Not to mention I’m thinking of adding a separate site for more personal and materials. A little structure is finally warranted. So here are the beginnings of some thoughts on strategy:

1. – two sites – both with private and public areas.

2. – Business site needs branding – I’ve been defaulting to “msouden” because that’s my domain name, email, IM username, skype username, etc. etc. Do I need or want to do the needed work of a whole new brand? Part of that brand is how I sell myself to clients; “you get me. sometimes I subcontract, but I’m the lead, and this is my cell number”. Somewhat Tuned is cute – but isn’t an image to project to bigger clients. I might as well as “Spread too Thin”.

3. It’s been a long-term plan and hope to be able to direct clients to my site for materials like screencasts or documentation. I’m like to take a few CMS manuals, reduce them to about 30% of their pages, and offer them to clients with a secure login. That looks good and might even be useful.

4. Of course i should show off wares. Lightboxy galleries, javascript, blahdy blah blah.

I might even turn on comments for this one.

• A forray into project management and continuity for a couple of Drupal-powered sites. This was the bulk of July and August. Many great lessons and skills developed.
• Google documents is a great tool for project communication and that there’s a big difference between sharing documents and sharing the right documents.
• Knowing who’s doing QA is important.
• Silverstripe CMS work finally! I still like it, but it’s too early for a real verdict.
• I can still pimp out the WordPress. Had some very fun and interesting tight-deadline work making WP do things it doesn’t usually do – including getting tight with the TinyMCE plugin scene. That’s a whole nother interesting little world.

Until last month when a client of mine emailed and said her nonprofit’s site had been cracked and she needed help. Last year I’d migrated her personal blog from an older service to WP and she was so happy she’d had a volunteer build a WP site for her nonprofit. I looked into the situation and realized that this was a major problem. I was building sites that had a massive security hole.

I’ve since been fixing this vulnerability for all my clients, and had to wipe and reinstall both the site install and the database for said nonprofit. It was dumb luck that it wasn’t one of my clients’ sites to get hit first.

There are a few different ways to protect against this. It doesn’t take long to do, but does require a little php or text file editing. If you are running a WordPress site call your person and ask if they’ve protected the wp-config file. Or email me and I’ll check for you.