Anyway, over from the dark side of hosting to normality. Got some new toys to play with that I don't understand yet.
First - chmod. I can now use filezilla to set permissions for folders and files. I know what wordpress needs to be set at, and that's done. However, what should I be setting the rest of the files and folders to? Currently index.htm is set to 664 by default. Public and group perrmissions read only, and owner (I assume that's me) is set to read and write.
Most of the folders are set to 755 - the same, but execute allowed in owner, group and public.
Any guidance on what permissions should be set at? I've had an <iframe> attack and am keen to try and restric this happening again. The only folder that has scripts running is the wordpress one.
Second new toy - htaccess. I guess I need to do some reading on this one, but is there a generic starter one anyone can reccomend?
The first digit is 'user' and only the user should have write access to anything for security in this sort of situation, the last two digits are 'group' and 'other' and should almost certainly be the same for your setup.
So you should have 644 for plain files (no execute permissions, read for everyone, write only for the user) and 755 for directories (execute permission for everyone is needed to reach files in the directory, read for everyone, write only for the user).
You can also do this symbolically, eg on the command line:
chmod go-xw file
to take away write permissions for anyone other than user.
Ah - my typo. The default is 644 and it's working fine.
Nothing bad has happened yet regarding Google getting funny about changing the index from .asp to .htm. I've got a 301 redirect in place, and am still getting the usual referrals - maybe more as the site is now loading faster. Guess when they come to spider the site again that might change, but here's hoping it doesn't screw thing up too much.
I personally also redirect index.whatever to the root of the site, (and, or directory), so that there is no duplicate content issues between the root of the site, or directory, and the index page(s), nor split pr between the two because of some sites linking to the index page, and some linking to the root, or directory (s) of the site.
(redirecting to, or from www, or non-www should also be considered, decide which one to use, one or the other, and redirect it to forever happen. On existing sites that have always used www, i force www, for new sites I create now I have dropped the www altogether)
Yup. I've been running standalone XML, and been pinging Google for a while now. I also use Google webmaster tools to verify the site and site map. Standalone I think is a good utility as it also produces a ror version for Yahoo, and a plain text version if required.
Traffic is holding up, as are Madsense earnings. I think it was worth making the move. Odd how it takes one of these nasties to galvanise me into action. Should have done it last time though. Thanks for all the help and support from all - couldn't have done it otherwise!