P2 Graphic Design | News Blog
P2 Graphic Design, Edmonds WA, is a creative agency specializing in WordPress web design, logos and print marketing. Stay updated with our latest news & blog posts.
P2 graphic design, web design, development, wordpress, logo, edmonds, kirkland, bellevue, lynnwood, mountlake terrace, wa
14936
page-template,page-template-blog-large-image-whole-post,page-template-blog-large-image-whole-post-php,page,page-id-14936,ajax_fade,page_not_loaded,,qode-child-theme-ver-1.0.0,qode-theme-ver-10.1.1,wpb-js-composer js-comp-ver-4.12,vc_responsive
 

News Blog

On Friday,  May 12th, 2017, a global ransomeware campaign called WannaCry began infecting computers in over 10,000 organizations and 200,000 individuals in over 150 countries.

 

What is Ransomeware?

 

Ransomware is a type of malicious software that blocks access to your computer data and displays a message demanding payment to unlock it.  Most ransomware encrypts a victim’s files and won’t allow access until you pay them the ransom.  Once payment is made, you are given a decryption key so that you can regain access to your files.

 

Accidental Hero

 

An “accidental hero” from England temporarily halted the global attack by locating a nonsensical domain name hidden in the code that was not registered.  The 22 year old registered the domain name and with the help of another security expert from Proofpoint, found and inadvertently activated the kill switch in the malicious software.

 

The hero prefers to stay anonymous because “we’re working against bad guys and they’re not going to be happy about this.”

 

This Attack is Not Over

 

But this attack is not over.  Variants are beginning to emerge.  The attackers realize how it was stopped, have changed the code and released it again.

 

Are you at risk? 

 

If you have a Windows machine, it is recommended that you install a patch that Microsoft has released to block this specific attack.  

 

More information about your vulnerability and of how to protect yourself can be found on this page at Microsoft.

 

Additional information about the attack and how to protect yourself may be found at Wordfence.com, our WordPress security system of choice.

Helpful tips for choosing your domain name:

  1. Shorter is better. Its easier to remember a short domain name versus along one.
  2. Use keywords in your domain name. It’s best to use the name of your company, combined with keywords.  Keywords are words that someone might type in to search for your product or services.  For example, if you sell widgets and you’re located in Kirkland, Washington, consider using your company name, AcmeWidgets.com.  If that’s already taken, try AcmeWidgetsKirkland.com.
  3. Make two side by side lists, one listing several words that describe your product or service or include your company name.  So your first list will be something like Big Widget Company, humongous widgets, ginormous widgets, blue widgets.  The second list might be geographical in nature, like kirkland, bellevue, redmond, seattle, king county, pacific northwest.  Then, try various combinations from the two lists.
  4. Use .com as opposed to using other extensions like .biz or .net.  Dot coms are more memorable.
  5. Avoid domain names that have two or three of the same letter in a row. For example, mattressseattle.com has three S’s in the middle.  Instead, consider using seattlemattress.com to break them up.
  6. Avoid using another company’s trademark name in your domain name. For example, if you use the domain name HondaExperts.com, Honda will most likely send you a cease and desist order.
  7. Consider using a domain name generator website like nameboy.com.  Here’s a big list of them provided by Mashable.
  8. Once you selected several  possible domain names, check them for availability. I like to use whois.com or betterwhois.com.  Betterwhois.com looks seriously dated, but they have a built-in system to foil cyber squatters.  Cyber squatters are programmers who have figured out how to see what you’re typing in as a possible domain name, buy it before you do and then try to sell it back to you.  Read more about cyber squatters.
  9. Select your domain name and make the purchase.  Don’t delay.  Once you’ve made your decision, secure it right away. I like to use godaddy.com or bluehost.com.  Godaddy has decent pricing, about $12 per domain name.  But watch out for the up-sell.  Just continue to click “No Thanks” until you get to the screen where you can pay.  We only use Godaddy for domain registration.  We rarely use them for hosting.  Bluehost currently offers a free domain name with hosting purchase.  Bluehost is our hosting company of choice and we only use a different company if a client requests it.

 
I hope these tips have helped you reach your decision.  Happy domain selecting!

DDoS attacks are when a hacker points hundreds or thousands of computers at a single server to overload it and bring it down.  This type of attack is troublesome and very difficult to defend against.

Today, I received the email below from Mark Maunder, the Founder and CEO of Wordfence. Wordfence is one of the leading security plugins for WordPress websites.

“DNS provider Dyn.com is currently under heavy DDoS attack which has affected many well known brands across the Internet including Amazon, Netflix, Reddit, Paypal and many others.

This may affect your site if you use them for DNS or if you use any service, like Paypal, that uses DynDNS.

The larger providers seem to have worked quite quickly to mitigate this attack, but it is ongoing so it’s important that you’re aware of it and carefully monitor your website during this time.”

Wordfence has posted a blog with full details, news links and will keep it updated as this unfolds.  Find out more: Wordfence’s DDoS blog post.

XML sitemaps are a great way to help google and other search engines like Bing and Ask to index your site.

There are a couple of great plugins that will create the sitemap for you.  The most popular is called Google XML Sitemaps by Arne Brachhold.  They currently have over one million active installs and a 5 Star Rating.   Another good plugin is Google Sitemap by BestWebSoft.  They currently have over 100,000 active installs and a 4.5 Star Rating.  They are both very simple to use and make it easy to add a sitemap to your root directory.  They also have the ability to update your Robots.txt document, the file that communicates with web crawlers and allows or denies access to certain pages as desired.

To see an example of a google sitemap, you may view ours at: http://p2graphicdesign.com/sitemap.xml.

convro-logoHere’s a new logo design for Convro. It was a pleasure working with Muhamed Kongira on this design for his company. Convro stands for “Confidence of Victory in the Relentless Ordinary” and their logo is featured on their line of apparel and accessories, available via the Zazzle community marketplace. View larger image.

P2 Graphic Design offers several logo design packages as well as custom options. To learn more, check out our logo design pricing page and view our logo portfolio to see samples of our past projects.

We recently completed a new mobile-friendly website for Burrows Asphalt. They wanted a professional looking, mobile-friendly website to showcase their wide range of paving, stenciling, deicing, concrete repair and other services, and allow easy mobile access for their clients. Located in Kirkland, WA, Burrows Asphalt serves both residential and commercial customers on the Eastside and the greater Seattle area. Check out their new site!

Keep your website up-to-date and block hacking attempts with our two monthly WordPress website maintenance packages, a $50/month Basic plan and a $250/month Pro plan:

Basic Plan – $50/month

  • Up to ½ hour of website updates per month
  • Installation & maintenance of a WordPress backup system
  • Installation, configuration & monitoring of the Premium WordFence security system ($39 value)
  • WordPress security updates as they are released (multiple times per year)

Pro Plan – $250/month

The same as the Basic Plan above except:

  • Up to 2 hours of website updates per month (instead of 1/2 hour)
  • Posting to your social media accounts in addition to your website
  • Monitoring Google Analytics

This optional service is a great worry-free way to keep your site secure and up-to-date for a minimal cost. If you would like to maintain your website yourself, please view our Step-by-Step Guides.

Please feel free to contact us if you have any questions or would like more information.

Like any other type of website, WordPress websites are susceptible to hacking.  Any site can be hacked, just ask Premera Blue Cross or the State Department.  But with some normal amount of precaution, you can avoid having it happen to you.

It is important to always run the latest version of WordPress.   The same holds true for the plugins.  They should be updated at least monthly.

This past year I’ve had a small number of clients who’s websites have been hacked or completely disappeared.

Three Case Studies:

1. Outdated Plugins

Issue: One client had not updated their plugins in several years.  One of them was used as an entryway for the hackers.  They broke into his website and even added themselves as a user with administrative privileges.

Solution: We removed the infected files, removed the user’s ID’s for the hackers, strengthened our client’s admin password and added the premium Wordfence plugin at a cost of $39/year.   The Wordfence plugin has the ability to block entire countries, in addition to specific IP addresses.  We blocked all the countries in the world, except the U.S. and Canada.  Over the next few days, we noticed that several attempts were made to gain access to the site using a virtual IP address from within the United States.  We then blocked the specific IP addresses that were being used.  It has been about three months and our security system is working flawlessly.

2. Outdated WordPress Version

Issue: Another client had not updated WordPress in several years.  It was late 2015 and they were still running a 2011 version of WordPress. As a result, their site became broken and appeared as a blank white page.  It was using an outdated Thesis theme that was not mobile-friendly.  We also found lots of infected files.

Solution: We determined that it would be less costly to change hosting companies and rebuild the site in a different location, using an up-to-date theme that was mobile-friendly.  The theme we chose allowed us to have the same look and feel as the previous site.  We re-built the site and were back up and running in a few days.

3. Malware Infiltration

Issue: A non-profit client of ours had been infiltrated with malware.  We believe they gained access through outdated plugins.  This particular piece of malware was extremely sinister and difficult to fix.   If you typed the URL of their site directly into the web browser, it worked fine.  If you came across them in a google search, however, you would be re-directed to a fake Viagra site whose purpose was to get you to enter your credit card information which they would then steal and use for illegal purposes.  But, it would only happen once.  If you came across the site in a future google search, it would show the website normally.

Solution: We detected and removed all of the infected files and then installed the Premium Wordfence plugin.  We blocked all of the countries in the world except the U.S.  We have had not additional issues for the past 6 months.

Again, it is extremely important to keep your version of WordPress and all of your plugins up-to-date.  Also, make sure that you are using a strong username and password.    If you do, you will eliminate 95% of break-ins.

wordfence-logo-64x64Wordfence is a security plugin that will protect your WordPress website against hacks, cyber attacks, and online security threats. They offer both a free plugin and a $39 per year premium version. Both options continually scan your site for known malware, bad URLs, outdated themes and plugin files, backdoors and hackers, fake google bots and more. The premium version also offers country blocking, where you can choose in your account settings to block entire countries from accessing your site and login form. This is especially useful for those of you whose customers are US or US and Canada only, as all others can be manually blocked which will prevent a multitude of potential content theft, attacks and other malicious activity from those regions.

If you are a P2 Graphic Design client and would like us to add Wordfence to your website, please contact us. We encourage you to learn more by visiting the Wordfence website here.

outeredge_logo-stacked-400 We enjoyed working with Jake Terry on his new mobile-friendly WordPress website. Jake is the owner of Outer Edge CrossFit.  He opened his gym in 2009 and his passion and dedication for training and helping people reach their fitness goals is still going strong. Check out their location in Mill Creek and take a look at their new website to learn more!