blogio blogging blog

It’s probably every webmasters dream to have his or her site featured on the front page of Digg. A lot of website owners, however, still have nightmares about the day they got Dugg. The avalanche of visitors hitting your site can cause a number of bad things to happen.

Getting shut down by your hosting provider
The sudden increase of traffic can cause some alarm bells to go of at your hosting provider. Some server administrators will mistake the ridiculously high hits on your site for a DDoS attack and take your site offline.

You can prevent this from happening by letting your hosting provider know that a page from your site made the front page of Digg. This is, of course, providing you know you have been Dugg.

Another reason, your web hosting provider might have, to take your site offline, is that your account has used up it’s available traffic resources. A page with only a few images and scripts can easily add up to a few hundred kb of data being transferred on a single page load.

Looking at my website statistics, it seems that my average page size is about 35 KB. If I would be running on a hosting account with a 10 GB a month data limit, I would be able to serve about 285.000 pages a month. That is plenty for most sites, but being on the front page of Digg can drive crazy amounts of visitors to your site, which can chew up your 10 GB plan in no time.

But there is something that can be far worse than having your site taken offline for reaching the bandwidth limit: it’s having your site stay online after using up your monthly bandwidth and
Read more »

Keeping your WordPress installation, or any other software installations for that matter, up to date should be high on your to-do list. No matter how well programs are planned, there will almost always be bugs and security holes that are only discovered after the software has been released. They are often patched by software updates as soon as the issue has been discovered and a fix has been created.

It’s these known, and fixed, software issues, that cause the most problems. There are a lot of wanna-be hackers around, that are too stupid to figure out how to hack websites by themselves. Instead they just exploit the known bugs to gain access and impress their wanna-be-hacker-friends with their l33t h4cker 5killz.

If you keep your software up to date, you will probably have a more than 99% less chance of getting your website hacked. Here’s what happened to one of my WordPress blogs, that I didn’t upgrade:

I have a blog that has been laying dormant for well over a year. At one time I just didn’t have the time to post updates and I never got back to writing on that blog again. It was still making some money from a few scattered AdSense clicks, nothing major, but enough to cover the years domain registration and hosting fees. I figured I’d keep the site and maybe one day start writing on it again.

Recently I started getting email from the hosting company, notifying me that the site was nearing its bandwidth limit. Checking the website statistics I found a sudden rise in traffic back in August. The number of visitors and page views has been steady, but the used bandwidth went up. Not just a little: in July 2008 the site used 68 MB of bandwidth, which is about the normal monthly usage for the website throughout the rest of the year, but in August the traffic jumped up to 994 MB, in September the bandwidth usage was over 5 GB and the highest peak was this past November with nearly 10 GB of traffic!

I had my email alerts for the site set to 10 GB. So, nearing this amount of traffic triggered the system to notify me on the site usage. Checking the stats, I noticed visitors finding my website through search terms that I’m not even going to mention here, just open up your average spam email and you know what terms I mean.

I went to look at the site and everything appeared to be normal, but the little icon in the top right hand corner of my browser, which indicates the page is being loaded, wouldn’t stop spinning, even though my screen showed the complete site already. Looking at the source code of the page, I found a lot of links at the bottom of the page. I didn’t count them, but there where literally thousands!

I requested a free sample from each site linked to, so I could make my friends envy me for the rest of my life. Well, actually, I just removed the links and went to bed. The next morning they where all there again! I must have forgotten to save the file after removing the links. I removed them again and double checked the site. All looked good, but a few hours later the links had been put right back into my source code files.

This WordPress installation had been installed in January 2006 and hadn’t been upgraded since, so I decided to install one of my favorite WordPress plugins: WordPress automatic upgrade. With my installation being almost 3 years out of date, I wasn’t expecting the plugin to work, but it worked perfectly, upgrading my WordPress installation to the latest and greatest release with just a few clicks (sorry Keith, I should have known better!)

The links didn’t come back, but I’m still worried about a Google penalty my site might have received for having all these links on there. I’m glad big G didn’t close my AdSense account that was displaying ads on the spammed pages.

Search engines have their bots roaming the internet, looking for new and changed website pages. There’s no telling when the bots will visit your site and indexing new pages on your site can take anywhere from minutes to days or even weeks.

If you’re running a blog and people have subscribed to your rss feed, you’ll want to let them know immediately when you have posted new content. The rss services, however, also rely on checking your site to see if new content has been posted. Checking every blog every minute of the day would be a big burden, both on their servers, as well as on the one hosting your blog.

This is where ping comes in: by pinging a service, you let it know that you have updated your site and it should come over to see what has changed. (not to be confused with the tcp/ip ping command, which tests the connection between two systems)

Within the WordPress admin panel you can find Update Services under Settings -> Writing. Here you can type in the URLs of the services to ping, whenever you post something new to your blog.

There are loads of ping services available, but be careful! Don’t just put every ping service you can find in there. Services like pingomatic will forward your ping to multiple other ping services. This will cause multiple pings, both from you and from pingomatic, to the same service. With multiple pings coming in for a single post, your blog could be marked as spam!

Here’s the list of ping services I’ve put into my WordPress installations:

http://rpc.pingomatic.com

http://ping.bloggers.jp/rpc/