In any event, if your WordPress installation was hacked, take action immediately to control the damage. At the end of this post, I’ll give some examples of how your blog could have been hacked, but first, let’s go over the steps to clean up the mess.

The first thing you should do, is make a back-up copy of your WordPress database: Log on to you server, select databases, select the WordPress database and click on the “export” tab. Next, make sure you select all tables and click on the go button. This will download your WP database to your computer.

You could search for bad code in your database on your local computer by opening the downloaded database in your favorite text editor and use the “find” command to search for inserted code that doesn’t belong there. Or you could do it directly in mysql.

Tables that should be looked at first, is the meta users table. If you are the only person posting on your blog, then there should be only entries that pertain to you (e.g. administrator). These entries should have a tag of “1“. Anything else could be fake user accounts created by the hacker or the WordPress Worm (2009) and should be deleted.

The posts‘ and comments‘ tables should be looked at in great detail: if your blog doesn’t contain many entries, I suggest you’ll look at everything, but otherwise perform a query on the following strings:

• eval64 _decode
• iframe
• instant-zero
• d0lphin

Next, look in all directories of your site for images with the .php extension. Also look at every folder for “index.php”. These php files may contain the following code and when executed, can re-direct your visitors to rogue sites.

Another favorite location to place bad code is in the uploads folder (wp-content/uploads). Make sure that you recognize the files: these should be media files (images, videos) that you uploaded to your blog. Anything else should be deleted.

Make sure that your template (theme) files are clean: if you’re not sure, just upload a fresh copy.

The last thing you need to do, is to upload a current version of WordPress. I would suggest you manually upload a fresh copy (make sure you keep a back-up of your wp-config.php file first and any template files that were changed by you). If your blog was hacked, I would recommend that you do not update the source code from within the admin area (available in newer versions of WordPress), but rather delete everything in your blog folder and upload a new version: updating to a newer version from within the admin area will not overwrite all files. If you have SSH access to your server, it will be faster to download the WordPress tar ball and unpack it on your server.

After you have your WordPress blog back up and running, keep it secure by upgrading to the latest version whenever an updated version becomes available. Once your blog is clean, you could always update the WordPress source code from within the admin area.

A good thing to do, would be to change your FTP passwords after every WordPress update. Read my post on using secure FTP to upload files to and from your server.

The number one reason why a WordPress blog becomes hacked is that it is running outdated software. We all procrastinate sometimes and many people ignore the “there is a new version available” message, especially after just upgrading. But it is important that you always keep the source code up to date. Whenever a security hole is discovered and a new version is published, hackers have know about this issue for a long time. It isn’t so much a question of if your blog can be hacked, but when.

Here is a good source of dealing with a WordPress hack (plus many informative comments).

Here are 2 blog posts by the Unmask Parasites Blog about similar attacks that are very useful (in fact, some of the search strings mentioned in this post came from that blog):

• Beladen Exploit

• GoScanPark Server Wide Re-direct

Anybody who starts a business online faces numerous challenges such as stiff competition, picking the wrong niche in the market place, pay-per-click ads that are overpriced, spam, website attacks, black hat SEO techniques to bring down your site, malicious code placed on your site through vulnerabilities in software you site is running (such as WordPress) etc.

Many people still (wrongly) believe that all they need is traffic. Work on SEO, rise in the search engines and you’ll make money guaranteed. Of course, many internet marketing gurus claim that SEO is the most important piece to success on the internet (just watch a few videos and see how THEY are getting top rankings in Google and making big bucks in their affiliate accounts, it’s like making money on autopilot while you’re sleeping). But SEO should only be a small portion of your entire marketing scheme. What is almost equally important these days, is security. Security as in securing your webserver.

I have been dealing with some security issues myself and will write about them in upcoming posts. There is so much money to be made on the internet these days that crooks, parasites and con artists are constantly finding new clever ways to rip people off (both your customers and you, the business owner). Right now, I would like to mention 2 excellent blogs (about security) that will give everyone who owns a website an idea what they’re up against:

• Dancho Danchev’s blog Very detailed and entertaining blog with frequent posts about the scum of the internet. See how cyber criminals and internet parasites find security holes in almost everything to lure/force people in buying fake security scanners for their PC and other rip-off schemes.
• Unmask Parasites blog Read about obfuscated javascripts, twitter exploits, worms, viruses, WordPress hacks and more. If you weren’t paranoid before, you might as well be. Unmask Parasites also offers a free vulnerability scan for you site: you need to scan every page separately, but I would start with your homepage and some of your blog pages.

So it may well be that you are doing everything right in one area (SEO) and the reason that your site is lacking in the SERPs is because of exploits on your server or nasty black hat SEO attacks by your competition.

Some people don’t believe in internet marketing anymore. On the following blog, you can read some entertaining posts about why internet marketing sucks…

OnlyWire is a service that let you place multiple bookmarks across social bookmark sites with just a click of a button. The advertising hook they use is that with “the power of the button“, you can quickly place numerous bookmarks of your favorite (read “your own”) content across as many social media sites you choose.

They currently offer 2 service levels: one is free and requires that you add their bookmarking button all over your website, which may not be desirable by some, in particular if you prefer other bookmarking tools for your readers such as “share this”. The other option they offer is a paid version for $2.99 per month or $24.99 annually. This may not sound like much, but why should you pay for a service that borders on spamming and something does not bring back many valuable back links, as most social media sites use no follow on their outgoing links?

The “button” installs very easily as a plug-in for Firefox. They may come out with plugins for additional browsers.

The first question you’ll have to ask yourself, is how many social media accounts do you really need? Are the accounts at delicious, digg and Stumbleupon not enough?

Anyway, how does OnlyWire’s “easy” claim hold true?

It is indeed extremely easy to place your bookmarks across social media sites (once you have set up all you accounts with clever usernames and unique passwords). In fact, it is almost too easy to place your links and it almost feels like you’re spamming. Because of the no-follow policy of most social media sites, it almost becomes a trivial exercise of placing your links on any of those social sites: Do you really think you may get visitors from those links, even if those links are worthless from an SEO standpoint (no link juice)?

OnlyWire does do a good job at listing all the sites you submitted your “bookmark” to. However, it would be nice if the software would allow you to spin the descriptions and titles of your submissions. That way it would keep everything a bit more unique, will help with overall SEO and would not feel so much as spamming.

It sounds fairly easy: use the no-follow tag on your own website to prevent the spreading of link juice to pages that are considered un-important or pages that are informational only and do not generate any money. Examples of such pages are the privacy policy and the contact us pages. However applying this no-follow technique has to be done and planned for carefully if you don’t want to run into any potential indexing problems.

The no-follow tags can be applied to internal links of a brand-new website and the chance for getting it wrong is fairly small. But if you apply the no-follow tags to pages of an established website in order to move PageRank around, you could run into some serious indexing problems: You could lose not only the PageRank of the pages you apply “no-follow” to, but your entire site could lose PageRank all together due to search engine spiders being caught in “loops” created by the incorrect application of the no-follow tags. Of course, you’ll find this out months later, when you have lost precious PageRank and visitors.

In my opinion, it’s better to use the no-follow tag on your blog if you have to use it at all. I don’t recommend using it on your regular (established) web pages that already have PageRank. Even your privacy policy and contact pages are important “contributors” to the overall PageRank of your entire website.

PageRank is a trademark of Google

So how can you continue to use FileZilla for FTP and make it more secure?

The first step is to set up FileZilla for secure FTP (sFTP), which uses SSH to send files back and forth. SSH uses port 22 by default, but you can add one more layer of security by using a port above 1024.

To select a port above 1024 for SSH, log on to your server by SSH and edit the sshd_config file by entering the following command: vi /etc/ssh/sshd_config

Hit “i” for insert mode and scroll to the line that says “Port 22” and change it to a number above 1024.

Next, scroll to the line that says “Protocol “; make sure it says “Protocol 2“.

Save the file (ESC, :w , :q)

Restart sshd by entering /etc/init.d/sshd restart.

Set up FileZilla by selecting sFTP followed by entering username and newly chosen port number. Remember to have FileZilla ask for your password every time.

You can prevent further unauthorized FTP access to your server by setting up a firewall and only allow FTP access from your IP address.

Using sFTP with your FTP client is a good way to keep your web server as secure as possible. sFTP is slightly slower than regular FTP, but it’s worth the extra time.

First Equity lures unsuspecting business owners by offering them a large credit line and a low interest rate. Both facts are not always true, as credit lines offered by First Equity will be much smaller than anticipated and interest rates will be much higher.

While Chase differentiates itself from other lending institutions by following a newly adopted “loan sharking” business model, First Equity does inform its customers of it’s high interest rate of 24.99% from the beginning. So at least with First Equity, you know what you’re getting into when you start writing those cash advance checks.

However, First Equity also has some tricks up on its sleeves: due dates are often on the weekends and their web servers mysteriously are unresponsive a day before the due date. All to increase their chances for charging customers late fees and higher interest rates.

So how is First Equity’s customer service holding up? Compared to Chase, you’d think that there isn’t any better bank than First Equity, but when the honeymoon is over, you’ll find out who the real First Equity is. No point asking them if you can pay a week later, when cash flow is low (even if you agree to paying the late fee): they will hunt you down. Countless harassing phone calls at home, on your cell or at work. So no flexibility here, even with the absurdly high interest of 24.99%.

Needless to say, First Equity is one of the worst credit cards for business and they are truly parasites that you (as a business owner) need to stay away from.

While SEO is an important aspect of your business, it’s also important to make the right financial decisions. That’s why today, I’m writing about something that can seriously affect your business’ bottom line: the selection of a business credit card.

Many small businesses do not qualify for traditional small business loans (certainly not in today’s economic climate) and that is the reason why so many small business owners turn to credit cards to pay for equipment, software or other needs. In official terms this is called “bootstrapping“, with its official business definition of starting a business without external capital/help, which in many cases means borrowing against a personal credit card or applying for a (new) business credit card.

While Chase used to be a reputable and trustworthy bank, many business owners (including myself) either applied for a new business credit card or took advantage of a 0% interest balance transfer offer. Three years ago, I actually applied for a new Chase business credit card for my business when I received Chase’s offer in the mail of 0% on all purchases for 1 year. That card came with a decent credit line and I used it for every day business expenses.

Then after 1 year, Chase started charging interest on my balance (which I expected), so again, no problems. But then the economy tanked and Chase gradually increased the interest rate every few months, until it reached almost 18% in the spring of 2009. I, however, wasn’t notified of these interest rate increases, something that can be considered an unfair business practice.

Due to unforeseen circumstances, I was late on 1 payment and Chase immediately raised the interest to 29.99%. Calling Chase did not help and the fact that I had been a valued customer who always paid his bills on time didn’t matter either. Instead I was being patronized and told in a very rude manner that the 29.99% was the interest rate I was having from now on. I made several phone calls with Chase’s “customer service” to dispute the higher interest rate and told them I could not afford to make the ridiculously high minimum payment. They then forced me to close the account and told me to pay the entire balance within a week’s time or they would report my account to the credit bureaus.

I made a verbal agreement with them, that I would pay the entire balance if they would waive three $39  fees. I did what I promised: I paid them the entire balance within 1 week. But I should have known better in that Chase doesn’t honor “agreements“, in particular not verbal agreements: so instead of just having to pay the double-billing cycle interest charge, I know had to pay all fees + interest + a new over-the-limit charge. I thought I was done with Chase when I paid off my accounts with them. But instead I have to endure months of additional harassment from Chase.

Chase was one of the banks that received government bailout money: 25 billion. This was probably not enough to cover all the expenses that they incurred with their lavish lifestyles, gambling with high-risk mortgages and year-end bonuses. So instead, Chase went to its small business card customers and other customers to foot the bill: raising interest rates to 29.99% for no reason or forcing people who had accepted a 0% interest balance transfer, to suddenly pay a 2% minimum or force them into a higher interest rate bracket.

Judging from the numerous posts and complaints on sites such as epinions and change in terms, the way Chase is treating its loyal customers has reached a new low in the credit card industry. It is no surprise that many have taken it upon themselves to start lawsuits. Soon, our government will sign a new law into effect that will protect the interest of the American consumer and American small business owners: we just have to wait and see if this will actually help us or be another tool for the banks to rip off their customers.

The new business model that Chase has adopted recently has more similarities with loan sharking than anything else. You can probably expect better customer service and better terms from your local payday loan company than from Chase.

But Wait There’s More: Chase has found another way of ripping off unsuspecting customers: customers who have set up automatic debits from their checking accounts, may receive messages from Chase claiming their automatic payments didn’t go through by the due date, but that their payments (“miraculously”) went through days after the due date, giving Chase yet another reason to charge its customers the $39 late fee and raise interest rates.

In summary: Chase business credit card is the worst credit card for business. Let’s stop these parasites once and for all.

More Chase Mayhem:

• help! i’m being hounded by chase! – 180px-chaseaustinretrodesign.jpg for a few years now, i have rented a small shack down by a harbor not far from new york city. i keep stuff there. it’s a relic of a time past when i was sort of crashing on my own. …

• Mouse Print»Blog Archive » Chase Credit Cards: How to Avoid 32.24 … – Chase change in terms Do you ignore those fine print notices that credit card issuers send out from time to time? They are often accompanied by a letter that says there will be a “change in terms,” but it leaves the details to the fine …

• Ability to edit .htacess file. If your webhost servers run Apache, then is it important that you’ll have access to your own .htaccess file. There are many reasons why having access to this file is crucial, including keeping bad bots out of your site by blocking certain IP addresses, the ability to 301 re-direct the non-www version of your site to the www-version or vice-versa and to permanently re-direct old web pages to new webpages. Good examples on how to edit your htaccess file can be found here and here.

• Ability to pick your own shopping cart. It does not make any sense to choose a webhost that forces you to use a particular shopping cart. You may already have a shopping cart, so choose a webhosting company that will allow you to run a wide variety of shopping cart applications (e.g. php, html, or perl based).

• Pick a hosting company that offers both shared hosting and dedicated hosting. Shared hosting will be cheaper, but if shared hosting doesn’t work out, you can always move to dedicated hosting without too many problems.

• Avoid hosting companies that offer only limited band width. It is not in your best interest to pick a webhost that limits your monthly traffic to let’s say 1GB and where you have to pay extra if you go over. Many hosting companies already offer unlimited traffic on most of their plans.

When you host your own email, you are dependent on the uptime of your webhost. Many times, your email is routed through separate servers and you may have noticed how slow your email can be at times.

In addition, you may waste a lot of time cleaning out your mailbox from the daily barrage of spam that comes your way. But there is a better way: Google mail (Gmail) for business. Just change a few settings in your DNS zone file and within hours you’ll be sending mail through Google.

Google’s mail system uses many redundant servers for backup, so there is less chance for any email outage. Mail will be sent and received much quicker and you’ll be using a user interface that you may be already familiar with if you use Gmail. The beauty of using Google Apps is, is that there will be so much less spam every day, that you have more time focusing on what’s important for your business.

You also have the ability to filter out certain emails (the ones that are not really spam, but you don’t wish to see).

How to Get Started?

There is a very good and detailed write-up over here. This is specific to Mediatemple, but is applicable to most web hosts. One thing to keep in mind however, is that unless you are hosting your own name-servers, you need to make the changes to you DNS Zone in your account center (and NOT on your dedicated virtual server (if you have one), unless you have your own name servers). A good thing to add to your DNS settings, is 1 additional spf record for Google (follow Google’s instructions). Leave the spf record for your own server intact. The 2 spf records will make sure that mail send through Google and sendmail (send through Google), will not be filtered as spam by other ISPs.

How to use Google Apps with Sendmail?

Many users will notice that emails send through sendmail are no longer working. What you need to do, is to TURN off (disable) the mail service on your own server. You’ll need to do this for any alias and individual accounts as well.

For any accounts or alias account that you used for sendmail, you’ll have to set up a separate account on Google. For alias accounts this is called “nickname” on Google. On Google you can forward any email account to another account you own. You’ll also have the option to just forward mail (for example, the sendmail from your server) and not to keep a copy of it in your Google account. So in short, there is no need to change any config file of sendmail on your server.

It is not that simple, however. Many of these directories do not have any page-rank to begin with and they have thousands and thousands of listings with many new listings added every day. The chance that you will receive any link juice from these directories is close to zero. Many of these directories use dynamic pages, which are harder for Google and other search engines to index. In addition, to search engines, these directories appear nothing more than “free” link farms and your link may not even contribute to any PR for your own website.

What’s more, is that some of these directories are attempting to steal your page-rank or even hijack your pages. Directories to avoid are the ones that have a “more” or “additional info” link at the bottom of each listing. It is this link that will take away page-rank from your site. When you manually submit your pages to directories (=waste of your time) you may be able to spot these “rogue” directories, but when you use any of the popular directory submission software, you may not realize that you’re submitting to a bad directory.

There are a number of directory submission services out there that may offer better results than when you do it yourself, but in my experience, I haven’t seen much results from these either.

So is there any directory that is worth submitting to?

The DMOZ directory used to be very popular. As of late is seems that they’re so behind in their editing of listings, that your chance of being accepted is close to nil. That leaves only 1 directory to submit to and that is the Yahoo Directory. With high page-rank and individual listings for almost every country, the Yahoo directory is in my opinion the only directory that is worth submitting to. The only downside is that it will set you back about $300 a year, but it’s worth it.