A subscriber writes:
[QUOTE]:”Can you talk more about the security of the
“My blogs and account got hacked, my friend
also, and one of my clients. So I’m sure a lot of people are experiencing this
“My friend hired a company to go in and
remove all the backdoor scripts and viruses that got put on his site.”–TJ.
Before I go
on…let me fill you in on what’s happening.
In about TEN
DAYS, I promise to give away a copy of my “Google Friendly” Website theme.
reason I created this is that a lot of you are having a hard time getting your
websites approved on Google Adwords.
best online traffic I’ve ever used. Made milllions of dollars for myself and for
my clients using exclusively Adwords traffic.
been plenty of myths and misunderstandings about what Google likes and doesn’t
wrong, and you’re banned from Google forever.
right, and enjoy endless streams of the most valuable traffic you’ve ever seen.
this theme as a quick and easy to get my new clients setup for Adwords traffic
before going live with a campaign. And I decided to share it FREE.
is accompanied by a training webinar that fills the gaps for everything that can’t
be automated. So you can get the perfect balance of compliance AND sales
details on how you can get the theme here:
Back to TJ’s
A couple of
years ago, I had the same problems with my website.
Once, I was
in the middle of a product launch when I started hearing from some subscribers
they were getting VIRUS warnings when they visited the sales page.
Needless to say the launch was ruined.
When I tried
to reproduce the same warning on my side…
my site, I scanned my computer…nothing at all.
further investigation, I found strange new ADMIN user accounts that I never
that, but there were also new script files with garbled names.
And when I looked
single “html” page on my website, every single script…had a long line
of strange code.
Since I have
a technical background, I figured it was an encrypted script.
it and understood exactly how dangerous this script was.
It was a
nightmare to remove it. I spent days digging through all the files on my site…thousands
of them…removing these injected scripts.
And when I thought
I had solved it…well, the same day, I got more complaints.
Lost more sales and subscribers. It was a nightmare.
again…and the script had re-injected itself into every file on my server.
There was at
least 3 or 4 occasions this happened to me.
Worst part is,
Google de-indexed and began warning users not to visit my site. Getting it off the
blacklist was a nightmare.
Cleaning the site of the virus took forever.
that happening to YOUR website.
But it’s super common. And it’s possible your site is issuing warnings out there, and you have no idea that it’s doing it.
Why does it happen?
Two MAIN causes:
#1. Custom Themes & Plugins
#2. And, a few mistakes in your setup.
Many of you
guys use commercial themes like Genesis and Thesis…and sure they offer lots of
great functionality for marketers.
But they are
TERRIBLE things, in my opinion.
is an OPEN SOURCE project with a huge community of contributors. What this
means is, people from all over the world build it, improve it, debug it,
security check it, and fix it.
have NO financial incentive.
just hardcore programmers who LOVE WordPress and want to make it better. Volunteers.
(Wikipedia is built on volunteer contribution, see how awesome it is?)
result is a constantly evolving, improving piece of software.
commercial themes like Genesis and Thesis are written by a team of salaried
employees. They haven’t been around as long as WordPress, and they haven’t
built anything half as brilliant.
do is they take a beautiful piece of software and BUTCHER IT. Turn it to crap.
I fugking hate them.
Everything about them stinks.
I’ve got a client who’s using one of those arsehole themes and we’ve spent a shytload of money on traffic and still can’t get tracking working.
Many custom themes override the core functionality of WordPress–stuff that has been put through
the ringer, bullet-proofed and tested over tons and tons of iterations and
revisions, tested by millions of users…they destroy that and program their own SHYT framework on top of it.
It’s finicky, it’s pointless.
introduces holes in security and bugs that were never there in the original beautiful WordPress framework.
Add to that
the plugins that many marketers LOVE to collect.
the SEO-ists who I also fugking hate with a passion.
They overload their websites
with 20+ plugins that are meant to provide some SEO functionality…plugins
that don’t even play well together and most of them have the same damn features.
are also written by small teams and are never subjected to the same level of
rigour as the original code of WordPress.
So how do I
solve these problem?
How do i create a theme that while not as pretty, is far superior in security, better for traffic, and amazing for sales?
I built the
Google Friendly Theme the way WordPress recommends a theme be built.
As a CHILD
theme of their time-tested default.
means is, the Google Friendly Theme inherits EVERYTHING that is awesome about WordPress…
A theme which is
revised and updated, over and over, every time new issues are discovered.
provide all the security, not me.
All I do is
NOT mess with their code.
My aim is
to minimize the amount of changes made to the core functionality. And to limit
changes in general to the bare essentials.
rather than download people’s shyt plugins, I add the functionality I need
directly INTO the theme. So that the “functionality” and the “appearance” go
hand in hand, never separated.
No compatibility issues there.
Ever since I
started developing my WordPress themes this way, I eliminated all hacker
favour convenience over security.
So they pick
passwords that are EASY for them to remember…and equally easy to hack.
the SAME password for everything on their site…if a hacker gets in one part of
your site, they can get into EVERYTHING.
the default username for “admin” access to their site. Not a great idea, since
it’s one less thing a hacker needs to guess to get full access to your business.
use default permissions on files, directories, and code–which, on most web
do EVERYTHING to all your files.”
SOME of the stuff.
a major issue that can affect your traffic. But it’s not the only one either.
On Feb 5th,
I’ll walk you through a few of the easy things you can do to secure your site
when you set it up.
And I’ll help
you plug some of the other holes that leak your best traffic and send it into a
of you who love SEO–I’ll explain to you why all your efforts are a stupid,
pointless waste of time and show you the only trick you need to get free search
traffic that actually buys shyt.
SEOists are the poorest marketers I’ve ever met. With all their supposed skills
at getting sites ranked, I have yet to meet one who is actually making good money. (What does that tell you? Their traffic blows!)
course, I’ll show you all the stuff Google’s gonna be looking for if you
advertise on Adwords, and how you can give them exactly what they want so they
don’t ban your arse into oblivion.
and more, you can read about here:
LEFT. Then the deal goes bye bye.