How to Make Money The Honest Way

In the honest and constant war with spammers, scammers and now hackers, things are never dull in the life of an Internet Marketer. Just when you thought it was safe to get some honest work done and catch up with the ever growing mountain of “things to do”…

The other day I found out that some of my blogs had been hacked by some nasty little shitbag who thought it would be a good jest, a humorous jape, a great laugh etc to place some nice malware links inside some of my posts. Bastards. Honestly, it took me hours to go through them all one by one and clean out their shit from all my blogs that were affected… and as I’m really slammed with honest writing work, they were hours that I really would have honestly liked to spend doing something more productive.

So thank you very fucking much you slimy bottom feeding bastards whoever you are.

I honestly hope what goes around comes around and you get back one hundred fold what you dished out. I’m honestly not known for swearing in my blog, but that total waste of my valuable time was just the limit and that’s how utterly pissed I am at this.

What’s even more annoying is it didn’t take me long to figure out how they got in – through a stupid back-door that most self hosted WordPress themes leave intact either by mistake or by design, I’m not really in the right mood for being diplomatic here.

Here it is:

In your sidebar, there is usually a handy “META” heading under which are a few links – one I use all the time is the login link for editing my blogs. But under that is one we often don’t take much notice of and that’s the “register” link. It allows anyone to register with your blog and when used properly by honest people it can allow honest guest bloggers to write posts on your blog. When used by scumbag slimy bastard spammers and hacking sorts, it can give them access to your posts so they can add code to the HTML and hide it using the <noscript></noscript> tags, which is why most bloggers are unlikely to detect it until Google comes along and slaps a MALWARE WARNING page over the top of your blog!

Yep, it can spell disaster if it happens to be a high traffic blog – so if you have the “register” link in your sidebar, get rid of it. Or set your internal options unchecking the “Allow anyone to register” in your General Options.

Yeah, I know. Honestly, I should have realized and done it when I set the blogs up, but I didn’t know any better when I set these older blogs up, so it got left in and taken advantage of.

Luckily this Honest Way blog wasn’t one of the sites hacked. If I’d had to have gone back through all the over 200 posts, it would have taken me most of the day! But my Make Money Blog sister site with its over 100 posts was one of those that did get hacked and that was honestly not much fun fixing.

Ok, end of rant.

Another thing that you can do to protect the integrity of files on your server is to put passwords on the folders that contain sensitive files – I believe I posted about that way back sometime, ah here it is: Spammers and Attacks on Your Stats, where I outlined what to do to protect your server files.

Better to be safe than sorry – prevention is better than cure and all the other timely reminders come into play here, so be vigilant!

Terry Didcott – Freedom Writer
The Honest Way

          

The Honest Way says “Beware, bloggers with new upgraded page ranks, there be snakes in the grass!”

I mean spammers who have an uncanny knack of sniffing out newly promoted blogs and upping their quota of spam comment attacks.

It never ceases to amaze me how they can have the intelligence to find the right sites and blogs to spam on, yet they display the utmost stupidity when it comes to using that knowledge to actually gain some link love from these blogs that they’ve gone to so much trouble to sniff out.

My advice to all bloggers is to unite to stamp out this menace by strangling and smothering their outlets. It’s easy to do and you’ll be doing your blog a big favour by not inadvertently allowing even one of these spam comments to slip though and be spidered by the search engines.

What do you mean?

I mean that if even one of these spammers manages to get a link back to one of their sites from a comment you display, the search engines may penalize your blog severely for linking to a possibly banned site at worst or a pornographic, hate, racist or other known spamming one at best. It could get your blog de-indexed, that’s how serious it could be for you. So you need to make sure your blog is water-tight.

At the very least, enable moderation of comments on your blog. All blogging platforms allow you to do this, so you have no excuse for not moderating comments. If you don’t know what that means, well it means that all comments that are made on your blog are held in a queue awaiting your approval if you want to display the comment, or deletion if you think it is spam or inappropriate. Links to spammers sites are not spidered by the search engines until you approve them.

Better is to activate a spam defence program plugin for your blog – WordPress have one called Askimet which I use on all of my self-hosted blogs and it traps 95% of spam comments – and my moderation system traps the other 5%, so I have total control over what comments make it onto my blog’s pages.

If all bloggers stopped all spammers from obtaining even one search engine spidered link from blogs, we will have won a major battle in the war against spam.

Be vigilant and kill spam before it gets a foot in your door.

Terry Didcott
The Honest Way

          

I learned something very disturbing yesterday and this morning did something about it pronto. I thought it would be important to share this with you so your website doesn’t become an unwitting vehicle for spammers’ links.

Most webmasters are well aware of the nuisance spammers are by leaving spam comments on their blog posts in a vain attempt to get backlinks for their own junk sites. Mostly we can stop them dead in their tracks by forcing all comments into moderation before they can be published, as well as the software already in place in most blog software to make all links rel=”nofollow”, meaning that the search engine spiders will not follow links back to the originating site, therefore no backlink.

From a webmaster’s point of view, if the search engines do find any links to pornographic or other banned sites, it can reflect badly on your own site’s ability to achieve a decent page rank and in some cases, where there are many links to banned sites, could end up getting your own site into trouble – even banned itself. So you really, really do not want any links to banned or porn sites.

But there is a more insidious method the more high-tec spammers are starting to use to place follow-able links back to their sites from your self-hosted blog or website. And if you don’t plug that gap, they will take advantage of it for their own ends.

Most of us don’t bother to password protect our site stats files like webilizer, or awstats because we never thought it was necessary. Well, spammers figured out that they could launch an attack on these unprotected files and place their links in there and we’d never know… until our host suddenly shut us down for all the links to banned sites!

There is a way to tell if you’ve already been targeted by spammers in this way. In your webilizer stats, you can see lists of referring urls – hits on your site etc. They should all be from friendly sources. But if you spot an unusually large amount of referrals from a particular site or IP that you don’t recognise, then check it out. It could be one of those spammers accessing your stats file – the more hits, the more links they will have placed.

Bad news.

The first thing you need to do (and should do this whether you’ve been attacked or not) is to password protect your stats files. To do this, go into cPanel and click on “Password Protect Directories”. You’ll see a list of all the directories on your host. You need to find the directory called “tmp”. In there are all your stats files. You can place a password on each individual stats file – webalizer, awstats etc. That’ll keep the spammers out of there.

If you have been attacked, then you need to contact your host and tell them what you believe has happened and what they suggest you can do about it. There is a file called “dns_cache.db” that stores all IPs that have visited your site but it is not easily editable.

Stay vigilant and stay safe!

Terry Didcott
THE HONEST WAY