Security Warnings: Is Your Site In Danger?

Google has announced that in just a couple of short months Chrome will start showing security warnings on HTTP sites that have any text input fields in them.

Breaking it Down: What Does That Mean, Exactly?

If you have a blog that can be commented on, a newsletter sign up form on your website, members only content that requires a login – anything that is interactive with your users and has an field where people type into on your website will show a warning that it is “NOT SECURE” starting October 1, 2017.

BOTTOM LINE: This WILL effect the users ability to access your website!

Google is the first web browser to jump on board with this, and has been marking login forms, certain websites and credit card forms not secure for a while, but, there was a story earlier this year where Firefox reported already showing these warnings on un-encrypted login pages.

These safety precautions are all steps to ensure a better, secure, internet environment for all users moving forward; making it harder for cyber criminals to intercept information over the web.

These are just the first steps, with websites having forms being the first to be flagged. However, it is the goal to have ALL websites eventually go to HTTPS (sooner than later).

This goal may be closer than you think. We had a client’s entire blog site blocked from being shown at all to users in Europe just last week because it was not an HTTPS site and deemed “NOT SECURE”. This is taking it a step further from just a warning in an input field – the whole site was marked not secure and was not shown to the user at all.

What does this mean for you?

If you are the owner or manager or a website, this affects you, and your website needs to be secure. You can secure your site and prevent these “NOT SECURE” warnings by moving your site to HTTPS. This is done by installing an SSL Certificate.

We did a blog post a while back on how you can get a free SSL certificate From Let’s Encrypt and the benefits that comes with them (I’ll give you a hint: Search Engines love SSL Certificates and your SEO will thank you!).

If you are a current TrevNet Full Service Hosting customer and you’d like to take advantage of a “Let’s Encrypt” FREE SSL Certificate on your site, contact us to get started.

Are you sick of spam? We’re reducing email spam now!

Trademark300dpiThis week we are rolling out some new updates to our mail server which will help reduce the amount of spam being received by our customers. We’ve recently noticed an increase in spam over the last few months and decided to take action. This update will include a new settings panel in cPanel called “MailScanner Configuration”; here you can fine-tune how you want to handle a message when it is detected as possible spam. We went ahead and configured this for you and you should already be seeing a reduction in the amount of spam received.

You may start to see some emails come in that start with {spam?} or {Disarmed} but this is just the new spam blocking system working. You can delete these emails if they are spam or treat them as you would a normal message. If you have any specific questions or would like us to make some changes to your account, please contact us or open a support ticket.

We are always striving to improve the quality of service at TrevNet Media – and no one hates spam email as much as we do!

The Year of the Hack!

Some are calling 2013 “The Year Of The Hack”; it’s more important than ever to take the necessary steps to ensure your site is secure. Since 2008, almost half a million WP sites have been reportedly hacked and this number is sure to rise as WordPress gains more in popularity. Close to 19% of the world’s websites are powered by WordPress. By not keeping all of the plug-ins and themes associated with your site up to date, you could be potentially leaving it vulnerable to an attack.

Tips to reduce the risk of being hacked:

  • Keep software and all plug-ins updated
  • Remove all plug-in and add-ons not in use
  • Make security a priority when choosing a web hosting company
  • Use proper file permissions on your server
  • Use strong, varied passwords and don’t store them locally
  • Regularly scan your PC for malware

We are in an era where everywhere you turn, you hear stories of the latest hack, and it’s no secret that WordPress has received plenty of bad publicity regarding the topic. Recently, stories about hackers laying a massive, global siege on WordPress sites across the Internet have been everywhere. The main focus of these hacks was exploiting the default “admin” accounts and over 90,000+ IP addresses were involved in the attack. From this, companies scramble with their tail between their legs trying to patch up the security holes they swore never existed.

It should be made a general rule when owning a WordPress site to continuously stay current on the latest updates. Hacking aside, there are several additional benefits to keeping your website fresh and up to date. To put it another way, think about a car; you know the over-all cost of maintenance it is far less than fixing a problem should it occur. Keeping your website up to date, like your car, will be far less expensive in the long run and will give you more “mileage” out of your site.

Email Marketing Tips: Avoiding the Spam Filters for your Newsletters

Email marketing as many of us know, can be a powerful and inexpensive method of reaching our most active potential and/or existing customers. It can boost not only our direct sales, but also our credibility and referrals.

One of the major benefits of email marketing is that email is free, but obviously this is the same reason that spam has become so popular and so frustrating. With spam comes spam filters and with spam filters comes the blocking of legitimate email.

This article

 

The right selection of words


Many spam filters work by analyzing the email based on its content and the words used. Many words — such as free, sex and so forth — are very heavy spam trigger keywords. Your priority should be to avoid such words while keeping your newsletter as professional as possible.

Later in this article I will show you a technique that I use to help me detect words that could trigger spam filters that I may have missed.

Pay attention to your formatting

When formatting your email, keep it simple and professional. Excessive use of different colors, fonts, sizes, images and so forth will result in a higher spam filtering rate. Keep your email as clean as possible, and try to stick to a maximum of 2 or 3 different font types and sizes. Overly large sized fonts will surely add to an email being flagged as spam, as will too many images (or not enough text).

Try and use a short and simple stylesheet rather than using font tags excessively. Most spam filters don’t appreciate a multitude of font tags and inline formatting, and the more primitive filters can’t detect stylesheets so they will not penalize as easily.

Consistency is king

Use a template if you plan on sending newsletters consistently. This will make sure that all your newsletters look and feel the same. It will also add a touch of professionalism and branding to your newsletters.

Whilst not directly affecting spam filters, this will enable your readers to distinguish your newsletter instantly, thus not reporting it as spam accidentally. Some spam filters work by querying a spam server, whereas others report individual emails as spam. If your email gets reported as spam, then more than likely multiple spam filters will flag your email.

Being consistent with your timing of the newsletter also helps. For example, if you send a newsletter once per month (I personally don’t recommend you send out any more than this, unless you’ve got something really interesting to say), then aim to send it out at the same time, on the same day each month.

Once again, your potential readers will learn to expect your email, adding professionalism and often improving open rates, also reducing accidental spam flagging as well.

Always use Double Opt-in

Always make your contact lists double opt-in. This means that when a user subscribes to your contact list, they will be sent an email with a link that they must click on to confirm their subscription.

This is very important because many people can accidentally enter an incorrect email address, or even the email address of someone else on purpose. When that person receives a newsletter they did not subscribe to, they will assume they have been spammed, and your newsletter (and possibly your web server) will be reported as spam.

Unsubscribe and Contact Information

Every newsletter you send out should contain a way for the reader to unsubscribe. Not doing so is illegal in some countries and is an instant sign of spamming. You should also display your contact information (Phone, Fax and Address) clearly, as this greatly increases confidence in your email and your company, as well as conforms to spam laws in the United States. Contact information also allows a potential customer to contact you if need be.

Test, Test, Test

The key to avoiding spam filters is testing. The first method of testing I use is to send the newsletter to multiple email accounts with existing spam filters. For example, I have a Gmail (http://www.gmail.com) account and a Hotmail (http://www.hotmail.com) account that I make sure I send my newsletter to. If the newsletter ends up in the junk folder, then I’ve got some work to do.

I also have a couple of email accounts with different web hosts that have spam filters in place. In particular, they mostly use spam assassin — a popular piece of spam filtering software. Spam assassin is useful because every email that it flags as spam is given a report and a list of why that email was considered spam.

I also have a local spam filtering application called No Spam Today! for Workstations, that runs a local copy of spam assassin on my PC. It acts as a very close replica to the same software used on thousands of servers world-wide. By sending myself copies of the newsletter No Spam Today! — using the spam assassin checking techniques — gives me feedback as to why my email may have been flagged. If I’ve used words or formatting that I shouldn’t have, or if I’ve included too many images, etc.

Conclusion

Avoiding spam filters when sending out legitimate newsletters can be a time consuming effort. However, as your contact list grows, it can also be a very beneficial exercise. I’ve watched open rates of just 2 to 3% soar to a massive 50% and over, simply by applying the techniques described in this article.

At TrevNet Media we can help you setup and manage a succussful email campaign.