Articles and News

[reprinted from the SweetLife Security website]…

April 12, 2013. If you have a WordPress site, apparently for over a week, some hacker network of 90,000+ compromised machines (probably hacked wordpress sites) around the globe are launching brute-force attacks on WordPress sites like many small businesses use.
Hackers these days aren’t usually some teenager wanting to simply deface your site with ugly things, for fun.

HACKING IS BIG BUSINESS

Hacking is big (criminal) business. The hacking operation actually finds ways to get into unprotected websites, and then installs (hidden) code there which runs programs, to find more unprotected sites. You can locate most wordpress sites simply by going to the site, viewing page source, and near the page top see if they have some directories named “wp-content.” Pretty easy, right?
So they find the wordpress sites (automatically), and then there are ways to get inside, even without the passcode. One way is to go to the usual login page and assume that most people haven’t bothered to change the default username, and so the name of the administrator is usually still “admin.”
That means that the hacker program can simply try to log in, over and over, using the name admin. Now a wordpress site which has not been “hardened,” will simply report “That’s the wrong passcode.”  And this means the hacker has just been confirmed that the username is correct.
So the hacker program simply tries one passcode after another, going through the dictionery, after trying passcodes that people often use such as “passcode” or “12345”. After some hours or some days — computers are very fast — the passcode is often found.
And right now 90,000 compromised computers are banging away, 24 hours a day, running these programs to find and get into a WordPress site. Like yours, perhaps.

WHY DO THEY DO THIS?

Because, after spreading out in order to create a huge network, they install other hidden programs. The most common ones are (a) programs to relay spam, and (b) programs to install “thief” programs onto your site-visitor’s computer. After your site visitor goes away, the hidden thief program watches his keystrokes, and after he logs into bank of america or uses a credit-card online, the thief program simply sends the information off to hacker headquarters, and soon your site’s visitor finds huge charges on his creditcard bill or bank-withdrawals.
These hacker networks are the largest danger to your website — if they get your site to send spam or steal credit-card info, you can be blocked forever by Google, your own email can become blocked by the spam-police because your site looks like the spammer, and technically you are legally liable for the damages to anyone whose credit-card or bank information has been stolen.
This is crime, folks. They are in the crime business, and fully intend to mug your website.

WILL CHANGING YOUR PASSWORD HELP?

Maybe, if you’ve used a really easy password like “password” or “12345.”  You also should avoid words that occur in the dictionary  because these are so commonly used as passwords, hackers simply provide a list of the dictionery words to their hacking programs, and the hacking program will use ALL the words in the dictionary. If your word is in the dictionary, you are very vulnerable.
Now even if you have a really good password, your website can suffer from this kind of attack, because your website’s server is being battered with these repeated requests, and it slows way down. You may not be able to log in or see your pages simply because the website’s server is running so slow.

ANSWERS

First, to avoid being compromised, change to a smart password immediately. Here are two methods —
1) Go to http://sandbox.coderlab.net/rpg/index.php.  Click “Alphanumeric,” length = 25 characters, and special-characters = yes. It will then generate a truly random password that looks like this —
       f)q#Z^b}3?7w*6%V3>9(d~6B[
or
       4gT4F%kU4}b*a6c)4B=z?4>R{
   This type of password is really, really slow to crack.
   The problem is, it’s also really hard for you to remember. If you are using RoboForm or LastPass — programs which store and automatically retrieve passwords for you — then you merely save it to RoboForm or LastPass.  Still, just in case, better have a place you can safely keepit, just in case, just in case.
2) Make a password that makes sense to you, but does not consist of dictionery words, and it’s long. For example
     take a childhood sweetheart or a favorite pet from early days … Alice … and change the upper/lower and substitute some numbers for letters … aL1c3
     then take a word you use that’s not really a word … zoids! and stick that in with some upper/lower changes   … Z01DS
     then interleave some underscores and previous addresses … and you come up with something like …
     aL1c3_22543_Z01DS_437
     Some combo made up like this can actually be remembered, but it’s pretty hard to guess

BUT DOES A GOOD PASSWORD REALLY ADDRESS THE PROBLEM?   NOPE.

The problem is that while you’re being attacked, your website slows to a crawl.
And attacking the password is only one of the methods. Anyone who can search on youtube can find a dozen ways all spelled out in tutorial videos.
The true answer —
A) Have REAL backups, lots of them.
B) HARDEN the MANY PLACES where WordPress is vulnerable.

HOW TO HAVE REAL BACKUPS

Having REAL backups does NOT means the so-called “backup” which your hosting company provides. Yes, it’s complete, and it’s done once per week. But if you fail to learn about the hack, or if you learn shortly before the scheduled backup, then the hacked site will be “backed up” which wipes out any earlier backups of your correct site. So the hosting company’s backup is usually useless.
Likewise the “backup” provided by wordpress saves only your post content and loses pictures, themes, settings.
A real backup is either a “full cpanel backup” made now and then and saved to your own computer … or … security-minded web-development companies like SweetLife Marketing have special programs which create full backups that can recreate the entire site, and we save multiple copies over time, to our office, to a backup server in another state, or perhaps into the Amazon Cloud servers.

HARDEN WORDPRESS

Although we have better methods now, we used to run a simple security scan. And the results could be surprising!
(I recently ran the scan on all the websites listed for members of the Chamber of Commerce in Mt. Shasta. Of the 205 websites listed, 49 of them were wordpress websites. Of those 49, only one passed the simple 8-point security scan.
If you want to take out insurance, and protect your website, you can arrange to have your WordPress website “locked up.”
But that’s a story for another time.    🙂
— Ace Ventura

?==0==

“The reason crime doesn’t pay is that when it does, it is called by a more respectable name.” — Laurence Peter

 

 

Get the Book: $15.95 or Free!

Marketing Online made Clear and Simple for Local Business

Ace Ventura, SweetLife Marketing Group Principal, has written a book that helps business owners discover the clear and simple formula for using their website to increase profits. Marketing Online Clear and Simple comes with a complete video series that shows you click-by-click how to do it. Available on Amazon in print and Kindle formats for $15.95, OR included FREE with our SweetLife Profit-Mapping Session or Profit-Maximizer Audit.


To download sample chapters and video, submit your name and email below.

Your Name
Your Email

 

 

 

Ace Ventura enlists new DailyDeals members at Winter Magic event
 

[reprint] Mt. Shasta Herald Newspaper, November 25, Mt. Shasta, CA– Mt. Shasta area residents can now receive exclusive discount deals from local restaurants and shops with new text-message coupon club, Siskiyou Daily Deals. Discounts and deals are sent by text message to members, who redeem their ‘text coupons’ at participating businesses. Anyone with a cell phone can join for free and receive fun, valuable incentives to shop and dine in Siskiyou County.
 

In addition to offering special discounts, over 30 local businesses have donated more than $1,000 worth of free prizes to give away, providing extra motivation for residents to subscribe. Prizewinners will be chosen at random intervals and instantly notified by text message when they win. To join, local residents can simply text ‘SHASTADEALS’ to (530) 419-6644, and if they ever want to opt out, they reply ‘STOP’ to the same number.
 

Siskiyou Daily Deals is a service of SweetLife Marketing Group, the new business venture of local marketing authorities, Nikolas Allen and Ace Ventura. SweetLife ran a Siskiyou Daily Deals booth at the recent Winter Magic street fair in Mt. Shasta, where they signed up over 250 new members.
 

“Text messaging has become an essential part of our culture,” observes Cronos. “Since nearly everyone has a cell phone, we’ve adapted our company’s text-distribution system to create an exchange between local residents and local businesses. By supporting each other, we help our local economy prosper.”
 

By shopping locally, residents are keeping their dollars in their own community, which supports the dreams and efforts of local entrepreneurs and shopkeepers, who in turn buy services and provide jobs. The intent is to create a win-win scenario by rewarding residents for supporting the local economy, and rewarding the businesses with more foot-traffic.
 

“I’ve heard locals complain about limited shopping options in Siskiyou County,” states Nikolas Allen, co-creator of Siskiyou Daily Deals, “but racing off to Redding or Medford every time you want to go shopping is a huge expenditure of gas, money and time. We want to encourage residents to shop locally as often as possible and reward them for doing so.”
 

A partial list of businesses who contributed prizes includes Say Cheese Pizza, Sisson Museum, Wayside Grill, Fun Factory Snowmobile Rental, Dos Geckos, Burger Express, Highland House Restaurant and The Coffee Brake in Mt. Shasta, Hi-Lo Café and Mt. Shasta Brewing Company in Weed, Brown Trout Vintage Emporium in Dunsmuir, River Lodge in McCloud, and many others. Prizes range in value from $2 ‘Brewery Bucks’ from Dunsmuir Brewery Works, to a $252 golfing gift basket from Mt. Shasta Resort. A detailed list of prizes and exclusive discounts is available on SiskiyouDailyDeals.com
 

“We’ve been amazed and inspired by the swift and generous contributions from area business leaders,” says Cronos. “Community spirit is alive and well in the Mt. Shasta area, and we’re proud to offer our unique text-messaging system to connect area residents and businesses.
 

Potential merchants and members can visit SiskiyouDailyDeals.com for more information on how to get involved, or to sign up to receive prizes, discounts and deals.
 

Get the Book .. $15.95 .. or Free!

Marketing Online made Clear and Simple for Local Business

Every entrepreneur knows he should “get on the internet,” but nobody knows about the other two critical steps … if you want the website to make money.

But now you can discover the formula, clear and simple. Comes with a complete video series that shows you click by click just how to do it.

Available on Amazon in print and Kindle formats. And included free with our “Profit-Mapping Session” or “Profit-Maximizer Audit.”

And if you’d like to download sample chapters and a sample video, we’ll send them to you. You also receive our marketing-transformation newsletter. All free.

Send your name and email below and be watching for our “please confirm” email!

Your Name
Your Email

 

 

 

Ace Ventura and Nikolas Allen with Mt. Shasta Chamber Officers Mt. Shasta Herald, Mt. Shasta, November 14, 2012: Two local marketing authorities, Nikolas Allen and Ace Ventura have teamed up to create SweetLife Marketing Group, a new business-support organization based in the Mt. Shasta area.
 

Nikolas Allen of Mt. Shasta operates BAM! Small Biz Consulting and has become known locally as a dynamic speaker on the subjects of branding and marketing. Ace Ventura is an internationally known marketer, and author of “Marketing Online – How Any Local Business can Leverage the Power of the Internet to Increase Profits” (available on Amazon and at Village Books).
 

“We believe that small business is the lifeblood of our community,” says Cronos. “Our mission is to help businesses prosper so the owners can achieve their own version of the sweet life.”
 

“When Arthur and I met, we discovered we had complimentary skills and experience,” explains Allen. “We are both happy serving clients through our own respective companies, but we wanted to work together, so we created a separate entity. By combining our capabilities, SweetLife can provide an instant marketing department for overworked business owners.”
 

SweetLife Marketing Group specializes in Income-Creation Services for local businesses, combining traditional marketing methods with innovative methods such as text-message marketing, email, video and social media marketing, and online conversation systems.
 

“SweetLife Marketing Group can promote your business, walk new customers through your door, and uncover hidden income you already have but probably don’t know about,” concludes Cronos. “And that should sound sweet to any business owner.”
 

Visit http://SweetLifeMarketingGroup.com to request your free marketing video, sample chapters from Arthur’s book, and to learn how SweetLife can help your business prosper.
 

Get the Book .. $15.95 .. or Free!

Marketing Online made Clear and Simple for Local Business

Every entrepreneur knows he should “get on the internet,” but nobody knows about the other two critical steps … if you want the website to make money.

But now you can discover the formula, clear and simple. Comes with a complete video series that shows you click by click just how to do it.

Available on Amazon in print and Kindle formats. And included free with our “Profit-Mapping Session” or “Profit-Maximizer Audit.”

And if you’d like to download sample chapters and a sample video, we’ll send them to you. You also receive our marketing-transformation newsletter. All free.

Send your name and email below and be watching for our “please confirm” email!

Your Name
Your Email

 

 

 

Living the Life you Love

If you yearn for a simpler life, and if you’d benefit from increased income … you’ve come to the right place.

We believe that small business is the lifeblood of our communities, so we’ve chosen to bring back the dream, to make it work, just as you imagine it.

How? SweetLife Marketing Group can promote your business, get you found, increase cash, walk new customers through your door, and uncover hidden income presently untapped.

With a focused team of income-creation specialists, like a plug-and-play marketing department you simply insert into your business to rebuild your marketing into a powerhouse.

And you? You can focus on what you do best, and attain the life you love, returning to the dream you can see so clearly now.

Income-Creation Specialists

Helping your Business Prosper ... for the Life you Love

If you yearn for a simpler life, and would benefit from increased income, you have come to the right place. Our team of Income-Creation Specialists at SweetLife Marketing Group can promote your business, walk new customers through your door, and uncover hidden income presently untapped.

And you? You can focus on what you do best, attain the life you love, and enjoy living the entrepreneurial dream you always knew you could achieve.

Read More