How to Recognize and Reduce Spam on Site

In many ways, spam is just a fact of life on the Internet. Many of us get the occasional spam email and have a filter to take care of it. Far and away, the most common example of spam is email spam. While email spam is easy to avoid and relatively harmless, if you’re running a website, you have to try and be more mindful. Spam accounts on forums or even in comment sections can be a real problem. Too many spam accounts can make your site look bad and make new readers wary. Here are a few simple tips to help you nip those spammers in the bud.

The Captcha

One of the oldest responses to spam bots is the captcha. A captcha is a basic response test used to ensure a human answers the question. Normally it’s represented by either an image including letters or a math problem. While a captcha won’t cut out users who are actively trying to create spam, it will keep out bots and that alone will cut down on your spam by a wide margin. Most websites require a captcha when creating a user account, but that’s not enough. I recommend requiring users answer a captcha every time they comment. It’s a little less convenient for the users, but it will do a lot to keep your site clean.

Zero Tolerance

This tip is especially true for forums. Make sure you have a clearly stated zero tolerance policy on spam. If ever you catch users spamming, new or old, ban them. It’s important that the community knows you take the issue seriously and may ward off a few potential spammers. Sometimes this works best if you can make an example out of someone, so at the first chance you get, ban the spammer immediately. Nothing is worse than having an interesting conversation thread ruined by a spammer. Forums, perhaps more than any other type of website, have a lot to lose from huge numbers of spammers. It’s also important to ban the IP, not just the account. While it’s not impossible for them to return when banned by IP, it’s more difficult.

Keep an Adequate Moderating Staff

The larger your community becomes, the higher the chance of being targeted by spammers. It will eventually get to the point where it just isn’t reasonable to keep up with it all yourself. This is where the importance of having a moderator staff comes into play. If you take a handful of dedicated users you feel you can trust and give them basic moderation power, your site may clean up itself. Often these moderators will agree to help out of pure love for the site. Make it clear that you’re looking for volunteers and are unable to pay them. You may be surprised by the community response.

Require an Email Address to Post Comments

Requiring an email address to post comments serves two purposes. The first is warding off spam bots and the second is forcing some responsibility. Often, when any portion of the anonymity of the Internet is taken away, spammers avoid it. It’s still possible to create an account for the sole reason of spamming your site, but it’s likely not worth the effort. If this does happen, make sure to take the email address and add it to a database before deleting the comment. You can then keep a record of this database and use its emails to cut down on spam of other websites you run.

Collaboration

Partner sites and affiliates are the lifeblood of the blogosphere. You can make use of this to avoid spammers using the database mentioned earlier. If you encourage your fellow webmasters to keep up a similar list, you can compare the two and end up warding off more spammers. With a large enough collective, you can create a joint safety net. This net works by protecting the other sites in the collective from any single spammer. While it won’t cut spam out completely, it will do a great job of cutting it back and requires minimal effort to maintain.

Google Wallet, the changes to the way we pay

Security
According to Google's Freed-Finnegan, you get five chances to enter the correct four-digit PIN. If that fails, he said, the phone's secure element is wiped clean. According to Money Network's support staff, however, mistyping the PIN five times will generate an error message and an offer to email you a new PIN. If accepted, instructions to create a new four-digit PIN will then be emailed to you, using your Google email address associated with the card.

If you lose your phone, you'll need to contact your carrier (Sprint). Don't worry, though: if a thief steals your phone and immediately mistypes the PIN five times to receive an updated PIN, the thief will still need to know your name, address, Social Security number, and other identifying information to set up a new PIN. Incorrectly identifying one of those fields will force the thief (or you) to fax over proof of identity, according to Money Network.

Topping up the card also comes with its own hurdles. Google forces you to manually enter all of the card information each time you want to top up your prepaid card. Consider this a security feature rather than an annoyance; in the off chance you lose your phone, wouldn't you want the thief to have to enter his own card information, rather than use yours? After the card is approved, however, you can manually enter the amount that you'd like to add to your card.

The transfer was accounted for by my credit-card provider as a purchase, not as a cash advance, and charged to Money Network LLC. It's also worth reiterating that the Google prepaid card is a Mastercard, owned by Metabank, with all the fraud protections that Mastercard offers.
Once you have funds loaded onto the Wallet, you're ready to begin using it. But where?

Google Wallet: I'm loving it?
Google preloaded my Nexus S with a Mastercard PayPass Locator app, which allows you to search for restaurants, shops, and other locations near you, or a given location, with PayPass (and, by default, Google Wallet) enabled. At this point, you have few choices.

If you like junk food, however, you're in hog heaven. If you open the app and look for places to eat (the burger and shake icon) chances are that it will be either McDonalds, 7-Eleven, or Jack in the Box. Other PayPass-equipped stores include CVS, Rite-Aid, Walgreens, Duane Reade, Peet's Coffee, the Home Depot, Foot Locker, Office Depot and Best Buy. Sure, you'll also find a few local businesses that use Google Wallet, but they're few and far between. One downer: in tech-friendly San Francisco, south of Mission St. is a virtual wasteland where Google Wallet is concerned. South of Market isn't much better. Two exceptions: AT&T Park and Whole Foods, a pair of pricey venues where you might end up topping up your Wallet before you even leave the store. New York fared better, with numerous chain stores using the technology, and New York taxicabs.

Chin up, though - the app isn't perfect, and new locations are being added every day. You may also run into a merchant that for some reason has been left off of the app - one McDonalds in my town wasn't listed, and its payment terminal didn't have the Mastercard logo. But the phone reported that the payment had been sent, and a receipt confirmed it.

Promises unmet, as yet
"Your phone will be your wallet. Just tap, pay, and save," said Stephanie Tilenius, Google's vice president of commerce, at the May launch. So far, two out of three ain't bad.
Theoretically, Google Wallet offers the ability to upload third-party payment and loyalty cards as well, another step in eliminating the George Costanza-style wallet. However, aside from an agreement with American Eagle, that that capability has yet to be truly enabled. Expect more partnerships to be announced next month, I was told.

Google also hopes to eventually add the sort of "buy ten sandwiches, get one free" loyalty cards favored by smaller shops. "Everyone expects that Google has some sort of master plan, when in reality we have numerous programs running in parallel," Freed-Finnegan said. In other words, not yet.

Google Wallet already ties into Google Shopper, a nifty-looking mobile app which displays discounts from merchants near you or another location. According to the app, deals that you select are saved within your Wallet, and then triggered using a QR code or other acknowledgement. But my Offer screen displayed a large blank spot where the code should be, and I didn't bother driving fifteen miles to argue about whether or not I should receive a free order of churros with my burrito.

The in-app history of purchases also needs work. The history records the time at which "tap event" (not purchase) was made, but not the amount or location. To get that information, you'll need to call Money Network and speak with a live representative, a Money Network representative said.

Conclusion
We all know the steps necessary to pay with a credit card at a grocery store or coffeehouse: whip out the card, swipe, enter a PIN, or sign. It's quick, easy, and an ingrained habit. Google Wallet has the same potential.
While I very much doubt that states or federal agencies will allow identification to be stored within a phone any time soon, if ever, I think it's highly likely that tomorrow's kids will relegate the wallet to the same anachronistic garbage bin as the floppy disk, cassette tape, and VCR.
One case maker (The Callet) already provides a case with an attached pocket for storing a driver's license or credit card. (Ironically, it doesn't support any Android phones as yet.) This is the future. Will it have a Google logo emblazoned on it? Time will tell.

Sources: Mark Hachman PCmag.com

Back

Google Wallet, the changes to the way we pay

Google Wallet, Google's groundbreaking initiative to allow U.S. consumers to pay for items using their phone as a virtual credit card, simply works.
That's good news for Google, because millions of Americans already know how to pay with a plastic credit card. However, Wallet currently lacks the conveniences and benefits that will be needed for its long-term success.


Google Wallet has been launched in a public trial, the new jargon for a beta test, about four months after its introduction. Using a small near-field communications (NFC) antenna mounted inside the rear of the phone, an embedded security token, and some accompanying software, Google Wallet allows users to simply tap (or touch) the phone to a payment terminal. Money is automatically debited from an attached credit card.
Why use Google Wallet? Because it implicitly promises that you'll eventually be able to leave your wallet at home, or at least stuff your driver's license into a shirt pocket.

"Really, this is a tool for consumers," said Marc Freed-Finnegan, the senior business product manager for Google Wallet, in an interview. "We hold your card. We hold your stuff. And we pass the card to the merchant, as if you tapped a plastic card. Google isn't processing, we're not in the middle of the transaction, and we're just creating this tool to organize your life, create money with offers, and organize your life with your loyalty card."
Google announced Google Wallet in May, saying then that Google Wallet will work on Sprint's Nexus S 4G, MasterCard credit cards issued by Citi, and at retailers equipped with Mastercard's PayPass terminals. The transactions will be processed by First Data, an Atlanta-based company.

On that score, nothing has changed, leaving Google Wallet available to just a small subset of phone users who have purchased a Nexus S. (Nexus S owners will be able to download the Wallet app from the Android Market today as part of an "expanded public trial".) Over time, though, Google is expected to add Wallet capabilities to more and more phones, assisted by its purchase of Motorola's cell-phone business. For now, unfortunately, it's easy to dismiss Google Wallet as a nice gimmick to impress workers manning the counter at popular national fast-food restaurants.

Google said it has also licensed the Visa, Discover and American Express NFC specifications, so that those cards can be entered into future iterations of the Google Wallet. "With this partnership, Visa account holders will now be able to use Google Wallet through Visa payWave," at hundreds of thousands of terminals worldwide," a Visa spokeswoman said in an email.
It's also worth noting that Visa and PayPal have also promised their own NFC solutions, but Google is first out of the gate. Apple, so far, has remained quiet.

How it works
I wrote previously that what Google Wallet needs to succeed is to establish itself as a habit. After testing Google Wallet with a Google-supplied Nexus S off an on for several weeks, I can report that is in fact the case. Google Wallet is also about as fast as paying with a credit or debit card.
Here's how it works: you open the Google Wallet app, punch in a 4-digit PIN code to unlock it, and then, when it comes time to pay, touch the phone to the terminal. Behind the scenes, the NFC radio transfers the money securely. The transaction takes just a split second; the phone vibrates, and its screen displays "Sent!" No signature required - you're done.
Simple, right? For the most part, yes.

The first time I flew solo on Wallet, it didn't work. It may have been my fault; I was unfamiliar with the technology, I was in line at the pharmacy to pick up a prescription, and I didn't want to fool around. But you'll also notice that transactions won't go through because the person behind the counter simply doesn't know you've paid. Remember, they're trained to look for a customer swiping a card.
By the end of the trial, however, using Wallet came naturally. Enter the PIN ("PIN in," in Googlespeak), tap, and go.

Before you pay, however, you'll need to know how to actually load funds into the Wallet. Users have a choice of either using a Citi Mastercard or, as most will choose, a Mastercard-backed Google Prepaid Card that already exists inside the Wallet app. Google implicitly encourages using the latter, and will give you a free $10 if you load it by the end of the year. If you've ever used a phone card or some rail passes, the concept of "topping up" the card by periodically adding funds to it shouldn't be too foreign.
In either case, you'll need to link the Citi Mastercard to an actual physical card you own, or link the Google Card to your existing credit card.

Tapping the "Payment Cards" icon within Google Wallet reveals how much money you have available. Tapping the Google Prepaid Card again also allows you to top up the card and displays a user ID and phone number to call in case of problems. You'll be dealing with the Money Network, a third party that Google has contracted with to administer the card.

Continue Next

How to Protect Your WordPress Blog in 5 minute

I love using Wordpress to power my websites, but any time you use a CMS you are going to have security issues.  The good news is that Wordpress is more secure than ever and releases security updates all the time to take care of these loopholes for hackers.  The bad news is that there are still some vulnerabilities that can leave your blog exposed to evil doers.   Here are some helpful tips for securing your Wordpress site with just 5 minutes of your time.

Keep your plugins and installation updated

If you have a lot of WP sites it might be hard to remember to update them all, but this is the single biggest reason sites get hacked.  They forget to update and hackers target those sites.  There’s a reason Wordpress comes out with a new update, and it’s not just for their health.  For this reason you don’t want to advertise the current WP version on your site in the footer either.  If you forget to update your blog in a timely manner it could make you a target when a hacker does a search for that particular version of WP.  Besides, updating your site literally only takes a minute or two.

Change your username

By default your Wordpress username will be “admin”.  This makes it easy to remember, but it also makes it easier for hackers to get into your account.  If they already have half of the equation they just need the password to gain access.  And with “brute force attack” software programs that use every password under the sun to try to access your site, you want to give them as little information as possible.  Fortunately, it’s not that hard to change your username and you can do it all within Wordpress without having to access your database.

First, you should create a new username and give it all administrative privileges.  Then you can log out and log in using your new user account.  Then you can delete your “admin” account and WP will give you the option to transfer all of your posts under your admin account to your new account.  It’s really that easy and only takes a minute of your time.

Move your wp-config file

If a hacker has access to your wp-config.php file you may completely lose all of your posts, comments, and data on your site.  It is vitally important that you try to protect this file.  By default, hackers know exactly where to find this file since it’s the same in every Wordpress installation.  So by imply moving it to another location you can make your site that much more secure.    But be sure to move the file up only ONE folder.  Usually it will be under the public html folder so you will want to move it one folder above the WP install.  This will keep both hackers and bots from being able to find the file, keeping you more secure and it only takes a minute or two.

Check out some security plugins

It might take you more than 5 minutes looking for a security plugin to use to help protect your blog, but 3 of the most popular ones to check out are WP Security Scan Login Lockdown and Secure Wordpress.    Setting up Secure Wordpress literally only takes 20 seconds and it does some pretty techy stuff.  Another to check out is the BulletProof Security plugin which guards against SQL hacking attempts as well as guards your htaccess files and other important files on your site.  In my opinion this one is a must.  The Login Lockdown will prevent a brute force attack by blocking an IP address the repeatedly tries to guess your password.  And the Secure Wordpress plugin is a good all-around plugin for your blog’s security.  It only takes a couple minutes to get everything set up and it’s free.

Of course you will want a backup plugin as well because no matter what you do no one is ever 100% hack proof.  Just in case you lose your entire site you will want a way to get everything back the way it was, and plugins like Backup Buddy helps you do that.  Just make sure you keep them up to date as well.

Possible Reasons why your Rankings Dropped and the Ways Out

Sometimes SEOs and site owners encounter the problem of their sites suddenly going down in the search engine results pages for no particular reason, it seems. When this happens, it is often hard to figure out why your rankings nosedived.

So, let's consider possible reasons for and solutions to the problem. I arranged them by relevance, starting with the most common ones.

1. Your Site Got Penalized for Using Black-Hat SEO Techniques
Google has Webmaster Guidelines by which all SEOs and webmasters must abide. If Google finds out (or your site gets reported) that you are not playing by the rules, your rankings may drop substantially, or your site may get removed from Google's index altogether.

As stated in Google Webmaster Guidelines, one must not "participate in link schemes" (buying/selling links is basically meant here), create "doorway pages", or use "hidden text" on a site. These are considered illegitimate (Black-Hat) SEO practices and may incur Google's wrath.
The Way Out
Well, if your site does get penalized, find out what might have caused this. Re-read Google's Webmaster Guidelines and remóve whatever is in violation from your site - then file a reconsideration request.

2. The Search Engine Algorithm Has Changed
On the one hand, search engines are trying to keep their search results as relevant and SPAM-free as possible. On the other hand, there are people who are trying to game the system or just take advantage of the existing loopholes. And, with the ever increasing number of websites on the Internet today, search engines are forced to tweak their search algos every once in a while to keep spammers at bay.

For example, Google's latest big algorithm update known as Panda (or Farmer) was intended to do away with sites that provide poor-quality content and, as a result, provide poor user experience. However, it also affected groups of sites that have significant duplicate content by nature, such as e-commerce sites, online directories, etc.
The Way Out
First of all, if you are doing SEO and you really mean it, you should be informed about what's new in the Search Engine Land at all times. The online resources to keep an eye on are Danny Sullivan's Search Engine Land [http://searchengineland.com/] (yes, I did it on purpose :) ) , the official Google Blog (http://googleblog.blogspot.com/), and the inside-Google Matt Cutts' blog (http://www.mattcutts.com/blog/).

If the rules change, and there is no way you can continue using the same SEO techniques you've been using before the algorithm update - you have to change your ways then. However, if you think your site was not supposed to get affected by the algo change but it did - you can write about it on Google Webmaster Forum - that often solves the problem.

3. Your Website's Content Got "Scraped"
If your rankings suddenly deteriorate, that could be because someone has stolen (or "scraped") the content from your site and posted it somewhere else on the Web. In this case, search engines sometimes lower both sites' rankings - then look deeper into the matter. Eventually, they are likely to start ranking your site as high as they used to before the incident, once they realize who copied whose content. However, this may take some time.

The Way Out
Dealing with content thieves normally involves locating the site that posted your content, contacting their webmaster, emailing their host, filing a DMCA (Digital Millennium Copyright Act) request or taking the matter to court - whatever helps. It's recommended to start with contacting the scrapers. If this does not help - take the other measures mentioned here.

4. Your Site Got Penalized for Copyright Infringement
For various reasons, this may happen as well. It can be that your in-house SEO or a third-party firm you hired to promote your site used somebody else's content to boost your site's rankings in which case the owner of the content may have filed a DMCA request (the request is normally filed in written form) or reported your site to Google for copyright infringement.
The Way Out
Remóve the duplicate content, hire a new SEO or an SEO services provider and submit your site for re-inclusion (just follow the same procedure that's described in way out 1 of this post) (http://www.google.com/support/webmasters/bin/answer.py?answer=35843)

5. Competitors Beat You in the SERPs
Sometimes your rankings may go down just because a competing site (or sites) manages to boost their rankings to a substantial degree.
The Way Out
If this is the case, analyze competitors' sites and see in what way they are better than yours. Pay attention to their backlinks, keyword density, social media popularity and act accordingly, depending on what your site is missing.

6. Your Site's Structure Got Crippled
Spotless site architecture is crucial to high rankings. If there are broken links, HTML code errors or other structural discrepancies on your site, search engine bots might not be able to crawl it within a reasonable span of time, and thus, your site's rankings may deteriorate.
The Way Out
Run an audit and fix all the flaws that may hold back your site's rankings. Sometimes a site may not be visible in search results for the simple reason that the host is down and the server is not responding. A thorough site audit will show that.

7. Important Backlinks Got Removed from Your Site
Sometimes it's due to "juicy" backlinks with top Google positions pointing to your site being removed, resulting in a rankings drop for your site.
The Way Out
Check the backlinks pointing to your site. Experienced SEOs run such checkups from time to time to see whether any of the links got assigned the "nofollow" attribute, were hidden from search engines because of the robot txt file or were simply removed. If this happens, you should get these links back or get similar backlinks from other websites.

8. This is Google’s QDF Algo at Work
QDF stands for “query deserves freshness” and is the algo Google uses to balance its appreciation of older content. Google applies it to trendy queries that all of a sudden become popular on the Web.
The Way Out
The way out is simple – just don’t do anything. The query will eventually stop being trendy and Google will resume giving more power to older sites with time-tested content. You can always check what topics are popular/trendy at the moment at surchur.com, www.buzzfeed.com or similar sites. Let’s say, your site is optimized for the word “silver spoons”. All of a sudden, a hot topic about a cafe called “Silver Spoon” appears on the Web, and millions of people start looking up “silver spoon” on Google. Google will most likely decide that “query deserves freshness” and will serve users new pieces of content at the top of its search results.

9. Google Started Picking “the wrong” Canonical URL for Your Site
Sometimes, your www homepage may be ranking at position 3 on Google, while the non-www version of your homepage does not have enough link juice and may be ranking at spot 50 at most. If, because of poor canonicalization, Google decides to pick your non-www page to include into its search results, your site will end up at a substantially lower position.
The Way Out
The way out is to get your canonicalization right. Use internal linking, 301 redirects, canonical tags (not always justified) to explicitly point out your canonical URLs to Google, so that it makes no mistake.
So, these are the most widespread reasons for sudden rankings drops. Of course we could not cover all possible causes and situations – sometimes it’s several reasons combined. Besides, sometimes unexpected things happen, like Google ‘removing some 11 million co.cc domains from its index all on one day.
But, if you get armed with the advice provided in this post, it’ll take you far less time to figure out the reason for the sudden rankings drop, and you’ll be able to fix it much quicker.



Sources: Blog Mr. Em