A few months ago I tried to log into my blog and there was an error message on the screen saying that there was an error in my blog files so I was unable to log on.

I opened my cpanel and found that a list of ‘iframe’ commands had been added to the end of my index file overwriting part of what should be there, I cleared those and tried to log in again, I then found similar commands in default-filters and default-widgets.
I cleaned these and logged in successfully, I then did what I was planning to do in the first place.

I then tried to log into another blog on the same site, exactly the same problems occured. I cleaned those and carried on.

The following day I tried to log in again, the problem was back again. I contacted my host support, they said mine was the only site affected on that server.
They suggested clearing the site, changing the passwords, scanning all files and rebuilding it, making sure I used all the latest updates for plugins etc.

I did this and all was fine for a few weeks, then the problem happened again, hitting all my different sites hosted on the server, I cleaned them all several times, but it kept coming back.
I changed all the passwords again, but that made no difference, after a few hours it was back.

I was certain it had to be something infecting through the hosting account as it was hitting all the sites at once, even though the blogs all had different admin passwords.

I was not saving my passwords when I logged into these sites and it was only affecting my hosting account, then I thought the only place set to log in automatically was my ftp client, this was Filezilla, one of the most popular ftp clients on the market, because it is freeware and easy to use.

Following investigations I found that Filezilla creates an xml file on the system that is written in plain language, including the password.

I then created a dummy record, “dennis.com” with the username “dennis” and the password “brooks”, here is the resulting site manager window

site manager

This is a section of the xml file created on my computer relating to the dummy account I had just created.

xml file

If you read through the text in the xml file you can clearly see the host name, user name and password. If you inadvertantly download a scanning robot onto your computer they can then see your Cpanel password on your hosting account and infect your site.

You are probably thinking that you will start using the quick connect where you put in the details on the front screen of Filezilla, that wont help you, the information you put in there is stored in another xml file on your computer.

The only way I have found to do it with Filezilla is in the site manager, change the “Logon Type” from ‘Normal’ to ‘Ask for password’ by using the drop down arrow on the side, then the logon type in the xml file changes from1 to 2 and the password is not shown.
OK so you have to put the password in every time you want to use the program, but surely that is better than having your site hacked and possibly months of work ruined

Since doing that I have not been hacked again.
You may think that I am not security minded to allow something to invade my computer to do that, but I have an active personal firewall and up to date anti-virus on my computer, and it still got in.

In some respects I was lucky, if they had not just wanted to add these commands to every index file on my host, but had taken it one stage further they could easily have gone into my Cpanel account, changed all of my administrator credentilas and used my site for all sorts of destructive purposes, and I would not have been able to do anything about it, other than getting my host to totally wipe my site and have to start all over again.

I have not checked any other ftp clients to see if they use similar methods, so beware, they may cause similar issues.

BE WARNED, YOUR FTP CLIENT COULD BE A SECURITY RISK ON YOUR COMPUTER.

Are you new to internet marketing, or have you been active for some time, but never been able to make any real income?

The main reason for this is probably that the people reading your adverts don’t know you, and if they don’t know you they are unlikely to see your proposition as trustworthy.
There are so many scams and dodgy people on the internet these days, just out to make a quick buck, that trust is in extremely short supply in the marketplace. Would you buy purely on the basis of an advert from a total stranger, possibly, but if the advert came from a person had you built a relationship with you would be more likely to buy.

The best way to promote yourself is to learn the art of Attraction marketing, there are several training courses available to learn this, probably the best is Renegade Professional, this is a paid for service that has many hours of online video tutorials covering all aspect of attraction marketing. There is a free version called Renegade University that covers some of the basics, if you like that you can always upgrade to professional.

Do yourself a favour and check it out, you will not be sorry you did!

Which form of advertising gets the best results, there is a case for both paid and free advertising.
Free advertising using traffic exchanges, emails, social networking sites, forums etc. tends to be time consuming in that you need to put out a lot of ads and you need to build a relationship with people to gain their trust.
All this takes time.

Paid Advertising

Personally I have always been a bit sceptical about the masses of testimonials you often see on sales pages.
How do these people either get several well known marketers to supply testimonials, or a huge list of members to provide them?
Do they pay them a fee for supplying them or just generate a large amount of hype to get them worked up?
Why do they rarely give you full details of these people so that if you are interested you can contact them directly, to hear it from them directly?

Well, I believe that a new software that has just been published for $27 answers that question, this software claims to allow you to write a testimonial in minutes. This will increase my sceptisism of testimonials, because program producers can write them for their members to put their names to for free membership or something of the nature, that is assuming these people are genuine members.
Of course a post like this will generate a certain amount of controversy, because a lot of them rely on testimonials to make sales, but how much can you trust them?

I hope you realise this is purely a personal opinion, I am sure that the producer of this program did it with the bast of intentions, but it could very easily be abused.