Updates to your email server settings

What you need to do now

Make sure your settings are up to date by checking them against the details below.

The main difference (based on historical data) is that the incomming and outgoing mail settings now need to be authenticated with a password, rather than ‘challenge response’. You may also need to change the default outgoing SMTP port to 587 (rather than it’s default).

Your details should match up with either the IMAP or POP3 settings, depending on which connection you use. We always recommend the IMAP rather than POP3, so your emails are backed up to the cloud as well as your device.

If your details do not match after the legacy authentication method is disabled, you might not be able to authenticate and access your mailbox.

If this happens, please check that your settings match those listed in this support article. And of course, let me know if you need help.

Our standard and premium mailboxes can be loaded onto your device or through your mail client either with a POP3 connection or an IMAP connection.

By using an IMAP connection, you can have multiple clients simultaneously connected to the same mailbox. For example, you can have email on your phone, your tablet, and your computer, and when you delete a message from your phone, it will also be deleted on your other devices, for this reason we recommend using IMAP over POP3.

The way your device or mail client is designed may be different than how other programs or devices work, with different names for the same steps.

Your device or program should have detailed information on how to add and set up mailboxes onto the system, but there are general pieces of information you need to complete the process.

When selecting the account type, select IMAP.
Your User Name is your full email address.
Your Password is your mailbox password.

Notice: In August 2021, they announced that we are disabling legacy authentication on our mail servers and you should check your settings. This change does not mean you need to change your IMAP/SMTP server, only that you review the authentication method used.

As of Sept 2021, if you’re using an Apple laptop/desktop device (rather than iPhones which seem unaffected), due to some sort of glitch in the way the system has been updated, if your emails suddenly stopped to sync despite all the settings being correct as below, it’s likely you’ll need to:

  1. Backup your emails locally (just in case with IMAP. You MUST do this if using POP3).
  2. Remove/delete your email account from your email program.
  3. Restart your email program.
  4. Add a new account (using the latest email settings for the same account you had before). You’re likely to need to click through a few ‘Advanced’ options to change the port number and address, etc.
  5. Wait for your local account to sync with the cloud imap version, which may take a couple of hours depending on how many emails you have stored.
  6. If this looks to have worked, but all your email sub-directories are still empty after the syncing progress bar seems to have finished, you may need to start from Step 2 again.

If you use IMAP:

User Name: bob@thisismydomain.com
Password: password123

Outgoing Mail Server: mta.extendcp.co.uk
Outgoing Mail Server Port: 587
Outgoing Mail Server SSL: STARTTLS
Outgoing Authentication Type: Password

 Your mail server can be set to mail.yourdomain.com or mailXX.extendcp.co.uk (mailXXbeing the server your package is assigned too (this can be found in your control panel).

Incoming IMAP Server: imap.extendcp.co.uk
Incoming IMAP Server Port: 993
Incoming IMAP Authentication Type: Password

If you use POP3:

User Name: bob@thisismydomain.com
Password: password123

Outgoing Mail Server: mta.extendcp.co.uk
Outgoing Mail Server Port: 587
Outgoing Mail Server SSL: STARTTLS
Outgoing Authentication Type: Password

 Your mail server can be set to mail.yourdomain.com or mailXX.extendcp.co.uk (mailXXbeing the server your package is assigned too (this can be found in your control panel).

Incoming POP3 Server: pop3.extendcp.co.uk
Incoming POP3 Server Port: 995
Incoming POP3 SSL: SSL/TLS
Incoming POP3 Authentication Type: Password

If using an iPhone

If you are using an iPhone, you will need to click through a couple of the ‘Advanced Settings’ options, to be able to view and make these changes.

.htaccess housekeeping

As some general protection for WordPress sites hosted with me, or with HeartInternet, adding the following code to the top of your .htaccess file should help reduce the chances of your wordpress site being hacked.

# Update PHP to version 7.3
AddHandler application/x-httpd-php73 .php

# Block WordPress xmlrpc.php requests
<Files xmlrpc.php>
order deny,allow
deny from all

Regular Backups

One of my clients had their website hacked yesterday, this was through their WordPress login, and seems to have occurred as a result of some vulnerabilities on their own computer, likely releasing their username and password. No other sites on that server so far seem affected.

The client hadn’t made any recent backups of their WordPress database, but had years of content on their website.

The hackers had put some sort of automated program to add three sections of JavaScript on every page, post, and image description. This accounted for nearly 750 instances of spam content that had to be carefully removed.

They’d also added themselves as a new user under the email wordpressadmin@test.com

Hackers had then changed the site URL within WordPress to automatically bounce users through a bunch of affiliate pages on alternative websites, also meaning that you can no longer log in to the WordPress console.

Fortunately though, they left the main content of the website intact (just with the extra spam content). I also still had full access to the server data itself, as do all my clients.

After editing the .sql database directly to remove the redirect, I was then able to log back in again to the WordPress console, generate new passwords for all users, and remove the extra spam user that had been added.

After realising how many instances there were throughout the website of the spam content, I felt it was going to be easier to again modifying the SQL database file as plain text, to remove all instances of the JavaScript addition, and restore the site to its previous state (using the ‘find and replace feature in plain text notepad editors).

This could’ve also been done via the WordPress console using the ‘tools/export site’, and then importing the site back again after are removing all existing content. But that would’ve meant removing all existing content temporarily, and I’d rather do the comparatively quicker change of just updating the database file directly.

I have subsequently also made a collection of backups in different forms for the client.

This problem the first appeared as just the site taking an age to load, so it seems as though we caught it early.

But please, make regular backups in multiple locations of all of your key data, whatever that is.

If you don’t want to lose it because of a hardware or software glitch, or a hack like this one, having a recent backup really is the best option.

Changes to your email

If you’re using your domain name to host your emails with us (rather than using Gmail, or similar, for example), as of September 2019, any mail client sending via SMTP through the mail server associated with your domain name, should use port 587 instead of ports 25 or 465.

Details on how to change this will vary on your mail client, but we’ve detailed some of these further down this article.

It is also advisable to use STARTTLS for your encryption method.


  1. Select File
  2. Select Account Settings
  3. Select Account Settings from the dropdown
  4. Select your email account from the lists in the Email tab and select Change
  5. Select More Settings
  6. Select Advanced
  7. Change the Outgoing server (SMTP) option to 587
  8. Change the encryption types on both IMAP and SMTP to STARTTLS
  9. Select Ok
  10. Select Next
  11. Once tests have completed select Close and then Finish

Windows Mail

  1. Start Windows Mail, click the Tools menu at the top of the window and then click Accounts.
  2. Select your account under Mail, and then click on the Properties button.
  3. Go to the Advanced tab, under Outgoing server (SMTP), change port 25 to 587.
  4. Click the OK button to save the changes.

Outlook Express

  1. Start Outlook Express, and then select Accounts from the Tools menu at the top of the window.
  2. Double click on your email account.
  3. Under the Advanced tab, change the Outgoing server (SMTP) port 25 to 587.


  1. Select Tools
  2. Select Outgoing Server (SMTP)
  3. Select the server for this account then Edit
  4. Change the port to 587
  5. Change the Connection Security option to STARTTLS
  6. Change the Authentication Method option to Normal Password
  7. Enter your full email address as the User Name
  8. Select OK
  9. Select OK

Mac Mail

  1. Select Preferences
  2. Select Accounts
  3. Select the Outgoing Mail Server (SMTP) drop down menu, then Edit SMTP Server List
  4. Select the SMTP server for this account
  5. Change the Port to 587
  6. Select OK


  1. Go to Settings
  2. Select Passwords & Accounts
  3. Select your email account
  4. Select the Account
  6. Select the server
  7. Update the Server Port to use 587
  8. Select Done
  9. Select < Account then Done

Android Mail

  1. Open the Email App
  2. Select Settings
  3. Select Account Settings
  4. Select the account you wish to change
  5. Scroll down to More Settings
  6. Select Outgoing Settings
  7. Change the port to 587 and the Security Settings to STARTTLS
  8. Select Done

Designing for Accessibility


Some really great information, developed by a friend, and now with Home Office recommendations.

These posters cover the following access needs:

  • Autism
  • Deafness and hard of hearing
  • Dyslexia
  • Physical or motor disabilities
  • Visually impaired – low vision users
  • Visually impaired – screenreader users
  • Anxiety

You can access the full suite of documents in a number of languages, through the following link:  https://github.com/UKHomeOffice/posters/tree/master/accessibility/dos-donts

Wix.com Review

I’ve been hearing a number of people talking about the easy build system called wix.com over the last few years.


With around 62 million users at present, they’re clearly making great progression in offering websites that are comparatively easy to build for the novice

What surprised me however, in some recent technical support for a client, was the cost of the various ‘optional add-ons’ available through their system, and also their comparative ineffectiveness.

What Wix currently offers:

  • For around $45, you get to display the ‘built by wix’ advertising on every one of your webpages (at the top right, and the base)
    • You can upgrade to their next package at around twice the price, to remove that advertising (but it still seems to appear on mobile phone and tablet browsers)
  • You can have your own domain name for around $15 a year, but to have email addresses hosted by Gmail at your domain (ie info@mydomain.com, sales@mydomain.com, etc.), are $5 per email address per month!  (this kind of email forwarding from your domain to Google should not incur such high prices, particularly when the set-up is a simple one-off automated digital process, and there’s no actual hosting of email bandwidth by Wix.com).
  • They offer a ‘Shout Out’ option to send newsletters to your subscribers.  This is limited to 5,000 emails per month (which is reasonable).  However, as part of the email tracking, the email appears in the recipients inbox as a remotely hosting image of your email text (effectively a screen grab of an html email).  Thus your email is not accessible to people with various visual impairments (the actual text cannot be easily extracted by character screen readers), the text itself is not scalable for different browsers (for your small mobile phone screen, your tablet, or your desktop, etc.).
  • You can of course ‘design your own website’ (although if you’re not a skilled designer, experienced with usability and accessibility, etc. this is fraught with likely errors).
  • Worst of all, is the way your website is displayed within your browser source code.  They claim Search Engine Optimisation using an AJAX method.  However, if you click on ‘view source’ of any page of a wix.com website, you’ll see a mass of code loading remote areas of content, but effectively no real text content within your browser.  This does make it more difficult for search engines to naturally ‘crawl’ your website pages.  In fact, the only ‘real’ content of your website kept in plain text (hidden deep in all the superfluous code) links purely to the hosting of wix.com.
    • In essence, if you have regular text on your website, for easier accessibility by all, you want to display this in as little superfluous code as possible.  The more code you hide your content behind, the longer the page will take to load (bad for limited bandwidth on mobile phones), the harder it will be for search engines to index (thus lower search rankings), and the harder it will be for people with some disabilities to use your website (which can be a breach of the Disability Discrimination Act amongst others).

So what can be done instead?

  • With very limited experience, you can build a free website in WordPress instead, using a free OpenSource ‘theme’ design which can also be modified easily to your preferred colours and layout.  Or you can buy more customised themes ‘off the shelf’ from various developers, or even have your own unique design commissioned.
  • You can have your own domain hosted with a reputable reseller, with as many email accounts as you want, for a fraction of the Wix.com prices (often free with many standard hosting packages)
  • You can send newsletters via MailChimp more effectively (which is also free for up to 12,000 emails with up to 2,000 subscribers)
  • And your website content will be more accessible, across multiple device options, with cleaner code, which should also appear higher on Google natural search results, with faster load times, and fewer errors.

Please do get in contact if you have any queries.

Domain Registration Scam

The scammers are back out again, now by email.

This time, trying to get us to pay 5 times the regular price, for a domain name we already own, under the misdirection that if we don’t, we’ll loose it’s search engine submission.

Once again, this is a load of *%#!

Firstly, the email address it’s sent to, is the default email for all our hosted domains, at no point was it used to subscribe to any list (as detailed below).  They are not a ‘Search Engine Optimisation Company’, they are scammers.

If you receive any email similar to this, do not click on any links.


Domain SEO Service Registration Corp.
Order#: 616860
Date: 12/10/2014

DOMAIN: ———–
Notification Offer

Bill To:  ———–
Domain Name: ———–

Registration SEO Period:



———–      01/01/2015 to 01/01/2016        1 Year


Domain Name: ———–

Attn: ———–

This important expiration notification notifies you about the expiration notice of your domain registration for jasonparlour.net  search engine submission. The information in this expiration notification may contain confidential and/or legally privileged information from the notification processing department of the Domain SEO Service Registration. This information is intended only for the use of the individual(s) named above.
If you fail to complete your domain name registration jasonparlour.net  search engine service by the expiration date, may result in the cancellation of this domain name notification offer notice.

Failure to complete your domain name registration jasonparlour.net  search engine service process may make it difficult for customers to find you on the web.

This domain registration for ———– search engine service notification will expire 12/18/2014.

Instructions and Unsubscribe Instructions:

You have received this message because you elected to receive special notification offers. If you no longer wish to receive our notifications, please unsubscribe here or mail us a written request to Domain SEO Service Registration Corp., 5379 Lyons Rd. 452, Coconut Creek, FL 33073. If you have multiple accounts with us, you must opt out for each one individually in order to stop receiving notifications notices. We are a search engine optimization company. We do not directly register or renew domain names. We are selling traffic generator software tools. This message is CAN-SPAM compliant. THIS IS NOT A BILL. THIS IS A NOTIFICATION OFFER. YOU ARE UNDER NO OBLIGATION TO PAY THE AMOUNT STATED UNLESS YOU ACCEPT THIS NOTIFICATION OFFER. Please do not reply to this email, as we are not able to respond to messages sent to this address.

Hiding content with OpenCrypt

If you’re using a WordPress website (such as www.digi-pole.com) and provide secure member content using the build system called ‘OpenCrypt‘, then whenever WordPress is updated, the modifications to the source code gets overwritted, and the hidden text is no longer hidden (although items stored in the secure members area is still secure).

The file you need to update is:


Around line 302, you should see something along the lines of:

    if ( $preview ) // Preview fix for JavaScript bug with foreign languages.
        $output =    preg_replace_callback( ‘/\%u([0-9A-F]{4})/’, ‘_convert_urlencoded_to_entities’, $output );

    return $output;

This needs to be changed as follows (with the additions in red)

    if ( $preview ) // Preview fix for JavaScript bug with foreign languages.
        $output =    preg_replace_callback( ‘/\%u([0-9A-F]{4})/’, ‘_convert_urlencoded_to_entities’, $output );

   # OpenCrypt Modification
    require “opencrypt_plugin.php”;
    # OpenCrypt Modification

return $output;



Updating the tag cloud text size in WordPress

If you use a WordPress blog system for your website, something which of course is very useful, is the list of ‘tags’ (keywords) you can assign to each of your blog posts.

However, in the current versions of WordPress, whenever you do a WordPress update, it returns the tag cloud to the default settings (ie the size varies considerably, depending on the number of times the tag is used throughout your website):


Then around line 613, you should see something like the following:

$defaults = array(
  'smallest' => 8, 'largest' => 22, 'unit' => 'pt', 'number' => 45,
  'format' => 'flat', 'separator' => "n", 'orderby' => 'name', 'order' => 'ASC',
  'exclude' => '', 'include' => '', 'link' => 'view', 'taxonomy' => 'post_tag', 'echo' => true

Simply change the font size of ‘smallest’ and ‘largest’ to your preferred point sizes (the default is normally around 12pt)

I personally prefer to change the smallest to ‘1’, the largest to ‘1’, the unit to ’em’, and then change the ‘separator’ from “\n” to “,\n” (thus adding a comma immediate after each tag, and prior to a space before the next tag).

$defaults = array(
 'smallest' => 1, 'largest' => 1, 'unit' => 'em', 'number' => 45,
 'format' => 'flat', 'separator' => ",\n", 'orderby' => 'name', 'order' => 'ASC',
 'exclude' => '', 'include' => '', 'link' => 'view', 'taxonomy' => 'post_tag', 'post_type' => '', 'echo' => true

How can I improve my natural listing position on Google?

There are of course huge numbers of people claiming to be experts in SEO (Search Engine Optimisation), the largest Search Engine of all of course being Google.

However, the only real Google Experts, are those that actually work for Google right now.  They’re constantly trying to improve their search results, making them more intuitive to humans, and more like human rankings.

People will often find little loopholes on how to artificially improve your ranking position, with ‘black art’ techniques (things that will typically get your website blacklisted from Google, and therefore hidden entirely from view for at least 3 months).  So as I’ve mentioned before, do the things primarily for the human user.. and Google will follow.

So assuming that your website is already accessible to people with visual challenges (and therefore search engines can read it more easily too).. you’ve already made sure all your images have ‘alt’ text.. and of course you have lots of good readable text on each page (especially the homepage), etc.

Google likes a few key things in particular:

  • Old websites (so you must therefore be an ‘established’ business)
  • Websites with lots of good real content, related to the search terms (so you have something worth looking at, when the visitor gets there), especially content that’s updated, and added to regularly.
  • Lots of links to your website from other websites (meaning lots of people like it enough, to want to share it with other people)
So what is your speciality area?  If your business is about hair extensions, talk about it through your integrated blog.  Also, if you’re a geographically based business (ie in Reading), then talk about things going on locally too.

Typically, the more often you update your website, the more often Google (and others) will think it’s worth looking at, which means the higher up the natural search rankings you’ll appear.

So, for example, write about things related to hair extensions, or even anything to do with  hair!  i.e. your thoughts on the Royal wedding, any celebrities you see or know about with hair extensions in the press.. or even “if you’d like to have hair like ‘xxxx’ we have just the hair extensions for you”…  It doesn’t really matter what you blog about, just blog more!
If you can get your website talked about on related web forums (ie the types of forums your clients might read.. ie young mothers’ forums, rock, grunge, tattoo, etc..), with links back to your website, that will help too (try to keep it natural though, when mentioning your website).
You could also reply back on other people’s related blogs, with genuine comments (and links back to your website in the signature).  Any links through newspaper article websites, or the BBC would of course be very good for your natural search ranking.
Having a Facebook Group for your business, that people can ‘like’ is of course also a very popular choice these days, with links back to your website (and photos on your Facebook page too of course).
You could also try shooting a video of you doing what you do best.  Put this on YouTube.. and this can then also help a lot with rankings too (as Google owns YouTube, and seems to really like links from popular videos back to related websites).
All of the above should essentially be free!