How Not To Recover A Hacked Website

I have just spent the best part of 3 days recovering a hacked website. Read this so you don’t have to…

Last week I received 2 emails from software publisher Adobe informing me their products were being sold on my website without their permission.

Screen Shot 10-30-15 at 11.17 AM

The link went through to a page on full of nonsensical spam, however the same url in Google took visitors to a more sinister destination:

Screen Shot 10-30-15 at 11.14 AM 001

The page was redirecting through an iFrame (see bottom of below image).

Screen Shot 10-30-15 at 11.34 AM

A quick Google search of revealed 44 pages of results with around 40 pages being spam!

Screen Shot 10-30-15 at 11.06 AM

Luckily, despite the pages of spam results the site had not felt the full wrath of Google. I had to act quickly to make sure no further harm was done and avoid possible blacklisting.

Here is a step by step account of what I did… and what I should have done

Step 1: Installed anti malware plugins

What I did

If you are a WordPress user you will know there is a plugin for every occasion. I read good things about a couple of plugins. With a simple scan and following instructions I would detect the malware, delete it and the affected pages in short order, job done. I downloaded Wordfence and Sucuri and scanned for Malware, both drew a blank… Wordfence did show that the site was currently experiencing a ‘brute force’ attack from bots!

What I should have done

Found the last uninfected backup copy of my website and restored it.

Step 2: Restored the oldest backup available from my hosting company

When I found out my hosting company kept regular backups of my websites I thought brilliant, that’s that taken care of. I then turned off and deleted my backup plugins. Smart move I thought, no more bulky backups slowing down my website, one less plugin to update. The oldest backup on the server was 2 months old. I restored it, the problem remained, I believe the expression is Doh.

What I should have done

Remembered I had historic backups on the website. The plugins had been deleted but the backups remained in my uploads folder. I should have tried the oldest update which would not affect the content of my site and see if that worked.

Step 3: Began working through this post:

I deleted themes and files as directed but the malware and spam posts were still there. The next step is to delete your whole website, files, database, the lot. So I did, with the aim being to reinstall the themes and re-upload content.

This worked. However, looking at my domain, bare of content, bereft of life, 2011 theme, that I thought, is there another way?…

What I should have done

Restored and updated the oldest clean copy and by this point I could have been enjoying a milky tea and Mcvities caramel digestive.

Step 4: Re-uploaded the latest backup of the site

Faced with the prospect of having to modify my theme and reupload all the content I balked. Visions of blank images, incorrect fonts and missized headers began turning through my mind… so I pressed reset and reuploaded the infected version of the site. Soon I had the comfort of looking at my website again as it should be, even if it was infected with malware with hundreds of extra pages of spam content.

What I should have done

Site restored and functioning fully I could have made another brew, maybe had some soup and see if there were any amusing felines on Youtube..

Step 5: Uploaded a clean backup

The chances of me finding anything remotely malware looking seemed unlikely. The worlds foremost malware scanners, processing thousands of bytes per second hadn’t thrown anything up, however I remained undeterred. While manually searching for malicious files I found some backups, would one be clean? I dared to dream… I checked the most recent backup available. The whole website seemed to be there, posts, images. I uploaded it. Using ftp this took quite a while. When it was done I visited a spam page – 404, boom! Back of the net!

What I should have done

With the malware a distant memory I should have given myself the morning off, maybe gone to a matinee of Spectre.

Step 6: Updated everything to latest versions, deleted unnecessary content, changed passwords

I could now see that the site was clean. The spam pages were gone and the Iframes waere no longer loading. I immediately updated to the latest version of WordPress. I updated and deleted themes and plugins. Then I changed the password.

Step 7: Repair and prevention

With hundreds of spam urls showing in Google I have begun submitting them for removal in Webmaster tools. The first 20 or so were removed the following day, a promising start.

I have installed a new backup plugin, Updraft Plus. It seems very good. I have started taking my own backups again.

Wordfence and Sucuri have both been installed and set to protect my site from malicious bots.

Lesson learnt


Fingers crossed that’s the end of it… I hope if you were struggling with a hack this helped!

Who Is Your Blog For?

Blogging Strategies – Who is your blog written for?

1. Your Customers

One classic company blogging strategy is to draw in potential customers with useful content and over time some will become buyers.  Typically a wide variety of topics are covered using this strategy.

This works well if your company is an established brand or if you have leading experts to impart information. The experts don’t necessarily have to work for your company, they could write guest posts for you.

If you are using this content marketing strategy, it is useful to have calls to action and use landing pages to move prospective customers along the sales funnel.

2. A Segment of Your Customers

The trouble with audience 1 is that unless your company is an established brand or you have leading experts contributing to the blog it can be hard to stand out from the crowd.

If you are a small company you might not have the resources to allow you to compete with larger companies pursuing a similar strategy.

Once way round this is to focus in on some niche content which appeals to your customers. If you are a local business it could be that you relate your content to the local area, or it could be that what you write about is highly focused on one specific topic that appeals to a section of your target market.

If you were a garden centre using this strategy for example, you could write all about Lillies: the different species, where they grow best, how you look after them, what animals they encourage etc.

That way you may soon have one of the top blogs on Lillies! The chances of you quickly developing a top blog on general gardening on the other hand are next to none.

3. Your Peers

If you are seen as a leader in your field there could be a case for focusing on content for your peers.

If you manage to build an audience amongst your peers with great content you will find they will link to you from their own websites and share your stuff.

If you are seen as an industry leader you are more likely to be asked to comment on industry news. This gives you access to a much greater audience, drives traffic to your website and generates more quality links.

4. Other Bloggers’ Audiences

Writing guest blog posts can be a great way to grow your audience. If you can find another blogger in your niche who needs content they may well be willing to have you write a guest post.

This gives you access to their audience and some of their readers might well like your stuff and become regular readers of your blog. Having links from other blogs can drive traffic to your blog and help your site climb the Google rankings.

5. Your Customers (pt 2)

Rather than producing useful content for your customers you could focus your company blog on connecting with your customers.

This strategy has been used to great effect by large corporations such as Microsoft and General Motors, maybe it can work for you too.

Using this strategy it would be typical for the head of your company and other company leaders to blog about their interests. They may also give their view on industry goings on and new products (like with 3).

As always, feel free to comment :)



9 Ways To Cheat At Social Media

Game Social Media

1. Buy likes/ followers/views

There are websites where, for a fee, you can get likes on your Facebook Page, buy Twitter followers or buy views on your Youtube video.

There could be benefit in doing this. Your accounts look more popular and with a phenomenon known as social proof, people are ironically more likely to trust you, gaining you more real followers and influence.

2. Buy plus ones

There are packages where you can now buy Google +1s for your website. Though the effects of buying +1s are largely unknown, it is possible your website might gain a higher ranking the more +1s you have. Google +1s from others in your online network are certainly a ranking factor in Google.

3. Mass follow/ unfollow

Either manually or using automated churn scripts like Tweet Adder you can follow and unfollow hundreds of people on your Twitter account.

The follow back rate for Twitter is around 50%, so if you follow and unfollow enough people you can amass quite a following without looking like you are following half the planet!

4. Automate updates

To ensure there is substantial content coming from your Twitter account, you can go to any website with a blog and copy and paste the RSS feed into Twitterfeed. That way every time there is a new post it will be automatically tweeted out to your followers. Social Oomph is another tool you can use to automate your Twitter updates.

5. Game Klout

Klout is a measure of social media influence. The algorithm measures follow-follower ratio, as well as number of tweet, retweets, etc. You can game Klout though. For instance just Tweeting a lot can get you a Klout score of 50 (I do mean a lot 😉) and here’s another post about gaming Klout.

6. #ff lots of people

Follow Friday (#FF) is a practice used to by Twitter users to recommend people they follow. One way to get visibility with your followers is to #FF many blocks of your followers on a Friday. This is also likely to get you mentions if they thank you (think Klout score) 😉

7. Use a personal account for your business on Facebook and friend people

You can open a personal Facebook account for your business and attempt to ‘friend’ prospective customers. You can then convert to a Facebook Page once you have built a fanbase! You might get slapped with a temporary ban if too many people report you for attempting to ‘friend’ them though.

8. Steal blog content

At the darker end of the spectrum, you can put up a website, ‘scrape’ content from other websites and use it on your own :(. If your content gets ‘crawled’ before the stolen content, Google may recognise your content as the original!

You can prevent this from happening to you for example by using this free plugin on your WordPress site

9. Spam blog comments

To try to get traffic to your blog and backlinks you can find and comment on as many blogs as possible that your customers and prospects are reading and add comments with no value; you don’t even need to read the blog to do this.

The most traffic generally comes from comments near the top. Be warned readers may think it unlikely you are ‘adding to the conversation.’

Some of these tactics mentioned here are more effective than others, some are also more unethical than others too! Just remember, the reputation of your business is at stake.

Do you know of any tactics people use to try and cheat at social media?



5 Things Your Company Needs To Do To Stay Relevant

Happy Customers

1. Follow Industry Leaders On Twitter

Who do you look up to in your industry? Who are the experts? Who are the leaders? Who is at the bleeding edge when it comes to industry trends? Make a list of at least 10 of these people who are active on Twitter and follow them (I follow many more).

If they tweet something out and you have something to add then tweet them back, hell tweet them back anyway – that way your followers will think you’re an industry leader too 😉

2. Ask Customers

What do your customers want? Why not ask them through social media channels! Which is their favourite product? What do they want to see improved in your service? Ask them and act on it, your customers will appreciate it :)

3. Testing

The technology world is constantly testing. They run beta tests on selected groups of experts on new technologies, they split test the text, graphics and layout of their websites. Then they make iterative changes and test again.

Can you use this kind of testing? For example split testing a new menu at your restaurant or split testing the standard telephone response at your business?

4. Monitor Competition

Are your competitors innovating? Maybe they have spotted a trend in the market that you have not latched on to yet? Maybe they are doing a product launch? Maybe they have a new service?

Simply set up your social media listening station, monitor and stay more relevant than your competitors :)

5. Go Off Topic

If you are a local business, try thinking about what your customers are interested in and what is relevant to them, then use that for your online marketing content.

It may have nothing to do with your industry but is relevant to your customers. For example if you are an estate agent maybe you could do reviews of local restaurants on your blog.

Mmm Food

I hope this post has given you some food for thought.

Stay relevant people, and keep this blog relevant by posting in the comments :)


How To Make Your Website More Social

Social Media Website

Its a great idea in 2011 to make your website as social as possible.

Here are a few things you can do to make your website a more social experience! (If you’re a WordPress user :))

Comments – enabled

Use the Disqus plugin to allow peoples’ comments to be updated immediately.

This encourages people to comment and you are notified immediately by email when they do :).

Share buttons – everywhere

Use the Tweet Meme button and the Facebook Like button at the top of your posts.

Use the Share and Follow plugin at the bottom of each post to encourage sharing on: Delicious, Digg, Facebook, Reddit, Stumbleupon, Twitter (and more)

(I just use the share part of this plugin.)

Encourage Connection

Use the Social Profiles plugin  to encourage people to subscribe to you posts and connect with you :)


Import your latest tweets using the Twitter Tools plugin. This plugin also automatically syndicates your blog posts directly to Twitter, saving you time.

Facebook Connect

Use the Facebook Like Box for social proof and to encourage people to like your Facebook Page. Facebook generates some code for you then you pop it into a text box and put it in the sidebar.


The Twitter follow button

Googleplus/ LinkedIn

I have tried the Googlecards plugin but haven’t got it to work yet (give it a try to build your circles :) )

I do have a +1 button at the bottom of each post though.

Its probably a good idea to use a LinkedIn share button if you are a professional too.

Your Site?

Do you use any of these plugins? Which plugins do you find best?


I hope this helps.



If you would like to get the edge on your competitors fill in the form below and I’ll help you win with social media :)

Grab Your free Gift: 7 Step Guide To Winning With Social Media
* indicates required

Social Media For Business – Still Not Getting It?

Social Media For Business #Fail

Most Businesses Still Aren’t Using Social Media

I have been reading and listening to a few thing around the web recently which in many ways I still find surprising but in other ways match up very closely with what I am observing in reality…

… general companies still do not get social media for business.

Social Media Stats

Stats show that in the US 31% of small businesses have a social media presence (27% on Facebook) and you can bet your bottom dollar (or pound) that is one hell of a lot lower in the UK.

The thing is that of those companies I have observed who do have a social media presence only a handful are active and even less are using the tools effectively.

I honestly don’t know what the holdup is here?

Does this explain it?

Perhaps a recent marketing over coffee podcast I listened to where author DM Scott is interviewed offers up some explanation?

David provides social media marketing consultancy to big corporations in the US, only that’s not what he tells the CEO.

David frames social media for business as real time communications and he says the businesses he work with understand the benefits of that a lot better.

Does this explain it?

I think one of the issues is the perception of social media as being what teenagers do for fun, particularly by the older members of the buisness community.

Sure, people do share pictures of pets, tell you what they had for lunch and all sorts of other stuff through social media but there are also many conversations occurring which are of potential benefit to your business!

Start Today (or Monday)

Find the conversations, build your audience and influence, grow your customer base and sales. (See my resources section for the best resources to show you how :) )

At the minute hardly anyone has started.

I cannot over-emphasise just how HUGE this opportunity is!

Start your social media marketing campaign today! (or Monday)

What’s Your View?

How are you getting on with your social media marketing? What factors do you think are holding businesses back?



Social Media Profile Branding

Social Media Profile Branding

When it comes to social media profile branding it is important to be consistent.


You will want to use your company name across the social media platforms or if not at least grab the name so no one else can use it :).

Use this tool to check the availability of your company name across many social media platforms.

As an alternative you may wish to use your own name, a version of your company name or a combination of your company name and your name (like I am have on Twitter).


Another element which needs to be consistent is the design. If you have the resources it is advisable (if possible!) to customise the design of your social media profiles.


Social media is all about connections between people. One way to increase the level of connection with your profiles is by using photos of people (headshots) rather than the company logo as your avatar.

Mari Smith suggests having several shots taken by a professional photographer and using those across the various social media platforms.


It is important that your content is consistent, for example that you post regularly and maintain the same ‘voice’ for your company.

Larger companies with many people contributing may wish to draw up guidelines to help with consistency.


I hope you find this post useful!

Any branding experts want to chip in :)?

Have you thought about the branding of your social media profiles?



The ROI of Social Media for Business

The ROI of Social Media for Business

This week I had the pleasure of attending a panel debate about the Return on Investment (ROI) of social media for business, chaired by John Robb in Manchester.

The impact of some traditional online marketing such as Pay Per Click advertising can be easy to measure but with social media is much harder, hence the debate.

Now, you could write a book on the ROI of social media, about there being multiple touchpoints, measuring the value of each interaction or Facebook ‘Like’ etc etc. and I am sure someone probably has or will very soon.

For me it boils down to this: If your company does not invest in social media and your competitors do, long term they will win. They have invested, they get a return, you haven’t, you lose.

Whilst this is a sweeping statement I predict for the vast majority of companies in the UK its true. You only need to look at what’s happening in the US.

Using social media you can build a community of loyal customers, win new customers, conduct market research, recruit, provide customer service, get free ice creams (OK I was joking about the last one ;))

In a few years time social media is going to be integrated into the fabric of pretty much every business in the UK. Those companies who invest now are the ones who will see the best return.

Am I right about this? Is social media a fad? Does social media marketing only suit certain types of company? Let me know what you think in the comments below :)


Gain Permission, Keep Permission

Social Media Marketing With Content Image





With advertising on traditional media channels your advert is typically presented alongside content the user wants and is hopefully enjoying.

This could be listening to music they like, reading their favourite newspaper/magazine or watching their favourite soap.

Your advert is an interruption during the show/ article which the user puts up with and your message eventually gets through through repetition.

With social media marketing its different. People have to choose to tune in to your company, your adverts. How are you going to make them do that?

If you keep clobbering them with promotional messages you will get tuned out and switched off faster than I can say ‘follow me on Twitter’.

One way to make sure your customers and potential customers are tuned in to your messages is through content marketing.

Quite simply if you produce relevant and useful information for your customers and potential customers you become a resource for them and they can’t wait for your next update!

Gain permission from customers and potential customers to send them your messages, keep permission by sending valuable content :)

I hope this helps.



PS. Feel free to post a comment in the comments section, if you do it will be uploaded onto this website immediately :)


Tip: Be Bold

Be Bold – Create Remarkable Content

You may work for a solicitors or the government it doesn’t matter, if you want to attract attention on the social web, you need to create interesting content which people will SHARE. This means emotion and controversy. How about the top 5 miscarages of jusdice or 5 laws you didn’t know about? Or how about some rare and inspiring quotes from famous world leaders/ politicians?

If you have any examples or other comments I would love to hear them :)

Kind Regards,