One of my customers found the Simple Image Widget and started using it to add images to the sidebar of his blog. It works like a charm!
The first step is to install the plugin. Then go to your dashboard and click on “Media” to add a photo to your blog.
Once you’ve added the image, edit it so you can see its URL. That’s where the image is located in your WordPress system.
Then go to Appearance > Widgets to add an instance of the Simple Image Widget to your sidebar. You’ll enter in the URL of the image that you uploaded. If you want the image to link to somewhere (like Facebook or your eBay store) then you’ll add that URL to the widget as well.
It’s every website owner’s nightmare. You discover your site is hacked. Now what do you do?
It’s probably not as bad as you think
Over the years I’ve helped several of my clients after their websites were hacked. Most of the sites were easy to fix. In fact, about half the attacked sites I’ve worked on weren’t visibly affected. I could tell by the website code that something had happened. The hidden links to pharmaceutical sites were a dead giveaway. But they were hidden links. Their purpose was to try and draw the attention of the search engines to the linked sites. The sites looked and behaved normally to the casual visitor.
Call Someone
Contact your website developer as soon as you notice anything amiss. They’ll either roll back the site to an unhacked state or they’ll strip the malicious code from the site. The more complicated your website, the more at risk you re for data loss after an attack. Stay calm while your developer works the situation. Some hacks are catastrophic. Other website attacks are the equivalent of fender benders. They’re a hassle. They’re scary. They’re not so bad.
Be sure to ask your website developer how it happened. Do you need to update some software? Should some of the website code be rewritten to prevent further attacks? The developer may or may not know the answer to this question, but it’s always important to ask.
How to Prevent Hacks
There is no way to be 100% sure that your website won’t be hacked. However you can cut down on the chances of a website attack by making sure that your website software is always updated. The cost and time to update software is generally a good investment.
You should also ask your website developer to review the code on your site annually to see if it should be updated. “If it isn’t broke, don’t fix it,” doesn’t hold true for websites. Code that may have been state of the art a few years ago may be hacker bait today.
Backups are Good Insurance
Always ask your developer about site and database backups. If your site ever has a catastrophic hack, you’ll thank your lucky stars for those files.
It happens to most website owners eventually. They receive an email from a visitor that says something like, “While visiting your site I got a message from my antivirus software that it detected a virus and removed a trojan. Your website is unsafe!”
What do you do?
The first step is to try and determine if your website really is infected. If a visitor’s computer has a virus it may appear to them as though your website is infected. The problem may totally be on their end. Google provides and quick and easy way to see if your website is safe. Just go to the following URL but replace my domain with yours:
Daniel Scocco at Copyblogger wrote an interesting article entitled 4 Things an Ethical Internet Marketer Can Learn from Spammers. Just to be clear, this article does not endorse spam at all. Instead Daniel ponders an interesting question. If we all hate spam (and we do) and we’re all on the lookout for Internet scams (and we are) then how is it that spammers make so much money? He comes up with four key ideas that you and I should consider.
Have you heard about wikis? One of the most used wikis is Wikipedia. It’s an online encyclopedia where readers actually help write the website content. How does that work? I knew you’d ask that. The folks over at Common Craft have made a video to explain just how wikis work.
According to our records, you have a free WordPress Blog Add-on associated with your existing hosting account. After careful review of this add-on, we have determined that this plan is no longer comparable to other free blog services such as Wordpress.com and Blogger.com. Due to this reason, on May 31, 2010 we will be discontinuing this free service.
What Does this Mean?
Hosting.com (formerly known as HostMySite.com) used to offer a free WordPress blog if you had a hosting account with them. They installed the blog and the blog files resided on a separate blog server.
I would disagree with “We have determined that this plan is no longer comparable to other free blog services such as Wordpress.com and Blogger.com.” This blog (the one that you’re reading right now) is one of the blog add-ons that they’re talking about. There is absolutely no difference between it and other WordPress blogs that I maintain. These include WordPress blogs hosted by BlueHost, GoDaddy and even regular (non add-on) blogs hosted at Hosting.com. It looks the same as the other blogs. It has the same functionality. There is no difference.
What I think they’re getting at is that people without website developers have had a hard time maintaining their blog add-ons. Hosting.com doesn’t offer any services to help you get new plugins, update your blog software or get new themes. Recent version of WordPress do allow you to easily get plugins, software updates and new themes. However updating your software on the add-on accounts can be challenging. In the past Hosting.com installed safety measures that were designed to help protect the system from hackers. These safety measures also prevented non-technical folks from updating their own software.
What Should You Do?
If you decide to take Hosting.com’s advice be sure to read the fine print at Wordpress.com and Blogger.com. I believe that with WordPress.com you have to pay a fee in order to prevent them from showing ads on your site. You also will have to pay an extra fee to have a domain name without “WordPress” or “Blogger” in it.
What I’d recommend instead is hiring a website developer, like myself, to install WordPress on your account at Hosting.com. Many of their hosting accounts (including any of the Linux accounts) will support WordPress. Your existing blog can be replicated, old blog posts and all, on your existing site. Your “regular” website and your blog can cohabitate nicely on one account.
In fact, the above is what I plan to do for this site. Later this month I’ll make the move and this blog will look just the same as it does now. The blog add-on accounts were nice, but it isn’t a problem to replace them without using another website service.
If you’re interested in quilting or if you’d like to see a Zen Cart shopping cart in action, check out Back Porch Quilts Online Store.
The online store fits nicely into the navigation of the existing Back Porch Quilts website. Note how the look and feel of the main website is echoed in the online store.
The shopping cart is driven by Zen Cart. Zen Cart is free, open source software. Once it’s installed store owners can easily track orders and manage products. It works with many payment gateways including PayPal. If you think you might like to add a Zen Cart store to your website please feel free to contact us.
A few years ago I wrote a post about Pingdom. (See below for a copy of the post.) Pingdom monitors your websites to make sure they’re up and running. It’s a great service and I still use them today. I see that they now offer a free account for monitoring one website or server.
Is My Website Up?
Years ago I had a web host that wasn’t very concerned about keeping my websites up and running. Their servers would go down once a month. This didn’t seem to bother them at all. They also seemed pretty easy going about getting things back up. Sometimes my websites would be back up and running in a few hours sometimes it took as long as a day.
I moved my sites to another web host but I still bare the emotional scars of that experience. I’m really a very friendly, calm person but show me a downed website and my blood pressure rises. If the host is having a problem they’d better figure it out. Pronto! Once the site is back up I want to know what happened and what their plans are for making sure it never happens again!!!! And by that I mean I want it to NEVER happen again!
One of the things that gets me through my emotional distress in this area is my website monitoring service. I use Pingdom but there are a lot of other services out there. Website monitoring services have computers that check their customer’s websites. If a site is down they’ll send you an email. Most services also send you an email when they find your site is back up. Then you know just how long your website was down.
It’s a great service that helps you have peace of mind about the reliability of your website.
