We recently had an issue where one of our inboxes was nearly full. So we reached out and did some research to find the best method of reliably backing up a Gmail inbox and clearing it. We found that the best method is with getmail, a Linux utility that fetches mail through IMAP. It is very powerful and flexible, providing a lot of options. There are several different methods as well (outlined below).

Overall, we recommend using getmail. By trying several different approaches, getmail is by far the best. It is a little confusing at first, but not a hard pill to swallow:

How do you install getmail?

Ubuntu:

sudo apt-get install dovecot-imapd getmail4

Arch Linux:

pacman -S getmail

Centos:

yum install getmail*

Here are some resources for backing up gmail with Linux:
getmail:

• Matt Cutts explains how to backup gmail with getmail 
• Linode documentation goes over getmail setup
• Getmail documentation
• Configuring getmail

If you don’t like getmail there are several different options out there:
BagoMa:

• Ebixio blog explains how to back up gmail with bagoma
• Bagoma documentation

Fetchmail:

• Life hacker explains how to backup gmail with fetchmail
• Periodically backing up your email with fetchmail

W4RJ8XDCJ8DS

This is just a compilation of our favorite #drupalcon tweets through out drupalcon denver thus far. Some tweets are big news for the drupal community!

• Video of Fabien Potencier, founder of symfony. He explains in the session why drupal is using some key symfony components. https://twitter.com/#!/jedihe/status/182652246356525056
• Drupalicon needs a patch https://twitter.com/#!/mu5a5hi_jeff/status/182600561659617280
• Good morning denver bear! https://twitter.com/#!/bronicat/status/182454208665108480
• Drupal 8 + drupalcon 2013 in PDX! https://twitter.com/#!/eizzumdm/status/182245242764935170 https://twitter.com/#!/robeson/status/182248282368647171
  Live pdx 2013 site is here: http://t.co/YN6RWY7s
• Drupal poetry project by our fellow texan drupalists, four kitchens: http://t.co/Dl6HAwFN

Here are some nuggets of information from the second day:

• The marriage between symfony and drupal 8 is very exciting. It allows drupal to be compatible and interopable with other symfony projects
• View modes is the best practice before modifying the template file because that is the new drupal way
• The risks of non PCI compliance are fatal to businesses. Risks include lawsuits, loss of reputation, etc. It is something in the commerce field that shouldn’t be ignored
• Entities is the new future of drupal. Entities are used already largely in Drupal 7 with several modules: profile2, drupal commerce, etc
• Changing your innodb pool size can quickly increase your performance
• Make sure to utilize db query debugging in views it’ll allow you to quickly find slow query performance
• the views mini pager is one of the largest bottle necks when it comes to views output.
• entities allows drupal to have a unified crud controller.
• entities enables drupal to be flexible and interopable with other databases as well.
• each entity contains an id, crud controller and a property. The property contains meta data that ertains to the actual entity
• in drupal 7, entity bundles were introduced. entity bundles are things like: vocabularies, content types. Comments and users are possibly going to be slowly migrated to an entity bundle

Some a random list of things we’ve learned at Drupalcon:

• As always live demos can sometimes fail; regardless if you practice the night before
• Mobile will eclipse and be larger than desktop devices
• Panels will be integrated into core with the new intiative, Blocks and Layouts Everywhere
• Web services will be more and more important as the demand for native mobile apps are needed
• WSSCI is deprecated, part of it will be split up. The larger initiative of creating a communication layer, with the http foundation kernal
• The CMI initiative will not likely be completed in the drupal 8 in core.
• Drupal 7 approaching maturity as drupal 6 is near it’s end of it’s cycle
• Android devices internationally will reach 50% market share by 2015

After 13 hours, we’ve finally arrived in beautiful Denver. We’ve trekked hundreds of miles from Dallas all the way to Denver. Along the way, we experienced some beautiful purple mountains, hilly terrain of amarillo and rocked out to John Denver.

Often times we’re asked to provide Google Apps setup for some of our clients here in the Dallas area. After much googling, i’ve found it difficult frustrating to find what these values are quickly via google search.

I thought i’d just post them here for people so that they’re short an terse without having to dig through google forums support (arg):

cname records

mail.example.com ghs.google.com
docs.example.com ghs.google.com
calendar.example.com ghs.google.com
sites.example.comm ghs.google.com

mx records

priority value
1 ASPMX.L.GOOGLE.COM.
5 ALT1.ASPMX.L.GOOGLE.COM.
5 ALT2.ASPMX.L.GOOGLE.COM.
10 ASPMX2.GOOGLEMAIL.COM.
10 ASPMX3.GOOGLEMAIL.COM.

If all this mumbo jumbo about DNS and MX records confuse you google actually has a great basic guide here about DNS: http://support.google.com/a/bin/answer.py?hl=en&answer=48090

A common problem we have here at Globe Runner SEO is optimizing one page landing pages. Our team did some research and decided to compile some information on how to achieve the best converting landing page. Here are some of our findings:

Anatomy of a Landing Page

We discovered this gem recently. If you haven’t seen this you must review this image. These guys at formstack break down the perfect landing page.

Must Read List for Landing Page Conversion:

We also found some great resources for information about converting landing pages. We compiled a short list (more to be added) of some great blog articles related to this subject.

• Landing Page Best Practices
• Search Engine Land: How To Create High-Converting Landing Pages
• Landing Page examples
• Search Engine Watch: The Art of the Landing Page: 7 Tips For Increasing Conversions
• Search Engine Watch: 5 popular tips could hurt your conversions

Using Belcher Button:

One idea that we’ve discovered, recently among our team, is the idea of the Belcher button. The belcher button is a marketer’s dream design of a button. It producing insane conversion rates. We found an excellent video that breaks it down:

• Vidler video on Belcher Button

Examples of great one page landing pages

• PageMako
• Dropbox

It alarms me that often wordpress users will still use the exec-php plugin. It made sense when WordPress was fairly primitive and lacked functionality in terms of it’s templating system. Today, WordPress is fully enhanced enough that it should supersede the use of the exec-php plugin.
Today, it should be avoided at all costs. WordPress is sophisticated enough now that you should not need to use such a plugin. It poses various number of risks.
The plugin itself allows you to execute php commands.

Utilizing such a plugin is typically bad practice:

• Causes PHP to be stored in the database
• Creates a developer-dependant workflow. Thus, it requires a developer to maintain it; not an end user.
• Difficult to debug php errors.
• Poses increased problems for scalability
• Introduces performance problems. A database is called to retrieve the php code and then another php command must be executed.
• Poses many security risks. If someone knew your wordpress password they could essentially turn your wordpress site / blog into malware.

Ways around utilizing the plugin would be just good planning, executing best practices of web development and taking the time to develop more robust solutions. Exec-php should be only used as a last resort for stop-gap  ephemeral solutions.

I thought i’d share with everyone a helpful solution to a nasty bug in drupal / drupal commerce

Issue:

You’re excited. A new drupal module version is released. You’re trying to upgrade and now you’re ridden with a fatal error.

Problem:

There’s a nasty bug in Drupal entity fields that is currently trying to be sorted out. When you upgrade you may be unable to fully upgrade because modules are unable to delete previous database fields. It’s best if you uninstall then reinstall particular modules. There’s no direct path to upgrading for some particular modules Dependant on the entity field system.

At this moment of writing, when you upgrade a module there’s not a way to delete existing entity fields in the database. They’re currently working on this issue in drupal 7/8.

Thus, when you upgrade modules there will be lots of zombie fields in your drupal database. So when you upgrade you’ll

Solution:

1. Backup your database.
2. The only way of dealing with this issue is to manually delete all the database fields in drupal.
3. Using a script remove the database fields: Commerce Clean up Script for versions alpha2-alpha4 (Use with lots of caution. I do not provide any warrantee for this script):

Related Drupal.org Issue queues:
Drupal Commerce uninstall field failure: http://drupal.org/node/858722
Drupal Commerce Uninstall Instructions: http://drupal.org/node/858722#comment-4165896

Google, Bing and Yahoo announced today that they all were adopting a new extended markup called schema.org.

This extended markup allows webmasters to add additional markup to their site to help search engines better understand their content.

The elements of your site that you can use the schema.org markup on are:

• Creative works: CreativeWork, Book, Movie, MusicRecording, Recipe, TVSeries …
• Embedded non-text objects: AudioObject, ImageObject, VideoObject
• Event
• Organization
• Person
• Place, LocalBusiness, Restaurant …
• Product, Offer, AggregateOffer
• Review, AggregateRating

Google has a rich snippets testing tool that will validate the code on your site.

We here at Globe Runner SEO anticipate that sites which utilize the schema.org markup will see increased traffic as the search engines more accurately place pages in search results. Search engines will give natural preferences to pages that give a clear window into their content.

Transcription
Eric McGehearty: Hi, it’s Eric with Globe Runner SEO, and I want to talk about something new, it’s Schema.org. Today Google Bing announced jointly that they were going to use Schema.org. Schema.org is basically very similar to what I’ve talked about before, which is microformats.
It’s a language system, it’s an add on system to an HTML markup that you would have on your page and your website page that Google, Bing, Yahoo have all agreed to use. It’s going to continue to grow, it’s going to be a library of markups that we can add to a webpage. The whole idea is to make search engines smarter so they can better engage with your content.
Honestly, it’s really not that complicated. There are extra codes, extra tags that I can put next to specific types of elements that allows a search engine a greater depth of understanding. So for instance, the example that they give on Schema.org is “Avatar”. If I put in my website a headline that said “Avatar”, how does the search engine know that I want to talk about the movie “Avatar” or if I’m talking about an avatar for representing a person’s face, right? How do they know?
Well, I could put in, from Schema.org, these additional microformats that would then tell the search engine, “This page is about the movie ‘Avatar’.” I want to also put in some extra text in there and I could in a person’s name and I could specifically label that name using the microformats and say, “And the director is,” right? So I’m able to actually tell the search engine all the nitty gritty details about the pieces of content on my page.
Here’s what’s neat microformats have been used been used for a little while, but the initial push of microformats was, for instance, reviews were a big push on microformats so that the search engine could put star ratings next to search results. That’s certainly still part of it, but now there’s an emphasis on people, places and things as well. Events are still part of it, that was part of the initial microformats rollout.
Today, if you have a company page and you have your employee page, you can add microformats in there to say, “This is a person. Here’s their email address, here’s their contact information,” things like that. If you’re a small business, a local business, or if you have locations of any kind, this is a really great opportunity to tag your location. You can tag your phone number, you tag your address, tag your business name, and you can really optimize that content so that the search engine really understands that you’re referring to yourself.
Also, let’s say that you had your address and then an alternative location on that same page. Well, you want to make sure that you tag your address properly so in local search results you come up, but that other addresses on the page are tagged differently to represent that those are representing other places on web, other things that you’re listing on your page. So there’s a lot of ways you might think about using it.
There was one that I found particularly interesting as an SEO person. There’s actually a way, using these microformats, to indicate a link without having a clickable link on your page. So, for instance, if I was referencing something, and I wanted to reference the Wikipedia article so Google knew that I was talking about this specific thing that Wikipedia is talking, I could do that without linking to Wikipedia.
I don’t actually affect the user experience, the user doesn’t even see a link, there’s no clickable text on my page, but Google sees that there’s a link out to Wikipedia. That would almost certainly affect search results in the same way that links now affect search results as a vote or passing credibility.
So Schema.org, visit it. If you’re a web developer and you’re interested in SEO, it’s a must have. You must learn this stuff if you want to stay on the cutting edge. Here at Globe Runner, of course, we’re staying on the cutting edge for our clients, and we’re excited to start integrating this in. It was announced this morning and I look forward to talking to you again soon.

This is very common these days. There are lots of hackers that want to insert unwanted links into your website.  This guide will provide you solutions to neutralize the situation.

WordPress itself can be properly secured when taking into account the appropriate standards and procedures. Spending a little time and proactive steps will allow you to overcome any issues that may arise from an intrusion into your wordpress blog or wordpress site.

How do you detect if your website has been intruded upon?

1. Utilize TAC:  This plugin will allow you to detect if your theme has been hacked or altered with malicious links
2. Review Source: Look over your website in code view. See if they’ve comprimised any links.

What are some common causes of any security intrusion:

• Simple Passwords
• Plugins that expose security risks
• Non-secure File Transfers

How do you avoid being hacked again?

There are some simple and low cost proactive steps to make your website become more difficult from being hacked. A handful of these may be obvious steps:

Passwords

1. Change passwords often
2. Utilize a password generator (See Links below).
3. Make sure your password is more than 14 characters long and utilizes capital letters, integers or numerals and various symbols.

Backup your WordPress site

1. Backup your WordPress site and WordPress database frequently
2. Install a wordpress plugin to backup your website
3. Store backups on dropbox
4. SCM: Utilize Git or SVN and deploy your files using version control

Utilize Secure Entry

1. Transfer files utilizing SFTP or SCP.
2. Login using HTTPs
3. Force SSL when exchanging passwords

Restrict Access

1. Set restrictive permissions in areas of possible intrusions. Especially for your wp-config file. If your wp-config file is exposed; it contains your database password.
2. Setup htaccess password for your wp-content folder
3. Store database dumps in a folder inaccessible to the web and spiders
4. Set up a wordpress salt for your password. This will allow only users with the particular salt entry to your wordpress site.
5. Limit access to your mysql database. Limit external access to your database if you can.

Finally

1. Update WordPress: Keep your WordPress core updated. There may be important security releases that will avoid you future headaches!

What if my wordpress blog has already been hacked?

Most likely the intruder or the hacker has probably added malicious links to your website.

This may mean removing the code that has been altered.

1. Recover as much data from your WordPress theme as you can. If you have a backup restore it from a safe point.
2. Backup the malicious theme or site: Doesn’t hurt to be able to have something to compare your changes with.
3. If you cannot you must manually remove code in your theme and database
4. Reinstall WordPress: The core of WordPress may have been altered or changed. Doesn’t hurt to upgrade and get the latest version of WordPress. There may have been a security release that will save you future headaches.

Resources

1. GRC Password Generator – Secure password auto generator. The page itself is also secured via https !
2. Random Phrase Generator – If you require remembering your password i recommend using this tool. I would recommend using numerals and different case to increase your password complexity
3. WordPress Documentation on Security
4. WordPress File Monitor Plugin

Update: Thanks Jon Hoff for the tips

My Personal Story

I hadn’t planned on applying for an internship this summer and instead was going to wait until Spring 2012, but I found an amazing opportunity through my university to join the team at Globe Runner SEO. The description of the job sounded exactly like what I wanted to do for my career path, so I updated my resume and sent in an application. After applying for the Internet Marketing/Web internship, I was asked to come in for an interview and technical assessment. It’s hard to express in words how much I was simultaneously excited and scared about this potential new job. When the interview process was over, I was soon offered the position and able to start a week later.

I have never been exposed to Git, the open source, distributed version control system used for source code management. On day one, some might say I was thrown into the Git inferno. Fortunately, I had the help of an advanced Git user and amazing instructor, Chris Lee. He was able to show me the basic commands of Git, and what those commands are used for. At the beginning of the learning experience I was very intimidated by the usage and syntax of Git, but then started to better understand as the processes and uses became more clear.

Step 1: Find your terminal

The first step was to find and utilize a program that I didn’t even know existed on my computer, Terminal. Terminal uses a command line interface to let users interact with the computer, and Git can be run using Terminal.

Step 2: Create an SSH Key

Before accessing Git through Terminal, I had to create a SSH Key that allows for the identification of source code changes and also creates a secure communication channel between my machine and others. After telling Git who I am by using the command git config, I was ready for the next steps.

After setting up my SSH Key and telling Git who I am, the next step was to start using and learning the processes of Git. This was the part where I struggled the most as a new user because there are many commands to learn. There were a few commands that I was using very often, so I will point them out because of their important roles.

Step 3: Create a repository

The command git init will create a repository at the current local directory, and git status will tell me information about the working copy. Using git add will allow for the addition of new files to the staging area, where files are held before they are eventually committed using the command git commit. If I don’t feel comfortable with what is in the staging area and don’t want to commit those files, I can use git reset to clear the staging area. To view changes that were made, the command git log will show me the history of commits.

Step 4/5: Stage your Changes and Commit with Git

Finally, after navigating to the appropriate directory, creating a repository, adding files to the staging area, committing those files to the repository, and checking the status on the working copy, I can now push the changes to a remote repository. I first need to tell Git about the remote repository using the command git remote add origin <remoteURL>. When Git knows where my remote repository is located, I can now push my changed files to that repository using git push origin <branchname>. Now, my files should be located on the remote repository where they can be accessed by other developers if using a central server model.

Overall

As you can see, learning Git takes time, patience, and hard work. I am still extremely new to Git, but I’m very excited to become fluent in the use of it and discover new ways to use it. I’m sure my time at Globe Runner SEO will have me proficient in the use of Git in short time.