The CW Corner – Best practices for mitigating website hacks

We at CharlesWorks are often asked by our web clients if their site is protected from malware and getting hacked. They also want to know if there site IS hacked, whether there be a charge to fix it.

The totally hack-proof website

The totally hack proof website has no access to it. So it’s not connected to the Internet. No one can view it. Such a website doesn’t sound like its of much use if no one can see it.

So, let’s agree that it is unrealistic to believe that a publicly accessible website can be totally hack-proof. Any website that is accessible via the public Internet is consistently subjected to attempts to break into it. Believe it or not, that’s the norm as opposed to the anomaly.

That being said, however, there ARE things you can do to mitigate website hacks. I have to stress the word mitigate here. Mitigation is defined as the action of reducing the severity, seriousness, or painfulness of something.

Site hacks are based on odds

My goal here is to simply remind you of what you most likely already know: that we can reduce the probability – the odds – of your site being hacked. We at CharlesWorks want that probability to be so low that it hopefully it doesn’t ever happen to you.

The major hacking causes

I have been operating CharlesWorks since 1998. In my experience, there appear to be two major reasons why sites get hacked:

    • The access credentials/passwords have been compromised.
    • The software that operates them wasn’t kept up to date.

Lets take a look at each of these below.

Compromised Access Credentials

Compromised passwords and bad actors gaining access to website login credentials is the major reason we see sites hacked. Think about this in terms of your car. You could have alarms on it. But if you make a copy of your car key and give it to someone, they can do whatever they like with the car. Whether its a drive along the beach or to rob a bank, your car is theirs to use with the key you gave them. Credentials – log in and passwords – work pretty much the same way.

CharlesWorks has many clients who want to be able to do things themselves. We are strong proponents of doing it yourself when it’s feasible and convenient. This is especially true for adding posts or page materials. It also makes sense when making other changes or modifications to your site. It is, after all, YOUR website.

However, many people fall prey to phishing schemes. Directly or indirectly, they usually end up tricked into giving out their website access credentials (as well as credentials to everything else they own). This is especially true if your email account is hacked and the hackers are able to access emails containing your website’s (and other) login credentials.

This problem is exacerbated if you have shared your website’s administrative or other access with others. Think of your emails containing various authorizations or login information as a potential weak link in a chain. If you have shared that information with others you have now created more weak links. This increases the odds of a potential compromise.

One of the best ways to mitigate these situations is to change your site’s access passwords so they are different than those possibly stored in your emails. And, to hope that anyone you may have shared your website access with has done the same.

Obviously, should site access be gained in such a manner, it would be your burden to have the site restored. I’ll expound upon this a little more at the end of this article.

Out of Date Security/Software Updates

Malware and virus protection on home computers operates a little differently than the same types of protection on servers. Website servers operate in the publicly accessible Internet. This results in many more entry points for potential issues. There are a number of very standard server protections available (which we utilize here at CharlesWorks).

After bad actors getting (or guessing) your passwords, the next major reason sites get hacked surrounds unapplied security updates and other software update issues. At CharlesWorks we mitigate such issues by running anti-malware software on our servers. Also, WordPress sites hosted on our servers are kept up to date automatically via automatic updating of the WordPress core as well as automatic updating of the the website’s plugins and themes.

There are literally thousands of individual pieces of software that must work in unison to operate most websites. These are developed by many more thousands of developers around the world. Unfortunately, no company can guarantee that a website will never get hacked. They can only mitigate security compromises and hope against the worst.

Restoring your Website

Regardless of which of the two situations above may have led to your website’s issues, your website will most likely need to be restored. That’s because after a bad actor or a hack back doors into the site will most likely have been installed for the bad actors to gain access again.

Many Internet companies claim to have automatic backups. In most of those, those backups are accessible to the user in their account. If the account is hacked, how safe do you suppose that is?

Some Internet companies delete and account upon a website being hacked. In those cases I have seen many left with no website or backup as a result.

What I believe is most important regarding this topic is the manner in which our WordPress sites are backed up every day for 30 days. Our backups are made to separate servers – external to those your the site operates on. For security reasons, the site administrators do not have access to these backups. So even with a site administrator’s compromised passwords there is no access to the backups. With these backups we can usually restore an average site in about 10-30 minutes if it needs restoring. And we can go back as far back as 30 days. We would only bill our web client for the 10-30 minutes (again – for an average website) which results in only a minor charge to restore it. Note that some websites are extremely large and require much more time to restore but these are very rare).

In my experience running CharlesWorks since 1998, we’ve built and handled more than 5,000 websites. At this point in time, I do not recall the last time a website we built and totally maintained was hacked (unfortunately I recall several instances of sites maintained by others that failed to ensure the site was updated and/or had their passwords compromised).

Sites getting hacked for out of date software happens far less frequently (if at all) when security updates are kept up to date and bad actors are kept out.

I hope this helps you understand a little more about this topic.

FacebooktwitterredditpinterestlinkedinmailFacebooktwitterredditpinterestlinkedinmail

The CW Corner – Getting Through a Pandemic Together

Here we are at the 4th of July of 2021 already! The loss of life suffered in 2020 was horrendous. Yet there are people who still do not think in terms of helping their fellow citizens – and themselves – by being vaccinated. The vaccine misinformation mills are in full production.

So think about this: Exactly who benefits when we don’t vaccinate? When more of us are ill and can’t work, the economy suffers. There is no way the government wants that. They want us to all work so they can collect taxes from our labor. Enemies of America benefit when we don’t vaccinate. Who benefits when we do? We all benefit. The economy will return to normal – as will our lives.

At CharlesWorks we all chose to be vaccinated. Each of us employed here cares about ourselves and our clients. So when you make an appointment with us in person you can at least rest assured we have taken steps indicating we care about you.

The CharlesWorks policy is that the COVID unvaccinated need not apply. That is one of the many ways we show we care about others.

Vaccination will help us return to normalcy. It is a small thing to do. It is the patriotic thing to do. It is the right thing to do.

FacebooktwitterredditpinterestlinkedinmailFacebooktwitterredditpinterestlinkedinmail

The CW Corner – Adding Custom Shortcodes to WordPress

I wanted to create a custom HTML code function, so made one that will generate a line feed. I tested it to neaten up the output from my favorite WordPress statistics plugin: WP-Statistics by Verona Labs.

This shortcode gives the ability to add line feeds to WordPress page, post or report outputs to improve their readability. The function can easily be modified to generate any HTML output by doing this:

  • rename “newline” in the “add_shortcode” line to whatever you’d like the shortcode to be named
  • adjust the HTML code inside the quotes in the “return” line

In this example, we’ll create the line break shortcode.

Creating the Line Break Shortcode

Adding shortcodes in WordPress is easily accomplished by simply inserting the appropriate coding for the shortcode into your child theme’s functions.php file.

Note: Child themes should always be used. Changes made directly to the parent theme’s files are usually overwritten each time the parent theme is updated.

To add the code, first back up your site and then do the following:

  • Log into the WordPress Dashboard as an administrator
  • Navigate to Appearance > Theme Editor
  • Select Theme Functions (functions.php) under Theme Files in the right column
  • Add the short function code lines below
/* -- Start of line breaks shortcode --*/
function line_break_shortcode() {
return '<br />';
}
add_shortcode( 'newline', 'line_break_shortcode' );
/* -- End of line break shortcode --*/

Adding Line Breaks

Once the code has been added to your functions.php file, all you have to do is add the
shortcode in your text to generate a line feed at that point. The beauty of doing this as a shortcode is that it can be inserted in places that do not normally allow you to add them – like in the email output of the WP-Statistics plugin.

Note: When testing your output from the WP-Statistics plugin, there is a convenient feature that allows you to send output every minute to see what you will be sending. As a rule I normally have the report set to send daily.

A Working Example

There were a couple of WP-Statistics report items that were of particular interest to me. One is the last post date. This is handy as a reminder when one should add one or more posts to a site – especially a blog – so the site content doesn’t appear stale (or as an alternative, simply do not show blog post creation dates). Even if you are not displaying the post dates on the site, it is good to know when you last posted something.

An example of the report pattern I used was this (note that in some WordPress themes the “[” and “]” characters in the example below display as repeated – there should only be one “[” opening shortcode character and one “]” closing shortcode character surrounding the shortcode itself when you use it):

WP Statistics report for https://CWCorner.com WordPress site:
[newline]
_______________________________________________
[newline]
[newline]
Last post date: [wpstatistics stat=lpd]
[newline]
Total Site Posts: [wpstatistics stat=postcount]
[newline]
Total Site Pages: [wpstatistics stat=pagecount]
[newline]
Total Site Users: [wpstatistics stat=usercount]
[newline]
Online Users at Report Time: [wpstatistics stat=usersonline]
[newline]
_______________________________________________
[newline]
[newline]
Today's Visitors so far: [wpstatistics stat=visitors time=today]
[newline]
Today's Visits so far: [wpstatistics stat=visits time=today]
[newline]
Yesterday's Visitors: [wpstatistics stat=visitors time=yesterday]
[newline]
Yesterday's Visits: [wpstatistics stat=visits time=yesterday]
[newline]
_______________________________________________
[newline]
[newline]
Total Visitors: [wpstatistics stat=visitors time=total]
[newline]
Total Visits: [wpstatistics stat=visits time=total]
[newline]
_______________________________________________
[newline]
[newline]
End of WP Statistics Report.
[newline]

I used the underline characters to separate various parts of the output for clarity. This report pattern generated a nicer, more readable report that even looked great when viewing it on my cell phone.

While I initially added this function as a way to neaten up the output of the WP-Statistics email report – the function should work just about anyplace in WordPress except in the PHP coding itself.

FacebooktwitterredditpinterestlinkedinmailFacebooktwitterredditpinterestlinkedinmail

The CW Corner – Adding Akismet comment spam protection

Akismet provides a convenient and free way to protect your personal WordPress site or blog from spam.

Many times we’d like to allow comments to be left on our WordPress site. The hassle with this can be the tremendous amounts of spam that come through the forms on websites.

Akismet is a compact WordPress plugin that filters the incoming comments. It is pretty straightforward to use and pretty easy to set up as well.

Install the Akismet plugin

The first step in this process is to ensure that the Akismet plugin is installed in your WordPress website:

      • Log into your WordPress website’s dashboard as an administrator
      • Click on Plugins in the left dashboard navigation column
      • Look and see if Akismet is listed – if it is – and it is not activated you can proceed to the Akismet Setup step below – otherwise
      • Click on Add New under Plugins in the dashboard navigation column
      • If you don’t see Akismet in the plugins, then in the text box to the right of the work Keyword in the row starting with Featured type in Akismet – then click on its Install Now button. Do not activate it yet.

Perform the Akismet Setup

To set up Akismet in your website, you will need an API code from the Akismet site. The first step in that process is to navigate to:
https://akismet.com/plans

This (as of the time of this writing) brings you to a page that should look similar to the screenshot below.

Akismet offering pricing page

Akismet offering pricing page

To get the free version of Akismet comment spam protection, you will need to click on the Get Personal button on the above page.

Once you’ve done that, you should see a page similar to the one below. Before attempting to fill out anything on this page, we need to set that $36 / YEAR to $0 / YEAR. Click on the $36 / YEAR box and drag it to the left.

Akismet Default $36 per year page

Akismet Default $36 per year page

Dragging that $36 / YEAR box to the left should change the page to display something like the one below showing 0$ / YEAR. You can also see that the information to fill in has changed.

Akismet $0 per year page

Akismet $0 per year page

Akismet $0 per year page

Now fill in the information completely. Note that you need to be able to check all three checkboxes indicating the following:

      • you don’t have ads on your site
      • you don’t sell products/services on your site
      • you don’t promote a business on your site

If these are the case, then you will qualify for a free, personal plan.

All you have to do once you have gotten this far is follow the directions on the page below.

Akismet signup complete page

Akismet signup complete page

Finally, it is suggested that while on that settings page in Akismet, you can choose to show the number of approved comments beside each comment author and choose whether to show a privacy notice or not. Then just click the Save Changes button and you are on your way!

FacebooktwitterredditpinterestlinkedinmailFacebooktwitterredditpinterestlinkedinmail

The CW Corner – PHP notifications in the WordPress dashboard

Every piece of popular software gets updated over time. PHP is no different.

PHP 7.4 is the latest version of PHP 7 at the time of this writing. It was originally rolled out November 28, 2019 and will receive security support until November 28, 2022. It also appears that PHP 7.4 may be the last of the PHP 7 releases, as PHP 8.0 was rolled out on November 26, 2020.

This is all great news, since each newer PHP version so far has continued to provide:

  • considerable (but not total) backward compatibility
  • faster execution speeds
  • greater security.

We’ve seen many PHP upgrades since running WordPress over many, many years. Our preliminary testing has always shown that many WordPress plugins and themes don’t work seamlessly with new versions of PHP as they are rolled out. As for PHP 7.4, the WordPress core and its latest default themes do. Unfortunately, many sites will simply break if caution isn’t taken to ensure all of their components – the core, the plugins and the themes – are PHP 7.4 compliant. For this reason, we usually don’t switch PHP to the later version until we are confident most things will work. When you think about the many thousands of themes and plugins out there for WordPress, it is no surprise that sometimes this takes longer than a year.

WordPress PHP notifications

PHP versions older than PHP 7.2 now trigger the red circle with an exclamation point PHP notification that administrative users see in the WordPress dashboard.

PHP update required notification - Site Health Status - Should be improved

PHP update required notification
Site Health Status – Should be improved

Bear in mind that WordPress only issues a warning about 7.1 and lower. The red notice in the dashboard is not shown for higher versions. Navigating to Tools > Site Health yields more details about site health.

Site Health - Should be Improved - Site Health Status - 1 critical issue - running outdated version of PHP 7.1 requires an update

Site Health – Should be Improved
Site Health Status – 1 critical issue – running outdated version of PHP 7.1 requires an update

PHP 7.2 just went to end of life November 30, 2020 – hence the red PHP update required notice that shows in the dashboard for anything older than 7.2 doesn’t show if you are running PHP 7.2 and above.

Site Health Status - Good - PHP 7.2 which should be updated

Site Health Status – Good
PHP 7.2 which should be updated

If you are running PHP 7.3 (or newer) you will not get the red notice described above. However, in the site health you will see an indication stating “Your site is running an older version of PHP (7.3.x) which worries many when they see it.

Site Health - Good - Site Health Status - 1 recommended improvement - running an older version of PHP - PHP 7.3.25

Site Health – Good
Site Health Status – 1 recommended improvement – running an older version of PHP – PHP 7.3.25

The fact is that PHP 7.3 will be receiving security updates until December 6, 2021. Given that, there is plenty of time to get ready for PHP 7.4.

Site Health Status - Good - PHP 7.2 and above

Site Health Status – Good
PHP 7.2 and above

The plan at CharlesWorks is to make PHP 7.4 available in the upcoming months. When that happens, you will notice that each of the PHP 7.x versions you see in the DirectAdmin interface will be bumped up by one version. So you will always still be able to go back to 7.3 if needed.

PHP 8.0 was released on November 26, 2020 with an expected security support date of October 26, 2023. There appears to be more incompatibility between it and PHP 7. CharlesWorks would not expect to roll this version out until nearer the end of 2021. Let’s give the world a chance to find all of the bugs for us.

FacebooktwitterredditpinterestlinkedinmailFacebooktwitterredditpinterestlinkedinmail

The CW Corner – WordPress loading images – blank thumbnail issue

Sometimes in a WordPress website an issue develops where when loading images into media library, only a blank thumbnail shows. It appears a space is created in the database for the picture but there is no content in it.

After testing compatibility of plugins, themes, php, etc., the problem persisted.

To resolve this, one can navigate here logged into WordPress as an administrator:
Go to Dashboard > Settings > Media

Make sure the correct default file path is showing there. When troubleshooting this issue on a site that was unable to upload media files, the file path was shown as:

/home/username/domains/thedomainname.com/private_html/wp-content/uploads

Note that the “username” and “thedomainname.com” in the above and below path examples will be the Linux username and the actual site domain name respectively that you are troubleshooting.

The fix

When this path was removed, the image file upload worked normally again and the problem appeared to be solved.

Possible Reasoning or Causes

In the DirectAdmin path structure, there are two places the website’s servable coding (like WordPress or HTML sites or Joomla, etc.) might be stored:

/home/username/domains/thedomainname.com/public_html

or

/home/username/domains/thedomainname.com/private_html

The “public_html” folder is where DirectAdmin normally places the website’s code (again, referring to all the files and programs that make up the actual WordPress or HTML or Joomla site’s coding, etc.).

The “private_html” folder is where DirectAdmin normally tries to place the website’s code when its content is encrypted. That’s why there is an option in DirectAdmin’s site control panel that allows one to “Use a symbolic link from private_html to public_html”. This option allows for using the same data in http and https.

The suspicion here is that a setting got changed or an update occurred causing the WordPress system to use the private_html setting when the site resides in public_html. Removing the file path from the settings forced WordPress to use where the system actually defaulted to – which cleared the problem.

We may never know how the setting actually got bunged up, but it is an easy fix once it is.

FacebooktwitterredditpinterestlinkedinmailFacebooktwitterredditpinterestlinkedinmail

The CW Corner – SEO Scammers

Almost all businesses get the usual spam SEO (Search Engine Optimization) phone calls.

Recently, one of my web clients took one. As a result of such calls, she emailed me. She expressed a lot of concern about having been told very negative things about her web traffic and website operation. It sounded like he was trying to get her to spend money. Money she’d never see a return on her investment for.

High-pressure sales tactics are something I have instructed staff in all our years in business to avoid. CharlesWorks policy forbids selling clients anything they don’t need. The difficulty is that there are so many spammers and scammers out there sending the same messages that people believe them. You can tell the same lie a thousand times and it’s still a lie.

Among the thousands of websites we’ve handled, her particular business is very unique – especially during the COVID-19 epidemic. Her classes are limited regarding how many people she can have in them at any given time. I told her that she is the one who knows best what should be on her website. And she is the one who knows best what she has to offer and when she can offer it.

The nature of her business, it seemed to me, is based more on a following she has developed over time. And she is limited as to how many people at a time she can physically handle. And – much as I hate to say this – COVID is going to remain a thought in many people’s minds – at least through this upcoming winter season. Things will change when a vaccine is widely available. However, common sense dictates it will be a while before everyone generally has access to it.

I suggested she shouldn’t spend more than she absolutely has to – to just keep her business operational. Those small business owners who can stay in business through this pandemic will be the ones who do great once they reach the other side of this.

It’s troubling that someone had pressured her enough to do work on her site that she became stressed over it. Sales people who proceed with such a hard sell attitude are clearly desperate for work. Desperate people are not working with their customer’s best interest in mind. My advise is to not talk to these people.

My suggestions for dealing with these really hard line sales calls are:

  • “Remove me from your calling list.” Tell them to remove you from their calling list. Once you say those words, they are supposed to do so by law. I regularly tell spammers this, and they generally don’t bother to call back.
  • Block their phone number. Block their number through whatever mechanism your telephone carrier has set up to do that. I do this on a pretty regular basis with the robocalls (which are actually illegal in most cases) and take a few minutes to report them at the https://www.donotcall.gov/report.html site.
  • Visit the National Do Not Call Registry. Go to https://www.donotcall.gov where you can put your phone numbers on the National Do Not Call Registry. Mine have been on this for many years.

While these suggestions don’t stop all the spam calls you’ll get, they do stop many.

Every small business owner can and should review their website. They should ensure that everything is up to date for offerings and schedules. That only costs them a few minutes. Because CharlesWorks charges for changes by the minute, those kinds of changes only incur those minutes of charges.

I hope this is helpful to you!

FacebooktwitterredditpinterestlinkedinmailFacebooktwitterredditpinterestlinkedinmail

The CW Corner – Domain Name Review

We’ve published plenty of information in the past about domain names. We’re always learning a little more and how to explain information to out clients as time passes.

Whether your domain name is for personal use or for your business, we hope you find the following tips to be helpful.

Keywords

Having words pertinent to your business in your domain are increasingly important. Simplistically put, search engine algorithms (the math formulae used to compute the importance or value of words contained in your site) rank the importance of web sites according to words. Many businesses use a domain name to describe the name of their business and, in addition to that, own domains which contain keywords which are present in their website.

Association

If possible, you should use the name of your business as all or part of one of your domain names. This will make it easier for your clients or potential clients to remember you and to find you on the web (like CharlesWorks.com – CharlesWorks is the name of our business).

General Names

More general domain names are most likely already registered to other businesses (of course it doesn’t hurt to check with us first). It’s still a good idea to have more general name(s) associated with your business as one of your domains (that’s why we also own HostingNH.net, which will take visitors to our CharlesWorks.net site).

TLDs

TLDs stands for Top Level Domains. TLDs are the extensions on the tail end of the domain, such as .biz, .club, .co, .com, .net, .org, .ws, etc. The most popular TLDs are .com and .net. If you find that your domain is already registered, you might try for an alternate TLD (for example, RobinSnow.com was already taken, so Robin acquired and uses RobinSnow.net).

Hyphenated Names

Although you can obtain them, we recommend not using hyphens for your business domain name. Most people who are searching for your site will not use a hyphen. You are better off to try a different TLD or a variation of your domain name.

Variations

Variations can be an option if your general business name is already registered (for example ScrapbookCabin.com was not available to one of our clients, so at the time she registered NHScrapbookCabin.com instead).

Relinquishing or giving up existing names

We have seen many horror stories concerning giving up existing domain names. Sometimes one will end up having to get a similar domain name because control over the preferred name could not be gained. An example would be where another party has control over one’s .com name and the website is down and the webmaster cannot be reached or is non-responsive. If we are to take over the services we would recommend getting the .net to the original .com of the domain name if it were available. This allows us to get the site up and at least people can be sent to that site pending transfer of the .com when it is possible. In some cases it never became possible and the site will continue using the .net domain.

Once a domain name has been in service, traffic is generated to it. For that reason, many expired or relinquished domain names are snatched up. One situation like this in the Manchester NH area involved a church giving up a domain name they did not want to use anymore (it was a version of the Church’s name that had been in use for many years and they just decided to change it and dropped the domain name). It saved them about $15 a year. However, the embarrassment was priceless when a porn company acquired that domain name and put a porn site up on it. The annual cost of a domain is truly cheap insurance against one’s domain name being used for phishing, porn, Viagra, or whatever.

There is absolutely no obligation of any kind to click the red button below and check out your domain possibilities!

CLICK HERE to find your domain name!

Already have a domain name? Click on the red button below to transfer it so we can get you online here at CharlesWorks!

CLICK HERE to transfer your domain name!

Or CALL CharlesWorks at 603-924-9867 9 am – 5 pm Monday through Friday or go to https://CharlesWorks.com/contact outside of regular hours and we will help you find one!

FacebooktwitterredditpinterestlinkedinmailFacebooktwitterredditpinterestlinkedinmail

The CW Corner – Checking Your Site

Something many folks overlook is occasionally checking their website’s functionality. I recommend doing this every couple weeks, but at minimum once a month.

Most websites and the servers they are on are subjected to ongoing software updates. Unless you are paying an additional fee for maintenance checks, it’s normal for things to occasionally break due to updates.

Most website owners are not paying additional fees for such maintenance. This means you really need to take the time to check:

– that the site appears to work properly
– that your hours of operation are correct
– that any website forms are working
– that email addresses are correct

The site operation and forms are most susceptible to software updates. If you have a good web developer, the fixes will happen quickly and it will not cost you too much.

Website maintenance should be thought of like automotive maintenance. We get oil changes. We get inspections. We even make modifications and do repairs to keep our vehicle operating the way we want. And our older vehicles can cost more to upkeep – just like older websites. As websites age, more work needs to be done to keep them secure and working as originally intended.

So check your site every now and then to keep things working and have the correct information out there!

FacebooktwitterredditpinterestlinkedinmailFacebooktwitterredditpinterestlinkedinmail

The CW Corner – Remote Work Tip

Masks help keep us all safe from the novel coronavirus

Masks help keep us all safe from the novel coronavirus

Around mid-march of 2020 the pandemic started getting taken seriously here in New Hampshire. Quickly workforces transitioned to working remotely wherever possible. Now we’re four months into it. We’d hoped the pandemic would be relaxing a bit but it appears to just be getting ramped up these days in much of the rest of the country.

Most have discovered that working remotely is not as simple and easy as it seemed at first. Now we can see some of the true difficulties.

Here is the one major tip I’ll offer today: work remotely like the boss is watching. Remember that the boss probably IS watching. When you are at that remote workstation behave as though you’re at your office workspace. Seriously. Would you go to work without washing or taking care of your personal appearance? Why risk having an unscheduled remote meeting with fellow employees totally unprepared? Poor impressions will certainly not help you when it comes to reviews.

There’s no reason to not really shine at your job remotely. Think about how fortunate you may be at not having to commute to work. And the ability to make meetings allows you to lose far less time previously afforded to travel.

The key to making remote working feasible is tied to communication. You must communicate either via text, phone, email or Zoom type meetings often enough to stay connected to your work force to complete tasks.

FacebooktwitterredditpinterestlinkedinmailFacebooktwitterredditpinterestlinkedinmail

The CW Corner – Engagement

Engagement, in military terms, is described as a fight or battle between armed forces. In web terms, engagement could be thought of as the process of getting an idea across to accomplish a goal.

There are a couple major goals with websites, as I see it. One is to simply share information. Another is to sell products. Make no mistake about it – whether you are selling widgets or ice-cream or trying to increase your congregation – the goal is the essentially the same – getting people engaged.

The first, sharing information, definitely is a precursor to the second. I’d like to focus on the second here.

Websites that are more engaging with their visitors will encourage more sales. With that in mind, it follows that engagement is a result of information and aesthetics.

Aesthetics costs for a website can vary greatly. Graphic design can be time consuming. This equates to higher labor costs. Information in written form, however, is usually the least expensive part of website development. Text can usually be pasted into web pages. This is not usually as labor intensive. Having more information in text format on a website usually equates to more exposure to the public. This is because website visitors can arrive using search engines. And the search engines find your site based upon pertinent content – mostly text.

In a nutshell, if you want an engaging website – which will increase your probability of success on the web – make sure there is plenty of information in text form on it. Search engines will help get folks there and your aesthetics can do the rest.

FacebooktwitterredditpinterestlinkedinmailFacebooktwitterredditpinterestlinkedinmail

The CW Corner – Blogging

A popular website sales pitch over the past ten or so years has been about blogging. Many web developers believe that blogging is an absolute must to get found on the web. However, believing doesn’t necessarily make it a fact.

Whether blogging will be a benefit your particular web presence is complicated. There are a number of factors to consider.

A major factor is that blogging requires time to be effective. The time has to be spent by someone entering blog material pertinent to your business or topic into your website. Otherwise you have to pay someone to keep up with it.

Keeping blogs interesting to keep site visitors engaged is another ongoing endeavor. Site visitors won’t return if the material doesn’t hold their interests.

The real power of blogging lies with search engine placement. Search engines rank websites on how pertinent they are to a particular topic or search terms. Search terms are generally words or phrases people type into search engines when they are looking for something. The more pertinent – the higher the ranking. Having more pertinent material on a site increases ranking.

So when considering whether a blog is right for your web presence or not, bear in mind that a blog must be an ongoing, continuing effort. It may be just as effective to simply have a lot of static material on your site explaining details about all your offerings.

FacebooktwitterredditpinterestlinkedinmailFacebooktwitterredditpinterestlinkedinmail

The CW Corner – Zoom Etiquette

I never imagined myself writing anything about etiquette. However, being in the middle of the web world as I am I get to listen to everyone’s two cents on our new business meeting medium: Zoom. And it is the same for all the video meetings that are happening. Here’s a short list of what people remark about most:

Sample Zoom Meeting

Example Zoom Meeting Screenshot

  • Being on time – It appears that people are late more than ever for video meetings. Others notice.
  • Eating – Bad manners at a face to face meeting, most would never think to sit down with a bowl of cereal or a sandwich at a business meeting.
  • Stretching/Exercising – In a lifetime of meetings I’d have never believed this without seeing it happen.
  • Hiding – Everyone knows when you don’t show yourself at a meeting you either aren’t ready or you are doing something else.
  • Bathroom – Do I really need to even mention this? Never take your phone there. Remember Murphy’s Law.
  • Being Unfocused – In most cases private texting is not really private and can be seen my whomever manages the meetings. And what an embarrassment when you text everyone instead of privately. And everyone can see when you’re not paying attention.
  • Kids – We all love our kids. But we just don’t need to include them in business meetings.

Remember this is just a short list of the issues/complaints I seem to hear the most. The bottom line is that if you use video meetings for business you may want to use common sense and take them seriously. Behaving the same way that you normally would if you were actually present at a face to face meeting will keep your appearance professional – which will help grow your business.

FacebooktwitterredditpinterestlinkedinmailFacebooktwitterredditpinterestlinkedinmail

The CW Corner – PPP Pandemic Scams

The pandemic we are dealing with doesn’t always bring out the best in human nature. Such times are when scammers are more apt to take advantage of people. Many people are feeling anxious and helpless. Add economic issues and it’s clearly a recipe for depression and uncertainty.

Most small business owners have heard of PPP (Payroll Protection Program) loans. These are to help businesses stay alive and keep people employed during this pandemic. There are incredible numbers of scams involving PPP loans.

Most scams come through email. They also happen over the phone. Unbelievably, calls and email are great mediums for scammers. Emails trick people into loading viruses onto their computers. Both manipulate people into volunteering personal information! The result is identity fraud and/or account thefts.

Internet and telephone scams have one important factor in common: instill a sense of urgency in the mark. If the scammer can make you think you need to act on this right away, you probably will.

I suggest you:

1) Deal with bankers/lenders at respected institutions you actually know. Use the drive-through window if you must to set up an appointment.

2) Call your banker/lender if you get an email or phone call offering their help with the PPP loan – even if the email or phone call appears to be from a legitimate source.

3) Understand that emails and phone numbers can be spoofed – made to look like they’re from a legitimate source.

Be cautious and you won’t have to regret the unimaginable headaches that those who have suffered identity theft and other losses have experienced.

FacebooktwitterredditpinterestlinkedinmailFacebooktwitterredditpinterestlinkedinmail

The CW Corner – Scamming Web Developers

Most of the articles I submit are to help the average web user or website owner learn a few web related tidbits. This one is geared toward web developers.

The scam asks about doing web development and whether it can be paid via credit card. It lets you know right away that they have a good budget to make the site. They also tell you they want it to be like a particular other site that you can check out to see what the project will entail.

Then the scam is presented – the scammer needs a favor. When you write back and ask what that favor is, here is a verbatim response I received:

“The favor i need from you is. i would give you my card info’s to charge for $7,700 plus credit card company charges, so $2,000 would be a down payment for my website design and the remaining $5,500 you would help me send it to the project consultant that has the text content and the logo for my website so once he has the $5,500 he would send the text content and logo needed for my website to you also the funds would be sent to him via Instant Transfer or Cashier Check into his account, sending of funds would be after funds clears into your account And also $200tip for your stress So i will be looking forward to read back from you. Thanks”

Then I indicate my credit card company doesn’t allow such transactions. I never hear from them again…

Most scams are built upon the greediness of the mark – purposely using poor grammar and presenting what looks like it’ll be a easy way to make some quick cash. That’s how they trick you out of your money. We all know the old saying: If it sounds too good to be true, it probably is.

FacebooktwitterredditpinterestlinkedinmailFacebooktwitterredditpinterestlinkedinmail