Archive

Archive for the ‘Web Hosting’ Category

WordPress Vulnerabilties

October 17th, 2011 No comments

In an earlier article entitled -  ”Are your applications secure?,” I talked about SQL injection threats. It’s a threat that refuses to simply go away.

Just this morning I stumbled upon a thread on a web hosting forum - about an OP (original poster) who had his shared account terminated by his web hosting provider for being hacked twice. He was clearly the victim of the hacks, but the host deemed the OP was responsible for keeping his sites safe, so that his sites would not affect other clients on their server.

The site in question was a WordPress site - with a couple of plug ins activated – nothing out of the ordinary. It was duly noted that WordPress sites attract a lot of hack attempts, and the more popular they are (lots of traffic), the more attempts. Obviously, the OP needs to find another web hosting provider, but his troubles are probably far from over. Should he install the same plug ins on his site at his new host, the hack will most likely reoccur. Why?

One of the plug ins the OP alluded to was - Penny Auction, on which a “hack advisory” was recently issued by ngenuity-is.com.

Recommended plug ins that help fight intrusion attempts:

Login LockDown - Login LockDown records the IP address and timestamp of every failed login attempt. If more than a certain number of attempts are detected within a short period of time from the same IP range, then the login function is disabled for all requests from that range. This helps to prevent brute force password discovery. Currently the plugin defaults to a 1 hour lock out of an IP block after 3 failed login attempts within 5 minutes. This can be modified via the Options panel. Admisitrators can release locked out IP ranges manually from the panel.

WordPress Firewall 2 - This is an updated version of the popular WordPress Firewall plugin, with fixes for all known bugs and a few new features!

This WordPress plugin investigates web requests with simple, WordPress-specific heuristics, to identify and stop the most obvious attacks. There are a few powerful, generic modules that do this; but they’re not always installed on web servers, and usually difficult to configure.

This plugin intelligently whitelists and blacklists pathological-looking phrases, based on which field they appear within, in a page request (unknown/numeric parameters vs. known post bodies, comment bodies, etc.). Its purpose is not to replace prompt and responsible upgrading, but rather to mitigate 0-day attacks and let bloggers sleep better at night.

WordPress Security Scan - checks your WordPress website/blog for security vulnerabilities and suggests corrective actions such as:

  1. Passwords
  2. File permissions
  3. Database security
  4. Version hiding
  5. WordPress admin protection/security
  6. Removes WP Generator META tag from core code
WordPress Updates Notifier - Sends email to notify you if there are any updates for your WordPress site. Can notify about core, plugin and theme updates.
Monitors your WordPress installation for core, plugin and theme updates and emails you when they are available. This plugin is ideal if you don’t login to your WordPress admin regularly or you support a client’s website.

Features

  • Set the interval of how often to check for updates; hourly, twice daily or daily.
  • Sets WordPress to check for updates more often meaning you get to know about updates sooner.
  • Get emailed about core, plugin and theme updates.
  • Chose if you want to be notified about active only themes and plugins updates.
  • Remove upgrade nag message to non-admin users.
  • For advanced users there are a number of filters and actions you can use. More coming soon.

This plugin is a fork of Update Notifier. This plugin was forked because there seemed to be no further development on the existing plugin and there was no way to contact the original author to ask about taking ownership. WP Updates Notifier has the following improvements over Updates Notifier:

  • Completely rewritten from the ground up using best practises for writing WordPress plugins
  • Code wrapped in a class so better namespace.
  • You can set the cron interval, allowing for more frequent checks.
  • Update checks trigger WordPress internal update check before notification.
  • Allows you to set the ‘from address’.
  • Makes use of the Settings API.
  • A number of available hooks and filters for advanced users.
  • Active support and development.

Categories: Blogging, Security, Support, The Editor Tags:

Call to Action Guide

October 12th, 2011 1 comment

A compelling call to action is - the key ingredient in every marketing plan. In post card and email campaigns, you’re limited in scope to a very small space in which to reinforce interest and tip prospects over the edge to buy. So what makes for an effective call to action?

Location Location Location
When my wife and I were writing the business plan for our Salon, she told me our success depended heavily on location. In fact, she repeated location, location, location over and over. Why? In the hair styling industry, you need a constant flow of walk-in traffic to augment your existing clientele – if you want to maximize your growth. It’s not much different cross-industry.

You need to capture your prospects attention immediately
In an email broadcast, positioning your call to action above the scroll puts your message where? In the preview pane ! Lots of folks never scan beyond their preview panes. In a world dominated by immediate gratification, this compares to being in the top ten of search engine results. You need to capture your prospects attention immediately. How? Location ! You want them to be able to simply glance at the preview and click.

Multiple calls to action
Is just one call to action enough? Strategists reason by giving multiple calls to the same action, in different sections of your broadcast, you lend weight to the call. The first call to action may be intriguing, prompting your prospect to read further (benefits/solutions), followed by second call to action that puts them over the top – they’re convinced. If you change up the wording or offer different solutions in multiple calls to action, you risk confusing your viewers.

Words and Emotions
Sales are emotional transactions. Setting the right tone puts your prospect in a buying posture. Using power words that demonstrate force (in your face) and personality make a strong impact. You’re looking to prompt specific reactions from their point of view. And it isn’t just the words – it’s their perception of the words. What’s more appealing to you (on the same product) – 20% off or $150 off? My guess would be $150 off. Why? Because 20% is an unknown quantity – it sounds good, but requires some calculation. I understand $150 off immediately.

Text or Images?
The goal is to draw attention to your call to action. Extensive testing has shown that what works for some doesn’t work for everyone – and changing up between text and images works better than locking into one or the other. A word of caution when using images for your call to action – some readers may have images disabled, so always add ALT text attributes to your images.

Does size and color matter?
In testing, it’s been reported that bright colors outperform other colors, and orange, in particular, does very well. I’ve seen a lot of red calls to action, but subconsciously, red means STOP. A good test to determine if your call to action is the proper size and color is to stand about 10 feet away from your ad and see how easy it is to pick out.

My Recommendation to Increase Click Throughs
Wording is key. Instead of using Buy Now, Buy, Order, Order Now or any similar wording, change your call to action to ADD TO CART. Put it where it’s easily seen and your conversion rates will increase.

Categories: eCommerce Hosting Tags:

Free WordPress Themes Often Contain Hidden Dangers

October 11th, 2011 No comments

I just stumbled upon an article at wpmu.org - that addresses the hidden dangers of searching for free WordPress themes. With over 25 million users, WordPress dominates the blogging stratosphere. While most web hosting providers have some form of quick install for WordPress, most do not offer themes beyond the default – so where do you look for a theme that best matches your business culture, mission, services and products (safely)?

Their recommendation:

If you want to test your theme for hidden encrypted or static info, this article does recommend some tools

Useful Plugins

Categories: Blogging, Design, Security Tags:

What Separates Good Web Hosting Providers From Bad Providers?

October 10th, 2011 No comments

High on my list is the perceived value of support – good web hosting providers have 24/7 knowledgeable technicians on hand, that are not only professional, but willing to go that extra 1% on every call to exceed their clients expectations. Level one techs don’t sit on issues they can’t solve – they bump them to Level 2 to resolve client’s issues as rapidly as possible. Bad web hosting providers tend to hire inexperienced techs that lack customer support skills (the ability to interact with clients), and solve their issues promptly and professionally.

Good providers have experience gained from years of providing – competitive, stable web hosting solutions. In this business, hosts that have been around 5+ years have proved sustainability, while most bad web hosting providers disappear within one to two years. If you’re investing in a viable business partnership, longevity is a huge indicator of stability. Bad web hosting providers are often run by “kiddie hosts” from their bedrooms or by college kids out of their dorm rooms. Don’t expect to see a brick and mortar address on their site, or even worse, expect a response to a service ticket while class is in session.

A good web hosting provider usually has thousands – or possibly millions of dollars, invested in infrastructure. Failing is NOT an option for them. On the other hand, many bad providers started their business on a shoestring, without a business plan or funds to sustain operations beyond a few months. Simply check out the threads on web hosting forums – there’s always distressed hosting providers there for sale.

A good provider manages their resources – with plans that balance services with actual costs, with the long term goal of retaining clientele, and minimizing churn. They understand their limits. They understand turning a profit. They understand ROI.  Bad providers offer services at ridiculously low prices, that fail to provide enough revenue to sustain (or grow) their operations.

A good host tells you like it is – they under promise and over deliver.  They won’t tell you anything you want to hear just to get you in the door. They provide well thought out solutions and NOT just packages. Bad providers lack transparency, often promising features that are limited by clauses buried in their Terms and Conditions.

Categories: Web Hosting Plans Tags:

Reseller Web Hosting

September 7th, 2011 3 comments

Revised

Reseller web hosting – provides a relatively inexpensive solution for newcomers to the hosting industry who want to start their own web hosting company. In this scenario, it’s a type of hosting account in which the “account holder” purchases a reseller or master account on a shared web server, then sells sub-accounts to their clients. They are essentially middle-men or intermediaries reselling services (space and bandwidth) allocated to them by their host.

Reseller accounts are also used by people with multiple - websites (for their own use). The account holder can then adjust the amount of disk space and bandwidth allotted to each site and manage all of their sites via one control panel, such as cPanel, DirectAdmin, HSphere or Plesk.

Reseller web hosting accounts are generally marketed - in different package sizes, allowing the account holder to match their requirements, then upgrade or downgrade as needed.

Advantages of reseller hosting

The web host is responsible for server maintenance.

The account holder controls access to all sites (their sites and their client’s sites) via one control panel.

The account holder can earn revenue reselling web hosting services.

The account holder can assign and modify space and bandwidth to all sites on that account.

With certain plans, account holders can brand their services without the appearance of being a reseller. (No advertising by their upline)

Startup costs are lower across the board.

Disadvantages of reseller hosting

Moving from the current web host can be both inconvenient and costly, both to the account holder and their clients.

They are marginally more expensive than shared hosting plans.

Categories: Reseller Web Hosting Tags:

Colocation Specs

September 6th, 2011 No comments

Bandwidth

 

Data transfer includes all traffic that passes through a web hosting provider’s core routers, including FTP and email. Colocation packages normally include either 1Mbps or 5Mbps burstable connections, measured on the 95th percentile. A 10Mbps connection relates to approximately 3.3 Terabytes of bandwidth monthly.

 

To determine estimated monthly bandwidth for your site, first determine the page size for each page of your website, then estimate how many daily pageviews you project for each. Simply multiply to estimate monthly bandwidth forecasted, allowing for some overhead.

 

Note: A two (2) minute video can easily consume 10MB of bandwidth. As little as 300 downloads per day of that one video can consume 90GB of bandwidth monthly.

 


 
Rack Space

 1U = 1.75″ of Vertical Rack Space

 2U = 3.5″ of Vertical Rack Space

 3U = 5.25″ of Vertical Rack Space

 4U = 7.00″ of Vertical Rack Space.

 

IP Subnets

 

 /30…..4 IP’s – 2 useable

 /29…..8 IP’s – 6 useable

 /28…..16 IP’s

 /27…..32 IP’s

 /26…..64 IP’s

 /24…..256 IP’s

 /23…..512 IP’s

 /22…..1024 IP’s

 /21…..2048 IP’s

 /20…..4096 IP’s

 /19…..8192 IP’s

Categories: Colocation Tags:

The Psychology of Selling Online

September 2nd, 2011 1 comment

Always provide value - The psychology of selling transcends to the psychology of writing online content for revenue producing websites. Essentially, every prospect is searching for what’s important to them and their organization.

Whereas in person, you can tailor - your pitch to their personality traits, like number crunchers or socialites – online it’s impossible to know who has found your site. The common denominator is always VALUE to the end user.

Tell them what’s in it for them - Reaching across a broad spectrum of personality types means touching as many of their senses as possible; sound, taste, touch, sight and smell (or the perception of those). Rarely does selling on price alone work.

Ok, so we can’t taste a dedicated server or smell shared hosting - but wording can sway a prospect’s motivation. Conor Treacy gave a great example in a thread on Hosting Discussion – instead of, “we sell lawn mowers,” use “buy a mower that will make your neighbour @#*^ themselves with envy.” Be descriptive without going over the top, addressing the basics of how, who, why and what. Show how your solution has helped other businesses or organizations just like theirs. Tell them what’s in it for them.

Categories: Business Tips, eCommerce Hosting Tags:
Privacy Policy | TOS