Nov 26

4 Year Old WordPress Comment Security Bug

In a recent article on Ars Technica, they disclosed the 4 year old WordPress Security bug in the commenting system, this flaw would allow malicious hackers or attackers to leverage XSS or cross site scripting and could potentially gain operating system level access on the server.  The lesson here is that this affects WordPress 3.x and earlier versions of the WordPress platform, WordPress which is on 4.0.1 right now is not affected and subject to this vulnerability so this would be another good reason to make sure you are updating to the latest major versions and hotfixes of WordPress as soon as you can to avoid keeping your site exposed to vulnerabilities.

The other thing to note is that Incapsula Cloud Security service which is free for small sites is also capable of providing protection against this vulnerability as it would prevent any of those attempted script injections from even hitting your WordPress blog site.

I have used Incapsula to protect my blogs for a while, and while I am running the latest WordPress, it adds that extra piece of mind and security should a new vulnerability be discovered with WordPress, as long as it was XSS related, Incapsula would likely take care of it and help insulate my site.  Heck, you can see just in the past 7 days for my site, that 262 bad bots were blocked, 89 illegal access attempts, 24 remote file inclusions, 3 sql injection attempts and 9 cross site scripting attempts were made against DragonBlogger.com.  This is a site that gets about 30000 visits per month and it gets this many attacks per week, just imagine how many attacks your site is getting, any site even small one are compromised all the time.

You need to secure your site, and honestly Incapsula is free and wraps around your site protecting it from a cloud so that the attacks/attempts never even reach your web server, this is the advantage of using a cloud security service instead of simply a WordPress plugin because a plugin is churning up system resources on your web hosting provider and the plugin itself may have a vulnerability or some risk, keep the security off the site itself doing the work so that attempts never make it to the server in the first place with Incapsula.

Source Article for Reference http://arstechnica.com/security/2014/11/four-year-old-comment-security-bug-affects-86-percent-of-wordpress-sites/ that inspired this article.

Nov 24

Chrome 64 Bit Causing BSOD

Well it would seem that my random Blue Screen of Death errors around Critical Failures were indeed caused by the Chrome 64bit web browser as after uninstalling and putting 32bit Chrome back my system has stabilized.  For days my computer had been rebooting randomly and I had done everything I could to figure out if it were a driver issue or power failure, one common element was that Chrome was open every time and left open overnight when I found my computer rebooted the next morning.

So I removed all Chrome extensions but that didn’t solve the trick, I don’t know why Chrome 64bit just started crashing my computer, but it was no big deal to go back to Chrome 32bit.

I also ran Memtest and other utilities to make sure there was no RAM issue in the 64 bit address space, but no other errors were found.

 

 

Nov 17

Disney Infinity 2.0 Needs More Official Adventure Modules

Disney Infinity 2.0 is shaping up to be incredible and we bought the playset game for my son for his 8th birthday earlier this month in addition to some extra characters like Groot and Rocket Racoon.  The only problem was after the release of Big Hero 6 my son was desperate to have Baymax for Disney Infinity 2.0 and he was released, well his Grandma had given him some birthday cash and he bought both Hiro and Baymax with it.

Herein lies the problem, the characters are for Toybox mode only and are incompatible with any of the story modules or adventure packs released for Disney Infinity 2.0 thus far, so my son can’t play his favorite character on any of the Marvel Mission packs which are limited to Marvel action heroes only.  And while he does play the Toybox mode creating his own street scapes and dropping baddies everywhere and we have tried downloading a variety of community content which all has issues of one form or another, mostly with character angles and not being designed well for flying characters it leaves him unable to truly feel like Baymax can play an adventure that is high quality and designed by the company.

I think Disney really needs to ramp up and release DLC content adventures for Disney Infinity 2.0 even if they are $1.99 or $2.99 per week you can get a solid 10 hours of play time per adventure module that supports all of the characters, or even chapters that follow stories/adventures from the movies this would be something totally worth it.  So at this time, we are stuck waiting for more official content or some better community content to be released that will allow him to play Baymax or Hiro on some official adventures and stories.

So far I will say that Disney Infinity has Infinite potential but Disney needs to ramp up official adventures and story quests not just action figures as there is too small an audience creating community content.

 

 

 

Nov 06

Teliad is now SeedingUp: Earn Some Income with Your Blog

So Teliad was a program that I used to monetize my sites periodically and now they are being branded as SeedingUp which is appropriate if you think about the primary goal of the site is for advertisers to buy “seeds” or links on target sites.

One of the things about SeedingUp is how many options you have in offering potential advertising or leasing spots on your site compared to other similar programs.  You can offer sponsored posts, general advertisements, video marketing, infographics, press releases, text links, in post links and even presell an entire page.  You generally register your site and the program works with you on estimating value to provide rates that are fair but won’t scare off your advertisers.

Now most bloggers have a very hard time monetizing blogs, unless you are a direct affiliate marketer pitching either your own products or a really niche re-marketer of existing affiliate products it can be very hard to monetize a blog, sometimes you just don’t get the traffic to bring in banner ad income or passive Amazon affiliate income to earn enough to meet your goals.  This is where occasional partnerships in these programs can help but they always come at a risk and a price.  You can see though that I think the prices are fair for a decent blog, and are in line with my own direct advertising sales rates for a sponsored post.

 

 

 

 

 

 

 

These are two different blogs listed in the SeedingUp System, what you should know is that SeedingUp does payout via Paypal every month which is good, though when they re-branded, you are paid in SeedingUp credit and have to cash it out to a PayPal payment now instead of just automatically being paid out to PayPal with Teliad.

The payments are split over 12 months, so you will get equal monthly payments and this is both good and bad, it provides a steady trickle stream of income and if you have a few opps sold you can get a steady $50 or $100 per month just for hosting a few sponsored opps over the full year, vs the 1x higher payout which some may have preferred, but it has advantages to streaming too and keep some reliable income coming in.

You can choose to have NoFollow links with sponsored blog posts in many cases, this is of value if you want to remain Google ToS complaint, but with many of the offerings they are still trying to get the benefits of a DoFollow backlink, know you are getting into this and run the risk of a Google PageRank penalty if you are going to accept sponsored offerings in exchange for letting the advertiser have a dofollow link.  You are not Google ToS compliant, and the program uses a variety of mechanisms to try to avoid flagging direct advertisers but ultimately this is a fine line in my opinion.

The safest and non-Google penalty way to use the system is NoFollow only options for all opps which are far less frequent than DoFollow ones, but the worst that can happen is your PR is stripped to 0 and if you aren’t monetizing or making any money from your site now and need to monetize a little, it may be worth the risk.  I will give you a prime example, my poetry blog makes 0 income from blog posts, brands don’t care about a poetry blog, they care that it has a decent PageRank, so in that case I will be okay with hosting a link on my footer or sidebar or inside a poem as a footnote just to help keep operational costs running.

If you haven’t looked at SeedingUp yet and you run various personal blogs that are not affiliate marketing sites, you may want to consider a little bit of monetization, I will say if you have a PR3 or higher your odds of getting offers are better, but I did get offers when my sites were PR2 as well.  PR0 and PR1 you pretty much won’t see any opps from my experience.

Oct 24

ATT CL2939 Line In Use with MagicJack Plus

Quite a while ago I had a Line In Use problem on my phone with the MagicJack which was fixed with replacing the MagicJack  but I do have a new Line In Use problem that shows up with my AT&T CL2939 phone with the Magic Jack Plus when it is plugged into an outlet and directly into the router.

Yet if I have my MagicJack Plus plugged into the USB port of the PC the Line In Use immediately goes away.  I also noticed this appears to be an issue with the phone more than the Magic Jack because if I unplug the phone cable, the phone will say Line In Use no matter what even when nothing is plugged into it.

From what I read this seems like a voltage detection issue and perhaps the phone got too much voltage, or damaged, it is just weird how MagicJack Plus only when in USB will work but not when A/C outlet, tried 4 different AC outlets and cables.  It seems to send more voltage to the phone when it is plugged into USB or something.

Because the phone does it no matter what even when nothing is plugged into it, I simply plug in MagicJack while it is in USB and the Line in Use goes away, then I unplug phone cord from phone, and Line In Use comes back.  Replaced batteries, as some said if battery is low it could cause issue and no luck there.

I likely will end up buying a replacement phone, but this tells me that the Line In Use problem may not always be a MagicJack issue but can also end up being a phone issue as well.

Older posts «