I created a free online web form builder a while back and since it went well in search engine rankings, spammers and phishers found it and started to use it creating forms to collect email account usernames and passwords through phishing attempts. I’ve got to do something before my host closes down my site because of all the complaints and alerts from security department of the universities. They’ve got good reasons. I’m hosting all the phishing forms.

Phishers tend to use URL slugs that include words such as ‘admin’, ‘webmail’ or ‘account’ so that the form seems authoritative at first glance. After they have signed up, they will create forms with fields labeled ‘Password’ or something. So what I’m going to do is to list all such words as reserved words and prohibit the users from doing anything with them.

A function will be needed to examine a subject string against an array of reserved words that will be censored when users use them as input. Listed is a my function:

public static function isStringLegal($subjectString = '', $disallowedWords = array()) {
	$alphabetSubject = preg_replace('|[^a-zA-Z]+|', '', $subjectString);
	foreach ($disallowedWords as $disallowedWord) {
		if (stripos($alphabetSubject, $disallowedWord) !== false) {
			return false;
	return true;

The PHP function stripos() returns a numeric value if it finds $disallowedWord in $alphabetSubject, case-insensitive. If it fails to find anything, it returns false.

A sample disallowed words list:

$slugDisallowedWords = array(

The disallowed words list can only contain alphabet letters. If you need a phrase such as ‘no way’, you have to add it in the array as ‘noway’. This is to prevent illegal attempts to add any word or phrase in manners such as ‘a-d-m-i-n’ or ‘Pa_ss Word’. All the non-alphabet letters / characters are first gotten rid of and then the deprived string which contains only alphabet letters are checked against each word in the disallowed words list.

{ Comments on this entry are closed }

Best renewal promo code for non .com domains at GoDaddy

by Yang Yang on September 26, 2010

Had a bunch of .info, .net and .org to be renewed yesterday and after searching for quite a while, I was unable to find any promo source code deals better than this one:


It places a 17% discount ($6.99 .info, $7.49 .org and .net) off your cart for domain renewals. I had 17 domains to be renewed yesterday and it saved me about $25. Just thought I’d share with you in case you are going to renew some names.

Good GoDaddy promo codes that are nicely discounted are harder and harder to come by these days, especially for renewals.

{ Comments on this entry are closed }

The easy way to add a username and password pair in the .htpasswd file is to use an online password generator tool that converts the clear text password into its hash, a.k.a. the encrypted password. The problem with this approach is that you have to manually create the pair and append it to .htpasswd. Is there a way to dynamically generate encrypted passwords for .htpasswd in PHP?

According to http://httpd.apache.org/docs/2.2/misc/password_encryptions.html, we have come up with the following solution:

$pass = 'YourClearTextPasswordString';
$hash = base64_encode(sha1($pass, true));
$encoded = '{SHA}'.$hash;
echo $encoded;

And $encoded is the result we need, which would look something like:


Suppose the username is ‘manager’ and you can add the following line at the end of your .htpasswd file to make the credentials in effect:


You can also write / append this to the file by PHP but that’s not covered here.

What’s better, the SHA1 algorithm is much more advanced than DES which most of the online .htpasswd generation tool still uses to generate the hash string of the clear password for you. DES supports only 8 digits and that’s where lengthy passwords fail.

{ Comments on this entry are closed }

Depending on the web server software you use, your PHP script will be consuming significantly different amount of memory (RAM). If you are using Apache without proper optimization, the simplest request that does nothing but returns a status code will need 150kB of memory. Multiply this by 2000 visits per day and by 10 sites in a single Linux VPS box, you will have some serious OOM (Out Of Memory) problems.

However if you are using simplistic web server software such as Lighttpd, the situation will get a lot better. But you would still like some improvements to your PHP script itself. So does one first know how much memory a PHP script consumes at run time?

The answer is the memory_get_peak_usage() function. At the end of your PHP script (footer script for a PHP site, you get the idea), put this line:

echo memory_get_peak_usage();

Or you can write the data down in a text file:

file_put_contents('mu.txt', memory_get_peak_usage());

The output is in bytes. Better yet, you can record down the URL request, HTTP request type and memory usage in the mu.txt file so that you can examine it regularly to make adjustments to your server and PHP scripts:

$mu = fopen('mu.txt', 'a');
fwrite($mu, $_SERVER['REQUEST_URI'].', '.$_SERVER['REQUEST_METHOD'].', '.memory_get_peak_usage()."\n");

{ Comments on this entry are closed }

If you accepted GoDaddy’s offer of the first-year-free private registration service for your domain, you would not be so happy when you are renewing the domain for more years because you will find the private registration is bound to that domain. You can either renew the domain WITH the private registration which costs an extra $9 per year or you can remove the domain from the shopping cart. You are forced to renew it with private registration at $9 per year plus the registration fee ($10 or so) or you cannot renew it at all. Very shady.

No, they don’t have any options to exclude private registrations (Domains By Proxy) when you are renewing the domains that were registered with the free private registration for the first year. The trick is, they don’t have that option on GoDaddy.com. You will have to do it on DomainsByProxy.com.

So how to turn off private domain registrations for renewals at GoDaddy?

For every order of domain registrations with first-year-free private registration services, you will be sent an email containing the login details of DomainsByProxy.com. I found them by searching my email inbox by the phrase "domains by proxy". Chances are you can find a few messages sent from domainsbyproxy.com by the title "Welcome to Domains By Proxy".

Each of the messages is an order of private registrations for one or multiple domains. Open them one by one and look for "User Id" which is a lengthy number that you will use as Customer # or Login Name at https://www.domainsbyproxy.com.

The password is the same with that of your GoDaddy.com account.

When you are logged in, you can see the list of domains that you opted for private registrations by clicking “Domains”. Check the domains you intend to renew (or rather, all of them) and click “Continue”. Select “Yes” and click the Done button or whatever to finish the process.

Now you can get back to GoDaddy and renew your domains without being bothered to purchase additional years of private registration services.

Shame on Godaddy.

{ Comments on this entry are closed }

There are primarily 2 ways for merchants to set up an affiliate program, one is to offer coupons that are assigned to the affiliates and can be spread out. When someone uses that coupon, the merchant knows it’s a referral by that affiliate. The other is to create dedicated links with the affiliate ID in it. So when someone clicks through the affiliate link, the merchant can identify the affiliate.

For the latter, it’s sometimes tricky to make sure that your visitors or readers do click through your affiliate link rather than visiting the merchant site directly. One can easily search for the official site by business name in Google. While it is impossible to have a bullet-proof solution that makes 100% of the readers you refer click through your referral link, you can do it as much as possible.

One approach is to hide the affiliate link by a redirection in PHP. A better approach, however, is to create a clickable form button that submits a cloaked post or get request to the merchant site, as used by my WiredTree coupon site:

<form method="get" action="http://www.example.com/affiliate.php?aff=123"> <button type="submit">Activate Coupon Code</button> </form>

This way, the visitors would feel compelled to click on the button because there’s something good for them AND it’s relatively harder to find the original URL. Better yet, use the cloaked affiliate URL of your own in the action attributes.

WordPress Way

If you are posting affiliate links or coupons on your WordPress blog, try the DRP Coupon plugin, it’d also help cover up your affiliate link and force the visitor to click on the link to claim the discount.

{ Comments on this entry are closed }

MilitaryFictionBooks.com is actually an old domain, I registered it over a year ago and parked it ever since with a custom page of my own. It has been indexed in Google for 1 year. So what you are seeing now may very probably not happen for you if you just registered a fresh domain name. Don’t get your hopes too high for newly registered domains. You need to wait and be patient unless you have large amount of Internet marketing resources such as an established network of reputable sites that can link back to the new site.

So it’s not until recently that I switched Military Fiction Books to WordPress and started importing content into it by, well, virtually copying the texts and images from Amazon.

I know, but before you start judging me, let me tell you this. I may be too lazy to come up with something of my own for the sake of SEO because it’s time consuming. When you commit yourself in the chores, you are a worker, not an entrepreneur any more. You will be rewarded as a worker, instead of an online entrepreneur. It’s as simple as that.

That said, my recommendation is that either you hire someone who’s good at writing write the articles for you or you will find a way to automate the process in a time-effective manner. The results may not be as good as you want but it will surely save you a lot of time which is much more precious than some search engine rankings. You will do a lot more than you normally would if you follow this methodology.

Okay the site status part by promise in this post. For the last 17 days of August, MilitaryFictionBooks.com has been receiving traffic from various search engines (mainly Google, of course) by terms such as “military fiction books”, “military novels”, etc. The rough traffic statistics are listed below:

military fiction books site traffic stats

It’s been doing quite well and still gaining since I switched to WordPress and wrote all these posts about military fiction novels on Amazon. I posted 2 – 3 posts every 2 days for the last week or so. Built a few links from various forums (webmasters, book clubs, etc.) and on Kavoir itself in the last 2 weeks and it seems they are working. This site has clearly passed the sandbox phase because every new post brings significant traffic from Google and it’s on the steady rise. This is a typical sign of mature SEO for a site. Your page is pretty quickly indexed by Google AND it’s ranked well. But it also depends on the frequency and intervals you post.

StandingDesk.org on the other hand, is a freshly registered domain, less than a month old. But it’s already performing in SEO traffic though not much. What I did was building a few links from a few forum posts (some original and some duplicate) and Kavoir itself. I wrote all the product posts in the same day a week ago and never updated it since:

standing desk site traffic stats

But I’m sure it will steadily grow if I keep posting content to the blog. A sandbox effect is waiting for StandingDesk.org. Maybe in 1 or 2 weeks.

{ Comments on this entry are closed }

Go to Amazon.com: http://www.amazon.com

There are tens of thousands of different affiliate programs out there you can use to monetize your traffic. A few of the biggest players are ClickBank, eBay, Amazon, CJ and Google Affiliate Network. Unlike CJ and Google Affiliate Network who are simply brokers of merchants and affiliates, Amazon and eBay are independent merchants. I tried CJ with no luck at all – when I say at all, I mean it. Maybe it’s because I’m not an AdWords type of marketer. Never tried Google Affiliate Network though, but we’ll soon find out how that goes. I’ll keep you updated on what I’m doing. ClickBank has too many information products that require strong marketing skills or generous AdWords spending to get ahead. eBay doesn’t let me sign up in the first place because of my location.

I’m currently averaging around $100 bucks per month (Update: as of Mar. 2011, I’m making about $400 / month. ) via the Amazon Associate Program. It’s not much but believe it or not, I’m really enjoying it. It’s terrific products they have there and the money is easy because what I did was just a few posts on Kavoir.com that recommends good development books to my readers. They end up buying more than what I recommended, 70% of the time I’ll say. Although they started on books, Amazon is such a huge independent merchant with such a massive inventory of almost everything you can name that you need in the daily life. So they are a rather easy start for novice affiliate marketers. All right, here goes my review of the Amazon affiliate program.

What are great?

  1. amazon associate program earning statsAmazon is a globally recognized brand. And because of this, the conversion rate is pretty high when you are sending traffic to them. Chances are the visitors you refer to Amazon used to shop there or at least heard of / known them for some time. Take my earning stats of the first 10 days of August for example, over the 622 clicks I sent to them, I have an overall conversion rate of 4.66% – that’s not bad for casual, non-targeted traffic (as opposed to traffic gathered from AdWords). Roughly speaking, 1 sale was made in every 21 people who visited Amazon via my link.
  2. People are already familiar with the products at Amazon because they are all recognized brands. It just makes the sales even easier to make. People follow and trust brands. It takes tremendous time and commitment to build a brand, but once you establish it in the market, your products and services will sell themselves. With other affiliate networks, the hard part is the pre-sale. With Amazon, you don’t even have to do that at all. The only thing you need to do is to send them to the product pages at Amazon. They are already optimized to attract the maximum sales possible.
  3. Amazon has such a diversity and abundance of products you can sell. It has a huge selection of almost everything you can think of that you may want to sell online. It covers almost all the niches that you ever have the time to build. No matter what you are interested in and the topic of your website, you are certainly to find something at Amazon that fits into it. In fact, Amazon itself has inspired me to build more niche websites in the months to come. For a start, yesterday I launched Standing Desks and Military Fiction Books. Will keep you posted on how they are doing and how I’m doing them.
  4. Many people I refer to Amazon end up purchasing much more than what I recommended. They may not buy the things on the landing page (the referral link you give them to arrive at Amazon), but the Amazon Associate Program will always credit you for anything else they purchase, even on partner sites. As long as they make the purchase(s) within 24 hours of clicking your referral link, they are are going into your affiliate credits.
  5. Amazon has a rather sophisticated and usable associate / affiliate platform. I don’t need to even start counting the number of ways you can put Amazon affiliate links up on your site: product links, banners, pages (any page on Amazon can be linked and attributed to you) and widgets (product search, Carousel, deals, mp3 clips, favorites, slideshows, auto part finders, blog updates, product cloud, wish list, Omakase and so forth) in a variety of different forms. You can also create an aStore to exhibit and sell a selected set of products to a targeted group. However, the best stuff in their arsenal is the Product Advertising API by which you can have a niche site up in minutes. You can do mass queries to get any kind of information regarding a specific product or a group of similar ones, the title, price, manufacturer, brand, publisher, description, features, availability, customer reviews, you name it. I’m going to create a script to do just that, or perhaps a WordPress plug-in to do the dirty work for you.
  6. Amazon products are rarely returned and customer payments rarely refunded. In all the sales I made until now since I started the associate membership, over 400 of them in total, only 1 return happened. It goes without saying that this is a very good sign that you will be guaranteed of the reward for your referral efforts. You certainly don’t want to recommend products that are frequently returned to your visitors and readers.
  7. Amazon Associates is absolutely the best program for beginning Internet marketers. They are easy to use and easy to get started. Sign up, visit any page on Amazon.com and you can build a referral link in 10 seconds. Post the link on your website or blog and write a genuine review. You don’t have to spend an arm and a leg to get your first sale. Stuff on it are needed by many people and you have ocean-broad options. Best of all, for reasons I put forth above, they are really easy to sell, especially the books. For example, you can quickly start a books website with millions of pages by these books ISBN databases and link to Amazon sales page in this manner. These sites are not pretty but believe me, they are pulling adorable figures of monthly income via Amazon affiliate sales and Google AdSense.
  8. 5 times higher eCPM than AdSense. I can’t disclose any eCPM information of my AdSense performance as per the TOS, but I’m having 5 – 10 times the average eCPM with Amazon products (mostly books) than with Google AdSense. I’m not saying AdSense is inferior to Amazon associate program in this regard but you have to do it right. AdSense is a perfect money maker on large traffic that is not quite optimized and targeted, but on products sites, Amazon program rocks way better!

What are not so great?

  1. The commission rate is pretty much the lowest across the industry. They have a performance structure of variable commission rates (they call it advertising fee rates) that as the number of items you sold increase, the commission rate increases. Starting at 4.00%, the highest possible rate you can achieve is 8.50%. Some affiliate program such as those from ClickBank offers 75% or more commission rates.
  2. The cookie lifespan sucks too. It’s just 24 hours. What this means is that if the person you refer to Amazon doesn’t purchase anything within 24 hours of clicking through you referral link, you earn nothing and the referral is history. You get nothing neither even if he orders something after the 24 hours period. Other affiliate network / merchants typically have a much longer cookie period such as 60 days.
  3. Pain for foreign marketers. Amazon provides direct deposit to American residential marketers who receive their earnings almost instantly, but for foreign residents who live outside of US, check becomes the only venue to get the money. And it usually takes more than a month to arrive. It sucks. Sometimes it can really kill the motivation of foreign associates, me included. I guess they just don’t quite care about this. I would be very much glad to see them offer wire transfer as an additional approach to send the affiliate rewards.

So what do you say? I’m certainly going to create more Amazon niche websites soon! Subscribe to this blog to read more tips on making money online with the Amazon Associate Program. I’ll keep you updated on how I’m doing.

{ Comments on this entry are closed }

Update: Here’s the latest coupon code of Godaddy – $1.49 / year .com

God knows why they have raised the .org registration fee to $14.99. I don’t know if it’s temporary or just the way it will be for a long time to come but it’s outrageous. Fortunately I have found this .org domain registration coupon that got me the domain for just $7.69.


Almost 50% off. Not bad, so thought should share with you guys. Please comment if you have a better .org promo code for registering .org names at Godaddy. For web hosting, we recommend WiredTree. Use these WiredTree coupons to get extra or discounted packages.

{ Comments on this entry are closed }

When you read the content of any specified directory with PHP functions such as scandir() or readdir(), they will return both files and directories. How does one get just the child directories of a given directory in PHP? The obvious solution is the is_dir() function that checks if a filename is a directory:

$all = scandir('.'); // . stands for the current directory, you can use any path string here
$dirs = array();
foreach ($all as $each) {
	if (is_dir($each)) {
		$dirs[] = $each;

Which will return:

    [0] => .
    [1] => ..
    [2] => dir1
    [3] => dir2
    [4] => dir3

Clearly, the problem of this approach is that it also returns ‘.’ and ‘..’.

A better approach is the glob() function that searches the current directory by a certain pattern. You can use it in conjunction with the array_filter() function to select all the directories:

$dirs = array_filter(glob('*'), 'is_dir'); // is_dir function is used against each item of the array returned by glob('*')

Which will give out results:

    [0] => dir1
    [1] => dir2
    [2] => dir3

A neater way to get the same results with glob() function is this:

$dirs = glob('*', GLOB_ONLYDIR);

The GLOB_ONLYDIR flag commands the function to return only directory entries that match the pattern ‘*’.

{ Comments on this entry are closed }