Category Archives for "Wordpress"

StudioPress Sites Hosting

Hi, Today I thought I’d mention Building your own WordPress website.

Is it Easy? Can I do it?

I remember when I had my own first website – many, many – maybe too many – years ago. Then I paid quite a considerable amount for someone to build and host my first website. It took a couple of weeks – I was not really consulted – and looking back it was crap I mean not very good. So late I went to night school to learn how to build a website and a little basic Html coding.  Within 6 months I’d built a website I was proud of. Today you don’t need to learn to code thanks to the universal “WordPress”; a free and open-sourcecontent management system.   Plus the costs of owning and running a website are so very much cheaper.

I have been using the services of StudioPress for many years.

StudioPress – they provide WordPress Themes (inc the Genesis Framework) and Plugins (including Backup Buddy and iThemes Security). These I use myself and have been a very happy customer. They also provide other advanced services, which I won’t go into here. Needless to say, they are reliable, established and recognized leaders in their fields.

Now they are providing an all inclusive package including hosting “WordPress Made Fast and Easy” –  in six steps you go from purchaser to publisher – You Get….

  • 20 Mobile-Optimized Themes
  • Industry Standard Design Framework
  • WordPress-Optimized Performance
  • SSL Certificate through Let’s Encrypt
  • Automatic WordPress and Genesis Updates
  • One-Click Install of Included Plugins
  • Zero “Hosting” Hassles
  • Rock-Solid Security
  • Advanced SEO Functionality
  • World-Class Support

Their plans (actually to keep things simple there are only two) are available in Monthly or Yearly payments. Of course, they offer a 30-day, 100% money back guarantee to all of their customers.

StudioPress.com

Get started with your own StudioPress Site, and discover what dazzling WordPress performance feels like.

Ready to get started?  Create your site today. >>> StudioPress.com

SPECIAL : If you purchase hosting through this link StudioPress.com I will help you set up your website – for the first 30 days. Or ask for a quote to build your website from scratch.

Continue reading

a couple of months ago

Simple Quiz Engine

Simple Quiz Engine

A brand new plug-in – “Simple Quiz Engine”

(a software just launched by David Perdew of MyNAMS.)

After a year of internal use, they have launched Simple Quiz Engine.

=>>Click Here:  Simple Quiz Engine

Simple Quiz Engine – You’ve heard it said so many times…. The money is in the list. And of course, that’s true.
There is also a bigger truth – there is MUCH MORE money in a more engaged list. How great would it be to have a group of hungry fans waiting on your next recommendation, ready to buy?

Well… this is going to get you just that kind of list. It will allow you to create excited fans right out of the gate with new leads and help you get to the heart of what you current members want. And it does it with one of the hottest methods around for increasing opt-ins and list engagement.

Quiz technology!

People can’t resist taking quizzes. And out new software Simple Quiz Engine takes advantage of that fact and harnesses the power of quizzes for your list building.
Grab your copy while they are in the launch phase and forget the monthly payments all the other quiz platforms require. They’ve gotcha covered with a one-time payment – during launch only!

Best Wishes,
Brian

P.S. David has included a massive bonus package to get you off to a flying start… …including templates, live training where you can get all your questions answered and more.
Take a look TODAY – because this offer won’t be around forever!
=>> Check Out: Simple Quiz Engine <<

Simple Quiz Engine

Don’t Forget to check to MyNams Click HERE

a few months ago

The Power of a WordPress Blog

“It Started on WordPress and Made This Author More than $100 Million…” by David Perdew

Last weekend, the second in author E.L. James series hit the box office.

The sequel to Fifty Shades of Grey, Fifty Shades Darker, did nearly $50 million at the box office crushing everything else except The LEGO Batman Movie.

With the release of her latest film, I thought it would be great to review how all this started with a blog post.

Grey birthed a new genre commonly known as “mommy porn”? The book’s genesis was as a story – not a very good one either – on a Twilight Fan Fiction site in 2010.

(Unfortunately, the author’s publisher has removed practically all traces of the early work on the Internet)

She quickly moved the story to a personal website (50Shades.com) which has since been rolled into her current author page at eljamesauthor.com.

The response was overwhelming. She began selling copies as an ebook of the early rendition and then quickly contracted with a print-on-demand paperback publisher.

The author’s FAQ page says:

Fifty Shades of Grey, Fifty Shades Darker, and Fifty Shades Freed were never self-published as these novels. An earlier version of this story began as Twilight fan fiction which was posted on the internet. The trilogy was picked up by an Australian publisher, The Writer’s Coffee Shop, who released them as e-books and print-on-demand paperbacks.

According to paidcontent.org (http://paidcontent.org/2013/01/10/with-release-in-hardcover-50-shades-completely-flips-traditional-publishing-cycle/):

A tiny Australian publisher then released them as ebooks and print-on-demand paperbacks, selling about 250,000 copies. Random House snapped up the rights in a seven-figure deal, rereleased the ebooks and made 50 Shades widely available in paperback for the first time — where it achieved stratospheric success.

Fast forward a year later and Fifty Shades of Grey was at the top of the New York Times Bestseller list. Soon, it would be followed by two more Grey books, all in the top 10 list.

Just the list ma’am, just the list…
Remember Dragnet from the old days when Jack Webb played Sgt. Joe Friday. Look it up on IMDB kids.

Sgt. Friday’s favorite line delivered in a dry monotone was, “Just the facts ma’am, just the facts.”Continue reading

a few months ago

Phishing Attack: What you need to know

I am still recovering from a severe “cold”; only now after 3 weeks do I feel able to restart blogging. Never the less it will take a few more days to return to my “normal” self. I am therefore posting this post issued by Mark Maunders of Wordfence. If you have a WordPress blog/website I strongly recommend you install and use the “Wordfence” plugin on all your sites for added security. This can be added via your wordpress admin plugins page.

This entry was posted in General Security, Miscellaneous on January 12, 2017 by Mark Maunder
As you know, at Wordfence we occasionally send out alerts about security issues outside of the WordPress universe that are urgent and have a wide impact on our customers and readers. Unfortunately this is one of those alerts. There is a highly effective phishing technique stealing login credentials that is having a wide impact, even on experienced technical users.

I have written this post to be as easy to read and understand as possible. I deliberately left out technical details and focused on what you need to know to protect yourself against this phishing attack and other attacks like it in the hope of getting the word out, particularly among less technical users. Please share this once you have read it to help create awareness and protect the community.

The Phishing Attack: What you need to know

A new highly effective phishing technique targeting Gmail and other services has been gaining popularity during the past year among attackers. Over the past few weeks there have been reports of experienced technical users being hit by this.

This attack is currently being used to target Gmail customers and is also targeting other services.

The way the attack works is that an attacker will send an email to your Gmail account. That email may come from someone you know who has had their account hacked using this technique. It may also include something that looks like an image of an attachment you recognize from the sender.

You click on the image, expecting Gmail to give you a preview of the attachment. Instead, a new tab opens up and you are prompted by Gmail to sign in again. You glance at the location bar and you see accounts.google.com in there. It looks like this….

You go ahead and sign in on a fully functional sign-in page that looks like this:

GMail data URI phishing sign-in page

Once you complete sign-in, your account has been compromised. A commenter on Hacker News describes in clear terms what they experienced over the holiday break once they signed in to the fake page:

“The attackers log in to your account immediately once they get the credentials, and they use one of your actual attachments, along with one of your actual subject lines, and send it to people in your contact list.

For example, they went into one student’s account, pulled an attachment with an athletic team practice schedule, generated the screenshot, and then paired that with a subject line that was tangentially related, and emailed it to the other members of the athletic team.”

The attackers signing into your account happens very quickly. It may be automated or they may have a team standing by to process accounts as they are compromised.

Once they have access to your account, the attacker also has full access to all your emails including sent and received at this point and may download the whole lot.

Now that they control your email address, they could also compromise a wide variety of other services that you use by using the password reset mechanism including other email accounts, any SaaS services you use and much more.

What I have described above is a phishing attack that is used to steal usernames and passwords on Gmail. It is being used right now with a high success rate. However, this technique can be used to steal credentials from many other platforms with many variations in the basic technique.

How to protect yourself against this phishing attack

You have always been told: “Check the location bar in your browser to make sure you are on the correct website before signing in. That will avoid phishing attacks that steal your username and password.”

In the attack above, you did exactly that and saw ‘accounts.google.com‘ in the location bar, so you went ahead and signed in.

To protect yourself against this you need to change what you are checking in the location bar.

This phishing technique uses something called a ‘data URI’ to include a complete file in the browser location bar. When you glance up at the browser location bar and see ‘data:text/html…..’ that is actually a very long string of text. If you widen out the location bar it looks like this:

GMail phishing data uri showing script

There is a lot of whitespace which I have removed. But on the far right you can see the beginning of what is a very large chunk of text. This is actually a file that opens in a new tab and creates a completely functional fake Gmail login page which sends your credentials to the attacker.

As you can see on the far left of the browser location bar, instead of ‘https’ you have ‘data:text/html,’ followed by the usual ‘https://accounts.google.com….’. If you aren’t paying close attention you will ignore the ‘data:text/html’ preamble and assume the URL is safe.

You are probably thinking you’re too smart to fall for this. It turns out that this attack has caught, or almost caught several technical users who have either tweeted, blogged or commented about it. There is a specific reason why this is so effective that has to do with human perception. I describe that in the next section.

How to protect yourself

When you sign in to any service, check the browser location bar and verify the protocol, then verify the hostname. It should look like this in Chrome when signing into Gmail or Google:Continue reading

Amazon Affiliate