Hello Happy Site Owners! This week’s tips include severely high bot attacks, completely disabling the XML-RPC function on your site, celebrating the return of a fun function in WordPress 4.0, how much a site should cost, the new robots.txt file tester, a super example of how to repurpose content, how wearable tech will change your marketing strategy, hiding your login username, the end of the free ride for Outlook users, how to value your time and set boundaries, putting street view back into embedded Google Maps on your site, working from home with distractions, and for dessert, a super Hangout on Air treat with one of my fave folks. So let’s dive in. Listen to the podcast.
Oh man, things are getting busy around here! And more coming in every day. As a matter of fact, I’m recording this podcast near midnight. Besides full training clients, and new member site request, I’m getting a lot more requests for Site Audits including both security and performance. And I’m so delighted to know that more site owners are taking these things seriously now.
A few of those folks saw the problems and put off the fixes until now. And we’re having to make the changes under duress and here’s why.
Bot Activity Severely High in Sustained Attack
I want to warn you that a serious bot attack has been happening for a week now. You can actually see the shadow of it live on the WordFence home page. The history graph shows that we’ve been approaching the 30,000 a minute attack rate several times in the past week. To give you perspective, a normal day has under 5,000 attacks. So, we’re pushing 5 and 6 times higher on average. The whole Internet is starting run sluggish at this point.
From what else I’ve seen, I honestly believe that new tactics are being tested. I won’t go into details right now, but if you’ve been locked out of logging into your site, and getting an error message that it’s because too many attempts have been made, I want to ask you to please leave me a comment, and tell me what host you’re on and what type of Brute Force security you’re using, like the Login Lockdown plugin or such. It’s going to help us put more 2 and 2 together to paint a real picture of what’s really going on. Like I said, I’ll be making posts on this later. I don’t want to publish too many details right now, and neither does anybody else, since the hackers read our sites too. And don’t worry about them reading your error details. They already know that part.
In the meantime, I want to strongly suggest you go read this post I made back in March about disabling the XML-RPC function. And seriously consider turning the whole thing off, instead of leaving part of it on for posting via mobile or email. I’m also checking to see if turning it all off will affect anything else like social sharing plugin counters or other security plugins that actively report back to headquarters, like WordFence does. So far, certain modules in JetPack seem to be the only things, and posting to WordPress from mobile. That’s the only reason folks were leaving half of it on.
I’ve also sent emails out to my site management clients as well as my full training clients with offers to further batten down the hatches on their sites.
More Security Posts
If you need to get up to speed quickly with what the heck I’m talking about, here are a few more articles that give you an overview, as well as what you can do to protect yourself.
Schedule Your Audit Now
I’m going to be straight up with you. Emergency service on your site costs more and is harder to do than getting it done on a predetermined schedule. If you want to keep your costs down, get an audit, make a plan, and get it done.
I’m so delighted to have been asked back for another round of a super series by +Stephan Hovnanian and +Susan Finch called If I Had a Nickle. This time we’ll be talking about plugins and performance and all manner of things related.
Thank You For Podcast Review
And I want to send a big thank you to Kickncans for such a nice 5-star review of this podcast on iTunes. It reads, “She knows what she is doing and she will speak her mind. If something new is junk, she will tell you it is junk! I subscribe to a few podcasts and this is one I listen to every Tuesday. She will send you to great content all over the web that will make you a better blogger and help you secure and maintain your WordPress site. Great resource about Genesis framework and child themes too!”
Oh, that just warms my heart.
Please do consider taking just a moment to jump into iTunes. and leave your review of the show. It makes a world of difference to this show getting found and helping more folks. Did you know that a lot of other apps count on the reviews in iTunes to display suggested podcasts? Yep, so it really does make a difference, even if you don’t use iTunes to subscribe. Thank you for helping me out with that.
This is NOT the Newsletter
And, just a reminder that this is not the newsletter. It’s the podcast. So, if you subscribed to BlogAid News you’re not subscribed to the Podcast. You can jump on over to the link in the show notes on the site and update your subscription.
Okay, let’s jump into this week’s tips from around the ‘net.
WordPress 4.0 Beta 2 is out
Yay, they heard us! The color picker has been restored to the text editor. There have also been some updates to the grid for the media library, but it has a couple of glitches still. Hey, that’s what these Beta releases are for, right? A bug ticket has already been opened. And, they’re still refining the new plugins admin page. It looks radically different. There are usually 3-4 beta releases before the final version is available to the public. So, it will be a few weeks yet before it’s ready for prime time.
– – – – – – –
How much should a custom WordPress website cost? That’s the question posed by Brian Krogsgard on his Post Status site. I looked over all of the criteria he used, including pricing for freelancers vs agencies, and those just starting out or small compared to high demand folks. He also detailed site size and how much costs are affected by a hard to please client or one that is in a hurry.
Overall I think he listed good averages on everything except the final site cost. It assumes that the theme is completely customized from scratch. In that case, he’s spot on. But, a lot of folks start with a template, such as a Genesis child theme, and have that customized. That really drives down the cost to about half, or even down to a quarter of that, depending on the tweaks.
And don’t forget that all designers are not created equal, no matter how many years they have in the business. Far from it. Most don’t know much about marketing and SEO. They’re going to count on you to be on top of that.
And if you don’t know why one theme will beat another to achieve your goals, then you’re really up a creek.
That’s why I don’t take my training clients theme shopping until the end of the second class. And those classes are three hours each with a lot of homework in between. Armed with that much knowledge, they save a ton on theme design costs and never, ever get ripped off by it.
Redirection Plugin Updated
One of the things that changed was a simplification of the logging options. Honestly, if you don’t need those logs, turn them off. They are a pretty big performance hit. I’ve got a vid tut for how to do that on my to do list, but it’s pretty easy and I bet you can find it just poking around.
You may recall a few Tips Tuesdays ago that I reported +Yoast had fixed the SEO issues on some sites by correcting the robots.txt file. Well, Google decided to make it easier to see such crawl errors by revamping their robots.txt testing tool. And you can read all about it on the Google Webmaster Central Blog.
Content Marketing Tips
Repurpose Content the Right Way
THIS is how to repurpose content. +Ryan Hanley is an excellent role model for how to get the most bang for the buck from a single piece of content. In this guest post on +Social Media Examiner he gives the steps for stripping out the audio of a HOA to use as a podcast. Beyond this, check out his G+ posts of any of his HOAs. It’s full of both helpful info and CTAs. No wonder he has so many followers everywhere.
– – – – – – –
Wearable tech is already here and more is on the way. And this post on the Content Marketing Institute is not just for gadget fiends. It’s a clarion call for content marketers. There are three areas that I think will be affected most and they are:
- and RSS to email
If you’re not doing these things right now and getting a foot hold, then you’re content marketing efforts are going to suffer and give way to those who are doing it. So, start seriously thinking about how you can go beyond even a mobile optimized site and how you can get your content on a platform that is custom made for the wearable tech market. I’ve already got one client that is doing just that and it’s going to explode her member site. She has the perfect audience demographics for it, who are and will be, the earlier adopters of this tech.
Did you know that WordPress leaks your login username everywhere? Yep, always has. And none of the core developers, or any other developer that I know, seems to think it’s a big deal. Listen, if my online banking service decided to make it easy for hackers to find half my login, I’d cry foul, loudly. Well, I consider my site to be my online bank and I don’t like this little oversight in security.
On the WPSecurityLock blog, +Regina Smola has a nice tutorial on how to hide your login name. It does require getting into your database, which is not something I would recommend non-coders to do. But for my geek buddies, have at it. And yes, there are plugins that can do this, but honestly, it’s really something that should be hard coded for real security. I’ll turn you over to the folks on my team who can get it done for you.
Thanks to super designer +Ansel Taft for the reminder that Outlook is ending support for custom domains in free email services.
I don’t use that now, but I am using a pretty antiquated way of doing things that is a left over from Outlook Express and now Windows Live Mail.
Ansel is using the Rackspace Email Hosting service and that’s what I’m looking to move to. They have a $2/mo plan and that’s the one I’ll be testing. Way cheaper than a Google Apps account.
And for making it mobile, Ansel suggested the CloudMagic service. And I’ll be trying my hand at IMAP for that soon too.
I almost hate to admit I’m that far behind with it, but I’ve been focused on sites.
– – – – – – – –
Time is money, right? Yes! It is. I was always careful with my time, but now I’m even more protective of where I spend both my energy and time. And I’m more selective with which clients I say yes to and what jobs I take. I’ve found that it keeps me available to work with folks that are serious about their business and doing that kind of work energizes me in return.
If you struggle with that, you’ll want to read this post by +Nicole Dean on her blog where she several top producers in their niche how they value their time and set boundaries.
The list of folks includes:
- Lou Bortone – Video in a Day
- Terry Dean – My Marketing Coach
- Kevin Riley – Blogpreneur Training
- Rachel Rofe – How To Never Have a Bad Day Again
- Kelly McCausey – Solo Smarts Podcast
- Tiffany Dow – Work Life Balance
- Shannon Cherry – Learn How I Get *Paid* to Attend Events
There’s a wide variety of opinions here, so you’re sure to find one that matches your circumstances.
– – – – – – – –
Amit, who runs the Digital Inspiration Technology Blog has come up with a sweet web app. Embeds of Google Maps no longer includes a street view. Plus, if the viewer is signed in, there are all sorts of personalization windows covering the map. Amit fixed all that with his new web app and it’s just as easy to get the code as Google Maps. And, it’s wrapped in iframe tags. With just a wee bit of CSS you could easily make it responsive too. So jump on over to his site and see the demo video of how it works.
– – – – – – – –
If you work from home and have kids, summer may be a very challenging time for you. Kids tend to provide a lot of unexpected distractions and set your priorities a little differently than you might have planned for the day. On the Get Rich Slowly blog, Lisa Aberle has a nice post about how to get your work done amidst the chaos.
There’s no such thing as getting too much +Ana Hoffman and I was delighted to see her in this super HOA hosted by +Wade Harman where he basically let her have the floor to share with us her super relationship building tips. Definitely my favorite HOA this past week and well worth your time to watch and take notes.
That’s a wrap for this week’s Tips Tuesday.
Please take a moment to jump on over to iTunes, and leave a review. I really appreciate it and your review means so much in helping get the word out about this podcast. And drop by and say hey over on my Google+ page too. I love hearing from you. Be sure to visit BlogAid.net for more tips and resources and I’ll see you online.