Two big laws have been passed covering privacy online and more are sure to come in the future. While most Web site owners are happy to comply with the laws, they struggle with how to do it easily. Let’s see if we can at least cover the basics with minimal effort.
One part of GDPR is notifying site users that you are using cookies. A tool to assist with compliance of that part of the law is Cookie Notice for GDPR. While it does not explicitly mention CCPA, our feeling is that it will also cover the upcoming law in future updates.
No, this does not magically bring your site into compliance. But it does handle one step of the process very quickly and at a price we all like—FREE!
We are big fans of the Divi Theme from Elegant Themes and use it almost exclusively on our projects. As they released the much anticipated v4.x of Divi, we made plans to evaluate and then slowly and safely update the sites we designed with Divi.
Most of the issues were minor and there were easy workarounds. But we ran into a big problem when we took advantage of one of the new features. Their Theme Builder feature enables the ability to do amazing things with the header, footer and other parts of a site. It was tested on a couple of sites with no issues and then we created a new header for our Graphics Unleashed site and had some big problems.
Almost every type of content in WordPress is a post since the platform was originally built for blogging. Things built with Theme Builder are a custom post type. Unfortunately this caused issues with a couple of tools we were using on the site as they were set to display below posts.
The first conflict was with Easy Social Share Buttons for WordPress. It has a variety of functions, but we used one of them to display social sharing buttons below each blog post. Unfortunately they were now displaying below the header instead. The only immediate solution was to turn off the social sharing buttons.
As Elegant Themes, makers of Divi, also make the Monarch plug-in. Monarch also has social sharing buttons and we felt that Elegant Themes would have made sure their products worked well together. Unfortunately the same problem existed when Monarch was activted. So the best solution for now was to go without social sharing buttons. Yes, we could have probably found a workaround, but it was time to move on.
We also had a problem with related posts. On this site we were using the related posts functionality provided by the Jetpack plugin. Just like the social sharing buttons, the related posts were displaying under the header. After exploring alternatives, we discovered the Contextual Related Posts plugin was a solution though we needed to tweak the settings.
First, we turned them on in the General tab of the settings. This did not solve the problem as related posts were still displaying below the header.
To solve the problem, we went to the List Tuning tab and checked Limit to same post type as shown below.
Now the Related Posts were only displaying below the blog posts as desired. While we were unable to solve both issues, solving one was better than nothing.
Of course these issues were reported to the support team at Elegant Themes. They acknowledged it was a bug and that it would be addressed in an update in the near future.
In the early days of Web design we had GIF and JPEG. Then PNG came along in the mid 90s to provide a very good alternative to GIF. Other formats have come and gone since then with none of them truly taking hold. That is, until now! The folks at Google have created the WebP format and it is one you should consider using. Let’s look at why it is beneficial and then how to use it on your WordPress site.
There are two major types of images: lossless and lossy. WebP has answers for both and those answers provide smaller files than the alternatives. Smaller files mean Web pages load faster and that’s always a good thing.
We now use JPEG format for lossy images. Lossy images have different sizes based on how much quality you are willing to sacrifice. When using an equivalent quality, WebP images are 25-35% smaller than JPEG.
PNG is typically used for lossless images and has the benefit of an alpha channel. What’s an alpha channel? It allows for varying levels of transparency. WebP can do lossless and an alpha channel while being 26% smaller than PNG.
If any of you want all the technical details, Google has the info for you. While Google provides a tool for converting images to WebP, it may not be the best choice right now for Web designers. WebP is directly supported in Chrome and Opera, but not other browsers. So if you use it directly, your pages will probably not display correctly in other browsers.
How Do I Use WebP With WordPress?
If you try to directly upload a WebP image into WordPress today, you’ll likely get a message that the file type isn’t allowed for security reasons. Given the limited browser support, that’s isn’t such a bad thing. The best way to use WebP with WordPress is via a plugin. While there are several choices, the best free option is the EWWW Image Optimizer. The plugin has a number of other features, but we’re focused on the WebP support.
Using the EWWWW Image Optimizer Plugin, you’ll still upload JPG and PNG files just as you’ve always done. The plugin converts those to WebP format and serves them up to site visitors using a supported browser. JPG images will become lossy WebP images and PNG images will become lossless WebP images (with alpha channel intact). It is also compatible with caching and content delivery networks. This option is as simple as installing the plugin and enabling the WebP feature.
Given that installing the plugin will make your images at least 25% smaller, why not give it a try now! it is a very simple way to speed up your site. Also pretty cool for geeky visitors to know you are using the latest in imaging technology.
When I read it, I had my own thoughts on the reasons listed so I’ve taken the seven reasons from that post and have provided my answers below. Three other reasons came to mind as I thought about why I feel Unleashed is a great choice and they are included after the initial seven. As we focus solely on WordPress development, the solutions below are all based on WordPress.
1. Professionals can customize beyond templates
Every WordPress site has a theme (template) that determines the design and features of the site. Sure, there are a bunch of free themes available and some of them are OK. We’ve tried a lot of themes and found that there are many of them that are difficult and/or don’t work nearly as well as the demo.
Over time, we’ve developed a small number of themes that we use on most of the sites we build. We know how they work in depth and know that we can deliver a wide range of designs from them. There are also ways to extend our favorite themes to give them even more features and options.
Should you build a site yourself, you might choose a great theme and it’s possible you get a really bad one. When a bad theme is used to build a site, it can be very hard to switch to another theme at a later time.
2. The ROI is worth the initial cost
Let’s say you want a pizza for dinner tonight. It is simple to go to your favorite pizzeria and get a large pizza with a few toppings for $15-20. The alternative would be to make your own crust, either purchase or make sauce, get some cheese and the other toppings. Then add the time involved to take the raw ingredients and make the pizza. In the end, you could have a gourmet pizza or a complete dud and you will have spent a lot more money and time to get there.
Yes, a good Web site is an investment. If you work with a developer and provide the content required, it will save you money. Even if you built it yourself, you’d still need to come up with the content. What is your time worth? Expect that it can take you 3-5 times as many hours (minimum) to build a site as well as a good developer. In the end, will your creation be a masterpiece or a dud?
By using a pro, your site will be working for you sooner and will be designed to meet (or exceed) your goals. This brings a return to you sooner and that return will likely be much greater.
3. You can choose the right developer
No single developer is the right fit for every project and you’ll find many choices when looking for someone to build an awesome WordPress site. Clients sometimes judge only the cost and not what the developer can delivery. The goal is to have a site that best delivers on your goals while delivering a great return on investment.
We pride ourselves on being part of the GoDaddy Pro program as well as being a Google Partner. The online world changes every single day and we focus on educating ourselves on those changes so that we can deliver sites that follow all the latest standards. This also allows us to minimize the time and costs involved.
4. Managing your own content is still possible
At its heart, WordPress is a CMS (content management system). It is designed to allow multiple users to change content to varying degrees. Some clients only want minimal abilities to change a few words or photos. Other clients want full control of a site. Either option is possible and the abilities can even be changed at any time.
This also brings up the famous Spiderman quote “with great power comes great responsibility.” If a client has the ability to edit anything on the site, they also have the ability to accidentally create problems by clicking the wrong thing. We work with clients so they know how to complete the processes most important to them to minimize potential problems.
5. eCommerce functionality is doable
With a WordPress site, eCommerce functionality can be as simple as installing a plug-in. While it is technically quite easy, a good eCommerce site is much more complex. What types of products and/or services are you going to sell? What types of payments are you going to accept? Do you need to ship products? Are they downloadable? These are just some of the questions that need to be answered.
WooCommerce is often mentioned as it is the most popular tool for adding eCommerce to WordPress. That does not mean it is the right answer for your site. We have found other tools that are better choices for our clients. Not only do we recommend these tools for clients, we use them on our own eCommerce sites so we know them inside and out.
6. Your site will be mobile-friendly and responsive
With nearly 2/3 of all Web traffic coming from mobile devices, it is an absolute must that your site works great on mobile devices. Visitors to your site could be on a computer screen that comes in nearly any size. Throw in the variety of tablets and mobile phones and there is just no single size anymore.
When we design a site, it is designed to be responsive. That means it adapts it to the screen of the device on which it is being viewed. Not only does it need to adapt to every screen, it needs to be usable on every screen. Your blog post must still look great on every screen. Visitors should be able to shop in your eCommerce store on every screen. Google created a certification test to make sure developers followed mobile best practices and all of our designers have passed the test.
7. Websites are constantly changing
One of the best parts about building a Web site on WordPress is that the platform itself is being regularly updated. We prefer to work with themes and plugins that are also regularly updated. First and foremost, this helps to keep your site secure. But these changes also support new and improved features.
Not only does the technology itself improve, we also focus on improving our skills and knowing that latest best practices in Web design. While you may choose not to have your site updated regularly, we’ll be ready to update it when you need it.
8. Keep all elements maintained and secure
It is thought that once a Web site is launched that all work is done for a long period of time. That just isn’t the case. It is not uncommon that some element of the site has an update almost every single day. If a client prefers, they can handle all of these updates. A far better value is to select a maintenance plan where all the updates are installed on sites for clients.
This keeps elements updated and keeps the site more secure as well. Additional layers of security are available for clients who want true peace of mind.
9. Your pages can be tested and optimized
If a user builds a site, will they test it on a variety of devices or do they decide it looks great on their own computer so it must be perfect? We want to test pages on computers, tablets and phones so that the user experience is consistently good.
Even when a site looks good on devices, it may not be optimized. Are images the right size in both dimensions and download size? Will the page perform well in search results? Can adjustments be made to make the site load as fast as possible? These are all tasks a pro will perform so that you get the best results from your site.
10. Resource for support after the site launches
When a site is first launched, it is only the beginning. Changes will inevitably be made. New content will be added. Quite possibly new features will be needed. Where is your time best spent? Is it becoming an expert on WordPress or working on your own business? Regardless of whether you are going to update the site or you want a developer to do it, we’re here to help.
We’d be happy to discuss your needs to see if we are the right developer for your project. Visit our Contact Us page or give us a call at 480-595-0065.
As we work with clients on designing a Web site, we are interested in other sites they like. Sometimes they have an existing Web site of their own for which we need information to give them a quote on the makeover. When we see these sites, we want to know what WordPress theme was used to build them. It may be a great site we want to emulate, it may also be a theme we’d prefer to avoid. Below are three tools you can use to determine the theme used. With each, just enter the URL of the site and the tool will try to determine the theme used.
Note that these tools may not have an answer for a variety of reasons. The most obvious would be if a site wasn’t built with WordPress. Some themes have been highly customized and they are very hard to detect. Lastly, it could be a custom built theme for the site and therefore it isn’t a theme that is available for free download or purchase. We encourage you to test each of the tools as you’ll find that a theme that stumps one tool may be identified by another tool.
Not only is the name of the theme provided in the results, there is also a link to go to a page where the theme is available. You may only need to know the name of the theme yet it is nice that you can also purchase it as needed or simply to do more research on it.
Each time we hear about a Web site being attacked, the owner of the hacked site doesn’t understand why their site was targeted. The short answer is that the bad guys are rarely looking to attack a specific site. Instead they are looking for sites that are vulnerable. Let’s go over some of the specifics that can make your site vulnerable and ways you can protect it.
For a minute, pretend you are an enterprising hacker and you want to make the most money possible. If you are going to attack sites, wouldn’t it make sense to go after the most popular platform on the Web? WordPress powers 28% of all sites (as of this writing) which is far more than any other platform. Because of this, it is targeted regularly.
What Needs Updated
There are three major components to the WordPress ecosystem that can be vulnerable. First is the core WordPress installation. Next are themes installed in WordPress. Every site must have at least one theme and it is common to have 2-5 installed. The third are plugins that are added to a WordPress site. Typically sites will have 10-25 plugins installed. All of these components provide a way for bad guys to compromise your site. Let’s look at each component separately.
In a given year, the core WordPress is updated 5-10 times. Updates address known security issues, fix bugs and add new features. For site security, the most important reason to install an update quickly is to make sure the security issues are patched. When you purchase hosting for a WordPress site, it may include automatic installation of the core WordPress files. It also may not. We’ve seen sites that haven’t had the core WordPress updated in several years and those sites are huge targets for hackers.
For those of you who have hosting plans that automatically update the core WordPress, you can at least breathe easy on that component. Most site owners probably don’t even know if the updates are automatic so this is something worth investigating. If your site isn’t updated automatically, you need to develop a plan to check for updates and get them installed in a timely manner.
Do You Have a Good Theme?
It is possible that a theme never has updates released. While this may seem like a good thing since you don’t have to install the update, it typically means the theme becomes more vulnerable over time. Let’s pretend you use XYZ Theme (this is a fictional name) and it hasn’t been updated in a year. In total, we’ll say this theme is installed on 10,000 sites. When the hackers find an issue with that theme, they know they can attack a large number of sites very quickly. They aren’t targeting your site, they are targeting all sites with that theme.
Other themes are updated almost every week. While this can mean you have more updates to install, it also means the developers are making sure it is as safe as possible. This is one of many reasons we like Elegant Themes. Plus they are likely adding new features! The key is that someone must login to the back end of your site and install those updates in a timely manner. This is not a feature often included as part of your site hosting. So if you aren’t doing it, is someone else doing it for you?
Since most sites have a small number of themes installed, it is important to make sure they are all updated. Even the themes not active can be vulnerable. Maybe some of them should be deleted. Even then, the best plan is to make sure they are all updated regularly.
Plugins Provide Power and Vulnerability
Plugins make it very easy to add features to your site, even by adding a layer of security. But each plugin also provides one more component that can be vulnerable. You want a form on your site for visitors to contact you, right? So let’s pretend your site uses ABC Form Builder (again, a fictional name). It is a really popular plugin with 500,000 installs. And because it allows anyone to enter information, it is especially vulnerable if the developer has missed something. When you don’t update it for six months, the hackers will gladly come infect your site with malware.
Since most sites have at least ten plugins and these plugins are regularly updated, you have to really stay on top of it. On a given site, it is quite common to have at least five plugin updates in a given week. If any of them aren’t installed, the bad guys may have a way to attack your site.
We’re not aware of any hosting plan that includes plugin updates. Maybe your Web developer has included this in the plan they sell to you. What we’ve seen is that most site owners simply don’t install updates. It is those same site owners who don’t understand why their site was hacked. Are you installing plugin updates? Is someone else installing them for you?
The Basic Level of Protection
At the very least, every WordPress site must have a plan in place to install updates to the three components we’ve discussed. Even if this is only done once a week, it could take 10-15 minutes to login to the site and get everything updated. Over a month’s time, that could add up to as much as an hour. Will you take the time to do it? Do you want to pay your Web site developer for an hour of their time to do it?
This is exactly why we developed our WordPress Maintenance Service. Even our Bronze plan does more than simply keep these components updated. Instead of just doing it weekly, updates are installed more often to make sure security patches are in place quickly. So do you want to take an hour or more to do it? Do you want to pay for an hour of your developer’s time? Or do you want it done for a fraction of the cost on an even more regular basis?
What Happens When My Site Gets Hacked?
Each hack is different. Some hacks don’t seem to have any noticeable change to a site. Other hacks will take a site completely offline. Would not having a Web site for a few days hurt you? Some hacks install malware which infects visitors to your site and causes Google to label you as a bad site and remove you from search engine rankings. Would it hurt you if your visitors are mad at you and your site no longer appears safe to Google? Getting that label removed and re-gaining your Google ranking can take quite a bit of time.
We’ve also seen hacks where legitimate blog posts are deleted and a number of spammy posts were added. Would it hurt you if the posts you created were gone forever? Would your visitors trust you if your site had a bunch of spammy posts?
Instead of asking yourself why anyone would want to hack your site, you should just assume it is being attacked every single day. Why? Quite simply, it is being attacked. Installing updates regularly is the first line of protection. More can be done by making sure your site is backed up. Should it get hacked, the backup could save you. Active security protection can also be put in place to repel the attacks. This additional protection is part of our Silver WordPress Maintenance plan.
As I write this, I think of an appliance commercial from long ago with the tagline “you can pay me now or you can pay me later.” If you want to do the maintenance yourself, go for it. It’s just most of you aren’t doing it. I’d rather you invest in a maintenance plan to keep your site working well. If not, the cost to recover your site after a hack is probably going to be a lot higher. Add to that any lost revenue from being without a working site for a period of time.