Protecting Your WordPress Servers

Protecting Your Server Environment if You Use WordPress

Popularity and accessibility often go hand in hand and, unfortunately, are often a double-edged sword when it comes to security. On the flip side, the belief is that if something is more obscure, it is by definition more secure. There is some truth to all of these beliefs, however, some of it is overblown. For example, people often point to Windows as being particularly vulnerable to viruses and exploits. Yes, most people use Windows, therefore most malicious software is written to target it. But, with the right security practices, you can avoid any kind of serious breaches. All it takes is having the sufficient knowledge and taking the right precautions to avoid situations that would leave you vulnerable. The same can be said when it comes to your website.

 

Every business owner has security on their mind at all times. That’s because we live in a world where the costliest crimes don’t happen because some robber in a mask sticks up a store. Instead, it’s someone with the right technical know-how attacking your system from halfway around the world. Even more alarming, you’re not even always necessarily the specified target. You just get caught in a widespread attack seeking to get its hooks in anywhere it can. That’s why you need to be mindful of doing what you can to protect your VPS or dedicated server.

 

Using WordPress

 

All of this is to say, you need to take the right steps to secure your site no matter what software you use. But, this is especially true when dealing with very popular (and exploitable) content management systems like WordPress. WordPress is far and away the most widely used content management system in the world and it’s estimated to be powering nearly a quarter of all the websites on the internet. It’s popular for good reason. It’s a very easy to use bit of software that makes creating and updating a site relatively pain-free and is perfect for people who aren’t necessarily tech inclined. You certainly don’t need to be a developer to make changes to your site as far as adding more content.

 

That popularity does come at a price, though, as WordPress is often troubled by security issues. That is not to say you shouldn’t use WordPress. Many of the security problems people face when using WordPress often come down to the user. If you engage in best practices, you won’t be so open to malicious attacks. It just takes work staying on top of things. Many times, attackers try to crack a WordPress install in order to gain server level access and essentially turn it into a zombie, using the server to automate spam emails.

 

Whatever the goal of the attack is, you obviously want to thwart it. The best defense is prevention, so there are a number of things you’ll want to do to ensure that your WordPress installation is secure. Remember, a lot of the responsibility of securing a site falls on the user. While many hosting companies will provide some complementary protection for things like DDOS attacks, many of the standard fare brute force entries or file injections occur because of things like outdated software or a lack of following best practices. The following list will contain some obvious things you’ll want to do because they are the most effective at enhancing security. Hopefully, you’ll see some outside of the box things to try that you didn’t think to try before. With the right precautions, you can rest easy knowing that your site isn’t as vulnerable as you might think. While there are no guarantees, you have the ability to greatly reduce security incidences.

 

Update the Core Software

 

Honestly, if everyone stayed on top of updating the core WordPress software, many security issues would simply go away. It’s not a cure all, to be sure, but it comes as close as you can get. WordPress is open source, so anyone can see the code. This is both good and bad. When a new exploit is found, the software gets patched and those loopholes get closed. Rinse and repeat for every new release. If you’re still on an old version of the software with a well-known exploit, you’re setting yourself up for a potential attack. By keeping your WordPress installation up to date, you’ll be going a long way towards keeping your site secure.

 

Be Careful with Plugins

 

A similar approach should be taken with plugins (and themes for that matter), but you need to go a little further here. Your plugins need to be kept up to date for sure. Just like with the core software, out of date plugins and themes can be exploited to act as an entry point for malicious activity. However, as a general rule of thumb, you should try to limit going plugin crazy when building your site. Each plugin brings a vulnerability. While you of course need these plugins for essential functionality, limit them and only install them from reputable sources. Plugins you’ve never heard of that have no reviews and are hosted in suspicious repositories should be avoided.

 

Closing Loopholes

 

You’re getting into development work now, but as you probably know the backbone of WordPress is PHP. You may want to disable PHP error reporting. For troubleshooting purposes, an error report is great. However, the downside is your PHP error report also includes your entire server path in it. If that error report falls into the wrong hands, that’s full access to the whole endeavor. Site, server, all of it is in plain view. You’ll have to add some code to wp-config.php to disable it.

 

Leverage .htaccess

 

The .htaccess file has a tremendous amount of power over your site. It has a large amount of influence over nearly every aspect of your site, including the security. Therefore you want to use the .htaccess file to your advantage. For example, you can use it to hide the wp-config.php file which itself is critical to your security. You can even restrict admin access down to only certain IP addresses.

 

Obscure the Login

 

The default WordPress set up for logging in is much too easy to brute force. Everyone knows the URL and everyone knows the default username is “admin.” The first step that needs to be taken is changing these things. Change the login URL and choose a different username. Also, put a limit in place that doesn’t allow constant login attempts if the password is incorrect. Remember, most brute force attacks are automated. A different login URL and a wrong password limit can easily thwart them.

 

Conclusion

 

A secure WordPress installation means a successful website. Well, that’s part of the equation anyway. Another integral part to the success of your online business is your hosting provider. You need a high performing, quality VPS or dedicated server that is up to the task of keeping your site online around the clock. At KnownHost, we know how important performance and reliability is to your business. Our servers and dedication to exceptional customer service make us the hosting partner you need so you can achieve your goals. Contact us today and we’ll help you find the perfect hosting solution for your business.

Read More

Ideas for Ecommerce Pros

7 Blogs with Great Ideas for Ecommerce Professionals

This article addresses a search that every thoughtful person working in the e-commerce industry must perform: finding the most valuable blogs or informational sources that deserve their attention. Here are a few that have strong insights and are often mentioned in the industry.

 

The problem with the internet is that everyone is trying to sell you something. It’s, of course, a funny thing to say in an e-commerce-related blog, but we all know it to be true: we go online to find information, but we often end up having difficulty finding advice that is transparent and forthright. To be specific, when you want to succeed as an e-commerce entrepreneur, you want to be able to pick up knowledge without feeling that you are simply being herded toward certain material to make sponsorship dollars or other backroom revenue for another person. You just want your question answered. The humor of the situation, then, is that when people want to succeed at selling online, it can be hard for them to get educated because of other people who are selling online.

 

Because it can be challenging to find the right information to answer your questions about e-commerce, we end up with this somewhat circular blog topic: an e-commerce blog article about e-commerce blogs. As indicated above, it can be helpful to have a roadmap to locate the best blogs quickly. Here are 7 of the best ones, with recent example stories from each that are on particularly interesting topics:

 

Ecommerce Blog #1 – Practical Ecommerce

 

Launched in July 2005, this site has been in action for a full 12 years. It is actually a spinoff of an earlier publication, Web Marketing Today, that was founded all the way back in 1995. As indicated by Kerry Butters of live chat SaaS company Userlike, this blog is authored by reporters and industry professionals. Offering straightforward, matter-of-fact ideas and information for e-commerce entrepreneurs, Practical Ecommerce covers a range of topics, from analytics to marketing, management, and development. New content is published every day.

 

Example Practical Ecommerce story & summary: “Avoid Bland Wording for a Unique Company Personality” >>> This article runs through a few e-commerce examples to demonstrate how the right descriptive language can make an online store come alive.

 

Ecommerce Blog #2 – Digital Commerce 360 (Internet Retailer)

 

This site, mentioned by the eCommerce Training Academy, gives tips related to web merchant tasks. What makes its angle a bit more defined is its focus on research (describing itself as “Your source for e-commerce news, analysis, and research”). There are two other ways this blog makes itself distinct: by focusing on more direct interaction, via webinars, and on more analysis, via rankings of e-commerce leaders by industry and category. (As an example of the latter, see the 2017 US Top 1000 Report.)

 

Example Internet Retailer story & summary: “Salaries in e-commerce” >>> Using data from consultancy Hay Group’s “2017 Global Salary Forecast,” this article projected that salaries within US retail would rise 3.0% during 2017.

 

Ecommerce Blog #3 – Kissmetrics Blog

 

Neil Patel is considered a master of web marketing, which is obviously fundamental to e-commerce. And it’s rightful that Patel is viewed in this way: his email newsletter recently pointed out how he accidentally got the #1 Google listing for the keyphrase “online marketing” for this piece). It is no wonder, then, that one of his blogs makes the ReferralCandy top blog list. Bear in mind that Kissmetrics is an analytics platform, so there is a sales angle present — but Patel’s guidance means that the Kissmetrics blog contains plenty of solid information and perspectives. Its scope is described in its tagline: “a blog about analytics, marketing, and testing.”

 

Examples Kissmetrics Blog story & summary: “Persuasive SaaS Onboarding Emails: 10 Conversion Lessons Stolen From Attorneys” >>> This article goes through strengths of these early sales emails, using a courtroom analogy to create stronger imagery and better engage us as we read.

 

Ecommerce Blog #4 – E-Commerce Times

 

The target audience for this Los Angeles-based publication is SMB managers and C-level executives. The broader ECT News Network publishes 9 articles in a typical week (including eye-catching cultural titles such as “The Stupidly Dangerous Politics of Blame” and “Could Tech Nerf North Korea?”). That’s according to Feedspot’s “Top eCommerce Blogs” ranking system — which lists the source in a user-scored 2nd position, trailing only Practical Ecommerce (mentioned first here as well).

 

Example E-commerce Times story & summary: “4 Marketing Strategies That Can Boost B2B Sales: Study” >>> This report suggests you can boost B2B sales “by up to 25 percentage points” through 4 techniques, using results of a poll of almost 200 marketing professionals at American-based enterprises (conducted by business management consultancy Altman Vilandrie & Co.).

 

Ecommerce Blog #5 – eCommerceFuel

 

eCommerceFuel, cited by Butters and others, describes itself as a “private community for 6 & 7 figure stores”; in order to join the network of about 1000 people, you must own or be employed by an e-commerce store that makes a little over $20,000 per month. Because of the focus on that target, this brand (which also prominently features its podcast) is framed not for startups so much as for people who have had some e-commerce success… but why not peek in the door regardless?

 

Example eCommerceFuel story & summary: “How to 100x Your Business in 3 Years” >>> This piece looks at a case study of My Choice Software, a California-based company that experienced an extremely fast period of growth over a short period of time – expanding from $250,000 to $25 million in sales between 2014 and 2017.

 

Ecommerce Blog #6 – HubSpot Ecommerce Blog Posts

 

HubSpot essentially has two blogs, one on marketing and another on sales (and of course there is some good information there), and both of which provide advice and strategies that are intended to educate people on those broader business subjects. However, the site also organizes all its content by topic, and one of those topics is e-commerce – so you can filter down to just those pieces if you like.

 

Example HubSpot Inbound story & summary: “The Year of Customer Experience: How Ecommerce Brands Can Prepare” >>> Five examples are given of e-commerce brands that are effectively catering their approach to serving better customer experience (CX), getting granular with ways companies are changing the color of buttons and making other seemingly minor adjustments.

 

Ecommerce Blog #7 – Bootstrapping Ecommerce

 

This blog creates a certain niche focus by centering the blog on bootstrapping. Because of that focus, founder Shabbir Nooruddin is able to be especially helpful to those who are just getting their businesses off the ground and have shoelace budgets. Despite the focus on those low-budget scenarios, there is some generally good DIY advice here. Although the blog often goes months without a new post, the content is large and exhaustive related to the theme.

 

Example Bootstrapping Ecommerce story & summary: “Ecommerce SEO: The Complete How-To” >>> Keeping in mind that this post was published back in 2015, this can still be a good resource as an introductory, broad guide to search engine optimization.

 

*****

 

Do you want success for your ecommerce brand? One key element of rapid expansion is the strength and scalability of the infrastructure that backs your site. At KnownHost, we offer lightning fast managed SSD VPS hosting. Click here for pure SSD drives.

Read More

Building an Affiliate Program That Works

How to Build an Affiliate Program That Works

Here is a quick guide on what an affiliate marketing program is, why companies find them so valuable, and how you can set one up for your business.

 

  • What is an affiliate marketing program exactly?
  • Why do companies establish affiliate programs?
  • Performance-based and affiliate marketing statistics
  • Possible downsides
  • How to successfully build your affiliate program

 

What is an affiliate marketing program exactly?

 

Affiliate marketing is a way that you can have other Internet sites market your product or service for you, in exchange for a cut of sales. An example would be if you created an e-book that you sell for $25. If you offer a 20% commission, the affiliate would get $5; a 40% commission would earn them $10.

 

Why do companies establish affiliate programs?

 

Note that affiliate programs are not pay-per-click. Money only changes hands if the product sells. The companies that are paying affiliates like the straightforwardness of that approach – just like cutting a check to a 100% commission salesperson. The other basic reason why so many companies set up affiliate programs (as we have at KnownHost, actually) is that it provides broader reach, giving you access to customers who might not otherwise know you exist.

 

Michele Schism of Decisive Minds mentions that there are many different ways your affiliates might market:

 

  • Content marketing through blogs or e-books
  • Review articles
  • PPC
  • Marketing to a list

 

Specifically using the example of lists, Schism demonstrates how powerful affiliates can be. In the scenario she describes, you have a list containing 2000 people, and you also work with affiliates that each have lists containing 2000 people. “At a 1% conversion rate you could sell to your own 20 people and make $540,” Michele says, “OR you could sell through your affiliate’s lists giving them [a] 40% cut and still make $3240.”

 

To get back to the idea of a straight-commission salesperson, Laura Lake of The Balance mentions that these programs are often adopted by companies because they are risk-free. Payment is based on results; it’s tied to revenue that the affiliate generates.

 

Performance-based and affiliate marketing statistics

 

As you can see, the affiliate model is essentially simple, and businesses like that they can create greater exposure for their brand without exposing themselves to risk. How effective are these programs, though, really? Well, industry statistics make that pretty clear:

 

  • According to the 2016 IAB/PwC Internet Ad Revenue Report, the performance-based pricing model that includes affiliate programs accounts for 64.0% of all online ad revenue, versus 34.6% spent on impression-based ads and 1.4% spent on a hybrid model.
  • In a report Forrester Consulting conducted for Rakuten Affiliate Network in 2016, almost 9 out of every 10 advertisers described affiliate programs as either “important” or “very important” to their approach. Most publishers said that the affiliate model brought in greater than 20% of their yearly revenue.
  • The same Forrester study found that the affiliate marketing industry will expand at a compound annual growth rate of 10.1% through 2020, at which point its projected size will be $6.8 billion.

 

Possible downsides

 

Despite those incredible numbers, it is always smart to look at what could go wrong. What are possible negatives of affiliate marketing?

 

  • Control – Make sure that you are watching the behavior of your affiliates, advises SEO consultant Rae Hoffman-Dolan in Open Forum. Your brand can look questionable by association if a “rogue affiliate” is sending spam e-mails, creating inflated expectations (false advertising), or inappropriately using intellectual property. “Set strict promotional guidelines,” says Hoffman-Dolan, “and monitor your affiliate partners to ensure that they remain in compliance with them.”
  • Competition – You will start to vie against your affiliates for organic searches that have to do with your products. You will also have competition for pay-per-click ads, since 3 out of 5 affiliate marketers use PPC (as of 2011). It’s important to set parameters upfront on this topic, explains Lake. “For example,” she says, “if you don’t want them to bid on your brand terms be upfront about this at the very beginning of the program.”
  • Recruitment – Getting an affiliate program off the ground is not all that complicated. However, finding partners can be tricky: trust is key, and affiliate programs have a reputation for not always being straightforward. Lead and follow through with transparency.
  • Tracking – You must give your affiliates a portal that will allow them to monitor affiliate sales easily.
  • Labor – It will take effort and time for your program to succeed. You have to establish it, recruit some partners, keep everyone satisfied, and problem-solve when anything goes awry.

 

How to successfully build your affiliate program

 

OK, so those are challenges. What can you do to succeed?

 

  1. Move toward a niche. You may already have a product or service that you sell to your customers – in which case this step does not apply. If you are still deciding what to market, selecting a carefully defined niche will give your effort the focus you need to specialize and draw targeted attention.
  2. Partner with others in your niche. You want to work with other sites that have a following within the same field or same demographic characteristics as your product. The affiliate program should allow both you and your partners to succeed.
  3. Decide on a network or your own. One key decision is whether you are going to use an affiliate network or handle the entire program yourself, in-house. Hoffman-Dolan recommends that small business owners go with a network – especially if it is a first effort.
  4. Consider working with a program manager. It can also be a good idea to entrust an affiliate program manager to improve your outcome once you have chosen a network. These specialists can help you craft guidelines, come up with commission structures, and optimize your ability to attract affiliates. Program managers will basically help you get resources to your partners, check their compliance, and reduce likelihood of errors that could drive potential allies away. An affiliate manager should be able to inform all new partners on how the product can best be promoted. She should also be flexible when affiliates have their own input or ideas. You can find a manager via referral through an affiliate.
  5. Come up with great collateral. You want to be able to give your affiliates strong promotional materials. It should be incredibly simple for them to market your product. If you make it easy for them to get conversions, they will be more interested in heavily featuring your offer.
  6. Actively look for additional partners. If you get a few affiliates, you may start to think that your work is complete. However, for this project to succeed, it is important to keep recruiting. You can advertise in affiliate directories, along with promoting it on your site and/or listing. You can also reach out to companies that you think might make strong affiliates.
  7. Continue to build your relationships with partners. Make affiliates feel welcome and supported. Get any updates and new product information to them. Provide specific ideas on how best to market your offerings. Never delay with payment.

 

*****

 

Hopefully these suggestions on creating your own affiliate program have been helpful. We actually have an affiliate program in place ourselves. Would you like to consider becoming a partner, or are you just interested in how ours works? See the KnownHost Affiliate Program.

Read More

How to Fix Your Slow Site

The 10 Most Common Reasons Why Your Site is Slow and How to Fix Them

You have no doubt read or heard many laments about how we live in a society of instant gratification. We want things to work right away and if we have to wait, we’ll move on. Whether or not you think that’s a bad thing, it’s the expectation that has been set. This desire for fast and instant has an effect on our web browsing habits as anyone who has closed a tab after waiting only a few seconds for a blank page to load can attest.

 

But, if your website is the backbone of your business, load times and site speed matter quite a bit. The situation goes from feelings of annoyance and impatience to lost sales. Forbes has spotlighted several studies which demonstrate how users and customers respond to site performance. Statistics like a one second delay in load time translates into 11% fewer page views, a 7% decrease in conversions, and a 16% decrease in customer satisfaction. If anything, in the years since these studies, customers have become even less tolerant of slow sites. We also now know that Google does factor in page load times in their ranking algorithm, though not explicitly and the exact mechanisms are rather in depth.

 

All of this is to say if you’re noticing your site isn’t performing as well as you’d like it to, your first impulse might to be to contact your hosting company to see what’s going on. While it’s true that your server clearly plays a significant role in how a site runs, it’s far from the only contributing factor. In fact, there’s a good chance that what’s causing your site to not run at optimal speeds is something within your control.

 

Here are ten of the most common reasons why your load times could be slow and what you can do to fix them.

 

Traffic Levels have Increased Substantially

 

If you’re currently on a shared hosting plan, this could be the reason why you decide to finally make the switch to a VPS. If your site is taking off to the extent that the amount of traffic coming in is causing performance issues, the only real solution is to upgrade your hosting solution to accommodate it. However, you may not be sure that it is the traffic. To confirm your suspicions, check your visitor numbers in Google Analytics and check your bandwidth usage in cPanel.

 

Your “Neighbors” are Using More Resources

 

Typically, if it’s not increased traffic, it’s the other accounts that share your server space that finally convinces you to move on from shared hosting to a VPS. The biggest lure of shared hosting is that it’s cheap. But, much like renting an apartment, the lowered cost comes with the downside of sharing finite resources with all of your neighbors. If another website on the server that your site lives on sees regular spikes in traffic or requires more resources for whatever reason, the performance of your site can be negatively affected.

 

Your CMS is Outdated

 

A CMS can sometimes be a double-edged sword. On one hand, it makes updating content pretty much a breeze. On the other hand, it can be the culprit when it comes to performance issues. This can happen for a couple of reasons. It’s your responsibility to do the regular software updates that come out for your CMS. If you’re negligent, not only are you opening yourself up to security issues, but the build you’re using could be less efficient than the latest one. Each update brings bug fixes which improve performance. If it’s not outdated, it could just be your CMS is a more demanding piece of software than you realize. Which brings us to the next point.

 

Too Many Plugins

 

Many of the most popular CMSes, like WordPress, derive much of their functionality via plugins. These small modules can help your website accomplish a lot of things, but each one can add a fraction of a second to your load times. Not all plugins are equally sluggish, however, so you may have to do some trial and error to find the plugins that help your site work to your specifications without bogging it down too much. The same can be said for the theme you choose to give your site its appearance.

 

Redirects Are Out of Control

 

Sometimes redirects are unavoidable (though you’ll want to use 301s for this) and you need to update the URL for a piece of content that has moved to somewhere else on the site. This is really for the purpose of SEO and so users don’t need to update their bookmarks. Keep in mind that if you’re using redirects, you are essentially giving the directive to have a page load twice before the user reaches their destination.

 

Images Aren’t Optimized

 

A lot of sites likely have this issue. There are rarely any scenarios where you need images on your site that are megabytes in size rather than kilobytes. If you’re taking images from your camera or from elsewhere on the web and just inserting them into your content without taking the proper steps to optimize them, you could be adding needlessly to your load time. If you want a comprehensive guide to optimizing your images, check out this guide.

 

Use Text Rather than Graphics Where Appropriate

 

To go along with the above point, images take longer to load than text. If you have made the stylistic decision to use images instead of plain text where the latter would suffice, you may want to reconsider. Unless there is a pressing design reason for this, it’s always better to opt for the faster loading text.

 

Code Isn’t Optimized

 

The coding of a site plays a huge role in how “snappy” it feels. A fairly minimal site built on mostly HTML/CSS will load faster than a site that also uses JavaScript and PHP to perform a bunch of dynamic functions. While you shouldn’t sacrifice your creative vision, it’s important to make sure you or your developer is committing to clean code that requires minimum loading times to populate in a browser.

 

Embedded Media from External Sources

 

The benefit of embedding media on your site that’s actually hosted elsewhere is that you’re using up less space and fewer resources on your server. The downside is you’re at the mercy of that external source. If for some reason that source is having loading problems of its own, your site will suffer as well while it tries to call up the content.

 

Cache

 

Enable caching through your preferred method so that users are served the cached version of your site for faster load times. This can be done through the .htaccess file or through a plugin if you’re using a CMS that supports such functionality.

 

Conclusion

 

If you’re currently experiencing performance issues with your site related to traffic or you know that you’ve outgrown your current hosting solution, it’s time to upgrade. Say goodbye to frustrating shared hosting plans and take advantage of the performance boost of a VPS with KnownHost. Contact us today and our team of experts will help you find the hosting solution that best matches your needs. Partner with a hosting company that will help you achieve your goals and that provides excellent customer service.

Read More