CleanTalk's blog

    Sign up

    Category: CleanTalk

    • Improving Security on WordPress with CleanTalk HTTP Response Headers

      Improving Security on WordPress with CleanTalk HTTP Response Headers

      Securing your WordPress website is a critical aspect of website maintenance. In this article, we will explore how using the “Send additional HTTP headers” option from CleanTalk can help bolster your site’s security. We’ll delve into three crucial HTTP headers: “X-Content-Type-Options,” “X-XSS-Protection,” and “Strict-Transport-Security.” We will understand how they work and the benefits they bring to your site’s security.

      1. Header “X-Content-Type-Options”

      What Is It?

      The “X-Content-Type-Options” header is a mechanism designed to prevent certain types of attacks related to file types on your site.

      How Does It Work?

      This header, with the “nosniff” parameter, instructs the browser to strictly adhere to the Content-Type specified in the header. If the browser detects a mismatch between the actual file type and the one specified in the header, it can block script execution and prevent the download of potentially malicious files.

      Benefits for Your Site

      Setting the “X-Content-Type-Options” header with the “nosniff” parameter helps prevent attacks such as MIME-type attacks and drive-by downloads, safeguarding your users from potentially harmful files.

      2. Header “X-XSS-Protection”

      What Is It?

      The “X-XSS-Protection” header is designed to combat cross-site scripting (XSS) attacks.

      How Does It Work?

      This header enables built-in protection against XSS in modern browsers. If the browser detects a potentially malicious script on a page, it can automatically prevent its execution.

      Benefits for Your Site

      The “X-XSS-Protection” header helps protect your site and users from XSS attacks by preventing the injection of malicious scripts, thus keeping data secure.

      3. Header “Strict-Transport-Security”

      What Is It?

      The “Strict-Transport-Security” (HSTS) header ensures your site’s data is secure during transmission.

      How Does It Work?

      HSTS requires the browser to establish only secure (HTTPS) connections with your site, even if a user attempts to connect via insecure HTTP. This prevents attacks related to data interception.

      Benefits for Your Site

      Utilizing the “Strict-Transport-Security” header helps ensure the security of your site’s data and protects users from potential attacks associated with data interception.

      Conclusion

      Configuring HTTP headers on your WordPress site using the “Send additional HTTP headers” option from CleanTalk can significantly enhance your site’s security. The “X-Content-Type-Options,” “X-XSS-Protection,” and “Strict-Transport-Security” headers provide robust protection mechanisms against various types of attacks. Remember to stay updated and regularly assess your site’s security to ensure reliability and protection for your users.

      If you are seeking solutions to enable security headers and safeguard your website, look no further than Security by CleanTalk. Elevate your WordPress security effortlessly with these essential headers by choosing Security by CleanTalk.

      Security by Cleantalk
    • Our Investigation of the Hack of One Website (OR: How We Investigated a Hack of One Website)

      Our Investigation of the Hack of One Website (OR: How We Investigated a Hack of One Website)

      We were contacted by one WordPress website owner with the issue of a website hack. Consequences of the hack were that their whole website content was deleted, meaning articles, pictures, plugins and themes were gone and visiting the website displayed a blank page. What was left in the folder «wp-content» was a single folder «uploads», new files in the root directory and many custom files «.htaccess» in other folders.

      What measures were taken in the first place before restoring the website. To avoid future successful connections from the hacker, all passwords were changed, including database ones, authorization over HTTP was enabled, installation of any files and themes were allowed only over FTP.

      What Has Been Done to Find Out the Source of the Hack

      The main task was gathering information about how the hacker managed to get access to the website and delete all of its content.

      The first step was saving the entire file system in a way where the files can not be created anew but to be saved in their current state (It’s important to know for identifying the creation time of the malicious files).

      • saving nginx «access.log» on the date of the detected hack
      • saving nginx «error.log» on the date of the detected hack
      • saving nginx «syslog» on the date of the detected hack

      Input data:

      • logs «access.log» (200 MB) «error.log» (47 MB)
      • website files

      The local repository of Splunk was chosen for the log analysis, data sources were the files «access.log» and «error.log».

      To determine the time when the website infection happened, the creation time of the suspicious files in the website folder was inputted.

      The next step was selecting a set of lines from the log files within a certain time period and the server response 200, while requests from «admin_ajax» and «wp_cron» were excluded.

      Thus, we found the hacker’s IP address that was able to get a response 200 for its POST request to this address: /wp-content/themes/seotheme/db.php?

      Next, we analyzed every line of activity of this IP address within the same time period. Based on this data, we see that someone created this folder: /wp-content/themes/seotheme

      Furthermore,

      • the cybercriminal from the IP address 43.153.77.57 was able to get a response 200 to their POST request while forcing /wp-content/themes/seotheme/db.php?u and in the end a number of malicious files was created which were started being called; 
      • a set of files «.htaccess» was created and modified specifically for the Apache-like webserver to allow executing files; 
      • the file «index.php» was modified, added obfuscated malicious code;
      • the file «plugins.php» was modified, added obfuscated malicious code;
      • the file «pluggable.php» was modified, added obfuscated malicious code; 
      • there were some eval constructions in the files, and parsing them was impossible.
      • It’s also impossible to know the origin of the folder /wp-content/themes/seotheme and the files in it, the reason is self-deletion of the malware results.

      How to prevent future hacks:

      1. constant monitoring of the website files for any new unknown files in the system,
      2. aggressive response to status changes of the «.htaccess» files if you use an Apache web-server
      3. force to implement any filesystem actions with a protected FTP account only, you can edit your wp-config.php by adding the code below:
      define( 'FS_METHOD', 'ftpext' );

define( 'FTP_BASE', '/yoursitepath' );
    • WordPress DDoS Protection. How to Mitigate DDoS Attacks

      WordPress DDoS Protection. How to Mitigate DDoS Attacks

      How to Mitigate DDoS Attacks on WordPress

      To mitigate DDoS attacks you can implement several methods.

      The first method is to forbid access to your website by IP address on the level of your webserver by adding a rule in the file «.htaccess» manually.

      The second method is to install the CleanTalk Security plugin for WordPress, our feature Traffic Control that protects from DoS is enabled by default.

      CleanTalk Traffic Control monitors each request from any IP address and if the number of requests exceeds the limit in a certain time period then this IP address will be temporarily blocked and it wouldn’t be able to access your website at all.

      For instance, if an IP address sends requests to your website with a frequency of 1000 requests per 1 hour, such activity will definitely be blocked for 1 hour.

      You can adjust the settings of Traffic Control as you want and as you find appropriate. To do that, go to your WP Dashboard → Settings → Security by CleanTalk → General Setting → Firewall.

      Time frame to measure page hits – here you can set a time period which will be taken to calculate the number of requests of your visitors.

      Block a visitor if the count of the opened pages in the time frame more than – here you can set your limit of requests after exceeding which any IP address will be blocked.

      Block a visitor if they exceed the limit of opened pages for X minutes – this option is meant for setting a time period a blocked IP address will be put in.

      Ignore logged-in users – tick this option to ignore all requests going from your logged-in users.

      Also, on the tab Firewall, you can see all IP addresses that are visiting your website right now.


      What are DDoS and DoS?

      These are types of attacks on a website when a lot of requests are being sent. If the number of requests is quite high then it will result in problems with the website functioning.

      The difference between DDoS and DoS consists of that DDoS has a distributed attack, meaning it is executed from many IP addresses, while DoS has just one or a few IP addresses.

      Why DDoS and DoS might be dangerous to a website

      Such types of attacks is based on the fact that a webserver has to process each request, thus running all website page scripts, loading all pictures, and so on spending its resources. As a result, the website will function slower or start giving an error on attempts of visiting any page.
      The second trouble is in a high volume of your website traffic, in some cases, it may lead to unexpected expenses or a warning from your hosting provider.

      It’s unwise to underestimate the dangers of such types of attacks and spend your time forbidding IP addresses manually, it’s more efficient to give this task to the automated tools.

      You can install the plugin Security & Malware scan by CleanTalk from the WordPress catalog.

    • CleanTalk Merch is Available on Amazon

      CleanTalk Merch is Available on Amazon

      Good news, everyone!

      Now you can buy our merch on Amazon. The water bottle with multiple lids is already available to order. So, be sure to protect your website from spam and drink at least 1.5 liters of water a day 😏

      By the way, what other merch would you like to see? Let us know in the comments.

    • 5 Reasons Why Daily Group Reports Will Save You Time

      5 Reasons Why Daily Group Reports Will Save You Time

      Some people do daily reports to account for their time at work, some are proud to share their progress, and for some, it’s nothing more than an obligation. The reasons may vary, but the important thing is that it should work for you.

      For us at СleanTalk daily reports are a full-fledged communication channel, so each employee sends their daily report with the current day’s results and the next day’s plans to the whole team at once (we use Gmail + Google Groups for this). Yes, each employee gets about 20 report emails at the end of the day but it really helps to save time. Let us share with you how it works.

       

      1. Your report is opened by someone interested in it

      There’s nothing worse than wasting time on a report that isn’t useful. In a normal “vertical” reporting system, you and your colleagues end the work day by sending reports and plans for the next day to your team leader, and it’s nice if they have enough time to read and make sense of them. Also, it will be a great success if they are able to give feedback on them. With this system, the synchronization of the team members’ work lays entirely on the team leader’s shoulders who further distributes and monitors the tasks.

      With a horizontal reporting system (like ours), all reports end up in the same mailing list group in Google Groups. When employees work on the same product, they often know the details better than their team leader, that is what exact task should be paid the most attention to and whose attention should be prioritized higher based on their previous experience.

      2. You can adjust the plan of action better or correct a mistake in advance

      For example, when one team has to start doing a new part of the project, and the other team has not yet finished the required previous part. In this case, it will become visible in the reports and the workflow can be adjusted. That is, some of the issues can be solved at the planning stage before the actual implementation.

      If an error in the workflow could not be avoided, the earlier it is detected the less time it will take to fix it. For example, a backend developer can notice a possible error in the work of a frontend developer in advance and notify them. That will help in fixing the mistake quickly and time will be saved.

      3. This is a full-fledged communication channel on par with audio and video conferences

      In our team, on average, at least one dialog appears out of 20 reports, this happens almost every day. Part of our time is saved because the employee is not waiting for a scheduled online meeting to discuss a particular issue. Such reports are great for non-urgent tasks scheduled for the current day. However, if the task is urgent and needs to be solved quicker, an audio or video conference is more effective.

      4. Possibility of retrospective analysis

      You can always examine the history of reports on a particular task and evaluate what went wrong and what could have been done differently. Sometimes this may seem like a waste of time, but it helps to avoid such mistakes and save time in the future.

      5. The openness of information and team building

      When we say your report is seen by the whole team, it literally is without exclusions. This applies primarily to team leaders and CEOs. It’s always essential for employees to know what the company founder or their top manager is contributing to the product. Such a team leader will always earn more respect from their colleagues. Besides, when everyone sees each other’s contribution it is very important for team building and a cohesive team will probably show better results in the same amount of time than any other team.

      We hope this article helps start-up companies in saving valuable time. We were a small company once, we invented and tested various approaches to organizing reports and competent time management. Some of the techniques didn’t work for us, but we’ve been practicing this approach to organizing reports for a long time and are happy that it helps our employees save more time for their families and hobbies.

      Have a look at our experience how to organize task among team by using SCRUM techniques in Basecamp 2.

    • 7 tips of communicating with your clients and how to not lose them

      7 tips of communicating with your clients and how to not lose them

      We want to share our experience on how we handle feedback from our clients. Here are some of our rules helping us to get great feedback about the quality of our tech support:

      1. Speed of response to a client request.

        The faster you respond to your client’s question the more satisfaction your client will get from working with you. Even if you use auto-replies when your client creates a ticket and inform that you will reply within 24 hours, it will be a depressing factor as the client is already potentially expected to wait for your reply in 24 hours. You have to reply within 1, maximum 2 hours. At CleanTalk we stick to the rule that 80% of all replies must be given within 1 hour since the creation of a question and since the previous client reply, moreover, we manage to get it done about 20-30 minutes faster. Such speed of replies is very motivating for clients and we get feedback that our support team is one of the fastest they have worked with.

      2. Accessible and clear information.

        Provide your client with a clear and accessible description of how the issue should be resolved. If the client is required to perform some actions from their side then do the following:
        – describe a detailed and step-by-step order of such actions;
        – provide a screenshot, mark the needed area of the interface and what actions are needed to be done;
        – provide your client with a link to the necessary interface or guide, this way your client will not have to search for the necessary pages themselves.
        These steps are needed so the client does not have to ask you again how to do a particular action that you were asking earlier, which ultimately reduce the time it takes to resolve the issue and the number of responses per request. On average, we get 3.33 responses per request.

      3. Deadlines of solving the issues must be met.

        If you can not solve the issue immediately and you require some help from your colleagues such as your programmer, then give a realistic date when you will respond to the client. Do not give unrealistic deadlines to avoid rescheduling. If for objective reasons you will not meet the deadline then inform the client about it and give them a new deadline. You should keep track of the deadlines and not let the issue be continually postponed because of the workload of other employees. Establish smooth cooperation between departments, there should not be any delays on any stage of the problem solving process. In our company in each department (Web Developers, Client-Side Developers, Server-Side Developers) there is an employee who is solving client issues that came from the technical support.

        If the question is complex and requires more time to find a solution/answer and you can not immediately give your answer in an hour, tell the client about it right away. Write how much time you’ll need for troubleshooting the question and prepare your answer. For example, “I’m sorry, it will take longer than usual to investigate your issue and I will be able to give you a detailed answer in 4 hours”.

      4. Provide your support staff with all details they need.

        Your employees should not spend their time searching for information about the client. Analyze how the workflow of your employees is made, note the most frequent and time-consuming activities and try to automate them so that these activities would be performed with a single button.

      5. Offer a bonus for your mistakes.

        If there was a mistake by your fault then offer your client a bonus to compensate their time. It’s a good practice for building loyalty to give some encouraging attention to your clients.

      6. Prepare your reply templates for the same type of questions.

        Analyze your client requests. There will always be similar questions and it takes a lot of time if you have to type your similar replies quite often. It is easier to prepare the standard reply templates that can already be edited depending on the situation. Try not to make such templates look like a machine answer, edit the template in your answer for more human-like communication.

      7. Make sure that the client’s question is resolved.

        If the client reached out to you and you gave them a solution, ask the client at the end of your reply if your instructions helped them and if their question has been resolved. It greatly reduces the time it takes to resolve the issue.

      We hope, our experience that we shared will help your support team and your clients to get the most useful communication with each other. If you have any thoughts to add, please write them down in the comments.

      If you want us to share more of our experience with you – let us know in the comments below and don’t forget to share if you like the post.

    • How to protect your Open Journal Systems (OJS) website from spam using the Universal Anti-Spam Plugin

      How to protect your Open Journal Systems (OJS) website from spam using the Universal Anti-Spam Plugin

      Installing the Anti-Spam service by CleanTalk takes about 10 minutes and grants full spam protection for all the forms on your website. It could be a comment form, a registration form, a feedback form, or any other. Just follow the steps below.

      Step 1: Make backup copies of your website files and database.

      Step 2: Download and unzip the “CleanTalk” folder into your websites’ ROOT folder.

      Step 3: Proceed to address (your_website_name/cleantalk/install.php):

      Steo 4: Create your CleanTalk account here.

      Step 5: Enter your email and password and then click the “LOGIN” button to continue with the installation.

      At the end of the successful installation, you will see this message

      To enter the plugin settings go to (your_website_name/cleantalk/settings.php). Here you can manage the plugin options, see statistics and uninstall the plugin.

      How to check that the Anti-Spam already works with your OJS website

      Go to any form on your site (e.g. registration form) and type in

      You can test the work of Anti-Spam protection by using a test email s @ cleantalk.org (without spaces). Fill in all the required form fields and send a form.

      After submitting the form, you will see a block message about the block on the form submission.

      That’s it. From now on your Open Journal System website forms are fully protected from spam.

    • Our new web service: Website Uptime Monitoring

      Our new web service: Website Uptime Monitoring

      Does your website work correctly right now? Is its loading speed convenient for visitors? Are you sure it is available 24/7 for all your potential customers?

      If all your answers are “Yes, sure” then you got our respect. Otherwise, we highly recommend you get control of your website availability and loading speed. Because all of this can greatly affect your website search ranking or lower the number of visitors returned to your website.

      And from now it has its own public interface.

      As a reminder, here are some reasons for you to start Uptime Monitoring:

      Uptime control
      One of the most important parameters of a website is its reliability and speed, which means a website is available to guests and customers 100% of its work time.

      Load speed monitoring
      Additionally, the service monitors your website load speed. It shows the exact time how long it takes to load each website page.

      Real-time statistics
      The statistics demonstrate changes of data in real-time, so you can identify the time of the heaviest load and see what caused such load in the first place.

      Immediate notification 24/7
      The service will inform you when your website became unavailable for your visitors, when the access was restored and how much time your website was down.

      More stable and faster
      The more stable and faster your website works the better for the SEO, your visitors and your business growth.

      Every-minute checking
      The Website Uptime Monitoring checks whether your website is accessible or not every minute and it does that from different checkpoints simultaneously.

      Ok, let’s try

       

    • How to Find Email Addresses

      The hunt to find email addresses can be overwhelming. It is not easy to know where to look and who to contact. Having the right contact is the most important part of sending any email, so you definitely want to make sure that you follow through. There could be many reasons as to why you are searching for an address. You might have a general inquiry, need sales contacts, or be on the job hunt. This article will go over how to search for email addresses through a variety of useful methods. Your information is valuable, and you want to make sure it gets into the right hands without wasting your time.

      Do not fret about the time consumption that searches will take. It truly does not have to be a frustrating process. There is a multitude of ways to search for email addresses. If one method does not work, move on to the next, and you are most likely going to find what you are looking for. Start with the method that seems like it would work best for your specific situation. This could be using company websites, email lookup tools, google or bing, or even social media.

      Table of contents 

      • Finding the Right Email Address is Important
      • Try looking into the Company Website
      • Extrapolating Based on Known Email Addresses
      • Try Getting in Contact with the Admin of a Company
      • Check Social Media
      • Find Blogs and Personal Websites
      • Use People Search Sites
      • Try An Email Lookup Tool
      • Try An Email Lookup Tool
      • Try the @domainname.com search with DuckDuckGo
      • Subscribe to Your Prospects Email List
      • Utilize the Generic Email Address
      • Try Contacting Companies through the “Contact & About Us” Pages
      • Try Scouring the Internet with Websites Such as WHOIS
      • When All Else Fails, Take a Guess
      • Conclusion

      Finding the Right Email Address is Important

      When contacting someone who is at the top of your list, it is necessary to find email addresses that are correct. The right email address will transform your inquiry into an answer in the fewest amount of steps. Your main goal is to find the decision-maker for your specific question. For example, if you are aiming to contact a company, there are many employees that can be contacted. How do you know which person to email? Do your research. Look into the different departments and/or job titles to find someone’s email address who is most likely going to have an answer for you. 

      If you attempt to use an email address for just anyone, you might find yourself making your way through a chain of email transfers before you get to the right person. It would save you loads of time to find the correct contact in the first round. There are many ways to search for an email address. You could try searching through a company website, using social media, or even regular search engines. Just remember that it is worthwhile to complete your research ahead of time instead of relying on the wrong contact to get you to where you need to be.

      Try Looking into the Company Website

      If you are looking to find an email address, the company website might be one of the first places to look. Many people are hunting email addresses for business-related purposes, so company contact information simply makes the most sense. The next question is how to find the right place to look once you get to the correct website. This will usually be under specific tabs. The name of the tab will somehow be related to contact info or employees. Examples of tab names include but are not limited to “Meet the Team,” “Contact Us,” “Our Employees,” or “Departments.” 

      Once you find the tab that correlates the most with what you are looking for, you might luck out and see contact info right then and there. If not, you will most likely have to dig a little deeper. Think about the department that you are presumably looking for. It could be marketing, accounting, client services, etc. Once you find the right spot, you might be able to scroll through a list of company employees and their email addresses. If you still do not know which employee to choose, try checking job titles. For inquiries that need to go to the person in charge, look for higher titles. Smaller inquiries can go to lower titles. Typically job titles are quite descriptive, so you should not have too much of a problem after this.

      Try Using a Search Engine Such as Google

      Search engines are a go-to way to find someone’s email. Google is the holder of all information, and it will give you a generated selection of links that match the information that you are looking for. The question of how to use search operators does not come along with a complicated answer. 

      When searching for someone’s email address, all you have to do is type in relevant information into the search bar. This could be their name, company, specific job titles, etc. This search entry will typically take you to a relevant site that may contain the information you are looking for. There will be many options presented to you, so you can click through each one to see if you are ever able to find specific email addresses. A precise google search could result in finding the contact information of the registrar of a company’s web server.

      To make your search even more accurate, try using advanced Google search. The Google tool allows you to be more specific in your search so that you can get more authentic results. You can select the type of media that you are looking for and make sure specific keywords are definitely included or excluded from your search results. Many people prefer this method because they feel as though the results are more reliable. If you do not find what you are looking for by searching regularly, try the advanced search method before giving up.

      Extrapolating Based on Known Email Addresses

      Once you have an existing email address, you might be able to find others. When using this method, you might not even have to search online for the address that you are looking for. Most companies have specific formatting when it comes to their employees’ email addresses. This can be combinations of their first names, last names, and initials. The domain will always remain the same. For example, a company could use this format. Fi****************@do****.com

      If you know the name and email address of an existing person of the company, study the format of their email address. You will be able to extrapolate the pattern. Interchange the information in that email address with the information of the contact you are looking for. This method is only useful if you have the exact name of the person you are trying to reach. If you do not have your desired contact’s information, you may have to try using a different method instead. If you know parts of the person’s name you can do your best to create an email address that might work. You might run into some difficulties or accidentally contact the wrong person. Even so, if you are lucky, they will help lead you in the right direction.

      Try Getting in Contact with the Admin of a Company

      The administrative assistant of a company is always a good person to connect with. They usually have access to information such as company databases. The admin of a company is typically in charge of company structure and organizational material. They tend to be the most knowledgeable employees regarding company information. 

      This is the best person to reach out to with general questions, but you can still go through them to get in touch with someone else. If you are struggling to find a specific email address when you know the company, consider contacting the admin for assistance. You can usually find the company phone number on their website. The phone number will most likely take you directly to the admin. If not, you can follow the keypad instructions of the automated call. 

      After calling, you can explain your situation. If you know the name of the person you are trying to reach, you can ask for their contact information directly. If you still do not have a specific person in mind, you can ask the admin who they believe is the best person to contact. You might be able to acquire their phone number as well.

      Check Social Media

      A great place to find email addresses on the internet is social media. How to find these addresses depends on what platform you’re searching on. Whether it’s LinkedIn, Facebook, or Twitter, finding email addresses is not a difficult task.

      On a professional social networking site like LinkedIn, emails are normally very accessible. The first step should be to go to someone’s account and check their contact information. When looking for the email addresses of people already in your LinkedIn network, you can export your connections by going to the My Network page. On the page, click Your Connections and then Manage. Under the advanced actions, you will have the option to export your contacts. 

      If you are looking for someone outside of your network without a public email address, there are plenty of tools designed to help you get the information. LinkedIn Premium and Sales Navigator are built by LinkedIn and designed to make outreach easier. If you don’t want to pay the subscription price for these tools, however, there are plenty of free third-party browser plugins that can be used. LinkedIn is a great place to start, but if you can’t find a company’s or person’s email address there, other social media platforms may help.

      Twitter and Facebook may also help you locate someone’s email address. On Facebook, people have the option to make their contact information, both phone and email, public. People and businesses with professional accounts will also normally have a contact button on their page to allow for easy communication. Also, some people will share their email addresses out in tweets and Facebook posts, so keep an eye out for those as well.

      Find Blogs and Personal Websites

      If someone’s social media profiles don’t help, another good tool is to check if they have a personal website or blog page. In today’s world, the amount of personally branded sites is continuously growing and you may be able to reach out that way. The easiest way to find someone’s personally branded site is to start with a search engine and their name. From there, you may be able to find blog posts they have written or their site’s landing page. Normally these sites will have a contact section, which is a great starting point to find an email address. 

      Reaching out will usually come with either an automated response from the email address or one from the person themselves. However, not all sites will have a contact page, which can make finding an email address this way a little more challenging. If you find yourself desperate for this email address and have located a personal website, you can use one of many free services to find the domain’s owner. These databases are full of up-to-date information on people who own the domains, so taking this step could lead you to the email address that the domain is registered under.

      Use People Search Sites

      People search sites have been around for a long time and continue to be a quick option for reliable contact information. Most users are familiar with reverse phone lookups and other tools of that nature, but there are many more options to match a person to their email address. The one catch is that only a few sites will give you the results for free, most of them will have you pay before giving you the information. 

      These sites tend to start off by having you provide the person’s first and last name as well as city, state, and country of residence. From there, the site will start searching records for people who match the data that was provided. These sites can be useful but do not always supply you with the most accurate results. The data that these sites give to you always has the potential to be outdated or belong to another person. 

      Try an Email Lookup Tool

      One of the simplest ways to find an email address online is to use a service to do it for you. There are plenty of email search tools, both free and paid. These tools are either browser extensions or websites designed to help people efficiently find the email addresses they want.

      Email lookup tools are a more refined version of people search tools and they all work in a similar fashion. You just input a name and narrow down the possibilities as much as possible, refining by location and other factors. From there, these services will work to provide the most probable outcome. There are dozens of platforms to help you get started; some of the premium platforms offer free trials while others will give free searches every month until you hit the cap.

      If you want to use the premium tools in trial mode, check out:

      These sites offer 50 free searches, then, use a monthly or annual subscription method ranging from three to five cents per search.

      These services offer free searches every month and then charge for anything beyond the free amount:

      These platforms offer between 50 and 300 free searches per month and then offer an extension of those searches to up to 5,000 per month for as inexpensive as under one cent ($0.0098) per search.

      If you do not want to pay at all for the search service, we have also found some options for you. These browser extensions are totally free to use:

      No matter what scale you will be using this for, with a little bit of research you can find the best platform for you.

      Try the @domainname.com Search with DuckDuckGo

      Google is synonymous with the term search engine but it is not the only one. The alternative search system DuckDuckGo is focused on protecting the privacy of its users; it also has some unique functions such as the @domain exact search to help find email addresses. To find the contact information you want is a very simple process. On the DuckDuckGo search screen, you need to type in “@wanteddomainname.com” contact and perform an exact search. For example, ““@duckduckgo.com” contact” will return a top result with the email address in the option’s description. From there, you can contact the company, and if you are looking for a specific employee of that company, ask to be put in touch with them.

      Subscribe to Your Prospects Email List

      It is common for companies and even personal websites and blogs to have mailing lists and newsletters. When looking to get in touch with your prospects, it is crucial that you get on their list. Doing this allows you to stay up to date on their dealings as well as open a line of communication between them and yourself. Meanwhile, you will be getting their email address and also gaining a competitive edge of information at the same time.

      It is also important to start your own mailing list if you haven’t done so yet. If you have, make sure to check it frequently and remain active and interesting regarding the information you send out. By checking your mailing list, you may see that somebody you are trying to reach out to is already in your contact book. By using mailing lists, you give yourself another opportunity to connect meaningfully with more people.

      Utilize the Generic Email Address

      Almost every company these days has a contact form on their website that goes into a general inbox. These inboxes are normally handled by administrators that may not seem useful at first glance. However, by asking the right questions through the generic email address, it should be fairly easy to get the contact information of the potential prospect you are trying to reach out to. By doing this, you and your prospect will both (ideally) have each other’s contact information, and you can start a dialogue this way. 

      It may take a little bit of time to get a response, but this is a fairly low-effort measure to execute. With the right wording and a little bit of patience, you can receive the email address by simply filling out a form.

      Try Contacting Companies through the “Contact & About Us” Pages

      On most company websites, you can find special pages that are called “Contact us” or “About us”. These pages do not only have some contact info, but they can sometimes have a fillable form to ask any pressing questions. You have the option of filling out the form including your personal information and information about your request. The data from that form will go to a general inbox, and an employee will reach out to you sometime soon. Be aware that this can sometimes take a number of days since the request does not go to a private inbox.

      This is a good way for you to ask about your question and see if anyone is able to assist. If you do not want to ask your personal, specific question through this form, you are always able to request the email address of the person that would be best to help you. When filling out the form, make sure you are including all necessary information and even URLs if you think they might help. It is essential to avoid leaving anything out. You do not want them to get back to you with irrelevant information. 

      Try Scouring the Internet with Websites Such as WHOIS

      There are many websites on the internet that can help you look up information such as names, email addresses, and phone numbers. This method is only helpful if you already have existing information regarding the email addresses. These websites typically find information from reports that are already existing on the internet. Here is a list of websites that can do just that. 

      • WHOIS is very user-friendly. As soon as you visit the site, you will be faced with a big search bar that can help you out. All you need to do is enter any information that you already know such as name or company, and they will search in their online database.
      • NameCheap is another website that scans the internet for existing domains and contact information associated with them. When you search for information that is already in your possession, the website will give you a list of other information that it has associated with your keywords.
      • DomainTools also has the capability of scouring the internet in search of helpful information. You will be able to find email addresses if they are associated with an existing domain on the internet.
      • Nominet basically does the same things as the previous tools, but it is primarily used in the United Kingdom. It scans the internet for British domains, so it can be helpful if you are specifically looking for an email address coming from the UK.
      • DMCA0s free WHOIS tool is oddly specific. If you know that the email address you are looking for is associated with a digital millennium copyright act, you can search your keywords here.

      When All Else Fails, Take a Guess

      Have you tried every single method, checked every nook of the internet, and are still not able to figure out how to find the email addresses that you are looking for? When all else fails, you always have one last approach. You can always take a guess to the best of your abilities. Of course, an educated guess is better than creating something from scratch. Needless to say, this method should only be used in worst-case scenarios when one is desperate to reach someone. It is rarely successful, but it could still be worth a try.

      If you know the name of the person you are trying to reach, you can make experienced suggestions from that information. You could also deduce a more likely guess if you are sure of their domain name. If you are okay with potentially emailing the wrong person, this method might work for you. If that is something you are hesitant about, you might be out of luck. Try out different combinations of their names followed by @domain name. If you are willing, you could think of as many combinations as you’d like and attempt sending out an email to each one. Hopefully, you end up finding the person you are looking for!

      Conclusion

      With all the need of finding proper email addresses comes the hassle of doing so. As time-consuming as this process is, it is nonetheless crucial to do your search at the end of the day. Finding the correct contact information will ultimately save you time and energy in the future. There is no need to jump through hoops and obstacles later on when you can follow these simple steps. Think about what methods will work best for your situation and start from there.

      Every person’s scenario is different, but make sure you are using this to gain personal information. Do not use these methods for harmful purposes such as spamming people or selling their information. We hope that these methods of searching proved useful in your hunt for contact details. With so many tactics, it is almost impossible to fall flat and empty-handed. Good luck with your search!

    • How to Disable all WordPress Comments

      How to Disable all WordPress Comments

      If you get spam through your comments forms you can always use our Anti-Spam plugin for complete spam protection. But if you decided to disable all WordPress Comments on your website we also have a simple decision for you.

      Follow our guide to disable all the Comments fields you don’t need in less than 5 minutes.

      How to install CleanTalk Anti-Spam plugin

      To install the Anti-Spam plugin, go to your WordPress admin panelPluginsAdd New.

      Then enter «СleanTalk» in the search box and click the Install button for «Spam protection, Anti-Spam, FireWall by CleanTalk».

      After installing the plugin, click the «Activate»‎ button.

      After it is done go to the plugin settings and click the «Get Access Key Automatically» button. Then just click the «Save Changes»‎ button.

      Disable all WordPress Comments in 3 steps

      Step 1: Go to Plugins Installed Plugins.

      Then go to Settings link next to CleanTalk Anti-Spam plugin.

      Step 2: Click on «Advanced settings» button at the bottom of the screen. More setting will appear.

      Then find Disable all comments in Comments and Messanges section.

      Step 3: Choose wherever you want to disable comments (1) and then press the Save Changes button (2).

      Done! It really is that simple.

      If you have any questions, add a comment and we will be happy to help you.

      Create your CleanTalk account – Register now.

      Additional features

      • CleanTalk protects all forms at once: comments, registrations, feedbacks, contacts, reviews.
      • Installation takes about 1-2 minutes.
      • Smart 99% protection against spambots.
      • Always online – 24/7 technical support.
      • Logs, SpamFireWall, personal lists, country filters, stop-words, and many others.

      Discover the complete list of CleanTalk Anti-Spam plugin features here.