Blog

Login

Call Now 860-294-2444

  • Home
    Home This is where you can find all the blog posts throughout the site.
  • Categories
    Categories Displays a list of categories from this blog.
  • Tags
    Tags Displays a list of tags that have been used in the blog.
  • Login
    Login Login form
Recent blog posts

Hi Everyone


I have tried to warn everyone about the upgrade issues. For most people it has gone ok, with only minor issues. For other wordpress websites, it has been a disaster.
 
Here is one of many wordpress 5.0 upgrade disasters we experienced.
 
The customers website was not working correctly already. Before the 5.0 upgrade. We where hired to fix the website. What happened to this customer is that they had a woocommerce store with a custom theme that integrated with and overwrote and replaced key core woocommerce files. So, over the last year as she kept upgrading wordpress, she did not upgrade the theme or plugins. Now the versions are falling out of sync. Then she upgraded woocommerce, which conflicted with the themes custom files. The themes woocommerce files then where over written again with the real woocommerce files. The issues were minor, but were compounding. The customers developer never checked compatibility for wordpress, woocommerce or any other plugins. No one ever does. We figured all this out and we were in the process of repairing on a copy on our dev server. NEVER WORK ON A LIVE SITE. NEVER UPGRADE A LIVE SITE. Always do it on a copy first.
 
So, anyway's, I informed the client that the theme will not be compatible with the new version of wordpress. That we were going to replace the theme with one that would not conflict with woo commerce. Well, low and behold, godaddy upgraded her site to 5.01. She was on a managed godaddy wordpress account. The upgrades are automatic. The result was her website crashed and did not load. All she had was a white screen. The tech at godaddy said that she should hire them to fix the site or we could do it. We are at least 5 days away from completing. We asked the tech to revert. He refused. Fortunately she is one of the few people who paid for backups and I was able to revert myself. If your manages hosting account does not have backups, you screwed. There is no way to revert without backups. She is ok until godaddy ties to upgrade again. Godaddy seemed to be quite overwhelmed and did not know at all what the upgrade issue was. I informed the tech that the upgrades were crashing because:
 
Basic Wordpress 5.0 Requirements.
 
1) WP 5.0+ needs php7.2.
2) the database needs to be at least mySQLi or Maria DB.
3) you have to check the theme and make sure it is compatible with 5.0 and PHP7.2+
4) you have to check all the plugins and make sure they are compatible with 5.0 and PHP7.2+
5) you have to check the theme and make sure it is compatible with 5.0 and PHP7.2+

This is not your normal upgrade as the hosting environment needs to change to support the new Wordpress 5.0+ version. So..., long story short, managed hosting with automatic upgrades are crashing websites.
 
Here is why it is so crucial to make sure you website is compatible. PHP 5.6 and below are no longer supported or getting security patches. This leaves the server vulnerable to hacking and PHP itself is the vulnerability. The hosters have to keep the server secure, thus they need you to upgrade. Next, the database calls have changed between 5.6 and 7.0+. If you don't have themes and plugins that are compatible with php7+, then your website code cannot communicate with the database.
 
And the next issue is that not all the themes and plugins have been upgraded to work with php7+. It takes time, and many themes and plugins are so complicated, they may never be upgraded and may just be discontinued. This means that in some cases, you will need to rebuild your website with a new theme and plugins. Such is the case with the customer I started out discussing.
 
You cannot delay the upgrade. If you don't take care of this and have your site professionally upgraded, you will be without a website until you do the upgrade. This is not a marketing ruse or a track to up sell. You can ask the people we have been helping this week.You cannot rely on the hosting companies to do the right thing. I have no problem with wordpress and our staff are experts. It is actually a very good thing in the log run that they have changed the core of wordpress.
 
Also note, we have also seen the situation where the website was compatible with PHP7.+. But the hoster did not upgrade the PHP version form 5.x and did not migrate the db. Thus they crashed. We just had to get them on the correct hosting environment. Please, Please, Please, think about all I have said.
 
 
 

Call Us If You Are Having Any Issues At All
860-294-2444

 

Hits: 1517
Rate this blog entry:
0

Wordpress 5.0 Gutenberg Upgrades Are Failing and Crashing Websites

 
 
The long awaited wordpress 5.0 is finally here. Within 12 hours we started getting notified and called about failed wordpress 5.0 upgrades with the gutenberg editor. Just like any time you do an upgrade, you need to follow a set of protocols. Also, are you sure you want to upgrade just to get the new gutenberg editor. It takes the page editing to a new level, and is more complicated than the core editor your used to. You may lose some of that simplicity that you want with wordpress in the first place. When you set up your staging site, install the plugin for gutenberg and try it out first. If you dont like it you can stay at the latest version of WP 4.9+. They are not going to discontinue the 4.x.x series for quite a while.

Number 1 and foremost, never upgrade a live site, especially when it is a major core upgrade like this one. Always try it on a copy (called a staging area) of your website first. Yes, I know you have upgraded your WP many, many times without an issue. Well...this time its a different type of upgrade. Upgrade on a staging area first and save yourself possible and considerable down time. 

Number 2) Backup Your Website. We recommend akeeba backup. It is free and will back up your database and files so you can move your complete site to the staging area.

Number 3) Perform the incremental updates between your current version and wordpress 5.0. Those incremental upgrades will prepare your website with the files it needs for wp 5.0. Make a backup between each incremental update so you can revert if any of these fail.

Number 4) Server Compatibility. The basic requierments for workpress hosting have changed. You need to make sure you have the proper hosting environment. From our experience most sites are running on older versions of php and the new wordpress is not designed for those. It has to be PHP7+.
  • PHP version 7.2 or greater.
  • MySQL version 5.6 or greater OR MariaDB version 10.0 or greater. Actually you need mySQLi. mySQL has been deprecated. 
  • HTTPS support. Your site should already have an SSL. Thats just a basic rule for some time now.
 
Number 5) Plugin Compatibility. Just because the core is upgraded, does not mean the plugin providers have upgraded thier plugins to work with the new wordpress core. Plugins usually lag behind core updates, and in many cases, have to be completely redeveloped to work with the new core scripts. Some, even popular plugins, never get upgraded for compatibility. Check the issues tracker and the plugin developers websites for compatibility with PHP 7+ and WP 5.0.

Number 6) Theme Compatibility. Check the theme provider for PHP7 and wordpress 5.0 compatibility. If a later version is recommended, make sure you do the updates. Backup first.

Number 7) Also before starting, if your using a DNS based cloud firewall, you will need to go into the firewall configuration, disable the firewall, and then make sure the caches are cleared.

If all of this is beyond your sklll level and you still insist on the upgrade, please call us. Our team will assess your website to make sure that it is a candidate for the new wordpress 5.0 and perform the upgrade for you. If we do it, you will have no downtime. Better safe than sorry. 
 
One more thing to consider. You cannot usually run multiple versions of php on a single hosting instance. We have the proper environment where we can set up the upgrade in PHP7+. Then when the site is completed, we can upgrade you PHP and move the new site to your hosting account. Really think about this, you can't have 2 seperate hosting configurations on one hosting account. We have the infrastructure to accomodate this problem. And lastly, do not rely on hosting account backups. They are notorious for having failed to run, over written with corrupted website copies, and old. Please, if your doing this your self, manually backup your site with akeeba. Its free.
 
 

CALL MIKE FOR FREE ASSESSMENT AT
860-294-2444
Hits: 1077
Rate this blog entry:
0

Don't forget your website has to meet the new google compliance rules

1) mobile responsive via template

2) google mobile first rule (pc versions of websites are no longer indexed)

3) monitor resolutions (must scale via template)

4) you must have a google webmaster account, and it must be properly configured.

5) You have to manually submit to the new google mobile (smartphone) index via fetch and render. Non-compliance will incur search engine listing penalties. It is reported that if you don't do this, your site will not be in the new search index at all. Compliant websites will show up first.

================================

SERVER COMPLIANCE

Many customers are getting notices from the hosting companies about upgrading. Your notice may look something like this:

 

"We have detected that your server is using PHP 5.3 which is obsolete and no longer receives official security updates by its developers. The Joomla! Project / Wordpress / Drupal / Magento recommends upgrading your site to PHP 7.2 or later which will receive security updates at least until 2019-12-01. Please ask your host to make PHP 7.2 or a later version the default version for your site. If your host is already PHP 7.2 ready please enable PHP 7.2 on your site's root and 'administrator' directories – typically you can do this yourself through a tool in your hosting control panel, but it's best to ask your developer if you are unsure."

Hits: 455
Rate this blog entry:
0

Your first line of defense in the case of your website breaking or getting hacked is your backup program.
Learn about Website Backups Basics, wordpress backups joomla backups  drupal backups.

Hits: 384
Rate this blog entry:
0

Posted by on in Uncategorized

Google webmaster tools is an absolute requirements for your websites search engine indexing. Google webmaster tools account is where you manage your websites indexing and configurations. It is here where you can instruct what google can see and access so your site can be fully indexed correctly. 
Do not confuse this with google adwords or analytics, this is for indexing configurations only

 

Hits: 979
Rate this blog entry:
0


mobilerepsonsivemarchIf your website isn't mobile friendly right now, the SEO future is about to get pretty bleak.

Google has officially started the process of rolling out "mobile-first indexing" but, of course, only for those websites that adhere to the best practices. 
 
In the past, Google's crawling, indexing, and ranking systems used the desktop version of a page's content, but mobile-first indexing now means that the mobile version of a page will be used instead. 

Google indicated that it is notifying those websites being migrated to mobile-first indexing through the Search Console interface and clearly noted that being indexed this way provides no ranking advantage. 

Site owners will likely see significantly increased crawl rate from the "Smartphone" Googlebot as a result of the change. Additionally, Google will show the mobile version of pages not just in Search results but also within Google cached pages.

read the google webmaster central blog


We did our best to forewarn our clients about the need for mobile repsonsive websites, based on google specific rules. The time is here. You can wait no longer, or suffer the penalties. Please contact Mike if you have any questions 860-294-2444

Hits: 592
Rate this blog entry:
0

On March 1, 2017, a new world dawned for websites.

911websiterepair would like to make everyone aware of the new website compliance rules that were implemented on March 1st. These new rules affect all websites and require that websites be behind an SSL, ie https:// vs http:// as mandated by the federal government initiative titled, “HTTPS EVERYWHERE”.

See (https://obamawhitehouse.archives.gov/blog/2015/06/08/https-everywhere-government)

We applaud this effort to secure the internet by implementing the proscribed protocols. In researching the new compliance rules, we gleaned a great deal of knowledge. The initial buzz was that this SSL requirement stemmed from security measures proposed and implemented by Google and were to go from suggestions to enforcement beginning January 1, 2017. As we know, where Google leads, all other browsers will follow.

However after careful research, it is our conclusion that Google was following the lead of the federal government as they step up their efforts to make it more difficult for sensitive and private user information to be gathered with ease by hackers.

We applaud this effort and are confident that we can secure our customers websites.

More on this change:

Compliance is not optional as the repercussion will be that your search engine rankings will be penalized. With a site not secure message next to you URL it is likely to seriously effect your traffic, visitors and revenues.

Before we go into the details, you should also know the following.

The compliance protocol was designed to force government websites to encrypt the transmission of data between a website and a remote system. Amazingly, there were no directives in place to require government websites to use standard security protocols thus rendering government information vulnerable. As the browser is the function that identifies compliance or not, the protocols were expanded to cover all websites.

To quote the source article:
“HTTPS only guarantees the integrity of the connection between two systems, not the systems themselves. It is not designed to protect a web server or website iteself from being hacked or compromised, or to prevent the web service from exposing user information during its normal operation.”

These requirements are now being directed to ALL websites.

The internet has become quite dangerous with all the hacking and data loss,
The search engines and browser providers (ie:google) decided to adapt the new protocols on their own.
Although inconvenient, this protocol and new compliance rules are to the benefit of all and will provide a safer internet.

Over the years we have been amazed at the number of online business that do not use an SSL because they were reluctant spend $125.00 a year on a SSL certificate and a static IP. Do not let price stop you. This is part of the cost of doing business on the internet.

Be mindful, the SSL does not secure your website or server, it encrypts the transmission of data from your site to a remote source, for instance a log-in form, contact form, or shopping carts credit card information.

You don’t have to follow the rules, but you will be penalized for non-compliance.

It is also important to note that note all SSL's are not created equal. You want to make sure you have a high level SSL. The lower priced SSL's do not work on all browsers and devices. We have also been led to believe that part of the Google algorithm has been adjusted to detect the type and strength of your SSL encryption..

So, let’s look how the effects of the changes appear for any website.

Here is a breakdown of some of the new secure messages found in the browser address bar. You can start looking up your favorite websites and see that they do indeed exist and really mean something.


Screen Shot 2016 11 02 at 11.49.09 AM


1) The first Secure message shows that the site is secure and compliant.

2) The second item shows a gray I in a circle and the not secure message. The site does use a SSL, but there are items on the pages, code, and even images that are not secured. If you click the I ( in the circle) you will get a drop down with all the warning messages.

 

warningmessage

 

 

3) The third message is that site does not have an SSL installed at any level of the site.

(FYI: 911websiterepair now shows the correct security messages)

There are some specific features that need to have the SSL applied.
For instance, if you have a log-in page on your site, it now needs to be behind the SSL This shows that the browsers such as chrome have released updated versions that show the new warnings.

 logonpages

If you are not using the latest version of the top browsers, you may not see the warnings at all. But put yourself in the shoes of your site visitors. As many browsers automatically upgrade, they WILL see the secure messages. If you are not seeing these messages in your browser, upgrade your browsers now.

It is not enough to just install and configure your whole website to use SSL. In the case of our 911websiterepair example, the forms and login and transaction pages, even our ticket system is beyond an SSL. The reason our front page had the non-secure message is because of the log-in link at the top right.

There are many other elements of a website which will have to be configured individually to comply and to get the full secured icon and message.

Without getting too technical, some considerations are.

1) To ensure that the Not Secure warning is not displayed for your pages, you must ensure that all forms containing <input type=password> elements and any inputs detected as credit card fields are present only on secure origins. This means that the top-level page must be HTTPS and, if the input is in an iframe, that iframe must also be served over HTTPS.

 iframes

 

2) Full verses Relative urls.
Best practice always is to use relative urls as opposed to full urls. Many sites have a combination of both, not only in articles but in the headers and include references within a websites code.

So, when you link to other pages in your site, users could get downgraded from HTTPS to HTTP.
These problems happen when your pages include fully-qualified, intrasite URLs that use the http://

3) My effort is not to instruct the reader on how to fix all the impending issues of meeting the compliance, but to show that you need to have some developer skills to implement. Here are some more examples of issues when converting a site to full SSL coverage.

relative

4) If your site depends on scripts, images, or other resources served from a third party, such as a CDN or jquery.com, you have two options: Serve the resources from a server that you control, and which offers both HTTP and HTTPS. This is often a good idea anyway, because then you have better control over your site's appearance, performance, and security. In addition, you don't have to trust a third party.

5) Keep in mind that you also need to change intrasite URLs in your stylesheets, JavaScript, redirect rules,
<link> tags, and CSP declarations, not just in the HTML pages.

6) Redirect HTTP to HTTPS. You need to put a canonical link at the head of your page to tell search engines that HTTPS is the best way to get to your site.

Set <link rel="canonical" href="https://…"/> tags in your pages. This helps search engines determine the best way to get to your site.

7) It is also important to make sure that clients never send cookies (such as for authentication or site preferences) over HTTP. For example, if a user's authentication cookie were to be exposed in plain text, the security guarantee of their entire session would be destroyed—even if you have done everything else right!

There are many more issues that need to be resolved to make sure your website meets compliance and earns the secured padlock in the address bar. One of the biggest obstacles is converting potentially thousands of full URL's to relative URL's. That should be done in the database globally and not manually.

Contact 911websiterepair if your website is not showing the secure message in the browser. We offer affordable pricing and realistic time frames. In some cases you will be able to achieve this on your own. We are here if you need our help. It really is a little more complicated that you may think. Also, as not all sites are the same, we need to quote for individual websites.

Reference websites
https://www.wordfence.com/blog/2017/01/chrome-56-ssl-https-wordpress/
https://developers.google.com/web/updates/2016/10/avoid-not-secure-warn
https://security.googleblog.com/2016/09/moving-towards-more-secure-web.html
https://developers.google.com/web/fundamentals/security/encrypt-in-transit/enable-https?hl=en
https://pulse.cio.gov
https://https.cio.gov/guide/
https://obamawhitehouse.archives.gov/sites/default/files/omb/memoranda/2015/m-15-13.pdf
https://www.wired.com/2016/11/googles-chrome-hackers-flip-webs-security-model/

 

Hits: 6951
Rate this blog entry:
0

It is possible that on June 30 your authorize.net credit card processing may stop. 

Authorize.Net has upgraded access to the Internet connections that serve thier data centers. Instead of allowing direct connections, all Internet traffic will be routed through Akamai, a third-party cloud network service that routes and delivers Internet traffic.

Using Akamai network technology will help decrease latency and improve the reliability of our payment gateway. It will also help safeguard against interruptions caused by issues beyond Authorize.Net’s direct control, such as Internet congestion, fiber cable cuts and other similar issues. Additionally, you should no longer be affected by planned downtimes.

 

This is a really good thing. In some cases you will need to chnage the urls n your cart or payment module to point to the new servers. They also will be automatically redirecting URLS to the new service, to prevent any one from having sales interuptions


But.....But.....But....

If your service stops on June 30, the deadline for authorizgeddon, you will have to manually change the urls in your code. Best to be careful and manually change them now.

NEW TRANSACTION URLS

https://api2.authorize.net/xml/v1/request.api
https://api2.authorize.net/soap/v1/Service.asmx
https://secure2.authorize.net/gateway/transact.dll

 

You can change them yourself, or we can change for you ($49.95). You need to call us for this service 860-294-2444

But even if you have changed the urls, you could still have issues. You need to make sure that your website is not behind a firewall. Even the automatic redirect will not work if you are behind a firewall.

Using Akamai technology, Authorize.Net’s IP addresses will become dynamic rather than static. If your website or payment solution uses a firewall that has whitelisted Authorize.Net’s IP address or connects to Authorize.Net directly via an IP address, you will need to make additional changes.

Firewall Considerations – If your website uses a firewall to filter outbound connections, make sure that the firewall is set to permit outbound traffic to flow to the Akamai cloud by configuring your outbound firewall to “ANY.”

If you do not update your firewall ahead of June 2016, you will be unable to process transactions after Phase Two is implemented.

IP Address Considerations – If your solution connects to Authorize.Net directly via an IP address, you will need to update it to connect by domain name. Continuing to connect directly via an IP address is strongly discouraged as merchants will not receive the benefits of routing through Akamai, and could suffer a loss of service if transactions are re-routed among our various data centers.

If you need help, if your transactions stop after June 30, please contact us. We will need access to your server and to your firewall configuration settings.

Are you ready!

Call us for help 860-294-2444

 

 

 

Hits: 1622
Rate this blog entry:
0

Posted by on in Uncategorized

About Recent Website Hackings
Hosting Companies Under Attack
We Do Malware removal and Website Security
 
 
It appears, but not publicly confirmed, that EIG Subsidiaries servers have been attacked and seriously compromised. 
These include the major hosting companies, unfortunately even the ones that we have personally recommended in the past. 
We have the information confirmed by our contacts at the various companies. When their server gets hacked, be assured your website will be hacked.
This did not happen due to negligence. Lets just say it is a global effort to take down websites that affect people in certain parts of the world. 
Although this is a 6 month old article, you can get the idea.
5 Biggest Hosting Companies hacked by Syrian Electronic Army  http://thehackernews.com/2015/03/website-hosting-services.html
 
Hits: 1953
Rate this blog entry:
0

Posted by on in Uncategorized

 Authorize.net announced this week that they are changing there API URL's do be compatible with Akamai Network Technology.

This means that your website payments could cease to be transmitted to authorize.net.

Now, although they say in a year or so they may redirect your old API urls to the new one automatically, Authorize.net recommends that you make the change now and prevent any future issues.  The advantage of doing it now verses later is that with the new urls you will experience no more network maintainence downtime.

 

As stated in the announcement, 
"Using Akamai network technology will help decrease latency and improve the reliability of our payment gateway. It will also help safeguard against interruptions caused by issues beyond Authorize.Net's direct control, such as Internet congestion, fiber cable cuts and other similar issues. Additionally, come October, merchants connected to Akamai should no longer be affected by planned downtimes." 

Authorize.net is implementing Akamai's technology into the network in two phases.

  • Phase One (Now through June 2016) — They have created three new URLs for transaction processing that are hosted by Akamai. You can update your website or payment solution to point to the new transaction URLs today, which will provide you with the immediate benefits detailed above. Come October, you should no longer be affected by planned downtimes.

911websiterepair.com is offering a special price of $49.95 to implement the new URLS for you. We can do it within 12 working hours of your request. The special price applies to phone orders only (860-294-2444). By doing it now you can prevent future downtime and failed transactions.

 

 

Hits: 2123
Rate this blog entry:
0

New 911websiterepair.com

 

The new 911websiterepair.com is finally on line. We did quite a bit of customizations to the ticket system, memberships/subscriptions, and the template. The comments have been favorable and everyone seems to like the new parallax template format. The only thing everyone has really commented on is the logo. So we will work on a new logo to match the new template. Now we are up to joomla 3.4. Also, make sure you check the site out on your mobile phone. The resposive layout is awesome and complies with all of the latest google mobile requirements for search engine indexing. We did not lose any of our rankins with the switch to the new site. Our rankins are actually better than ever. If your considering a new site but worried about your rankings changing, DON'T, we know how to handle this. Our rankings are better then ever.

 

NEW HOSTING

 

Did anyone notice how fast the website is now. Not only do we have the new site, but new hosting too. Everyone knows we have been a big fan of Hostgator which is still fine. Our sites and needs required a more robust hosting solution. Now we are hosted on a new dedicated server at SQUIDEX.com. Support is incredible and you can see the speed difference. Using the SSD hardrives and having the server set up correctly really makes a difference. For most sites your fine with hosting services from inMotionhosting.com. You dont need a solution like ours unless you have a lot of calls and websites. But when you get to the point where you need more speed and power, SQUIDEX is the way to go.

 

NEW GOOGLE MOBILE REQUIREMENTS

 

We have been busy updating websites and doing template conversions for complying with the new google indexing rules. Now that they have implemented the new rules, people who did not upgrade their templates are dropping like flies in the rankings. I gave everyone full warning and for those who ignored me they are now suffering. If you have not upgraded to the new google mobile responsive requirements, contact us now so we can get started asap. Withour being mobile responsive, your compeditors will out rank you becuase they did upgrade.

 

 NEW PRICING

 

We have dropped our rates to $10.00 per hour. All the same policies apply, but now your can get more hours for less money. The prices will go back to normal at some time in the near future. Purchase your time blocks now and save the hours for when you need them. There is no expiration so you can use the time whenever you want.

 

WEBSITE SECURITY

 

 Sitesassure is realy taking off and in 18 months, not a single website using the firewall has beem hacked. We even have it working on cloud hosting now. Our wordpress plugin will be released soon so you can scan and get reports for free from within your admin. Soon to follow will be our joomla plugin. Don't roll the dice. Get your website secured before malware finds you. http://www.sitesassure.com 

Hits: 2472
Rate this blog entry:
0

Google recently announced, "Starting April 21, we will be expanding our use of mobile-friendliness as a ranking signal. This change will affect mobile searches in all languages worldwide and will have a significant impact in our search results."

The next algorithm update will take into consideration the mobile-friendliness of a site within search engine rankings. This means if you have a site that is not “friendly” to mobile devices, then you will likely be penalized and appear lower within search results. The new “mobile-friendly” requirement and ranking signal update to the Google algorhythm is scheduled for April 21, 2015, so time is running out to get your website optimized.

 

Although the update may seem harsh for sites that have not taken the time to optimize for mobile viewing, we commend Google for giving forewarning prior to releasing this update. Typically, Google implements new updates and website rankings are at the search engine’s mercy.

The layout and labeling changes are already in effect on google. Use your mobile device and do a google search. You will see the new search results layout and the label: Mobile-Friendly. If your site does not have this lable, it is reported that you will be penalized in mobile search results and you will lose your rankings.

Call 911websiterepair and get your mobile responsinve quote

860-294-2444

GOOGLE MOBILE RESPONSIVE TESTER

Hits: 2016
Rate this blog entry:
0

 

2014-12-16 175737

A Russian malware called SoakSoak has infected over 100,000 Wordpress sites since this Sunday, turning blogs into attack platforms. It's a potential shitshow, and it could've been prevented earlier this fall.

 

Google has already blocked 11,000 domains to try to curb the damage. According to security firm Sucuri, the malware uses a vulnerability in a slideshow plug-in called Slider Revolution. The Slider Revolution team have fixed it with updates. The problem is that the old,vulnerable version of the plug-in is still bundled with Wordpress themes, so lots of sites are still using the wrong version.

 

 

Hits: 1748
Rate this blog entry:
0

The time has come: Joomla 2.5 official support will come to an end. On December 31st 2014.
Joomla 2.5 will reach its official End-Of-Life and will be officially deprecated. 

This could have serious and detrimental effects to your current Joomla websites future.
Joomla 2.5 was released on January 20th 2011.and has been with us now for almost 4 years.

In 2012, Joomla 3 was released with enhancements and many new features. Joomla 3.X.X has become stable and a more friendly and usable system. The day has come and has been known for quite some time already for you to seriously consider the upgrading of your website.

Hits: 2509
Rate this blog entry:
0

Posted by on in Uncategorized

Wordpress just released WP 4.0 and Joomla 3.x is in a constant upgrade cycle. They both are promoting one click upgrades that you can do yourself. 

 

This is just not true for anything other than the most basic websites.

 

As there was a huge initiative by the organizations behind these CMS system to upgrade this week, our phone is ringing non-stop as website owners are crashing their websites.

 

There really is a process that must be followed.

1) check for server compatibity. Will the servers PHP and mySQL support the new version of the CMS

2) check all plugins and extensions. Are they compatible with the new version

3) check the template for compatibility

4) if your site customized in any way, those customization may have to be done over

 

And then, if all of this checks, upgrade a work copy of the site. DO NOT UPGRADE A LIVE WEBSITE!!

 

Best is to call us.

 

Let us know if we can help

 

 

Hits: 1836
Rate this blog entry:
0

Posted by on in Myblog

Hi Everyone

 

We are still here. Sorry its been so long since we posted.

 

goldHere is one of the projects we have been working on and are now doing the final touches for.

 

Check out http://www.Goldstrikechili.com. Make sure you have your speakers on.

 

Hover over the illustrations to see movements.

Click on the mining cart to enter the inside of the mine.

Hover over the vegetables and animations to load little animated factoids of Prospector Strike.

 

And then order yourself a bag of chili mix. BUY NOW

 

Our team provided all the illustrations, animations and video work. We created this project from top to bottom. 

 

Our 911 staff has also been recommending http://www.hikashop.com for ecommerce sites. Yes, virtuemart is just to problematic. This cart has been troble free thus far and I belive offers better usability for the customer experience and the management of the cart.

 

 

 

Hits: 1753
Rate this blog entry:
0

VIrtuemart recently announced a major security vulnerability. Users of the component need to upgrade and patch immediately. Please read this except from PCWorld magazine dated Sep 11, 2014.

 

http://www.pcworld.com/article/2606312/vulnerability-in-popular-joomla-ecommerce-extension-puts-online-shops-at-risk.html

 

A critical vulnerability in a popular e-commerce extension for the Joomla content management system allows malicious users to gain super-admin privileges to sites that run the software.

The VirtueMart extension, which allows users to set up online shops on their websites, has been downloaded more than 3.5 million times, said Marc-Alexandre Montpas, a researcher at Web security firm Sucuri, in a blog post Wednesday. “With super-admin access, the attacker has full control of the site and database.”

The issue was discovered last week and was patched in VirtueMart 2.6.10, released on Sept. 4. The VirtueMart page in the Joomla extensions catalogue advises users that “everyone using a version lower than 2.6.10 should update as soon as possible for security reasons.”

Sucuri originally released technical details about the vulnerability, but then removed them at the developer’s request because the issue might also affect other extensions.

“VirtueMart uses Joomla’s JUser class ‘bind’ and ‘save’ methods to handle user accounts information,” Montpas said. “That’s not a problem in and of itself, but this class is very tricky and easy to make mistakes with. We actually think the problem is on the Joomla class itself, so we will not disclose any more details.”

The VirtueMart developers feel the same. They disapproved of Sucuri’s decision to make the details public, calling it “amateurish” on Twitter and said that VirtueMart won’t be the only component with the problem.

The VirtueMart website contains a long list of online stores built with the extension and it will probably take some time until their owners update them all, putting the sensitive data stored in their databases at risk in the meantime.

“Great post, but can you perhaps nudge us a bit toward the location of the security risk,” one user named Martijn Faber, wrote in a comment to Sucuri’s blog post. “We currently have some projects in [VirtueMart] 2.6.8 which cannot be updated easily. We have to fix this by hand (line by line).”

“I have the same problem as Martijn, can you please give us some list of updated VM core files?” another user said.

 

Let us know if you need help. Use our quote form on our front page (http://www.911websiterepair.com) to contact us of call 860-294-2444.

Unfortunately, as the article states, for highly customized websites this could be major work.

Hits: 2118
Rate this blog entry:
0

INTRODUCING OUR MALWARE, VIRUS AND WEBSITE ERRORS SCANNER

 

Malware-Removal-4We have been working away at improving our services. This month we added a new website scanner for detecting hacks, malware and errors. No longer do you have to load a hacked website and infect your computer. Just do a scan, get a report, and we can remove and clean the site. Its right on the frontpage of 911websiterepair and you can use it as many times as you want. We get a copy of the report and will contact you to see if you need help cleaning the site. If you use the scanner, we will give you a 20% off coupon on the removal.

 

 

 

INTRODUCING SITESASSURE: WEBSITE PROTECTION PLANS

 

sa-logoWe partnered with some customers of ours to fill in a real need for website monitoring. The solution is Sitesassure.com. Just look at all the things you get. Daily virus, malware and error scanning, a firewall, backup program, no extra charge malware removal, 5 hours of programming time and huge discounts on future work. Just add the urls to be scanned to your control panel and you will get a daily report. If we see your hacked, we may even have it fixed before you get up in the morning and find out about it.

 

VISIT Sitesassure.com and check out the service plans

 

INTRODUCING ROB JONES

We are adding onto our staff to improve quality control and programmer management. Rob has been a long time customer. Who better to know our services that a happy customer. Rob and the staff hit it off and he took our offer to join the team. He still maintains his own company http://www.creative-pro.net. He has become a valuable time member and we are glad to have him.

 

INTRODUCING WEBSITE DESIGN AND MOBILE APP DEVELOPMENT

With Rob we add new skills and services. We now offer Website Design, Logo Design and Custom Mobile App Development. And at really great prices. Get 70% off mobile app development pricing today.

 

INTRODUCING QUOTE MATCHING

Do you have a quote for work from another company. Let us know, and as long as its reasonable, we will do our best to match or better it. Don't hesitate to tell us about it. We know we need to work within our customers budgets and we will do whatever we can to save you money

 

If any one has any questions, call us at 860-294-2444

 

Best

Mike, Rob and the Team

 

Hits: 2495
Rate this blog entry:
0

Posted by on in Uncategorized

You know why I always recommend hostgator and it because of situations like this.

 

they are proactive in securing their servers, and because they update, they were not effected as severely as other hosting companies.

 

they have a tester here

http://heartbleed.hostgator.com

 

it is only for hostgator hosted sites

 

also, as for 911websiterepair and madeforjoomla. we were never effected because we keep our server up to date and the newest versions of openSSL are not vulnerable. Of course, that keeps our sites in the same constant upgrade cycle as yours, but it sure has paid off to do it.

 

Let us know if you have any questions

 

 

 

 

 

Hits: 2438
Rate this blog entry:
0

Our customers have been contacting us with their concerns over this virus.

 

Here are some facts you need to know

 

1) this is a server side issue, your hosting company has to patch their server

2) it has existed for over 2 years, it is not new

3) no website virus scanner will detect it

4) this isn't simply an issue on your personal computer or your phone — it's in the software that powers the services you use.

5) simply changing your passwords will not help

6) the vulnerability leaves no trace

 

 

Here is the simple explaination of how it works.

 

It involves a flaw, a hole, a vulnerability in a server protocol called OpenSSL, the open-source encryption standard used by the majority of websites that need to transmit the data that users want to keep secure.

 

Your site certificate (SSL) keeps the information being transmitted secure by using something called, Encryption. Your SSL needs openSSL to work. Encryption makes the data being sent look like nonsense to anyone but the intended recipient. Occasionally, one computer might want to check that there's still a computer at the end of its secure connection, and it will send out what's known as a heartbeat, a small packet of data that asks for a response.

Because of a programming error in the implementation of OpenSSL, the researchers found that it was possible to send a well-disguised packet of data that looked like one of these heartbeats to trick the computer at the other end into sending data stored in its memory.

 

This is about as simple as I can make it.

 

You need to call your hosting company and make sure your server is patched. Then change your passwords. Replace your site certificate if you can, they can be effected also.

 

There is a website with detailed information

http://heartbleed.com

 

One more importnant issue. The hosters are really going to push to upgrade their server software. Thus, now more then ever, if you dont upgrade your websites, they will go down as they are not compatible with newer server software. If you have not upgraded your websites, DO IT NOW. Better to have it done then to find out your site is suspended and your going to be off line for weeks as your site is being upgraded.

 

I hope everyone makes out ok. Let us know of questions or concerns

 

 

Hits: 2522
Rate this blog entry:
0

Get A Quote

Get A Quote

Please let us know your name.
Please let us know your email address.
Please let us know your message.
1-1111-111-1111
Invalid Input
Enter the code
  Refresh Invalid Input

Get in Touch and Start a Project with Us

 

Drop us a quick message to the right and let us know what kind of project you are interested in us tackling for you. We hope to hear from you soon!

Quick Quote