Web Design

HTTPS: It’s Time to Make the Change

Google has announced that beginning in July 2018, with the release of Chrome 68, Chrome will mark all HTTP sites with a “not secure” warning in the address bar. If you haven't already converted your website to HTTPS, now is the time to get it done.

What is HTTPS and why do I need an SSL certificate?

Your website likely collects customer data including contact information, billing and/or shipping addresses or credit cards. An SSL certificate allows you to collect that information over a secure connection. An SSL certificate is issued by a licensing authority and it’s periodically renewed.

HTTP has long been the standard way people access websites.

HTTPS is a secure connection, data transferred between the web server and your computer is encrypted.

To enable HTTPS on your website, there are a number of steps and we can help with those changes.

Why your website needs HTTPS

HTTPS protects the integrity of your website
HTTPS protects the privacy and security of your users
HTTPS is the future of the web
HTTPS improves SEO
HTTPS websites load faster

[bctt tweet="Google has announced that beginning in July 2018 with the release of Chrome 68, Chrome will mark all HTTP sites with a “not secure” warning in the address bar."]

What is involved in the conversion process

There are a number of steps involved in converting a website to https:

Perform a full back of your website, including the database and files, before making any changes.
Update your WordPress Address (URL) and Site Address (URL) in your site’s WP-Admin Settings > General.
Check to make sure your robots.txt and sitemap.xml files redirect to HTTPS versions and references to URLs inside the files all also use HTTPS.
Update all URLs on your site to reference the HTTPS versions. This can be done by doing a search and replace in the database or by using a plugin such as Better Search Replace
Setup the necessary HTTP redirects so all traffic is sent to the new HTTPS address.
Test your site to ensure each page and post passes with a green padlock. There are a number of testers you can use to find insecure content, Why No Padlock is a great online tool.
Update your Google Search Console and Google Analytics account to point to the new HTTPS address.

What should I do?

We recommend you do the conversion before July 2018 in case there are any bugs that need to be worked out before the official 'not secure' warnings are rolled out.

If you aren't comfortable doing this yourself, we can do the HTTPS conversion work for you for a one-off fixed-price.

Explanation of SSL and HTTP from Wikipedia.

Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL), both frequently referred to as "SSL", are cryptographic protocols that provide communications security over a computer network.^[1] Several versions of the protocols find widespread use in applications such as web browsing, email, Internet faxing, instant messaging, and voice-over-IP (VoIP). Websites are able to use TLS to secure all communications between their servers and web browsers.

HTTPS (also called HTTP over Transport Layer Security [TLS],^[1] HTTP over SSL,^[2] and HTTP Secure^[3]^[4]) is a communications protocol for secure communication over a computer network which is widely used on the Internet. HTTPS consists of communication over Hypertext Transfer Protocol (HTTP) within a connection encrypted by Transport Layer Security, or its predecessor, Secure Sockets Layer. The main motivation for HTTPS is authentication of the visited website and protection of the privacy and integrity of the exchanged data.

The Ultimate WordPress Security Checklist

Caley Walsh | Web Design

Protecting your website is extremely important. We created this checklist to help you harden your website to protect yourself and your users from hacks. Although nothing on the web is hack-proof, following this list will ensure maximum protection.

1 | Change the default 'admin' username

2 | Disable file editing

3 | Disable PHP file execution

4 | Limit login attempts

5 | Change WordPress database prefix

6 | Password Protect wp-admin and login

7 | Disable XML-RPC in WordPress

8 | Enable Web Application Firewall (WAF)

9 | Automatically log out idle users

10 | Add security questions to WordPress Login

11 | Install a WordPress Backup Solution

[bctt tweet="A simple checklist to protect your website from hackers and other threats"]

12 | Frequently test backups to make sure they work

13 | Install an anti-malware plugin and frequently scan for problems

14 | Keep WordPress, plugins and themes updated

15 | Ensure strong passwords and user permissions

16 | Don’t allow users to upload files to your site

17 | Use SFTP rather than FTP

18 | Don’t give our your FTP credentials

19 | Only give admin access to those you know and trust

20 | Only use themes and plugins from reliable providers

21 | User a content delivery network (CDN) to help prevent DoS and DDos attacks.

22 | Install and force the use of an SSL certificate

We have created a handy checklist to for your to print out and go through to add these security measures to your website.

Enjoy!

Download “The Ultimate WordPress Security Checklist”. A useful list of security measures to protect your website.

Enter your info below to download the freebie so you can keep your website safe from hackers and other threats.

8 Simple Website Design Tips That Everyone Should Know

Caley Walsh | Web Design

8-simple-design-tips-that-everyone-should-know

The layout and design of your website are crucial to keep your audience engaged. Here are a few website design tips that you should follow to help you achieve success.

1 | Provide valuable content

Make sure each page has something to offer your visitors, something that will keep them on your website and will bring them back for subsequent visits. Include a call to action that offers something to your visitors and then captures their name and email so that you can stay in touch with them and notify them about new products or services that you have in the future.

2 | Avoid useless elements

Don’t distract your visitors with things that will take them away from the true purpose of your website, which is ultimately selling them on you and your product. Sound or animation -- unless it is a vital part of the overall design of the site -- is distracting. If you have sound, make sure that visitors can easily turn it off.

3 | Provide easy navigation

Make sure visitors can easily navigate from one page to another and include that navigation on each page. Provide a link to a sitemap so visitors can see all the pages on your site if they are searching for something specific. Include a link to the home page on each page. If you have some longer pages, include a way for users to get back to the top without having to scroll back up.

4 | Make things easy to find

Layout your page so all your vital information is at the top of the page where visitors can see and read it as soon as they open your website. Limit text on the page so visitors don’t have to scroll on and on looking for information. If visitors have to scroll down through too much text, they will lose interest and leave your site.

[bctt tweet="8 Simple Website Design Tips that Everyone Should Know"]

5 | Make your content easy to read

Use contrasting colors to make key points stand out. Make the text large enough to read so people aren’t straining their eyes. Increasing line height spacing will make your content easier to read, as well. Light text is hard to read on light colors and dark text is hard to read on dark colors. Dark text on a light background is the easiest for visitors to read.

6 | Define links so they are easy to find

Make links a different color from the rest of your body content so they stand out. Don’t underline text for emphasis as people will mistake it for a hyperlink. Make links descriptive of the page that you are linking to. “Click here” is not a descriptive link. It only tells the user what to do. Change it to say “Click to buy this book”… this tells the visitor where the link is going to direct them to. Have internal links open in the same window and external links open in a new window so people aren’t redirected off your site.

7 | Let people know how to contact you

Include a link on each page so people can contact you. The link can either be a direct link to your email address or it can be a link to a contact page with a form on your website.

8 | Maintain your website

Review your website periodically for broken links, images that aren’t showing up and other anomalies.

Still not sure what to do with your site? Contact me to see how I can help you design and maintain your website.

Download “The Ultimate WordPress Security Checklist”. A useful list of security measures to protect your website.

Enter your info below to download the freebie so you can keep your website safe from hackers and other threats.