Small web development team focused on building powerful internet applications, responsive designs and your success.
Tap to call (610-620-5700)
update-2020-12
Website Security Update
Including a brand-new CMS

I have manually cleaned out spam links and other hacks from most of my client's websites for a long time - often a couple of times per week.

Regrettably I no longer have the time to perform this manual task (for free), so I wrote code to vastly improve the security for both websites and the CMS.

This update will add functionality to deal with the increasing spamming links and spam messages from Contact forms and - as a nice bonus - your CMS will be updated to the latest version (see video at the bottom of this page for a walk-through of the latest CMS).

For each new feature and update, I have listed the estimated time and value it would normally take me to implement.

In addition to the security updates and the latest CMS version, I am including a 4-hour design/feature allowance where you can have any changes done (as long as I can complete them in 4 hours or less).

I just finished a pilot project involving 3 websites. The results were highly successful and I am now offering the same updates to you.

I put together a nice package with lots of value for you. I am only asking for a symbolic payment, as I want to not only help you and your business stay safe but also make it affordable to get your website's security updated.
More robust validation for the Contact form (and other forms if present)
4 hours/$500

This update will both add strong validation to limit spam messages and also block SQL injection attacks. The updated code will validate the message submitted by a spam-bot or user when:

  • first name and last name are identical
  • a hidden field has been filled out by a spam robot (called a honeypot validation)
  • check if IP Address has a valid format
  • check if IP Address is blacklisted (setting in new CMS)
  • check if email domain name (everything after the @ sign) is blacklisted (setting in new CMS)
  • check if email address is blacklisted (setting in new CMS)
  • an attempt is being made to perform a SQL injection attack

All the above validation happens automatically when the form is filled out by a spam robot (software program) or a user. The form validation code will detect the spam attempt and forward the spammer to the Thank You page without saving or forwarding the actual message to you.

An SQL injection is a web-based code injection attack where hackers use malicious code to bypass security systems and gain access to databases. This can allow attackers to conduct a wide range of activities, from extracting information to amending or adding new data or even, in some cases, accessing a server's operating system.
Better encryption for your CMS login
6 hours/$750

Your password will now be saved in the database using very strong encryption. As part of the updated security for login to the CMS, you will be required to use your email address as your username.

When you create a new password, the following rules will now be in effect:

  • The password must be at least 8 characters in length
  • The password must include at least one upper case letter
  • The password must include at least one number
  • The password must include at least one special character
Because an email address must be a specific format to be valid, this will allow for better validation of the login username.
Forgot Password function on the login page
2 hours/$250

Since the new password encryption update will no longer allow me to extract the password for you manually, this new feature will enable you to request a new password yourself should you have forgotten it. You will be required to enter the email address you use as your username, and a new password will be emailed to you.

You can still change your password as often as you like in the CMS.
Your website address will be updated with SSL/TLS
2 hours/$250

SSL (Secure Sockets Layer) and its successor, TLS (Transport Layer Security), are protocols for establishing authenticated and encrypted links between networked computers.

Making your website use a secure connection, your website address will now start with https to indicate the stronger security. This will work automatically, even if people have bookmarked your existing website address. The shift to SSL/TLS (from http to https) is automatic, will not reduce your website's performance, and is transparent to users.

Please note that I can only offer this SSL/TLS update if you have your website hosted with me (or have your website hosted with A2Hosting). If you have your website hosted with another hosting company, there might be a fee for the SSL/TLS update.
Update your website to use the latest framework
2 hours/$250

By updating the framework (called Bootstrap), your website will use the latest javascript files ensuring both optimal security and performance.

As part of my ongoing hosting service and maintenance, your website hosting will have the coding language (PHP) and all necessary code modules updated to the latest versions to ensure optimal security and performance.
CMS updated to the newest version
8 hours/$1000

Included in the CMS update is all the security and validation settings mentioned in the More robust validation for the Contact form section.

Please view the video at the bottom of this page for a walk-through of the latest CMS.
4 hours of updates to your website
4 hours/$500

This can be color updates, content sections, fresh images, add or remove features (for example add a video section) or add or remove pages.

Certain restrictions apply
Total offer value
28 hours/$3,500

Your price: $500

Please send your check to the following address:

  • StoneHill Media, Inc.
  • 2902 Burton Dr
  • Gilbertsville, PA 19525

Once I receive your payment, I'll email you to let you know an approximate date of completion. I'll also need to know what updates you want me to complete for the website (if any), as you have an allowance of 4 hours as part of the update package.

If you have any questions, please ask. If we need to get on a video call to go over what changes you want me to implement as part of your 4-hour design/feature allowance, please go ahead and request that.
Please note the following:
  1. This is a one-time offer that expires on February 12, 2021. All orders received before February 12 will be completed even if the time goes past the offer deadline.
  2. The $500 payment is required in advance, and the work will be performed in the order I receive payments.
  3. Each website update will take 3-4 days to complete.
  4. If I am not hosting your website, I will need full access to your hosting provider (username, password) to set up FTP, access the database, and upload the new CMS and any updated website pages.
  5. I will still monitor and remove spam links from your website free of charge until December 20, 2020.
  6. If you need my assistance removing spam links after February 12, 2021, and you have chosen not to take advantage of my security update, I will still be able to help you clean out spam links on your website, but I will charge you $125 for each cleanup.
As spammers are getting more resourceful every day, I can't fully guarantee that you will be completely free of spam attacks going forward. The updates listed on this page should deter even experienced spammers.
Copyright © 1995-2021, StoneHill Media, Inc.  All Rights Reserved.