Category: Tutorials

Home-Start Resources Page

I currently host around 40 Home-Starts with a couple more in the pipeline. I also started working with Matt Hann and Tanya Freedman (HSUK) and look after another 40 sites there on a three month rolling contract. The additional 40 sites are based on one promoted by Rutland Online who are no longer developing sites for HSUK. These sites are also in the same hosting you are in, just in a different account. My role is to maintain them each month. 

I have hit quite a few problems in the way these new sites were set up. To help people there is a page you can also use here https://wingrove-media.uk/hsuk/ which lists those websites, but of greater importance, at the bottom of that page are some self help guides. You are free to use these if you wish. Some relate to the way that the hosting works, some relate to specific issues in that design of website. Many are relevant to you as well.

#BehindTheMask

I have just added one which contains a specially built slider to add the existing slides used on the Home-Start home pages to help promote #BehindTheMask. Please do help yourselves and download your copy of the pre-built slider and the instructions. It only takes 5 minutes and I have done the hard work for you. Note that the dimensions of the sliders used on your sites are different to the ones used on the HSUK sites. I have done two sets, just take care to pick up the right one. 

I also have a couple of posts prepared which you could also import and publish including the graphics. Contact me for more information. 

Beware of the peaks!

For much of the past month I have been working my way around sites and making sure the sites are updating correctly. In some cases they have not been doing this without additional input. I have not got to the bottom of why, some of it is related to the Divi template. I spent a very tortuous 2 days seeking support to find out why. It would have been more productive watching paint dry. 

However I digress, I looked at around 70 of the sites I am hosting. I had to make changes to them to get the last version of WordPress to manage the updates. After I have done this the sites should in theory look after themselves. 

In the dashboard of most sites is a Google Analytics summary of the last 30 days of activity on your site. I noted the image below which has a strange peak in it on one of the sites. 

This is not normal

Then I found another one

And another one

And another one

Unravelling the thread

I found five in around 70 sites, so it was not everywhere. But what is it? I chose one site and decided to check Google Analytics to see what it recorded.  The peak in most cases occurred over a 5 minute period when allegedly around 350+ people from around the world decided to visit your website at 9am in the morning. And I do mean from around the world, not just in the UK. Any country in the image below that is a shade of blue, means people (allegedly) came from that country. 

The image on the left shows the top 31 countries and how many computers in each country.  Click on the image to see a larger version.  Not listed here, but I did check, looking at Russia countrywide, the visits did not come from one computer, but came from many across Russia.

What is going on?

Given the attack which is still going on some 4 weeks after I was notified on another site, I am very conscious of how long that took to sort out. I checked in with the hosting company to ask about these and what they thought they were. I did not get a straight answer, other than any attack will be handled by special measures in the hosting and the site will continue to work despite this.

It is unlikely that these sites were affected in any way, the visits in this case were no different to UK based visitors. The only difference is they came from everywhere in a very short period of time, apparently altogether or in quick succession.

Speculation

A few years ago I witnessed an attack on one of my sites while with another hosting company. I documented it at the time in this site. The site in this case had a protection mechanism built in that if there were too many visitors arriving at once, or trying to log in, they delayed any further activity from that IP address. As soon as one was blocked another one started. When that was blocked another one started, and they skipped all around the world in a few minutes.

The site was not taken down, but this is basically known as a DDoS or Distributed Denial of Service attack. The expectation being that if enough computers hit your site it will consume the server resources and your site will grind to a halt.

 

Click on the image to see a larger version

BOT Network

It is highly likely that I was witnessing a Bot network which is a set of compromised servers from around the world controlled by one central resource and they were testing it. When I last came across this I had all of the IP addresses of the computers, and could do a geo location search and also identify the owners of the computers (if they were a server for example). In many cases they were corporate servers owned by respectable companies that probably had no idea that there were additional processes running off of their computers. 

The system might be targeted at some point on a corporate server and financial demands made to turn it off. 

Things for you to think about

If you see a massive peak in your statistics that you cannot account for, let me know ASAP. I will look into it. If you have one of these it means your statistics for that period are no longer valid. So do not use them in any promotional documentation. 

You may have seen in the past messages like We checked your website and it was not getting many visitors pay us ££££ and we will increase the number of visitors to your site”  Well this is one way of doing it. It will not however generate any more business because the visitors are not real.  

I can selectively turn off countries from accessing your website and take some other measures with the hosting company if you see anything like this. 

However it should not really impact your website, or your existing visitors. If you are not sure about something; drop me a line. 

Social Media Strategy or just winging it?

During my business career, from around the mid 1990’s there was a phrase that used to be passed around in “Marketing Speak” which was “Work Smarter not Harder”. 

This article and the corresponding PowerPoint attached below is really all about this. I have come across examples where there is either a lot of effort going into administering and keeping a social media feed up to date, and nobody is paying attention to the website, or both are working independently. 

The discussion looks at the problem from a number of angles, and asks several relevant questions in terms of what you think you are trying to achieve. For example if you have a facebook group, do you realise that this facebook group is similar to a congregation and you are preaching to the converted?  Really what you want to be doing is extending the reach of your organisation and growing the interest in your website (and facebook group). 

It is not difficult to do, but it does encourage you to stand back, see what is happening and then ask yourself is it yielding dividends for the organisation, or are you just doing what you think everyone else is doing without understanding why. 

The Social Media Strategy ppt explores ways of helping you to reach further, and grow your viewers. The website is central to everything and is like the Oracle, it contains all knowledge about your organisation and news. You copy links from your site to social media. That means you do not have duplicated effort, so you can now work more efficiently. 

Anyway enough of my marketing, if it encourages you to think out of the box and ask why, it was worth putting together. Drop me a line if you have any questions or seek clarification. 

 

Social Media Strategy

Captcha Solution for Contact Form 7

I have been using contact form 7 on many websites for the past few years. I have noticed that there are some anti spam measures which are being defeated by spam bots (computers that post spam into forms).

I am reluctant to use Google Captcha because I think that while it is undoubtedly effective, it also presents a barrier to some users, particularly elderly ones. I have also seen preferential treatment (aka easy access) when a user is using Chrome, but other browsers they may be stuck answering questions makes bypassing it frustrating to say the least.

I have just found Contact Form 7 Image Captcha by KC Computing (Kyle Charlton) which is very elegant, simple and works fine. It asks the user to click on an image which matches some text. A user has to complete this step before submitting the form.

If your site is using Contact Form 7, you can load this plugin into the library and then insert the following shortcode into the form: [cf7ic “toggle”]

If your website uses the form in a dark coloured panel, the formatting of the text may not work very well. To get around that problem you can add the following text into the CSS for your site. For Divi users this can be found on the Divi settings page at the bottom. There is a space to add CSS in there. It will change the selected text to yellow.

 

 

.captcha-image .cf7ic_instructions span {
color:yellow !important;
}

Evening Tutorials

  • Would you benefit from more training on your website?
  • Would you like to get some more of the cool features to work on your site?
  • Do you need a refresher on common problems?
  • Would you like to participate in a forum?

Just thinking outside the box here. I know from working with some of you, you have picked up the concepts behind editing your websites and have done really well. If you would like to become advanced users and learn how to do more,. why not consider signing up for a once a month (free) or ad hoc online Zoom Tutorial? I could run this as a forum and have multiple attendees. 

Let me know if you are interested in going that extra mile. Use the contact us page to send me a message. 

From website referral form to CRM

Mainly for Home-Start organisations, but it can apply to any group with online referral or application forms

I have built a proof of concept which has a referral form online which is quite complicated. 

The user inputs data into the form and then sends it to the recipient. 

The recipient has a very easy form to read. The form formatting can be applied to user requirements. 

Within the form the data is duplicated as a CSV string of characters (Character Separated Value). You can copy this block of text and paste it into an Excel spreadsheet and then apply Text to Columns command. Now each cell has a data field contents in it. You can manipulate it further from here, or even import it into your CRM system. 

To find out more and look at a working example with documentation that you can try online, go to here:  http://wingrove-media.uk/generic-application-or-referral-form/

Follow the link above to visit the page with the form on and try it out for yourself. 

Graphics Editing Software by Affinity

This is a limited time offer and exceeding good value, please read the following if you are editing your website. 

When I first started developing graphics for websites I was using the Adobe Web Suite of graphics applications. I had invested around £1000 back in 2012. 

Adobe started a program of converting users from pay per application to pay per month around 3-4 years ago. They revoked my licence to use Adobe Web Suite on the pretence that I had purchased their software from a non-approved distributor. Then offered me a pay per month package at reduced rates. I could not afford the £40 per month fees. Many others like me were stung by them. I have never trusted them since. I needed to fill the gap in my tool chain pretty quickly!

Serif Affinity Software

I came across Affinity Photo through my Mac. I purchased that at £49. This package is what I have pretty much exclusively used for all of my website development since. It is also available on the MS Windows platform.  If does everything you need it to do at a much lower price than Adobe Photoshop, plus you pay for it only once. 

Right now (19/01/21) this software and two other packages are available at 50% discount, and you can try them for free for 90 days. That is £23.99 each (one off payment).

There are three packages available at this price. Affinity Photo (a photo editing package within which you can also create graphics and layered designs). Affinity Designer, a vector graphics application, this one is a bit more specialised. Affinity Publisher, a sort of grown up version of Microsoft Publisher if you are creating graphics for brochures and publications. Each of these is £23.99.

The offer which includes download and use for free for 90 days as well as purchase at 50% discount is available from today. 

From my perspective, the packages are very easy to use, support is good, along with tutorials. These are professional packages not just aimed at consumers. If you want to create graphics packages, brochures, posters then you cannot go too far wrong with these. 

If you are buying them for the Apple Mac platform, then you can also use Family sharing and have multiple installations. 

Plus if you are a photographer…

I also use Affinity Photo for post processing of RAW images from my camera. This allows me to finely tune any photographs I have taken before converting them to JPG.  

Where to go to see the offer

Follow this link to see the offer and try the software out. I don’t think you will be disappointed. https://affinity.serif.com/en-gb/?utm_source=serifemail&utm_medium=email&utm_campaign=COVID19-V2-Offer&mc=COVID19V2E01

If you are purchasing for your charity, and not for your personal use, I recommend that you do not tie it to an individual with a personal email address. Use a generic email address or functional name. The software is licensed to a functional role in the organisation if you handle it that way. So if your current editor leaves, you still have the software for the next website editor. 

Effective Use of Social Media with WordPress sites

I thought I would kick of 2021 with a reminder to everyone, or perhaps this is totally new to you; how to use your site effectively with social media.

Many of you already understand this and “get it” but as I work around the 130+ sites I am hosting I see examples where there is little activity on the site, but lots of activity in Social Media. So, social media has basically replaced your website as the means of conveying information and raising interest.  The reason why this is not a great approach is you are preaching to the converted.

The problem

Some people find adding things to social media really easy, and adding things to your website takes longer. While this is true, the benefits of adding things to your website in terms of news is of much greater importance than adding it to your social media feed. So it is worth taking the effort to do it. There is no excuse, because if you have forgotten how to edit your website there is a guy in Buckinghamshire who will be glad to run an online Zoom session, and show you how. From around June of 2020 I started to run online editing sessions over zoom and recording them and adding them to your site. I also now add Editor pages into sites with guidance built in. So all the help you need is there, just ask. 

Why posting only in Social Media is not a good idea

Many organisations have their own Facebook, Twitter, Instagram accounts. This is good. But think about your audience. Your audience (people that have signed up to join your feed) are already fans or interested in what you do. They have already bought in to your value proposition. So you are preaching to the converted. But are there any new people coming along. Probably not. 

There is so much social media around now, probably in excess of 100 outlets you are unlikely to stumble across a feed which will be of interest to you. It is more likely you will locate a feed through a website with a link to it. That is important, people find social media feeds largely through visiting websites. This is because search engines mainly refer to websites, and people are used to browsing websites. Think about those feeds you have signed up to, how did you get there in the first place?

Think Website First

This is the approach I recommend you take, and how to measure it. Firstly plan, what is it you want to say? How do you want people to respond? Hold those thought at the back of your mind when you create a post for your website. 

You have the benefit that you can say a lot in a blog (news page) on your website. So get those messages out crisp and clear. Add an image or two to keep it interesting. You have already exceeded what you can show easily on Facebook and Twitter. 

Avoid Text in Images

Some people go to great lengths producing graphically rich content. Which is fine for humans. But the internet infrastructure works on Text. Computers cannot read what is in an image. Also accessibility standards state you should not put text in images because people with visual impairments cannot read them. (Their computers read text, but cannot read images). By all means show an image, but make sure the key points are in text in the post. Then search engines will be able to pick it up. 

Assign any relevant categories to your post and publish it. 

Turing to Social Media

Now that you have your full message on your website, you can now turn to Social Media. Pull your website up in your browser, navigate to your news page and open the new item so it is full screen. Copy the URL (Web address) for the page. 

Now switch to Twitter, Facebook etc and paste that link into the feed. You do not need to write everything again. But you could put a short note there. Usually what happens is social media will pick up some of the text and images from your website. 

Check GA in a few days

All of my sites have Google Analytics added to them, so you can go to your GA account (contact me if you need access and have not been there before), and check what has happened on your website.  You should anticipate a big spike in visitors, because they have been referred from Facebook, Twitter, et al. 

But……

You are still only reaching the converted. So how do you spread the net wider?

This needs a little research, but is definitely worth the investment of time. You could start by looking on a map at the major regions around your location. Then look on Social Media to see if there are interest groups in those areas. For me, there is Your Prestwood and Great Missenden. It is generic, and designed to connect people together. Unfortunately many of these feeds are cluttered with adverts from businesses. However you are different. You are a charity in need of help and promotion. It is likely that the moderators and admins will look sympathetically at your case. 

Join some groups locally around your location and when you are looking for volunteers, or looking for donations, or simply wish to promote your work, you create a post on your site, publish it. Take the URL for the post and paste it in these newsfeeds. Now you are preaching to an audience that may not be aware of you. Not everyone will come, but you should get a significant blip in interest. 

 Spreading the net wider

So, start to think bigger, how can you reach out to a wider audience and bring people into an inner circle of “friends of your organisation”. You will find this approach can yield big dividends in establishing your presence, value and needs. 

Don’t forget the search engines

Another advantage with this approach is you have generated back links (links back to your website) which are vitally important in your ranking with Google and other search engines. The more you have, the more important your website is perceived to be. Also the content has been indexed, and may come up in searches. So you have increased the possibility of being found. 

Working Smarter not Harder

I think if you adopted this approach, you will see results, and unlike just using your social media groups, you are exposing what you do to a larger audience. That will ultimately bring more people to your site, and that may increase your supporters.  In this process you only created the post/ news item in one location. So you did not have to do it multiple times. All you posted in social media was a link back to your news item. The only other thing you needed to do was check on the social feeds in your local communities. 

Capture and Retention Strategy

You could all take this a stage further. Many of you have a newsletter function built into your website using MailPoet. If you regularly publish news on your website, then this news can very quickly be built into a newsletter (it takes less than 5 minutes). You send the newsletter out to subscribers to your website.  Maybe once a month, or once a quarter. Here you are taking your website out to the subscribers rather than waiting for them to come back. This too will cause a huge peak in website visitors. 

Putting this all together, you have these classes or groups of people. 

    • Group A: Those that have never heard of you  (Millions)
    • Group B: Those that have heard of you and watch your social media feeds (50-100)
    • Group C: Those that visit your website (80-400 per month)
    • Group D: Those that are subscribers (50-100+)

Group D are the most loyal and most attentive group. Your goal is to grow this group by measuring the number of subscribers on your website. 

Group C will contain regular fans, and passers by. Prominently advertise on your site that you have a free subscription. Convert Group C members to Group D members. 

If you are treating Social Media (Group B) as a separate thread to your website, then the chances are those watching Social Media are not looking at your website. By posting links to your site from Social Media, you can change that. If you can drive Social Media watchers to your website, then you can get some of them to sign up to Group D (subscribers).  Remember you can measure that.

Group A is where the gold is. In B, C & D those people are already aware of you, you need to reach out to those that are not aware of you to grow your numbers and levels of interest. This is where you should be placing as much effort as you are on your own social media channels. In group A are donors, volunteers, prospective employees, trustees, subject matter experts, the list in endless. They just don’t know about you yet. 

Put a Marketing Plan together

A marketing plan can and should be larger than this activity, but just focusing here for a moment. Set your self some goals to get more hits on your website. Most local charities with a few exceptions get around 150 site visitors a month. Give yourself the goal of growing it by 50%. 

If you have a subscriber list and newsletter in your website aim to get that to 100 (which should be relatively easy to do). 

The point here being that these are things that the average person can do, and better still you can measure whether it is having an impact or not. So you are not working blind. Use the statistics on your site through Google Analytics, and the subscriber list to provide the assurance that you can make a difference, and drive it relentlessly throughout the year. 

It is not all theory

Here are three examples of why I believe this can work for you. 

1). Prestwood Village Association (https://prestwoodva.org.uk) this organisation is based in my village. I joined them in 2011 and built the original website. It is now on it’s third iteration. We added the newsletter to the website and used Social Media outlets to market the site. Using the same methods I have mentioned above. Prestwood in Buckinghamshire has around 2,500 homes.  The website has over 1000 subscribers. That means Prestwood Village Association at any time can reach out to 1000 people in a matter of a few hours. 

2). Horsewyse CIC  (https://horsewyse.org.uk) is an equine facilitated learning school for children with special needs. They raise additional revenue during school terms by holding day care/ supervision for children for one to five days a week. Coronavirus pandemic excepted; through out the year adverts are placed on the website to say when the next set of dates are coming up. I send out a newsletter to a growing number of subscribers, in the newsletter I ask people to share it with their friends, so more people sign up. That subscriber list has gone from nothing to over 140 people in a couple of years.  Here again the messages are taken out directly to people that interested to know what is happening. 

3). Home-Start Cotswolds (https://home-start-cotswolds.org.uk) I was working with one of the members of the Home-Start Cotswolds team in January answering some questions. I noted that there was an unusual peak of activity on their site over the Christmas period. Bringing around 60+ people to the site in 2 days. I commented that is looked like the site had some unwelcome attention from hackers probing the site. But happily it was not the case. The website editor had posted news on Facebook which directed people back to the website where they were seeking volunteers. You could track the number of accesses to the volunteering page as well. – Well Done Home-Start Cotswolds, that is the way to go!

Got some ideas, not sure what to do?

Drop me a line. Happy to help get you started. 

Annoying Corel Pop Up and How to Fix It

This will only be of interest if you have the problem!

What is the problem?

I use several Corel products on my system.  They are associated with graphics and video production and manipulation. I have used them for years, but much less so now. However they are still on my system, which is part of the problem. 

Corel have decided to tell me exciting news about Particle Shop, Paint Shop Pro, Video Studio et al with a pop up which appears in the bottom right of my screen. Nothing particularly wrong with that except that despite many hours of research and trying; you cannot get rid of it. It pops up randomly. That can be very annoying if you are recording your screen for someone and are 30 minutes into the recording!

I am not alone

Search around forums and you will find lots of people are annoyed with this problem and the lack of guidance on how to get rid of it. The general solution is to go into each application and search for messaging and turn it off. Which I have done, and they still pop up. 

I don’t mind an app telling me that there is an update, or a special offer when I choose to run it. However Corel in their infinite wisdom it turns out has set up a scheduled task which runs every day. Even if I do not run the application. That is too intrusive for my liking. If removes my ability to control my computer.  I guess that is why lots of other people are complaining. 

The Solution

If you have been around the various forums and worked your way through the solutions and are still scratching your head, please review the text below which is recorded from an online chat with Shamili of Corel Support.  It would appear that in some cases you can end up with a command in the scheduler, and that is the reason why the adverts pop up independent of the settings in the applications. 

I do not think this practice is a very smart one, it has put me off acquiring any more Corel Products. 

 

 

Nov 16, 2020, 4:57 EST

Chat started: 2020-11-16 09:40 AM UTC

(09:40:31 AM) Mark Wingrove: I have an annoying pop up originating from Corel which I want to get rid of. It is popping up on my screen almost daily now. I have been through all of the corel apps on my system and cannot find the culprit. I have read about the problem and the Corel response. I have tried those, but I am still getting them.
(09:40:33 AM) Corel Customer Support: This chat will be recorded for quality purposes. Terms of Use http://www.corel.com/en/terms-of-use/ | Privacy Policy http://www.corel.com/en/corel-privacy-policy/
(09:41:26 AM) *** Shamili joined the chat ***
(09:41:29 AM) Shamili: Welcome to Corel, My name is Shamili.
(09:41:31 AM) Shamili: Hi Mark
(09:41:38 AM) Shamili: How May I help you?
(09:41:38 AM) Mark WIngrove: Hello
(09:42:02 AM) Mark WIngrove: I want to get rid of the source of a pop up which keeps occurring on my system.
(09:42:20 AM) Mark WIngrove: Currently it says Black Friday Savings.
(09:42:32 AM) Mark WIngrove: I am seeing them daily.
(09:43:24 AM) Shamili: May I know what specific product are you referring to?
(09:43:49 AM) Mark WIngrove: I wish I knew. I cannot tell which product is generating them. I have several corel products
(09:44:34 AM) Mark WIngrove: I have the following, any of them could be the source. However I have checked them all.
(09:45:28 AM) Shamili: May I know for which product You have got the pop up message
(09:46:00 AM) Mark WIngrove: Aftershot, video studio 2019, video studio 2020, painter essentials and corel photoshop pro 2020
(09:46:26 AM) Mark WIngrove: Currently it is promoting Paint Shop Pro 2021. I also keep seeing ads about special brushes as well.
(09:47:17 AM) Shamili: Please hold while I check on that for you.
(09:47:21 AM) Mark WIngrove: I have two version of PSP 32 bit and 64 bit
(09:48:57 AM) Mark WIngrove: PSP Ultimate 2020 has options under Help | Message preferences. Nothing is checked, and it also says do not show me tray messages for this application.
(09:49:39 AM) Shamili: Please try the following steps, to attempt to prevent the messaging pop ups from appearing:

1. Open up a run prompt by holding down the windows key on your keyboard + the letter “r”
2. Type Taskschd.msc and press ok.
3. Once the Task Scheduler app appears highlight the Task Scheduler Library Folder towards the top left.
4. The box on the right will show you what programs have scheduled tasks.
5. Locate the Corel tasks, there should be two of them and right click on it.
6. Choose delete
7. Close the window.
8. Restart the computer

(09:49:57 AM) Shamili: Kindly follow the above steps to get rid of popup
(09:52:01 AM) Mark WIngrove: Ok, I have the scheduler open and can see at least one task in there. How do they get there if I have turned them all off in the apps?
(09:52:16 AM) Shamili: Okay
(09:52:38 AM) Shamili: Here after You will not get any offers from the corel
(09:53:24 AM) Mark WIngrove: Yes but you have not answered the question? These pop ups are very intrusive and annoying. They are not doing Corel any favours here.
(09:55:18 AM) Shamili: Sorry for the inconvenince, I apologize for that If You use any software from the corel If there any offers going on You will get the offers messages If You disable it You won’t get it
(09:56:34 AM) Mark WIngrove: You still have not answered the question Shamili. I should be able to do this within the apps. If Corel is nagging me all of the time I am less likely to use it. Even take it off of my system completely.
(09:57:13 AM) *** Shamili left the chat ***

Watch out for Boris & his friends

This Boris comes from the USSR and other states that have no interest in your website other than abusing it. This is a short case study on why it is wise to remain alert.

Invitation to make some changes

On a few sites where I know there is very little annual activity on the behalf of the website owners, I help out from time to time adding a message here and there. Typically this year it has related to coronavirus shut down/ reopening messages. I received a message from one of my clients and proceeded to make the changes yesterday.

On entering the website there was an exclamation mark next to a plugin warning me there was a problem. I investigated, it related to an SMTP plugin which is used to handle sending messages on behalf of the website. This is usually more reliable than sending via PHP the native method in WordPress. By using an SMTP plugin the website connects to an SMTP (outgoing mailserver) and sends the message out through an email account.

In this case it warned me that error messages had been returned from the mail server. It invited me to send a test message to check it. Which I did. The first attempt returned an error, the second attempt a few seconds later was successful, the third attempt returned an error.

What was happening?

I have been down this path a few times, and suspected that the hosting company was limiting messages coming through the mail box, probably because of spam like activity. I raised a ticket with the hosting company and asked them to check and verify.

They never answered the question but requested access to the website to see the fault for themselves. They missed key points in the questions I had raised to them, so I tried again.

Second time around they blamed the plugin for the problem claiming there were no error messages in the hosting relating to failed email attempts. (But still did not answer the question whether they were blocking it or not).  So I tried again.

On the third request they did find error messages in the email log which also mentioned suspected spamming activity through the contact form on this website.

Website Log

At this point I checked the log of website accesses to see if I could spot anything there. Sure enough something was probing the website 4 times a minute over less than a 2 second period. Humans do not work that fast, so it had to be a bot (computer program running on a compromised server somewhere).

All accesses were from this IP address: 5.188.210.4. Checking that IP address it turns out to a server in Russia. Probably a legitimate server that has been compromised by someone.

Why should you be concerned about this?

From the first time around 7 years ago now, when I started to turn on security monitoring and you could actually see beyond normal website usage, I was surprised to see the volume of illegitimate attempts to access websites.

One of the most common is sledgehammer approach password guessing routines which try to get into your website. 

In this case, something was probing the contact us page and attempting to use it to send spam.  It later turned out that the website owner had received 257 spam messages, but they had all been trapped in the email program they were using. 

Whatever it was trying to do, it was triggering a safety function in the hosting which was stopping or rate limiting messages from this website. So while it may have tried to send thousands of messages, only a few got out. BUT…. it also means that this Russian computer was hitting the website so hard, that it would have affected any legitimate messages coming in through the contact us page. 

When I did my test, it failed, then passed, and then failed for another 10 attempts. 

So, if your junk mail rises for any reason beyond a few messages a day, be suspicious. Someone may be targeting your website, and they may be impacting your website’s ability to send messages. Or said another way, your clients to reach you through your website. The main problem here is there is no warning given, no messages of failed delivery. 

How to fix it

In all of my cases, I work locally in the UK, the audience with a few exceptions are all UK based, and in most cases probably within 50 miles of the location of the entity or charity.  Therefore your website would not be of any interest to someone in India, China or Russia. 

The hosting control panel has some country blocking options. You can block by country. In this case I blocked several countries including Russia from this site.  It is not a bombproof solution, there are ways around it from the attackers point of view, they could return through a VPN or some other path from the dark web. But in most cases it will work. 

In this case some 12 hours later, the server in Russia is still probing the website every minute, which just goes to prove it is a hackers program that is doing this running on a remote server, and probably probing hundreds of sites. However in our case it is blocked at the server before it reaches the website. 

 

IP address is now blocked from accessing the hosting

If you are affected…

If you suddenly see an uptick in spam messages, and they all seem to be related (Russian or Chinese for example) send me a message and I will check. They are a nuisance, but there are ways of stopping them, both at the hosting, preventing access to the site, and adding spam filtering if there are some common themes if you are affected by direct email.

However do not ignore it. If the spam is originating via your website contact form, this may impact your other users.  Send me a message through the contact us page if you want me to check.

Wingrove-Services
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.

You can adjust all of your cookie settings by navigating the tabs on the left hand side.

My privacy policy can be located here: Wingrove Media Privacy Policy (opens in a new window)

My Cookies Policy can be found here: Wingrove Media Cookies Policy (opens in a new window)