Category Archives: Web Design

A Fluid Google Favicon

Posted on by

Perhaps it is because we are all embarrassed for Google, but their most recent favicon has received very little comment.  If favicon is a word that it is new to you that is the very small 16 pixel by 16 pixel icon that appears at the front end of the address bar in your browser.

The BBC attempts this morning to provide a little more understanding about Google’s new mini icon.  It still leaves a little confusion, so let us try and bring a little clarity to the issue.

Since a favicon appears every time you use your browser and also in your list of favorites, despite its small size it is a very powerful visual clue to a website.  Changing such an icon can often upset your loyal visitors.  Just look at the Tech Digest reaction to a change in the Google icon back in May last year.

Google changes its favicon from uppercase white ‘G’ to lowercase purple ‘G’ – thoughts?  Soooo…has anyone noticed Google is wearing some new clothes today? That’s right, they’ve changed their favicon, that little ‘G’ logo which appears on tabs and at the beginning of the URL in the address bar.

I have to say, I don’t mind it, although it’s quite annoying when you’re scanning your 17-odd open tabs, and can’t find the one open with Gmail/Google News/Google Images etc, as you don’t recognise the new icon.

Google Logo

The latest choice of favicon for Google seems very paradoxical.  This is a company that has changed its logo but a little over the last 10 years.  Their present favicon seems most out of character.  The image below shows the favicon magnified by a factor of eight.  It is somewhat fuzzy but perhaps that is intentional.

According to the BBC article, it is all part of the new theory about brands that suggests they should be in constant evolution. 

Google favicon

Steve Plimsoll, of brand consultancy FutureBrand, says, "Logos are set to become fluid, ever-changing, customisable, even personalised entities and Google is the first global brand that understands this.  We are going to have to get used to the idea of our brands changing frequently, and when we do, every three months will seem like the dark ages."

I for one disagree profoundly. It rather sounds like the words of those tailors who designed the new clothes for the Emperor.  Even if it were true for brands, I do not believe it should apply to these incredibly tiny icons.  Getting good recognition of such a small feature requires repetition.  It therefore should be a constant for a reasonable period of time, probably measured in years.

Senior Money Memos favicon

The 16 pixel by 16 pixels favicon also requires some image that is very identifiable.  If it is too fuzzy then people may have difficulty in recognizing it.  As an example the favicon for the new blog, Senior Money Memos, is that shown on the right.  It is intended to symbolize a senior with a white beard.  It is readily identifiable.  That should be the mark of a good favicon.

Thankfully it would seem from the BBC item that the present Google favicon is very much a work in progress.

If you don’t like the new look, then, you can wait or, more proactively, send the company your own design. When it unveiled the small ‘g’ last year, the company’s head of search products & user experience, Marissa Mayer, hinted at a transitory solution, saying "by no means is the one you’re seeing our final favicon; it was a first step to a more unified set of icons."

We cannot wait to see Google’s final favicon.  Hopefully they go back to something as simple and direct as their original favicon.

Technorati Tags: , , ,

Jakob Nielsen pushes for taglines

Posted on by
 
Taglines, mottoes or mantras: they’re all good.

Guy Kawasaki likes mantras rather than missions. Jakob Nielsen seems to support a similar position in his latest Alertbox on company About Us web pages.

  • Although there is some improvement there is still a way to go. We found a 9% improvement in the usability of About Us information on websites over the past 5 years. But companies and organizations still can’t explain what they do in one paragraph.
  • Representing a company or organization on the Internet is one of a website’s most important jobs. Effectively explaining the company’s purpose and what it stands for provides essential support for all other website goals.
  • At the top of your content pyramid, a good tagline helps users understand the rest of the site by providing context for the detailed content.

Of course if a company is unfocused, then it may be no surprise that they cannot come up with that tagline.

Technorati Tags: , , , , ,

Foolish Footers

Posted on by
 
Footer – the foundation of a building

The footers we are talking about here are those defined by Google as follows: Text printed in the bottom margin of each page in a word processing document. Although as you will find later, that other foundation definition is worth thinking about. Here in particular, we are talking about the online versions on which by coincidence the knowledgeable Ann Smarty has recently offered the following advice: handle your site footers wisely. In summary she concludes:

  • make your website footer relevant and useful;
  • don’t add too many elements to the footer – it should be clean and concise;
  • focus on people (SEO value of the footer is too insignificant anyway);
  • follow the common fashion: people want to see common elements at these common places.


As a general rule, that seems eminently sensible advice. However I noticed that two very successful bloggers, Darren Rowse and John Chow adopted a somewhat different approach. Go to either of their blogs and scroll down to the bottom of the webpage. What do you find? In both cases there is a full screen of footer information. That got me thinking.

So often our approach to online web pages is conditioned by our much longer association with the printed page. That is where the word footer comes from. It suggests minimal content. However consider the way in which many people arrive at a web page. Either they are going there for content since someone gave them a link or they did a keyword search and ended up at that page, again looking for content. Most of them are not interested in any information about the blog owner or the rest of the blog as they arrive.

Of course the blog owner may wish them to look at advertisements which help to monetize the blog and ensure its survival. If those advertisements are from Google, then Google is working very hard to provide advertisements that will be of interest to visitors to the web page. If so there is every incentive to ensure that both content and advertisements appear ‘above the fold’, in other words on the initial screen that is viewed.

If anyone wants more information on other items in the blog or the blog author, they are certainly motivated to wander around a little and find what they are looking for. This suggests such information can be ‘below the fold’ since visitors may naturally scroll down to find such information. In consequence this blog now has an extended footer giving even more information than those of Darren Rowse and John Chow. By clicking on the link to Full Blog Info, your screen will show the footer, which is about a screenful on a 1024 x 768 resolution monitor. I believe it is a very logical approach, even though it seems to go against standard practice.

It may not appeal to everyone since it is somewhat unusual. However I don’t believe it’s foolish and I am most interested in visitors’ reactions. Why not add your thoughts on how this different approach works for you.

Technorati Tags: , , ,

Google Chrome Manual

Posted on by

John Brandon asks this morning whether interest in Google Chrome is already waning. He feels that:

People use IE because it comes pre-installed and does mostly what they need it to. Walk into an office and glance around — you will see a lot of IE. Those who know better use Firefox because it is more stable, more secure, and faster. Where does that leave Chrome? I think as a third option for early adopters. But those who just need to get work done, who use Gmail and are too busy to mess around with bugs have probably all switched back to Firefox.

Just after the launch there was an initial flurry of interest. Mark Evans commented that a number of people had checked it out with some like Walter Mossberg liking it and others like Alec Saunders suggesting it was all a shell game. Mark Evans even questioned, What Took Google So Long?

Some experts such as John Andrews even warned that ‘under the hood’ there was a Google Chrome Bait ‘n Switch. That was because of some unfortunate language in the Agreement that all users had to agree to. Google beat a hasty retreat on that one but it still left a negative impression for some.

Google Chrome

By now, everything in the garden should be lovely. However like John Brandon, I am still left with the question as to whether this browser really has any natural customers. Clearly the power users find it lacking, yet the novices may well find its apparent simplicity somewhat baffling. I am still trying to get the Omnisearch field to accept searches with other search engines. I should be able to type ‘Yahoo cheeses‘ and get a search on Yahoo for cheeses. Perhaps the problem as PCWorld explains is that I am using Windows XP.

Type ‘google fish sticks’ to search for fish sticks on Google. The same syntax works for Yahoo, Amazon, Live Search, and other sites that are already recognized by Google or that you add. This feature, though nifty and promising, proved inconsistent in the early going: It worked for me most of the time on a Windows Vista PC, but two of my colleagues who were testing Chrome on Windows XP machines had trouble getting the feature to work.

It is all very well to have an ultra-simple browser like this, however a user manual is always obligatory. The only one I could find is the Power User’s Guide to Google Chrome. That title is an oxymoron if ever I heard one.

Technorati Tags: , , , , ,

Website Signposts To Help Visitors Find Their Way Around

Posted on by

Introduction

Where can I find what I’m looking for?

Website visitors can be either humans or robots / spiders from the search engines. Although human visitors are what you are seeking, those robots are important since their efforts will result in many other human visitors coming to your website. Many websites find that more than two thirds of the traffic may well come from Google. Luckily what works for humans usually works well for robots too.

The Website Structure

Having appropriate webpages that people may wish to visit is clearly important. The rules to follow are clearly laid out in an article by Dr. Mani Sivasubramanian entitled Navigation – Make it Easy to Get Around.

Although written in 2000, the principles are still the same:

It isn’t difficult if you put yourself in your customer’s position and think about the things you would like best on a site like this. Here are some essential questions to answer:

  • Where am I? – an aid to one’s present location on the site
  • Where do I go next? – a roadmap or directory of the entire site
  • How do I get there? – an intuitive or descriptive system of navigation
  • Am I still on this site? – a consistent look-and-feel across different sections of the site

The Scent Of Information

Tracker Dog

In some cases particularly with larger sites, the human visitor may get slightly confused. He or she may have only a general notion of what they are looking for. Jared Spool has introduced the concept of the Scent Of Information. Just as a tracker dog may follow the scent to find their objective, your human website visitor needs some confirmation that they are heading in the right direction. Spool and his team at User Interface Engineering have refined these notions and a summary of their findings is available in their report summary at Designing for the Scent of Information

Tags

Although search engines such as Google are now very adept in determining the sense of any given web page, they are far from perfect. At one time the keyword meta tag could be used to flag important concepts on a web page. However it was effectively devalued by webmasters including vast arrays of keywords in this meta tag for their web pages. A much better indicator is now available for both regular websites and for blogs. It is known as a tag and is indexed by such services as Technorati.

If a few well-chosen tags are applied to a web page, then a human visitor interested in a topic can rapidly explore those web pages which have been tagged with that topic. More and more websites are using this approach to help human visitors find relevant pages by adding a Tag Cloud Web Page. What is particularly valuable here is that such tags are even more important to those search engine robots. Tagging web pages will bring improved search engine visibility.

Categories

The final signpost applies only to blogs. It allows a human visitor to look only at those blog posts that relate to a particular topic that is covered by the blog. It may be appropriate to have up to a dozen categories in the blog. The disadvantage of this approach is that blog posts are then listed in reverse time order with the most recent first. This is likely to be useful to only a minor fraction of human visitors. Nevertheless it is worth doing, because it again is a way of making blog posts more visible to search engines.

Conclusion

Getting a human visitor to a web page of your website is a challenge. Once they have arrived, you hope that your website will be ‘sticky’ enough that they stay around. A big part of that is achieved by ensuring there are highly visible signposts to other web pages they might like to visit. Tags and categories are second lines of defense to ensure they do not click away.

Technorati Tags: , , , ,

Ultimate Simplicity For Firefox 3 Full Screen

Posted on by

Firefox 3.0 Looks Much Better Full Screen. That was written by Geoff Fox of PC Magazine and I think he has got it exactly right.

If you are a Firefox user and have upgraded to Firefox 3.0, then just hit that F11 key to see what he means. If you are working with a 1024 x 768 screen, then the effect is particularly good. The whole screen is taken up with the window content of the webpage you were visiting. If the page is particularly long, then you may have a scrollbar down the right-hand side. The rest is exactly what that website owner was hoping you would see. There are no toolbars along the top or a status bar along the bottom. It is all just visual content.

If you do wish to see which tabs are open, then just move your mouse to the top of the screen and the tab bar will appear. If you were working with the Navigation toolbar visible, then this toolbar will also appear at the top above the tab bar. All the other toolbars you may have had visible still remain hidden in this Full Screen view.

If you are hooked on having these bars permanently visible along the top, then Percy Cabello has some advice for you on how to Tweak Firefox 3 full screen mode. That will make the tabs and navigation toolbar a permanent visible item in your Firefox 3 Full Screen mode.

I very much prefer keeping that clean simple look. Indeed by an approach that I am about to describe, I will suggest to you how you can stay in Full Screen mode probably 95 percent of the time. I work fairly extensively on the Internet. However if I analyze my behavior on any given day, I am probably working within a very restricted list of web pages or URLs. The problem is that from a Full Screen mode webpage, I cannot access my Bookmarks Toolbar.

I raised this problem with my colleagues on the Cre8Asite Forums, in a topic which was titled Maximizing The View Window. There was a suggestion that the Bookmarks or Favorites could be put on a web page. This in turn raised the possibility that such a HTML file could be held on my local computer, which gives the most rapid and reliable access. The following image shows some of the final product. It’s a Demo version of my new computer-resident Home Page.

Home Page Favorite Links

With what is there, I can work most of the time in the Full Screen version and rarely need to put all those toolbars back. You can download it, if you wish to check the code or modify it to create your own, from this link: Home Page Links Demo.

Some of the features you will note are the clock at the top right, a Google search field and a Quote Of The Day. Below that arranged in a table are some of the links I use for much of the day. When working for a specific client, I often add a few links that are specific to that client.

For those who are novices with HTML, it is a very simple matter to modify the code to remove or add a link. You just open the homepagelinksdemo.htm file in Notepad or something equivalent that can handle text files. The HTML code for a table entry looks like the following:
<td><a href="http://www.mysite.com/">My Site</a></td>
To change the link, put the new URL between the ” ” and add the appropriate name between the > and <.

When using such a Home Page, it really becomes very handy if you arrange that opening a new tab shows that Home Page. This can be achieved by using the New Tab Homepage 0.4 Firefox Add-on.

If you wish to select a link on this Home Page, <control>T opens up a new tab with the Home Page showing. Clicking on a link on that Home Page opens the URL in the same tab. Throughout you are working Full Screen. If you no longer want that web page, <control>W will close that tab.

I’m finding this increases my effectiveness and viewing pleasure significantly. Try your own local Home Page and perhaps you will be equally impressed. Unfortunately a similar set-up does not work so smoothly for Internet Explorer. The security features blocking ActiveX controls prevents single click opening of new web pages. Often two clicks are required to remove the blocking feature. The only sensible suggestion for Internet Explorer users is to switch to Firefox.

Technorati Tags: , , , ,

Evaluating Website Design Alternatives – A Counter-Intuitive Approach

Posted on by
Your visitors may not see your website as you do.

Choosing a website design is one of the most difficult decisions for any business owner to make. That’s because the only approval of the decision that counts is that of potential visitors to the website. Will they stay on the site? Will they find what they are looking for? Will they enjoy their visit? Jared M. Spool of UIE (User Interface Engineering) is an expert in Usability, which is involved in trying to make those predictions.

In a slightly technical paper, he surprisingly suggests A Counter-Intuitive Approach to Evaluating Design Alternatives. It may not be the obvious way, but what he proposes makes eminent good sense. The case study he describes is as follows:

The company team is about to redesign their home page and navigation. They have three home page design alternatives and five navigation alternatives, created by an outside firm who didn’t do any evaluations of the designs. To help figure out which design to pick, the team has (finally!) received approval for their first usability testing study. While their site has been around for years, they’ve never watched visitors use it before now.

The obvious way might have involved a large number of users looking at all these different possibilities. The method that Spool proposes is much leaner than that and extremely practical. One critical step is the following:

Recruit from 2 User Groups
We recommended the team recruit both loyal and new users as study participants. The first day of testing should be loyal users of the site and the second day should be new users to the site. The loyal users would help figure out what the important tasks are. The new users will help determine what’s important for people new to the site, such as how they figure out the basics.

He describes much more detailed methodology, but the summary above brings out the essence of choosing between website designs. You must have a clear view of what you would like your visitors to do when they visit you. You must then make sure that your design functions well. Remember that you have the most tenuous of holds on a visitor who has clicked to your website. They can easily click away if they find the experience frustrating.

Technorati Tags: , , , ,

How WordPress Blogs Are Hacked

Posted on by

The previous two articles in this series have suggested ways to combat the ever-increasing hack attacks that WordPress blogs are receiving. In this final article, we will discuss some real-life examples and what can be learned from them. As a disclaimer, it should be noted that some hackers are very skilled and are continually improving their methods. These are anecdotes from the past and the future will undoubtedly be very different.

Typical Hacking Exploits

For specific details of typical hacking exploits, the following accounts are particularly good:

The methods used in these cases are probably all the work of one hacker, by nickname goro, who may well have been one of the commenters on the first of these three posts.

We will not go into the specific details here (since they will undoubtedly evolve), but rather discuss the bigger picture associated with these exploits. In the case of the hacking done on the SMM blogs, there were some clever refinements. The mechanism inserted on the domain generated hundreds of random, unique blog post web pages, which included links to online pharmaceutical web pages. Since the websites were well ranked in Google, many of these hundreds of blog posts were served to the search engine spiders as they made their visits. After a period of hours, the mechanism then stopped. This may have been to avoid a huge spike in traffic, which would have been more easily detected.

How Google May Have Rewarded Their Efforts

During the last two or three months, Google has been giving much more rapid visibility and higher ranking to blog posts in its regular web search. In the latter part of January, blog posts appropriate for particular keyword searches would appear within a small number of hours in the regular web search. The algorithm may well be using the RSS news feeds associated with the blogs. This gave particular prominence to the blog posts generated by the hacking mechanism. They would almost always appear among the top five positions on a search for particular online pharmaceuticals and often in the first position. Presumably this gave a significant economic advantage to the hacker.

Although the hacking mechanism was removed within 36 hours, the false and now non-existent blog posts still persist in the Google index over 3 weeks later. In some cases the cached versions of the false blog posts are still available.

An interesting parallel development during this time is that Google Blogsearch now has a delay of a few days in displaying new blog posts. Until recently such a new blog post might have appeared within an hour or two, since it was triggered by the pinging of the RSS news feed. Whether this is a reaction to a large volume of blog posts generated by hackers one can only surmise.

How To Repair The Damage

Hopefully this series of articles has sensitized you to the dangers of hacking. This should prompt you to maintain a constant vigil so that any hacker intrusions will be spotted rapidly. You should also as Wayne Liew suggests regard WordPress Upgrades as a Must. The continuing improvement in security may not serve to keep out hackers but at least it may encourage them to attack an easier prey.

If your WordPress blog is hacked, it can be quite a challenge to find out what has been changed. Sometimes the hacker may have modified files deep within folders that are not normally touched in upgrading, such as the images folder or the wp-content folder. Checking the size in bytes of particular files compared with versions in the most recent backup will reveal suspicious differences. Sometimes the .htaccess file may have been modified to create additional and inappropriate mechanisms. In such cases, you’ve got to make sure that you eliminate all such additions to the website. If you have backed-up a clean version of the website recently, it might be better to take down the website and replace it with a clean version.

Related:
Blogs Take Center Stage For Marketers And For Google
How to Remove WordPress.net.in Spam Injection

Previous articles in this series:
WordPress Blog Hacked
Guarding Your WordPress Blog

Technorati Tags: , , , ,

Guarding Your WordPress Blog

Posted on by

This is the second in a series of articles on how WordPress blogs may be hacked.

Unfortunately it’s becoming a more and more frequent occurrence, even though some seem unaware it has happened. If you have not yet read the first article, WordPress Blog Hacked, you may find it useful to do so before reading this follow-on article. However it is not required reading.

 

House on fire

You may naturally feel that calamities such as your house burning or your blog being hacked only happen to other people. It’s not true and it’s always wise to take precautions. Just imagine returning to your home one evening and finding it in flames. You close your eyes and cannot imagine it’s happening to you. You open them again and it’s all still flames.

How can you recover from such a tragic event. That is why most of us take out insurance and have security alarm systems to prevent such happenings. The more valuable your house, the more you are willing to invest in the right level of protection.

 

Getting your website hacked can be an equally unwelcome experience. Just see how Anita Campbell describes it in a recent article, Hacked: It Could Never Happen to My Site (Famous Last Words).

computer monitor

On Christmas morning, I tried to open this site as I normally do first thing in the morning, just to do a quick check. The home page of the site was completely blank! Nothing. Nada. I could not post anything new, either. I realized that a cracker had hacked the site. As I investigated later that day I discovered quite a bit of damage to the site.

Imagine seeing that blank screen. It’s as devastating in its own way as all those flames consuming your house. However if you think that is what happens when a site is hacked, you haven’t come up against the latest generation of skillful hackers. You won’t be aware that they have come in and taken over the attic of your house. They may create thousands of parasite webpages on your server without changing the physical appearance of your blog. That is what happened to the two SMM blogs that were hacked two weeks ago.

Eternal Vigilance

The first part of the security plan for your blog must emphasize vigilance. If you’re Al Gore or Matt Cutts, your blog is valuable real estate. Its traffic represents real economic potential to a hacker. Just as for a palatial home, you should invest in significant security systems. However for reasons we will discuss in the third article in the series, even more modest blogs are attractive to hackers. What you must do is to determine what you believe the risk of hacking to be and then invest an appropriate amount of effort in protecting against that.

If your blog is worth hacking, then likely it will be hacked so as to give the maximum time before you detect the intrusion. As will be explained in the next article in this series, hackers may only need access to your website for a few days to gain full value for their efforts. You will notice that Anita Campbell’s blog was hacked on Christmas Day. The two SMM blogs were hacked one Saturday morning. One important lesson is to never leave the blog unattended for too long.

There are two simple ways of checking whether intruders may be ‘in the house’. The first and easiest step is to check the source code of your blog. Just visit the blog and then use the View choice on your browser menu to examine the Source. With Firefox if you prefer you can use < control > U to see the source code in a different window. It may be this will show some lines of code or hyperlinks that should not be there. If you have followed the steps to be described later, then hopefully the code is as you expect it to be. A very rapid way of checking changes in source code is given in the article, Fast Alarm For Hidden WordPress Hackers.

Another way is to examine the traffic to your website. If there is an unexplained and massive increase in the volume, then this may be a sign of trouble. Similar increases in traffic may be seen in other analytic programs such as Google Analytics or SiteMeter. However depending on what hacking has been done, the increased traffic might be hidden from these tools.

To avoid these intrusions, there are certain recommended steps which are described below. As was mentioned in the previous article in this series, the best you can do is to ensure that your blog is as secure as you can make it. There are a host of other blogs that are insecure, and that may be your biggest protection.

Upgrade to the latest version

The most important recommendation that cannot be emphasized enough is to always upgrade to the most stable recent version of WordPress. The WordPress community is very active and as security holes are spotted, then as quickly as possible they are plugged. This does not guarantee that hackers will be kept out. However they may choose to attack earlier version blogs that have easier access holes.

You should also upgrade to the latest version of any plugins that you are using. A plugin may well be written by a single volunteer author so less attention may have been paid to security considerations. You should do a little research on each plugin you intend to use to make sure that others have not had security concerns about it. It is also recommended that you put an empty index.html in the plugins subfolder. This prevents anyone checking that folder and receiving a full display of all the plugins being used.

Harden Your Administration

In addition to working with the latest version of WordPress, there are a number of steps you can take to make hacker intrusions more difficult. The references below explain in greater detail what is involved. Here we summarize only the more important points.

Having user names and passwords that are not easily cracked for access to the blog administration panel is critical. In addition if you have a highly visible blog then you might wish to use the Login LockDown Plugin. This blocks access to the administration panel for a certain period after a small number of incorrect attempts.

You can also restrict access to the admin folder by having an appropriate .htaccess file there. This would specify the IP addresses for those who have rightful access to the folder. This would take the following form:

order deny,allow
deny from all
# whitelist home IP address
allow from 20.20.20.20
# whitelist office IP address
allow from 30.30.30.30

The extent to which you go beyond these steps should be based on your assessment of the risk of being hacked. The references spell out the possibilities.

References:
Hardening WordPress – WordPress Codex
Three tips to protect your WordPress installation – Matt Cutts
5 WordPress Security Essentials – Lee Robertson
How to Protect Your WordPress Site – Anita Campbell
Protecting Your WordPress Blog – Lorelle

The final article in this series is How WordPress Blogs Are Hacked.

Technorati Tags: , , , ,

WordPress Blog Hacked

Posted on by

It’s hardly news. Hacking into blogs is far more prevalent than you may think. A Google search for ‘My Blog Was Hacked’ gives a count of over 2,770,000 web pages. I regret to say that this blog was hacked into by a real expert some 10 days ago. Since then, I’ve done a great deal of exploration and frankly it’s all very fascinating.

In this post, you will find hints on how to stay vigilant so that you will be aware if your blog is hacked. In a subsequent post, I will give some more advanced tips on how to stay vigilant and make your blog more secure. In a final post, I will describe some of the results of such hacking activities.

An underlying realisation in all that is written is that some hackers are extremely knowledgeable and skillful. The best you can do is to ensure that your blog is as secure as you can make it. It then is like the old joke about outrunning the bear. You don’t need to outrun the bear, but only your buddies who are with you. There are a host of other blogs that are insecure, and that may be your biggest protection.

Whose Blogs Get Hacked?

WordPress is quite rightly enormously popular software for writing blogs. As more and more people use it, it becomes a more interesting target for hackers who try to exploit any weaknesses in the software.

It was not surprising to see items such as WordPress 2.1.1 Dangerous, Upgrade beginning to appear early in 2007. Nor was it difficult to believe that Matt Cutts WordPress Blog had been hacked, when this appeared on April 1, 2007. That was a spoof but since then there have been many real hacking incidents. Al Gore’s blog was, according to Stuart McKeown, as was the WordPress blog of Matt Heaton (Bluehost and Hostmonster CEO). It continues unabated as Stephan Miller and members of the WordPress Support Forums can testify.

How Will You Know If Your Blog Is Hacked?

The real problem is that you may not realize your blog has been hacked. There may be no visible trace of the hacker’s work. The hacker may wish to boost the search engine visibility of online non-prescription medications or pornographic websites. It is done in such a way that it is hidden from prying eyes.

One useful test is to look at the source code for the blog. In Internet Explorer this can be seen by clicking on View > Source. In Mozilla Firefox, this can be seen via View > Page Source or from the keyboard by pressing U. Sometimes code can be found which has been inserted by the hacker. Another indicator can be very much higher levels of traffic. This will be covered more fully in the next post in this series.

Make Your Blog More Secure

Matt Cutts has given some useful tips to protect a WordPress installation. The most important of these is to ensure you always have the latest and most secure upgrade of WordPress. It is perhaps fitting that this blog post appears when WordPress version 2.3.3 has just been issued. This topic will be covered more fully in a subsequent blog post.

Further Articles in the series:
Guarding Your WordPress Blog
How WordPress Blogs Are Hacked

Technorati Tags: , , ,