The Designer’s essential guide to a WordPress website

WordPress has become the most popular and user-friendly CMS available when compared to other content management platforms. However, its popularity does make it a target for hackers and spammers. Most people across the industry know how to secure a page but forget to focus on providing limited files and folder access too. Securing a page isn’t the only way to secure your website. If you are not limiting the access to files and folders your website will still be at risk. So let’s find out how one can secure their WordPress website by following these steps:

Block access to the WP-including folder
All Websites comprise of files and folders with different URLs. That means if one can get access to these URLs they can easily access your website. Accessing these would make it easy for the hackers to alter as well, but adding some additional code to the server configuration file would resolve the issue.

That way, if someone attempts access to these files, they would be redirected back out.

All you have to do is open .htaccess file and put a little code in it. The code will be as below:

redirected

Securing the wp-config.php

wp-config.php contains sensitive information about WP installation, including table prefix, secret keys and database access. Protecting wp-config.php will also beef up your wordpress security, one can protect this file by encrypting its content and denying access to it.

To protect your wp-config.php file, you will need to open the .htaccess file and paste the following code into it.
wp

Protecting the .htaccess file

The .htaccess file plays a major role in securing the wp-config.php & wp-includes folder, so securing the .htaccess file is also equally as important as above two points.

Paste this code into the .htaccess file:

design

And with this simple code added to your .htaccess file would protect from the outside threat.

#Removing the file editor access

To do this, you need open up the wp-config.php file, then go to the end of the code and add the following one line code.

define(‘DISALLOW_FILE_EDIT’, true);

Why do I need AMP Ready Pages for my website?

It’d be an outdated question if we ask, is your website optimised for mobile? Today’s question is how quickly does your website respond when one visits your website through mobile? If it takes some time to load your potential clients will have a negative user experience and may leave your website without making an enquiry. AMP has been in the news for quite some time now and many web designers are incorporating AMP into their sites.

Some marketers have noticed AMP ready pages can give benefits in:

  • Faster loading of the web pages
  • Increased conversion rates
  • Better Search engine ranking

Let’s discuss this in more detail, why you need the AMP ready pages of your website?

Loading speed
Many websites focus on content, over use of images and graphics, all are very nice but if they slow down your website and frustrate the user, this may be a backward step. AMP gives a quicker download speed to keep the user informed. An attractive looking website / useful content will be of no use if you don’t have AMP ready pages of your website.

In a nut shell, Slow loading pages = frustration = lower page views = higher bounce rates = lower conversion rates.

Website tracking
AMP makes it easier to track website traffic with the help of specific analytical tools. With the help of these tools one can easily track new & returning visitors, clicks, link tracking etc.

Search Engine Ranking
Even though there isn’t anything official from Google that AMP affects the search engine ranking (because it is not for the desktops), there is anecdotal evidence that it helps.

How to use AMP
AMP can be classified into 3 part structure, i.e. AMP HTML, AMP JS and AMP CDN. These are all the subset of their respective parent languages, and you can easily adopt a suitable AMP version.

WordPress website owners can simply start downloading & installing a plugin from a trusted source.

Google & Facebook – Artificial Intelligence is changing the digital search experience

Search engines have become an integral part of almost every day life and giants like Google & Microsoft are continuously investing in their search engines to make search results more accurate and convenient for users. Google in particular is continuously adding new features and improving the search algorithms. When filtering results across this wide network, Artificial Intelligence is playing an important role in bringing the best results for users.

How does Facebook use the AI?

As well as search engines, Facebook uses Artificial Intelligence. Consider this example. Have you ever wondered how Facebook can tag your group photos automatically? This is where Artificial Intelligence comes in. By replicating the human brain and absorbing data using deep neural networks, Facebook can tag people accordingly!

Where does Google use AI?

Most SEO firms are aware of the Google RankBrain which feeds approximately 15% of search queries and prioritises them by predicting the rank of websites on SERPs. This is where Google is using a part of the Artificial Intelligence called neural network system.

AI categories

AI can be classified into three main categories, i.e. Artificial Narrow Intelligence, Artificial General Intelligence and Artificial Super Intelligence. The first one needs to be triggered by human interaction and powers most of the daily activities on the internet. The second one is an advanced version of the ANI and used to sort out the complicated issues, and the last one is capable of adapting to scientific creativity.

Some free extensions that WooCommerce comes with

We all are aware of the phenomenal growth of eCommerce businesses in the past few years. The open source e-commerce plugin WooCommerce is popular among retail giants and is a free plugin in WordPress. Launched in 2011, thousands of businesses in the UK and throughout the World prefer this plugin over others options because of its reliability and long lasting support. Right from small to larger businesses, WooCommerce can be used to power all types of businesses. Here are some of the free extensions of WooCommerce you can use for your eCommerce requirements.

Google Analytics Integration Extension
Whether it is a simple website or an eCommerce store, everyone understands the value of the Google Analytics tool. It is easy to set it up on a simple WordPress website but when one has to integrate it to the commerce store it could be a challenge. WooCommerce offer the Google Analytics Integration Extension to help to fuse your Google Analytics Account into your online store. This facilty can easily track who buy from your store. Depending upon the statistics you can take the appropriate action for the improvements.

Jetpack
This is one of the most desirable extensions that WooCommerce provides from customising the theme to the security of your online store, it does it all. One needs to connect their self-hosted site to WordPress.com and then Jetpack will take care of everything else. It can provide site owners with glimpses of their traffic and stats in an easier way than GA.

Aftership
If one wants their customers to be able to track their order after shipment, Aftership can help track the order from source to destination. One needs to enter their tracking number and to see the entire movement of your order from source to destination with ease, and thus makes the shopping experience of your customers seamless. It provides real-time updates through UPS or any local carrier, paid plans provide this information through email as well.

AddShoppers
We all know that Social Media is the best way to promote a business and with the AddShoppers extension, one can easily share their products across social media. It shows ROI, clicks and more.

Product Details Customiser
If one wants to differentiate their online store then Product Details Customiser is the product for you. One can customise their product detail page and can take action to show/hide, images, details, related products, etc.

These are some WooCommerce extensions that WordPress provides and there are many others like these to help you to take your online store to new heights. Our team of web designers has years of experience working with WordPress and WooCommerce and can help your business to grow with a tailor made solution. If you are in Birmingham or Solihull and need an eCommerce solution for your business, phone us for a free no hassle meeting at your home or office!

How to verify Google Apps domain?

We all know that Google Apps are a set of web applications provided by Google that have a package of cloud-based services / collaboration software tools. All of these web applications offer an online alternative to traditional office suites. To use the service provided by Google Apps all we need to have is an internet connection and a standard web browser such as Chrome or Internet Explorer. The first thing you need to do is register a new Google Apps account. Once you have registered an account, you must verify that you own your domain in order to use Google Apps with it.

Steps to verify the Google Apps domain
Step-1:  To verify the Google Apps domain ownership one needs to sign in to the domain host account.

Step-2:  Locate the page for updating your domain’s DNS records which might be called as DNS Zone File.

Step-3:  Locate the TXT records for your domain (It’ll be something like the image on the right.)

Step-4:  Add a TXT record using the value on your Google Apps domain’s security token – a 68 character string that begins with Google Site Verification.

Step-5:  Save your changes and wait until they take effect. It may take upto 72 hours to take effect or contact the Google Support team.

Once the ownership of your domain has been verified by Google, your Google Apps will be set to Active and you will be able to change their settings through the Dashboard.

The advantages of Google apps are obvious – your documents and almost all the important data will be available online 24/7 and you don’t need to install any additional software on your computer. Furthermore, Google Apps is a free service.

Redesigned Google Analytics mobile app – Don’t be more than a tap away from your data

With years of experience in this ever changing market, we have noticed that the pace of Google changes is relentless. Once again Google has exceeded our expectations and has made it easier to monitor and share the Google Analytics data with a new updated app. The app is available for both Android and iOS and works in 39 languages and in all countries where Google Analytics is available.

The new app has some of the features listed below:

  • One can cutomise their dashboard.
  • One can easily share their insights with others.
  • One can access their Google Analytics data easily.
  • One can see what is happening with real time business data.

The app simplifies the reports into a small screen format and the user can build or modify a report quickly and save to their mobile dashboard. The world doesn’t stop moving, so why should you! Keep up with what is happening with your sites and mobile apps anytime, anywhere. Download the app and enjoy the features now!

No Social Engineering Content – Google is Making the Web Safer

In November Google announced that Safe browsing would protect us from social engineering attacks or in other words the deceptive tactics which can trick us to install unwanted software or revealing a user’s personal information – maybe a password, credit card or any other valuable information. Before sharing the announcement, we would love to explain few things about Social Engineering:

Understanding Social Engineering – Phishing and Deceptive Sites

Social engineering is basically a type of attack to the web user, by tricking them into doing something dangerous online. There are mainly two types of attack – Phishing and Deceptive. Phishing sites might trick users into revealing their personal information, and deceptive content such as an ad that might trick users into installing unwanted software.

Even if you don’t engage?
Yes, correct! You need to understand social engineering even if you don’t engage it because deceptive social engineering content may be included via images, resources embedded on the page, third-party components, or ads. Such deceptive content may trick site visitors into downloading unwanted software so when we talk about Google safe Browsing, it protects web users from these attacks by warning users on publisher pages that consistently display social engineering ads.

Additionally, hackers can take control of innocent sites and change the content of the site / add additional pages to the site, often with the intent of tricking visitors into parting with personal information such as credit card details.

You can find out if your site has been identified as a distributor of social engineering content by checking the Security Issues report in the Search Console.

Now lets go back to the Google announcement. The fight against unwanted software and social engineering is just beginning and will improve the Google’s Safe Browsing protection. Google will warn the users when they visit the site so if your site is flagged for containing social engineering content all you have to do is take the following these steps:

1. Verify in Search Console-
Check that only you are the owner of the site in Search Console and no other suspicious owner has been added. Check the Security Issues report to see if your site is listed as engaging in social engineering.

2. Remove deceptive content
Ensure that none of your website pages contain deceptive content and if found, remove them immediately.

3. Find third-party resources
Ensure that any images, ads, or resources on your site’s pages are not deceptive. Note that ad networks may rotate the ads shown on your site’s pages, therefore, you may need to refresh a page few times to see any social engineering ads appear or not.

4. Request a review
After removing all social engineering content you can request a security review in the Security Issues report and then wait for 2-3 days.

Make sure your website allows Googlebots in as Google updates its smartphone user-agent

On a recent blog Google announced that from April 18, 2016 we will be updating its smartphone user agent Googlebot crawler to Android from iPhone. Google said it should have no impact on websites but if one is worried they should check their website with the Fetch and Render Tool in the Search Console. Google explained that reason behind this update is it wants to understand the pages that use newer web technologies. Google also recommended everyone should use feature detection and progressive enhancement so that your site can be viewed properly by a wide range of users and browsers.

The current Googlebot smartphone user-agent looks like

Mozilla/5.0 (iPhone; CPU iPhone OS 8_3 like Mac OS X)
AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12F70 Safari/600.1.4 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)

and the upcoming Googlebot user-agent which we are going to see from April 18, 2016 will look like

Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P)
AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.96 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)

Thats how with AMP you can speed up the performance?

The AMP stands for Accelerated Mobile Pages which is not only being supported by the Google search but also by various other platforms. A valid AMP HTML version can direct mobile users to the cached AMP and pages with invalid AMP will not be eligible for some Search features. Just like the search engine optimisation same can be done in the case of AMP and some combined optimisation techniques can help AMP pages to load fast.

1. Keep third party javascript out of the path

Third party javascript likes to use synchronous javascript loading. Let us give you an example:

“If you have three ads and each ad does three synchronous loads with one second latency then just for javascript loading it will take 12 seconds.”

Although AMP pages in sandboxed iframes allow the third party javascript by banning them and thus can be used there.

2. Allow only asynchronous scripts

We all know that javascript is an amazing thing and can modify every aspect of the page but at the same time it can cause multiple delays in page rendering. So to avoid the page rendering one should use the asynchronous javascript. A carefully designed javascript under the hood can avoid performance degradation.

3. Use inline and size-bound CSS

Although the inline style sheet has maximum size of 50kb but this size is big enough for well sophisticated pages. In AMP pages online inline CSS is allowed, so by removing one or more HTTP requests from critical rendering path and improve the performance.

4. Efficient font triggering

Page with few synchronous scripts and style sheets waits to download the page font, so AMP system declares zero HTTP requests until fonts start downloading. So by proper font triggering one can get the efficient performance.

5. Instant Page Loading

The preconnect API is used to ensure HTTP requests fastly as soon they are made. With this, a page can be rendered before the user explicitly states they’d like to navigate to it; the page might already be available by the time the user actually selects it, leading to instant loading.

When AMP document get prerendered for instant loading, resources that might use a lot of CPU (like third-party iframes) do not get downloaded.

Don’t Be Surprised When Search Console Data Doesn’t Match The Data Of Another SEO Tools?

Yes, it happens when we compare the Search Console data with other seo tools data. Many of our clients had asked us in past that why their Search Console data doesn’t match the data from the rest of the SEO tools that we use to analyse the website traffic, impressions and more? If you too have such queries, then you might get yours resolved here.  

  1. The Search Console does additional data processing to handle duplicate content, spam etc.
  2. Some of the tools that we use to analyse the seo data track the traffic only from javascript enabled users.
  3. Every tool has its own keyword defining strategies. Let’s consider some of the examples here.
    1. When you talk about the keywords added in the Search Console, they are the most significant keywords that Google has found on your website.
    2. When looking at Google AdWords it displays the results that most users have searched for.
    3. When considering Google Analytics, it combines both the properties of Search Console and Adword paid keywords.
  4. Analytics track visits for websites that use correct javascript code.
  5. Websites which don’t have the javascript code will be tracked in Search Console via the search result or if Google crawls your website.
  6. Sometimes the search analytics doesn’t show all the data to protect the users privacy, this ensures that no one can’t obtain sensitive information.
  7. If you own multiple hosts for your domain (for example, www.koenigwebdesign.com and koenigwebdesign.com), you might see your click and impression counts drop for each host because of the clicks count confusion.

If you have queries regarding your traffic analysis reports then don’t hesitate to contact one of our digital marketing experts by emailing the office.

Let’s move together at a rapid pace to enable your business to reach its potential customers and better engage existing ones.