Help with the Blue Dream Studios site…
I want to again thank you all for offering to help me fix my hacked company site.
I really am…WOW….thanks.
I took your advice and grabbed the index.htm file from a cached google page and tweaked it to get the main page back up.
http://www.bluedreamstudios.com/
Here’s what I need to do next.
1) The top banner is supposed to be random. There’s a javascript but I don’t know if it’s working.
2) The news…I’d like to get rid of it. Simply put some images of the books up. Or maybe just a single NEWS ITEM or something HOT to add there.
3) I will be taking off Animation and Toys. I guess I should change Publishing to Books…or Properties?
4) I need to add several pages. But want to use this SAME template. Just swap out there welcome part and news and throw in an image and text. there should be a page for each of these items…
So that’s like 15 pages or so.
5) I want to make sure there’s no more ways for people to hack in. Like last time. If anyone has experience with that to check the code…I’d appreciate that.
6) I’ll work on getting the About Us and Store links working again.
7) I really like the javascript that allows you to click on Generic propecia 5mg the image and it expands (Like in my store) so i want to use that throughout.
8) Any other advice would be great.
That’s it. I thought maybe posting it here would help and I’ll try to do all of this on my own…with your advice.
I don’t want to take up too much of your time. But I appreciate anything you can do.
Thanks again
Scott
I’ll write my comments in the same format for clarity.
For right now, if you can, try putting up some sort of message saying “we had some issues so please excuse half our site being down” just so you don’t get a flood of “did you know your site is broken?” e-mails [or have upset and confused visitors, which is not very professional].
1) The javascript was not working [for me]. There are a million variations of the code online so it’s very easy to reproduce.
2) You can easily only have one “hot” thing on the front page. The News section could be a separate blog page if you still want to have that information.
3) Right now only the home page appears to be up [for me]. You need to think about how you want to organize your content.
4) EASY to do. Are each of these pages “properties?” And how much content would be on each page? Do any of them have their own “sub-sites?”
5) Having as few scripts as possible is the best way to prevent hacking that I know of, other than having a secure server with proper permissions. Do you know what the permissions are for all of your pages?
(Everyone else helping: what are other security measures?)
6) Do you want the store to follow the same layout as the other pages? Because it currently is not.
7) Lightbox is a great script, especially because you can customize the look of the pop-up to be less intrusive (i.e. not bright white).
Oh, I’d also recommend a more useful error (404) page than the plain text that currently exists. Add a link back to the homepage, etc.
And make sure that the e-mail addresses are correct. The error page has “webmaster@…” and the homepage’s “contact” link is you.
Because the site’s layout is in tables, it will probably be awkward to edit and will definitely not be easy to change the design in the future. I could go on about tables and other web standards but I won’t now unless you ask. The other big part of security is validation, but since your website is static except for certain images, you shouldn’t have to worry. (Please correct me if I’m wrong on this, I don’t want to give out any invisible security blankets.)
Good luck if you decide to work on it on your own, otherwise shoot me (or one of the other volunteers) an e-mail.
7) Another Java script apart from the Lightbox is Highslide. Personally I like it a bit more, since it’s a bit more refined.
The javascript doesn’t seem to be working, but as TM said, javascript image change things are a dime a dozen.
How do you edit your sites? Dreamweaver? Some sort of “Visual” editor? What’s your level of web-creation expertise?
So far as making an un-hackable site, do you know how it was hacked before? Did they get in through a page somehow, or did they get in through the back-end somewhere? Knowing that is probably the easiest way to figure out how to stop it again.
I’d just make a “template” of how you want your pages to look, and then change the text in the box (or wherever) based on the page. In Dreamweaver you can actually save items as “template files” which have modifyable fields and so on. Personally I just save an empty file and change whatever I need.
I agree (again) with TM: Table-based layouts make me cry (and are not standards-compliant besides). If it’s been a while since you updated that site, you might want to consider using this disaster as an excuse to update the look anyway: Kill two birds with one stone.
Security-wise, stop people from being able to view directory indexes by setting adequate permissions, also keep up on current exploits for whatever scripting you have enabled by reading around, and take whatever steps are required. If you have any forms that are going into databases, make sure you “sanitize” your input before you actually store it. This will stop people from hijacking your SQL statements and putting their own malicious code in there instead.
Good luck, and (parrotting TM yet again), feel free to shoot me an e-mail if you need any help. 🙂
Thanks guys.
I do not do the coding. So I have no software I’ve used before.
Lightbox is the javascript used in our store…and should be the same we used throughout the blue dream site.
Each page I need to add is on those sell sheets. So there’s be one page for Ed’s Terrestrials, one for Dreamland, etc.
I want to use the same template for the current main page. ANd just swap out art and text throughout.
Keep it simple.
🙂
If you have a text editor, you can edit HTML. Your webhost may also offer direct editing of your pages. If not, you will also need some sort of FTP program (or web FTP access) to upload the files.
Check out: http://dandyyethandy.com/bds/index.html for a mock-up of the site and let me know what you think. Right now only the index and about pages are up.
@sythiar: HighSlide looks really neat, but takes up more space. It all depends on what you need. Thanks for pointing it out though. Also, Lightbox is free for all usage.
@Scott: Do you know how your site was hacked into/what they did? And will you still have a store, just somewhere else on the web? Are you interested in having a blog (for news, etc.)?
I made a full mock-up at that URL from my last comment. Insomnia sure is motivational.
Feel better and Happy Holidays!
Are you in need of a web designer? I’m a June grad of the The Art Institute of York-Pennsylvania with an Associate Degree in Specialized Technology in Web Design.
Thanks ThreadMangler…
The mockup looks great.
I’d like to see where I can go from there.
The site had code in it that let hackers in. That’s all I know.
That’s why I took it all down.
Kai…
Thank you. The site is already designed. I’m just needing some advice on how to put it back up safely and how to add new pages.
Thank you though.
For adding new pages, the easiest way is probably to just make a copy of the template each time you want to make a new page and then edit it. There are plenty of free “what you see is what you get” editors which make very ugly code, but which do actually work. http://www.dynamic-html-editor.com/en/home.asp (I have no idea how good this one is)
Just google “WYSIWYG web editor” or “WYSIWYG html editor”. You’ll never have to mess with code, unless you decide you want to (it’s much better if you do, but you have much more important things to do. Like comic!). Alternately you can try to find some fan to manage all that for you. I’m sure you’d get plenty of takers for it :p
So far as safety goes, it’s going to be really hard to know for sure whether or not you’ve fixed something without knowing what it was that had the leak in the first place. If you can’t figure it out, just don’t put any “dynamic” content at all, and you should be pretty safe.
As a general rule, don’t do anything in Javascript that you can do some other way.
sorry the site got hacked – who would do that to someone as nice as you?
awesome about cheaper international shipping. i looked at the shipping and it was $50 to israel – making a purchase totally unfeasible. i’ve thought about shipping it to a stateside relative and i may still do that but not everyone has that option and outlandish shipping fees definitely do prevent non-u.s. residents from purchasing all the time.
Thanks spas/michelle…
We calculated shipping based on the weight and size…according to the US postal service.
I wish it was cheaper…but we’re not big enough to get a discount from the post office.
There’s only a few days left until the store goes away. So if you still want the deal…you’ll have to act soon.
Now I’m curious about what the hell is going on.
*Cocks head to side, Naruto-style*
I sent this page to my friends as well