viral. According to Matthew Prince, the chief executive of web hosting company CloudFlare, these hackers are causing much more damage because the infected servers have large network connections and are capable of generating significant amounts of traffic for the attackers.

If you have not already done so, we strongly recommend you take the following steps to protect your wordpress installation:

  • Make sure your WordPress installation and all of your installed plugins are updated
  • Make sure your administrator’s password is secure
  • If you have a user account with the username “admin”, create a new administrator account with a different username and remove that old “admin” account
  • Install the security plugin WP Better Security
  • Other ways of securing a WordPress website can be found here; https://codex.WordPress.org/Hardening_WordPress

These additional steps can be taken to further secure WordPress websites:

  • Remove README and license files. This is very important since this exposes version information
  • Prevent reading of the htaccess file
  • Limit access to wp-admin.php and wp-login.php to your IP address
  • Move wp-config.php up one directory and change its permission to 400

We will continue to monitor this attack and we will post updates as more information becomes available.