Practicing for Summer wedding photo booths

Photographer, Would You Like Your Website Hacked?

How would you like a bride to see this when she goes to your website?

In the past month, I've seen this happen to at least 5 photography websites (some customers, some friends). I'm expecting to see more.

Most were some variant of the Gumblar exploit. There seems to be a rising trend of websites being exploited in this manner ... javascript and PHP code is inserted into .html, .js and PHP files in various parts of the site. I'm not even sure what the code is trying to do, but I know it makes calls to remote sites and:

  • Slows down the site to a crawl
  • Often gets blacklisted by Google/some browsers

In the sites I've seen infected, affected files were in:

  • Wordpress blogs
  • PHP-based proofing scripts
  • Slideshow files
  • An old version of our (BIG Folio) admin (our new admin doesn't get affected)

How does this happen?

According to the research I've done, it appears these exploits all happen due to compromised FTP passwords on the photographer's PC. In other words, you have what is called malware on your computer. When you FTP files to your website, that malware sniffs your FTP password (FTP passwords are passed over the Internet unencrypted) and your site is then compromised. These exploits have nothing to do with the hosting server being hacked.

What should you do?

  • Run your site through unmaskparasites and see if it finds anything suspicious
  • Scan your PC for malware. I don't work on a Windows machine, but Malwarebytes appears to be a good choice. Maybe someone else can recommend another.
  • If you had/have malware on your computer, change your FTP password (from a different computer)
  • Use your work computer for work. Don't let your children on it.
  • If you use a standard web host like GoDaddy, BlueHost, 1and1, MediaTemple, etc. use SFTP (secure FTP) to transfer files. Most hosts offer it.
  • Or just buy a Mac

If your site is already infected and blacklisted by Google, you'll need to add your site to Google's Webmaster Tools, clean the infected files and request Google perform a site review.

I've cleaned 2 sites myself and submitted them to Google. I'll post more information once I hear back.

67 Days until Opening Day

My Dev Goals for 2009: 5 Projects in 5 Weeks

I'm not really a resolution guy–January 1st is no different than May 1st to me–but I did decide to set some goals for 2009. On the development/hacking side of things, this is especially important as I'm plagued with ideas constantly popping into my head. I figure setting some goals and limits will help me implement ideas while keeping me on task when it comes to BIG Folio, NextProof, and the things that actually pay the bills.

So, here's what I came up with:

Start and finish at least 5 (but no more than 7) projects/applications in 2009 with the following guidelines:

  • Each project should be completed in roughly 1 week's time (or the equivalent if broken up)
  • All projects should have an obvious business model, although it doesn't have to be implemented right away and it doesn't have to be implemented by me (could be subscription, advertising, or services)
  • At least 1 project should be an open-source application
  • At least 1 project should be an iPhone application
  • At least 4 projects should matter (hey, I gotta leave room for something silly)

That's it. And, I'm going to cheat a little and call project 1 already done. Over the holidays I conceived of a coupon builder application. Since I finished it in 2009, I say it qualifies.

ClipClipSave: Create and share printable coupons for your business

Type: Rails app
Business model: subscription-based (all accounts are free at the moment)

So ... 1 down, 4 to go. I'll keep you updated on my progress throughout the year. If you have any ideas, let me know.

Preview from this weekend's shoot
Baby "R"
More stuff that's different

One Week with Facebook Ads: My Experience

We've been experimenting with various marketing techniques and promotions at NextProof, our online sales app for photographers. NextProof has experienced tremendous growth since we launched it in June, but we've only focused on the wedding market so far. NextProof is quite a flexible app, so we think it can work well for a lot of photographers.

One market we're trying to break into is the part-time/semi-professional market. For those with the skills, photography can be a decent source of additional income–be it portraits, low-budget weddings, concerts, or fine-art prints. That can be especially attractive in this economy. I'm a firm believer that the best online businesses are ones that help other people make money.

Frankly, I have no idea how to reach this market. Flickr doesn't take ads as far as I can tell. I decided to try Facebook instead. Facebook has a ton of pictures (yes, I know most of them are of frat parties) and several photography-related groups.

I started an ad campaign on Facebook last week. Nothing monumental in scope–just an experiment for now.

Here's the ad: 

Campaign details

  • Daily budget: $25
  • Ad type: per click (not per impression)
  • Keywords: "photography", "photographer", "wedding photography", "black & white photography"


Let me preface the rest of this post by saying–my experience in advertising consists of a marketing 101 class in college and watching Mad Men. I don't know what "good" click-through or conversion rates are.

Over the course of 8 days, our ad had 218,460 impressions. It was clicked on 543 times. That's a CTR of 0.25%. This data comes from Facebook's ad manager.

Now on to actual goal conversions in Google Analytics. One strange thing I noticed was that Google Analytics showed less traffic from facebook.com than Facebook reported in clicks. The difference was about 10 clicks per day.

Anyway, according to Google Analytic, we had 5 sign-ups from Facebook over the last 8 days. At $25 per day, that means we spent $200 to get 5 new customers–or $40 per new customer.


I have to admit, I wouldn't call the results "outstanding", but I'm not disappointed either. Like I said, a lot of this is new to me so I have little to compare it to. We have advertised on individual blogs and forums in the past. The results from my Facebook experiment were on par with most and better than some. Spending $40 to land a new customer is worth it in my opinion–although, I should probably dig deeper to see why type of accounts were created and how many keep their account beyond the 30 day trial.


I'm going to modify the Facebook campaign and keep it going through the end of the year. I may make some tweaks to the actual ad and I'm definitely going to create a landing page specifically for this campaign (not having it was probably a mistake). I'll report back on this in January.


Why Do Photographers Pay for WordPress Themes?

Blog-based websites seem to be a hot trend with photographers right now. And, being that WordPress is the most popular hosted blogging platform at the moment, creating premium WordPress themes and selling them to photographers may seem like an obvious niche. But is it a viable business? I'm doubtful. Here's why.

You see, WordPress is licensed under the GPL (or GNU General Public License). Additionally, any work that is derived from it (i.e. shares code with) automatically falls under the GPL license as well. That applies to just about every theme and plugin available for WordPress.

"So what?" you ask. Well, to answer that, you must understand that the GPL is an open-source, copyleft, free software license. And that means once you own GPL software, you can alter it, give it away to other people, or even sell it yourself. To understand this more, read the GPL FAQ regarding reselling and redistributing GPL software.

Yes, that's correct–once you purchase a WordPress theme, you can give it away to all your friends. You can even sell it for half or double what you paid for it.

Don't get me wrong, I have no problem with people selling WordPress themes, and I'm all for people getting paid for their efforts. I just don't see it as a viable, long-term business. You're basically banking on (a) most photographers remaining ignorant about GPL or (b) most photographers being gracious enough not to share or resell your theme (even though they have every right to). In my opinion, option a may work short-term, but option b definitely won't. That's not to mention all the very nice, free WordPress themes that exist.


XDRTB (Jame Nachtwey)

Cameras at the Olympics

Trying to Step it Up a Notch

Just finished editing my most recent assignment for True North magazine. I photographed Dylan at Gossamer Knitting for a featured article on boys and men who knit.

I'll be honest, my last shoot (which is on the current cover) was a little boring for my taste. For this shoot, I wanted to break out a little. I wanted to create images for my client and myself. So I took my time, I had fun, and I tried to create something cool. I thought about photographs that I love (like Platon's, for instance) when composing.

So far, I'm pleased with the results.

Gossamer has this great red wall and sofa. I put Dylan on the sofa and lit him with a Profoto head and 3x2 softbox (usually straight-on or pretty close). I hit the back wall with a 2nd Profoto head and grid spot. Most of the images that made my edit were shot witha 35mm/1.4 (although the one of the left was shot with a 85mm).

Edit: had to pull the image for now. Sorry. I'll post it again when the mag hits newsstands.

Santa came early this year (where's the CF card go?)