This is Why You Need Another Backup

Submitted by John Locke on Thu, 06/21/2018 - 16:12

At 12:27pm, our alerts started firing. Multiple ones -- website down, server down, secondary monitoring -- one of our client's servers had completely disappeared off the Internet.

I confirmed that I could not reach the site, or the server, and then looked up our AWS credentials for that customer. They didn't work. Then I tried to call two different contacts at our client, leaving messages, and sent an email asking if they needed assistance restoring their AWS account.

The answer came back 20 minutes later, after our client checked their email account associated with AWS.

Freelock Named Top Web Developer in Seattle on Clutch & The Manifest!

Submitted by Don Dill on Tue, 06/12/2018 - 13:30

Here at Freelock, we are all in for web development. Truly, what could be more important for our clients in today's climate than a properly functioning and safe website? We are pleased to share that our expertise has paid off as we have been identified again an industry leader by Clutch. 

What is SEO?

SEO stands for Search Engine Optimization. According to Moz.com, SEO is “a marketing discipline focused on growing visibility in organic (non-paid) search engine results”. They continue that it includes the “technical and creative elements required to improve rankings, drive traffic, and increase awareness in search engines.”

The technical components that they are referring to are ensuring that pages are linked correctly, pictures and pages have been “tagged” with information about them, and the site can be found and understood by Search Engines like Google and Bing.

Paid Search or SEO: Which to Use?

A common question of companies wanting to drive traffic to their website is “Should we advertise in the search engines? Or conduct a search engine optimization project? Neither? Both?” Based on 20 years of helping people with marketing in search engines, here are a few thoughts.

Drupalgeddon2: Should I worry about critical security updates?

Submitted by John Locke on Thu, 03/29/2018 - 18:00

No, you should not. You should let us worry about them, and go back to your business.

Seriously, we're getting questions from all kinds of people about whether this matters. I'm a bit surprised that there is any question about that. Would you be concerned if your top salesperson was selling for somebody else? If your cashiers were jotting down credit card numbers when they charged a card? If your office became a well-known spot for illicit drug or gun dealers? If your office had a bunch of scammers squatting and running a pyramid scheme? If your confidential client information could be revealed as easily as using a bic pen on an old Kryptonite lock?

Bic Pen vs Kryptonite Lock

We've seen some variation of every single one of those scenarios. And all of them are possible with a remote code execution flaw in a web application, like yesterday's Drupal security vulnerability.

And yet people still

Freelock has been a rock-solid, indispensable partner. They’re fast, efficient, patient—and they get the job done on time and to spec.

Robert Luhn, Director of Communications
National Center for Science Education

Meltdown notes

Submitted by John Locke on Mon, 01/15/2018 - 22:32

The Meltdown vulnerability leaked out into public news a full week before patches were available for many distributions. When patches did become available, sometimes the patch caused further trouble.

Our vulnerable systems

Before patches were available, we downloaded the Proof-of-Concept exploit code, compiled and tested it on a variety of the environments we work in, or have in production.

Here's a quick run-down of what we found affected, and what was not:

The Spectre of a Meltdown

Submitted by John Locke on Thu, 01/11/2018 - 17:31

The news was supposed to come out Tuesday, but it leaked early. Last week we learned about three variations of a new class of attacks on modern computing, before many vendors could release a patch -- and we come to find out that the root cause may be entirely unpatchable, and can only be fixed by buying new computers.

Today Microsoft released a patch -- which they had to quickly pull when they discovered that it crashed computers with AMD chips.

Essentially Spectre and Meltdown demonstrate a new way of attacking your smartphone, your laptop, your company's web server, your desktop, maybe even your tv and refrigerator.

Meltdown - Animated
Meltdown in Action

This all sounds dreadfully scary. And it is... but don't panic! Instead, read on to learn how this might affect you, your website, and what you can do to prevent bad things from getting worse.