Today is Thursday, 9th September 2010

Local SEO – Why your small business should consider it

local-searchLocal search engine optimization or ‘local seo’ is much less complicated by comparison to national search engine placements and for a majority of businesses, this represents a huge opportunity for tapping the local population, which actually have much higher sales conversion rates. Think of the search engines as the new yellow pages.

Within the last couple of years the search engines have been providing improved “local search” features. Google in particular has been embedding these “Maps” inside their search pages as part of their Universal Search results. This has opened new opportunities for local businesses and requires different techniques, from organic SEO, to get exposure there. We can help your business get more exposure with local SEO. As Maps usage grows it is becoming more important to be seen here as well as in organic search. In addition when people search they tend to search for keywords related to services. Google knows where the search originates from based on factors such as IP address, preferences, and search history. This is where a savvy local search expert can get you noticed. Results are typically quick, and very rewarding.

Read More

WordPress SSH via PHP on Media Temple

Last Updated on Wednesday, 4 August 2010 03:31 Written by Mike Thursday, 15 April 2010 11:36

Warning…this is a mildly complex server administration task. I assume no responsibility if you toast someone’s website.

If you have root access to a VPS or dedicated box then proceed with caution.

What this tutorial will do is allow updating of the WP core, plug-ins, and themes via SSH through PHP.When this is installed correctly a third option will appear in your update options section. (FTP, SFTP, and OMGSTFU SSH2!) SSH2 is a secure channel client that requires about half of the processing requirements of the standard WP FTP routine. Did I mention it was fast? Yeah like real fast, like a graduating classes virginity on prom night fast.

Fair Warning there are a few things that need to be in place before you can actually use this tutorial. The first thing to do is make sure you have SSH2 installed. It’s a fairly simple install with pecl. If it’s not installed or you’re not sure, run this command or have your hosting company do this for you.

su

#:[enter root user password]

pecl install -f ssh2

note: If your distro’s installed version of SSh2 is beta,  as mine was on Media Temple, run this command instead

pecl install channel://pecl.php.net/ssh2-0.11.0

The next step is to include the dynamically loaded extension. Search for php.ini on Media Temple Cent 5 it is /etc/php.ini. Inside that file locate the dynamic extensions area. Should be blank, add this line….

extension=ssh2.so

This will force php to load the SSH2 library for Secure communications. At this point you should restart the web server apache.

/etc/init.d/httpd restart.

Once you restart apache, login to your blog, try to install a plug-in or theme. You should see a third option to update via SSH2. This will tell you if its installed correctly or not.  Almost Done! To really make it sing continue a little bit more.

To use SSH2 you need to generate a set of rsa keys. This is great so you will never have to enter that password again, or worry about your credentials being sent over the wire in clear text.

Login to your home directory as normal user. You do not want to run the next few steps as root. Run this command.

ssh-keygen

This will prompt you for a file location to create a key pair. It should default to something like /var/www/vhosts/mydomain.com/.ssh/id_rsa or /var/www/html on RH or Cent. /home/html/.ssh/id_rsa for Debian/Ubuntu. Go ahead and press enter, you should be prompted to enter a password. Do not enter any passwords, hit enter twice. Some folks have noted that password protected keys cause problems with SSH via PHP.

After creating the keys there are couple of final steps in SSH terminal. This sets up the key pair for WordPress to use while accessing your server via SSH.

cd .ssh
cp id_rsa.pub authorized_keys
cd ~/
chmod 755 .ssh
chmod 644 .ssh/*

The last step is to add the credentials and path locations to your wp-config.php file that automates the update/install process for you. Here is an excerpt from my config. Be absolute in your paths to files. Note the ‘FS_METHOD’ is ‘direct’ compared to ftpext, SSH, or ftpssl. This works for me and updating, installing, deleting plug ins really zings!!!

//* Added for Auto FTP updating
define(‘FS_METHOD’, ‘direct’);
define(‘FTP_BASE’, ‘/var/www/vhosts/michaelquale.com/httpdocs/’);
define(‘FTP_CONTENT_DIR’, ‘/var/www/vhosts/michaelquale.com/httpdocs/wp-content/’);
define(‘FTP_PLUGIN_DIR ‘, ‘/var/www/vhosts/michaelquale.com/httpdocs/wp-content/plugins/’);
define(‘FTP_PUBKEY’, ‘/var/www/vhosts/michaelquale.com/.ssh/id_rsa.pub’);
define(‘FTP_PRIKEY’, ‘/var/www/vhosts/michaelquale.com/.ssh/id_rsa’);
define(‘FTP_USER’, ‘mqadmin’);
define(‘FTP_PASS’, ‘————’);
define(‘FTP_HOST’, ‘michaelquale.com’);
define(‘FTP_SSL’, false);

If your getting connection errors it’s possible that apache does not have write permission on the files. Easily fixed by navigating to the wp-content folder and entering a few commands.

chown myuseraccount:apache /upgrades -R
chown myuseraccount:apache /themes -R
chown myuseraccount:apache /plugins -R

chmod 775 upgrades/ -R
chmod 775 uploads/ -R
chmod 775 themes/ -R
chmod 775 plugins/ -R

This step dramatically improved the performance of installs, updates, and deletes. Hope this helps you!

WordPress how to update via autologin FTP

Last Updated on Wednesday, 4 August 2010 03:32 Written by Mike Thursday, 15 April 2010 08:47

If you run multiple blogs like I do, you are bound to want to save some steps. What steps can you save clicks on? How about during updates. Each update often requires you to click or enter the host/login/password during each upgrade step.

Why even bother with that step? If you open your wp-config.php file and enter the required information there you will never be prompted for that information again. That not only saves a step but you will never had to risk the security exposure of passing your credentials over the wire without any encryption.

Open your wp-config.php file found in the root of your WordPress installation. Locate a blank line and insert the following code replacing the username, hostname and password with your correct information.

define('FTP_USER', 'username');
define('FTP_PASS', 'password');
define('FTP_HOST', 'ftp.mysite.com:21');
define('FTP_SSL', false);

Credit Card Phishing scam

Last Updated on Thursday, 15 April 2010 12:44 Written by Mike Friday, 5 March 2010 11:37

A friend of mine in law enforcement sent me this.  This is a slick scam…BE CAREFUL

This one is pretty slick since they provide YOU with all the
information, except the one piece they want.

Note, the callers do not ask for your card number; they already have
it… This information is worth reading. By understanding how the VISA &
Master Card Telephone Credit Card Scam works, you’ll be better prepared
to protect yourself.

One of our employees was called on Wednesday from ‘VISA’, and I was
called on Thursday from ‘Master Card’.. The scam works like this:
Caller: ‘This is (name), and I’m calling from the Security and Fraud
Department at VISA. My Badge number is 12460. Your card has been flagged
for an unusual purchase pattern, and I’m calling to verify. This would
be on your VISA card which was issued by (name of bank). Did you
purchase an Anti-Telemarketing Device for $497..99 from a Marketing
company based in ?’

When you say ‘No’, the caller continues with, ‘Then we will be issuing a
credit to your account. This is a company we have been watching and the
charges range from $297 to $497, just under the $500 purchase pattern
that flags most cards. Before your next statement, the credit will be
sent to (gives you your address), is that correct?’

You say ‘yes’. The caller continues – ‘I will be starting a Fraud
investigation. If you have any questions, you should call the 1- 800
number listed on the back of your card (1-800 -VISA) and ask for
Security.’

You will need to refer to this Control Number. The caller then gives you
a 6 digit number. ‘Do you need me to read it again?’

Here’s the IMPORTANT part on how the scam works. The caller then says,
‘I need to verify you are in possession of your card’. He’ll ask you to
‘turn your card over and look for some numbers’. There are 7 numbers;
the first 4 are part of your card number, the next 3 are the security
Numbers that verify you are the possessor of the card. These are the
numbers you sometimes use to make Internet purchases to prove you have
the card. The caller will ask you to read the 3 numbers to him. After
you tell the caller the 3 numbers, he’ll say, ‘That is correct, I just
needed to verify that the card has not been lost or stolen, and that you
still have your card. Do you have any other questions?’ After you say
No, the caller then thanks you and states, ‘Don’t hesitate to call back
if you do, and hangs up.

You actually say very little, and they never ask for or tell you the
Card number.. But after we were called on Wednesday, we called back
within 20 minutes to ask a question.. Are we glad we did! The REAL VISA
Security Department told us it was a scam and in the last 15 minutes a
new purchase of $497.99 was charged to our card.

Long story – short – we made a real fraud report and closed the VISA
account. VISA is reissuing us a new number. What the scammers want is
the 3-digit PIN number on the back of the card Don’t give it to them.
Instead, tell them you’ll call VISA or Master card directly for
verification of their conversation. The real VISA told us that they will
never ask for anything on the card as they already know the information
since they issued the card! If you give the scammers your 3 Digit PIN
Number, you think you’re receiving a credit. However, by the time you
get your statement you’ll see charges for purchases you didn’t make, and
by then it’s almost too late and/or more difficult to actually file a
fraud report.

What makes this more remarkable is that on Thursday, I got a call from a
‘Jason Richardson of Master Card’ with a word-for-word repeat of the
VISA scam. This time I didn’t let him finish. I hung up! We filed a
police report, as instructed by VISA. The police said they are taking
several of these reports daily! They also urged us to tell everybody we
know that this scam is happening.
Please pass this on to all your family, friends and neighbors. By
informing each other, we protect each other.

« Older Entries
Newer Entries »

Recent Comments

If I helped you…. Please Click

Top