Circling around to important questions

At today’s Tuesdays with Deborah session, we engaged topics that are asked by reticent bloggers and often revisited by experienced bloggers.

What is a blog? What is a blog post?

A blog is a collection of web content, usually writing. A readable blog post is about 200 to 600 words long. A good blog post is something that will be found and read by someone who is interested in a topic. What topics do reticent bloggers have in mind?

Where are blogs?

The best place for a blog is high on the list of search results returned to a search engine user. Readers find bloggers who effectively refine their understanding of relevant search terms.

Who blogs?

Writers blog!  Businesses develop, grow, and maintain customer bases through relevant and timely blog posts.  People with common knowledge and information needs find each other through the authoring of, and reading of, blogs.

When is a blog post visible?

A blog post is visible as soon as the author decides to publish a piece.  Writers with experience in printed materials can be assured that a “published” blog post can be changed after it is published.  Each blogger develops an sense of when a piece is ready for publishing. Each blogger develops an individual sense of how often to publish new content.

How are blog posts created?

Blog posts are created using a software tool such as WordPress, the software used for the Tuesdays with Deborah blog.  Blogging tools have features that feel like word processing: writing, formatting, and saving. A key difference between word processing and blogging is a “publish” mechanism for making content visible to readers.

The content of blog posts is developed through each writer’s unique writing practice. When is a good time of day for writing? Where is a good location for the writing process? What gets in the way of writing – distractions? Multi-tasking? The internal editor who gets in the way of first drafts being created? Some writers identify clothing that makes writing easier or harder.

Bloggers discover that developing the content is more challenging than learning software features for creating posts.

Answers to the previous questions of who-what-when-where-and-how all come from the question:

Why create a blog? What causes a reticent blogger to enter the world of blogging?

There are many right answers to the questions of what to write, how often to post, etc. Good approaches for any one blog come from on-going refinement of a blog’s purpose.

Understanding a blog’s purpose is not a pre-requisite for beginning a writing/blogging practice.  Discovering a blog’s purpose begins with an idea, leading to some drafts, leading to some publishing, leading to some feedback, leading to a refined understanding of purpose and how to fulfill the purpose.

The current writing challenge is “Passionate Observations.” Here are examples about New YorkDenver, and our own area.

Reticent bloggers are invited to register for the site, read and comment on posts, try out what feels like a word processing tool for adding a new post, and then take a deep breath and press the “publish” button.

Right now, the editor in my head wants a few things different about this post. But the writer will press the “publish” button, in this safe space, and the editor can have a turn on another day.

 

 

 

 

 

 

 

 

Commit to the Cubicle

Cubical LifeThis past weekend, I saw a friend whose son was graduating from college.   As we laughed about the empty nest he was about to experience our conversation circled back to our work and now the newly found job of his son.  I asked him how his son was handling the transition from college life to the nine-to-five world of work.  He said his son hated it.  He then laughed and commented on how his son is now a younger version of himself.  How he dressed and had to get up every day and go to work.  He then said something I’ll probably never forget.  He said, “Yeah, he’s just not ready to “commit to the cubicle”.  What!?!  His son is a gifted athlete and snowboarder.  I mean practically an Olympic level instructor type.  He spent every second of his free time on Mt. Baker between classes while at Western Washington University studying for his degree and has also appeared in a few snowboard promotional video commercials.  So you can imagine my heart sinking when I heard his father say this.   Especially with me on the heels of finishing my soon to be published book “The Art of Working for Yourself”.

All I could imagine was a scene from National Geographic in my head as they chased down this young lion that was about to be tagged and released for observation.  First, the lion struggles after it’s been hit by the tranquilizer dart.  Then they pet him to keep him calm, so he won’t wake up and eat them alive as they slip the transmitter collar around his little neck. Before the lion realizes what hit him, he wakes up and realizes that he’s got this thing now wrapped around his neck.   I know this is a bit dramatic, but I had to ask myself the question… “Did this happen to me?  Did I get tagged and “commit to the cubicle?”  When did I give in and what type of tranquilizer dart did they use on me?

Knowing what I know now, I think back to when I was younger and wiser and believed I could do anything.  I couldn’t quite remember how I fell for the Jedi mind trick and committed to the cubicle.  I’m sure it happened slowly at the guidance of our beloved media, teachers, friends and family; somehow I was trained away from my true essence.  As for my friend’s son, my lament for him is that most of us who “commit to the cubical” never leave it and we will begin to look at the cubicle as the best thing we will ever accomplish. Our wants and desires will take a back seat to day to day existence.  Sure there will be promotions and awards that reinforce our role as the cog in the wheel.  But, I wonder whose greater good this is serving?  Does committing to the cubicle mean we are not working for ourselves?

I believe the way we live and work is about to undergo a radical shift and it will be those who can’t and won’t commit to the cubicle who will show us the way.  They will live and work in a way that is more fulfilling to who they are and how they live (even when they work for someone else).  I’ll leave you to answer this for yourself.  Can you “commit to the cubicle” and still embrace the “Art of Working for Yourself”?  If so, how do you do it?  If not, then why not?

Read Gerald’s blog @ The Twelfth Power

Limiting Logins on a WordPress Site

This post explores one easy way to hardened a WordPress site from possible exploitation.

In order to make changes to a WordPress site, a user must first be able to log into the site. Without the ability to login, no changes can be made to the site.

Why there is a vulnerability

Currently, out of the box, WordPress has no limitations on the number of password attempts allowed to login to a site. You may think, “big whoopee, who is going to take the time to type in all those different password attempts?”

Well, the answer is no one in their right mind would do that. Hackers/crackers are, fortunately, in the right mind. Unfortunately, not to be political or anything, they are in their far right mind.

If they are trying to get into your site, they are not going to type in a bunch of passwords and hope one matches, they are going to automate the process. They are going to run a program that will likely be able to try 10’s to 100’s of attempts a second. If they find a password that works, Bingo! they’re in. They can now make changes to your site.

Theory to beat this vulnerability

What if there would be a way to limit the number of attempts? After so many attempts from a certain computer, that computer would be locked out from making more attempts. This would foil automated attacks on your site.

From Theory to Practice-Limit Login Attempts Plugin

The WordPress Plugin, Limit Login Attempts, http://wordpress.org/extend/plugins/limit-login-attempts/, will carry out such limitations. Limit Login Attempts does among the following:

  • Locks out an IP address after a set number of failures.
  • Keeps them locked out for a set period of time.
  • After 4 login failure cycles, that IP address is locked out for a longer set period of time.
  • Tracks the total number of login failures.
  • Make allowances for direct connections or from behind a reserve proxy. I discuss this further in the Settings section.
  • Will also block login attempts using cookies. I discuss this further in the Settings section.
  • In the login window, will notify the user the number of login attempts left.
  • Notify user if they have been locked out.
  • The option to log failed IP addresses and email for locked out Ip addresses.

A Look at Settings for Limit Login Attempts Plugin

This is setting screen for the Limit Login Attempts Plugin. Its can be found in Settings Tool in the Dashboard when logged in as an administrator. Here is what it looks like.

limit-logins-2012-05-9-10-02.png

I am going to run down the different options and offer my suggestions.

Total Lockouts– This keeps a watch on the total number of lockout since the last refresh. Clear this at any time.

Lockout

Allowed retries– This is the most important and least important field at the same time. As long as there is a value here, this site will no longer be easy to hack/crack. For that reason, automated attacks will stop. They will move onto easier targets. I would suggest a value less than five. I am a horrible keyboarder and still I can make my fingers crawl on the keyboard well enough to get my password by the third time. Additionally, on the first lock, the user will only be locked out for a short period of time.

Minutes Lockout– This is the length of time for a lockout if the allow retries are exceed for the first time. The default here is great enough to frustrate crackers but not great enough to frustrate a user in the rare cases where a they did not type in there password correctly.

___ lockouts increase lockout time to ____ hours– This is the teeth of the plugin. This is what will stop hackers/crackers. When a hacker/cracker is locked out for the long period of time, They know their automated attack is a waste of time. They will be off to easier targets. The default values here are good values.

Hours until retries are reset– Again, this field as little significance. It is the count of the lockout failures. In this example it is four. The important thing is a hacker/cracker isn’t going to try three times, wait x hours and try again. They will be long gone finding easier targets. I would make this as large as the hours lockout in the previous line.

Site Connection– If you do not know what a reverse proxy is, select the Direct connection radio button. If you know what a reverse proxy is and your site is behind a reverse proxy, select the From behind a Reserve Proxy radio button. This would be a relatively geeky setting.

Handle Cookie Logins– Many times, a user, who has recently visited their site, re-enters without needing to re-enter their password. This is because there is a cookie, a small bit of text on the users machine that is put there by the website. When the user returns, the website uses this cookie as a form of validation and the user can re-enter the site without a password.

Make sure to select the Yes Radio button here. Otherwise a hacker/cracker could automate the process of trying different cookies, hoping to get lucky. They have about a one in 4 billion chance. :^)

Notify on Lockout

Log IP-This will keep a log of failed login attempts. It is informational and not to important. I’m a geek, so I would have this on.

Email to admin after ____ lockouts– The default value of 4 is fine, here. Again, being a geek, I would want to have this option checked so I could snicker at people who tried to hack/crack my site.

If you made changes to any of the settings, don’t forget to click the Change Options Button. This will save the changes.

Finally, there is the Clear Log Button. Sometimes log files can get big and unwieldy. For this plugin, this would only be the case if you had thousands and thousands of failed attempts. Still it would be worth while to clear this log as part of a quarterly cleaning

In closing, out of the box, a WordPress site is open to the potential of automated attacks to try and figure out passwords on a WordPress site. The Limit Login Attempts Plugin will close down this vulnerability. Using this plugin, is one step a WordPress site admin can take to further harden their site.

Baseline Checkup for Integrity of your WordPress Site

It’s 11:45 AM. Do you know how many administrators are on your WordPress site?

Unfortunately, WordPress, at its base is a piece of software. Any piece of software has the potential for exploits. With WordPress exploits, nefarious people could be using your site to inflict evil on other people. A major case and point happened recently. The largest piece of malware to ever effect the Mac has happened in the last few months. This piece of malware got spread through WordPress sites that had been exploited.

If you ask me, exploits and keeping your site minimally exposed to hackers are the number one reasons to keep WordPress, Plugins, and Themes updated. Often these updated fix exploits. With these fixed exploits, this lowers the potential of a WordPress site getting hacked.

WordPress exploits are well known. Have any doubts? Check out this list. By not having the most up to date version of WordPress, a WordPress site is open to any exploit on this list targeted at that version of WordPress.

One of the most valuable hacks, at least as far as the bad guys are concerned, are exploits that allow them to add an administrative user. This exploit allows for a hackers to do just that thing. Notice, the version of WordPress effected by this exploit is 3.3.1, the second most recent version. Anyone not updated to the most recent version, 3.3.2 is potentially vulnerable to this exploit.

Step back and think about it a second. What would be the problem if someone unknown suddenly could administer another WordPress site, potentially yours? As an administrator, they could make what ever changes they wanted to the exploited site. They could add code, users, posts, comments, all at their free will. If they so desired they could even delete the exploited site! That wouldn’t buy them much, but it is a possibility. They would much rather have a site up and infected. Then they can continue to use the exploited site for whatever purpose they wanted.

Beyond the direct affect on the exploited site, there is an even larger potential problem, the site’s SEO. One thing web search engines do while crawling sites is look out for malware. I have and maybe you have too, clicked on a link in Google only to be warned that you are going to a site that may be infected with malware. That alone, would be a scary enough for potential customers.

Google’s search engine will also keep a watch on an infected site. The longer the infection lingers, the lower the rank the infected site will receive. Any ranking the infected site had built up with Google could soon be lost without a timely fix.

So, what can be done to protect a WordPress site? One of the easiest things that can be done is to keep a watch on the number of administrators on your site. If there are more administrators on your site than you expect, you could have been hit by an exploit. Thankfully, when logged on as an administrator, The User Panel will show the number of administrators. This panel shows three administrators; the expect amount, by the way.

PastedGraphic2-2012-05-4-11-42.tiff

If the Administrator count is larger than expected, click on the administrator link to show who the administrators are for the site. If the numbers of administrators are less than the count of administrators, that is a problem. There are obscure problems that can allow the count of administrators to not be reflected in the list. More likely than not, the rogue administrator has been hidden, A very easy thing to do. If you find yourself in this predicament, you will either (1) have to get your hands dirty with SQL or (2) find someone who will.

Unfortunately, WordPress sites are vulnerable to exploits. These exploits can be used to cause harm to people who unknowingly visit they exploited site and also damage the sites reputation. One basic way WordPress site owners can keep an eye on the integrity of their site, is to make sure there is not a sudden increase in the number of administrators. This is an obvious sign that a site has been hacked.

In closing,

It’s 1:45 PM. Do you know how many administrators are on your WordPress site?

The in-person part of our collective writing practice(s).

Musing about the life-giving energy of the Tuesdays with Deborah sessions.

Different every time.  A topic that “wants” to emerge always emerges.

Sometimes the energy  is “amped.” Sometimes meditative and receptive.

The process has “unstuck” the writing I need to do. I write here as “Good Listener” to avoid, with extra caution, for a while, any risk of trampling on any vulnerable person’s privacy, and I have known and journeyed with many.  As I develop a writing practice I will learn how to feel confident in avoiding harming others’ privacy. This space is a safe laboratory to keep a writing practice going while I learn enough WordPress, while playing with only a few posts, to develop a platform for my own voice and presence at wisdomandheart.com.

I felt like a rock star when the circle said, “Oh, … YOU’re Good Listener.”

I also saw Leona as a rock star when I recognized her when she came in… first time we have been in the circle at the same time. I am a fan of many people in the circle, and their hearts and skills and professional identities and presences. I have made new friends and benefitted from group members’ professional services (not to mention itechieguy.com by name).

I am eager to see Joni, and William, and Gerald, and Karen, and Peter and others again. Janice and I write because of a common caring for…. people our own age and older. But a bit “differently,” and I want to read and re-read her posts. I could name, and link to, others in the group who have inspired my writing  this week, but I am about out of energy for looking up the links.

I feel as though there is a certain shared “work of the community” that emerges, although Deborah is, of course, the “leader with followers” and she is a capable, wise, facilitator and…. shaper? nudger? I recall the acronym “STAR” from a couple discussions ago, but I cannot remember what it means. Maybe John Erdman will remind us.

Generosity abounds and makes me eager to be part of the generosity.

Writing tonight with gratitude that can hardly be contained in words. Partly because I have completed a ten page draft on a technical subject. Before becoming part of the group, I had the same knowledge, but somehow, not the… spirit…. to translate one part of it into a first draft that elevates complex financial protections into plain language. I will keep working on it. Yes, I could publish a ten page white paper, but the world will be better served when I can break it down into ten separate posts, appropriately linked, so that every reader of TwD could “enter” the topic, and then “learn more,” or not, as they choose.

Not an easy writing practice, but it is, apparently, a challenge that is uniquely mine. If Medicare could do it, then “Chapter 30” of one “Internet-Only Manual” would not be 300 pages long!  Their work may be legally “defensible,” but it is also incomprehensible to ordinary, extraordinary, informed, motivated people. We each have a role. They have to answer “all” the questions, I like to answer real humans’ questions in language that real humans use.

I could improve this post by whittling it down to 250 words, but it is more important in The World that I whittle my ten page doc into ten separate posts. I can do it with your help. Previous posts have demonstrated that I “can” whittle something down to 250 words. I will not allow a temptation into “perfectionism” to make me think that “every” post on this safe space must conform to that useful standard. Thank you, my TwD community, for being you in the world.

By The Way…. I will not be at the April 17 gathering of TwD.   A memorial service for one of my beloved elders will occur that afternoon. I will spend the time driving others of his elderly beloved friends to the gathering.  This man was not a blood relative of mine, but he is one of my, of our, beloved elders, just the same. I will be in community all the afternoon, just not the community of my writing peeps, but rather the community of Our Beloved Elders and their Loved Ones. You will be with me. Do not ever doubt that.

Stop Doing It or Start Charging For It

Wow! This empowering, liberating, affirming, respectful, and somewhat scary message dominated part of the March 27 TwD session. Karin Q was the good natured, curious, courageous, authentic, valuable expert whose knowledge base and practices were the subject of discussion. What a gift to the group that we could all hear, and hopefully learn, so much in the “laboratory” discussion around what is near and dear to her heart.

Later in the day, I felt a jolt! I have already established a market rate for the personal advocacy I have done with friends and family for twelve years! Some years ago, a young adult friend was hit by a car and sustained disabling injuries. She had no local family, and so our family simply said, “We are your family.” I was with her every day for a while, then intermittently for a long time. It was gift. It is simply “what we do in the world.”

But there came a time that she said, “You have always said it isn’t about money, but the reality is the responsible party has taken responsibility for this situation and I have received a check. You gave me the gift that you could give when I needed it, and I fear you will not allow me the same privilege.” I said, “My friend, of course I will accept a gift with gratitude. Just as you did. But this was never a marketplace transaction between us.” We did not discuss numbers, she simply wrote a check that represented value. And let’s just say that no one needed to fear getting in trouble with the I.R.S. over excess gift taxes, but….. the gift was sizable.

The details of that year have faded from my memory, but I knew our discussion yesterday applied to me in some way.  All afternoon I wondered, “what would be a market value for my expertise?” To my surprise, these events came back to me. I did the math in my head and called my friend saying, “I am so grateful for a gift you have given me that I never appreciated before right now. So I called you immediately. Remember the events of all those years ago? Well…. because of you, I can say to future clients, ‘my going rate is [a certain amount] per hour.’ ”

I came to TwD hoping to gain what I needed to simply write a blog that others might benefit. And that will happen. Soon. I have developed content and a blog name, acquired a domain name, and I depart today on what I regard on a WordPress learning retreat. I hope to have a blog to share with you next Tuesday.

I never imagined it might be the start of an income stream. It is not an income stream the family needs to keep the lights turned on, but value is value. The words “Stop Doing It or Start Charging” apply to me.

What “A Short Aside” looked like on dashboard and inline

Stephen Magladry showed us, with lightning speed, what a WordPress “Aside” looks like. On my WordPress Dashboard,  when viewing all published posts, the item is tagged as an Aside. How intuitive. This moment allows me to practice, for the first time, inserting an image, because I grabbed a screen shot of what that aside looked like on my dashboard, and I am going to attempt to insert the dot-tiff file. I used the Upload/Insert button above the Bold and Italics toggles on the editing menu bar.

I will learn the following additional details by trying them out. I wonder what would happen if I changed the “filters” on my dashboard. Right now, it is set to View All Categories. I wonder if this Aside and this comment are visible to all Tuesdays with Deborah participants. In conversation, an “aside” is usually to a subset of all people in a room, but that concept may not apply in WordPress. Maybe an Aside is a “type” of post.

The train of thought has now departed the station of “plain language” and is heading toward jargon, so I will stop now.

Thank you, Stephen. I look forward to taking your WordPress Dashboard seminar sometime, but I have a regular volunteer gig on Tuesday mornings so it will take some calendar juggling.

_____________________________

Turns out this is what the Aside looks like in the “thread” on the Tuesdays with Deborah home page, scrolling through content. I am playing with different materials in the art box of WP here – trying out features. Thanks for playing.

Feng Shui – Interface of People, Buildings and Nature

pond and trees

Select the correct site

Harmony between buildings, nature and people is the function of feng shui. How can you create this harmony in your environment? The best way to do it is to start with selecting the correct piece of land for your building project. When you begin with land that supports your well being then you are ahead of the game.

Choose land without steep slopes that can drain away your money. Stay away from T intersections, highway overpasses, fast running water and land with ravines. Instead choose land that is basically flat where you can build far enough away from the road to avoid heavy vibrations.

Too much or too little

The soils should not be too dry, too rocky or too wet. Each of these can cause various problems for you. Vegetation should be healthy on the land you choose. Trees should be in good condition and growing well. They should not be overly large or too close to the building. Some kinds of trees should be avoided such as willow trees which thrive in wet areas and grow quickly. In addition to indicating wet conditions the roots can interfere with drainage and sewer lines. Some trees are messy and attract insects and snakes. So be careful what kind of trees you choose.

painted desert

Be aware of your surroundings. Is it too hot or cold and windy? Are there strange smells?  If your land is too exposed such as the top of a hill you will constantly be battered by sun, rain and wind. The views may be magnificent but eventually you will find it to be too strong for comfort. Your house will also suffer and deteriorate. If you live downwind from a factory, paper mill or a farm you may be assaulted by smells that can be very unpleasant and eventually will affect your health.

Are you in balance

What about what you see around you? Anything you see will affect you. Surround yourself with beauty both inside and outside of your building. Are your surroundings in balance? Are you the largest building in the area? When you stand out this, you can become…

To continue reading please visit Real Feng Shui Solutions

all rights reserved © Diane Kern 2012

An emerging blog name – Takes 2 through 7

Takes 2 through 7: A clunky set of words is emerging, remember this is play dough, and it is all being formed by the comments of readers plus my on-going experience. Readers aptly point out that it is not only about “seniors.” Some long term care residents are people who are younger and disabled.
Revised March 15, 2011
2) Quality of Life Expectations and Reality for Seniors and Others
Becoming informed consumers to honor our elders and our future
3) Expectations and Reality for Seniors and Others
Becoming informed consumers to honor our elders and our future
4) Expectations vs. Reality
Becoming informed consumers to honor our elders and our future
5) Promises, Expectations, Fears, and Reality
Becoming informed consumers to honor our elders and our future
6) Authentic Quality of Life and Dignity
Becoming informed consumers to honor our elders and our future
7) Authentic Dignity and Quality of Life
Becoming informed consumers to honor our elders and our future

Take 7 seems to have “rhythm,” as mentioned by William. It uses the liberating word “authentic” lived and encouraged by Deborah, who asked me to try to discover what the blog wants to be called. The word wisdom is gone, but the word authentic is there. An early blog post, or “About” entry can incorporate the wisdom theme.

Thoughts are welcome, but I know everyone is pondering and writing other things, too. But if this play dough looks fun to you, know that it is for shared enjoyment. Thanks!

++++++++++++++++++
Take 1:
Senior Living Community Wisdom
Becoming informed consumers to honor our elders and our future

 

Think of this “draft” blog name as play-dough that I am inviting you to enjoy with me, if it seems like fun.

The term “Senior Living” is more “inclusive” than “long term care,” because “care” living is only one subset of senior living. The wisdom accessible through this blog will discuss more than the “care” subculture. I expect the term “senior living” will be SEO-friendly.

The term “wisdom” is more appropriate than “information,” because this is not an encyclopedia. There will definitely be “point of view,” voice, heart, and compassion.

The term “informed consumer” is key. None of us would be consumers of headphones, an automobile, or a credit card without becoming “informed consumers.” We use “independent” information. We do not rely only on information from the salesman. Likewise, it is time we become informed consumers in the senior living world. This benefits our beloved elders and our future. It is neither completely altruistic nor completely self-interested. Simply….. wise.

The term “community” is important. There will be links to articles, facts, and opinion. I will ask questions that invite comments.

Do you, friends of Deborah D, have a response of blogging wisdom? Perhaps a story about how you chose your blog name? Perhaps a sense, in retrospect, of how it might have been named differently/better? Do you have an immediate response, positive, negative, or neutral, to the draft blog name?