Share Update New List 12 Backlinks Gov High Pagerank Dofollow work in 2015 for everytime3002.blogspot.com Backlinks Dot Gov Best Backlink Sites for your blog, in March Share Update New List 12 Backlink Site High PR dot Gov, 12 Backlinks high quality backlink sites from dot Gov. 12 Url free quality backlinks sites dot Gov Work in March 2015.
Previous Post "Update New 11 Backlinks GOV Dofollow 2015 " Update New 11 Backlinks GOV Dofollow 2015 In Table Update New 12 Backlinks dot Gov high pr backlink sites - 12 Free high pagerank backlink site for afbluemountains, High PageRank Backlinks dot Gov Dofollow Free in March 2015 for everytime3002.blogspot.com Tip How to Get 12 Backlinks dot Gov high PageRank backlink for your blog? I finish Check 12 Backlinks dot Gov in this table bellow, and Get 12 Free high PageRank backlink site dot Gov Dofollow work in March 2015:
46 Auto Submitter Backlinks dot Gov Tip Create Direct Backlinks Website dot Gov - Auto Generate & Open New Tab Direct Backlink from dot Gov, use in this top form and get 46 Best Backlinks dot GOV work in 2015
Share New Update 11 Best Backlinks dot Gov Dofollow work in 2015 for everytime3002.blogspot.com Best Backlink Sites dot Gov for your blog, Share 11 Best List High PR Backlink Site dot Gov, 11 Best high quality backlink sites from dot Gov. 11 free quality backlink sites dot gov in March 2015.
In Table Update 11 Backlinks dot Gov high pr backlink sites - 11 Free high pr backlink site for everytime3002, High PageRank Dofollow Free in March 2015 for everytime3002.blogspot.com How to Get 11 Backlinks dot Gov high pr backlink sites? I finish Check in this table Backlinks dot Gov bellow, and Get 11 Free high pr backlink site Dofollow work in March 2015:
46 Auto Submitter Backlinks dot Gov Tip Create Direct Backlinks Website dot Gov - Auto Generate & Open New Tab Direct Backlink from dot Gov, use in this top form and get 46 Best Backlinks dot GOV work in 2015
How a website's content is displayed can spell the difference between being popular and obscure. Anything that looks chaotic or hardly readable is never going to be anyone's favorite. This is why content must be displayed in an organized, easy to follow and straightforward manner. Nothing works better than a structured grid, in this case.
Posts listed in grid view provide an excellent viewing experience for both the blogger or website owner and the visitors. This is especially true if the grid comes with images that would play with a person's visual inclination. What is great about grids is the seamless and smooth layout, complemented with a structured yet simple architecture. This makes it easier to navigate through a blog archive or product page. The style also enables a website owner to present posts in a more artistic and informative manner, without delving into the details. Suffice to say that a grid view demands creativity to be effortlessly mixed with functionality.
How views can be switched depends on a number of changes in a blog's codes. Some are fairly easy to implement, while others can be a little complex. Not to worry, as there are guides that will be provided. Grid styles also come in huge varieties, with each one designed to cater to a specific audience. Now, are you ready to go on the grid?
Features
What features can you expect from a grid style post in Blogger?
All the posts will follow the grid style when switching to grid view.
While the codes are being customized, the posts are left untouched. Their length, however, could be changed accordingly.
Auto Read More will be applied on all posts.
Thumbnails are automatically added based on the first picture found in each post.
Code is secure and is used across the board. In fact, 99% of bloggers are using a similar code to enable grid style posts in blogger.
What are the benefits of grid style?
Quick loading time of posts. Since only the snippets are loaded in certain pages, or a thumbnail and a caption, pulling up a blog archive would be quicker. When loading time is decreased, user experience is greatly enhanced.
Professional-looking blog. Without the chaos and concerns on readability, a website can look really clean and professional. Combined with the right colors and images, it can also leave a visual impact.
Improved website ranking. Because visitors have to click in order to view the rest of the post, page views of a site will significantly increase. This makes for a better SEO strategy.
Although changes to the CSS codes have to be made to implement the grid style view and make it compatible with a blog's template, all the work will be worth it once it is up and running.
Important: Before anything make sure that you backup your Blogger template! If have encounter any problems with your edits, you can revert the template back to its previous condition by restoring it from your backup. For this, go to 'Template' in the left menu > click on the 'Backup/Restore' button in the upper right corner and press the 'Download Full Template' button - choose where you want to save the file on your computer and click the 'Save' button.
Now we can safely proceed with editing our Blogger template. If you run into problems, just revert back to your saved template.
How to Create Masonry, Grid Style Posts in Blogger
Step 1. Log into your Blogger dashboard and click on the blog where you want to apply the grid style.
Step 2. Go to "Template" located on the left side of the screen and press the "Edit HTML" button.
Step 3. Click anywhere inside the code area and press the CTRL+F keys to open the search box, then type the following tag inside the box (hit Enter to find it):
</head>
Step 4. Now copy the script below and paste it just before the </head> tag:
Step 5. Find the following code snippet using CTRL+F or Command + F:
<data:post.body/>
Step 6. After pressing the "Enter" key on your keyboard, you may find three occurrences of the above code, replace only the second and the third one with this code below:
Please note that the masonry layout might not work if you have a customized template, also older posts will appear vertically (from top to bottom) instead of left to right.
Step 8. Click "Preview" and if everything looks fine, press the "Save Template" button.
That's it!
Implementing a grid style view has its pros and cons, but the benefits clearly outweigh the disadvantages. The fact that a website will look visually appealing and professional when set in grid style, is already enough to boost its online reputation. An increase in page views is just the beginning. With the right images and content, a blog will also have better SEO. Most importantly, implementing the changes is not as complex as some might think. With a step-by-step guide available, adding a dynamic view switcher would be completed in no time.
After I received the files two things became apparent:
the webserver (and thus the website) was infected with C99shell;
the webserver was infected with other PHP backdoors.
Analysis
PHP/c99shell or simply c99shell should be well known by now - it is a PHP backdoor that provides a lot of functionality, for example:
run shell commands;
download/upload files from and to the server (FTP functionality);
full access to all files on the hard disk;
self-delete functionality.
...
In short, it can pretty much do everything you want, which results in end-users getting malware onto their systems and/or data getting stolen and/or personal information compromised.
Detections aren't too great for this PHP backdoor, but it surely has improved since Malwaremustdie started blogging about it, some VirusTotal results: 0, 1, 2.
As I mentioned before, other PHP backdoors were present, for example:
After some manual decoding, we turn up with the following interesting line:
getenv(HTTP_X_UP_CALLING_LINE_ID);
Another example:
getenv(HTTP_X_NOKIA_ALIAS);
The "x-headers" HTTP_X_UP_CALLING_LINE_ID and HTTP_X_NOKIA_ALIAS are actually part of WML, the Wireless Markup Language.
Thus, this PHP backdoor seems specifically designed to target mobile users. I've put a copy of the script in screenshot above on Pastebin as well: Unknown PHP backdoor
If you have any information on what kind of PHP backdoor this might be (if not generic), feel free to let me know.
Disinfection
What if your website's already been hacked and serving up malware to the unknowing visitor? Best practice is to simply take your website offline and restore from an earlier back-up. (don't forget to verify if your back-up isn't infected as well!)
If that's not a possibility for whatever reason, you'll first need to find where any malicious code was injected (or created) on your website, or how it was infected in the first place.
An easy way would be to simply check all recently changed files on your web server. However, those dates can be altered. So what's a better alternative? You can comb over the files one by one, or you can use an online tool to check your website.
A short overview:
http://sitecheck.sucuri.net/ You can use Sucuri's SiteCheck to quickly spot if they detect any malware, see if you're blacklisted and, the most useful part in this case is to check whether or not you have any outdated plugin or CMS running - as well as a list of links.
http://aw-snap.info/file-viewer/ Use Redleg's file viewer to easily see if any malicious iframes have been injected - you can even choose which Referrer and User Agent should be used (some malware requires you to visit the site via a specific Referrer or User Agent).
http://www.rexswain.com/httpview.html Useful additional tool to Redleg's file viewer. Allows you to only fetch headers of a website, or fetch both header and content.
http://jsunpack.jeek.org/ Excellent tool in case any malicious Javascript (iframe) is injected into any of your web server files. Less intuitive, but provides a great overview.
http://urlquery.net/ Excellent tool and more graphical as opposed to JSunpack - especially useful is to see if any IDS was triggered as well as JavaScript and HTTP Transactions.
https://www.virustotal.com/ As usual, VirusTotal is a great resource as well - it can pinpoint which Antivirus (if any) is triggering an alert related to your website.
https://hackertarget.com/wordpress-security-scan/ Online WordPress Security Scanner to test vulnerabilities of a WordPress installation. Checks include application security, WordPress plugins, hosting environment and web server.
https://github.com/nbs-system/php-malware-finder NBS System's PHP Malware Finder does its very best to detect obfuscated/dodgy code as well as files using PHP functions often used in malwares/webshells.
If nothing is found using any of these tools, but you are still receiving reports from either blacklists (eg. Google) or users, you'll have to manually go over all your files to see if any code was attached.
If you're hosting a web server yourself, you obviously know where you've installed it, so be sure to check in there. If you're not sure where it's installed, may want to look in any of these default locations, if they exist:
Linux:
/var/www/
/var/www/html
var/lib/tomcat7/webapps
Windows:
C:\inetpub
C:\inetpub\wwwroot\
...
Another method (and obviously not foolproof) is to copy over all your files to a Windows system and scan them with an antivirus. An example of such antivirus, which works on both Linux and Windows, is ClamAV. I think you're starting to realize why back-ups are important.
If you had any outdated plugins running, chances are very high the backdoor or script was created/added in that specific directory. For example for WordPress this is typically: /www/wp-content/plugins/
You can also install a plugin for your CMS which can scan your web server for any infected files. (Which is ironic, but might still do the trick should you not be able to find anything manually.)
Last but not least: check your access logs! See any unauthorized (FTP) logins for example? Take a look in any of these locations:
/var/log/httpd
var/log/nginx
/var/log/apache
/var/log/apache2
You may also want to take a peek in: /var/log
Contact your hosting provider - they might be able to provide you with assistance.
If you're still stuck, feel free to shoot me an email or contact me on Twitter. Otherwise, contact one of X companies which can help you assist in clean-up.
Don't forget: after clean-up, reset all your passwords (and don't use the same for everything) and follow the prevention tips above, or you'll simply get infected again. Additionally, always install relevant security patches or updates for your operating system if you are hosting the web server yourself.
Prevention
This shouldn't be repeated normally, but I will again just for good measure:
Create back-ups regularly! Yes, even for your website.
Keep your CMS up-to-date; whether you use WordPress, Joomla, Drupal, ...
Keep your installed plugins up-to-date. Remove any unnecessary plugins.
Use strong passwords for your FTP account(s), as well as for your CMS/admin panel login.
Use appropriate file permissions - meaning don't use 777 everywhere. (seriously, don't)
Depending on how you manage your website - keep your operating system up-to-date and, if applicable, install and update antivirus software.
Consider using a tool like Splunk to monitor your access logs.
Consider installing a security plugin. For WordPress, you have a plugin called All In One WordPress Security which has a ton of options to better secure your website.Don't forget to keep this one up-to-date as well.
C99shell is obviously not dead and neither are other PHP backdoors - or any other malware for that matter. Securing your website is not only beneficial for you, but also for your customers and other visitors. This blog post should have provided you with the essentials on securing your website and cleaning it up should it ever be infected
Repeating: best practice is to take your website offline and restore from a back-up.
Price continues to consolidate around the 2015 lows, without reaching MAJOR Support around .7567
Unless there's a breakout above the Monthly & Quarterly 50% level @ .7937, there is a bias to move lower.
Keep an eye on next week's Weekly lows, as a thrust pattern upwards from those lows (Random support) and a breakout above the Weekly highs, can see a Quarterly recovery towards .8311
Commodity prices holding back the AUD (Read GOLD & Silver Reports)
