Looking for web hosting? Want to know where MiniSiteGallery.com is hosted?

Your Website Got Infected with Malware? Get Sucuri!

November 29th, 2016

So you woke up to day and found your website like this?

Yeah… it can be a pain. Not only your website is not working. It is also being blacklisted by Google.

Basically your website has been tempered with and now contains malicious snippet of codes for your website visitor. Because of that, Google blacklists your website and also browsers prevent users from opening them.

How did it get to this?

Well, there are many ways. First, maybe there are PHP scripts in your website that is not secure and provides opportunity to attacker to come and temper with your website. I have heard of cases where people download PHP scripts from “alternative” sources, avoiding payments. This maybe PHP scripts, WordPress plugin or themes, and many more.

And the guy that provided the download actually added some of his code in there which will allow him to do things on your website. What could this be? Well, maybe capture visitors’ information, replace your page with a different one, send spam emails from your servers… the possibilities are endless once they have access.

It could also be that your website was actually hacked. How, well, again… numerous ways.

Another way that I discovered on how this could’ve happened is with a technique among hackers called “domain jumping”. You see, normally each website on a server has its own folders. A malicious script on the server could potentially trigger a command to see what are the available folders and start going into them one by one and infecting websites. When something like that happens, it is the web hosting company’s responsibility to fix them. But then again, you can’t really rely too much on them. It is better you take your own steps to fix this.

Sow What Do I Do Now?

I got this problem some time ago. And it was really a pain. I cleaned it all up myself. I downloaded EVERYTHING from the server. It was almost 1GB in size for everything. That took a long time. And then, I had to go through every PHP file to check what’s inside. There were thousands of files, over 10,000.

After a few files, I could see a pattern. And it is not one pattern. There are several. From what I can gather, I am not infected once, but by many types of malware. The goal is to remove the malicious codes from your PHP files. Seeing the pattern, I wrote a simple script that would crawl my downloaded website, open PHP files and check the content, trying to find codes that match the pattern for malicious codes that I found earlier.

The huge pain was when I found new patterns. And when I do, I would have a to update my script, or write a new script to crawl and fix all PHP files again. I think I ran my script maybe like 10 times through all the PHP files that I download.

You would also have to find “newly” create PHP script, that was created by the infected PHP script. These new PHP files are actually backdoors created for the attacker. Sometimes it is hard to find these backdoors as their name looks very much similar to your normal php script. For example, it could be like config.php or settings.php, or it would be mimicking an actual important file. So you can’t simply just delete it. You would need to check them, find out and be really sure before deleting them.

When you are done, of course, there uploading work again. Just how you download them, it would take just as much time to upload them back again. Most internet has different upload and download speed, where upload speed is much lesser than download. That is what my ISP has for me. So this time, uploading takes a lot longer than download.

At first, I thought I did a good job after almost a week, day and night, fixing it. But then, the problem reoccurs. And all that my web hosting knows is to shut down my website. It appears I missed a few things. So I did this process all over again. Download, fix, scan, find, delete, upload …

At times, I think perhaps the web hosting is the problem. It could be that domain-jumping thing… maybe other people’s website on that same server was infected. And the script can scan and crawl from folder to folder infecting other websites in the server. But of course, the web hosting would deny this.

Don’t Forget Submitting a Review for Google Webmaster

Oh yeah … after all that, your website may still be blacklisted by Google. What you need have your website added to the Google Webmaster panel. And then you need to submit for a review by Google. They will deploy their bots to check your website. And if everything is OK and clean, they will remove you from the blacklist.

More on Google Review here

In the end, I moved my website to another web hosting. But now, I found out about a service that can take care of this much faster, easier — just that you would have to pay for it. But even so, it wouldn’t have take much painstaking time on my hand. The service is Sucuri.

$299 To Fix Your Malware Infected Website, With Active Monitoring And Re-occurrence Clean Up For One Whole Year. Your Website is Already Infected? No Problem! No Extra Charge.

At first I thought Sucuri acts like an insurance — They don’t cover pre-existing conditions. But no! They take it all in. Whether you are already infected or not, the price is the same. And even if your website is not infected with malware, Sucuri will proactively monitors and prevents it.

How does it work?

If you are already infected, just subscribe and follow their guide on how to submit for a cleanup.

After that, for active prevention and monitoring, you have to update your DNS to divert traffic via their network and servers before going to your website. This will act like a firewall for your website where Sucuri will prevent attacks, such as DDoS, hack attempts and more.

If the firewall fails to prevent it, and your website is infected with malware, just submit a ticket to get your website cleaned up.

I think Sucuri is definitely a friend you want on your side, if you want to avoid wasting time and money fixing it, submitting for Google Review and also not to mention the amount of money you’ve lost due to downtime. If you run an e-commerce, that could mean thousands of dollars of lost sales. Or if you run a blog, that is also advertising revenue lost.

Anyway, I hope you will check out Sucuri. Setting up Sucuri may get slightly technical with DNS, FTP and what not. If you get Sucuri via my affiliate link, and you need help setting up your Sucuri, just get in touch with me via the comments. I will do my best to help you with it.

DIPPEC, New PHP Script for Selling Digital Products using Paypal

January 11th, 2015
DIPPEC: PHP Script for Selling Digital Product using Paypal

DIPPEC: PHP Script for Selling Digital Product using Paypal

A few years ago, I wrote Simple IPN, a PHP script for Paypal and digital products. But Simple IPN is a simple script that using the Instant Payment Notification (IPN) API, and it doesn’t even need a database. I decide to release Simple IPN as open source last year. And it is available on Github at https://github.com/kidino/simple-ipn.

But at the back of my mind, I have always thought that I can do something better for my readers and customers. So today, I would like to introduce to you DIPPEC.

DIPPEC, unlike Simple IPN uses Paypal Express Checkout API. Paypal Express Checkout API has a lot of advantages over IPN. For one, it is more secure and is not open to form manipulation like IPN. Another thing, because it uses Paypal Express Checkout, DIPPEC can tell Paypal to use a mobile checkout interface when the customer is on a mobile device like smart phones or tablets.

Other than that, DIPPEC also comes with a comprehensive user interface for you to manage your products, sales and customers. If you have used Simple IPN in the past, you know that there is no interface. It was meant to be really, really simple. But then again, it lacks some important features.

Setting up DIPPEC is really easy. DIPPEC comes with a web-based installer to help you create the tables in your database. DIPPEC is also really easy to use. It is meant to be used with a shared-hosting account. So you don’t really need a powerful web hosting like Amazon Web Service or DigitalOcean.

When all is set up, to create a product is really easy. It is only a three step process.

First step, create your product and tell DIPPEC your product name, price, currency and download expiry.

Second step, upload your files for this product. DIPPEC’s easy drag-and-drop interface makes uploading your product file painless. There is no need to launch your FTP client. Just do it all in the browser.

Third and final step, you can begin selling. Each product that you create in DIPPEC comes with a Buy Link URL that you can use in your own website or in email. You can also use the built-in Sales Page that comes with each product. You can just send your visitors to this Sales Page and they can buy from there.

And when a purchase occur, DIPPEC will take care of the rest. DIPPEC will create your customers unique, expiring download page. It will also send your customer an email with their download page URL. And you can relax by the pool, and check your sales via DIPPEC’s admin panel if you want.

Alright, enough talk. Why don’t you just have a look for yourself. Before I send you there, let me also tell you that you are protected with a 30-day money back guarantee when you buy DIPPEC. If you are ever not happy with DIPPEC, just ask for your money back.

So here it is. Go check it out.


Dreamhost Review: My Personal Experience with Dreamhost

June 1st, 2011

When people ask me for recommendations on web hosting, I will have to know what kind of website that they have, or going to build. But hearing the answers, 9 out of 10 times, I would simply recommend Dreamhost.

I can confidently recommend Dreamhost because I have been using them since November 2006. Furthermore, Dreamhost is where Minisite Gallery (this website) is hosted since the very first day of our launch. We haven’t moved Minisite Gallery to anywhere else because there was never the need for it. And I should also tell you that since Dreamhost allows unlimited number of domains, MinisiteGallery.com is not the only website I have in this account.

At this point, you know that Dreamhost has my double thumbs up. If you are looking for a web hosting, stop the looking and just head over there and sign up. Use coupon code MSGROCKS and get $40 OFF from your subscription fee.

Dreamhost has been able to cater for all my hosting needs, and I believe they will come through for you too. In my opinion, the web hosting service you get for paying $8.95 per month is worth the money and more.

But a fair warning…

Read the rest of this entry »

Curdbee Review: Online Invoicing for Freelancers and Small Businesses

July 17th, 2010

I do a bit of freelancing sometimes. And when you do that, you need to be able to invoice your clients.

Of course, you could just whip a quick invoice in Words or any word processor that you use. But where’s the fun in that?

Now imagine this — invoicing is FUN (yes, apart from getting paid). I want to introduce you to CurdBee.com. That’s what I use for invoicing my clients.

CurdBee.com is an online, web-based invoicing software by a company called Vesses. I am starting to really like this company and the things they do.

I have been checking out online invoicing for some time now. I didn’t really test everything out, but I know about the others like FreshBook, BlinkSale, CashBoard, Zoho and others. But when checking these options out, I am drawn to CurdBee.com.

Why I am drawn to CurdBee.com? One is because of their generosity.

You see, online invoicing software makes money by charging you a monthly fee. But at times they still let you in for a free peek. But these free peek accounts are always limited in some ways. Well CurdBee has a free account that is limited too. But the main difference here is this — While others limit you by how much you can earn with their software, CurdBee does not.

Let me explain.
Read the rest of this entry »

A Cool Trick To Affiliate Marketing Review With Videos

July 6th, 2010

I learned this at a forum some time back. And I have to say that it works really great. When promoting affiliate programs, I find that I get more sales per 100 visitors than any other techniques.

It works by creating a video review for an affiliate product, primarily with ebooks on ClickBank. But it does not mean that you have to stop there. You can use this technique with any product that you are promoting as an affiliate.

But I have to tell you that this will require some money to get started.
Read the rest of this entry »

Review: Is Lynn Terry’s SelfStartersWeeklyTips.com Elite Member for You (SSWT Elite)?

July 1st, 2010

Before I tell you about SSWT Elite, let me tell you a little bit about my story and how I get started. It’s all related, I promise. Soon, you’ll know why I tell you this…

I remember when I started out years ago. I swayed here and there looking for the right way to make money online. I started out with a little luck when I saw my first ever website made $13 in commission from an affiliate sale. But after that, I got lost…

Back then, you hear this phrase being chime into your ears quite often, “The money is in the list”. What that means is that you need to build yourself a mailing list. A mailing list is almost like a guarantee to a long prosperous business life on the Internet. (that is the half true though)

While still building websites for affiliate commissions, I looked into the option of building my own mailing list. By the way, back then, you were also distracted by other huge online success like Yahoo, Hotmail and the hundreds of Internet business startups during the dot-com bubble. Almost everybody has a “great” idea for the Internet. So did I…
Read the rest of this entry »

How To Sell Your eBooks, Files, Downloads with Paypal using UPLOADnSELL.com

April 10th, 2010


UPLOADnSELL.com is my latest venture. Coming from me, I am biased. But I want to say it anyway. UPLOADnSELL.com makes selling ebooks, files, downloads or any other digital products easy. All that you need is your files and a verified Paypal account. After that, all that you have to do is just UPLOAD and SELL.

Though UPLOADnSELL requires no training, no explanation, today I want to give you a walk through on how to use UPLOADnSELL.

At UPLOADnSELL.com, the first thing that you see is a some forms that you need to fill in. They are segmented into four area labeled with numbers from 1 to 4. The first one is about selecting the files that you are selling.

Read the rest of this entry »

Building A Mailing List Really Fast And Easy – No JV Required

February 15th, 2010

Building a Mailing List Really Fast & Easy - No JV Required!

A girl called me the other day asking internet marketing questions. And you know what, I think it’s a good topic to cover in my blog… so here it is…

I hope you really read this and take it to heart when it comes to list building…

Here goes..

The girl, let’s call her, Amanda, told me that she is starting to build her list. Well, good for her. It’s good when you are starting to take action…

And she started telling me that it’s not doing so well. She is only getting a few subscribers… and it’s a number that is really frustrating her.

Okay, you may have heard that it’s not about the size of list but rather the relationship you have with them. But then again, you have to look at the way you build your list.

I asked Amanda how she’s building her list…

Read the rest of this entry »

Video: How To Create Order Buttons In Photoshop

September 12th, 2009

I decided to do a tutorial on how to create order buttons with Photoshop. I read about order buttons by Ryan Diess where his best order button was 400 pixels wide, orange background with navy blue text and it says “Add To Cart”.

This is what we’ll be doing today.

As for the credit card icons, it’s from Liam McKay of WeFunction.com. You can download your own at http://wefunction.com/2008/07/function-free-icon-set/

I did this in just 10 minutes. The video below was uploaded in HD quality. Do enlarge to full screen for better view.

Click Here To Download PSD Source

Simple IPN: Free Paypal IPN PHP Script for Digital Download Products

August 17th, 2009


UPDATED: 20 June 2014

Simple IPN is now open sourced and can be downloaded from Github. Or you can use the link below.

[ Download ZIP ]

[ Project Repository at Github ]




I was running a class for my Netpreneurs Online Classroom and we got to the part where we are suppose to learn how to deliver our downloadble digital products.

I don’t want to make this complicated for my students. I want to make this simple, but at the same time offers some form security from online thefts. So I started thinking of a simple script that should be able to do the following:

  • Expiring download link
  • Expiring download page
  • Minimum setup
  • No database required
  • Uses Paypal IPN
  • Emails the customers with their download info
  • Customizable download page, thank you page and email
  • Multiple files product package
  • Allows Paypal Sandbox testing
  • No need to create the Paypal Button form – will generate for you
  • Don’t have to understand Paypal IPN – just know that it’s more secure
  • Strict verification process – verifying price, Paypal email address and currency

Read the rest of this entry »