Busy with little projects made us miss our 5th year
We’ve been so busy trying to keep up with Life, our clients, new technical standards, product updates and wannabe hackers using all sorts of crawlers against our site, that we missed our 5th Birthday. A big one for most.
Seems every day I try to do these things in between call outs, and yet I get pulled back to our Live Traffic screen looking for the next silly little attack. From fake Googlebots hitting a URL what isn’t associated with any of our servers to an attempt to upload a config file, It’s getting silly and now I’m banning entire countries for it.
As you may have noticed, Auto Posting works again (with the exception of Google+, as automated posts can only be shared to page privately thanks to Google removing useful settings for some bizarre reason.)
Lots of new items going up in Next product update (Wednesday!), A quick look through the list and I see Gaming chairs, Gadgets, and an iPad listing.
Crawler, Spider rules? I’ll work on that later I said a few weeks ago. Bad idea.
The crawler rules should have been set before connecting up the domain name, thought I could get something in there later on.
We’ve just had a whole day (Monday night/most of this Tuesday) of a botnet attempting to overload XML-RPC files with logins. Those got blocked automatically. Then the odd looking user agents of bot’s which I’ve never heard of appear all over logs. BaiduSpider appears every hour or so, see’s it’s not allowed in robots then clears off again, So much for ‘we obey that rule’ from their help pages.
Since then we’ve been hardening backend, frontend, technicals and setting up additional protection.
There is no data to try to get at, my main concern is someone trying to use the site as a launchpad for an attack elsewhere. If that did happen I’d probably look at capturing as much evidence as I can and sabotage it.
Our robots.txt currently consists of
Which basically says ‘any user agent should not see anything past the home page’. Obviously adding exceptions along the way for Googlebot and more disallows for Baidu.
List of spiders what ignore Robots and .htaccess methods.
Baidu (so far ignored 7 variations of blocks)
random unheard of’s with a ‘mission statement’ to check SEO/links and security.
random unheard of search engines probably used to profile sites for exploits.
And this week’s bonus!
Hackers were also trying to sneak in too. Annoyingly they still seem to be trying, wasting my time having to look at traffic logs to block them (which does nothing in the end). I did not buy a bigger server for some horrible kids to practice their ‘hax0ring’, if it continues then they can pay for it.
Luckily, most of it got filtered and deflected. So additional bandwidth wasn’t needed
We’ve taken a few days to make sure everything’s working right and getting that fresh start. I really don’t want to be moving, or see 10gb of product images again. Especially duplicates!
We’re still adding the parts to the site. With products going up this week, and SSL should be working. Some configuration is proving to be a headache (email server, looking at you.). With the faster product update times, the automated upload can be worked on.
The site should be much faster and more stable now, the only thing what didn’t make it across was image paths (slowly adding them again). I might even jazz up some pages over the next few weeks, home page definitely needs it.
Time to think about doing that back up, that important stuff. Really, do it.
The majority of the last few weeks jobs we’ve had has been recovering data and Windows from damaged drives and filesystems. While I continue to look into faster and more efficient methods of carrying this out, It isn’t going to work for much longer.
Ransomware and Hard Drive failures are the main concern here, both are increasing in visibility on our job sheets.
Let’s have a quick look at some back up options:
Veeam is a technical/endpoint solution which can automate machine imaging in every environment. Ideal, as it will trim out temporary files for size and images, can be put straight on new hard drives. Regular images will offer some ‘step back’ recovery from Ransomware attack or drive failure.
File History is built into windows but not enabled unless you have an external or second drive. It will only keep a reversible copy of each file for a short period, likely to back up infected or ransomed files.
Cloud drives, such as BullGuard back up, Onedrive, Google drive, etc. Will sync documents up, and run the possibility that ransomed/encrypted files will be synced as well.
Macrium Reflect works well during our recovery jobs to image drives. Ideally, put the imaged drive on external storage. Reflect will also mount images as a drive, so you can pull each file out. Automation is possible with schedules
DVD backups of important files would be the most secure and quickest way to get your documents back. Windows Backup can be scheduled to do this, but takes up so much system resources.
Some preventions are being developed and should be ready in a few months.
MalwareBytes have an active beta and will be putting working samples into their main AntiMalware products.
Some 3rd party ‘blockers’ are available but might be ineffective as Ransomware changes.
We’ve also seen reports of a Master Boot Record encrypting ransomware, Which means instead of certain files getting encrypted, a part of every file will be encrypted and prevent system boot or access. While rare at the moment, worth preventing now.
After Christmas, 2016 seems quiet. Few leftover projects to finish off are slowly getting chipped away at.
On the cards for 2016:
Revamp main pages of site, add some automated functions like seasonal sliders in.
Finish System Builder plugin (technical parts are 80% done, tidy up code and visuals to go), work out if we can market it, or release it and hope for donations.
Review what services we offer via freelance sites, some of the stuff I’ve been asked to quote for are just absurd for the low budgets.
More guides for Excel, Access and the like.
Shorter blog posts, and them actually being pushed to Facebook, Twitter and the rest… with less arguments! Hopefully a 10 minute write-up for a news/update post, add 15 minutes to find a decent image and sort out meta’s. Ironic as this one has taken weeks to perfect..
Looking at using eBay again for in stock products, running out of space to keep parts for 6 months.
Still a fair bit to do on the back-end of site, along with more blog posts to make sure I’m still alive. Coffee should see me though that!
We hope all our customers, followers and visitors have a good holiday and a great start to 2016.
Just don’t try to feed your computer cake.. Especially since sugar can badly damage circuit boards.
We’ll be closed today from 3pm until January the 4th, we’ll still be watching emails so queries should still get answered over the holidays.
From the 4th we’ll be readying our first version of the new Computer Builder plugin, and deciding how we can recover development time on it, looking at Donations or a quite low price on CodeCanyon.. Still not sure entirely. We’ll also be looking at fixing our comments system which seems to have ejected itself, as well as the eventual server move.
A quick(ish) November update. It’s freaking cold. Projects keeping us busy, and there’s lots to do still.
Custom Computer Builder progress
I keep saying that a Custom Computer Builder is coming.. Time goes on and our development always hits a snag, either infrastructure coding or ease of use issues. November see’s a new version started..
So far the Product Builder adaptation is the most advanced version I’ve come up with.. But if you are using it for the first time and don’t know anything about what parts you need, it won’t help. Its far too confusing and there’s no flow, you’ll end up with a PC having 6 motherboards or something strange.
Another idea I had for this problem is use product tags, which requires a flow what will use them.
The new plan is to start with a custom page which the Flow starts in, user choose the scenario the PC will be built for and moves onto Case choice. Case choice determines size of board (narrows down choice). User chooses CPU based on Scenario (narrows down CPU type, speeds, board choice), Hard drive size(multi choice) Ram (up to 32gb), OS and last/additional options. Then the flow will recommend a PSU based off the CPU type, video and device count. High end Video cards take up the most wattage so that part could be the easiest to do. This will be worked on through out November and possibly ready after New Year.
Mobile device repairs.
Speaking of Flow, we’ve integrated part of some ticketing software into our page. This hopefully should guide users into identifying the basic issue and alerting us to provide a quote. Works reasonably well but I’d like to add some prices to parts and whether I have a spare in stock..
All products (except for the odd 250 70 I’m still adding information to..) should be up to date now. We’ve worked out a dating system so products what aren’t in stock and not matching upload date are considered ‘out of date’. We hope to be uploading the stock file weekly and automate when we can.
Still considering a VPS, or a generally improved environment. Since mulling this, the current server seems to have behaved itself. The things worrying me about current server is PHP updating and CRON. Website layout and categories will be redone between November until Christmas break.
More later, Still attempting to post more regularly, until then more coffee!
If you are a TalkTalk customer, I suspect you would probably be panicking about what’s been in the news over the last day or so.
I do try to steer people away from TalkTalk if I can, usually when they ask ‘whats a good ISP/broadband provider’. It’s a case of you get what you pay for.. and usually less than £2 a month for broadband brings up imagines of monkeys throwing stuff around.
Here’s some quick tips to recover your TalkTalk accounts, prevent more damage and hopefully protect yourself a bit more.
Change your passwords.
You should do this immediately, if you use the same password on other sites change that too. Look into using a password generator (Lastpass generator) or manager (such as LastPass or Chrome’s builtin one). If you have forgotten your password or can’t change it, contact TalkTalk.
Check your mail accounts for added users
Spammers may take advantage and either send malicious mail as your account name or account mailbox. Remove suspicious mailboxes and change passwords on your existing ones.
Check your mail filters and rules to make sure your incoming mail isn’t being forwarded elsewhere too.
The not too sure stuff
TalkTalk say there is a possibility that personal information such as Names, Addresses, Dates of Birth, Account information and payment information, but haven’t confirmed. Check the paying bank account as a precaution.
This has happened before a few times where information has been stolen and used in Phone scams such as ‘Microsoft Technical Support’ and PPI’s. Unfortunately there’s no way to track these down using withheld numbers, and most likely out of OFCOMM’s territory if they didn’t hide it.
From the looks of a quick glimpse at dumped data, it seems to be plain text rather than encrypted output. Encryption might have been applied but no good if the attack was inside the servers, or the encryption methods were also hit.
I’m returning to an old project in an attempt to make it worthwhile.
Basically, it’s an array driven visual product chooser, with some customization options to help in almost every sector of selling. It started out as a Computer builder, but can be used to make anything.. Camera kits to picnic baskets.
By choosing a parent category, it read what products were in each and presented them in a grid with switchable category buttons. With an ‘add to cart’ button and information panels on each product, the page called ‘minicart’ into the sidebar to show the user what they choose before and keep track of it all.
The upcoming version 1
As my first plugin, and a sort of mash-up of a previous plugin, there’s a fair amount of redundant functions and code. A fresh start with the install script and functions, try to trim everything back to core functions. I’d also like some item restrictions to help users.. like Only choosing 1 case, a limit of 4 sticks of ram etc.. At the moment, a user can choose multiple of every case to add to their system. One fix for this was to adjust the standard Minicart to have a ‘remove item’ button in theme, a fix which will be outdated when WooCommerce updates that file in their core.
The fixed amount solution, when solved will complete V1, updates are being done on Github to tidy up code in preparation for the finished version.
Ideas for Version 2
Currently, it looks like this:
I’m looking at other styles such as a drop down select for each category (choose a name with associated price and it appears beside) or an image button of the product with the meta (price/info) appearing in a layer when the mouse hovers over it.
The drop down selection (or even radio buttons) would be better suited to prebuilt systems which can be customized. This requires a sort of ‘Custom Product Type’ what doesn’t work well with WooCoommerce (unless you like a big yearly subscription for their own solution which I can’t even see works how I want it)
Anyway, brief Work In Progress on this project, and aiming to make something work. In its Current state I will be tidying up code and releasing as V1 on Github. V2 will be a product based solution and not Array (hopefully), as such maybe a paid plugin, or partly free with paid addons. Or the extreme route I thought up the other day of ditching Woo and going with our own cart/inventory system, that would be a long few years.
Upon investigating how Variations and Attributes work, it seems there is no ‘out of the box’ solution at all (unless you want to pay yearly for something what doesn’t look like it’ll do the job, adapt per product rather than have the choices all available when you start..). It’d be nice if we could select categories as attributes to save us importing component information again and have something dynamic.
The Process would be:
Call an array of products, tags of whats compatible which each.
place products in presentable drop down or button/radio selections.
Show user information on products, prices and/or compatibility information.
save selected options to an array, calculate the price and update dynamically.. Or automatically move items to cart and update each time user choose something.
As you can see. Not easy with a set of non-focus choices. Still lots to do for it, hoping to solve the amounts issue by end of the month (July) and start the new version early September.
As you expect a bit more information before anything happens, Microsoft has decided to drop it all today.
Had a prompt about Windows 10 today? It’s not malware or a virus, it’s actually Microsoft’s announcement that you can reserve your upgrade to Windows 10 on that machine. This was done via a Windows Update a few days ago.
Bit of a surprise for us too. We weren’t expecting anything until August. and with Windows 10 being available from the 29th of July? Well that’s thrown our estimates of September out of the window too.
The main features include the return of the Start menu, with some tile functionality still in there. All new web browser called Edge, dropping the Internet Explorer name. Device synchronization and sharing ability with Xbox One, Surface tablets and Windows Phones joining the upgrade.
For a quick overview, Microsoft made this YouTube video
If you do reserve your free upgrade, you have a year after the 29th of July to install it.. Meaning if you want to wait to see what happens, you’re more than welcome to.
Finally its summer, meaning hot (estimated) weather and not so ideal conditions for computing.
There’s still lots to do for us, from plotting newly thought up projects onto the starting table, to finishing off old ones in PHP/HMTL.
Our PC builder plugin took a seat on the back burner for a while, was looking at using Woo’s API for it but turns out so many functions needed are not there. The front end part didn’t look very good either without some sort of field/form management, and didn’t play well with dynamically calling products.
We are looking at a server move, we’ve outgrown this simple hosting package and its showing. Likely to take place around June to August over the course of a few days.
A warning for all users
We recently worked on a Laptop for a client, and caught a potential fire hazard before it got too bad. We noticed the bottom was all cracked and warped, and assumed it’d been sitting near a radiator while in use.
Originally it came in with Malware/virus issues, after 5-10 minutes of running programs we noticed not much airflow and a smell of hot plastic confirms this is an internal problem. We opened it up to find dust, but fans working correctly. Further dis-assembly found more debris in between cooling fins, and while the cooling unit was out we dusted it completely and reworked CPU/Heatsink connections and paste.
Re-assemble and its so much cooler and happy. Reported the issue and resolution to the customer and they had not noticed it ever getting hot.
Let that be a warning, doesn’t take a minute to wave your hand all over your laptop to make sure it isn’t going to catch fire. Same goes for desktop users, try hovering a Hoover (Vacuum Cleaner..) pipe around the vents (while its OFF) to temporarily unblock the airflow.
Anyhoo.. (is that even a word?!) I’ve been told I spend far too long writing these far too long, and people lose interest.. So look out for more frequent small updates!
February almost over, and a small break of a few, cold days allowed us to get buried in code again..
It’s a fairly hectic few months, with determination to crack on with a few personal projects as well as supporting our customers. January went very well for us, apart from we got no Christmas rest.
Work still continues on the much thought about ‘Computer Builder’, We’ve had a massive push at various methods and learnt some ways how not to do it. One method resulted in another ‘bundle from stock’ type of product type for the store so we are looking at making that into a plugin for other store owners. Basically shows you what products (from inventory, with full links etc..) are in the product bundle, selected from the back-end.
Our Visual Computer builder plugin is almost ready for release, our development version is up on Github! However, this is more suited to building a picnic basket than a computer, it’s just too much choice on the screen at once.
Automated product updater will be taking longer, our current server is missing a crucial part for this to work.. namely the service what automated tasks run off.. (Hence why none of our scheduled posts fire..).
Pages need refreshing, and our social media presence needs a bit of a boost with activity, we’ll get right on that when coding starts working!
We have some new brands from supplier and some promotion to do!
Keep Out! is new brand and will soon have products the shop, mainly for gamers with various accessories.
The Cougar range is expanding with a pre-designed system coming soon. Always liked Cougar’s cases for the room and the full specifications they publish.
Many articles to update (Thanks BT for changing fibre roll-outs and adding more complications..) and to come, some Woocommerce/WordPress tutorials for people who use it or develop with it.
Thought I’d quickly post to make sure people think we’re still alive.
November started busy with odd jobs all around and what looked like a mini surge in virus outbreaks, which quickly disappeared. Towards the middle of November we had a lot of requests for quotes for new machines and equipment, and the end of November was a downer with a few Cold bugs playing havoc with my migraines and generally just sapping my energy. Some of which still affecting me
We’ll be shutting down for Christmas around 19th December, with emergency call outs for up-to 24th. Hoping to be back on the 5th of January all fresh and ready. Our downtime will hopefully help us get some accounting out-of-the-way, organization, and catch up work on new projects and products.
We are also aiming to bring a ‘Support portal’ up after Christmas, which includes a remote support session manager for those quick configurations and potential training sessions.
We’re also looking at offering phone and tablet screen repairs since we’ve had some success with them over the last few months.
Still working on our PC configuration, the one we previously built using so many queries seems a bit resource intensive and not very easy to use. Hopefully by splitting it all up into easy choices should cure-all that.