Taking a Security Plugin and Transforming it Into Activity Logs

Do the Woo - A Podcast for WooCommerce Builders
Do the Woo - A Podcast for WooCommerce Builders
Taking a Security Plugin and Transforming it Into Activity Logs

Moving into the WordPress and plugin space with a security plugin can lead to so much more. With the importance of logs and how they play into a WooCommerce site, it goes beyond mere security.

A Chat with Robert Abela with WP Security Audit Log

In episode 49, Jonathan Wold and I chat with Robert about:

  • How his tech and security journey led him to WordPress and WooCommerce.
  • Why logs are so important to a WooCommerce store and what level of functionality they bring.
  • The transformation of Robert’s plugin from security to a needed tool to help run a WooCommerce site.
  • Why customers are using his plugin and what store owners are finding most beneficial.
  • How an activity logging plugin affects performance.
  • The ideal way to manage an activity log that may otherwise be overwhelming.

Robert spent his early days in the corporate world, working primarily in tech and security. He talks about those times and how a hobby turned into a full-time gig. He shares some of the mistakes he made in those early days.

Then we dive into logs and what they mean for the WooCommerce store owner. It was interesting to hear that the end result of any logging plugin is security but how store owners are using it more with their shop manages and teams. It really boils down to being able to see who is doing what and catching any mistakes or issues that may come up.

He shares what the plugin is primarily used for in the Woo space.

With the plugin comes a lot of activity, depending on the size of your store. I ask Robert how to handle this without getting stressed out and also how to do it in a manageable way.

This is a show you will certainly want to tune into if you run a WooCommerce store and have yet to dive into the world of logs.


Where to find Robert on the web:

Thanks to our sponsors

The Conversation

Bob: We are at Episode 49. I'm BobWP and we are back with the Do the Woo podcast. And I have my one of my co hosts, Jonathan Wold joining me. Jonathan, how's it going?

Jonathan: Bob, it's going good all things considered.

Bob: Yeah, all things considered. We were joking around a little bit because if Jonathan shows up a couple minutes late, I always know it involves kids.

Jonathan; Yes, we're going on to week four, now with the kids being at home and they're doing great, all things considered.

Bob: Well, before we dive into the show, I want to give a quick shout out to our sponsors. First of all, WooCommerce.com our community sponsor. They always have exciting things happening over on WooCommerce.com.

And FooEvents.com., a ticketing sales plugin for WooCommerce to add functionality, especially if you are looking for tickets for all your online events right now.

And what's really cool is I don't need to talk about our third sponsor. Instead, I will introduce him. It's great when you're able to actually bring on your sponsor. Robert Abela is joining us, he's founder of WP Security Audit Log plugin and I'm really excited because we get to talk with him about audit logs. Welcome to the show, Robert.

Robert: Thank you very much for having me. It's a pleasure.

Jonathan: Good to have you, Robert.

Bob: We always start our show with a question. It's really a way to tell us what you do. But how do you do the Woo? How's WooCommerce involved in your life right now?

Robert: Yeah, I've been waiting for this question because I think the way I use WooCommerce is very different from how everyone else uses WooCommerce. To start off with, I'm Robert Abela. I'm the CEO and founder of WP White Security. We've developed several plugins and WP Security Audit Log is our flagship product. That's actually how we work with WooCommerce. I use WooCommerce in a very odd way.

We developed our logging plugin, and after a few months and years, it's started gathering popularity. I started getting a lot of questions from WooCommerce users, like, can you support WooCommerce? Can we have some sort of logging functionality for WooCommerce? And of course, it's something I really wanted to do. However, there were a few problems. I knew about WooCommerce, but I'd never used it before. I knew it was well known and a very extensive and complex system. And very, very big.

One of the things that sets our plugin apart from other similar plugins, is the comprehensive logs. For example, our plugin doesn't just say a user was updated. It tells you exactly what was updated by that user. And we wanted to bring the same level or comprehensibility of logs with WooCommerce. We just didn't want you to know your product was updated, we wanted you to keep a log of what your shopping managers and your team are doing on your store. When we talk about logs of WooCommerce, we're always talking about the back end of WooCommerce, not what customers are doing, but what your shop managers are doing.

So basically, that's how it started. I started experimenting with WooCommerce and after a few questions, I said, Okay, we have to support it, because it's very heavily requested. I didn't know lot about WooCommerce so I read quite a few guides to get an idea of the best practices of how users use WooCommerce, how a business uses WooCommerce in real life, because I'd never used it in real life as an eCommerce solution. We just started by covering the basics: logging of product changes, prices, your SKU stock quantities, the typical metadata, the URL, you know, the actual content of the product.

We also started supporting store changes. For example, text changes, the base address changes, etc. And that's how it all started. Then of course, thank to users themselves giving me more feedback when they encountered problems. For example, I tried to do a certain thing, and it's not keeping a log of it. Okay, so how do you use WooCommerce? How are you using that particular feature? I'd like to learn about it through user feedback, with user problems, and through experimenting. I've learned how to use WooCommerce even though I've never set up a WooCommerce site for myself, for live views. If I speak for other people, when it comes to what you can do with WooCommerce and how to set up WooCommerce, even though I've never done it myself, I know more than the average WooCommerce admin because I deal with so many different scenarios and people using WooCommerce with different add ons. So I use WooCommerce a lot.

Jonathan: Robert, before we get too much further, I'd love to talk about logging at a high level, because it's a whole category of functionality. What are some of the common reasons that you see for people wanting to like log activity in the admin?

Robert: The plugin is called WP Security Audit Log. But having security in the name a bit misleading. Many people think it's a security plugin and it is. I mention security because logs have multiple roles. And one is security; that’s a very critical role. But instead I want to highlight that it’s not just a basic logging plugin, it is a comprehensive solution. And that's how it all started.

When people started using it, especially with WooCommerce, they wanted to know when a store manager created a specific coupon, for example, or gave a discount to a customer or changed the order or the quantity. I had a case recently where someone had a problem with a vendor subscription. They sold magazines or something. The customer changed their address a couple of times and was claiming that he never received the issues and wanted a refund. So they can use the logs to find out actually how many times he changed his address and when.

Jonathan: You've alluded to what I was curious about and that is you started out with this emphasis on security. But I suspect for a lot of people, the value of logging goes quite a bit beyond security. I actually have a decent amount of experience with this. I worked on a logging plugin back in the day. And part of it too, is also just collaboration. It's not even like, Oh, I need to know what my people are doing. It's more about how do we keep track of what's happening and how it's happening? If someone asks a question, we'd go back and check. So I was curious about that, because you started out with a security focus. And that's that's a big aspect of this, but is that why people are buying it?

Robert: No, in fact, something like 80% of our users don't use it for security. They use it for many other reasons. They are a team and need to keep a log. It's not just about spying on your team. It can be about someone making a mistake. Okay, mistakes happen. Who did it? What was changed? Let's see what changed. Then we can revert back. It's also used for legitimate mistakes. It improves user accountability.

So yeah, we started with security in mind, but it is used for many other things. So it's more about keeping track of what is happening. And if you're talking about eCommerce, you have a lot of compliance reports, so you need to keep a log of what's happening on your store, especially now with GDPR, CCPA. They all require some sort of logging. It's everything, guys. And then security. Usually security comes in, unfortunately, when it's too late. Someone was hacked and they ask, what happened? Then they can look back at the logs. So again, it's mostly to manage the team and keep an eye on what's happening.

Jonathan: So, a quick antidote. It would sometimes be helpful to have an audit log for real life. We've had our furnace off and there's been no heat in our house for the past couple days. It turns out, and I won't name names, but someone in our household in their attempt to get the sprinkler started up and running shut off the gas or the heat valve to the furnace. So we've been without heat for a few days and trying to figure out what happened.

Now if I could just check the log, and look back at what everyone has done, I would have all the evidence. But there was no log to check to see what had changed. As humans, we miss make mistakes all the time. So being able to have a log of activity to go back and see what happened, that's useful and I guess it's a different way of thinking about security, right? It's not even like protecting from attackers. It's protecting against ourselves sometimes.

Thanks to our sponsor: - This episode is brought to you by FooEvents. If you sell any kind of even ticketing online, and you are using WooCommerce, you may have discovered that it doesn’t have an intuitive approach to seamless ticket sales. I know, I’ve been there myself. FooEvents bring more power to your ticketing process. It’s easy to set up and you never have to worry about 3rd party fees again. Not only can you sell tickets, but managing them is really slick. And best of all, they have a growing number of extensions to fit any need you may have.

There are no worries to the amount of ticket you can send. And for the convenience of your attendees, and to help you keep track of the event better, it has a free mobile check-in app. Managing your attendees and events goes smoothly with custom event report and ticket inventory. Export your attendees for additional communication that you may need to send or to build your list. And your attendees can be rest assured that the data remains safe and private.

Whether its concerts, school functions, fundraisers, conferences or any number of events that you sell tickets to, FooEvents has you covered. And they have a sweet offer for you, our listener. Simply go to fooevents.com/dothewoo and get the FooEvents for WooCommerce plugin for an entire year, free, no strings attached.  This offer is limited, so head on over to FooEvents.com/dothewoo,. And now back to our podcast.

One of the things I'm curious about is people are always asking questions about performance with Woo. If you're tracking all the activity, is there a negative impact to performance? What is the impact?

Robert: That’s a very good question. In fact, it's not just with WooCommerce. I'm sure you've seen these posts, like how many plugins is too much, or what should I use? So basically the footprint is very low. Because in most cases, 99% of the activity we monitor is backend activity. Now with or without our plugin, there is of course, a minor difference in response time. For example, it's not something that you can see with your own eyes. However, it doesn't affect the frontend .

Unless you monitor something specifically from the frontend, for example, you can monitor when orders are placed when a user is logged in and, in that case, you have to monitor the frontend. But in that case, the way we've done it is the plugin has two types of sensors. It has the backend sensors and the frontend sensors and once you disable the frontend sensors, it doesn't have any impact on the frontend when they visit on the website. But the backend is definitely minimal.

It's like points of milliseconds in the backend. For example, something might take 30 milliseconds, and with our plugin, it takes 32 milliseconds. Since you don't have impact to the frontend, it's a good solution. We do our best to make it less resource hungry and as efficient as possible. Because whenever you click something or with a plugin, you hook it and it has to write to a database. It does have a lot of components in place that help this type of performance and we have a buffer. So if the database is slow, we buffer it and go into transients, and then it's written later, so we optimize a lot the plugin in terms of performance.

I started this plugin as a hobby. And we always had performance in mind, but it was never like such a big thing. But as time passed, the plugin was being used by bigger and bigger companies, with bigger WooCommerce implementations. So then, of course, performance had to be something we really took seriously. I wouldn't say it's nothing because of course, any plugin you install, it has to take some resources if it's working. But for me personally, as long as it doesn't affect the frontend, and as long as it doesn't interrupt user productivity when he's updating a product or a price, that's good for me. That's what we aim for.

Bob: When you talk about all these logs it makes me think of back to the days when I was doing design, way back years and years ago with WordPress. I would put in a security plugin and my small business clients would freak out because they were always getting informed that somebody was trying to hack into their site with a lot of notifications. They were stressing out and they would always send me an email saying, it looks like the world is trying to hack my site. And I would reply, it's just protecting you.

Now with logs, even beyond security, and the overall number of logs this will produce, how does one manage those? You don't want to be going in there all the time and asking, oh, what's going on? How do you keep your sanity with all that information coming in?

Robert: I can really relate to what you just said. Because we have a lot of users that installed the plugin for the first time. Some of them actually blame our plugin. It's like since we installed your plugin everyone wants to attack us. No, it's actually our plugin showing you now and before they didn't know about it, because you couldn't read about it. So sometimes the logs can alarm people. In reality, once you install a WordPress website, there are automated attacks all the time. You just don't know about them.

The number of logs depends on how busy your website is. Some websites, you can have thousands of events and activity logs. How are they managed? Coming from a security background, one of the best practices is to review the logs, just browse through them to see what's happened. However, everyone has a business, everyone has a job to do. If you have the luxury to do it, that would be great. But very few people go to the docks everyday. And that's why we try to build a system that has things like email notifications, and dismiss notifications. So, for example, you can configure the plugin to send you an email whenever someone installs or updates a plugin. Or you can create these complex triggers and that's how you keep yourself up to date.

You can also generate reports. For example, on our plugin, we have what we call automated reports. You can configure the plugin to send you daily, weekly, monthly or quarterly updates. And you can configure your own criteria reports. For example, you want to receive a report with all the changes without the product changes only or just logins and logout, or they just updated X or Y. So yeah, we don't have luxury to check those manually. And that's the best way to keep yourself updated on what's happening with email alerts, SMS notifications and automated reports.

Of course, if you have time, it is still good just to take a look sometimes. If you see a report and you spot something in the report that is not usual, you will want to dig a bit deeper. It's good to at least take some action on what you see in the reports.

Jonathan: Robert, one of the things I'm curious about. So you said this started out as a hobby? What were you doing before this?

Robert: I dropped out of high school and I started as a software tester in 2004 with a large security software company. And I started this company without even knowing what an IP address was. I didn't even know, I was that basic. I don't know if you remember, but I had an Amiga 500. With games and that's how I started with computers. Computers were always my interest, but I come from a very small island called Malta. Being a small island in the middle of the Mediterranean, things take time to arrive. But as soon as there was an opportunity, I dropped out of school and started testing software. I started doing some part-time courses and the first job I had was with a company called GFI Software. I was a software tester for eight years and we worked in Germany, the US and Australia.

From there, I had several different roles, but I always worked for security software companies, and they were all startups. That's what I knew and this was my first job. So I kept on working as a researcher in research and development. I've done very, very little development. I can read and write code, but I'm far from a developer. I was project manager so I've always worked with developers. And when I was a systems engineer, apart from that job, you also had to deal with every department of a company. So by being a systems engineer, I've learned what the marketing department does and you get a good idea of how a company functions while if you're a developer, nothing against them, but usually you're stuck in that.

Jonathan: So you get this range of experience. You start with this as a hobby, and it's grown significantly since then. It's always interesting to me to look at how companies have grown within the marketplaces, within the ecosystems. Are there any lessons learned that stand out to you or mistakes that you made early on in the transition from hobby to full-time?

Robert: I make a lot of mistakes. After 14 years working in the corporate threads, I wanted to start my own thing. So I started WP White Security. I found out about WordPress because we needed that for a separate software company where we developed a web security scanner. In 2011, 2012, I think, there wasn’t a lot of security awareness iof solutions n the WordPress ecosystem. In fact, I remember talking to Tony Perez when Sucuri was just three people.

I was tired of the corporate world so I left. I had some contacts so I kept doing consultancy like project management, etc. And I wanted to learn how to write proper code. So I developed the first version of the plugin. And thankfully it never made it to the public. I took a bit of long route. When it comes to business, I'm a bit conservative. I didn't look for any investments. I was earning x amount of my money from consultant work. I took a small amount hired a developer part-time. I started working with different developers. Because in the beginning, I didn't have enough work to justify having someone for an hour or even 20 hours a month. So it took around four years.

After four years, I hired my first developer. And after six years, in 2018, I joined full-time. So I'm the founder of the company, but I was the second employee. In terms of myself, I think that was a mistake. I think my biggest regret is not having left the corporate world early. I always felt the need to learn. Don't get me wrong. I'm not saying the fact that I had jobs with bigger companies didn't help me a lot with how a company works. I was too scared to leave. I wanted to learn more, but one day, you have to start taking action.

The second mistake was not stopping my consulting earlier. Because when I madethat switch, I realized I had so much time on my hands, I could do so much more. And after a few months, the revenue grew quickly. Overnight, I had all this time on my hands so I could produce a blog post every day. I could start contacting people. So in the first few months, I put in so much work that I’d been delaying. So it's always about finding that right balance. When to leave the comfort zone and just go for it. Give it a shot.

In terms of in terms of revenue and growth, we're very happy. We're not big, although I think we are growing slowly. I try to do everything within our means. Even when I hired a developer, I didn't want to hire someone full time and two months later, tell him listen, I don't have enough work for you. I would feel really bad because imagine someone has a family like me, and one day he's happy with a new job and the day after he doesn't have one. That’s just wrong.

So whenever I did something like that, hire someone, I always made sure that I had at least 6, 7, 8 months upfront salary, so if something happens, I still have that cushion, a safety net. This year we are recruiting more people. But I always make sure we have some cushion. I don't like operating to the limits, because if something goes wrong it's not nice to convince someone to join you and then say, sorry, it was a miscalculated risk.

Bob: I love that story. I wanted to swing back around to something you said. When you were talking about being able to choose what you're notified about with the logs, that must depend on what's important to you. So if we step into the WooCommerce store owner’s shoes, do you have any indication of what they're using these logs for? What is important to them?

Robert: Yes. The most obvious case is reports/compliance. They're keeping a record of what's happening in their store and who's doing what. And the second most common use is who is logged in right now and what are they doing right now. Because as soon as you click somewhere, you keep a log of that. With our plugin, we built a module that shows you who is logged in and what they are doing. But on top of that, WordPress, by default, allows the same user to log in multiple times simultaneously. So you can log in from one place and from another location

Many WooCommerce stores have some sort of subscription/membership website. They don't want people abusing subscriptions. For example ,I pay you X dollars a year and I I share my credentials for other people to use the same content. So in our plugin, we have this feature to control this, If Robert is logged in, no one else can log in with the user credentials from Robert. By knowing who is logged in, you are able to have a setting where it won't allow more than one user. That is by far the most requested feaure. The second is just keeping a record of what's happening. Some of them actually are quite well organized, because I know some customers generate a report every month just to keep records.

Thanks to our sponsor:This episode is brought to you by WP Security Audit Log. We all know the importance of your WooCommerce store and security. And when you can keep track of everything through logs, the end product is security. But having those logs for your store is so much more.

Their comprehensive activity logs that you can use with WooCommerce keeps you on top of what is going on with your shop managers and your team. You will be able to monitor and record when they make changes to products, order and coupons. And notably, it will help you with your store compliances. They make it easy to troubleshoot when there is something going on. In fact, you will be able to configure emails and instant SMS notifications to get alerted of critical changes.

Want to go a step further? You will see who is logged in and what changes are being made in real-time. And if needed, you can mange, limit, block and even terminate any user sessions. This is perfect for membership or subscription sites as it can help you control limitations on single user access.

There is a number of reports you can generate from the activity logs. In a nutshell, stay on top of it all. What is going on and when. From that your site will benefit from the added security. So keep safe and secure and check out what they have to offer you at WPSecurityAuditLog.com. Now let’s head on back to the show.

Bob: So we talked a bit about what people can use the logs for. Have you heard any frustrations related to specific issues with WooCommerce?

Robert: Yes, there are but they’re more around the WooCommerce ecosystem. There are a lot of WooCommerce third party add ons. You have WooCommerce themselves, but also by other developers. What happens is someone will say a certain plugin isn't working with our plugin. And we start looking into it.

WooCommerce is cool. It's actually well documented, and there are hooks and everything. These developers just start to do things their own way. So basically just because they bypass a hook and do it their own way, our plugin doesn't detect that change. Usually, it depends. Most of the time we get in touch with the developer. We wil say, you're doing function x and you should do it by doing ABC, not the EFG. Sometimes they will update the documentation and update the code and make it work properly. But sometimes not. Some of them are unresponsive or they may reply, no, we want to do it this way, for whatever reason they have.

That's the biggest problem I have especially when it comes to third party add ons. It's so big that everyone does what they feel like, and unfortunately there are no standards. But the hooks are there for a reason, although you're not forced to use them. Ideally you should use them because that's the best practice. But it's the best practice not the most practiced kind of thing. And that's the biggest problem.

It's not just with our plugin. Because when I speak to WooCommerce owners with a security plugin, it starts causing abnormal behavior from other plugins. So this idea of this kind of nonstandard way of doing things from third party plugins creates a lot of problems for developers like us and other developers who are trying to either keep a log or monitor the security for a WooCommerce installation. And that's a big problem, because it's a lot of work for us developers and a lot of friction between us and the customers unfortunately,

Jonathan: One thing I'm curious about Robert, is you started out with this WordPress focus, and you've grown to Woo. Obviously, we have a bit of a bias here on the show towards Woo. What kind of priority do you give Woo in terms of percentage of customers using Woo versus those who don't? You started out with a WordPress focus, you've added this Woo emphasis, how do you think about Woo in terms of impact on your current business and the potential?

Robert: I'm like you, I'm very biased. It's like when we started the plugin, we had a lot of requests for WooCommerce. Since we started supporting WooCommerce, the number of downloads and number of questions have increased drastically. And I don't have the exact numbers, but definitely more than half of our requests and are with WooCommerce. So in terms of priority, we give a lot of priority to WooCommerce. We are trying as a plugin to develop a sense of them if we want to keep track of what other plugins are doing.

In fact our plan is to keep on developing and integrating with many other plugins. But WooCommerce is definitely up there at the top because as I said, I don't have the exact numbers, but in terms of downloads and revenue, I think it really helps our business. I was reading today that WooCommerce now surpassed all the other eCommerce solutions. It's the most popular. If it grows, we grow and everyone's happy.

Bob: Cool. Is there anything else you want to touch on with Robert right now? I know we want to hear about some plans for his next update. We're going do that in the announcements in a bit. But anything else you want to ask, Jonathan? Or should we move on?

Jonathan: We can move on, but this is always very interesting to me to watch businesses that started out as an interest. Like you call it yourself, as a bit of a hobby. But then it's grown and taken on a life of its own. Really happy to see what you've built. And it's gonna be interesting to see how the ecosystem evolves. We have WooCommerce 4.0. It's been out a little bit now. And yeah, just the general interest, especially right now, with people kind of stuck at home. We're seeing a lot of increased interest in Woo generally. And auditing like this is an important piece of that puzzle to know how we track what's happening. So, love what you're doing, looking forward to seeing how the space continues to evolve.

Robert: Thanks a lot. And I won’t be surprised if we see some more new plugins or some interesting projects. Definitely.

Bob: Yeah, I'm seeing a few those interesting little plugins popping out. Recently, somebody did a new plugin that hasn't even got on the repository yet, that adds a "leave at the door" for WooCommerce. So you can toggle it on and leave a little note. I downloaded it from GitHub and it's done by Amplify Plugins. It's easy to use, you just install it, you activate it, you toggle it on and it's there. So it does one thing.

I like those little plugins that do something like this. You can use it during this time and if you don't need it anymore, or it doesn't seem to fit for your site when things get semi-normal again, you can just delete it. Good stuff coming out in the Woo world.

Okay, announcements. I want to start with you Robert, because I know you have an update coming up and wanted you to tell us a little bit more about that before we close out.

Robert: Sure. As Jonathan said, WooCommerce released version four with the new admin interface. That gave us a lot of work. We don't have any particular new features, so it's just a maintenance update. However, this big maintenance update is about supporting the latest interface changes on WooCommerce. On top of that, we also enhanced the coverage of WooCommerce. So now we are reporting even more data. For example, before if you changed the base address, you would just get the change, but now you see the old and new base address. There are more changes and options in the monitoring, including payment gateways. So if someone's WooCommerce store is hacked and someone changes their PayPal or payment gateway address, they'll find out why.

Bob: Excellent, cool. Sounds like something to look forward to. How about you, Jonathan? What do you have on your plate?

Jonathan: By the time this goes out, one of the things that's happening a lot more at Automattic is there's been an increasing interest in content. I suspect there's some correlation with more people being at home. So the event teams have been doing a lot more and there's a lot of folks in the space in general, putting on more webinars and more educational content. So we've been upping our game on that. We have a WooCommerce.webinar coming up today, on Thursday, and it's probably going to be the first of a series. We've had a lot of interest in it. So just want to highlight that and I dropped a link to that specific webinar, but I think in general I'm excited about a lot more content being created in the Woo space on multiple fronts and we at Automattic are trying to do our best to set a good example and help educate more folks. A lot of people are asking pretty basic questions right now about, like, how do I get online? What do I do? How do I think about this? So happy to see that happening.

Bob: Excellent. And I just want to remind everybody, if you missed it, we did a special episode this last Tuesday, I brought in all the co-hosts and we had a nice conversation around the coronavirus. I guess what I would like to say about that is it was a very positive and uplifting conversation, so we weren't all doom and gloom and and all sitting there whining about everything that's going on. It was a great chat around how we're helping other people and how we're helping ourselves. So if you missed that, I hope you tune into that and of course you can find that in our feed and on any of the pod platforms.

Excellent stuff. I just want to do a quick shout out to the sponsors before we head out. FooEvents.com., adding a powerful event and ticket functionality to WooCommerce. You can check them out at FooEvents.com/dothewoo and look for a good deal there. WooCommerce.com, our community sponsor, I love my Woo. And I want to personally thank Robert and WP Security Audit Log for being a sponsor. We really appreciate your support.

Robert: You're welcome and thank you very much for having me on board. I really enjoyed this.

Bob: Alrighty, well why don't you close it out and give us a final goodbye, Jonathan.

Jonathan: Well, this is Episode 49, right, so we have 50 coming up here! Making some good progress. And if you want to follow along, go to BobWP.com where you can subscribe, you can sign up for latest Woo news and you can also become a friend of the Do the Woo podcast. You can also find your co-hosts and the rest of the folks on Twitter. And I think that's just about it, right Bob?

Bob: Right. Sounds good. Well, everyone, we'll see you next week and until then, Do the Woo.