- Welcome Guest |
- Publish Article |
- Blog |
- Login
This is a story about a man named Jed. Well, his (or her) name isn't really Jed. I'm changing the name and some details to protect Jed's innocence, privacy -- and future online income.
Anyhow, Jed is clearly a hardworking online marketer. His Web site contains about three dozen affiliate pages representing a healthy range of products in all the right niches: from learning how to work with Google to running background checks to help with computer games to losing weight to music lessons. He has two image folders, and is using a redirect script: when you click on the URL of his site's pages, you end up on an affiliate page.
How do I know all this? Unfortunately, it's not because I know Jed personally. Even more unfortunately, it's not because I read it on his home page. I wanted to go to Jed's home page, but it isn't really there. What's there instead is a list of all his index-level files and folders – an online marketer's worst rookie mistake.
I didn't look inside Jed's CGI, stylesheet, or image folders. But with just one click, I could have -- and so could anyone with a little less honesty and a lot more computer hacking skills. Someone "talented" enough could easily fill Jed's image folder with X-rated graphics, or divert the revenues from his affiliates sales. Or maybe the hacker would be kind enough to leave Jed's files alone and just settle for introducing him to a big infectious computer virus.
Something similar happened in 2009, but on a much larger scale. After the elections in Minnesota USA, the Federal Bureau of Investigation and Secret Service investigated one of the candidates: as illustrated above, his database of donor contact and credit card information was published online. The candidate blamed politically-biased hackers, but the fact is that his campaign's designated computer geek had made the exact same mistake that Jed did.
Neither of them included an index page in their site's root folder.
Follow this simple little rule, and you'll pretty much eliminate the chances of being hacked: Make sure all your site's root folders contain an index.html or index.php file, and for extra safety, the file should include a script redirecting to your site's home page. It turned out that the political campaign did not store the credit card information legally – but if had there been an index file in the database's folder, no one would have known!
If you’re an aspiring affiliate marketer who isn't Web savvy, don't worry – there's a way in which you can not only learn legitimate online marketing techniques, but also receive Web hosting, Web space, and pre-formatted sites that you can publish within minutes – minus the rookie mistakes.
I have seen this rookie mistake many times. Build websites with wordpress and cut down on this problem!
Hi - thanks for this but could you do me a favor please? I have no clue what is a root folder, an index.html or index.php file. Whilst I fully understand your message and the seriousness of it I cannot translate the message into action that I can take. Apologies if this sounds blunt because it is not intended to be at all. I just would appreciate a little help to implement the approach you feel is so necessary, Thanks Keith
A root level folder (also known as a directory) is one that is directly inside your domain. Its URL would be yourDomain/rootFolder. Unless they're part of a program like WordPress, all root-level folders should contain an index.html file, which is what you should see when you type in the URL yourDomain/rootFolder or yourDomain/rootFolder.html Without it, you would see a listing of the contents of the folder.
I use WordPress for all my blogs, and yes, you can rely on it in that respect. But it's your other root-level folders that may not be safe. For example, I keep all my videos in a separate root-level folder. But it also contains an index file which contains both a link and an automatic redirect to my home page. Anyone who manages to figure out the folder's URL literally ends up right back where they started!
Article Views: 506 Report this Article