Select Page

Today I Learned About The Value Of Convenience

From Gerry McGovern’s article, New Thinking: Convenience Trumps Security, in CMSWire:

Making things convenient for customers makes good business sense. It delivers tremendous return on investment. So, why don’t more organizations focus on convenience?

Organizations are generally very good at measuring costs, but they are usually very poor at measuring the value that derives from making customers’ lives easier.

Hey Microsoft: Your Ad Doesn’t Mean What You Think It Means

Text on a page. It should be so simple.

Unfortunately, writing is something wrapped in a great deal of subjectivity. What seems perfectly clear to the writer might come across as meaning something entirely different to the reader. Sometimes this leads to rather delightful, if unintended, interpretations of a text.

Here’s an example:

Screen capture of a Microsoft advertisement for a Windows Phone.

Hey Microsoft… This ad, it doesn’t mean what you think it means…

Seems to me like Microsoft is encouraging people to switch away from their Windows Phone…

The WordPress Bot Attack

So, there’s plenty of news about the 90,000 node bot that’s currently trying to gain admin access to WordPress sites by brute-force guessing admin passwords.

There are a number of things you can/should do to harden your site against this type of attack…the most important being to USE STRONG PASSWORDS!

I installed the Limit Login Attempts more out of curiosity. I’ve seen it recommended in a number of places, but was curious what it would do against a 90,000 node bot. Seems to me like it wouldn’t be that effective…

Still, moments after installing, I get this report:

Screen capture of IP addresses locked out of site.

90,000 nodes on the bot trying to brute force passwords for WordPress. This is what I see after installing the Limit Login Attempts plugin…

Each lockout stops an IP from logging in (or trying to) for 20 minutes. After 4 lockouts, you’re banned for a much longer amount of time.

Not the best solution, but it at least shows me that I’m being targeted…

If you host a WordPress site, you really need to make sure you are using strong passwords for your admin accounts. There are also a host of other steps you can be taking to harden your site against attacks.

Please add good resources in the comments!

Plug-ins Worth Considering

  • Limit Login Attempts – Probably a useful plugin in general, but of limited utility against a botnet composed of 90,000 nodes…
  • Better WP Security – This one looks kickass and I see it recommended frequently, but make sure you have solid backups and have tested recovery before throwing it on an established site. …And yeah, read the manual first.

In The News


So, I’ve kind of orphaned a whole slew of side projects (including this blog) lately while I worked on spinning up another blog to test some SEO, content strategy and audience building approaches I’ve had rattling around in my head for a while.

It’s something I’ve been working on in my spare time for a bit over a year, and I just wanted to do a quick retro and reflection on where I’m at. It’s not a huge deal, but I’ve passed a couple of personal milestones that are worth noting:

A Week of Site Traffic of ~250 Visits a Day
Seems like nothing, right? Well, what makes this special to me is that I built this from scratch. In my spare time. The world is a lot different when you have no existing brand, no guaranteed traffic, and no time to invest in generating either. Nothing.

Screen capture of a google analytics visitors report.

Transparent red line indicates relatively sustained traffic at or above 250 visitors a day.

Broke Through the Google Webmaster Tools 50,000 Impressions Ceiling
I was stuck at 50,000 impressions (exactly) for so long that I’m convinced Google has a throttling mechanism in place. I suspect site age has something to do with it.

Screen capture of the search terms report in Google Webmaster Tools

In April, I finally broke through the 50,000 impressions ceiling.

Identified the Reddit Effect in My Analytics
Reddit is notorious for driving mad traffic to unsuspecting websites. After careful scrutiny of my analytics for the last year, I was able to tease out correlation between visitors and having a post make it to the front page of a smallish (50K subscribers) SubReddit. Can you see it? 😛

Screen capture of a Google Analytics report

If you look closely and use your imagination, you may discern the Reddit Effect.

And of course, there’s more…

Some Things I Have Learned
Some of what I’ve learned over the past year kind may seem obvious in retrospect, but kind of surprised me as things were progressing…

  • Starting from 0 is a different game than taking over something that already has momentum.
  • Branded search terms have very little value. People searching for my site name are always going to find my site name. What has value is driving traffic for keywords related to the subject domain of my site.
  • My highest performing posts are longer pieces that dispense with the advice about brevity, bullet points, etc. Readers don’t appear to be afraid of a lengthy post so long as it helps them answer a question, provides them with something of value.
  • The project will consume all my time if I let it. I need to do a better job balancing my after-work time between my projects and my friends and famly.
  • This is the most fun I’ve had in a long, long time.

The Valve Handbook

The Valve Employee Handbook, a must read for anyone sick of the traditional workplace and dreaming of a better way. It looks like at Valve, they have the courage of their convictions to put the ideal of the Enterprise 2.0 movement into actual practice, to not constrain themselves by the fetters of doing things the way they have always been done. Interestingly, the first step in pulling this off is hiring the right people, then getting out of the way and letting them do their jobs.

Why do so many organizations get this last part wrong?