Category: Tips

Posted on

QR Codes Explained

QR Code to our Website
QR Code to our Website

You’ve seen them before, the funny square images on print pages and in magazines; they’re called QR Codes or Quick Response Codes. Scan the one to the right and it will take your mobile smartphone to our website’s home page.

QR Codes are not new, but they are gaining importance with more users accessing the Web with 3G and 4G technology on their smartphones. Similar to a bar code used by retailers to scan at checkout, QR Codes however are two dimensional graphics that can hold thousands of characters of information. This makes them the perfect way to direct users to online content quickly.

If you’ve seen funny colored graphics that look like Indian Blankets, these are Microsoft’s proprietary versions of QR Codes and are called MS Tags. They however need a special Microsoft reader to decode and in today’s mobile world may have limited use.

There are plenty of free QR code scanners, generators, and readers. I have one for my Droid phone called QR Droid that works great. With any mobile QR app, you take a picture of the QR code and the app then lets you select the appropriate action based on the information embedded in the QR Code. Scan ours with your phone and you’ll go our website home page.

In the next few days I’ll be writing about how you can use QR codes for SEO and for integrating your website onto the mobile Web.

Posted on

Solving a Blog Hack Problem

Even the very best website and most vigilant webmaster can have their blog hacked. It just happens. Typically the higher you are in the organic search results the more attempts will be made to hack your blog.

Why does someone want to hack your site?

It is typically for these reasons:

  1. Parlay on your high placement and traffic to bleed off your search engine capital to a black hat optimizers list of sites that need “SEO Juice”.
  2. Parlay on your website placement and traffic to spew malware to your site visitors to turn visitors’ computers into spam bots.
  3. Use your unprotected site as a launch pad for black hat optimization doorway pages.

There is simply nothing personal about the situation, it is simply a crime of convenience. If you are not secure, you are a target. In some cases the security problem may be on your web host’s side, but in other cases the issue is on your website’s side.

I have successfully used several WordPress plug-ins on a number of client sites to lock out the bad guys, even ones who some how seem to keep getting in. Here are three of the plug-ins that I really like to use that help to beef up your security after you have thoroughly cleaned your blog and website from a hack attack.

WP File Monitor Plus
If you are repeatedly being hacked with this plug-in, you will instantly know which core files need to be replaced. The application can email or send you a text message.

Login Lockdown
Limit attempted intrusions by locking out bots and spiders who are testing your admin and trying to crack your password. You choose what settings to lock them out with. Your MySQL database will keep a list of attempts and lockouts so you can see the date of intrusion attempts.

WP Admin Renamer Extended
I love this one. First create a new admin file with a super secure name and password. Then rename your existing admin using this plug-in. But don’t stop there. Go back in and set your old admin user as a subscriber only; effectively locking out the bad guys that even if they can get back in they can’t make any changes.

These are great starts, but be aware that if a hacker really, really wants to get in they can be extremely difficult to keep out. My motto is make it very hard for them to get in and time consuming that they simply want to move elsewhere to do their dirty work.

Posted on

Testing, Testing, Spam Relay Open?

If you get funny submissions from your website contact form you may have wondered, “what’s going on?” Here is a sample of the type of form submission that you may be getting:

firstName2: atfkbja
lastName2: atfkbja
Street: uwTnCHgFWbtDZEameGH
City: New York
State: —
Zip: 101rand[0,
BusinessPhone1: KGR
BusinessPhone2: WoM
BusinessPhone3: mcdX
BusinessPhone4: ImTIDlComments: yggULo
<a href=”http://ncrunlbfzqmn.com/“>ncrunlbfzqmn</a>,
[url=http://acppnvcxefkp.com/]acppnvcxefkp[/url],
[link=http://sukuwtwotdmm.com/]sukuwtwotdmm[/link], http://equynulmfvaa.com/

Even if you have a Catchpa or human verification code employed on your form, you may still get submissions like this. These robots are not actually completing your form, but rather spidering the form and then going right to your cgi-bin and acting on your form script. They are looking for a vulnerability to see if your server can be used as a spam relay. If you get forms like this, don’t be alarmed, as if you are working with a quality web host, your form script and send mail server are most likely secure, but not always.

Spammers once they find a website script with a vulnerability will use your band width on your hosting site to spew out their spam messages with your email and your website as the sender. One way to identify if your site is being used as a spam relay is that you may be getting hundreds of bounced messages back to your own email inbox with your own name on them.

As bounced messages do not always mean that your server is a spam relay, it is important to get with your web host and check first. It could be that your domain name is being spoofed but that your server is hacker and spam free. In other cases your server could be sending out thousands of spam messages with your name attached; potentially getting your domain name and server IP address blacklisted.

If you feel that you are getting an inordinate number of these types of forms, now is the time to get with your web host and ask them to check to make sure your server has not been compromised and is now acting as a spam relay without delay. It is not uncommon to get three or four of these types of forms a day, but if you are getting lots you should dig deeper by sending some samples to your web host and asking them to check your server.

Posted on

Watching New Meta Tags

I am always on the watch for new meta tags that are being tested by search engines. I like to be an early embracer of new technology. If you are unsure of what meta tags are in common place use right now, here is a great primer and list for you to consider using on your website.

Two new meta tags that I am watching and just getting ready to implement on my own site are two that Google released recently mainly for use on Google News. They are syndication-source and original-source. These two tags inserted in your source code in the head tag allow you to notify search engines that you are the creator of content on your website. You can read more information about both in this interesting article.  Why not just use the canonical tag? Well, Google says it best and here is the quote:

“We felt the options currently in existence [the canonical tag] addressed different use cases and were insufficient to achieve our goals. The more accurate metadata that’s out there on the web, the better the web will be.”

Google is pretty clear that they are just using these new tags for Google News right now, but if you are a unique informational content author such as myself, it is a good thing to make your content as the originator so that scraper sites that steal your content will not get credit for your hard work. Google does say that they are evaluating the wider use of these meta tags, but has not embraced them for you use in their regular index.

Here is how you would actually use the tag in your head tag code:

meta name=”original-source” content=”http://www.mccordweb.com.com/weblogs/2011/04/23/watching-new-meta-tags”

I personally feel that I will most likely use both to just cover all bases, but remember these tags are not being widely used right now by Google’s index. Will they use it? Possibly, but I am willing to try anything to tag my content as my own.