Dwayne Coots

Posts Tagged ‘webmaster resources’

Dwayne,

I set up this little site for the Indy Falcons group. (volunteer). www.indyfalcons.com
If you go there, you will see I have embedded the webcams which are sponsored by the Indianapolis Star.
My question is this: if people come to this page and watch the webcams, does that score a hit on the Star site? I know one of the reasons they support the webcams is the number of hits they get during the season. If embedding the cam removes those hits, I need to take it out and find something else to put there….
Thanks
Susan

——-

Hi Susan;
Happy new year! That’s a good question and a worthy cause.

I looked at the page and checked your code to see what’s what and you are using an iframe to embed these cams onto your page. Since the iframe is just pulling their page into your page it will register as a hit from the visitor computer — your website will not be cited in their logs unless you have some other clickover kind of content.

So to their system it does register a visitor hit so it justifies their supporting the cams. But don’t forget to add some content onto your page also so it can be regarded as important enough to be indexed. If your home page is nothing but an iframe embed from another site it does not qualify as valuable content to search bots. This makes it hard for the site to gain popularity and get ranked so more people can find it organically.

Hope this helps.
Dwayne

There are few SEO strategies more effective than article marketing. In my ongoing webmaster resources series on article directories, I wanted to spend some quality time looking at A1articles article directory. For several months now the site has been an excellent source of Free content and expert articles I republish to help enhance the quality of the web properties I manage.

On the promotional side of things A1 really kicks because of the tools they provide to experts. Anyone who publishes content to the web knows the tool set is so important to making the most of your time. I also loved the speedy approval process and extra SEO support coded into the directory article and topic pages.

Looking at the content publishing side of the equation, the most important thing I noticed was the ease of use to repub their content. How about this for features?

• Killer RSS grouping
• One click print option
• One click Republish (including HTML and raw text versions!)
• Tag list and SEO freindly titles

So if you need a great source of top drawer free content click over to A1articles.

Getting your site noticed in all the clutter out there is critical. Most webmasters know article marketing is a powerful way to promote your website. With this in mind, I set out to review some of the top article directories and highlight the best ones on the web. No A-list of article directories would be complete without a close look at Article Alley.

Article Alley combines the best features of Article Marketing with the powerful synergy of easy syndication. Webmasters and experts can easily publish articles to their system to promote a site and drive traffic, while at the same time web publishers can syndicate quality content in a snap. We love Article Alley and use their articles on several web properties – both for business and personal sites.

So if you are an expert that wants to use this powerful technique to gain traffic and authority, or if your a busy web publisher who needs to beef up your content, Article Alley is the tool for you. Check em out: Article Alley

Recently a client reported the heder.php exploit had infected their website. They needed help with the cleanup, so we got them back online, but they had questions like, “How did these files get onto my site?”

First understand that heder.php is just one type of site trojan. There are many flavors of this type of site exploit and they have some things in common, so it might be worth a blog post to cover them.

These kinds of exploits compromise your hosting account. Then they install malicious code into your html pages. They also add some entries to your htaccess file to redirect incoming traffic to the payload. Usually the payload is a version of the same exploit so the code can spread to the next victim.

So now we know how you get it… Basically, this exploit is usually dropped onto your machine when you visit an infected website. It will overwrite a Microsoft ActiveX file on your machine — which is how it hides from your antivirus. (Yes as usual it’s a Micro$oft exploit).

So what does it do?

In the background it scans for usernames and passwords. If it finds them it steals then and uploads them to the hackers. If it finds FTP credentials it uses those to upload itself to your websites and inject some code into your home page and write some backdoor ssh access files into your server space.  This is how it spreads – once it is on your website, anyone who lands on it gets the new code and the process starts attacking their machine.

I have anti-virus software so I’m safe right?

Nyet! Most Antivirus software cannot find it because it is more like spyware. Also it hits your machine via php and javascript code and those are functions your web browser uses all the time — so a firewall is useless to prevent this. Since it hacks an activex helper it hides really well from scanners.

Okay so why do people do this crap? Why me? What do they get out of it?

The hackers make money by retrieving your other credentials (usernames and passwords to banking sites, credit cards etc…) as well as personal info (your SSN, address, phone numbers, etc) and then it uploads them to a public board in encrypted form that only the original programmers have the decrypt key to. So all your data is uploaded to a public forum and the hackers pull these files daily and decrypt them. Then they:

• Sell your email address to spammers
• Sell your personal info to identity thieves
• Sell your credit card details to fraudsters
• Share your exploited ftp details with partners who now have write-privilege to install other payloads to your website…
• Then they post teaser code to boards to help other hackers develop better code.

As a webmaster you should always keep a close eye on your security — particularly ftp credentials. FileZilla is one popular ftp client that is taking a big hit because it stores your credentials in unencrypted format. So if you manage 10 websites for clients and use FileZilla for FTP – you could be at real risk. FilaZilla is an excellent Windows FTP client, but please do not store your passwords in it. (Uncheck the “Save Password” box in the FTP profiles and keep a separate encrypted list of site credentials.)

Hope this helps…