No Pain, No Gain

“Behind every beautiful thing, there’s some kind of pain.” ― Bob Dylan

Hear that sound? That’s me kicking and screaming as people (people I’m paying) drag me into the current decade.

The lovely and talented folks at Estep Media Solutions and Emily Journey and Associates, some of the brightest web design minds around, gave me bad news about the current layout of Write Now Newsletter.

“It’s, well, er, um, kind of a throwback.”

That was a polite way of saying the format (you know – the one from 2005) was woefully outdated and unworkable in a modern website. Time for a change.

Stay tuned. A new, lovely, easier to navigate website is coming. It just isn’t ready yet.

In the meantime, I have included only one link to the Write Now “Events” page instead of the full list you’re used to seeing. All fifty-nine events are there once you click through.

Thanks for your patience and be sure not to miss NUMBER FIFTY-NINE!!

Please Support “Write Now Newsletter”

“We make a living by what we get, but we make a life by what we give.” – Winston Churchill

I hate to ask for money. I cannot remember a time in the fourteen year history of Write Now Newsletter when I directly asked. The newsletter has been my community service, a gift to central Ohio writers since January 2003.

There have always been expenses. I pay for faster internet, jangomail email distribution at $25 a month, site hosting (about $100 a year) and the domain name ($11.99 a year). These costs add up, but I was always able to pay them.

Then my site got hacked.

Fixing it has been astronomically expensive and time-consuming. Here’s a short list of the least costly items we implemented: website firewall and security monitoring system for $199 a year, new web host for an additional $100 this year, moving four related web domains for $50 a year, plus a virtual private network for $39.95 a year.

But I’m not tech savvy. So when I say “we,” I mean my web person. As a consequence, the biggest expense was the incredible amount of time this very well-trained, extremely professional, uber-responsive woman spent investigating what happened, removing all sorts of malware and malicious coding, recovering my data, and getting the site back on its feet.

How much time you ask? SEVENTY-EIGHT HOURS! And I know she did this because we communicated while she worked. The bill was $7,800 including a discounted hourly rate and hours she didn’t bill at all.

It was an awful hack.

If you enjoy receiving the newsletter, please support it by clicking this link. This unusual situation demanded drastic measures which resulted in huge, one-time expenses. I won’t hold out a hat again any time soon. But I am now. A virtual hat.

The link takes you to paypal which allows you to use a credit card or pay from your checking account. You don’t need a paypal account to use it. If you would rather mail a check, email me at nita@nitasweeney.com and I will happily send you my snail mail address. I’m too paranoid to post my address anywhere on-line. It had been on my site, but we took it down.

I value each and every one of you whether you support the newsletter or not. But if you can, I would truly appreciate it.

How Not to Get Hacked

“Good advice is usually given by someone who was once a bad example.” ― Ljupka Cvetanova

As I explained in last month’s blog post, my website was hacked. Someone accessed my WordPress dashboard, began running some kind of storefront out of a secret page they had created on my site, sent fraudulent emails (a Nigerian Prince announcing your lottery winnings perhaps), and nearly crashed my site.

Since this happened, I’ve learned more about internet security than I ever wanted. Posts and articles about computer security had been warning me to take note for years. My computer guru had warned me. I failed to heed. Here’s a list of things to help you learn from my mistakes.

1. Don’t think you’re too small: I thought since I was just a little writer in central Ohio, no big deal, I was immune. But hackers aren’t looking for the next big deal. They don’t necessarily want to take down the New York Times website. They may just want your internet real estate. Or they may just want to brag to their friends that they hacked a site. It’s unlikely the hackers targeted my site specifically. Rather, they found a site (that just happened to be mine) with vulnerabilities they could exploit. That’s what they were looking for.

2. Don’t forget to change your password: While we can’t be certain, this was most likely the point of entry. I’d had the same password since 2005. Yes. The same password “protecting” my website files for twelve years. This was a thing my guru mentioned, but which I ignored. Falling victim to my faulty thinking of number one above, I thought I was too small to be worried. My website hid nothing top secret or financially interesting. No one wanted my website, right? Wrong.

3. Don’t choose a crappy password: Not only was my password old, it was lame. It included sequential numbers and was an abbreviation so easy to guess I’m ashamed to tell you what it was. And I’d used it on many different sites. Again, I just thought I was a nobody over here in the Midwest. Now my passwords are long and complex.

4. Get https: The next thing my computer guru did after we changed my passwords was to obtain an “SSL certificate” to make my site Hypertext Transfer Protocol Secure (HTTPS). This provides encrypted communication with and secure identification of a web server. In layman’s terms, it makes my site more secure.

5. Get Google Authenticator: Because of the extent of the hack and the number of attempts to access my site, we added a third layer of security. Google Authenticator is an app that links to your website. Once you install it, you will need not only a username and password to log into your site, but also a numeric code generated on your phone. It was relatively simple to install and as soon as we did that, bam! The attacks stopped.

6. Keep tabs on your website host: I’d used the same hosting company for many years, but was unaware this small company been sold recently to a much larger company. I cannot be certain, but I have reason to believe their servers were hacked. When asked about it, the web host said any hacks were my fault. Okay. I admit my mistakes for my site, but not for their servers. That’s on them. So my computer guru and I quickly changed hosts. Not fun at all, but that too made an immediate difference in the number of successful hacks.

7. Don’t access your site on public wifi: I love to write in different locations. It turns out that hackers love these locations as well. They have tools that can pluck your passwords right out of thin air! While I can still hang out at the local coffee shop, even if the coffeeshop wifi is password protected, I won’t use it to access my site. Instead, I’ll get my own wifi “hotspot” from my cell phone company.

8. Check your home router: Wordfence, a security installation for WordPress sites like mine, recently published a post showing how tens of thousands of hacked home routers are attacking WordPress websites. They also provided a tool to let you check your home router.

After my website guru spent days and days doing the equivalent of hosing down my site and tidying the mess, we took the above steps to lock down security. I’m not a security expert so I’m sure there are many more layers of which I’m unaware, but I hope this list will help you avoid being hacked in the first place.

NITA SWEENEY is a writer, creative writing teacher, and editor of Write Now Newsletter. She lives in central Ohio. Follow her on Facebook! Subscribe here to the monthly newsletter!

Frequently Asked Questions

“You can fix anything but a blank page.” – Nora Roberts

Each month I receive questions. Below is a summary of frequently asked questions and where to find the answers.

The most frequent question I get is whether I will read manuscripts. I have done this in the past, but currently am focusing on my own writing and not taking individual clients. However, other people are. If you click the “Newsletter” tab on my website then the link on the right-hand side of the page you’ll find “Individual Assistance.” This page lists editors, coaches, writers, teachers and other people who are in the business of helping writers get the job done. It is not a complete list. I do not necessarily endorse these people or know how well they work. I only know that they have contacted me and they are available.

The second most frequent question I get is whether I know of any writing groups. As a matter of fact, I do. If you’re looking for a group, surf over to the Ongoing Writing Groups page. Some writing groups focus on a particular genre. Others are open to anything. Perhaps you’ll find one that suits your needs. If you’re already in a writing group that is open to new members and you don’t see it listed on my website, please let me know and I’ll include it. Similarly, if you start a group and you’d like to attract members, I’ll be glad to post that as well. You’ll find this list of groups under the Newsletter tab and then by clicking the link on the right.

Also under the Newsletter tab you’ll find the current essay, the current list of writing events, a list of promotions for individuals and organizations with which I am familiar (these are endorsements, not advertisements), a page of “fine print” which lists specifics about the newsletter such as deadlines and subscription information, a link for signing up for the newsletter, and submission information. There is also a link to an archive of past newsletter articles.

In the shameless self-promotion category (in separate tabs along the top) you’ll find a list of my classes, quotes from people who recommend me (aka kudos), and my biography.

Under the tab “Websites,” I’ve listed many different links to my favorite stuff including writing courses, meditation, coffeehouses, and other things I just want you to know.

Finally, yes, Write Now Newsletter and Bum Glue do accept donations. If you find either the newsletter or blog helpful, this is a great way to show it. In addition to our time, we have internet, web design, and mass email fees every month. Under the Newsletter tab, at the bottom of each page, is a link which allows people to donate.

Is there something else you would like to see on my website? I’d love to hear your suggestions.

Verified by MonsterInsights