Current Location: Home / 2011 / Archives for June 2011

Get Motivated Seminar / Little Rock, AR

June 29, 2011 By 4 Comments

Updated: 08/31 – Okay, so I didn’t make it to this event because I just have too many irons in the fire that are getting hot all at once but I am interested to hear from those of you that might have attended. How as it? Was it what you expected? What did you pull from it??

I’m not really one for sitting still through a motivational speech, much less an all day affair but through a series of offers that I can’t refuse, I am going to be attending the event in Little Rock tomorrow w/ Bill Cosby, Rudy Giuliani, Steve Forbes, Lou Holtz, General Colin Powell, Laura Bush, Terry Bradshaw, and more…

I will more than likely be the guy who is struggling to sit still all day long, if you see me, be sure to stop and say hello! I will likely have my laptop w/ me taking notes and possibly blogging during the event if there is a wi-fi connection.

Anyone else attending?

Filed Under: Miscellaneous Tagged With:

Securing wp-config.php

June 25, 2011 By Leave a Comment

For the past week or so, our server admin, Matt Critcher, and I have been battling the “pharma-hack” in several WordPress installations, this website included. Long story short, we still haven’t been able to completely eradicate this exploit but I feel like we are getting a lot closer. This afternoon Matt advised that I go through some of our exploited sites and secure the wp-config.php files by adding security keys to them. There is even a generator on the WordPress.org website that you can use to generate these keys…

The process is simple, just generate a new set of security keys and place them inside your existing wp-config.php file. The generated keys will look something like this:

define('AUTH_KEY',         't`DK%X:>xy|e-Z(BXb/f(Ur`8#~Uz|');
define('SECURE_AUTH_KEY',  'D&ovlU#|CvJ##uNq}bel+^MFtT&.bj');
define('LOGGED_IN_KEY',    'MGKi8Br(&{H*~&0s;{fer[hOBk!ry^');
define('NONCE_KEY',        'FIsAsXJKL5ZlQo)iD-pt?aNwI|siOe');
define('AUTH_SALT',        '7T-!^i!0,w)L#JK@pcD;Vcy8,S)-&G');
define('SECURE_AUTH_SALT', 'I6`V|mDZq21-J|ihb u=|n#=]@]c #');
define('LOGGED_IN_SALT',   'w<$4c$Hmd%/*]`}qG(GaVDEsn,~*4i');
define('NONCE_SALT',       'a|#h{c5|P &xp]t=]V<`}.py(wTP%%');

What this will do is invalidate any existing cookies that might be out there. It’s obviously not the complete fix for the “pharma-hack” that I have been looking for but it only takes a second and could save you some potential heartache down the road from other exploits.

Filed Under: Web Development, Wordpress™ Tagged With: ,

The WordPress Pharma Hack

June 16, 2011 By 1 Comment

Today I received an alert that one of our websites was reported by Google as being the victim of hacking and was being flagged as possibly dangerous in their search results. This immediately caught me off guard because our server admin, Matt Critcher, is one of the best in the business and nothing gets past this guy. We have several years of research and development and no telling how much cash invested in the security of our hosting environment. Granted, securing a server is something you have to work at just about everyday to eliminate new threats as they arise, and believe me, we take security very seriously.

Upon receiving this notification I immediately logged into the website that had been flagged and started looking for anything out of the ordinary. I was able to immediately eliminate most of the usual list of characters you see w/ open-source software attacks such as defaced pages or redirection scripting. I kept digging around and finally got on Skype w/ Matt to see if he had seen anything out of the ordinary from his end. We did some investigating and discovered that the hack itself wasn’t something that we could actually see on the website itself, but instead, it showed up in the Google search results for that website. In all of my years developing websites I can honestly say that I have never seen a hack quite like this before.

I did a little research and quickly stumbled upon this article on pearsonified.com discussing the “pharma hack” on websites running WordPress, they too had in fact fallen victim to this exploit and offered up some great information on how to diagnose the hack and furthermore how to eliminate it from your WordPress installations (which is somewhat tedious to do). I also ran across an awesome tool for scanning your website by Securi that is hosted online at this location. A few hours later Matt had already rid our servers of this exploit but not before we had discovered it in a few other locations, including this website. See screengrab of Google results at the bottom of this post.

Keep in mind that we keep a very close eye on all of our software installations and perform frequent updates to insure we have the latest versions of every application running. Somehow this sneaky hack found it’s way into our ecosystem, and quite honestly that’s an accomplishment on whoever launched this exploits part. I spoke to a friend this afternoon who also has a web hosting company and he had just learned that several of his clients were reporting inaccurate Google search results for their websites as well.

The questions I have at this point pertain to how in the world something like this could happen. I hope to learn more over the course of the next few days and will report back anything I should run across. In the meantime, it might not be a bad idea if you run WordPress to do a quite Google search for your website by entering in [site:www.yourdomain.com] to see if you have any weird page titles or meta information showing up, or give the Securi scanner a try to see if it can locate any problems you might not be aware of. Just glancing at a website page titles by browsing the site won’t work, everything looks normal.

Filed Under: Search Engines, Web Hosting, Wordpress™ Tagged With: , ,

News Reporter Catches Duck While Fishing

June 15, 2011 By Leave a Comment

My partner sent me this video the other day and I thought it was worth sharing. I think that it’s sort of a glimpse into what it’s like to work w/ me on a daily basis. You never know what’s going to happen. Some of you might not find this too surprising but I have actually caught a swan before while fishing…  #irony

Filed Under: Funny Tagged With: ,

28 Illegals Crash a Van

June 15, 2011 By Leave a Comment

I know we have a serious problem w/ immigration in our country and the plight of these people looking for a better way of life is a sad topic, but this video is worth checking out. It’s a van carrying 28 supposed illegal immigrants that flips on the highway in Arizona. Amazing!

Filed Under: Funny Tagged With:

Current Projects: Tice Realty Redesign

June 3, 2011 By 2 Comments

I launched the all new Tice Realty website this evening. This is a complete redesign for Tice Realty, who was previously running one of our legacy content management solutions and now needed something more robust. This new website is built totally on top of WordPress and utilizes the Genesis Framework. Click on the screenshot below to visit the all new Tice Realty Website…

One additional feature to the new Tice Realty website is the Tools & Resources page that incorporates a ton of useful Real Estate Information and Internet Search Tools into one convenient portal. You can visit this portal by clicking on this link…

Built entirely upon WordPress!

 

Filed Under: Current Projects, Wordpress™ Tagged With: , ,