Does WordPress think it’s Apple or Microsoft?

Infamously, Apple have a habit of thinking they know what you want more than you do. You can search in vain for an alternative way to have your ‘home screen’ on the Apple app store. Apple’s version is officially perfect for everyone and no-one is allowed to have any other. Another example is the way that it took over seven years from the first iPhone before you were allowed to have an alternative keyboard to Apple’s officially perfect one on your device!

Microsoft have been known to do it too: see Windows 8’s move to the main menu that they called ‘Metro’ before someone pointed out they had a registered trade mark on the name. Who cares that you’ve been using the ‘Start’ menu since 1995? At least in that case, it was possible to install alternatives, and they sort of backed down with 8.1 before making things worse with Windows 10.

And now the WordPress developers are at it.

As every YourEscortSite client knows, we use the WordPress software on nearly all of the cheap and simple sites for escorts we host* and for the past thirteen years it has offered two ways to create / edit your website’s pages and blog posts.

There’s the visual editor which shows you roughly what the result will look like. So if you select something, and click the b button, it will appear in bold in front of you.

And there’s the text editor which shows you the actual HTML – the page description language that is sent to web browsers to display your site – and which used to be called the HTML editor. Do the above, and it will look like ‘<strong>it will appear in bold</strong>’.

(You need the latter for doing things like adding directory banners or, as with the message board software SAAFE.info uses, the visual editor will go ‘Oh, a “<” character! I’d better change that to &lt; or it will be treated as HTML and the user will get all confused!’… and the banner code won’t work.)

Places like Wix offer an alternative to those: they have something like a drag and drop editor, and call it a ‘page editor’ or similar.

Well, the people behind the WordPress software have been going ‘Oh noes, if we don’t have a page editor, people will stop using the wordpress.com site we also own and that would be terrible!1!’

So they’ve written one and called it Gutenberg.

That would be fine, except that their great plan is to force everyone using the WordPress software to use it. Why they want to do that, I have no idea, given that the software already powers about 30% of all the websites out there. It’s not a popular idea with existing users of the software: the Gutenberg plugin you can use to try it out now is the plugin with the most one star reviews of the more than 56,000 on wordpress.org.

Mine is one of those, because if you’re used to how it’s worked for the past it’s horrible.

It’s particularly horrible if you’re using it on something other than a superwhizzo fast PC because all the code is being run by your browser. That can be ok if you’ve got a superwhizzo PC or Mac, but if you’re trying to use it on an old laptop or your phone, it becomes very very s.. l.. o.. w.. and you end up dropping things in the wrong place because of the lag between where your mouse / finger is and where the software thinks it is.

Gutenberg also makes various assumptions about your site’s theme and, if it’s wrong, it can cause problems. I suspect that will include couple of YES templates.

So we’ve installed the ‘Disable Gutenberg’ plugin on YES sites (including this one!) It will keep the ‘classic editor’ you know and love (or at least tolerate) even after WordPress 5.0.0 is released with Gutenberg as the editor.

If you’ve got your own site using the WordPress software, do feel free to try Gutenberg – I strongly suggest you only do so on pages that stay as drafts, at first – and if you like it, great. (Feel free to tell me what you like about it too.)

Otherwise, you can find the Disable Gutenberg plugin here. Highly recommended.

* A couple have been made by clients using other software, and they just send us the output of their webpage design program.

Two new sites

The WordPress software comes with several default designs, and for the past few years they’ve been called ‘Twenty Ten’, ‘Twenty Eleven’ etc etc according to when they were introduced.

After some design choices that aren’t suitable for any YES site (and most others!) the latest, imaginatively called ‘Twenty Seventeen’, can work well.

For two examples, see DeepTissueSensual.co.uk’s site for ‘massage with a happy ending in Belfast, Dublin, Glasgow, Aberdeen, Inverness, York, Chester, Preston, Euston and many other areas in the UK and Ireland’ and MatureIndian.co.uk’s site for very naughty times in London, Hertfordshire, and Bedfordshire.

In both cases, there was a picture that worked as the featured image on the front page and not too complicated a menu for other pages. Speaking of which, one of the disadvantages is the way that new pages are not added to the menu in their correct order – they’re always added at the end, so you need to move them manually if that’s not what you want. As the new default theme, it may also become overused by other people.

But at the moment, it’s a quick and easy (and therefore cheap) way of having a good looking site that adapts very well to different screen sizes.

Not all ‘upgrades’ are good

WordPress software is behind a large chunk of the web – over a quarter of the top ten million sites, apparently. The good thing about this is that you can find easily someone who knows WordPress and can at least to try to help with any problems. The bad thing about this is that breaking into WordPress-based sites is a very popular activity for hackers and the attempts are both endless and automated.

It would help if the authors of WordPress software took security a bit more seriously: unless you do something about it, anyone can attempt to login to your site as many times as they like, as fast as they like – they even made it easy for attackers to try hundreds of user names and passwords at the same time* – with nothing to go ‘Hang on, you’ve tried a thousand different user name and password combinations in the past minute, I don’t think you’re really a human with legitimate access to this site…’** Allow this and eventually the right combination will be found, and the attacker can do anything they like on your site.

So there’s a bit of software on Your Escort Site websites that looks out for repeated failures to login and blocks access to the site for a while if that happens. The ‘try hundreds at once’ attack is blocked too.

But just trying a user name and password involves the software remembering how to check them, looking through a database and doing some maths to see if they’re correct. When this is happening hundreds of times a second, it can slow everything down for real users.

So Your Escort Site websites have another check to see if someone attempting to login is real. The web server expects a password before it will show the web page used to login to your site. Get it wrong, and the WordPress software never knows it happened. It’s proved very useful whenever there’s a major attack on WordPress-based sites.***

As merely having a password on this page defeats the vast majority of ‘bots’ trying to break in, it doesn’t need to be a good one. So it’s a simple three letter word. But even that can be forgotten, so the web server sends a message to the browser telling the visitor what it is! This should be displayed in the small pop-up asking for the password. (Bots tend to be very stupid and can’t read the message.)

Different browsers show this login different. Here’s Firefox getting it right:

Firefox showing the initial popup correctly

Firefox gets it right – can YOU guess what the user name and password are?

Chromium, Google Chrome and Opera (both of which are based on the Chromium software) used to show the message in a slightly different way, but since a recent upgrade no longer do so:

Chrome not showing the message from the web server

Chrome gets it wrong

Why this was thought to be an improvement, I don’t know.

Either way, once the short user name and password are entered, the user gets to the real login screen which looks like..

An example of the real login page

The real login page

.. and that’s where the real user name and password is entered.

* The feature that allowed that is used in another bit of software they wrote, but there is zero legitimate use for this aspect of it. It’s still there, sigh.

** They have, finally, stopped suggesting sites have one particular name for an account that can do anything on the site, with the result that it was the one that most hack attempts tried. It only took several years of pointing this out before the change was made too, sigh.

*** Every few months, basically.

Amazon gift certificates no longer anonymous to send

As far as we know, they’re still anonymous to receive for things like deposits – all the sender needs is your email address – but Amazon have just changed things so that when they’re redeemed the recipient is invited to ‘Send a thank you message to (what Amazon thinks they’re called)’.

Argh.

Buying one from a shop and sending the string of letters and digits (something like CL86-3UP8WF-XM7Q) will still be anonymous, but those only come in specific denominations.

New templates

Someone recently asked about having all their blog posts on the front page of the website. (Usually, they’re accessible from a special page of the site that displays the blog posts.) One of the advantages of using WordPress is that changing how a site looks is easy and this got me looking at themes that do that in a nicer way than usual.

After some tweaking,* there are now three more options for YES sites:

Cards on the table – ideal if you have plenty of pictures you are happy with, this uses a horizontal scroll on wide screens and a vertical one on phones etc.

All up front – again good for showing off your pictures. They are slightly smaller but scroll nicely up and down, including on mobiles, and there’s a menu to the right.

Coin – circles this time! The square picture on the top left is optional.

In all of them, the font and colours can be changed as desired…

* The changes to the themes these are based on available on request.

WordPress, wordpress.org, and wordpress.com

Your Escort Site‘ uses the WordPress software. This makes creating and editing web pages quite easy, so it’s what we use for nearly all of our clients’ sites too.

Every time it is updated – several times a year – the new version of the WordPress software is downloaded and installed from wordpress.org, the website that hosts the development of the software. (It also has lots of other things for the software, like themes and plugins too.)

We are not the only people using the WordPress software – at the moment, somewhere between a fifth and a quarter of all active websites use it!* The biggest is the wordpress.com blogging site, owned by the same people who own wordpress.org.

Would it be easier if three different things weren’t all commonly known as ‘WordPress’? Yes, but it’s too late to change things now…

.. so just remember that WordPress the software is a different thing than wordpress.com the website, even though it uses the same software as we do. It’s also different from wordpress.org, which is the website people like us get the software from.

* Amongst other things, this means if we disappear, clients will find it very easy to find someone else who can help them host and maintain it.

** It does also mean that there are a lot of nasty people who specialise in breaking into WordPress sites – but we do everything we can to stop them, and no-one’s managed to hack a YES site yet.

** They probably won’t be as nice though :)

Yahoo email? Just say no!

I recently set up email on a new server. All the test emails went off happily, so I started using it for family emails. No problems..

.. except with Yahoo, including the organisations stupid enough to let Yahoo manage their email for them, like Sky and BT who both put their internet customers on it. Yahoo send a ‘we’re never delivering any email from you, ever’ rejection message:

All messages from (your server) will be permanently deferred

Why? They don’t say – the message points you to a webpage that doesn’t exist. The real link gives the not very helpful info that

This message indicates Yahoo is seeing a high volume of emails from your (server), which is a characteristic of unsolicited, bulk emailing. .. We do not disclose further information about our filtering practices.

One of the joys of running your own email server is that you can see for certain how many a “high volume” is. In this case, it’s four. In a week.

Elsewhere on the mess that’s Yahoo’s ‘help’ area is the advice to “Send email only to those who want it” – each of the people who we’ve had problems emailing this week are friends who have emailed us – and run your email server properly and securely. Not that Yahoo would recognise a secure email server if they fell over one: hacked Yahoo accounts are the single biggest source of the spam that gets through the filters here (the victims are people I know, so their mail is treated differently to that from addresses I’ve never heard of).

But the thought to take away is simple: if you have a Yahoo email address, is this happening to mail from potential clients? I don’t know… and neither do you.

Adding a Twitter feed

It’s easier than you think :) and since the first version of this, it’s become even easier!

New way to add a Twitter feed

Go to Appearance / Widgets menu in your site’s WordPress Dashboard.

You’ll note that on the right, there’s ‘main sidebar’ area, which probably has a couple of things there already (typically including ‘Recent posts’ for your latest blog posts), and in the middle there’s an array of possible widgets to put there.

Click and drag the ‘Custom HTML’ one to the main sidebar area. If it is not already showing the space for the title and content, expand it, by clicking on the little triangle.

Give it a title like ‘My Tweets’, and paste the HTML below in the currently empty big box. Click ‘save’. Done!

<a class="twitter-timeline"
href="https://twitter.com/yourescortsite"
data-tweet-limit="10">
YourEscortSite tweets</a>
<script async src="//platform.twitter.com/widgets.js" charset="utf-8"></script>

.. obviously changing ‘yourescortsite’ to the name of your Twitter account.

Old way

Before, you needed to go to your Twitter account’s Settings menu and get a specific code number, just for your account. That was included in the old HTML code and you needed to specifically exclude replies to you being included in the displayed feed. (Miss doing that, and you’d start advertising clients and others!)

Because this was the official way of doing it, it still works, but it involves an extra layer of faff now.

Still relevant, still important

You can also add the code to any page or post but you must use the text mode of editing rather than the visual one to do so, otherwise WordPress will ‘cleverly’ convert the < characters into ‘&lt;’ (they’re special characters to browsers) and it won’t work.

You need to know that however you do it, some adblockers count it as an ad, and so not every visitor will see it…

Similarly, if visitors have blocked third party scripts from running, it won’t be visible to them either.

Since WordPress 3.5, you can also put a tweet’s URL on a line by its own and it will be treated specially:

Caching

Short version: if you’ve changed a page, but it still looks the same when you or someone else visits the site, press the ‘Clear Cache’ button on the top of your site’s admin pages, if it’s there.

Longer version: A cache, pronounced ‘cash’, is a store of something you’re going to want to come back to later*.

If you think about phone numbers, you could ring up directory enquiries every time you wanted to call someone, but that would take time and cost money, so you have a local phonebook, written down or in your phone. When you want to call them, you look it up in the local copy. The problem comes when they change numbers without telling you – your local copy will be out of date, and you’ll call the wrong number.

Computers use lots of caches because some things they can do are really, really fast, and some things, while still quick in comparison to a human, are a lot slower.

Each time someone visits a YES site that uses WordPress software (i.e. almost all of them), the web server program has to go ‘Oh, they want that page… OK, other program, give me something to show them.’ That program has to go ‘OK, let’s see, right, what are the words on the page, third program?’ Then that third program has to look up what text is on that page amongst other things. Each bit doesn’t take long, but it all adds up. And it will be repeated the next time someone else looks at that same page even though it probably hasn’t changed.

So one thing that’s installed on most sites is a cache plugin. When a page is shown to someone for the first time, a copy of the final result is made and that copy is shown to other visitors to the same page.

Now, there are several cache plugins to choose from, and they all have advantages and disadvantages. But they all have the issue that if the page changes, they have to notice and update their copy, and it looks like the one most commonly used, Quick Cache, doesn’t always do this. Fortunately there is a button on the WordPress admin panel to ‘Clear Cache’ which ensures that it happens. Because Quick Cache does not cache pages for logged in users, just anonymous visitors, you may need to log out (or use another browser / the private browsing facility of your browser) to check that all is well..

.. Probably! There are other caches in the process. It’s not as common as it used to be, but Internet Service Providers (ISPs) can cache sites to cut down on their costs and to try to be ‘the fastest’. Browsers certainly try to, as again it helps in the race to be ‘the fastest’, to the point that they can load data from pages before you’ve clicked on the link to go there and then not always bother to check that it is up to date when you do**.

When looking at an out of date version of a page on your site, before assuming that it is a problem with your site, try holding down the ‘shift’ key when clicking on the ‘refresh’/’reload’ button or pressing the F5 key (usually a shortcut to clicking on that button). That tells the browser that it should ignore any local caches and ask for the page from the web server directly.

* Polar explorers cached food and other supplies on their route, so they wouldn’t have to carry every tin of beans all the way to the North or South Pole and back. Robert Falcon Scott and the remainder of his party died in 1912 because they couldn’t quite reach the next cache, eleven miles away, on the way back to their base. It was originally intended to be located thirty miles closer to the South Pole. Had it been, most of them would have survived and you probably wouldn’t have heard of them in the same way that you probably don’t know who was in the second group to reach the summit of Mount Everest. (I’d have to look it up!)

** Much that I otherwise love it as a browser, Firefox can be particularly annoying in its caching policies, especially when setting up a new YES site for someone: it can insist a site doesn’t exist, because it didn’t when it looked it up some time before it was asked to go there, and no pressing of shift-F5 will convince it otherwise. Grrr.

Banners and ad blockers

Any decent web browser* has the ability to install additional features. One example feature is an ‘ad blocker’: something that looks at each page and removes things it thinks are ads so that the user doesn’t see them. As this greatly improves the user’s experience – when I have to use a browser without one, I am horrified by what some sites look like with ads – it is a very common thing to do.

Because there is currently no easy way for the ad blocker to determine whether something is an unwanted ad or wanted content by looking at an image itself**, they go by the URL of the item.

Some are easy: you probably don’t want anything at all from doubleclick.com or from a directory called /ads/, for example. Others are harder, but the name of the file can also be a clue.

A YES client recently wondered why some people couldn’t see her banners on another site. It turned out that name of the banner ad image file contained the string ‘468×60’. As 468 pixels*** wide by 60 pixels high is a very popular size for banner ads, the filters that one very common ad blocker uses includes looking for this string and, if it finds it, the ad blocker ensures that the user doesn’t see the file. Oops. As soon as it was renamed, all was fine…

.. on that site, anyway. It turns out that a popular escort directory shows the banner ads that people have paid £££s for in a way that leads the lot of them being blocked by any decent filter. Oops.

Moral: install an ad blocker – ‘AdBlock Plus’ is the most popular – and see what’s happening to your ads.

* This may well exclude even modern versions of Internet Explorer. Certainly all the versions I have aren’t. Think Firefox / Iceweasel, Chrome / Chromium, Opera, or I think Safari as included in ‘decent’.

** This is why people who demand that internet companies block everything they don’t personally like are technically illiterate. Blocking text stuff is one thing, even if people who want to get around the block will just start using other words, but trying to automatically categorise pictures and videos is Very Hard.

*** A pixel is the smallest element that makes up a picture or video, a dot of colour (only one at any one time). Normally, they appear so small on the screen that you can’t notice them individually. Vendors love to sell cameras on how many the pictures have, but this actually one of the less important things to look for when buying one.

123-Reg.co.uk – a warning

There are dozens of registrars, people who will handle the business of registering a domain name for you. In an ideal world, you wouldn’t need one, but the people ultimately in charge of the domains you want set things up so that in reality, you do.

For example, it’s possible to register a .co.uk domain directly with Nominet, the people who run them. It’s just that they will charge you £96. If you are a member, as any registrar offering .co.uk domains is, the amount Nominet charges them drops to £6, and so they’ll do it for you for about £8*.

Ever since one of the early registrars prepared to deal with the public – freeparking.co.uk – fucked up a renewal, costing me a much loved domain name about ten years ago, I have used 123-Reg.co.uk but I am currently wondering why.

In January, I noticed that according to their system a particular domain should have been renewed a week ago. ‘Eeek,’ I think, ‘I don’t want to lose it, I had better renew it now! I wonder why it wasn’t renewed automatically…’ Fortunately, just before pressing the ‘pay’ button, I check the details with Nominet and discover that it’s not due for renewal for another year and eight months. Using 123-Reg’s support service sorts that out, eventually.

Yesterday, I had a PayPal email regarding a payment to 123-Reg. Looking at the amount, it’s a .com domain for a year. ‘Ah, I must have forgotten to renew one and it’s done it automatically,’ I think, ‘How nice’.

Except that today, I had another PayPal email regarding another payment to 123-Reg. Looking at the amount, I go ‘What the fuck?!’ as it is for rather more, and I know that I have not either registered or forgotten to renew anything today. ‘That’s interesting, I haven’t had the usual invoice emailed to my account’s email address for either of these…’

It turns out that yesterday, they renewed a domain – without being asked or sending me any email about it – that does not need renewing until next June. Then today they renewed it again, this time for another three years. Had this not been done via PayPal, but done via a direct debit or card, I would not have had any notification of this until a statement arrived, possibly nearly two months later.

I am waiting to see what the response to my email to them is. I still like their control panel** but this is twice in one year that their system has decided to make an error to their advantage. And that’s twice too many.

So if you have any domains registered via them, keep a very very close eye on your accounts.

Update: They say that they renew domains for the same number of years as they were originally registered for. Which is fine, but the domain in question wasn’t originally registered for four years and thus even more shouldn’t have been renewed for five (one in June plus one plus three in successive days in July)!

I have had a refund for the big payment, but I am still interested in hearing how good the control panels for gandi.co.uk and portfast.co.uk are… Moving .co.uk domains between registrars is fairly simple.

* The difference between that and what you pay the registrar is partly their profit, partly the costs of membership, and partly the cost of having the systems that should make it easy for you to do it.

** The website interface to manage your domains – it is much easier to get it to do what you want than the pain that is GoDaddy’s.

Using Yahoo! for mail?

There’s yet another rash of emails from hacked Yahoo! accounts today. What happens is that the hackers build up a stock of passwords for accounts over a month or two, then spend a day or two using them to spam people with assorted crap. They typically CC random names from your contact list to cut down on the number of emails necessary to spam everyone.

So if you don’t want to bother people, including outing clients / contacts to each other, change the password now, and ideally every month or so. You may also want to consider where you access your webmail from. Computers in libraries are usually ok because the terminals are reset between users (but they typically block escort-related sites) whereas random web access points may not be.

The same applies if you’re using Hotmail / Live /Outlook /whatever Microsoft are calling it this month. Interestingly, it is much rarer with Gmail and their optional two-stage authorisation can eliminate it entirely*.

* Whenever your Gmail account is accessed from a new device, you get a text on your phone with a code. Without the code, you – or anyone else – doesn’t get in. It can be a pain if you’re just having a quick email check on someone’s laptop, but that may be the one that’s reporting every key press to someone nasty.

Plugin policy

If you log into your site with your admin account* you will see that there’s a menu item called ‘Plugins’. These are small programs that add functionality to a WordPress site.

Some do it behind the scenes (like the one which is installed to help stop your site being hacked by limiting the number of times anyone can get your password wrong without being prevented from accessing your site for several days) and some are more visible, providing assorted superwhizzo features (but like much other shiny stuff, you almost always don’t actually need them!)

Or at least that’s the promise. In practice, some of them are a complete pain: plugins installed by some of the people who have used YES have..

  o   Deleted all their pictures (something that promised to help optimise them)

  o   Slowed their site to a crawl (it was continually trying to back it up)

  o   Completely locked them – and us – out of their site entirely (an overzealous security plugin). Update: this has now happened twice.

Some plugins also carry a nasty payload: plugins can do almost anything, including turn your site into a toxic mess. Ones you install via your site come from a WordPress-run resource that means they should be ok in that regard, but people still make mistakes and one of the basic rules of computing is ‘never be one of the first people on your block to try a new program’ – let other people find out it’s a buggy pile of crap!

So we suggest** that you talk to us before installing any of them, especially if the authors want you to pay for them.

Now that two people have been screwed over by it, we recommend*** that you do not install the plugin ‘Better WP Security’.

It may be a good time to remind people of one of the aspects of the YES support policy: if you mess things up, it may cost you money to have it sorted out. Specifically people who ignore the above recommendation will be charged****.

Update: A rather neat trick means that you won’t be able to install Better WP Security now, even if you try :)

Update2: The same applies to WordFence, a similar ‘security’ plugin which looks just as dangerous if you don’t know the implications of what it does.

* Which obviously isn’t called ‘admin’ – that’s the one 95% of hackers try when looking to break in!

** Remember, this is consultancy speak for ‘Have a very good reason for not doing it this way’ :)

*** .. similarly, this means ‘Do it this way or else!’

**** Told you.

Members areas

Members-only password protected areas can sound like a good idea. You can sell access to ‘premium’* content, for example. They’re certainly doable on our sites. The problem is that you’ve got a choice: put a password on material which is the same for everyone (and so if it gets posted somewhere else, everyone can access it) or give / sell people accounts on your site.

The latter can be limited in what they can do (such as only see stuff that non-members cannot) but WordPress has an unfortunate history of allowing such accounts to gain, through various dubious means, total control over the site. Currently, there are no known ways to do that, but there’s been at least one or so a year in the nine years since the WordPress project started and I would not want to bet that there will not be another one.

So if you’ve got content to sell, I suggest** that you hold your nose and use AW. In any case, my recommendation*** is that you do not go down the ‘accounts on your site’ route.

* Marketing speak for ‘expensive’ :)

** Consultant speak for ‘have a very good reason for not doing it this way’ :)

*** Consultant speak for ‘do it this way or else’ :)

Email to and from Hotmail/Live & Yahoo!

For some reason, the usual suspects two popular but troublesome webmail services seem to be worse than usual having problems at the moment.

If we don’t reply to an email within 24 hours (usually sooner) we probably haven’t got it. If this is affecting you let us know (for example via a PM on SAAFE) and we can sort out another way to communicate.

Who is stealing your content?

Stealing other people’s pictures has long been annoyingly common – we can advice on ‘watermarking’ photos so that your site or other info appears on them. Services like Tineye help detect this: you upload a picture and they tell you where it can find copies or very similar images online.

People also steal text. It’s worth using a search engine to look for particular but uncommon phrases from your site and look for other ‘hits’. Sometimes other uses are coincidence or compliments (one sign a campaign is working is when people start quoting its messages at you, without necessarily realising the source), but other times, people are stealing your marketing effort.

Now, it’s becoming more common for people to use programs to steal text, altering it just enough to avoid simple detection. The results are like translating something from English to French and back again, but what is actually being done is certain words and phrases are recognised and substitutions found from a thesaurus.

Sometimes, it’s done to show ads to people attracted via search engines. Here’s the (Australian) Daily Telegraph’s original story on the acquittal of an escort agency owner:

A SYDNEY woman who owned an upmarket London escort agency was found not guilty of controlling prostitution for her profit.

Larissa Miesnieks, 39, who was born in Paddington, Sydney, and lived in Kensington, west London, faced up to two years in prison on charges of controlling prostitution and acquiring criminal property.

A jury of nine men and three women took less than 40 minutes to reach their verdict at London’s Southwark Crown Court.

Leaving court last night, Ms Miesnieks said she felt “amazing” and added that she needed a drink to help process the result.

“The worst time in my life has just become the best moment of my life,” she told The Daily Telegraph.

Her friend, who wished not to be named, said Ms Miesnieks had “held it together” during the 18 months of the case.

“She’s been meditating, doing yoga, she’s been doing really well until this week.,” she said.

Using the pseudonym ‘Lisa’, Ms Miesnieks ran the escort websites Atlantic Companions and Pure Brit, targeting rich city bankers in their lunchtimes.

Between January 2006 and June 2010, Ms Miesnieks, who was also an escort and took 30 per cent commission from the girls on her books, made about 300,000 pounds (AUS $442,800), the court heard.

In evidence presented during to court, Ms Miesnieks was accused of laundering money into a bank account in Dubai, where she claimed she was preparing to relocate.

In his closing argument, prosecutor Lawrence Aiolfi told the jury Ms Miesnieks was in a “position of influence and power” over the escorts.

In a document titled ‘Information for New Girls’, Ms Miesnieks indicated the type of underwear the girls on her books should wear and instructed them to call her within 10 minutes to inform her that money had been taken from a client, Mr Aiolfi said.

However Ms Miesnieks argued that she “cared for her girls” and was not controlling their prostitution for her profit.

The defence barrister Mark Seymour said his client denied the charges and had started her agency as a “co-operative”, operating it “for the girls” and giving them control over what jobs they took.

On a trip to Sydney, Ms Miesnieks once sent flowers to one of her escorts and would go to drinks and coffee with them, he said.

“She generally cares for them and is looking out for them and wants to help them,” he said.

“When you look at all of it, it is the complete opposite to power and control.”

Sitting in the dock, Ms Miesnieks often became emotional.

She told the court her prostitution ring had been her “little secret” and she did not want her family to find out.

Prostitution and operating an escort agency are legal in the UK, but it is illegal to control prostitution and gain from that control.

And here is TheNewsInLondon.co.uk’s version, with changes in bold:

A SYDNEY lady who owned an upmarket London chaperon group was found not guilty of determining harlotry for her profit.

Larissa Miesnieks, 39, who was innate in Paddington, Sydney, and lived in Kensington, west London, faced adult to dual years in jail on charges of determining harlotry and appropriation rapist property.

A jury of 9 group and 3 women took reduction than 40 mins to strech their outcome during London’s Southwark Crown Court.

Leaving justice final night, Ms Miesnieks pronounced she felt “amazing” and combined that she indispensable a splash to assistance routine a result.

“The misfortune time in my life has only turn a best impulse of my life,” she told The Daily Telegraph.

Her friend, who wished not to be named, pronounced Ms Miesnieks had “held it together” during a 18 months of a case.

“She’s been meditating, doing yoga, she’s been doing unequivocally good until this week.,” she said.

Using a pseudonym ‘Lisa’, Ms Miesnieks ran a chaperon websites Atlantic Companions and Pure Brit, targeting abounding city bankers in their lunchtimes.

Between Jan 2006 and Jun 2010, Ms Miesnieks, who was also an chaperon and took 30 per cent elect from a girls on her books, done about 300,000 pounds (AUS $442,800), a justice heard.

In justification presented during to court, Ms Miesnieks was indicted of laundering income into a bank comment in Dubai, where she claimed she was scheming to relocate.

In his shutting argument, prosecutor Lawrence Aiolfi told a jury Ms Miesnieks was in a “position of change and power” over a escorts.

In a request patrician ‘Information for New Girls’, Ms Miesnieks indicated a form of underwear a girls on her books should wear and educated them to call her within 10 mins to surprise her that income had been taken from a client, Mr Aiolfi said.

However Ms Miesnieks argued that she “cared for her girls” and was not determining their harlotry for her profit.

The counterclaim attorney Mark Seymour pronounced his customer denied a charges and had started her group as a “co-operative”, handling it “for a girls” and giving them control over what jobs they took.

On a outing to Sydney, Ms Miesnieks once sent flowers to one of her escorts and would go to drinks and coffee with them, he said.

“She generally cares for them and is looking out for them and wants to assistance them,” he said.

“When we demeanour during all of it, it is a finish conflicting to energy and control.”

Sitting in a dock, Ms Miesnieks mostly became emotional.

She told a justice her harlotry ring had been her “little secret” and she did not wish her family to find out.

Prostitution and handling an chaperon group are authorised in a UK, though it is bootleg to control harlotry and benefit from that control.

Some of the automated changes are simple (‘nine’ to ‘9’), some it shows words taken in the wrong context (bank ‘account’ to ‘comment’), but some of it is just weird: ‘document’ to ‘request patrician’?? The result is unlikely to be found by a search for any of the distinctive phrases in the original (it came up for me when looking for her name).

Here’s a word for The News in London’s automated thesaurus: plagiarism.

Cookies

Short version: YES site owners needn’t worry about the ‘web cookie law’.

Longer version, starting with ‘what are cookies anyway??’

In this context, it’s not the biscuits (triple chocolate, please) but the computer variety.

These are small bits of text that are sent by many websites to visitors’ computers and which are stored on them for anything between ‘until the web browser is closed down’ to ‘many years into the future’.

The reason for them is that, by design, web browsing is normally ‘stateless’. When you talk to someone, you know what’s been said between you earlier in the conversation – that’s the ‘state’ before each thing you say. Without that, it would be like talking to someone with a bad case of Alzheimer’s:

‘Hello Your Escort Site, I’d like to buy a really great escort website.’

‘Yes, we do those!’

‘Do you do them in red?’

‘Do what in red?’

For web servers, this can work very well (and it certainly makes writing web servers easier) but sometimes you need to know more than just what was the latest thing said.

There are other ways around this problem, but what has worked best is to arrange for the website to send the browser a small bit of text which the browser then sends to the website every time it looks at that site again. Computer programmers being what they are, it got given the name ‘cookie’.

The equivalent conversation then becomes something like:

Hello Your Escort Site, I’d like to buy a really great escort website.

Yes, we do those! Have this bit of paper saying you’re looking for a really great escort website.

Do you do them in red? Here’s the paper you gave me earlier.

(Reads paper.) Ah, yes, really great escort websites! Yes, you can have them in any colour you like!

When using a web discussion forum like the one on SAAFE.info, cookies enable the website to know that it’s the person who gave the password to the account that’s now posting the helpful comment: when they logged in, their browser was sent a cookie to say ‘I’m this user, and here’s continuing proof of that.’ Similarly, shopping sites use them to maintain your shopping basket (this was their original use).

That’s the good side of cookies. Of course, there’s also a dark side.

Advertisers love them, because ‘third party cookies’ mean an ad provider with ads on multiple sites can detect which of them you’ve visited. Browsers can be set to not accept these and, because virtually every site will work properly without them, it’s a recommended setting which, annoyingly, is not the default in any major browser.

But in the context of escorting, it’s the way that cookies leave evidence about what sites have been visited that can be the most problematic. Do your clients want it to be discovered (quite easily by anyone with access to their browser) that they’ve been to prostitution sites? Do you want any queries wondering why someone’s been looking at your site? In either case, probably not.

In any case, a European Union regulation adopted into UK law last year mean that each visitor’s consent is required to set cookies on their browser that are not strictly necessary (because of being used to implement a shopping cart, for example).

So you’ll be glad to know that, as set up, websites created by YourEscortSite do not set any cookies for visitors. (It does use them with you, when you log into your site.)

Note: this site uses cookies – if you look in your browser’s collection (see its help for how, because it varies from version to version, never mind between browsers) you will see some from here.

We use them to get information about how visitors move around the site. They don’t collect information that identifies a visitor and it is only used to improve how the site works. If you’d like to opt out of having them, then every major browser enables you to delete cookies and/or to decline to have any from any particular site. (Again, you need to see your browser’s help to see how.) You can also go to yourescortsite.com/piwik/index.php?module=CoreAdminHome&action=optOut&language=en – this will send a cookie that says ‘please ignore visits from this browser’.

Ah, that’s why…

…there are so few people offering website design on AW. They charge at least one credit (i.e. one pound) per day to have an ‘other services’ profile.

It also explains why the few on there charge between two and five times what we do.

One will also ‘rewrite your profile to make it unique and authentic for £80’ – there is obviously a meaning of ‘authentic’ we hadn’t heard of before :) – and even more helpfully lists profiles they’ve done so everyone can see how authentic they really are!

Escort SEO

Or, ‘If I were evil, I would be rich’.

We would all love to be on the first page of Google* search results for every conceivable search, but with the default settings, only ten can be. Google won’t let you advertise “websites promoting escort services or related content”** via its AdWords any more either. So this creates a market for ‘search engine optimization’*** or SEO for short. In exchange for your hard earned money, they sort of promise that they’ll do their best to get you a better result. Perhaps.. maybe.. no guarantees..

Some recent posts on the SAAFE message board have highlighted both the cost of these services and what they’ve done for the money. One woman was charged £250 for a year’s SEO service. What that bunch seems to have done is put two lines of possible search terms in her page and add a link to themselves (the more links you have to your site, the better Google likes you). It’s not clear that they made any links to her site anywhere, but their terms and conditions did forbid her from making any changes to it without their written permission. When she wanted to change her domain, they didn’t reply to her.

Another was persuaded by the people who created her website to sign up for a £150 a month SEO service. Although she was soon concerned this was a waste of money (and those concerns looked justified), she was worried that stopping it would lead to them making unauthorised alterations to her site.

Part of the problem is that it is virtually impossible to get (and keep) a front page ranking for searches like ‘London escort’. Even some directories have problems – one of the big ones aimed at the gay market for male escorts has spent years alternating from being in the top half of the front page and nowhere as Google change the rules or effectively ban them for using naughty methods to try to beat their competitors.

The two solutions are getting listed on the directories that do feature people like you (most of them are free) and coming up with content that people like. The multitude of links to them are why the directories dominate the top pages for the basic searches. In the big cities, it will be difficult to match them for the basic searches, but you can do it for something more personal to what you’re offering.

The four things that you want are content, content, content, and links.

Dealing with the first three first, a site that says ‘Hi, I am an escort, I will do these things, I look like this, seeing me will cost that, and you can contact me by…’ is competing for attention with thousands of others. So you need more: write stuff!

You will have a blog for example, use it! Not only does it mean more people link to you, but potential clients can go ‘Oh, they like [something they like] too…’ which makes them much more likely to book you.

Links to your site can come from ‘link swaps’ with other escorts (they link to you, you link to them), or making sure that whenever you are mentioned, there’s a link to your site.

But the SAAFE posts did get me looking at who are the top listings for ‘escort SEO’ at the moment. Do you really want to pay hundreds of pounds to people who write this about building a website with WordPress:

You are going to be glad regarding the word press site, and you will feel too challenging to generate a site, it’s simple to build a internet site with wordpress. All you need to search the tutorials available to develop a internet site with wordpress. Right after that you simply need to follow the required things to develop a site with wordpress. But in complete you should understand you will need c panel to construct a website with wordpress.

(First paragraph of a blog article on Adult SEO Service website, currently in the top Google spot!)

Now I sort of understand what they’re saying – cPanel is a program for controlling a server – but it gets even worse later on: “In case you have several domains of you, you can’t get them within the key search engines”, anyone?) I wonder if it’s automated plagiarism. For more on that, see here.

* Other search engines exist, and if Google keeps trying to be evil, some of them may get more popular, but at the moment, Google still dominates.

** This includes us, annoyingly. It does look like they’ll let you promote porn (‘adult’) website design though.

*** Or ‘search engine optimisation’, depending on your spelling checker settings.

Privacy matters

There is a lot of prejudice against prostitution* and so if you’re going to do sex work, your privacy is vitally important. There are people who show their faces on ads, but once you do that, you are potentially outing yourself to everyone you know and, possibly more importantly, ever will know.

So we take your privacy seriously. We take payments in Amazon vouchers, for example. This means that we do not need or want to know your real name, address or card details. It also means there will be nothing incriminating on your card statement.

And while we can do photo-editing to blur or otherwise conceal your face in photos, we’d prefer to talk you through doing it yourself.

* Anyone who tells you that escorting doesn’t involve having sex with clients is after your money. As with straight men escorting women, the market for non-sexual escorting is tiny so there are only two sorts of non-sexual ‘agencies’ out there: scams and those about to go out of business. (It’s easy to tell the difference – if they ask the ‘escorts’ for any money whatsoever before they have cash in their hand from a client, they’re a scam.)

Email contact addresses

Recently seven years ago, someone asked what the options are. They’ve changed since then, but so you know what the answer was then..

Until 2019, you had two main ones:

1. Just put any email address as the contact email.

+ Easy to do

+ Could possibly avoid clients getting asked why they’re getting email from an escort site

+ You may have one already and quite possibly have a preference for Gmail / Protonmail / Yahoo* / Hotmail** / etc etc

– Possibly not quite as impressive or memorable as…

2. Have a ‘Name@YourDomain’-style email as the contact email. What it will actually do is just send mail onto a second email address which you tell us about.

+ Looks a bit more impressive and may be easier to remember

+ It’s possible to have anything @YourDomain sent to you, including misspellings of your name

+ If you have a Gmail account, it is possible to have that real address send as name@domain as well as receive mail for it..

– ..otherwise you will be getting emails to one address and replying to them from another

– It’s more work for us to set up

+/- You should know that email to your domain will be ‘greylisted‘*** to reduce spam. This involves delaying mail from addresses that you’ve not heard from before – including new potential clients – for about five minutes. Some other email services do this, some don’t

+/- You should also know that, as with almost any other email service, we could see the contents of mail to and from your domain if we wanted to. We don’t and won’t****, but if you don’t want to take the chance that we’re lying, it’s not for you!

Conclusion

Hardly anyone used the second option and everyone who did had switched to using Gmail or Protonmail when the imaginary PC***** that ran the mail server that handled their mail (and that for the IUSW) needed a big update.

At that point, it was much easier to say ‘Enough, we’re not running a full mail server for clients any more’, so use Gmail / Protonmail instead.

* Gmail is not perfect, but we’re not sure why anyone would have a preference for Yahoo…

** … or Hotmail / Outlook Live, whose main feature is that it’s not Yahoo.

*** Email involves having the computer sending it and the computer receiving it having a little conversation. It’s not literally ‘Hello, is there an email server there?’, ‘Yes, I’m an email server, who are you?’, ‘I’m…’ etc, but it’s not far off.

Greylisting is a brilliantly simple and effective method of reducing spam involving a fib in that conversation. When dealing with mail from addresses that it’s not had real email from before, the receiving computer says that it’s not ready to receive new email at the moment.

The idea is that proper email sending computers will remember that and try again in a few minutes, at which point the mail will be accepted. Spammers, on the other hand, use programs that are designed to send out many millions of emails as quickly as possible, so they don’t bother with repeating first time failures. If everyone did greylisting, it wouldn’t work, but they don’t and it does – just doing this stops over 99% of incoming spam!

**** Not just because we’re nice and wouldn’t do such a thing: we also know reading lots of “I’m a special snowflake – will you give me a discount / do what your website says you don’t offer / meet me in five minutes / take cheques etc” emails is very boring :)

***** What a ‘virtual private server’ actually is. One big powerful PC pretends to be several smaller ones. They don’t actually exist anywhere but software can behave as though they did and they’ve made having an internet server a lot cheaper than it used to be.

Want an escort agency website?

We have had a couple of enquiries this week from people wanting a website for escort agencies. We’ve thought about it, including remembering the immortal words of Frankie, one of the mice from The Hitch-Hiker’s Guide to the Galaxy:

I mean, yes idealism, yes the dignity of pure research, yes the pursuit of truth in all its forms, but .. if it comes to a choice between [being pure] .. and on the other hand just taking the money and running, I for one could do with the exercise.

.. and the answer is, sorry, no.

Why?

Twenty years ago, as a prostitute your choices were street, agency or brothel work. The advent of places to advertise, mobile phones, and especially the World Wide Web changed all that and it’s now very, very possible to work for yourself. There will always be street work and we can see that brothel work is a good choice for some, but agencies are doomed to decline for the simple reason that agencies need escorts far, far more than escorts need agencies.

Neither of us know of any existing agencies we could actually recommend an escort to use. There are hundreds in London alone, but when someone on the SAAFE message board mentioned that they had worked for an unnamed one in London that was good but which had closed, it was possible to know which one it was! Agencies come and go, but good ones are like hens’ teeth.

Not that stops just about everyone and their dog thinking that they could run one better than anyone else. One of us used to work somewhere where there would be at least one call a week from someone wanting advice about starting a high class – in nearly five years, only two didn’t stress that – escort agency. After talking to them about it, I don’t think (m)any ever did do it.

For a start, the second you make money from finding someone escort work, you’re at risk of the laws against ‘control for gain’ – what replaced the offence inaccurately known as ‘living off immoral earnings’ in England and Wales – which carries a maximum penalty of seven years. (Is it sensible for governments to say that criminals are involved in running escort agencies while ensuring that everyone who does so is a criminal? No, but that’s the situation.) Plus on a conviction, the courts are also highly likely to go after your assets under the Proceeds of Crime Act, which leaves you having to demonstrate that what you own didn’t come from illegal income.

Then there’s all the other agencies already out there, the costs of advertising, the hours, the worry that ‘your’ escorts might be finding work where you don’t get a cut of the money they earn by having sex (and many of them will be), managing the agency’s reputation (‘punter’ websites may be a mixed blessing, but you will be judged ruthlessly by them), the overheads of having a decent security setup, etc etc. Oh, and don’t forget to pay taxes on the income – it may be money made illegally, but HMR&C don’t care about that and they actively look for escort agencies to find the ones that don’t pay tax.

We know more than most about what would be necessary to run an agency properly, and we wouldn’t touch it with a bargepole.

So the best way of helping you is say, no, we’re not going to do agency sites because we don’t think you should be doing an agency. There are dozens and dozens of designers who will happily take your money and if you let us know what you’re being offered by them for what money, we can tell you if you’re being too ripped off. Or we may be prepared to offer a discount for group order of individual sites for people who want you to handle their booking procedures, but they’d have to be owned by the escorts themselves. It’d still work out much cheaper than a typical ‘agency site’…

Thinking of being an escort?

Looking at how people find this site via searches, it’s clear that some are at the ‘thinking about it’ stage of considering escorting via searches like “Should I use a new name as an escort?” (yes, you should!)

The three most important things to know:

  1. The market for non-sexual escorting is tiny, despite what the scams eager for their ‘registration fees’ tell you. If you were a client, which would you rather do? Pay hundreds of pounds (what the scams promise) for chatting for a few hours with ‘non-sexual escort’ or pay typically rather less for an escort who will be happy to talk but who you can also be sexual with? 99% of escort bookings involve you being sexual…
  2. .. with men. Anyone telling you there is a market for ‘straight male escorts’ is after your money (and it’s not much better for lesbian escorts). Exactly why so few women want to pay directly for sex is an interesting question, but the main specialist sexual health clinic in London has seen over eight hundred male escorts in the past few years. Only eleven had any female clients (and eight of them had mostly male ones!)
  3. Go to saafe.info for some wonderful advice and support from people in the industry. It’s best if you do that before starting – there are lots of pitfalls to avoid – but if you are already a sex worker, you’ll be welcome.

Directory banners

There are hundreds of ‘escort directories’ out there. Some are free to use, some want paying for ads, and some are somewhere in between, with both free and ‘premium’ (the marketing word meaning ‘expensive’) listings available.

But what they nearly all have in common is that they want you to have a link back to them on your site. It’s a crowded market for the wannabes – there are very few really successful directories, and lots of people who would like to make money off someone else’s sex work – so there’s intense competition for high rankings on search engines and ever since Google came along, links have helped with that.

For free listings, I can understand this. It’s a lot dodgier for people you pay to demand it too. As part of a previous job, I used to buy ad space in papers and magazines. They didn’t expect us to advertise them in return, any more than the advertising in the local newsagent’s window means you have to stick a card in your window advertising them!

The directories also tend to insist on having the banner on the ‘front page’ of the escort’s site. Given the awful clashing flashing banners that many of them want, all it does is result in front pages that are horrible to look at, especially as there’s no consistent size for them. Everyone except the search engines skip over them quickly.

It also doesn’t help that they want different HTML code to display them. Some want you to upload the graphics to your site, while others want you to link to images on their site (which means they can find out how many visitors you have!). Some want a graphic and a line of text.

It would be lovely if escorts could insist on a standard format for directory banners. This would include insisting on them being one size, not animated, with simple HTML to display it. People should also have the choice to have the graphics on their site.

Is there any chance of it happening? Not as long as directories keep being able to have people believe, wrongly, that escorts need them more than they need escorts…

‘Contact me’ forms

They sound lovely: people fill in a form on your site, press a button and you get it. You don’t need to publish your email address, and you can insist people fill out various bits of information before you’ll let them contact you.

But they are really not a good idea. What you end up having is a program as part of the website that takes what people have entered in the form and emails it to you. It’s much easier all round if they just email it to you themselves.

Why? Think about what happens when you get the emailed form. If you want to continue the conversation, you have to email them back. How do you know the email address they’ve given is right? You don’t – it could have an error in it or it could be someone else’s email address entered as a prank. Some programs try to test whether an email address is valid, but they often get it wrong. At one point, no-one with a ‘someone@somewhere.info’ email address could use a popular form program – it didn’t think any valid email address had more than three letters after the final dot.

The same things apply if you want their phone number – lots of mistakes / pranks / expecting only American style phone numbers.

Spambots also love them*, so you need to have some way of people proving they’re human** and that puts some humans off from trying. While obviously you’d like some people put off from contacting you (timewasters etc) they’re not necessarily the same people.

So while they’re obviously possible to do technically, we won’t do them. And we’re not sorry about that :)


* One of the first ‘form to email’ programs turned out to allow you to email anyone, given a little trickery, not just the address they were supposed to go to. Spammers loved that. If you’ve ever had spam that started with a line like ‘Form submitted’, that’s why.

** Typically the modern version of asking people to say ‘Shibboleth‘: a CAPTCHA – a task like recognising letters in a snowstorm, something humans find easy-ish to do and programs hard. They help cut down the spam, but what can happen is that the spammers pay people tiny amounts of money to do them. Or they have a porn site and get someone to solve your CAPTCHA before giving them access to the pictures of naked people. The people who used Shibboleth as a test killed people who pronounced it differently from them. CAPTCHAs can be very annoying, but at least they don’t do that.

Today’s discovery..

.. is that copying text from a Moonfruit site is a bit of a pain unless you look at it with a browser that doesn’t do Flash.

Normally I browse with a Firefox add-on, FlashBlock, that pretends to be Flash, but doesn’t show anything unless you specifically ask for it. (And most of the time, you don’t want to: it’s ads etc.) That’s not enough, because Moonfruit goes ‘Ooh, you’ve got Flash, let me try to show you the site that way..’ Disable it properly and it will show you real, copyable, easily text.

Having a blog is simple!

Blogs allow you to show your personality in an easy way. You can post about anything you like.

You can also choose to allow visitors to comment, but don’t let anyone post anything – you’ll have a blog full of spam links to sites selling fake medicine, fake watches, and anything else that can be faked. (Why don’t we get ‘Learn how to fake orgasms!!! They’ll never know!!!’ spam?) By default, we’ll set things up so you have to approve any comment before they are visible to anyone else.