Hackers, Port Scanners and other miscreants

Here’s everyone that was picked up by our firewall last night, portscanning.

The command to generate this on RouterOS is

/ip firewall address-list print file=filename where list="Banned" and  
https://www.infobyip.com/ipbulklookup.php
Resolves the list to a country and ISP
IPCountryISP
141.98.81.100PanamaHostkey B.v.
109.126.9.94RussiaVladivostokskaya Set LTD
170.247.0.30Colombia
42.61.24.202SingaporeSingNet
218.92.0.176ChinaNo.31 Jin-rong Street
151.84.193.145ItalyWind Tre S.p.A.
212.156.98.210TurkeyTurk Telekom
116.136.12.10ChinaCHINA UNICOM China169 Backbone
27.74.109.61VietnamViettel Group
45.124.87.84VietnamVIETNAM POSTS AND TELECOMMUNICATIONS GROUP
181.188.214.139EcuadorOtecel S.A.
122.227.2.158ChinaNo.31 Jin-rong Street
116.52.9.220ChinaNo.31 Jin-rong Street
46.183.120.216AlbaniaMC NETWORKING Sh.p.k.
92.118.160.21Republic of LithuaniaSoftLayer Technologies Inc.
80.85.84.75United KingdomLinode  LLC
31.0.213.205PolandPolkomtel Sp. z o.o.
217.122.169.50NetherlandsVodafone Libertel B.V.
218.92.1.141ChinaNo.31 Jin-rong Street
111.179.221.75ChinaNo.31 Jin-rong Street
112.81.84.122ChinaCHINA UNICOM China169 Backbone
95.156.76.230RussiaRostelecom
36.90.168.246IndonesiaPT Telekomunikasi Indonesia
188.49.226.35Saudi ArabiaSaudi Telecom Company JSC
141.98.81.166PanamaHostkey B.v.
149.11.160.130United KingdomCogent Communications
58.107.181.171AustraliaMicroplex PTY LTD
132.251.2.1PeruENTEL PERU S.A.
190.111.8.27GuatemalaNavega.com S.A.
113.87.160.165ChinaNo.31 Jin-rong Street
35.205.134.165Google LLC
196.52.43.131United StatesLeaseWeb Netherlands B.V.
175.167.244.147ChinaCHINA UNICOM China169 Backbone
68.183.99.64United StatesDigitalOcean  LLC
63.142.101.182United StatesCharter Communications Inc
193.32.163.89RomaniaFutureNow Incorporated
139.99.160.18AustraliaOVH SAS
81.22.45.63RussiaOOO Network of data-centers Selectel
177.69.0.97BrazilALGAR TELECOM S/A
182.100.58.30ChinaNo.31 Jin-rong Street
113.190.44.95VietnamVNPT Corp
71.6.232.7United StatesCariNet  Inc.
82.79.182.222RomaniaRCS & RDS
117.2.74.27VietnamViettel Group
222.124.154.226IndonesiaPT Telekomunikasi Indonesia
185.164.41.1SpainDaniel Calderon Dominguez
182.53.126.143ThailandTOT Public Company Limited
113.161.165.42VietnamVNPT Corp
188.119.65.131RussiaAdman LLC
123.16.15.113VietnamVNPT Corp
219.251.77.170South KoreaSK Broadband Co Ltd
58.242.82.3ChinaCHINA UNICOM China169 Backbone
41.59.193.67TanzaniaTTCLDATA
185.53.91.104IcelandVitox Telecom
110.249.212.46ChinaCHINA UNICOM China169 Backbone
190.203.218.136VenezuelaCANTV Servicios  Venezuela
101.109.176.151ThailandTOT Public Company Limited
104.140.188.2United StatesEonix Corporation
116.255.193.132ChinaCHINA UNICOM China169 Backbone
188.0.190.22RussiaCJSC Vainah Telecom
206.189.239.234United StatesDigitalOcean  LLC
216.218.206.93United StatesHurricane Electric LLC
176.111.124.249PolandJozef Woch Cybernet WMW
190.203.237.92VenezuelaCANTV Servicios  Venezuela
170.130.187.2United StatesEonix Corporation
61.170.128.218ChinaChina Telecom (Group)
81.22.45.72RussiaOOO Network of data-centers Selectel
125.64.94.211ChinaCHINANET SiChuan Telecom Internet Data Center
198.108.66.91United StatesMerit Network Inc.
180.241.39.206IndonesiaPT Telekomunikasi Indonesia
115.203.24.22ChinaNo.31 Jin-rong Street
182.254.228.197ChinaShenzhen Tencent Computer Systems Company Limited
180.142.178.58ChinaNo.31 Jin-rong Street
89.40.25.61RomaniaDynamic Connection SRL
14.166.46.233VietnamVNPT Corp
114.200.239.129South Koreayoido full gaspel church
185.23.128.234IranRazavi Information and communication technology company Plc
112.206.198.199PhilippinesPhilippine Long Distance Telephone Company
82.154.172.110PortugalServicos De Comunicacoes E Multimedia S.A.
139.220.192.57ChinaChina Unicom Beijing Province Network

WordPress Plugins

Custom Development

The Equilume Calculator calculates product activation date, and is implemented as a WordPress plugin. 2017.

Need custom application development, but your website is on WordPress? A plugin is the solution.

Plugins are enhancements that extend what
WordPress can do.

Staying up to day with updates and patches is a GDPR requirement, and no where is it harder than on the web, where the the whole online world can connected world has access. WordPress has an Update Manager, and it’s a great way to manage this process for small to medium size businesses.

Publishing a plugin to the WordPress Plugin Directory is a great way to raise your profile.

Delegator Payments and Jonas Club Management

HYC, one of Ireland’s Premier Yacht Clubs, has adopted Delegator Events Payments as their online payments solution.

This microservice accepts transaction information in, providing an endpoint for payments and a place for users to store and manage cards, reporting for accounts, and a payment receipt for the client. It follows the GDPR requirement of making the data available in portable form outputting CSV format reports suitable for excel or import to Jonas or other accounts packages.

The payment gateway implements a new responsive design, which integrated seamlessly with the fixed width layout of the legacy web application.

The gateway has been in operation since December 2018 and is integrated with the payments provider Globex.

Microservice

Microservices allow businesses to move functions (like payments) onto for-purpose platforms and then provide service to other systems that need the function.

HYC have used the microservices architectural pattern to process payments for a number of diverse functions including member subscriptions, account top-ups and racing events.

Because the service is ‘loosely coupled‘, HYC are able to deploy classes of payment services very rapidly and without being bound to any one vendor.

Reduced GDPR footprint

By moving the various payment functions out of their custom built web infrastructure HYC were able to reduce the risk levels and management overhead associated with processing payments, while keeping a legacy CRM system operational.

Integration

Delegator Payments accepts multiline ledger payments as an input and every line item can be tagged with the appropriate General Ledger code, making reconciling in downstream accounts packages straightforward.

Many accounts packages* have APIs, CSV file uploads or other mechanisms to allow uploading of payment information. Delegator Payment Services can design custom interfaces to any platform, even custom built ERP or CRM.

Delegator loves to hear from partners, and our unique ledger payment API means that it’s easy to integrate. Contact us if you would like to discuss partnership.

*For uploading to Jonas Club Management, it is necessary to have the ‘Automated Lockbox Upload’ feature enabled.

100% score on Google PageSpeed Insights using WordPress

Site speed is important for SEO, but can be hard to achieve in WordPress. One of my favourite tools for site is the Google PageSpeed Insights tool – who better to tell you what your site needs to be SEOed? So let’s take a look at our client’s brand new WordPress site:

It’s not the worst page speed I’ve ever seen. But it’s not far off the worst.

The worst PageSpeed score possible
The worst PageSpeed score possible – zero %

but this site does need some work. Fix the biggest problems first. A common cause of problems is image size, and that’s what’s happening on this WordPress site:

 

The top four account for the lion’s share of the image size. Let’s take a look in the directory, because we’ve only looked at one page (the homepage), but the whole site needs to be optimised.

There are plenty of big images. This can happen when a graphic designer is uploading unoptimised images. They focus on image quality, and tend not to think about filesize and performance.

Let’s take a closer look at the biggest file:

That’s a bit big. Let’s get it down to something that won’t eat up all the bandwidth quota of a visitor’s data plan. It’s a big homepage image slider, so it still needs to be big enough to look good.

We scaled it down to 180kb. Let’s see the effect on the site speed tool.

Sorting out one image makes the site score a lot better. We’ve gone from a 12/100 to 39/100, a jump of 27 points. All we did was resize and compress that with one image with GIMP.

Let’s do the next biggest…

 

We got the size down from 540kb to 82kb! What does Google think?

We’ve jumped 7 points on the scale, and we’re approaching half way there! Let’s do all the rest that google flagged, and see what happens. First the jpegs…we could A) optimise each one individually to check for artifacts, or we could B)  batch compress.

Anyway, on with optimising.

The logo is problematic – it’s HUUUGE. Let’s fix this and see what Google thinks…

We’re nearly half way there, but even better – images aren’t our biggest problem anymore, which is great. Time to dive down into the code.

We move onto the server / code optimisation, and we bring the WordPress site to 100% optimised.

100% score for WordPress on Google Insights - Mobile
100% score for WordPress on Google Insights – Mobile

100% score for WordPress on Google Insights - Desktop
100% score for WordPress on Google Insights – Desktop

 

We’ll be posting more on code optimisation in a later post.

Do have a WordPress Website that needs a speed boost? Sort out your images first! If your site is transactional, and you need to optimise your revenue get in touch. or leave your questions in the comments.

Howth Yacht Club AIS reciever

We worked with HYC and  to bring HYC into the Marinetraffic.com AIS network – with coverage and availability on the station  giving some cause for celebration.

100% availability and 861 square km of coverage.

The manager at HYC, Paddy Judge is a former pilot and aircrash investigator – knows where to site an antenna and working with the IOT team in Vinyl Matt Media to get some fantastic coverage.

Position tracking for marine vessels.

The results were so good that the nice people at marinetraffic.com gave a us a ‘pro’ level account a few weeks early, and we look forward to forward to seeing the value that their suit of tools adds to HYC’s operation.

Editing images for use online with GIMP

How to get an image into the right ‘aspect ratio’ and image size in GIMP. The aspect ratio of an image describes the relationship between its width and its height.

We choose an example that starts out portrait, but that we get a landscape graphic.

We also show how to upsize the image.

 

Resizing

A word on the options for resizing:

  • Linear: Can be used with very small text but cubic is a better choice in most cases.
  • Cubic: The default choice. Unless the image is very small or detailed, cubic and bicubic interpolation helps keep edges smooth.
  • Lanczos: Similar to cubic except that instead of blurring, uses a “ringing” pattern. Use for detailed graphics without blurring.

Saving for the web

Now we have to save the file for the web.

  • JPEG. Used most of the time. Works for nearly everything except logos
  • PNG Used for icons and where you need transparencies.

Now you’re able to do basic image resizing!

Testing out the Delegator WordPress plugin

Need the beta plugin get it here.

 

Here you see some tickets from a demo site of ours on delegator. Register with any stripe testing cards to try it out.

Delegator works by segmenting your market…this means there are many ticket variations. We make those easy to display in the right place in WordPress.

Use :

session_id
speaker_id
ticket_name

to display specific titles.

Say you have a bio page for a prestigious speaker. Big draw. Huuge. Here we show tickets that include access to a speaker using this shortcode:

delegator_tickets speaker_id=”4″

[delegator_tickets speaker_id=”4″]

So we see all tickets that give access to another speaker

delegator_tickets speaker_id=”3″

[delegator_tickets speaker_id=”3″]

The above are great for putting on your speaker pages. But we’ll have pages that give session information, we need to sell tickets that include access to that session.

Think of the use case where we’ve got a blacktie dinner for people that come to see both speakers. We want to talk about this on a page that really sells the great food we’re going to serve.

delegator_tickets session_id=”6″

[delegator_tickets session_id=”6″]

And of course we can just display a ticket based on a ticket name by selecting its ‘slug’.

delegator_tickets ticket_name=”organiser”

[delegator_tickets ticket_name=”organiser”]

We can now offer subsets of tickets in different contexts, making putting the right ticket choices in context and improving conversion.

 

[delegator_tickets event_shortname=”testzero” ]

Don’t get tagged as spam – make an SPF record

BookServe, the online reservation software, does a great job of keeping you in touch with your customers.

But to do that you need to make sure your guests’ email systems know to expect mail from YOUR domain ([email protected]) from the BookServe server.

Wanwaiting for responset to make sure your emails are getting through from BookServe to your guests?

First make sure you have control of your domain’s DNS settings. If this sounds difficult, don’t worry, your Web Developer can help.

Horse unseats rider.
DNS Changes. Need careful handling.

Then you need to edit the SPF record. The SPF is a type of DNS record. You can read about SPF here,

If it’s your first time at the DNS rodeo don’t try this without your Web Developer. An incorrect change can bring your site and email down, and it can take hours to fully recover.

An SPF record is a particular type of TXT record This is an example Register365 mail record for a BookServe customer.

The part ip4:109.74.198.82 refers to a BookServe server.

It tells the Internet ‘Hey, all these servers can send mail for @PropertyDomainName.com

v=spf1 mx a:smtp.reg365.net a:outgoing-smtp.reg365.net a:smtp.hosts.co.uk a:athena.hosts.co.uk a:hermes.hosts.co.uk a:outgoing-smtp.namesco.net ip4:109.74.198.82 ?all

Screenshot of Kitterman record Testing
SPF Records. Test them.

Once you’ve setup the SPF, it should be tested. The good people at  Kitterman Technical Services, Inc. have an <a href="http://www.kitterman.com/spf/validate more helpful hints.html” target=”_blank”>excellent tool for this. Don’t get caught out. Test.

http://www.kitterman.com/spf/validate.html

gombeensguidelogoGot a question about SPF? Let us know in the comments below and we’ll do what we can to help.