They’re out there, lurking in the dark corners of cyberspace ready to wreak havoc on your website – hackers. It’s a real danger with potentially grave consequences – loss of business, loss of standing with Google, erosion of trust – the list goes on.
Why Do Hackers Hack?
A lot of reasons. Because they can, to make a political statement, to make a point, to prove how smart they are, to show you how vulnerable your site is, for their amusement, and the most common reason – for money. It doesn’t matter why they do it. There are things you can do, precautions you can take to make it nearly impossible for even the most sophisticated hackers to deface your website. Here are three:
1.Use Strong Passwords
Most hackers are able to do their nasty work by guessing your password. They’re very good at this. They assume you’re using passwords that contain some variation of your birthday, your pet’s name, your spouse’s name, your street name. You get the point. Make it harder for them by using stronger passwords. There are all kinds of services out there that generate random passwords. I like to use the Norton random password generator. This tool gives you the option to specify password length. I use a minimum of sixteen characters. You can also specify whether or not to include letters, mixed case, numbers and punctuation. Choose options that make your password difficult to remember and a pain to type. If it’s hard for you, it will be hard for them. But beware! Make sure you write the password down before you change it. Obvious right? Many people forget to do this and get locked out of their own websites. Another tip. Don’t use the same password for all of your resources. Why not? Do I really have to explain?
2. Monitor Suspicious Activity
If your website is built on the WordPress platform, and all of my clients’ sites are, make sure your webmaster is using a plugin that alerts you when it detects any kind of suspicious activity on your website. This is invaluable. You can then take appropriate action like blocking IP addresses that are the source of brute-force attacks (repeated login attempts), updating old versions of WordPress and any installed plugins, identifying and deleting suspicious files that contain known viruses and more. There are several plugins that do this. Ask your webmaster if one of them is being used on your website. If the answer is no… well, use your own judgment here.
3. Double Authentication or Two Factor Login
When an attempt is made to log into your website, double authentication will send an email to the inbox of the user trying to log in prompting him/her to verify the login attempt. Since hackers don’t have an email address associated with their user account, they will never get the email and will not be able to login. If the attempted login is from a legitimate user, once the login attempt is confirmed you will then be able to designate the computer from which the login attempt was made as a trusted device and you won’t be asked to confirm logins in the future. A bit inconvenient? Yes. Worth the inconvenience? Absolutely!
A Piece of Important Advice
Make sure your site is being backed up on a regular basis. Most web hosting companies will routinely backup websites but usually only once per week. And they won’t store previous backups. What happens if your site gets hacked (or defaced – a word I prefer) before a scheduled backup? That means that the most recent backup available was done after the hack and will be totally useless. Make sure your webmaster is backing up your site more than once per week and that several backups are being stored. That way, if your site gets defaced a recent backup will be available to restore your site.
And Now Back to You
Has your site been hacked? What did you do about it? Do you have sufficient protection to prevent a site defacement? I hope so. Talk to me.
Photo courtesy: brianklug
When you’re making a buying decision – any kind of buying decision – whether it’s choosing a restaurant, an electrician, a realtor, a painter, an attorney or a bank, do you care about the why? I do. In fact, I’ve become obsessed with the why. If I’m going to choose your services I want to know what drives you, I want to know that you’re passionate about what you do, I want you to be able to tell me why you do this every single day. Take my bank, for example. They won me over because every teller at every branch is so friendly. They exude enthusiasm. They love working there and it shows. I figure that If you love what you do every day then you’re going to do it well and I’m going to get your best.
Beyond the What and How
If companies are eager to tell you what they do – and they should be – they’re even more eager to tell you how they do it. They want you to know about their latest technology and groundbreaking techniques, how they’ve invested in education, how they’re on the cutting edge. This is all good stuff. But does any of that set them apart from every other company in their industry? Does it make you want to do business with them? Does it make you feel good about choosing them? Maybe. But for me it’s more about the why and less about the what and how. This is not a new idea. Simon Sinek has built a following by advising us to start with the why. He uses the example of Apple as a company that starts with why and explains how their commitment to innovation and user satisfaction has created a legion of Apple evangelists.
Try Asking Why
In my initial meetings I use a questionnaire to gather important information about my client’s business. A few weeks ago I added the following question to the top of the list, “Why do you do what you do?” The results have been extraordinary. Some clients answer the question immediately and with great enthusiasm. Some have difficulty answering it at all. The point is this. People don’t care how much you know until they know how much you care. (I didn’t make that up. I wish I did). Let your passion show. Let people know why you do what you do. They will connect with you in a visceral way. In a way that goes beyond intellect. In a way that gets them to choose you because it feels right. And isn’t that what you want?
And Now Back to You
How much have you thought about the why of your business? Is it a question you can answer easily or do you have to think about it? When you’re choosing a company to do business with, do you care about what drives them? Share your thoughts with me in the comment box below. I’d love to hear from you.
Photo credit: openpad
Obviously there are more keys to success than these three. And depending on who you talk to there are bound to be even more. The point is, success means different things to different people, so achieving it is a highly subjective pursuit. The list that follows then is what has worked for me. If you’re self employed, they may work for you too.
When you work for a boss, a manager or a supervisor, you will be held accountable whether you like it or not. Just fail to execute a task and you will become painfully aware of that. But what if you’re accountable to yourself? What happens if you miss a deadline or simply don’t do something you told yourself you would do. Then what?
Quick story. Back in the late 80’s I decided to try my hand at stand up comedy. I worked with a drama coach who critiqued my act and helped me prepare a killer 5 minute set. About three months in, she looked at me when our hour was over and said, “You’re ready. The only thing left now is to just go do it.”
“Really?” I asked.
“Really,” she answered.
I headed toward the door determined to take the stage the following Sunday. I was pumped. But just before the door slammed shut behind me, my coach shouted, “Come back here. There’s one more thing.”
“Here’s how this is going to go,” she said. “You’re going to write me a check for one hundred dollars. If you go through with your act, I will return it. If you chicken out, I will cash it. Okay?”
She isn’t going to let me escape. “Okay,” I said, very reluctantly.
Me on stage at Stitches Comedy Club, circa 1989.
Fast forward to the following Sunday. I’m at Stitches Comedy Club on Commonwealth Avenue. Wall to wall people. I’ve never seen it this packed. There are video cameras everywhere. Steve Sweeney, the Dean of Boston comedy is plying the room yukking it up with the expectant crowd. I check the sign up sheet. I slowly move my finger down the list desperately hoping my name won’t be on it. It is. Seventh. At the sight of my name the butterflies in my stomach erupt into a frenzy flapping their wings furiously. I run to the bathroom. It doesn’t help. One by one the comedians do their five minute acts. I take another look at the list. I’m next. In full panic mode I head for the door when a thought hits me. I can’t afford to lose a hundred bucks.
Then I hear, ” Ladies and Gentlemen, please put your hands together for a newcomer here at Stitches, Marvin Kane.”
I’m on the stage. I look at the crowd. I can’t see anyone past the bright stage lights. The room is silent. I tell my first joke. Laughter. Lots of laughter.
The next day I visit my coach to collect my check.
Accountability. If you find it difficult being accountable to yourself, work with a friend, a relative, anyone who you can be accountable to. It’s human nature to not want to disappoint people. Try it. It works.
Whether you’re a writer, a designer, a plumber, a lawyer or an athlete, you need discipline to succeed. The good news is that discipline is yours. You own it. If you’re getting out of bed at 5am to run five miles as part of your training for a marathon, you can’t blame anyone else if you don’t do it. Here is dictionary.com’s definition:
dis • ci • pline – activity, exercise, or a regimen that develops or improves a skill; training.
When you work for a boss you don’t need discipline to get your work done. That’s because you know you’ll get fired if you don’t. Don’t get me wrong, most well intentioned people will get their work done because it’s the right thing to do. But still, the knowledge that you will lose your job if you don’t is a pretty strong motivator. But how do you maintain discipline if you’re the boss and the threat of being fired isn’t there?
First of all, understand that all discipline is self discipline. Unless you’re in the army, no one can impose discipline on you. Not really. What works for me is thinking of the consequences of not being disciplined. Will I fall behind? Will my competition fly past me? Will I fail to deliver on a promise? Will I look bad (that’s a big one for me)? Will I lose money? Will my reputation suffer? See where I’m going? Make a list of all the things that can happen if you’re not disciplined. Your behavior will change. I promise.
Ah, reward. My favorite part of the three legged stool. What I like to do is set small, achievable daily goals, hold myself accountable (actually it’s my business coach that holds me accountable) and maintain the discipline to accomplish them. At the end of the day I count up my wins (sometimes there is only one). Then I reward myself. The reward can be anything. You decide. The more you practice the accountability-discipline-reward pattern, the easier it will become. Before too long success will become a habit.
And Now Back to You
If you’re self employed, how do you get your work done? For some people, discipline comes easy. I’m not one of them. Are you? Do you have a routine that works well for you? I’d love to hear about it.
Web Hosting: A Simple Definition
A website is a collection of files that resides on a computer. The entity, company or person that provides the computer on which a website resides is said to be “hosting” the website. Think of it this way. Your web hosting company is your landlord. You, or more specifically, your website, are the tenant. Does that make sense? Good. Let’s continue the analogy. When you rent a space from a landlord you want to know what comes with the rent. Are utilities included? heat, electricity, etc. How big is the space? How long is the lease? Here comes a universal truth. When it comes to web hosting, you get what you pay for. High rent, lots of amenities. Low rent, few amenities. Let’s look at one very common and very cheap (sorry, I meant inexpensive) hosting option.
Just what the name suggests … and also how web hosting companies make their money. Hosting providers keep the cost way down because they put hundreds of websites on the same machine enabling them to conserve server resources. Caution: You get what you paid for (I think I said that already). Here is what you need to know about shared hosting and why not knowing it can hurt you:
- So many websites on one machine can and will effect the performance of your website. Your website will be slow and your visitors will be frustrated. Frustrated users won’t come back. Ouch!
- If one of the websites on the server gets hacked or infected, all the sites on the server are in danger.
- If one of the sites has questionable content and gets blacklisted by Google, other sites on the server may get blacklisted too – like yours!
- If your site requires additional resources to deliver the intended user experience, those resources may not be available if the web server has hundreds of other sites on it. One result could be sites crashing – like yours!
- If your site needs an extra layer of security (important when you’re accepting online payments, asking users for sensitive information via a web form, etc), a shared hosting environment won’t support the installation of an SSL certificate (a file with encryption code that will protect your site from being hacked).
The point is this. If your site is a simple collection of html files with no database back end, no user interactivity, very little traffic, static content and few graphics,* shared hosting might work for you.
*Note: If I just described your website, hosting is the least of your problems.
A Cautionary Tale
I, or should I say, my clients, have had problems with a particular hosting provider. It’s probably not prudent to mention the company’s name so I’ll just give you a hint. It starts with Network and ends with Solutions. They’re not a bad company. I have all my domain names registered with them. But they are just not set up to provide the proper level of support for high performance websites, particularly those built on the WordPress platform. I always steer my clients in a different direction. But there are times when working with Network Solutions is unavoidable. During a recent plugin upgrade for one of my client sites the website encountered a fatal error related to insufficient memory. A fatal error is bad. The site’s functionality was compromised. After endless phone calls and conversations with support personnel I finally reached a technical supervisor.
“A technical supervisor,” I thought. “Now we’re getting somewhere.”
I’m paraphrasing but here is the gist of what he told me: “Our shared hosting solution doesn’t support the needs of a typical WordPress website. With a WordPress site you’re better off hosting with someone else.” Huh!? I did some checking. The screen capture below reveals that there are a total of 304 websites on the same machine as my client’s site. No wonder there are problems.
Shared hosting is not the only hosting plan available. There is VPS or Virtual Private Server, there is dedicated hosting, there is managed hosting. You’ll have to keep tuning in as I explore each of these separately. I wanted to concentrate first on shared hosting because it’s the most popular and least expensive option. And don’t misunderstand. I’m not saying that it’s never the right solution. Just be aware of the potential risks and dangers. Ask the right questions based on your understanding of the needs of your website. Better yet, consult with your web design company and make sure they ask the right questions.
And Now Back to You
Have you had problems with your website loading very slowly or taking too long linking from one page to another? Did you consider that the problem may have been related to your hosting plan? How did you resolve the issue?
Marvin Kane, President of Kaneworks