Peace Out

Standard

All the topics that I listed in Breaking CriticalMAS – A Return to Blogging? are now finished. In that post, I said:

I’d like to wrap up some of the topics I left open. At that point I may or may not continue blogging.

What I discovered since November is that I don’t enjoy blogging anymore. I’m more interested in other projects that don’t fit well under the CriticalMAS domain. Before I needed a break and a long hiatus. Now it is time to end this blog.

Unlike my mentors that let their domains become digital graveyards, I am committed to keeping this site alive and accessible.

Thank you all for reading and commenting. I will be keeping comments open till Friday. I still have a newsletter in case there is a future announcement related to topics covered on this blog.

My portal page will always have a list of my other web projects.

Peace out!

The Digital Graveyard of My Health and Fitness Mentors

Standard

One of the projects I’ve been doing recently is going back into the archives and finding posts that have inaccurate information and making 2017 updates where appropriate. I also run a broken link checker, which alerts me when anything I’ve linked to is no longer available. This allows me to either link to an archived version of the article on The Wayback Machine or find an alternate source.

Anyway, I found this entire exercise to be interesting. A lot of the sites that I received value from have disappeared or have revamped their websites in ways to make my old links broken. In this post, I am going to walk you through the digital graveyard of some of these mentors and at the same time I’m going to share some webmaster wisdom on what they did wrong.

Art De Vany

My revamped health journey all began with De Vany. I went from a pesco-vegetarian to a Paleo/WAPF diet very shortly after reading his work in late 2007. Fasting and cold exposure were both ideas I received from his website.

His original site was at arthurdevany.com then later he moved to artdevanyonline.com. Both sites are now dead. Then he moved to Facebook. Then he changed pages on Facebook. If you want an example on how to annoy your fans, here you go. Just keep moving around without leaving a forwarding address. The super popular T-Nation still links to his original site from a 2005 article.

2006 screenshot

The Ray Peat Bloggers

I guess I was fortune to stumble onto the Ray Peat nutritional argument when I did, because most of the resources I used to further my knowledge are gone.

Danny Roddy had a blog with several excellent articles. It was taken down. It came back online later with new articles, but the old ones are gone. I’m not to judge if that was the right or wrong decision, but I will say that if you remove a link, the correct HTTP code to return is 404. Redirecting users to the homepage is not correct. It makes the person who linked to your article look like an idiot, because the page doesn’t match the link.

On my coffee site INeedCoffee I had to remove some articles years ago. I setup a custom 404 page telling them that the article they expected to find no longer exists on the site followed by a invitation to view other site content.

ArkOfWellness was another site that had well written articles on Ray Peat topics. Gone. Domain appears to be hijacked now.

Andrew Kim had some great articles. Gone. Domain appears to be hijacked now.

Although not a Ray Peat blogger, Matt Stone of 180DegreeHealth was my introduction to Ray Peat. A few years ago, he shutdown the blog, only to bring it back several months (or was it longer?) later. Only when he returned he changed all the article URLs. The site went from dated URLs to dateless URLs, which I think is a bad thing to do with health blogs. But because a redirection plugin was never setup, all legacy inbound links to the site are broken. I updated all my inbound links to 180D. Most bloggers won’t.

BodyByScience.net

I knew it was just a matter of time before this site would be hacked. You NEVER publicly display the version of WordPress your site is using, because if a security flaw is discovered later and you don’t update, you are telling bad people “come hack me”. The BBS site displayed their outdated insecure version of WordPress in their footer.

I would have brought it to their attention, but the 2 times I tried to comment on the site, my comments were blocked without reason.

Well last year they got hacked. The site is still down. Through back channels I learned the site wasn’t backed up. I tried to pass a message via mutual friends that archive.org had copies of all the content, but as expected I never heard anything back.

From what I gather they believe that “Chinese hackers” now have their domain so Dr. McGuff has started a new website. But a quick check on WHOIS shows his co-author John Little is still the registrar. They are walking away from almost a decade a content and countless inbound links to their domain. Tragic.

2011 Screenshot of BBS website. This screenshot was taken today. The content is not lost. 

Anthony Colpo

Anthony’s site is still online, but all the content I linked to as supporting references to my blog posts are now behind a pay wall – so I had to remove those links. There is nothing wrong with wanting to get paid. I hope it works well for him, as he is a great researcher. However, when I go to the membership page I don’t see a signup form or pricing info. Website also lacks HTTPS certificate, which is bad practice for membership sites.

Enough For Now and Lessons

I just realized I’m already at 900 words and I can still think of more mentors that are now in the digital graveyard. Let me summarize the lessons we can learn.

  1. When registering your domain, always register multiple years. For my main sites I try and keep my registration out 7-10 years. I review my registrations annually. Nobody is going to catch me napping and take one of my domains away.
  2. If you decide to shutdown a website, leave up a page telling your readers why and any forwarding information they need.
  3. If you change domains, make sure the links from the old domain are forwarded to the new one.
  4. When you remove content, the server should return a 404 Page Not Found. Create a Custom 404 Page to guide readers back to the home page or recommended reading. Don’t use 301 Redirects to send broken links to the home page.
  5. If you change the location of your articles, use a redirection plugin so all legacy inbound links still resolve.
  6. Follow the latest security standards for whatever blogging tool you use and keep your version, plugins and themes up to date.

With the exception of De Vany’s 1st domain, ArkofWellness and Andrew Kim, I think every issue I brought up can still be resolved. Restoring BBS would be a fair amount of work, but doable. I received a lot of valuable information from these mentors, so if they read this site, this is me sharing my expertise with you. And if not, these tips are valuable for the next generation of bloggers.

Now Are You Going to Setup a Password Manager?

Standard

A few years ago I put out a series of posts on how to drastically increase your online security. Then I assembled that list on my Online Security page.

The reason I wrote the series of posts is because I found the conversation about online security was too technical for the very people than needed to hear the message the most. My goal was to go deep into the topic, explain the problem simply and then provide steps one needed to take to be more secure.

And although I’m guessing a few of my blog readers followed those posts and now have a more secure online presence, I know of no one that I personally inspired to take action. Maybe I didn’t make it simple enough? Maybe people just don’t care that their online accounts are secure? Or that people are just too lazy until the moment they are hacked and forced to take action? I don’t know.

Yesterday a brand new security flaw was discovered called Cloudbleed. The article Cloudbleed bug: Everything you need to know provides a good overview.

Services like Cloudflare help move information entered on those “https” websites between users and servers securely. What happened here is some of that secure information was unexpectedly saved when it should not have been. And to make matters worse, some of the saved secure information was cached by search engines like Google, Bing and Yahoo.

So it could have been a username or a password, a photo or frames of a video as well as behind-the-scenes things like server information and security protocols. At this time, there is no indication that any of this information was accessed by hackers.

The article advises that users change their passwords for sites that use Cloudflare and they link to a tool that will help you discover if they do.

I think their advice is solid for me, but not enough for the vast majority of internet users.

Why?

Because I use a Password Manager and I know with 100% certainty that I do not reuse a single password. Most users that I know reuse passwords all the time. So if the hackers got your FitBit, Medium or OKCupid password – remember we don’t know what they hacked at this time – what is to stop them from attempting to use that password to access other sites not affected by Cloudbleed? Nothing.

Let us imagine a hypothetical situation where hackers collected hundreds of thousands of usernames and passwords to various sites on the internet. They could use this data to attempt to access your email and/or financial sites on the hopes you use the same username and password.

So not only do you need to change the passwords of sites affected by Cloudbleed, but any sites that share the same username/password combo as a site affected by Cloudbleed.

I use LastPass and it warns me if I attempt to reuse a password. So I don’t. If one site gets compromised, the damage is contained. People have told me it is too much work to update all their passwords. Whatever. I think the piece of mind is worth it. Yes there is a time commitment to set everything up, but afterwards it is much easier to manage and respond to new security threats.

 

Medium and Blog Housekeeping

Standard

I mentioned on my Breaking CriticalMAS post that I wanted to go back into my archives and delete posts I deemed worthless. I’ve since gotten a better idea. I’m going to add the best posts to the site Medium. I like a lot of the aspects of Medium. Blog posts look clean and it is easy to follow accounts you wish to read. It builds on the strength of Twitter and is more approachable to many than RSS.

[email protected]

I am aware that Medium is having business issues, so I won’t be foolish enough to shutdown this blog or provide too much original content (if any). I also won’t publish anything to Medium that hasn’t already been available here for at least week – unless it is super topical.

So if you do Medium, follow me if you like. My plan is to gradually post 1-3 of my better posts per week until I’m caught up.

Web Hosting

This blog is back on Siteground with my other sites including INeedCoffee. They are simply the best. I can not recommend them enough if you are running a site that uses WordPress. I’ve been on SO MANY hosts going back to 1998. Siteground is faster and more stable than anything else I’ve ever tried. Their customer service is the best as well and they have numerous tutorials guiding you on how to do anything technical.

If you need web host, click the banner before you order and I’ll get a sweet referral. 🙂

SiteGround

HTTPS – Running Secure

All my websites are HTTPS now. Google told everyone in 2015 it was giving secure sites higher ranking in the search results. And if you have a secured site on Siteground they will deliver your site via the new faster HTTP/2 protocol. Siteground also offers the free Let’s Encypt SSL certificates too.

It is a no brainer to make your website secure. You are going to see plain old HTTP sites fall further and further down the search rankings, just like the sites that were never made mobile and tablet friendly.

AMP for Mobile Speed

This blog is now AMP validated as well. This means if you access any blog post from Google Search on mobile, you will get a page delivered from the Google server closest to your location. The page will often load in 1/4 of a second. Smoking fast! See below.

My page loads in 1/4 of second. The second search result takes 4 seconds and is not mobile friendly. My blog post gets the higher ranking. #winning

CDN Fail

The one area of blog housekeeping I wasn’t successful with was setting up a CDN to deliver images from Amazon’s CloudFront. I tried numerous times to get it working, but Amazon would only index 80% of the images. The rest would display as broken links. I tried their support forums and got no response. I reached out to a local developer that does classes on this topic and he couldn’t figure it out either.

At some point I will revisit this challenge as I want to deliver all my images and static files from Cloud servers across North America and Europe. Have you figured out that I’m obsessed with fast page draws? What most sites haven’t figured out yet is that often the fastest site wins.

Right now I’m happy with my North American speed, but I really want to shave off a second or two in Europe. Mostly for my coffee site, but this site would benefit as well.

Broken Links

I’m astonished how few websites run Broken Link Checkers. Even though this site is more than a decade old you will rarely find broken links. The reason is I have broken link checkers testing both internal and external links all the time. Then I review the report and fix the links. Sometimes I can find an alternate site to the same story. Other times there might be an archived copy on Archive.org.

Anyway during my 11 month hiatus, over 100 broken links piled up. They have all been repaired.

In Summary

Other bloggers may focus more on making a pretty layout or hammering promotion on social media, but my approach has been to deliver a website on a stable server smoking fast that looks great on all devices. I’m already getting over a thousand visitors a day just on the AMP version of my coffee site.

If you use the awesome tips in this blog post to make your site smoking fast, feel free to put a few dollars in my tip jar. 🙂

UPDATE March 16, 2017: My Medium experiment turned out to be a flop. I added just 2 new followers and my content was barely viewed. At least I know now.

Removing the Email Masking and Amazon Link Building Tools

Standard

Way back in 2002 I created a tool to mask your email address from bots that scan webpages and sell them to SPAMMERS. Then in 2009, I was unhappy with the Amazon Affiliate tools provided by Amazon, so I built my own replacement that helped me access larger images of products.

Since then I have maintained these two tools across a few web hosts. Today I’m pulling the plug on both.

Last year I had to juggle some websites around. I moved this blog away from Siteground and over to WinHost and I moved a site I was hosting on WinHost over to Siteground. I did it to save a few bucks and to have a home for the legacy code that ran those two tools. Both tools run on ASP.NET which requires a Microsoft server. So the upside was I could maintain my legacy tools, the downside is WinHost runs WordPress slower than Siteground. During my hiatus that didn’t bother me. Now it does.

My choices were to redevelop one or both of the tools into PHP or shut them down. I decided to shut them down, because after a little bit of research, I determined neither tool was needed anymore.

There are other sites now that offer online tools to mask your email address. Both in ASCII code or as an Image.

Search ASCII Image Mask (Google Search)

Text to Image Online Generator (Google Search)

As for an API that finds the large product images on Amazon, I discovered a hack today that anyone can do. By changing a letter inside the long image url, you can access different sizes of the images. Here is a tutorial titled Abusing Amazon images that explains all.

So this post will serve as a message on the Internet for those that may have bookmarked those tools only to find them gone. Sorry it had to be done.