Why do I need HTTPS security for my hosted website?
HTTPS (Hypertext Transfer Protocol Secure) is a level of encryption security that take place during the connection to the website you are visiting with your computer browser (Firefox, Chrome). Websites with HTTPS achieve this level of security with an SSL certificate (Secure Sockets Layer) installed on the hosted server. Viewing a site over a non-secure connection (HTTP) opens the interaction with a website to hackers/criminals that could intercept the data you send and receive through your browser window. Passwords, email addresses, anything typed into form fields can be intercepted. HTTPS encrypts that connection between the browser and website. This encryption make it more difficult for hackers to intercept the data sent between a computer browser and the website viewed.
Value of HTTPS for Search Engine Optimization
Recently, Google announced that HTTPS security would become a ranking signal with factoring search traffic. It’s inevitable that all websites will require HTTPS security. It is, therefore, important that your site makes the switch to HTTPS sooner rather than later. Several browsers are now showing ‘not secure’ messages when a website does not have an HTTPS connection. It’s easy to scare off website visitors! When presented with a notice of a possible security issue, it’s most likely a potential customer will switch to a website of your competition.
How to add HTTPS security to your website
You should be planning to make the switch to HTTPS in the coming year. Check with your hosting service (Website Domain Service or GoDaddy for example) to see what types of SSL certificates they offer. The level of security you need will tell you which SSL certificate to install. Website Domain Service offers a simple tool installation tool to make adding HTTPS to a hosted website easy. If you run into installation trouble or have questions, WDS also offers 24/7 phone support to assist with any possible installation questions.
Best Practices for improved SEO
Adding HTTPS to your website will give you a slight advantage against your competition that has not yet made the security upgrade. This security install, along with good site content, will improve your site ranking in organic search results.
“Your Hosting Provider has blacklisted the following plugins…”
No web designer wants to see this message when checking their managed wordpress accounts. Hosting servers such as Website Domain Service are working to protect the integrity of hosted accounts. Suspected plugins are sometimes deleted from user accounts.
In some cases the hosting service will “remove” a plugin that is suspected of being compromised, then email the administrator to let them know. “Better safe then sorry” said owner Joe Birch of In-House Graphics. “I like that my website hosting service is watching my back. Bad guys are always working to find a crack in a website.”
Plugins on the blacklist:
Note: This is not an exhaustive list of disallowed plugins. Just a list of the most used as of October 2017. It is a best practice strategy to remove these plugins even before your hosting platform does it for you. (Not all hosting platforms will perform this level of security. You should contact your hosting service to see what level of help they offer.)
|Plugin name||Category||More info|
|6scan-protection||Duplicate functionality||Abandoned/unsupported plugin with duplicate functionality|
|adminer||Duplicate functionality||See description of category below|
|adsense-click-fraud-monitoring||Performance||See description of category below|
|broken-link-checker||Performance||Instead, use client software on your computer or an external service|
|contextual-related-posts||Related posts||See description of category below|
|ezpz-one-click-backup||Backups||Abandoned/unsupported plugin with duplicate functionality|
|fuzzy-seo-booster||Related posts||See description of category below|
|google-sitemap-generator||Performance||Versions < 4.0 only — Instead use Google Sitemap or WordPress SEO.|
|google-xml-sitemaps-with-multisite-support||Performance||Instead use Google Sitemap or WordPress SEO|
|InfiniteWP Client||Security issues||Versions 1.3.8 and below – vulnerability details|
|jr-referrer||Stats||See description of category below|
|MailPoet||Security issues||Versions 2.6.6 and below — vulnerability details|
|p3-profiler||Unnecessary / nonfunctional||No longer receiving updates|
|portable-phpmyadmin||Duplicate functionality||See description of category below|
|referrer-wp||Stats||See description of category below|
|seo-alrp||Related posts||See description of category below|
|sgcachepress||Unnecessary / nonfunctional||From customers migrating from SiteGround, unneeded|
|similar-posts||Related posts||See description of category below|
|statpress||Stats||See description of category below|
|synthesis||Unnecessary / nonfunctional||From customers migrating from Synthesis, unneeded|
|toolspack||Security issues||Vulnerability details|
Note: We do not blacklist UpdraftPlus.
|w3-total-cache||Caching||See description of category below|
|wordpress-beta-tester||Unnecessary / nonfunctional||Non-functional on GoDaddy Managed WordPress Hosting|
|wordpress-gzip-compression||Duplicate functionality||See description of category below|
|wordpress-popular-posts||Related posts||Versions 3.1.1 and below|
|wp-cache||Caching||See description of category below|
|wp-cachecom||Caching||See description of category below|
|wp-copysafe-web||Security issues||Vulnerability details|
|wp-copysafe-pdf||Security issues||Vulnerability details|
|wp-engine-snapshot||Unnecessary / nonfunctional||From customers migrating from WP Engine, unneeded|
|wp-fast-cache||Caching||See description of category below|
|wp-fastest-cache||Caching||See description of category below|
|wp-file-cache||Caching||See description of category below|
|wp-phpmyadmin||Duplicate functionality||See description of category below|
|wp-postviews||Stats||See description of category below|
|wp-power-stats||Stats||See description of category below|
|wp-slimstat||Stats||See description of category below|
|wp-super-cache||Caching||See description of category below|
|wpengine-common||Unnecessary / nonfunctional||From customers migrating from WP Engine, unneeded|
|wponlinebackup||Backups||Abandoned/unsupported plugin with duplictate functionality|
|yet-another-featured-posts-plugin||Related posts||See description of category below|
|yet-another-related-posts-plugin||Related posts||See description of category below|
Having a google review is very favorable to search engine ranking. But it’s not so easy. That can be a good thing. Google knows if you have google customer reviews they are for real. With a little work, you can ask your clients for google reviews directly. This personal touch will insure that the reviews you receive are the very best.
What if I get a bad review on Google
If you happen to get a bad review on google don’t fear. Google allows you to respond to the review to explain your side of any possible misunderstanding. Often you are able to diffuse the issue and get an improve review from your client.
Below are some basic steps you can perform to copy a custom URL to give to your customers and ask them for a Google review.
1. Search for your company by name in Google.
2. Click on the button “Write a review”.
To the right side of search window look for the “write a review” button to write Google review
3. You’ll see a Google review box has popped up, copy the URL out of the address bar.
This will give you a URL similar to https://www.google.com/search?q=inhouse+graphics&ie=utf-8&oe=utf-8#lrd=0x88348a7b65bd338d:0x8c9138ee6b851b0c,3,
The main part we’re interested in is the last digit. The 3. This is the part that pops open the review box. You can change the functionality of this URL for instance by changing it to a 1 and it will open up a pop which shows all of your current reviews https://www.google.com/search?q=inhouse+graphics&ie=utf-8&oe=utf-8#lrd=0x88348a7b65bd338d:0x8c9138ee6b851b0c,1
Hidden Google Trick
The version with a 3 makes the most sense to send to a client, but there’s just one last trick up our sleeves. If you add a 5 after the final comma, so your URL looks something like https://www.google.com/search?q=inhouse+graphics&ie=utf-8&oe=utf-8#lrd=0x88348a7b65bd338d:0x8c9138ee6b851b0c,3,5 this will not only open the review box, but it will also highlight 5 stars! All your client needs to do now, is add the words for their review.
4. Shorten your Google review URL.
A nice touch I’ve seen a few people do is to shorten the URL so it’s a bit more user-friendly. Browse to your favorite URL shortening service, I’m going to use Google’s URL shortener https://goo.gl/.
Copy and paste your long URL into the text box and click “shorten URL”. This will give you a URL such as https://goo.gl/jpbjh2.
You now have a nice short URL you can send to clients that will send them directly to leave a 5-star review for your Google My Business page.
5. Send to your clients and start getting Google reviews.
Copy the URL and paste it into an email and send it out to all of your regular clients and to any new clients you do work for from now on.
In-House Graphics can help you with setting up your custom URL as well as performing a site audit and pinpoint any possible issues with your website that need to be addressed. We look forward to working with you.
Joe Birch, Owner – firstname.lastname@example.org