Archives for Charles Hays

Who is Googhydr-20? It is Amazon!


You probably found this blog from the keyword “googhydr” either ending in -20 or -21. This is an Amazon affiliate id and the -20 indicates US market while -21 is the UK market. I too did some digging into this after researching keywords and SERP listings and Adwords listings and kept seeing this Amazon affiliate linking directly to Amazon. Being an Amazon affiliate myself it was easy to figure out the affiliate ID googhydr-20 from the link.

The name is kind of ominous if where googhydr is pronounced “Goog Hider” which could mean “Google Hider”, so is the associate trying to hide from Google?

I had been contimplating doing the same thing this googhydr character is doing for some time. It seems so easy why isn’t everyone doing it? I started digging around and reading up on Amazon’s rules.

This Adwords listing by the Amazon affiliate was doing exactly what is prohibited to Amazon associates to do. In the Amazon Associates Operating Agreement, section 7:

“Prohibited Paid Search Placement” means an advertisement that you purchased through bidding on keywords, search terms, or other identifiers (including Proprietary Terms) or other participation in keyword auctions. “Proprietary Term” means keywords, search terms, or other identifiers that include the word “amazon,” “Kindle,” “myhabit,” or “Javari,” or any other trademark of Amazon or its affiliates ( see a non-exhaustive list of our trademarks), or variations or misspellings of any of those words (e.g., “ammazon,” “amaozn,” “kindel,” and “javary”). “Redirecting Link” means a link that sends users indirectly to the Amazon Site via an intermediate site or webpage and without requiring the user to click on a link or take some other affirmative action on that intermediate site or webpage. “Search Engine” means Google, Yahoo, Bing, or any other search engine, portal, sponsored advertising service, or other search or referral service, or any site that participates in any of their respective networks.

If you do a search for Googhydr you might come across this website where the page claims to be an independent reseller who has tagged every possible Google search keyword. The page then goes onto to convince you to click on a link to buy a book on “Exploiting Amazon and Adwords PPC”. I can tell you that the claim on the website is false and a scam.

Googhydr is Amazon itself running its own Adwords campaigns.

It might not seem fair that Amazon who already dominates the organic search engine keywords for just about every product also adds itself to Adwords keywords and the same time won’t allow any of its associates to do the same. Well as they say life isn’t fair.

A few related discussions about this topic include


Htaccess Password Protect Word Press Admin


Brute force cracking Word Press sites admin login is rampant because it is very easy. Word Press doesn’t offer much in the way of the way helping protect your blog from such attacks. Brute force attacks is a method of trying to guess the password either systematically or via a common password dictionary list. One of the easiest ways to deter would be hackers is to add a second layer of password authentication to the administration area. Using htaccess rules to require a password before getting to the WP admin password will thwart nearly all the cracking bots out there. Just be sure you make the new htaccess login user name and password completely different than the one used by WP.

To setup htaccess password protection for your Word Press admin area you need to first create a text document called .htpasswd. You can either use the linux shell htpasswd or the online tool HTPasswd Generator. Once you created this file save it or upload it to your wp-admin directory. (It needs to have the period at the front of the file—the period hides the file from view and access by direct web access on the linux apache system.)

Next you need to edit or create a file in your wp-admin directory called .htaccess it should look like so:

ErrorDocument 401 "Access Denied"
ErrorDocument 403 "Access Denied"
AuthName "AuthorizedAccess"
AuthUserFile "/home/your site/www/wp-admin/.htpasswd"
AuthType Basic
require valid-user

In the line that starts with AuthUserFile you will need to adjust the path to where the .htpasswd file you will create will be located. In most linux servers the path needs to be absolute, so it has to start at /home or whatever the start is, you can’t just go AuthUserFile .htpasswd (On most servers.)

Now when you access your wp-admin page you will get an htaccess popup window requiring the user name and password from the .htpasswd file first before you can access the Word Press login.


Automating Google Webmaster Tools Validation (PHP)

In order to claim a website with Google’s Webmaster Tools you have to verify you own it or at least have access to the file system. In order to do so Google gives you a file to upload to the domains www directory that is something like this: google9bf026a5h34deb40d.html

It use to be this file was completely empty returning nothing. However this probably lead to some hacking abuse where certain websites were not properly configured to give an empty page for 404 (page not found.) It doesn’t take a genius to figure out such a website could easily be registered as your own as the call to the validation file would return exact what Google was looking for.

The validation file is no longer empty and Google won’t accept empty files they now must contain the following:

google-site-verification: google9bf026a5h34deb40d.html

You can see the name of the file is now part of the content which helps eliminate validation hijacking

Suppose you got a lot of Google friends or accounts that you want to allow to have access to your site with their webmaster tools. Updating their individual validation files can be a chore so here is an easy way to automate the process.

This example is not exact you will need to adjust it to your own needs.

First add a line in your .htaccess file.

RewriteRule ^google ([a-zA-Z0-9]+).html$ googlevalidateme.php?v=$1 [NC,L]

Then have a PHP program called googlevalidateme.php

echo 'google-site-verification: google'.$_REQUEST[v].'.html';

So with this example any calles to googlexxxx.html will pass xxxx as a value to googlevalidateme.php which will return the correct validation code for Google.

Of course you might want to improve this with a call to a master list someplace so that unwanted others can’t validate and spy on you.

Science Jobs for Young Earth Creationists


There is a huge demand for qualified and skilled scientists in the fields of biochemists and genetics for the purpose of helping find cures to diseases and viruses. This research over the last 100 years has saved millions if not billions of humans and improved our quality of health and life beyond measure. These fields today require the understanding of real world biology and genetics and evolution is an important tool. Evolution requires time to work as well, time for genetic patterns to emerge and mutate and change again. Young Earth Creationists (YEC) hamper the search for truth and actually harm the rest of mankind because they do not do unbiased research (if any real research at all), this fallacy is that they must find data to support their beliefs and not objectively see what the evidence is saying.

There is no real practical scientific jobs for a YEC who supports such beliefs over evolution.

If you want scientists to help find cures for HIV and cancer they must use the scientific method and tools that work. YEC cannot help cure these or any disease with such beliefs because a “belief” is not a tool to help solve such problems.

This is why not only the entire debate for teaching Creationism along with Evolution in science classes is idiotic, it is also disingenuous and DANGEROUS! The less our next generation knows about REAL SCIENCE the greater chance you or a loved one will die from something that might otherwise have been curable.

Today even the Vatican supports the theory of evolution. Only biblical literalists want to fight the only working tools we have to help create future cures because if evolution is true then the literal word of the bible cannot be.

So when the next Pandemic hits do we want a generation of scientists to help cure it and save us all or a bunch of believers who feel good that the bible is the infallible word of God?

Auto Post to Posthaven via Email with Images (PHP)


If you were a fan of Posterous before it was bought out by Twitter, you will want to check out Posthaven. It is as of right now still in development but looks very promising, offering a more flexible and simpler blogging solution then with other sites.  This new blogging service isn’t free, but at $5 a month for 10 sub domain blogs it is extremely affordable.  If you want to lock in a wealth of prime real-estate on this upcoming service in the way of subdomain keywords, now is the time.

Like previous articles I have covered on automating blog posting, Posthaven works the same and is really easy. However there is a huge advantage using Posthaven over the other blog services and that is your automated posts can also get put right into Facebook page and Twitter account at the same time. That is cool! And it leverages your blogs big time.

Start by creating a Posthaven account, then login and create one or more site accounts.

To post to your account via email you need to then click on “Edit Your Account” and goto the section “Post by Email Settings”. Click on the checkbox next to ”Use a secret word to verify my emails” and enter a secret password in the field.

You also need to make sure that the email address you will be sending from is listed at the top where it says “Your Email Addresses”

For example lets say your secret is “mysecret” and your site account sub domain is “abc”. Then the email address you will send to post a new blog article would be

The subject of the email will be the articles title. The body will be the article itself and if you want to include an image then you send it with the email as an attachment. Lets see some code in PHP that will email post to your Posthaven blog. (We will use PHPMAILER found here.)



$posthaven_account = "YOUR SUBDOMAIN NAME"; //Example "abc" NOT ""
$posthaven_secret = "YOUR POSTHAVEN SECRET";

$gmail_your_name = "YOUR NAME";
$gmail_username = "YOUR GMAIL USERNAME";
$gmail_password = "YOUR GMAIL PASSWORD";
$gmail_email = "YOUR GMAIL EMAIL ADDRESS";
$image_location = 'C:/YOUR LOCATION OF IMAGE/IMAGE.JPG';
$email_title = "EMAIL TITLE";
$email_body = "EMAIL BODY"; // (LIMITED) HTML OK

$mail = new PHPMailer();
$mail->SMTPAuth = true;
$mail->SMTPSecure = "ssl";
$mail->Host = "";
$mail->Port = 465;
$mail->Username = $gmail_username;
$mail->Password = $gmail_password;
$fromname = $gmail_your_name;

$posthaven_blog_email = 'post.'.$posthaven_secret.'@'.$posthaven_account.'';

$To = trim($posthaven_blog_email,"\r\n");

$mail->From = $gmail_email;
$mail->FromName = $fromname;
$mail->Subject = $email_title;
$mail->Body = $email_body;
$mail->set('X-Priority', '3'); //Priority 1 = High, 3 = Normal, 5 = low

If you then want to capture the URL of the newly posted posthaven blog you can use the following code:

$posthaven_url = 'http://'.$posthaven_account.'';
sleep(30); // give it enough time to receive and update the post (30 seconds)
$bf = file_get_contents(rtrim($posthaven_url,'/').'/posts.atom');
list($t,$b1) = explode("<updated>",$bf,2);
list($t,$b2) = explode('href="',$b1,2);
list($b3,$t) = explode('"',$b2,2);
$bb = trim(str_replace('"','',$b3));
$bb = trim(str_replace("'",'',$bb));
$bb = trim(str_replace(' ','',$bb));
echo '<li>LINK IS='.$bb;

Block All Internet Traffic from China/Russia/Nigeria on your Linux Server


Every server connected to the internet is constantly being attacked with brute force login attempts, software exploits, email spam and more. It is the dirty laundry all IT Security or anyone who manages there own website or server knows. With the extent of dark nets, bot nets and abused proxies this activity runs amuck and pretty much unstoppable. The only thing we can really do is just make sure our software is up to date and passwords are strong.
Just the other day one of my reseller hosting servers located in Germany was terminated and another at Hostgator was suspended. I was told that my wordpress sites were using too much CPU from the server. Looking at the log snapshot sent by Hostgator indicated that all of the usage came from the wp-admin.php script. Was this not obvious to them? Someone was trying to brute force open the wordpress admin. After informing Hostgator that this was not my fault unless they didn’t think I should be using the most popular blog software they were quick to start blocking IP’s coming in. The German company (who I won’t name) said this was beyond the capabilities and that there policy was to take down any website that gets attacked…WTF? Ya I will be ditching them next week, any policy like that which penalizes the website owner for an attack rather than simply blocking the attacking IP’s is bullshit.
The German company told me as did Hostgator the attacks were all coming from China and the Ukraine. On my own managed dedicated boxes I have blocked these countries completely, along with other countries that have originated some scams and abuse such as Nigeria.
If you manage a linux server this is really easy here is how you can block nearly all the traffic from specific countries from coming into your website.
First get and install Advanced Policy Firewall (APF)
Once you have that installed and configured properly according to the documentation login to your shell and find the apf folder usually at /etc/apf and edit the file deny_hosts.rules
Goto and find the APF IP lists for the desired countries. Here is some quick links
South America:
Other Exploited Networks:

Copy and paste these lists into the deny_hosts.rules and then save it.
Restart APF by #apf –r
That’s it.
If you find other IP’s in your logs that you want to block you can just edit this file and add those IP numbers to the list and restart APF.
These lists of IP’s change regularly so you may want to once a month go back and update it.
If your internet business for your server has nothing to do with these other countries there is no real reason not to block them using this or another method.


If you have an IP# and your not sure what country it is originating from, use to look it up.



Sharing FireFox Multiple User Profiles On Dropbox

DropBox FireFox

I love that FireFox allows you to have multiple user accounts using the user profile manager. If I need to login to one of my social profiles like Twitter as several different users at once I start up multiple instances of FireFox each using different profiles. However I find myself sometimes needing to login to these different profiles on different computers so the solution is to share their profiles through DropBox.

If you haven’t setup a shortcut for launching FireFox User Profiles see: Shortcut to Quick Launch FireFox User Profiles

Begin by closing all instances of FireFox.

Step 1 (Copy FireFox Folder to DropBox)

FireFox data and profiles are located in windows at: C:\Users\Master\AppData\Roaming\Mozilla\FireFox

Start by copying this directory to your DropBox. In this example we will assume your DropBox is at C:\DropBox

When done copying the folder should be in DropBox like so: C:\DropBox\FireFox

Step 2 (Rename original FireFox folder)

Rename your FireFox directory at C:\Users\Master\AppData\Roaming\Mozilla\FireFox to C:\Users\Master\AppData\Roaming\Mozilla\FireFoxBackup

Step 3 (Create Junction Link to DropBox location of FireFox)

1. If you aren’t already login to Windows 7 or 8 as an administrator
2. Goto \Windows\System32 and locate cmd.exe, right click on it and select “Run as administrator”
3. Change Directory to your FireFox location:
a. cd C:\Users\Master\AppData\Roaming\Mozilla
4. Make a junction for FireFox to the copied location on DropBox
a. Mklink /J FireFox C:\DropBox\Firefox


Run FireFox as normal and make sure it works. Is it slow? Of course what did you expect.

Deploy across other computers

Now repeat Step 3 on all the other computers you want to share the same FF profiles with. You will need to install FireFox on those computers if you haven’t done so already.

Shortcut to Quick Launch FireFox User Profiles


FireFox allows you to run multiple User Profiles at once. This is great if you want to be logged into many social profile accounts at once, such as Google, Facebook, Twitter you name it. Usually you can only be logged into each of these one time. Even if you ran your browser multiple times you would still be forced to logout as one profile and login as another.
However with FireFox you can have multiple instances of the browser open and logged into different accounts all at the same time. By default this is not really the case, you need to create a shortcut to your FireFox program with some special tags to allow it to behave like this.
1. Start by right clicking on your windows desktop and selecting > New > Shortcut
2. When it asks you to type in the location of the item enter:

"C:\Mozilla Firefox\firefox.exe" -profilemanager -no-remote

Assuming FireFox is installed in C:\Mozilla FireFox (change as necessary.)
3. Hit next and enter the name for the shortcut.
Now launch FF and it should come up with the Choose User Profile manager.

XAMPP shared on DropBox and LAN

One DropBox to Rule them All


DropBox and other Cloud drive services are great for getting your files from one machine to another. However the caveat is that every time you update a file in your DropBox then it has to resync with all the other computers across the Internet. This can be kind of slow and eats up your bandwidth.

If you have multiple computers on a local network you can share the DropBox folder.

Setup one computer to have your DropBox folder. Then share that folder on your network. In windows you can map the drive or even setup a full junction point.

Say you install a program directly to your DropBox folder and it requires a specific path to run. Mapping the drive or setting up shortcuts won’t fix the problem with launching the program properly on your other computers.

1. Login to Windows 7 or 8 as an administrator on the networked computer (not the one with dropbox)
2. Goto \Windows\System32 and locate cmd.exe, right click on it and select “Run as administrator”
3. In the command window enter:

C:\> mklink /J “C:\DropBox” “\\COMPUTERNAME\DropBox”

In the above example COMPUTERNAME is the name of the computer on the network that has DropBox installed at C:\DropBox and that folder is shared.
So now there is a Junction link on your other computer that will call DropBox and treat it and any programs on it as if it was running from the same location on the other machine.

Note: Just because you created a junction link sharing your program across the network doesn’t mean it will run in every instance, you may find you still need to install it on the other computer and give it the install path of the original through the junction link you created. Also keep in mind installing like this may make you loose data on the source system location so back it up first!

Symbolic Linking Directories on Windows


It is great to finally see a real effective symbolic link implemented as a standard option in the latest Windows 7 and up. If you have experience with unix or linux systems you may already know all about symbolic links. If not, a symbolic link is a way of telling the computers operating system that a file path points to a different location. This is useful when dealing with compatibility or access problems with programs such as unchangeable or default install locations of programs that are too problematic to actually reinstall in the new location or for some reason impossible to change. This method will help standardized file path conflicts.

When you create a symbolic link the “new folder” will point to the “source folder”. This will allow you to access files in the source folder through the new folder path and the computer will not try and correct it, it will believe the files actually are located through the new folder path, but in reality they will be affecting those in the original source folder.

1. Login to Windows 7 or 8 as an administrator
2. Goto \Windows\System32 and locate cmd.exe, right click on it and select “Run as administrator”
3. In the command window you will enter the command to create the symbolic link between the two directories like so.


Now if you open your computer folders and goto C: (or whatever location you did this at) you will see the folder C:\NEWFOLDER you will also notice a little arrow in the bottom left of the icon indicating this is a symbolic link (not to be mistaken by a shortcut).

Note on shortcuts: A shortcut will resolve to the source folder unlike symbolic links which resolve directly through the path of the symbolic link. So shortcuts don’t have the ability to correct path conflicts in most instances like this method will.

Mklink /D (symbolic link) vs /J (junction)

In the above example we used /D to make a symbolic link, however it must be noted that a symbolic link for a directory only works if the new folder and source folder exist on the same partition. If you want to make a symbolic link across partitions, drives, shared network drives-then you must a junkction. Simply replace the option /D to /J in the example above.