Shhhh…Lean in Close…Time to “Reveal”

It’s time for a “reveal.”

On most writers’ blogs when the word “reveal” is used, it’s to share your soon-to-be-published book cover. Not quite ready for that yet.

But, we–husband Bob and me–are almost ready to “reveal” The Writing Studio in its finished state. I first shared images of my studio in this post. It’s been a long process, and I’m so grateful to my designer/builder Bob for the fantastic job he has done.

From the initial planning stages, Bob’s hand has been in the design, placement in our backyard, and materials. These are the things he knows how to do and does well. I’m so certain of his skills and abilities I sit back and wait until he’s finished.

Occasionally, someone (yes, Marian!) would ask about when images would be posted. I would hem and haw and give some silly excuse. But it was just taking time what with doctors’ appointments, medical tests, injuries, physical therapy appointments (both of us!), and more. And until my health began to improve, I wasn’t going to be able to work in the studio much.

I’m happy to say we’re almost there…only a few things remain to be done.

You’ll only have to wait two weeks!

Yes, we’re that close! Can you believe it?

Pictures will be posted of the finished Studio right here on the blog two weeks from today. Yesterday I hung a few items on the walls, looked at what needed to be done inside before the photo shoot (like I’m some kind of professional photographer–not!).

Maybe I’ll even get brave and do the tour in video format. You’ll never know if you don’t come back in a couple of weeks to see for yourself.

Cautionary Tale for All Web Site Owners and Bloggers

Before I begin my cautionary tale, I must warn you it is lengthy but it’s a story I feel strongly I must share. Also, in my story I mention my site host, BlueHost, for whom I am an affiliate. If you should use the link provided below and decide to buy a hosting service from BlueHost, I will receive a percentage of the sales price but it in no way impacts the price you pay.

Why the Cautionary Tale?

Like most of you, I function using a self-hosted WordPress site. What this means in lay terms is:

  1. I want ownership of my site and its content.
  2. I want the flexibility of design choices.
  3. I want to depend on a site host to help me when troubles arise.

You see I’m tech savvy to a degree, but not savvy enough to handle everything related to keeping my site running. That’s where I need a site host, and I chose BlueHost.

My relationship with BlueHost has never faltered, and it continues as a solid foundation for me.

What Happened to Make Me Cautious?

I strive to keep my site safe by using backups, plugins , WordPress and BlueHost advice about security, and general suggestions to protect my site.

A few months ago BlueHost notified its users of the inclusion, at no charge, of site protection against spam, hackers, and other thefts. I was grateful for what seemed an extra layer of protection for free. At the same time, WordPress highlighted a security plugin which also protected against hacks, spam and similar threats, also free.

With both free features in place, how could I go wrong? Obviously this is an area in which I lack the knowledge to understand what features will do exactly what to protect my site and me.

My Cautionary Tale

Here is what happened first

In early May, the WordPress plugin representatives began notifying me of potential malware problems. I contacted them for instructions about what I should do. Their instructions were to send these emails to them and they would sort things out.

A little over a week ago I received an email from the company BlueHost had contracted with to give security. A scan had resulted in this service finding malware on my site. I did what any conscientious owner would do and contacted them.

Immediately, I found myself talking with a sales representative. He, of course, was intent on selling a higher level of protection. And he didn’t start with the least expensive of his software packages. His sales pitch was high pressure.

I decided to give myself at least 24 hours to think about what he had to offer. In the meantime, I decided to contact BlueHost directly.

Imagine my surprise when I filled out the topic on my inquiry with words “malware” and “security” and immediately someone answered the phone from the security company BlueHost had graciously supplied to its subscribers.

It took a couple of chats to actually get to someone at BlueHost who was able to explain the problem to me. He also apologized for the sales pitches, which he indicated BlueHost was troubled by.

And then…

The worst happened. I attempted to get access to my site only to learn BlueHost had shut my site down. It’s hard to put into words how I felt.

Did I make a mistake in calling BlueHost? Likely the answer is no. An email had also arrived while I was talking with their customer representative. So, this would likely have happened whether I had been in contact with BlueHost or not.

What to do next? I called right back to BlueHost. I certainly felt my site was being held hostage for something I didn’t do and would never do.

This time I spoke with a Terms of Service agent who explained what had been found–what is a pharma hack. That’s where someone hacks your site and then proceeds to attach ads for drugs. How was I to know?

Remember those items I contacted WordFence about? I probably should have dug a bit deeper. Likely one or more of those security breaches messed up my responsibility in complying with BlueHost’s Terms of Service Agreement. That was why my site was shut down–failure to remove the hacks.

Fortunately, the agent I talked with knew of an affordable security plan I could buy from the seller of the free security program BlueHost provides. Purchasing this program means scans are performed daily and when something is found, it is immediately removed. As my dad always said, “You get what you pay for.”

Your takeaways

Several things I’d like to point out from my rambling cautionary tale.

  1. First of all, it is important you understand what your security protection is, who is responsible for finding threats, hacks, or security breaches and seeing they are removed, and what responsibility you have in all this.
    • If you have a web design company managing your site for you, this may not apply to you. But it would be good to check to make sure your understanding of your site’s security.
    • If you have a self-hosted site, which means you own your domain and registered it through someone like BlueHost, the onus is on you to be sure you know what is going on behind the scenes with respect to security.
      • Read your host’s service documents, particularly anything about terms of use, terms of service, or something similar.
      • Determine for yourself what your role is in your site’s security.
      • Be aware of getting caught like I did and being shut down as penalty for not doing the above.
      • Whether you are responsible for the hacking, you are responsible for knowing what’s happening on your site and taking care to see that it is cleaned of any damaging materials.
  2. Always make sure any security plugins you use on your site are up-to-date. Also make certain the platform you use (i.e. WordPress, Blogger, etc.) is running its most current version.
  3. Always, always, always make sure to keep up a schedule of backups for your site. You want assurance you are able, if necessary to restore your site. For WordPress, I use a plugin which not only prepares backups but provides recovery.
  4. For reasons only you will know, these security issues should make you think twice about what you have on your site that you wouldn’t want to lose. The first thing that came to my mind were excerpts from drafts of my memoir. Would they be recovered? Yes, they were, but what if they hadn’t and it was something I needed.
  5. The last thing I want to share with you is a post I came across in my search to better understand what I can do myself with respect to any other situations like the one I’ve described. Himanshu Sharma, founder of Optimize Smart, wrote the post, Malware Removal Checklist for WordPress–DIY Security. Sharma lays out in a clear format a checklist for use immediately on becoming aware of malware on your site.

CONCLUSION

The best advice I can offer to self-hosted site owners is no matter what software you buy, which plugins you install, what security plans you have in place, and unless you have a professional site manager who works on your site daily and regularly maintains it, YOU ARE RESPONSIBLE TO YOUR SITE’S HOST FOR MAKING SURE ANY THREATS OF SPAM, HACKS, OR FRAUD ARE REMOVED.

Be safe out there,
Sherrey


Blog Temporarily Out of Order


Without any comments pro or con on Windows 10 upgrade, I dropped off my laptop with the Geek Squad today after having it sabotaged while attempting said upgrade. When it comes back home, I cannot say.

I’m currently infringing on my husband’s computer time by borrowing the use of his. Thanks to him for allowing me to let you know I’ll be “out of the office” all week.

Therefore, no posts, no social media, no newsletter this week. I have lots to share with you when I return–knowledge gained at a writing conference, progress on the book, and more.

Until then, happy blogging!

Notice Any Changes? Here’s Why:

Remember a few weeks ago I talked about the social media and website assessment I had done? If you missed it, here’s a link back to the post.

Photo by Sean MacEntee
Photo by Sean MacEntee

In the website part of her assessment, Frances Caballo of Social Media Just for Writers made several suggestions. Things I’d never thought of as needing help with my website. After studying them, I had to agree with Frances. These were necessary changes.

And here are the changes I’ve made since then:

  • Change text and placement of email widget. What I had in place before was an image of my free ebook above the email signup. Frances pointed out the number one focus on the home page is to collect email addresses. Therefore, I needed to move the email signup below the ebook image. Also, referring to a recent study, she noted website visitors aren’t overly fond of the word “subscribe.” I have removed it from any references to my newsletter, ebook, or blog follows. The benefit in signing up, i.e. my free ebook, is the incentive for signing up.
  • Alter focus of site.To date, I have shared many book reviews, resource reviews, and writing tips and tools. The concern here is whether readers might be confused as to the purpose of my site: (a) to attract writers or (b) to attract readers. Authors should want to create reader-centric websites.

⇒When I began this site, I was barely writing a book. I knew I might want to write a book…someday. In the meantime, maybe I could just get my name out there by meeting other writers. It worked!

⇒Now is the time to focus on people who will want to read, or maybe buy, my memoir. I’m slowly creeping toward that fine line from drafting and revising to editing and then on to publishing. Time to refocus the blog. Be on the lookout for new topics, new material, and more updates on the book.

  • Header image on site. Some time ago I circulated a survey. One respondent mentioned the “template look” of my header image. Frances didn’t see a clear connection between that image and writing memoir. So, out with the old and in with the new. I’m really enjoying the new look.

⇒The old image reminded me of a home that was warm and loving. As a girl, I always longed for that home, but that never happened. I suppose I chose the farmhouse image for that reason.

⇒The new image ties in with the theme of my ebook, Healing Benefits of Writing Your Story. The book cover and header share one thing in common: images of lavender, a natural healing and soothing agent. I also designed the header to include an image of writing tools and one of my mother and me (age 4 months) to connect my memoir to this site.

  • Sidebar and footer. I don’t know if you remember…my previous site not only had a sidebar and a dark footer filling almost the bottom half of the page. I had filled that footer with widgets of all kinds: Goodreads quotes, the books I was reading, information about Akismet, and on, and on, and on. Frances pointed out that the general consensus is websites are moving toward a simpler, cleaner template. I have also read that dark characters on a light background is better for readability. There are any number of articles to dispute or confirm this impression.

⇒I took a few days to study this suggestion. After all, my old look had become very comfortable. But the longer I looked, the darker it seemed. And crowded and like my house cluttered.

⇒It has taken a while, but I think I’ve landed with just what I want. Frances hasn’t seen this yet (at least I don’t think she has), and I’ll be interested to receive her comments.

⇒I have built this redesigned site so that on each page my visitors will find what I would like them to read, focus on, and act on.

Yes, it was time for changes.

I am closer to publishing my book than I was when I began this site. I should focus on gathering my current followers closer to me for support and encouragement while finding new followers who are readers and book lovers who will hopefully find my book worthy.

Somehow, before Frances I didn’t see this. I was too comfortable in that worn out pair of shoes, or a comfy chair, or a pair of yoga pants to see the next step in commanding a presence as an author with a book you or someone will want to read.

After Frances, the fog lifted and I understood–change was in the air!

What about you? Are you too comfortable where you are? Did you need to change something? The possibilities are endless in what we might want or need to change. Share with us, if you’re willing.