Thick or Thin Affiliate? Work vs Worry
The thick and thin of affiliate marketing often comes down to a trade-off between work and worry.
Work: The work and time it takes to build good authority sites with high visitor value and long lasting serps positioning.
versus…
Worry: The stress over when those quickly ranked machine gun affiliate traps, slick redirects and frame pages will get nerfed or even flagged as spam.
Whether you’re designing an affiliate internet marketing plan from scratch, or if you already have affiliates sites deployed, you always need more testing and feedback to monitor your conversion-path effectiveness. The most common ways to adjust are spinning and split testing pre- and post-click components like ad copy, anchor phrases, and landing page copy. But if you operate networks of thin affiliate sites you are very limited in how effective your spin-post-test cycles can be since the goal is direct injection into the sale channel from the initial search click.
Thin affiliate sites have minimal original copy and limited visitor value. It’s tough to bring them up the serps and get these kinds of pages organically ranked. No kidding right? No not really. The cause-effect relationship between value and organic ranking is made more difficult by the constant adjustment required to address ever changing search algorithms and ever increasing human-assisted page ranking.
Site Hacked? What its All a Bot
A client recently reported some strange entries in their website statistics referrer logs. The entry was from a bot probe by a nasty outfit that is up to all sorts of evil malware stuff. The issue did raise a good questions about the security of sites and what even novice webmasters can and should do to protect themselves from site compromise.
Bot probes from a slimy outfits are common. Properly secured systems will block offending IPs but the attacking bots switch IPs all the time. This form of vulnerability probe or referrer spam is very common — just like email spam. We do everything we can to prevent it but that does not stop the evil bastards from trying… all the time.
This is why it is so important to have a strong password and to change it every few months. You should also look around in your site file structure frequently for things that don’t belong — like .c files or .exe files or even php files that you did not install. I recommend you check your site once a week for this kind of activity.
Remember, no matter how secure our servers are, your website is an open door to the world and malware developers have a powerful monetary interest in gaining control of your server resources to make money. The days of malicious teenagers gleefully scrambling your home page and laughing through a mouth full of hot pockets is long gone. Hacking websites to install malware is serious (and big) business.
So it’s also up to you as a webmaster to make sure you don’t let these demons in the door.
By the way. Take care which backlinks you click on while scanning your stats reports. That is one way referrer spam works. The malware developer creates an attack routine and embeds it in a web page. Then they deploy botnets to spider websites constantly — leaving nice little fake ‘visitor’ entries in the log files and stats. Then if you click on the link to see who visited you the malware site hits your machine with a payload. Even though you may have a great antivirus / antimalware program, pages can be constructed in ways to overwhelm your computers resources and tie up your system as the payload is being installed.
It’s a jungle. Don’t let your website become part of the food chain.
As always we’re, At Your Servers
Dwayne
FTP Exploit – Back Door to Your Website
Recently a client reported the heder.php exploit had infected their website. They needed help with the cleanup, so we got them back online, but they had questions like, “How did these files get onto my site?”
First understand that heder.php is just one type of site trojan. There are many flavors of this type of site exploit and they have some things in common, so it might be worth a blog post to cover them.
These kinds of exploits compromise your hosting account. Then they install malicious code into your html pages. They also add some entries to your htaccess file to redirect incoming traffic to the payload. Usually the payload is a version of the same exploit so the code can spread to the next victim.
So now we know how you get it… Basically, this exploit is usually dropped onto your machine when you visit an infected website. It will overwrite a Microsoft ActiveX file on your machine — which is how it hides from your antivirus. (Yes as usual it’s a Micro$oft exploit).
So what does it do?
In the background it scans for usernames and passwords. If it finds them it steals then and uploads them to the hackers. If it finds FTP credentials it uses those to upload itself to your websites and inject some code into your home page and write some backdoor ssh access files into your server space. This is how it spreads – once it is on your website, anyone who lands on it gets the new code and the process starts attacking their machine.
I have anti-virus software so I’m safe right?
Nyet! Most Antivirus software cannot find it because it is more like spyware. Also it hits your machine via php and javascript code and those are functions your web browser uses all the time — so a firewall is useless to prevent this. Since it hacks an activex helper it hides really well from scanners.
Okay so why do people do this crap? Why me? What do they get out of it?
The hackers make money by retrieving your other credentials (usernames and passwords to banking sites, credit cards etc…) as well as personal info (your SSN, address, phone numbers, etc) and then it uploads them to a public board in encrypted form that only the original programmers have the decrypt key to. So all your data is uploaded to a public forum and the hackers pull these files daily and decrypt them. Then they:
- Sell your email address to spammers
- Sell your personal info to identity thieves
- Sell your credit card details to fraudsters
- Share your exploited ftp details with partners who now have write-privilege to install other payloads to your website…
- Then they post teaser code to boards to help other hackers develop better code.
As a webmaster you should always keep a close eye on your security — particularly ftp credentials. FileZilla is one popular ftp client that is taking a big hit because it stores your credentials in unencrypted format. So if you manage 10 websites for clients and use FileZilla for FTP – you could be at real risk. FilaZilla is an excellent Windows FTP client, but please do not store your passwords in it. (Uncheck the “Save Password” box in the FTP profiles and keep a separate encrypted list of site credentials.)
Hope this helps…
Install a Custom WordPress Theme
So you have your own blog using WordPress and want to install a custom theme. It’s easy to do — depending on your web hosting platform and how it is configured.
The easiest way to do it is using cPanel control panel. If your host has this control panel it’s follow the instructions. If your host does not provide cPanel contact me and I’ll get you fixed up. As always, I’m At Your Servers at Gmail. 
Issues: Installing a new WordPress theme is a low impact process and at the most you may have a compatibility problem later if an update includes functions the custom theme does not support. In that very rare case you can revert back to the stock theme while you get a new custom one — or have it adapted for you.
Make sure you get your theme from a reputable site! There are many sites out there that do a shabby job of theme building and are only providing free themes so they can embed links in them to monetize your traffic — or worse. So use the WordPress theme directory or some other mainstream site to make sure it’s safe to download your dream theme.
Once you have acquired the zip file, upload it into your hosting storage area using the cPanel control panel. I recommend using the ‘File Manager’ feature of your control panel instead of an FTP client because the control panel application will unpack the zip file for you making theme installation virtually effortless.
Ready to rock? Let’s get started. Step by Step…
Still Stuck with Stone Age Dialup?
Recently I’ve been having to deal with a client who lives in a remote area and is using a dialup internet access account.
His heart is in the game. He is working hard to promote his program and is making the right moves to stay connected socially. He has Twitter, Facebook, LinkedIn etc… but what he does not have is a good solid Internet connection.
Grrr. So I’m chipping away at him to get with one of those internet satellite providers that are always advertising on TV. Don’t get me wrong this client has money. He is not afraid to invest in his business and Internet marketing program, but he is hesitant to get a broadband account.
These day – I keep telling him — you just have to have broadband to do anything worthwhile. How are you going to manage a viral video campaign if you can’t stay connected long enough to watch a Youtube video (much less upload one). This is just one example of why he needs to just take the plunge.
I hooked him up with a link to myWildBlue so he can get started. It’s about $100 to get set up and starts at $50 per month. This is nothing for a marketer — particularly when it give you the freedom to run a mailing list, chatrooms, and other broadband features. Plus it frees up your phone line.
Since most of the folks who read me already have broadband, guess I’m preaching to the choir eh? LOL
Dwayne
Microsoft and Yahoo!
Well the talks are off for now.
Tempers flared, ties loosened and negotiations abandoned…at least for the weekend.
Let’s call the whole thing off shall we?
The proposed Microsoft purchase of Yahoo! may make for good theater, but it’s more disaster film and corporate drama. When two 800 lbs gorillas try to dance, someones banana always gets stepped on. The latest snag Friday was an insurmountable + $4 share demand that Yahoo! won’t budge from and Micro$oft wont meet. So get ready for banana splits all around this week.
This is one time I say, ‘Can’t we all just NOT get along?’
Microsoft buying Yahoo! will be just another super merger that makes the web smaller. The bigger these monsters get, the more narrow the public data pool becomes.
No, I’m not wringing the anti-corporate crying towel here folks. I’m Mr. Marketing remember? Hey let’s all get so rich we can buy Bill Gates breakfast, or better yet buy Bill Gates! However, my short hairs get stiff when the mega-powers start bowling for eyeballs at this level.
The only thing worse than Microsoft is Yahoo! — powered by Microsoft.
Get your spoons ready…
…
Then They Came for the Bloggers…
Another death blow to free speech came on the morning of October 5th, 2009 as the Federal Trade Commission voted unanimously to enact revisions to 16 CFR Part 255.
Revisions to this 81-page FTC guideline document — innocently tagged ‘Guides Concerning the Use of Endorsements and Testimonials in Advertising’ — were aimed squarely at web bloggers. The changes define thinly sliced examples of how web endorsements can be defined and how each can stray into the territory of advertisements. It also heralds stern punishment for offenders who write product or service reviews and saddles the blog author with stiff penalties should they fail to divulge that their review is a paid or barter endorsement, or if they make any claims about a product that does not prove true. According to the document available in PDF form here: http://www.ftc.gov/os/2009/10/091005endorsementguidesfnnotice.pdf these new regulations will be enforceable starting December 1st, 2009
Sadly, this attack on free speech also endangers countless bloggers who depend on income earned by product reviews.
So what? It’s about time somebody took control and closed down these bloggers clogging up the web with their reviews and cheesy info sites full of affiliate links and questionable testimonials!”
That seems to be the mainstream response, however, those who closely follow the ongoing battle between corporate media and the independent bloggers will see more sinister intent here. Bloggers have made a huge dent in corporate media consumption and advertising revenue. In the early days of the web, corporate media satisfied itself first by stiff arming web publishers as unimportant and amateur — basically not worth following. Then as more consumers flocked to the Internet for information rather than just amusement, the mainstream press turned up the heat with an endless cycle of scare pieces about the dangers of the web and how harmful it could be to surf.
Then amazingly, once the corporate powers had positioned themselves on the web, they proceeded to (attempt to) extend their authority into the new media. Now any news outlet who wishes to survive must maintain sites with interactive Web 2 aspects and social media components. Now they seemed to suddenly embrace the web and everything about it. Every news page and program had the corporations web branding and URL. The web is ours! Bwah ha ha!
The migration of major media onto the web is now complete. Sadly they seem to have brought all their bad baggage along with them. Corporatist slant, raging hyperbola, and elitist globalism still clog their message. So nothing has changed for the better, but at least they can compete in the free market right?
Wrong. Instead of a heads up competition, mainstream media does little else but complain about bloggers and independent news outlets because they are not accountable. More learned media experts point this fact out but also acknowledge the counter point: that bloggers and independent news sources represent the very last resource for information that has not passed through a corporate filter. Professional bloggers make up the huge diversity of information and opinion we now have available to augment or challenge globalist groupthink news outlets.
So no, it is not a heads up competition. Now comes the price. Apparently, the talking heads at big news cannot convince their consumers that unregulated bloggers should be struck from the web by the mere wieght of negative spokesmanship. So the FTC has been called in to begin its little campaign of regulation. It will not escape the informed reader that the FTC is made up of 5 presidentially appointed commissioners, who come to their 7 year post directly from, (you guessed it): corporate law firms. More pointedly still, is how former FTC commissioners are reshuffled back into the corporate law miasma.
Okay so does this mean the end of free speech on the web?
No, but it is another brick in the wall.
##