Phone 0488 406 050
Tropical Coast Web Design

Five Security Fixes your site needs right now!

Currently, there are over 1.6 billion websites on the WWW and your business website is just one of them. “There’s safety in numbers” you might say when talking about your site’s security – “why would anyone target me?”

HackerIt’s important to know that Cyber Criminals and Spammers don’t physically trawl the web, using “bots” * instead to scour millions of sites every day. Looking for ways to hack into systems, they don’t care who you are or what your site is. If these bots find a weakness or backdoor to your site, you may be in trouble.

*specially coded programs

Benjamin Franklin wisely said “An ounce of prevention is worth a pound of cure” so here’s five site security fixes that you can implement today:

#1 – Get a Security Certificate for your site.

A security (SSL) certificate is an addition to your website server* Google that creates a secure link between a website and a visitor’s browser by confirming the site’s legitimacy.

If your site doesn’t have one, you risk being penalised by Google (and other search engines) with a drop in your search ranking. In addition, site visitors may be receiving warnings form their browsers that your site is “not secure”.

Luckily, an SSL certificate is quick to install on most web servers. Simply contact your service provider and ask for a certificate to be installed.

* the place where your site’s files live on the internet.

#2 – SPAM Controls

You would have to be living on another planet to not have been the recipient of SPAM emails. It is the bane of every single inbox on the planet. Unfortunately, there’s no sure-fire way to stop SPAM completely but there are several things you can do to reduce the risk.

  • Make sure that your online forms are all guarded by Google’s new ReCaptcha protocol. It’s invisible and it works.
  • Update all plugins on your site to their latest versions whenever new versions are released.
  • Check that your web server has effective SPAM filters at its core level.

#3 – Plugin Updates

As mentioned above, if your site uses plugins for any of its core functions, make sure that you update them whenever a new release becomes available. If your site is built on the WordPress framework, this includes the core as well.

Hackers continually look for ways into vulnerable servers and will use any weakness to break their way into your site. An out of date plugin (or WordPress version) on your site could be the weak link they are looking for.

#4 – Latest Version of PHP

PHP is a programming language used in the development of many modern website and, just like plugins, there are new versions of PHP released on a regular basis. These updates are not only for closing any security vulnerabilities but also includes adding new functionalities to the language that can then be used for new functions on your website.

As with plugins, you can easily keep your PHP version up to date (usually via your web server’s Control Panel).

#5 – Install WordFence

If you haven’t guessed by now, WordPress is my website framework of choice for developing. One of the reasons for this is the amazing range of plugins that add further functionality to the basic core of the framework.

One of these is the excellent security plugin Wordfence. Wordfence provides a range of features and options for site owners that help protect their sites from hacking. On top of this, Wordfence provides monitoring of the other components in a site and notifies, via email, when action needs to be taken.

There are two versions of Wordfence, a free version which provides basic protection as outlined above, and a premium version which includes top level protection for your site.

Wordfence is a must for any site built using WordPress.

Conclusion

Nearly all the security measures outlined here can be implemented by a regular site owner with access to their site’s “backend”. However, if you require assistance at any time bolstering the security of your website, please get in touch with Tropical Coast Web Design and we will take care it for you – hassle free.

Five Steps to reboot your Business Mojo

Loss of business mojo happens to all of us from time to time. As business owners, it can sometimes be hard to maintain enthusiasm and drive all the time towards our work.

Five Steps to reboot your Business MojoSometimes it feels like we have lost our motivation and are just going through the motions in order to get things done. We feel no real urge to seek out and try new things (like marketing tactics). If this sounds familiar to you, then maybe your Business Mojo might just need a reboot!

If you are looking for some help so get things going again, here five quick tips that I personally have found useful to get inspired and back on track.

1. Get out and Exercise!

This might seem a bit of a strange tip in a business and marketing blog, however I find my focus for the day is sharper after some form of morning exercise. A simple 30 minute walk or jog can do the trick and the best thing is you can kill two birds with one stone by exercising to some…

2. Podcasts!

There are literally thousands to choose from. The best way to find the podcasts bested suited to you is to have a look on iTunes (for the Apple fans) and BeyondPod (for the Android users among us). Podcast One is another source for all kinds of podcasts from all types of genres.

A great podcast can expose you to a world outside the business that you generally work in and, just by listening to some success stories and the experiences of others, you might just find that missing spark you are looking for.

3. Reading

Once again, for those seeking external motivation from the best in the business, there is an abundance of great books that can get you inspired. Several great books that I can whole-heartedly recommend include:

  • Pour your heart into it – The Starbucks Story by Howard Schultz
  • Like a Virgin by Richard Branson
  • The E-Myth Revisited by Michael E. Gerber
  • Crush It by Gary Vaynerchuk

I must confess that I have read a couple of these more than once just to try and squeeze every possible gem out of them! They are all written by people who have created their own huge success stories and it help me to think – “there’s nothing to stop me being one too!”

4. Talk to other like-minded business people.

Seeking and talking biz with like-minded business owners can be a very powerful experience. But first you need to seek out an appropriate network. You could join your local Chamber of Commerce, start your own networking group or just talk to friends who work in similar industries (or maybe completely different). If you feel a little isolated and don’t know where to start, get online and join a forum.

5. Sit back and reflect

Sometimes we get caught up in the day-to-day of our businesses and we lose sight of what we have achieved and how far we have come. Take some time out and think about when you started your business. What were your goals? Why did you start?

Look at your past achievements and the work you have done. I love to go back and look at sites that I created 10 years ago and see just how bad they are! Of course, they didn’t look too bad back then but the progress since has made all of them look positively antiquated.

Guaranteed, if you look at the progress and successes of your business from where you have come from, you will start to see a clearer way forward and gain some of the motivation you think you have lost. You haven’t lost it – it’s still there, just hidden from view.

Four Steps to Successful Email Marketing

While Social Media for small business continues to be a rave topic in marketing forums around the world, statistics indicate that, although annoying to some, email marketing is still one of the most powerful tools that a business can use to engage with its customers.

Succcessful Email MarketingYour Inbox is irrevocable proof of this – how many items of marketing did you receive this morning?

Although some will never be opened, the humble email can still be an effective way of reaching out to your customers. But, as with anything, there is a right way and a wrong way. Here’s our four top tips to help you create an effective (and legal*) email marketing strategy for your business:

Step 1: Grow your database

Before you start any email marketing campaign, you need legitimate* emails in your database to use. Gathering these addresses is quite easy if you have an established website. You can use the popular method of the pop-up window or simply have a newsletter subscription somewhere on your home page. MailChimp has plugins that work directly through the WordPress framework and integrate with their newsletter systems, saving the hassle of collecting email addresses and adding them manually to your campaigns.

Whatever method you use, remember to always declare why you are gathering the addresses and what can be expected in return (see value point below).

Step 2: Remember the Mobile Users

Due to the unstoppable growth of smart phones, more emails than ever before are being viewed on a mobile device. In fact, up to 75% of email opens* could be via mobile depending on your industry. To cater for this audience, ensure that your emails are mobile optimised – easy to read on a small screen, low on data usage and concise in their information.

* http://www.emailmonday.com/mobile-email-usage-statistics

Step 3: Be aware of the SPAM Act 2003

To keep your email marketing within the lines of the law, you must ensure that any emails you send comply with three main points – Consent, Identity and Unsubscribe.

Consent – The receiver of your emails must be made fully aware at the time they subscribe exactly what they will be receiving in return. Consent can also be in the form of an existing relationship with the receiver i.e. they are already a customer.

Identity – Marketing emails must identify who is sending the emails and their contact information.

Unsubscribe – Each email must include an Unsubscribe option so that consent can be retracted at any time.

Learn more: http://www.acma.gov.au/Industry/Marketers/Anti-Spam

Step 4: Offer Value

The secret behind any email campaign that wants to grow and be effective to offer subscribers VALUE in what they receive. Value can come in multitude of forms. You can reply with a free eBook, a newsletter filled with tricks and tips or keep them up to date with the latest industry news. If you are advertising products or services, butter up the receiving party with a discount voucher for their next purchase.

Everyone loves getting something for free and your subscribers are more likely to stick around.

Remember, what may work for one business may not necessarily work for yours. As with any marketing, try out all your ideas but be sure to MEASURE the response. Don’t spend hours of your precious small business time barking up the wrong tree only to find out that you aren’t getting a decent return from your efforts. Make a note of what works and what doesn’t, fine-tuning along the way. This approach will lead to an effective email strategy that will grow your business without eating away at your marketing budget or your valuable time.

How secure is your WordPress website?

Website SecurityIf your site has been built on the WordPress framework, you are in good company. With a calculated 25% of all websites built using this user-friendly CMS, WordPress is easily miles ahead of its competition. However, with this popularity comes an inherit danger – it is a regular target for hackers.

WordPress was born from an open-source project and remains free to everyone who wants to create a website. Open source means that the code that makes the whole system work is available on the internet with no restrictions. This factor is important in the whole WordPress “ecosystem” as it allows developers and coders to create the myriad of plugins and themes that make the CMS what is it.

Unfortunately, hackers can also look at the code and discover its weak spots, making it vulnerable to spamming and security breaches. For the small time user, this may never be a problem that presents itself. But if your site attracts the unwanted attention of a hacker, they can cause all kinds of problems for your small business website and its visitors.

To protect your site (big or small), there are some very simple measures that you can employ without the need for any programming knowledge (or outside help):

1. Update the WordPress Core.

To do this, access the Dashboard of your site. If a new (major) version of WordPress has been released, this information will be displayed on the main screen of the Dashboard with an UPDATE link. With the newer versions of WordPress, small incremental updates to are performed automatically.

2. Update the plugins that you are using with your site.

In the main menu of the Dashboard, under the Home button, an Updates options will appear when updates for your plugins are available. Click on it to access the Updates page and select the updates that you want to apply. At the same time, visit the plugins page of the Dashboard and delete any plugins that you aren’t using. Even though they aren’t being use, these deactivated plugins can still provide backdoor access to your system.

3. Use a secure password.

A brute force attack, where the login for a site is attacked with a systematic password hack, is hard to protect against but with a secure password (one that used no common words and a mix of symbols, letters, numbers), the hacker will have to work harder to penetrate your system. Also, try to limit the number of users that have access. If someone doesn’t need access and will not be updating the site, don’t give them access.

4. Install the WordFence plugin.

This free plugin has so many features that I can’t list them all here. For a very basic explanation, WordFence provides high-quality firewall and malware protection for your WordPress website and you should have it on your site. Setting this plugin up puts into place a huge roadblock to anyone or anything wanting to cause harm to your site. Get it here: https://wordpress.org/plugins/wordfence/

All the above options are accessible through the Dashboard of your WordPress site but only if you have administrator access. If you log into your site and cannot see or perform the tasks listed, contact your website developer and request an upgrade of your user access.

There is nothing worse than trying to regain control of a severely hacked website however, if it does happen to you and the above steps do not reverse the damage to a perfect state, it is not the end of the world. The server on which your site resides should be* backed up on a regular basis and can be restored by your server provider* to a previous day/week for a small charge.

As always, however, a pinch of prevention is worth a full pound of cure.

  • If your web server provider does not backup at least three times a week, then it is imperative that you find a new provider. Security of your website is paramount.
  • A server provider such as Digital Pacific, NetRegistry, WebCentral, etc provides the space where your website lives. It is generally not the same as your Internet Service Provider (ISP) that connects your business to the internet.

Unsure about how to implement the security measures above, get in touch with Tropical Coast Web Design. We can undertake a no-obligation security audit of your site and let you know how we can help. 

Tropical Coast Web Design