Archive for March 3rd, 2011

Looking For Local Posting

Sometimes when you are blogging for an income you do not want to be working with international companies, who insist that you use American English instead of English and so on.

Not much of a problem for American readers, but for UK bloggers, and companies wanting to employ UK bloggers, there is an option.

It has been around for a while, but Ebuzzing serves just the European bloggers. If you are looking for search engine improvements through link building, it isn’t the system for you. However, if you are after mentions in relevant blogs with traffic then it could be what you need. And it has been shown that sites that get more traffic do move up the search engine rankings.

So, what is this magic system? It is ebuzzing.com. If you are an advertiser or a blogger, then go to the website and sign up. And if you don’t mind, mention this blog when you sign up so they know where you came from. It won’t affect your account, but it could just get me a referral fee and that keeps this blog up and running!

Digg This
Reddit This
Stumble Now!
Buzz This
Vote on DZone
Share on Facebook
Bookmark this on Delicious
Kick It on DotNetKicks.com
Shout it
Share on LinkedIn
Bookmark this on Technorati
Post on Twitter
Google Buzz (aka. Google Reader)

Simplifying A Security Upgrade

If you started blogging with WordPress before v3.0, or you installed 3.0 and didn’t take the advice of creating a different user name, then there is an essential security step that you need to take. But, it can be very difficult.

Hackers attacking your blog have to guess 2 attributes to gain access. First the user name and secondly the password. The thing is, get either wrong and you get the same error message, so you do not know which is wrong. Guessing both correctly at the same time is near impossible.

However, some people make the game very easy for hackers. Look at the screen print to the right (click to enlarge). We can see from that the site still has an Admin user, and a userid called Paul. And older versions of WordPress always set up the primary user as ‘Admin’, taking away the guessing game from hackers. Suddenly, getting into a WordPress admin area is only a fraction of the difficulty – you just need to guess the password.

There are 2 essential security steps that this blog needs to take. The first is to create a nickname for every userid, that will hide the “Admin”. Call it Fred or whatever you want, just so that it does not give away the real userid.

The second step is getting rid of that admin id. Now this can be a lengthy process. You have to create a new userid, move the posts from the Admin id to the new admin and then delete Admin. However, there is actually a much easier way about it.

Sign on as Admin and create a new userid. Give it a nickname that does not give away the userid and set it up as an administrator. This is going to be your main userid, so also allocate it your main email address (change the Admin email address to a dummy email address first, if needed).

Now sign on as that new administrator and look at the list of users. Edit Admin and look at it’s “Role”. It is Administrator now, so reduce it to as low as you can. Subscriber or Contributor – neither has the power to do anything without a senior user giving it the OK.

This means that all of the old posts are still active, but should someone hack into your blog as Admin they cannot actually do anything.

There is another tool to use as well that will stop hackers having too many attempts at guessing your password / userid (and yes, I tested the blog I am showing and it did not do this) and that is a plugin to limit the number of login attempts. Read more about it on that post!

Digg This
Reddit This
Stumble Now!
Buzz This
Vote on DZone
Share on Facebook
Bookmark this on Delicious
Kick It on DotNetKicks.com
Shout it
Share on LinkedIn
Bookmark this on Technorati
Post on Twitter
Google Buzz (aka. Google Reader)