I have been using VPSville for some time for my domain network and other projects and have always been impressed with their service.

I have signed up for two of their Semi dedicated vps servers which they call ‘Megacity’ one to host my mail server and another to host my affiliate websites.

The VPSville control panel is very easy to use and fully functional, you can easily create new servers, reboot, gain SSH access, change passwords, monitor bandwidth and many other features.

They provide 25% discount on repeat custom. I currently have 10 VPS servers with them and two of the semi-dedicated servers. Discounts are also available if you may for 3, 6 or 12 months upfront.

Their prices go from £3.75 for their smallest server which they call Village with 64mb guaranteed RAM (burst to 128) 100GB Bandwidth and 5GM of disk space, up to £47.25 for their Megacity 3 Semi-Dedicated servers which 2Gb of RAM bursting to 4gb and 3000Gb Bandwidth and 160Gb of disk space.

They have Data centers in the UK, US and Canada, but appear to be a Canadian company. I have only used the London Data centre but have had no trouble with them at all.

I can not comment about support as I have had no reason to use support for anything, but if I do I will update this post with the results.

They take various forms of payment, the most critical one for me is Paypal as most of my business goes through Paypal. The only one comment I would make is that when buying a new server I can not seem to find the subscribe via Paypal option only a one off payment option, however, when you go into the existing account you can expand the payment options and create a Paypal subscription.

Another key advantage for me is that they do not have any fixed term contracts, you can pay month to month. This means that if I need a server for a project I can create one to use as a development server for £3.75 for a month and then kill it when I move the project onto my main web server.

Click here and use the coupon code SP25 to get started with VPSville

Related posts:

1. Hostgator 25% Off Coupon For Digitalquill Customers We have secured a 25% off coupon code for HostGator, readers of this blog and Digitalquill customers can get this 25% discount by using the...
2. How To Check If You Are Ready For WordPress 3.2 If you have ready my previous post about a first view of WordPress 3.2, you will have noted that there are some significant requirements changes...
3. Outlook Is Unable To Download Folder (null) We have recently had an issue with outlook 2003 working with a new Courier IMAP Server. Connections would be made to the server and emails...

1. Disable SSH if you do not need it

If you do not need ssh then disable it as it is always a vulnerability. If you are running a desktop/laptop with Ubuntu on it then remove ssh

apt-get remove openssh-server

2. Do not allow root login

The root user is the master user on your server, it gives access to everything and permissions to do anything on your server. If that gets hacked it is the worst possible scenario for your server.

Why risk allowing people to do brute force attacks on the root user? Make sure that you stop root from being able to directly access SSH.

Edit the /etc/ssh/sshd_config file and change:

PermitRootLogin yes

to

PermitRootLogin no

Then restart ssh by running /etc/init.d/ssh restart

You will then have to SU from another user to become root or even better use the sudo command before executing root commands.

3. Restrict the users who can access the server via SSH

In addition to the above, you can restrict SSH access to your server to a limited number of users. In my case, I have only two users that can access the server via SSH, mine and the hosts support user.

Edit the /etc/ssh/sshd_config file and add:

AllowUsers username1 username2

to the bottom of the file

Then restart ssh by running /etc/init.d/ssh restart

4. Don’t use obvious usernames

As with everything, we are trying to make things a little harder for hackers. If you use an obvious or well known username, you are open to brute force attacks on that username. So don’t use obvious users.

5. Use Secure passwords

Make sure that your users password is secure, use alpha numeric passwords with mixed case and try to use special characters in your password.

6. Change the default ssh port

On the same theme as changing the default settings, you should change the default ssh port.

Edit /etc/ssh/sshd_config

and change where it says ‘port 22′ to a port number of your choice.

Then restart ssh by running /etc/init.d/ssh restart

7. Keep OpenSSH up-to-date

Make sure that you keep your whole system up-to-date especially OpenSSH

apt-get update
apt-get upgrade

8. Always use ssh protocol 2

Most modern versions of linux will already be configured to run with ssh protocol 2 by default but it is always worth checking

edit /etc/ssh/sshd_config

and check the protocol line says 2 and NOT 1

Protocol 2

Protocol 1 is vulnerable to man-in-the-middle attacks

Then restart ssh by running /etc/init.d/ssh restart

9. Idle timeout

The idle timeout terminates an ssh session after a given period of inactivity. This is especially useful to prevent vulnerabilities from unattended ssh sessions. This is not as much a hack, but an opportunist but it is worth considering depending on your situation.

edit /etc/ssh/sshd_config

ClientAliveInterval 300
ClientAliveCountMax 0
Then restart ssh by running /etc/init.d/ssh restart

10. Use Keys

A safe method of securing your SSH is by using keys. I will not go through the detailshere as they have been done before but take a look at the following tutorials:

http://www.ibm.com/developerworks/linux/library/l-keyc.html

http://www.cyberciti.biz/faq/ssh-password-less-login-with-dsa-publickey-authentication/

http://www.cyberciti.biz/faq/ssh-passwordless-login-with-keychain-for-scripts/

11. Stop brute force attacks

Brute force attacks are where a hacker keeps trying a username with different passwords until they find one that matches. You can use software such as fail2ban or DenyHosts

Related posts:

1. How To Check If You Are Ready For WordPress 3.2 If you have ready my previous post about a first view of WordPress 3.2, you will have noted that there are some significant requirements changes...
2. Outlook Is Unable To Download Folder (null) We have recently had an issue with outlook 2003 working with a new Courier IMAP Server. Connections would be made to the server and emails...
3. Disk Space Monitor Bash Script For Linux Having setup the media storage and samba shares on the network at home, I do loose some control via windows of monitoring the space left...

Twitter Hacked

Related posts:

1. WordPress 3.1 Release And And Digitalquill Plugin Updates Regular users of WordPress will already be aware that version 3.1 code named ‘Reinhardt’ has just been released. This is the 14th release of WordPress...
2. Can You Sell A House Via Adwords? I have been doing quite a bit of Google Adwords work in the last few weeks for the company I work for. I will post...
3. Simonstone Hall Wedding Brochure Many of the regular readers will already be aware of our history with Simonstone Hall in Hawes North Yorkshire. We were engaged there in 2007,...
4. Smart Phones And The Future Of Seo I have just got myself a nice HTC Desire HD Smart phone on Orange, and although I have always had smart phones ever since the...
5. Elegant Themes – Premium WordPress Themes I have just started working on some wordpress sites and have discovered Elegant Themes, I know that you are going to say why buy premium...

I use WordPress as the backbone to 90% of my sites, this being so it is critically important that it is secure. I have therefore been researching methods to make those installs more secure. Here is what I have found:

The Obvious:

1. Keep up-to-date

Always use the latest version of Wordpres, there is no excuse not to, WordPress now has an inbuilt update feature which is very simple to use. Make sure that you use the latest version of WordPress, All plugins and all themes, even if those plugins or themes are not active.

2. Admin User

Although WordPress 3.x allows you to  choose your WordPress admin username, many people still use ‘admin’ especially if you have upgraded from older version of WordPress and have a pre-existing user.

The problem with this is that it is known by hackers who can try and use brute force attacks on your password. If they do not know your username they have to do a brute force attack on both your username and password and get them to match and as such the likelihood of getting the correct combination is reduced

Change your admin user to something else using the SQL command:

UPDATE wp_users SET user_login = ‘YourChosenUser’ WHERE user_login = ‘Admin’;

3. Use a secure password

I use http://strongpasswordgenerator.com/to create strong passwords. Make sure you do not use dictionary words as many brute force attacks use dictionaries to work through tries on your password.

Tips are to use numbers and letters, mixes case and some characters.

4. Add Keys to the wp-config.php file

WordPress 3.x does this for you, but it is worth checking that you have the keys completed in your wp-config.php file. It should look something like:

define('AUTH_KEY',        '19[9lL.u~lwAMWEv-HwZ+@Fm{1FP+<jDgcq|GMF|G@Oklq_w;ftPlsXO@|S^4');

define('SECURE_AUTH_KEY', 'JiSUZrIM5T!7$z;rcS];qL>L L)c@,Tqe~B=#M=V,Wgb:>F|h$d0g55)!_9Ol-');

define('LOGGED_IN_KEY',   'm~ v--9/-l+9=[$VD($<o-Afz(8uxH[p4yaVnTR3Zf5mbV6PUdu3W?J|Wr8/:`e');

define('NONCE_KEY',       '%i.WRYyslvZ.C*Np5L5S27t4 ihJF,HMhy~$aEKV0#=/`I~$o-Mu<revq/fIhb+e');

define('AUTH_SALT',        '[J&pERV+!rfO6|n0OzNo5g7 P .cOia|{^4A$Ol4w`([o-JC3:|D3nTXDx4S9H');

define('SECURE_AUTH_SALT', '%P)h3cUD=EX/2z+EY@/~i;%TjlB(EL]RB]N,B)7Tr+Rw(L2:i(V+N+VS5i2Obu0I');

define('LOGGED_IN_SALT',   'n|yRYtIi#y5Q|-3|Y~-y]f0t|1n,aE7M@ubchoibda?RDdeCwRC|~e)-d?u*JJMc');

define('NONCE_SALT',       'w|1+voiV-[q5,F3,M@wOLvOJJz*>&3Ui9drlQ{Q>Ls2|#lZVzA46?&+6&Vrgg1x');

The Not-So Obvious

5. Database setup - user, password, and database

Make sure you create a database for each blog, if one is compromised you do not want it affecting any other sites you may have on your server.

Make sure you create a username for each of the installs, do not share them between wordpress installs and DO NOT USE ROOT!

The user should be a limiuted userm grant it SELECT, INSERT, UPDATE privileges.
mysql> GRANT SELECT, INSERT, UPDATE ON wordpress.* TO 'wordpress'@'localhost' IDENTIFIED BY 'newpassword';
mysql> FLUSH PRIVILEGES;

Make sure that your user only has local access to your database, so that it can not access your database remotely.

6. Do not use default wp_ table prefixes

Don't use the default wp_ prefix to table names. This method is useful but should not be relied upon for a security fix, one a hacker has got as far as being able to conduct SQL injections or other hack then this method will not prevent them getting further for very long, but it will keep them guessing. Do not use the default wp_ prefix instead use a random one.

This is rather more difficult if you are trying to secure a site that has already been setup, but you can use the WP Security Plugin to do this

7. SSL for wp-admin

SSL connections are far more secure than normal http connections so, force SSL for admin add the line define('FORCE_SSL_ADMIN', true); to your wp-config.php file Options All -Indexes to your .htaccess file

8. Allow access to your wp-admin from one IP Address

Although this method worries me, due to loosing access to my files I have implemented it to see how it goes. If you have a static IP address you can Secure the wp-admin files from being edited. By default all but the wp-config.php file can be edited via the wordpress admin area.

If you add a .htaccess file to your wp-admin folder and add the following:

Order Deny,Allow
Allow from xx.xx.xx.xx
Deny from all

This will then only allow you to edit those files from the IP address specified

You can use other options in the IP address such as:

A (partial) domain-name - Example: Allow from apache.org
A full IP address - Example: Allow from 10.1.2.3
A partial IP address - Example: Allow from 10.1
A network/netmask pair - Example: Allow from 10.1.0.0/255.255.0.0
A network/nnn CIDR specification - Example: Allow from 10.1.0.0/16

9. Deny access to the wp-config.php file

Perhaps a safer method than the above would be to specifically deny access to your wp-config.php file, thus keeping your database username and password more secure.

Add the following line to you r.htaccess file in the root of your site

<FilesMatch ^wp-config.php$>deny from all</FilesMatch>

10. Move wp-config.php file to a directory below the one it is currently in

for example if your is the is setup as such:

/var/www/domain.com/htdocs/Site files here

you can move the wp-config.php file to below the htdocs folder i.e.

/var/www/domain.com/

WordPress will handle this change automatically and allow you to have the wp-config.php file below the web root which is a great deal more secure.

11. Add Apache Level security to wp-admin

AuthType Basic
AuthName "Domain.com WordPress Admin"
AuthUserFile /var/www/domain.com/.auth/.htpasswd
Require user domainAdmin

htpasswd -cm /var/www/domain.com/.auth/.htpasswd domainAdmin

12. Blacklist ip addresses

Edit the .htaccess file in the root of your site and add the following:

<Limit GET POST PUT>
order allow,deny
allow from all
deny from 123.456.789
deny from 93.121.788
deny from 223.956.789
deny from 128.456.780
</LIMIT>

Add the ip address of the visitor you want to ban, you can add multiple deny from xxx lines to ban multiple addresses.

This may not be as useful unless you are actively monitoring your logs, but it can be useful if you get a great deal of SPAM comments from one user.

You can also use the Lockdown plugin to record all failed attempts to access your wordpress admin. You can then add the IP address to the ban list.

13. Stop WordPress serving anything other than images from the wp-content/uploads folder

You can secure the wp-content/uploads directory to stop it serving anything other than images

Order Allow,Deny
Deny from all
<filesMatch  "\.(jpeg|jpg|gif|png|js|css)$">
Allow from all
</filesMatch>

Remember if you want to include other file types in your WordPress posts you will have to add them to the list for example a pdf document, you would add pdf to the 'files' line.

14. Stop SQL injection attacks

Although WordPress should already do this for your you can ensure that you stop SQL injection attacks. SQL injection attacks are where malicious users use forms on your site to add code to database records.

Add the following to the .htaccess file in the root of your website.

Options +FollowSymLinks
RewriteEngine On
RewriteCond %{QUERY_STRING (\<|%3C).*script.*(\>|%3E) [NC,OR]
RewriteCond %{QUERY_STRING GLOBALS(=|\[|\%[0-9A-Z]{0,2) [OR]
RewriteCond %{QUERY_STRING _REQUEST(=|\[|\%[0-9A-Z]{0,2)
RewriteRule ^(.*)$ index.php [F,L]

15. Remove your WordPress version

Sounds crazy but you should really do this. If hackers find a vulnerability in a particular build of WordPress then they will use search engines to find sites using that version and then exploit that vulnerability.

edit functions.php file of your theme and add the following line to it remove_action('wp_head', 'wp_generator');

16. Stop search engines indexing any of your WP- folders

add the following to your robots.txt file:

Disallow: /wp-*

This in combination with not allowing browsing of these folders will stop those files from being accessed.

17. Lockdown Plugin to stop brute force attacks

Using the Lockdown plugin to ban addresses after a certain number of failed login attempts will help prevent brute force attacks.

18. Use WordPress Firewall plugin

I have blogged before about the default set of plugins that I install, this is one of them, make sure you get it installed as it protects you against some of these holes especially SQL injection attacks.

19 File permissions

Here is a quick run down of some file permissions to check for your wordpress install are as follows:

../ 0755
../wp-includes 0755
../.htaccess 0644
index.php 0644
js/ 0755
../wp-content/themes 0755
../wp-content/plugins 0755
../wp-admin 0755
../wp-content 0755

On linux command line run 'chmod 0755 wp-includes -R' for example, or you can use your ftp client.

All my servers have ftp disabled as this is another potential security hole.

20. Backup, Backup, Backup

Ok this is not strictly a security fix, but it the worse happens it will help you to recover. Make sure you back everything up, WordPress install, uploaded files and critically the database. I use BackWPup which can up your data to Amazon S3. Very cheap method of keeping secure backups of your blog., or to FTP.

It is worth pointing out that if your site is hacked make sure you check all the files in the backup you are using before you restore. If a backup has run after the hack then any malicious files may be present in the backup.

If you are in this situation use the backup for your database and for any uploaded files and get a fresh copy of WordPress and any plugins.

Note:

Even with all these methods you may still be vulnerable, holes in your web server security, holes in plugins that you use or any number of factors could allow you to be compromised, but with these methods you are gaining more of the upper hand in the battle against hackers.

As a WordPress plugin developer I am looking into the possibility of creating a plugin that does some if not all of these methods for you or at least checks them and gives you advice as to how to improve the security. During this research I have found many plugins out there that claim to do this, some work better than others, indeed some do not work at all, but none are comprehensive and as such I think I will attempt to code one up that will do or check this list of 20 tips.

Related posts:

1. How To Check If You Are Ready For WordPress 3.2 If you have ready my previous post about a first view of WordPress 3.2, you will have noted that there are some significant requirements changes...
2. WordPress 3.2 Released I Hope You Are Ready! WordPress 3.2 has been released this morning, I hope that you are ready! As I mentioned in my review of the release candidate of WordPress...
3. Feather WordPress Theme Review Elegant themes have just launched another wordpress theme ‘Feather’, this is great news for me as I have only been a member of Elegant themes...
4. Mistakes With Network Active Plugins On WordPress Multi-site Several days ago I was working on a network of WordPress sites I have setup, all using WordPress Multi Site, not an especially strange setup,...
5. Amazon Import Plugin For WordPress Live Demo Now Working I have just put the Live Demo of the Amazon import Plugin for WordPress Live again. I had hope to get this done yesterday, however,...

I have setup two new servers, one dedicated to email and the other to the webserver. I have still to setup all the mailboxes and websites, but if you are seeing this post then you are viewing this blog on the new web server.

The race is on over the next couple of days to setup all the websites again and get the DNS updated to the new IP addresses for both the A and MX records.

I think Debian 4 had significant vulnerabilities, recently the repros were all archived indicating that the developers had dropped support for it. I have therefore moved to a far more up-to-date OS in Ubuntu 10.04. I have other servers and VPS servers already running Ubuntu 10.04 so there is no problem with that at all. It is just the work involved in setting everything up again.

Related posts:

1. How To Check If You Are Ready For WordPress 3.2 If you have ready my previous post about a first view of WordPress 3.2, you will have noted that there are some significant requirements changes...
2. Outlook Is Unable To Download Folder (null) We have recently had an issue with outlook 2003 working with a new Courier IMAP Server. Connections would be made to the server and emails...
3. WordPress 3.2 Released I Hope You Are Ready! WordPress 3.2 has been released this morning, I hope that you are ready! As I mentioned in my review of the release candidate of WordPress...

The latter two have been suffering from numerous malicious attacks. The email server was hacked a couple of months ago and since then it has not been quite right, even though I have spent a great deal of time trying to fix it, emails are still getting spammed and the level of spam getting through and being delivered to mailboxes is very high. Some mailboxes seem to be affected more than others.

My Linux box running my affiliate websites was hacked yesterday, I was alerted by someone to the problem, and since then GoDaddy have contacted me saying that one of the domains registered with them has been compromised. Fortunately I already had a root SSH session open to the server, running a ‘who’ command showed another active SSH session. It appeared they had created themselves another user on the system.

I say fortunately I had a root session open as it turned out that they had changed the root ssh password.

I am not sure how they got in but they have corrupted several of my sites and installed Phishing scripts. I have removed everything and I am in the process of repairing the damage, but I do think that it is time to start afresh with a new server for both my MX and affiliates projects servers.

The current servers are both Debian 4 and as such are now out of date in terms of their OS so I would be better off starting with a new server running the latest version of Ubuntu.

The only problem with it is I have 100′s of affiliate websites running on that server and quite a number of domains and mailboxes managed by the MX server. The time involved in this, changing DNS, setting up the domains and mailboxes will be quite considerable and at the moment I really do not have the time to dedicate to this.

Related posts:

1. A Time For A Change – Self Employment And Full Time Affiliate I am writing this post on Holiday in the Yorkshire Dales, we have a fantastic cottage in Carperby, with stunning views over Wensleydale. I am...
2. How To Check If You Are Ready For WordPress 3.2 If you have ready my previous post about a first view of WordPress 3.2, you will have noted that there are some significant requirements changes...
3. Outlook Is Unable To Download Folder (null) We have recently had an issue with outlook 2003 working with a new Courier IMAP Server. Connections would be made to the server and emails...
4. Home Computer Network Finally Finished Recently I have posted about my tribulations with setting up my perfect network at home. A quick re-cap is that we have two Windows Media...
5. Media Centre And Network Storage Solution I have spent the past week moving 100′s of terabytes of data from disk to disk, trying to find the best solution for the central...

In the technical circles there are many that continually bash the big commercial software companies, Microsoft, Apple, Adobe and so on for producing software that contains bugs and security flaws and to some extent rightly so, in an ideal world software that is released should be perfect, however, this is almost impossible to achieve.

I am recently recovering one of my servers for another hack, and as you may have gathered from the subject of this post, this server was not a Windows server but a Debian Linux software. While trawling through the logs trying to find how and where they got in, I started to think, I have four dedicated servers, two Microsoft (windows 2000 and windows 2003) and two Linux (Debian and Ubuntu 8.x), and you know what, the Linux boxes have been hacked more times than I care to count and to date the windows boxes have never been hacked, they have been subjected to a denial of service attack (DOS) but never actually hacked.

This is not due to the use of the servers either; all my servers are used for similar things, indeed the windows boxes host more websites in total than the Linux ones.

You are going to come back and tell me that with the move to Ubuntu, Debian is no longer recommended or being actively developed, and that Ubuntu 8.x is old, and you would be completely right, however, Windows 2000 is 10 years old, much older than the version of Debian I am using and is in much the same situation. One can not be expected to move hundreds of websites simply to upgrade from a distro that the open source community has chosen to drop.

As a project manager on a large software development project (circa £3 million) I know very well the problems faced by software companies in producing fault free software. The amount of times that we have released a new version of our software only to find that a change to feature Z has actually broken something in feature A that we developed 3 years ago. It is the inherent problem with large software projects, to maintain the balance between testing and actually getting to the software released.

Risk management is key, we operate a system where the company critical aspects of the software have more rigorous testing than those within the bells and whistles functions that if broken would not jeopardies the running of the company.

I therefore recognise the difficulties faced by both software companies and the open source community; however, in our little software development team we have to answer to the company board as to why we have released buggy software, fortunately for us our Managing Director understands these difficulties.

Open source software has no commercial liability

Open source software has no commercial liability to keep it in check, by this I mean that the large software companies such as Microsoft have a commercial standing to maintain, share holders to answer to and balance sheets to tally. If they release bad software, all that is put into jeopardy, their commercial standing is damaged and as such they will do everything in their power to ensure that their software is as faultless as possible, and when faults are found that they patch them.

Open source software has no such commercial checks to keep it in line, and the very nature of community development results in a free for all in development with no management or corporate responsibility keeping it in check. This results in software that maybe fantastically feature rich and cleaver but just does not deliver the secure and stable environment now let alone in the future when the community chooses at a whim to drop that particular distro.

As both an web master and web host security is the most important aspect of my business. Down time for servers costs money, I am therefore considering my strategic position at this time.

It is something that I have often said, open source is not free, and perhaps the cost of the windows server license is actually worth it in comparison to the cost of the down time.

Simply because it is free just does not cut it anymore, if Linux and open source are to get to the standing that they want to, if they are to take a larger proportion of the desktop market, if they are to continue to establish themselves in the web hosting and server industries they need to become rather more commercially aware and commercially structures to deliver the stable secure systems that corporations and business require.

Related posts:

1. Disk Space Monitor Bash Script For Linux Having setup the media storage and samba shares on the network at home, I do loose some control via windows of monitoring the space left...
2. Open House For Viewings Saturday 28th May We are having an open house for viewings at our property on Belvedere road in Hessle, Saturday 28th May between 2pm and 4pm. If you...
3. House For Sale Open Day Belvedere Road In Hessle West Hull We are holding an open day at hour house that is for sale in Hessle, West Hull, East Yorkshire. If you are looking for a...
4. Home Computer Network Finally Finished Recently I have posted about my tribulations with setting up my perfect network at home. A quick re-cap is that we have two Windows Media...

This and my other blog Earning From Affiliates was hacked and links to spyware added to the bottom of some of my sites, I assume this was some form of SQL injection attack on a vulnerability in WordPress.

As soon as I found this problem (hours after it happened) the site was cleaned, repaired and wordpress upgraded to fix the vulnerability, however by that time Google has showing a warning about the sites. No problem, all I should need to do is use the Google Webmaster tools to contact Google and ask them to re-check the site and remove the warnings. No… not that easy at all, emails and messages to Google went without a response. Weeks turned into months and I got fed up with the mess and was about to simply bin the sites when I thoughts I would have one more try and what do you know the warnings were removed and all is now back to normal running.
It has meant that the sites have been without updates for so long that their readers have probably long gone, any ranking in Google or other search engines has been damaged if not set back to zero so I am effectively starting afresh, although I do have the advantage that both sites still have their content, which is all self written unique content.

I have been busy over the last year, I was married in August to the wonderful and beautify Cheryl, her and our Daughter Eva are my life.

I have also been working on other projects, mainly software projects relating to Affiliate marketing, which have been much more successful that I could ever have hoped.

I will post more details about those projects in the coming days, but for now I just wanted to add a note to say I was back and I will be trying to find the time to post regularly and put some effort into these sites.

Related posts:

1. Google Page Rank Monitor Software About two years ago I wrote a script that would check the Google Page Rank of all my sites on a monthly basis and record that Page...
2. Problogger – Secrets For Blogging Your Way To A Six Figure Income – Review I have both the first and second editions of this great book from Darren Rowse and Chris Garrett, Secrets for Blogging your way to a...
3. Post Publishing Check List For Bloggers This article was inspired by a blog post I tweeted by ProBlogger, which chimed accord with something that I have been doing for some time....
4. Build My Page Rank Review I have been using Build My Page Rank for three months now, I did not want to post this review any earlier as I wanted...
5. Blogging From Android Smartphone I have just download the WordPress app for android onto my HTC desire hd. It only has a very simple interface. You can’t modify permalinks...