Skip to main content

А вие преминахте ли към HTTPS?

Малко предистория

От края на миналата (2016г.) и началото на тази година (2017г.) една тема все по-често циркулира в средите на уеб мастърите и професионално заетите в областта на Интернет и електронната търговия, а именно – отдавна очакваното преминаване от HTTP към HTTPS протокола и съпътстващите го евентуални проблеми и предизвикателства. И докато за професионалистите в областта, това е както очаквана, така и желана трансформация, за обикновенния потребител и собственик на уеб сайт подобна информация е все едно написана на китайски. В следващите няколко реда ще се опитам, да обесня тази трансформация на достъпен език, лишен от технически термини и загадъчни съкращения на английски, като целта ми е тази статия да достигне най-вече до максимален брой собственици на уеб сайтове, защото това ще са хората директно засегнати от настъпващите промени, и касаят пряко техните уеб сайтове.

HTTP vs. HTTPS

Преди да се впусна в детайли, първо бих искал да обесня с няколко думи какво е HTTP и HTTPSHTTP (или Hypertext Transfer Protocol) е мрежов протокол за пренос на данни в Интернет, който се наложи като стандарт от края на 90-те години на ХХвек, та до ден днешен. Най-общо казано чрез http ние общуваме със сайта на който сме, посредством любимия ни уеб браузър. Това „общуване“ може да се изразява от просто въвеждане на потребителско име/парола, попълване на анкета или форма за обратна връзка, за да стигнем до попълване на данни за банкова сметка, дебитна/кредитна карта при така любимото ни онлайн пазаруване. Тук идва и проблемът – при този обмен на (сенсетивни) данни, съществува риска нашата информация, да стане достояние на недобронамерени трети страни, които чрез вграждане на зловреден код могат да получат достъп до цялата ни лична информация. Гадно, нали? Добрата новина е, че „белите“ магьосници е Нета са повече и по-добри от „черните“ и благодарение на труда на хиляди софтуерни инжинери, стигнахме до следвашия етап на еволюцията на HTTP, а именно HTTP(S)ecurity. HTTPS представлява добрия стар протокол, но на стероиди 😀 При него връзката между потребителя и сайта се криптира (и по този начин става нечетима за гадовете) посредством специален сертификат за сигурност (SSLSecure Sockets Layer), който „шифрова“ цялата информация изпращана от потребителя към уеб сайта и по този начин я прави недостъпна за трети страни.

Реалността

По този начин обменът на информация под HTTPS е много по-сигурен от HTTP и не случайно е на път да се превърне в стандарт. Два от основните уеб браузъри Google Chrome и Mozilla FireFox, са декларирали подкрепа за https и тенденцията е до края на годината, буквално да принудят (да това е точната дума!) собствениците на сайтове, особено тези които имат log in форми и/или се занимават с онлайн търговия, да преминат към новия стандарт. Може би, се чудите как точно биха ви накарали да направите тази промяна?! Много лесно – просто ще „облъчат“ вашите посетители/клиенти, че посещават незащитен сайт и ще ги накарат да се замислят, дали да си оставят данните при вас, показвайки им предупреждения в червен цвят, което неминуемо ще се отрази на конверсиите на сайта.

Решението?

Решението неминуемо ще бъде преминаване към HTTPS, съобраявайки се с тенденциите и стандартите налагани от Google и Mozzila. Общо взето, колкото по-бързо вземете това решение, толкова по-безболезнено ще бъде за вашия сайт/бизнес. Повечете хостинг компании предлагат инсталирането на такъв сертификат, срещу годишна такса от около 200лв., но има и по-евтини алтернативи, които обаче изискват определени технически познания. Важно е, да се отбележи, че освен инсталирането на SSL сертификата, е нужно да се направят и ред допълнителни модификации, за да се осигури правилното функциониране на сайта и избягване на допълнителни грешки (Mixed content warning, 301 redirection, GA, etc), но за това ще пиша в отделна статия, тъй като излизаме леко от темата.

Цената:

Ако държите на вашия сайт, искате или не, ще трябва много скоро да преминете към https (ако не сте го направили вече), за да сте в крак с тенденциите в Интернет. Повечето хостинг платформи предлагат тази услуга, срещу годишни такси за SSL сертификат. Такси, които в някой случаи варират повече от колкото хостинга и домейна заедно! За справка – годишната такса при СуперХостинг е 179лв за Comodo SSL, а при Хост.бг 145 за Quick SSL (GeoTrust). Аз ви предлагам фиксирана и еднократна такса за инсталация на сертификата БЕЗ ГОДИШНИ такси и абонаменти!

– Свържете се за индивидуална оферта –

Използвайте полето за коментар по-долу или попълнете формата за обратна връзка

Изображения: formsite.com & security.googleblog.com

Медота изключен: PayPal не поддържа валутата на вашия магазин.

Статията съдържа информация, която не е релевантна към последните ъптейти на WooCommerce!

 

На скоро познат ме запита – „Как мога да добавя PayPal като опция за плащане на сайта ми. Когато се опитам да активирам опцията от настройките на WooCommerce, ми дава следното съобщение: Медота изключен: PayPal не поддържа валутата на вашия магазин.“

Моят познат не е единствения който ме е питал този въпрос, та за това реших да споделя как лесно да решите този проблем, поне докато PayPal не вкарат българския лев в системата им (което по мое мнение няма да стане този век).

За целта е нужно да добавите следния код във functions.php файл.

Voalá! Това беше всичко приятели!

Навигирайте отново до настройките на WooCommerce и селектирайте отново PayPal опцията в менюто „Поръчка“. Ако всичко е ОК, би трябвало да видите нещо подобно:

WooCommerce-paypal

И така с още няколко клика на мишката, и вече сте готови да отворите магазина!
Успех и ако имате въпроси, ще се радвам да помогна.

How Facebook Helps Shady Advertisers Pollute the Internet

Player label

“They go out and find the morons for me.”

It was a Davos for digital hucksters. One day last June, scammers from around the world gathered for a conference at a renovated 19th century train station in Berlin. All the most popular hustles were there: miracle diet pills, instant muscle builders, brain boosters, male enhancers. The “You Won an iPhone” companies had display booths, and the “Your Computer May Be Infected” folks sent salesmen. Russia was represented by the promoters of a black-mask face peel, and Canada made a showing with bot-infested dating sites.

They’d come to mingle with thousands of affiliate marketers—middlemen who buy online ad space in bulk, run their campaigns, and earn commissions for each sale they generate. Affiliates promote some legitimate businesses, such as Amazon.com Inc. and EBay Inc., but they’re also behind many of the shady and misleading ads that pollute Facebook, Instagram, Twitter, and the rest of the internet.

The top affiliates—virtually all of them young men—assemble a few times a year to learn the latest schemes and trade tips about gaming the rules set by social networks and search platforms. They think of themselves as kin to the surfers-slash-bank-robbers of the 1991 movie Point Break, just more materialistic, jetting from nightclub to Lamborghini race while staying a step ahead of the authorities. One San Diego crew took in $179 million before getting busted last year by the Federal Trade Commission for violating three laws governing online conduct.

The Berlin conference was hosted by an online forum called Stack That Money, but a newcomer could be forgiven for wondering if it was somehow sponsored by Facebook Inc. Saleswomen from the company held court onstage, introducing speakers and moderating panel discussions. After the show, Facebook representatives flew to Ibiza on a plane rented by Stack That Money to party with some of the top affiliates.

It was hard to believe that Facebook would cozy up to disreputable advertisers in mid-2017 as it was under intense scrutiny from lawmakers and the media over revelations that Russian trolls had used the platform to influence the 2016 presidential election. Officially, the Berlin conference was for aboveboard marketing, but the attendees I spoke to dropped that pretense after the mildest questioning. Some even walked around wearing hats that said “farmin’,” promoting a service that sells fake Facebook accounts.

Granted anonymity, affiliates were happy to detail their tricks. They told me that Facebook had revolutionized scamming. The company built tools with its trove of user data that made it the go-to platform for big brands. Affiliates hijacked them. Facebook’s targeting algorithm is so powerful, they said, they don’t need to identify suckers themselves—Facebook does it automatically. And they boasted that Russia’s dezinformatsiya agents were using tactics their community had pioneered.

When I asked who was at the heart of this game, someone who could explain how the pieces fit together, the affiliates kept nominating the same person. He was a Pole who’d started out as an affiliate himself, they said, before creating a software program called Voluum—an indispensable tool they all use to track their campaigns, defeat the ad networks’ token defenses, and make their fortunes. His name was Robert Gryn.

Gryn strutted into Station Berlin like a celebrity, wearing a trim gray suit, a shiny gold watch, and gold-rimmed mirrored sunglasses. He was trailed by a personal videographer, and men he didn’t recognize ran up to him for bro hugs.

Only a few years ago, Gryn was just another user posting on Stack That Money. Now, at 31, he’s one of the wealthiest men in Poland, with a net worth estimated by Forbes at $180 million. On Instagram, he posts pictures of himself flying on private jets, spearfishing, flexing his abs, and thinking deep thoughts. Last year he posed for the cover of Puls Biznesu, a Polish financial newspaper, with his face, neck, and ears painted gold. Gryn’s prominent cheekbones, toned biceps and forearms, perfectly gelled pompadour, and practiced smile lend him a resemblance to his favorite movie character: Patrick Bateman, the murderous investment banker played by Christian Bale in American Psycho.

“I’m Robert Gryn, and when I’m not playing games or trying to build billion-dollar startups, I like to live life to the fullest,” he tells the camera in the trailer for his vlog, drinking from a mug that says “I’M A F–ING UNICORN.”

When I introduced myself in Berlin, Gryn suggested we decamp to a nearby bar, saying he was tired of getting so much attention. His online bravado was just an act, he said; in person, he preferred to affect a humble naiveté, as if he couldn’t believe where luck had taken him. He told me that having money taught him that materialism is unfulfilling. “Life is like the most beautiful game,” he said, sipping a beer in the sun, speaking in unaccented English he’d learned in international schools. “Money is just the high score.”

Gryn estimated that users of his tracking software place $400 million worth of ads a year on Facebook and an additional $1.3 billion elsewhere. (He later showed me reports that roughly support those figures.) It’s not just affiliates who think Gryn is at the pinnacle of the industry. In June, just before the conference, Facebook’s newly installed executive in charge of fighting shady ads, Rob Leathern, had invited him to the company’s London office to explain the latest affiliate tricks.

The basic process isn’t complicated. For example: A maker of bogus diet pills wants to sell them for $100 a month and doesn’t care how it’s done. The pill vendor approaches a broker, called an affiliate network, and offers to pay a $60 commission per sign-up. The network spreads the word to affiliates, who design ads and pay to place them on Facebook and other places in hopes of earning the commissions. The affiliate takes a risk, paying to run ads without knowing if they’ll work, but if even a small percentage of the people who see them become buyers, the profits can be huge.

Affiliates once had to guess what kind of person might fall for their unsophisticated cons, targeting ads by age, geography, or interests. Now Facebook does that work for them. The social network tracks who clicks on the ad and who buys the pills, then starts targeting others whom its algorithm thinks are likely to buy. Affiliates describe watching their ad campaigns lose money for a few days as Facebook gathers data through trial and error, then seeing the sales take off exponentially. “They go out and find the morons for me,” I was told by an affiliate who sells deceptively priced skin-care creams with fake endorsements from Chelsea Clinton.

Facebook has recently put more resources into weeding out scams. But for years, even as the company’s total ad revenue reached into the billions, it assigned few engineers to the matter. Ben Dowling, one of only three such employees when he was hired in 2012, says Facebook was focused on checking whether ads followed policies about things such as the percentage of text and images, and not on catching people with bad intentions. “They definitely didn’t want them, that was totally clear,” Dowling says, but “they weren’t particularly effective at stopping them.” (He left Facebook in 2014.) The company hired a few dozen reviewers in Austin and Hyderabad, India, to look over ads that users or algorithms had flagged as questionable and ban accounts that broke the rules. But affiliates evaded them using a subterfuge they call “cloaking.” It was easy, especially if you were running Voluum.

Gryn’s software allows affiliates to tailor the content they deliver according to a number of factors, including the location or IP address associated with a user. The feature is useful for ad targeting—for example, showing Spanish speakers a message in their native language. But it’s also a simple matter to identify the addresses of Facebook’s ad reviewers and program campaigns to show them, and only them, harmless content.

Those who were caught and banned found that this was only a minor setback—they just opened new Facebook accounts under different names. Some affiliates would buy clean profiles from “farmers,” spending as much as $1,000 per. Others would rent accounts from strangers or cut deals with underhanded advertising agencies to find other solutions.

Affiliates say Facebook has sent mixed signals over the years. Their accounts would get banned, but company salespeople would also come to their meetups and parties and encourage them to buy more ads. Two former Facebook employees who worked in the Toronto sales office said it was common knowledge there that some of their best clients were affiliates who used deception. Still, the sources said, salespeople were instructed to push them to spend more, and the rep who handled the dirtiest accounts had a quota of tens of millions of dollars per quarter. (He left Facebook last year.)

“We are deeply committed to enforcement against malicious advertisers and protection of people’s data,” David Fischer, Facebook’s vice president for business and marketing partnerships, said in a statement. “We require all employees to follow our code of conduct and act in the best interest of both people and advertisers on Facebook.” In February 2017, the company hired Leathern, a 43-year-old South African ad startup founder, who’d drawn attention for writing a series of online posts about what he described as “subprime ads.” His work for Facebook has progressed amid unceasing criticism that the social network is helping create a society in which little can be trusted—a fever that reached a new intensity with the disclosure that a Trump-connected consulting firm, Cambridge Analytica, acquired the data of 50 million users without their permission.

In a sense, affiliate scammers are much like Cambridge Analytica. Because Facebook is so effective at vacuuming up people and information about them, anyone who lacks scruples and knows how to access the system can begin to wreak havoc or earn money at astonishing scale.

Leathern’s job is to police a $40 billion-a-year ad platform that malicious players are constantly trying to subvert. In August he announced Facebook would start using artificial intelligence to disrupt cloaking. He declined to describe the process, saying he didn’t want to give tips to bad actors, but he said the practice has been reduced by two-thirds. Facebook is adding 1,000 people to its ad review team, and it’s banned ads for cryptocurrencies, which were popular with affiliates. Leathern has started engaging with journalists on Twitter—and occasionally he reaches out to individual users. “Thanks for letting us know about this,” he wrote to William Shatner on March 21, after the actor complained about an ad that claimed he was dead. (“I’m not planning on dying,” the actor replied to Leathern, “so please continue to block those kinds of ads.”)

The majority of deceptive advertisers are caught in the review process, Leathern said, and Facebook has no interest in profiting from those who slip through. “We are working hard to get these people off the platform,” he told me. “Winter is coming. They may get away with it for a while, but the party’s not going to last.”

I caught up with Gryn a second time in January in Santa Monica, Calif. He’d moved from Krakow to a $20,000-a-month beachfront apartment two months earlier and had already embraced the lifestyle, with a collection of flat-brimmed hats, a bike for riding on the boardwalk, and a ketogenic diet that forbade eating outside a single four-hour window.

Gryn employs 88 programmers nine time zones away in Poland, and when I visited, he’d fulfilled his management responsibilities by 9 a.m. as usual. He told me he’d decided to share his story because he felt a duty to show young Poles that they can succeed as entrepreneurs without relying on government graft. “This postcommunist mentality—I’m shattering that, unshackling part of our society from that trapped thinking,” he said. “It’s insane, really. It scares me sometimes.”

He said he’d grown up among Poland’s elite, the son of a mobile phone executive, with a beach home in Spain and a cabin outside Warsaw where his grandmother taught him to forage for mushrooms. But he was depressed as a child, and when he was older, he had to be taught how to smile. Nothing he learned in school excited him. He paid even less attention in college and graduate school, though he obtained a master’s in marketing. His real education came on the internet.

Around 2009, Gryn moved to Prague to intern at a company called Elephant Orchestra, which specialized in selling ads on misspelled domain names such as facebok.com. Elephant Orchestra was so profitable that its founder, then about 26, produced a feature-length movie about typo domains and got Václav Havel, the former Czech president and anti-communist hero, to make a cameo. The company’s customers were affiliates. Soon, Gryn discovered Stack That Money and other forums where they posted about their millions. The posters were people like Ryan Eagle, who’d made a fortune as a teenager in suburban Chicago and acquired a chrome-covered Bentley, iced-out watches, a diamond-encrusted chain-mail mask—and a nasty drug habit. (“When you’re a real douche bag,” says Eagle, now 30 and sober, “the douchey things find you.”) Other posters came from the world of professional pickup artists—people such as Mark van Stratum, who wrote a memoir called Drug of Choice: The Inspiring True Story of the One-Armed Criminal Who Mastered Love and Made Millions.

Once Gryn realized that what the affiliates were doing wasn’t hard, the possibilities excited him so much that he sometimes couldn’t sleep. “It’s like striking gold,” he said. “You almost panic.”

Gryn found the affiliates at a moment when they were discovering social media. They’d begun applying tricks on Facebook that had been invented by email spammers, who’d in turn borrowed the tactics of fax spammers in the 1980s and ’90s. New forms of media have always been hijacked by misleading advertising: 19th century American newspapers were funded in part by dishonest patent medicine ads. Within days of Abraham Lincoln’s inauguration, the makers of Bellingham’s Onguent were placing ads claiming the president had used their product to grow his trendy whiskers.

Fake personal endorsements and news reports are still the most effective tricks. Dr. Oz, the Shark Tank judges, and Fixer Upper co-host Joanna Gaines are among the most popular imprimaturs, though Eagle favored Kim Kardashian. After she complained to TMZ that her name was being used without permission to promote colon cleanses, he bragged on an affiliate forum in 2009 that the ads were his.

The latest products include Enhance Mind IQ—or Elon’s Smart Pills, as they were called in a recent Facebook ad falsely suggesting that the Tesla Inc. co-founder had talked them up on 60 Minutes. The checkout page says the pills are free, though buyers must still submit a credit card number. Online reviews are full of victims complaining of the subsequent recurring $89-a-month charges. Other affiliates use deceptive pictures to sell junky watches, dresses, and flashlights from Chinese factories. Shark Tank’s Barbara Corcoran says she frequently fields complaints from people duped by skin-cream ads on Facebook featuring her face. Two of her own sisters fell for the scam, Corcoran told me. “I send out so many cease-and-desist letters,” she said. “But it’s very hard to track down the source.”

Around 2011, Gryn started running a “Free iPhone” offer in Poland. It was his breakthrough. The lottery had real winners, but entrants had to agree to be billed a few zlotys ($1 or so) a week. It brought in more money than Gryn was earning at Elephant Orchestra, and he quit to do affiliate marketing full time. In 2012, when he was 24, his revenue hit $1 million. The next year his broker flew him to Las Vegas to celebrate with other affiliates. Photos show a nerdy-looking Gryn smiling next to an Oompa Loompa his hosts had hired for a candy-themed party. The group paid thousands of dollars at a club to chug vodka from light-up multiliter bottles as big as beagles. Gryn felt awkward and shy, but he knew he wanted more. “It was absolute decadence,” he said. “I just wanted to ride that wave.”

Also in 2013, Gryn bought out Codewise, a web development company in Krakow he’d hired to create a campaign-tracking tool. The software had modest but supremely useful features, such as tracking campaigns on multiple platforms—Facebook, Google, Twitter, etc.—in one place and altering content based on a user’s country. Gryn branded it Voluum and began offering it to other affiliates. On the first day of sales, 1,000 customers signed up, at a minimum of $99 a month. (Gryn said some clients now pay thousands of dollars a year, based on usage.) He and his employees donned suits for the occasion, spraying Champagne around the office as the Twista song Sunshine played on repeat.

Voluum is intended for ad tracking and targeting, not trickery, Gryn said. Dishonest affiliates could apply other software to the same ends. “We’re not in the business of policing the internet,” he said. “If we ban people from Voluum, they’d be doing the same thing somewhere else the next day. At least we consolidate the bad apples in one place.”

As affiliate marketing boomed, so did Codewise. Revenue reached $39 million in 2015, according to a statement Gryn provided me. Google banned Voluum over cloaking concerns, but that didn’t derail the company—Facebook was where the action was. In January 2016, Gryn met with American investment bankers who told him they could get $200 million or more for Codewise, which he owns outright. He turned them down.

Gryn hired a public-relations agency and developed an online persona in keeping with his newfound wealth. For his 30th birthday, he rented a villa in Ibiza, hired 15 “pool girls” as entertainment, and flew in eight of his friends on a private jet for a weeklong party that cost $250,000. When he got back to Poland, he rented a giant billboard in Krakow and put up an ad with his face and the message “Don’t Be a Corporate Slave. Join Poland’s Fastest Growing Startup.” In February 2017, Forbes put him on the cover of its Polish edition, naming him the country’s 57th-richest man. He started getting recognized around Krakow and receiving fan mail from young people inspired by his story.

Inevitably, there was a backlash. One writer for a technology website called Spider’s Web said Gryn’s company facilitated fraud and scams. Others made fun of his Instagram account and its evident lack of self-awareness. Gryn fired his PR shop and called his critics “gypsies” in an online post. He posted a slogan on his office wall: “If nobody is criticizing you, you’re not doing anything extraordinary.”

Still, the disapproval hurt. He went to Phuket, Thailand, cleared his mind by training as a Muay Thai fighter for three weeks, and decided to move to California, where he’d fit in better. “In Poland, people can’t stomach success,” he said. “They associate it with stealing or thievery.”

Sitting on a bench on the Santa Monica pier after a ride on the Ferris wheel, I asked Gryn about the ethics of affiliate marketing. He said he’d stopped doing it himself, because he started to get handwritten complaints from people who’d entered his iPhone sweepstakes and couldn’t figure out how to cancel the recurring charges. “I had no idea that this is what it’s doing to people,” he said. “As an affiliate marketer, you just look at the numbers. You don’t see the faces. You don’t see the people that you’re potentially financially hurting. It just sucks money out of the poorest people.”

But affiliates, he continued, aren’t really to blame. They’re just taking advantage of opportunities created by large corporations in a capitalistic system built around persuading people to buy things they don’t need. Gryn said he daydreams about changing directions and doing something positive for the world. He’s considering investing in sustainable fish farming or going back to school to study mushrooms, like the ones he used to forage for with his grandmother. “Everything I do is futile,” he said, staring out at the ocean, listening to seagulls caw. “No matter how successful a company I build in this space, I am facilitating what I deeply believe is a poorly designed system.”

The moment passed quickly. “You can’t abandon the skill set that makes you successful,” he said. “You’d have to be some sort of hippie.” As we walked back along the boardwalk to his apartment, he talked about his plan to raise tens of millions of dollars for Codewise by creating a cryptocurrency. Gryn said the token will enable him to revolutionize the affiliate-marketing business, cut out other middlemen, and build a billion-dollar company. Also, there was his 32nd birthday to plan. He was thinking of going back to Ibiza.

Source: https://www.bloomberg.com/businessweek