blog Archives - SiteHatchery / Crack open the perfect website

May 7, 2018May 16, 2018

Tip: Regularly Review Your Website for Viruses

In this post, I will examine how to review and scan code regularly to help prevent security breaches and viruses.

The largest and most advanced internet security breaches in history have happened in the last few years.

Take, for example, an admission by Yahoo! that data from every one of it’s 3 billion user accounts had been stolen in 2013. Also frightening is the fact that we still have no idea who did it.

In November of 2017, we learned that the personal details of 57 million Uber drivers and customers were unearthed by hackers. A couple of outside hackers figured out how to scrape private information from cloud-based software that Uber was using . Uber paid the hackers $100,000 in hush money, hoping to keep their customers in the dark. I guess it wasn’t enough.

Another notable data breach was reported by Bloomberg concerning Equifax on September 18, 2017. The stolen personal data included social security and driver’s license numbers of more than 143 million consumers. Hackers accessed this data by exploiting security vulnerabilities in Equifax’s website.

And there have been many more recently.

If these and other enormous companies are vulnerable, where does that leave us? How can we protect ourselves?

You might be thinking that you’re not big enough to be concerned about data breaches, website viruses, or hackers. And you’d be wrong. You might not have the same exposure as these companies and there’s a may be less motive to hack into your website, but I’ve seen first hand the devastation that can be inflicted on smaller organizations.

Here’s a couple of horrifying personal examples…

Years ago, we developed a custom video publishing website for one of our clients. On the night before the launch, our client sent an email campaign, inviting hundreds of customers to visit the website. While half the world was asleep, the hacker found a way in and uploaded dozens of porn videos! His customers woke up to an eyeful.

On another occasion, a hacker created a bot that silently exploited a vulnerability in a Magento PayPal plugin. Some viruses create obvious problems like redirecting pages or triggering anti-virus software. This one remained undetected for more than two years. What did it do? It forwarded credit card information to the hacker’s email address.

It’s not possible to catch every problem in advance, but we’ve learned over the years that there are things that can be done to prevent viruses, hackers, and to shore up security vulnerabilities. Relating to the topic of scanning your code files for viruses, here are some things that we do:

Schedule Regular Reviews

It’s important to make reviewing your code and plugins a regular thing. Don’t wait until there’s a major update or until you want to redesign your website before inspecting your code. We offer plans that include having a competent developer manually review web folders and update code and plugins every month.

Click here to learn more about WordPress Website Security and the benefits of having a developer safeguard your business by putting a virtual steel wall around your company.

Visually Inspect Web Folders

We take a detailed look at the files in web folders to see if there’s something unexpected. For instance, you wouldn’t normally see PHP or JavaScript files inside an image directory. Or, for example, you wouldn’t expect to see a file named “blah.php” inside of the root directory. Being professionally familiar with most the major CMS platforms (e.g. WordPress, Joomla!, Magento, and more), we usually know when something isn’t right.

Automatically scan for viruses

Virus scanners will look for known exploits, or patterns in the code that are likely malicious in nature. We can set up software that reviews your website files on a daily basis.

Get notified if there’s a change

On our WordPress sites, we like to use a program called WordFence. This is a powerful plugin that, among other things, regularly compares your WordPress files against an expected result. If something changes, WordFence instantly sends you an email, allowing you to cut off the problem before the damage is extensive.

If you’d like to have a professional regularly review and update your website, take a look at our security plan or give me a call (530-680-2734). If you’re in the Chico area, I’d love to sit down and talk with you.

April 29, 2018June 11, 2018

10 Ways to Determine the Quality of a WordPress Plugin

In this post, I’m going to expose our secret methods for choosing the most-secure and bug-free WordPress plugins.

WordPress is a fantastic website management tool.

It’s the most popular content management system (CMS) in the world, used on a whopping 30.7% of websites (W3Techs). This is an impressive number of websites! The next runner up for market share is Joomla!, which only represents 3.1% of the market share.

It’s so easy to use.

No wonder people like it. It’s super easy to manage your website. You can add pictures, content and menus… very easily. However, there’s a big problem:

It’s also easy to break your website. I think they’ve gone too far with making everything “easy”. With a push of a button, you can update (and screw up) your WordPress software. With automatic updates turned on, WordPress can do it for you. I’ve seen quite a few websites break like this.

One customer thought they’d just click the update link. It seemed so easy. Their website was destroyed. Utterly. Unfortunately, they did not backup the website first. Unfortunately, they didn’t host with us and so did not have automatic server backups turned on, or daily remote backups installed. They were done for.

You can also add new plugins so easily. Just put in a couple of keywords and add a new plugin with the push of a button. Folks, I can’t stress it enough: this is dangerous!

Plugins are not made by WordPress. WordPress plugins are made by freelance developers and non-WordPress companies. Many of the plugins are great (I’m going to tell you how to find them), but there are also many poor plugins that create doorways to viruses into your website.

You’ve got to understand the vetting process for accepting WordPress plugins. Here is the criteria for getting a WordPress plugin approved:

Plugins must be compatible with the GNU General Public License v2 or later. If a license is not specified, code will be considered “GPLv2 or later.”
The provided Subversion repository must be used for functional WordPress plugins only.
Links such as a “powered by” link, or advertising, or external service calls are prohibited unless it is clearly documented and explicit user permission is granted.
The plugin and developer must not do anything illegal, dishonest, or morally offensive. This includes spamming or harassment.

There’s not much to it. There’s no record of using a formal code review process. There’s no testing. Why? Because the WordPress community is supposed to do that. Rather than staffing this process, WordPress relies on developers and communities to separate the good plugins from the bad. WE are their vetting process.

If you know what you are doing and are careful, this process works. It works well because of the shear number of people using the software. Quality is primarily surfaced through thousands of reviews and displaying a large number of downloads. In a word, quality is managed through: popularity.

However, there’s more to doing it right. Following is a list of 10 methods we use to vet WordPress plugins for quality…

A Large Number of Downloads

As I mentioned previously, a common way to identify a good plugin is to look at the number of downloads. We prefer to plugins that have more than 10,000 downloads. We make exceptions to this all the time, but this is a good starting point. Why do we look at this? The idea is that with enough people using the software, many of the bugs and vulnerabilities will have been worked out by the early adopters. When it comes to new software from unknown developers, try not to be an early adopter. Instead, look at the most popular or featured plugins. These are plugins that have been implemented and used by many, which in theory, should be more stable and worry free when it comes to integrating with your website.

Good Reviews

A plugin might have an adequate number of downloads, but has poor reviews. I typically look for a 4-5 star rating. It’s also a good idea to read the review comments.

I’ve seen cases where a plugin has a low review because a competing developer spammed the reviews for a plugin. I’ve seen the opposite, where the plugin developer obviously opened up a bunch of new WordPress accounts and posted outstanding reviews. Or, people will leave bad reviews because they don’t have the technical expertise to set up a complex plugin.

To get a good gauge for the quality of the plugin, I look for the evidence to throw out. I am also looking for real problems where the plugin has caused websites to break, are incompatible with other plugins, or have left doorways to viruses.

The point is that reading plugin review comments will give you a better feel for how good a plugin is. If you are in doubt, you can always reach out to the developer and ask a question. It pays to be cautious instead of spontaneous.

Last Updated

If a plugin hasn’t been updated recently, it might be an indication that it’s not compatible with the current version of WordPress. When choosing a new plugin, I tend to prefer one that has been updated more recently. This might suggest that the developer is still active with keeping their software current and synchronized with new WordPress software updates.

Proceed with caution if a plugin has not been tested with your latest update.

Supported Version

Another metric to look at is the highest version supported. While this might only mean that the developer updated the version number in a configuration file, it at least shows that the developer is proactive and still interested in supporting their code.

Research

If there are a large number of downloads, lots of good reviews, has been updated recently, and supports the current version of WordPress, I’ll usually feel pretty good about the plugin and will install it and test it. If I’m feeling a bit uneasy about it though, I’ll perform searches on Google to uncover what others are saying about the plugin.

YouTube is a great source for research. Look and see if there are videos of the plugin available by other users or even the developer. I have found videos to be extremely helpful about the benefits and limitations of a plugin, including integration and performance.

Bug/Vulnerability Lists

There are a number of places online that track and publish bugs and vulnerabilities. This process allows me to keep a tight wall of security around my business at all times. Each new plugin goes through a step-by-step security process to ensure my business is safe, along with the information I store.

Here are a few companies that I use to help with the security process:

WPScan Vulnerability Database

WordFence Activity Report

WordFence Vulnerability Blog

WordPress Bug Tickets

In addition to scanning for bugs and vulnerabilities, I’ll often review the WordPress forums relating to the particular plugin. It’s best to know all you can about the plugin.

Visual Inspection of Code

Sometimes, you have no option but to use a new plugin with few downloads, few or no reviews, and with little or no outside references. For instance, you might have an uncommon feature requirement that an obscure plugin can handle. I will often visually inspect the code to see if there are intentional doorways to viruses, vulnerabilities, or poor code quality.

If there are no visual areas of concern, proceed with installing the plugin and testing as you would normally.

Review for Conflicts and Bugs

This one is obvious! It’s important to test the plugin to see if it breaks your website and works as you expect. Plugins can create a conflict with your theme, especially if you purchased a theme that is packed with features and other plugins to support the theme.

After installing and activating a plugin, check the website. Review the plugin to make sure it’s operating successfully and no errors occur on the website.

Hide Plugin Management

For trigger happy customers, I’ll sometimes install Admin Menu Editor. Among other things, it allows me to hide from certain users and types the menu links for updating WordPress and plugins.

This is a nice safety measure to have in place. It will ensure users who have access to your website won’t be able to install updates and potentially break your website.

Turn Off Automatic Updates

This might seem counter-intuitive because WordPress recommends having automatic updates turned on. If you get a virus, you can’t blame WordPress if you don’t have this turned on! However, the downside is that it can break your website or conflict with plugins. It’s far better to have a professional do a full backup of your website and do all that I’ve outlined above before applying updates.

Proactive Scanning

Finally, it’s a good idea to regularly scan for unauthorized changes in code and viruses. WordFence does this automatically for your website. I install it on every website and it’s a good example of an awesome plugin.

In summary, it’s very risky to add and update WordPress and plugins without knowing how to evaluate plugins. I’ve documented my vetting process for you. I hope this helps! Although simple and easy by clicking a button, the effects of an update or use of a low trusted plugin can be catastrophic.

April 6, 2018June 11, 2018

Cyber Crimes Decrease with SiteHatchery’s Security Service

SiteHatchery.com announces Website Security as its newest addition of services through a Press Release.

Creative website solution provider expands their business in website security service.

Chico, California – April, 2018

SiteHatchery.com, a web solution which provides web-hosting, web-design and other valuable business solutions in Northern California, announced it will add WordPress Website Security service to its list of service offers. The organization, a small web design and development company, seeks to create one-of-a-kind business solutions that allow owners to do more with less, has produced a safeguard system that will keep out unwanted intruders from your website.

“They really listened to what we wanted from the site and used their expertise to create an easily navigated, informative site with a wonderful visual presence that focuses on product sales. We couldn’t be happier with the results, and intend to continue to working with Site Hatchery on any and all upcoming web projects.”
– Lavender Ranch

Site Hatchery has been creating innovative products and services for its North American clientele since 2005. The latest service addition, Website Security, is a culmination of tactics and strategies to fence off intruders from gaining entrance and accessing highly sensitive information.

As Cyber Crime continues to evolve, so will the security measures that are put into place to combat against threats. Password changes and updates are not enough, protective measures are integrated from the server level and include redirects and file changes. A virtual bubble surrounds your business, blocking entry.

Jason Cox, owner of SiteHatchery.com, had this to say:

“Protecting your visitors and their sensitive information plays a major role within the User Experience (UX). If a guest knows they are safe when doing business with you, the trust factor will rise and they will share the experience with others, becoming a testimony to the services of your website, strengthening your brand image.”

To learn more about safeguarding your company from unwanted attacks, or if you would like to know more about Cyber Security and the benefits of having a skilled development team like SiteHatchery.com protect your organization, contact Jason Cox at 530.680.2734 or email, [email protected], or visit the website at www.sitehatchery.com.

ABOUT SITEHATCHERY.COM

SiteHatchery.com is a small web design and development company based in Chico, California. They create attractive, effective responsive websites that help large and small businesses alike draw traffic and revenue while serving customers with an easy-to-use online presence. A full-service solution, they offer web-hosting, website performance tuning, custom website performance reports, website security, website updates, custom eCommerce platforms, SSL Certificates, and daily back-up solutions.

January 18, 2018June 11, 2018

Website Security: How to Create a Rapport with the Baby Boomers

In this article, we discuss “Website Security: How to Create a Rapport with the Baby Boomers.” There’s a shift in the industry and Baby Boomers, well, they are booming in the digital market.

A recent study by the University of California revealed that the baby boomers generation is among the most trusting and optimistic group within society, a trait that most take online with them. Striking up a healthy relationship between your website and your audience is arguably the most underappreciated aspect of the online world, and can often be the difference between a fruitful experience and one that poses several threats. By tailoring your website in such a way that it connects with your domain’s visitors, the potential for these threats decreases dramatically and the security and enjoyment for those both sides of the website rises even more.

A Tech-Savvy Generation

The days of dismissing our older generations as being outside the technological world are over. The number of seniors owning smartphones has risen to four-in-ten in the United States, and the number of people over the age of 65 who use the internet has risen sharply to 67%. The baby booming generation is becoming more and more digitally connected with every passing day, and it is vital that websites cater for this audience. Despite their increased usage, this group is still among some of the most vulnerable when surfing the web however. As an example: seniors are defrauded online at twice the rate of the rest of the population.

Identity Protection

As we mentioned in the introduction, the baby boomer generation is amongst the most trusting group within society, and these attributes come across in their online activity. Most seniors see the internet as a good thing for society, it is a useful tool for them to stay in contact with friends and loved ones and as such they put a lot of their trust in it. It is sadly this trust that many would-be fraudsters go out of their way to take advantage of. One of the simplest and most effective ways of limiting these threats is by encouraging users to pick nicknames, install private passwords and especially remind users that they are under no obligation revealing personal information such as addresses, names of family/friends, birthdays etc.

Communication Channels

It might seem simple, but keeping users informed of the appropriate contacts available to them is a great way of lowering not only the amount of threats, but indirectly lessening the emotional damage caused by them. Studies have shown that older internet users are more unlikely to report a case of internet fraud for example, but the emotional strain from these crimes hit these users just as hard. By encouraging and making it easy for seniors to communicate their concerns and queries, not only will you have a better understanding of the kinds of threats there are out there, but the knock-on effects of making these communications more socially acceptable, will help others out in the longer term. Providing elderly users with an Internet guide about the ins and outs of various types of threats is also a great way of raising awareness about the possible dangers in the cyber world.

Our baby boomers are just as technologically connected as the majority of us, experiencing and using the same kinds of websites that we do on a day to day basis. However, by implementing the kinds of safety features explored in this article, we can guarantee that they will be just as safe when on these sites which will only give them a more enjoyable experience and reflect much better on your site.

Are you looking to update your website? Do you need an additional hand to keep up with the demands of your business? SiteHatchery.com offers a variety of services tailored for business owners. From web design and web hosting, to custom analytic reports and intense security measures – SiteHatchery.com can help.

Check out our Service Bundle, a convenient all-in-one service that is affordable and effective.

December 18, 2017June 11, 2018

You can have a Robust Website

It is hard to believe that the oldest domain ever created is now 32 years old. In that period of time, sites have been and gone and successful sites have gone through ups and downs. What is it though that keeps a website going through the years? Depending on what type of service is offered, a vast majority of business can depend on how much traffic your website receives. As such, it is vital to be aware of the important components that keep a website robust and relevant. You can have a Robust Website, but it does take time and effort.

Brand Strategy

Some of the most successful websites on the internet can make up to $27 per second. Often, as a small business owner, you may come to the conclusion that this type of money is just completely unachievable. I mean, how do they do it? Websites like Zynga and LinkedIn, that are earning the megabucks, have ensured that they have spent their time and money on creating a brand that is clear and recognizable. You must also consider whether your brand can stand the test of time, like some of the oldest domains on the internet which have been in use since the mid-1980s.

It is important, no matter what stage of business you are at, to have a robust and powerful brand that consumers understand. This is most often ensuring that your brand is simple yet effective in what it does. So LinkedIn, for instance, very intelligently, uses the features we have all come to know from social media and has applied it to professionals, looking for jobs and networking. Many features of their website design, cross over with the likes of Facebook and follow the same simple to us rules. As such, their brand identity is one that is strong and simple to use, thus gaining credibility in the market and more traffic through recommendations and so on.

Logos and Colors

One of the first rules of successful branding and in turn, website design, is to create a recognizable logo. Again, looking at the most successful companies out there in 2017, they all have a recognizable, simple brand design that the customer associates easily with. Apple is a great example of this, as is Facebook, which also uses a specific color to draw people to its brand. The same can be said of companies such as Twitter and Snapchat that in their design have used definitive coloring to make their brand and site, easily recognizable.

Although it seems simple and obvious, this approach is where a number of websites fall down. Getting the design right by choosing a simple and effective logo, will make you instantly recognizable and will reap benefits in the long term. In addition, choosing relevant and effective coloring to add to your brand is equally important. The connotations of certain colors will help to influence your site visitors. It is no coincidence that Facebook and Twitter, use a calming blue. While Snapchat, attempting to appeal to a potentially younger audience, uses a bright yellow.

Being Robust

It is an extremely aggressive market currently and without the right tools, a website can quite easily fall by the wayside. It is vital to get the correct ingredients you need to make sure your website is robust and stands the test of time. Luckily, there is help out there, where you can get the relevant insight required to keep your site getting the hits needed to be successful.

Check out our Service Bundle, a convenient all-in-one service that is affordable and effective.

December 8, 2017June 11, 2018

You Can Benefit from Advertising on Search Engines

Every year Google, Yahoo, and Bing make tens of billions of dollars through search engine marketing, also known as Pay Per Click advertising. According to experts, search engine advertising drives more new website traffic than any other online advertising method. This means that when you advertise on search engines you’ll attract more new customers to your website all the time. It’s no surprise that more than one-third of all marketing in the US goes to digital ads. If you haven’t started pushing your brand digitally, You Can Benefit from Advertising on Search Engines.

As a website owner, you want an effective marketing campaign with a high success rate; which is what makes advertising on search engines a perfect choice for you. You can even track the results of your ad campaign using Google’s AdWords. This will help you decide whether those specific ads are working for that demographic or do you need to choose a different angle to target them.

Here are a couple tips to help you get the best of advertising on search engines…

The text ad, it’s all about the message

Search engines show ads as text either at the top or the top right of the search results page. However, you’ll need to be aware that these ads have a limited number of characters.

That’s why it’s important to make your ad concise and loaded with keywords to get the searcher’s attention. Keywords are those words that best describe your business. For example, the word “flowers” is the perfect keyword for a floral business. You can make your ad stand out by putting your keyword in the title of the ad itself. So if you’re selling women jewelry then including the keyword “jewelry” both in the title and description of the ad would make the ad show up every time someone searches for jewelry. Which is exactly the kind of customer you want clicking on your ad and visiting your website.

Target the right audience

By default, some brands are suitable for everyone regardless of age, gender or location. But if you’re targeting a certain audience or a niche market then you want to tailor your ads for that clientele. You’ll need to identify your customers and choose which apps, websites and even web pages for your ad campaign. This is not as difficult as you think and marketing your website online is made easy with free tools. Tools like Google Display Planner are designed to make it easy for you to target the right audience for your ads. Through it, you can select the general interests of your preferred customers and let Google suggest the best websites to display your ad.

Would you like a hand with collecting data and having visual performance indicators sent to you to help with making informed decisions about which keywords to push? Which landing pages to promote?

If you are like us, information and knowledge is key. We at SiteHatchery.com created a custom monthly reporting system which sends tailored data specific to your business. Receive information, but more importantly, understand what it means. Our team reviews the data and as a compliment, suggests solutions to help increase user activity.

Send us an email and we’ll send you a sample report. Don’t let data get lost between the cracks.

October 25, 2017June 11, 2018

Double Log-in Forms

I had an interesting idea about Double Log-in Forms. The authentication logic could require one or more failed log-ins using a specific chain of, possibly simpler, passwords. For instance, entering the password “abc123” would appear to fail, but would be required by the authentication logic. A subsequent correct password, such as “xyz321”, would then allow entry to the secured area. What makes this idea interesting is that to the bot or hacker the log-in attempt would appear to be a failure. What do you think? Would this improve security?

There are a lot of good security measures offered to help protect against intruders. But the truth is, for every security measure put into place, someone is looking to get around it. The best line of defense is to search for the vulnerable areas of your business, before someone else does.

If website security is important, do we have a service for you. Our Monthly WordPress Security Check will have a web developer continually combing through your website, creating back-ups, running updates, putting safe-guards in place along with monitoring server and website activity.

October 23, 2017June 11, 2018

Important Considerations on Website Accessibility

Important Considerations on Website Accessibility. When you launch a new business or startup, one of the most exciting and creative tasks at hand, is that of building your very own website. You know the style and look that would favor your business and you think of including exciting features such as multi-media solutions, but one thing you should not neglect, is website accessibility.

The Law and Statistics on Website Accessibility

Currently, the law is an a standstill regarding the precise stipulations to be required of all websites. In January, 2017, the federal government showed signs of adopting a set of standards called the Web Content Accessibility Guidelines 2.0 Level AA, but so far, the current administration has yet to put them into place. Courts have also been divided on the matter, with some stating that the American Disabilities Act (ADA), created to ensure that the disabled do not suffer discrimination, does apply to websites, and others deeming that it does not. Rather than waiting to see what lies ahead, however, it makes sense to opt for an access-for-all website from the word go.

Why Accessibility?

In the United States, around 56.7 million people – that is 19% of the population – have a disability. Giving these people the tools they need to work, live and enjoy their lives, is a matter of corporate responsibility. Very few visually impaired people, for instance, have graduate degrees yet over 40% of them are part of the workforce. By making resources, services, and information more available to all web user, we can help balance out existing inequalities. From a practically perspective, we do know that the ADA regulations will eventually move forward. Therefore, it is better to be up to standard from day one.

Where to Begin?

WAVE Chrome Extension will be very helpful at identifying accessibility problems in your site. You can also have a look at WCAG 2.0 to see some of the most important considerations and make sure that your site works as well on mobile devices, since for many web users, mobile is the main point of online access.

The Specifics

Web accessibility involves having specific users in mind and catering content to them. For instance, the hearing impaired will benefit when you provide text alternatives for any content provided in video or sound – if you can, it would be fantastic to have sign language included in your videos. Many people with vision issues, meanwhile, use are screen readers, which provide a clear text alternative to images. Use an ALT tag so the readers can do their job. Text should be large, clear and uncluttered; preferably, use black text on a white or light hued background. Also, be sensitive to color blindness, avoiding the use of blue/green/yellow colors to denote different choices.

A third group to keep in mind are persons with epilepsy; use flashing imagery and saturated reds little or forego them altogether; any image that flashes over three times per second can actually trigger a seizure. Finally, keep those with cognitive impairments in mind; don’t make it hard on them by setting time limits on your content, always provide clear heading and subheadings and let them easily access the structure of your web, to make it easier to find that they are looking for.

Designing a truly accessible web page is a challenging goal, but one that is definitely achievable when you rely on the right team, take time to research into the needs of various disabilities, and make changes as you go along.

Check out our Service Bundle, a convenient all-in-one service that is affordable and effective.

September 24, 2017June 11, 2018

Why You Need a Responsive Website

More and more this topic is being understood and implemented. Almost all websites used today are responsive. But, if you haven’t made the leap yet to cater to different view-port sizes, you may be missing out on potential business. In this article, we will go through the reasons “Why You Need a Responsive Website.”

While working toward obtaining a Management Information Systems degree, I managed a small apartment complex with my wife. Our neighbors were quiet and seemed relaxed in our peaceful park-like environment. We didn’t have to go far to do our job, since only a sliding glass door separated the living room from the small office add-on that protruded into the parking lot. We held office hours only two hours a day, but since our apartments were mostly filled and the residents were content, we didn’t have too many visitors. Rather than using this additional time to study for classes, I used it to dream up ways to make money. Thus, SiteHatchery was conceived here and a company was born.

My first web design gig was done in this office on a Windows XP computer with a 14 inch monitor. If your own experience with computers dates back to the early 2000’s, you might remember working with something like this:

I remember being frustrated by the poor internet connection, and the tiny screen. The monitor was a beast. It weighed like an anvil and took up half the desk in depth. Larger and thinner screens were quite expensive at the time, at least to me, so I just resolved to struggle with what I had.

My parents heard of the struggle and wanted to help encourage my decision to start a business. To my great delight, they bought a laptop computer to replace the relic I had. It was a large 17 inch HP laptop. It was heavy, but portable. There was so much extra room for designing and developing websites, and it was also nice to meet with customers remotely and do work in coffee shops. Here’s a picture of the actual laptop I was given when I graduated in 2004, now used by my kids as an inoperable toy:

While I prefer using larger monitors, many of you may like to use smaller and more portable computers. Several years ago, Best Buy only had a single 17 inch laptop in their store. It was a great shock to discover that the tiny 13 inch laptops were in such high demand and, according to the Best Buy rep, 17 inch laptops were becoming largely irrelevant.

In the early 2000’s, smart phones were trending. I upgraded a Palm 3C with a Blackberry smart phone. The full keyboard was amazing, and it was nice to be able to manage emails and a calendar from the device. Websites were shown slimmed down to a mobile site and were hardly usable. Browsing the internet was such a horrible experience that I didn’t do it much.

Then, something amazing happened. My mother-in-law presented the best birthday present: an iPhone. I dreamed of this, thinking how amazing it would be to show full desktop-like websites to clients on a small screen wherever without having to pull out a mammoth laptop.

However, as the trend toward smaller screens rose, responsive websites were born. Responsive design really began to increase in popularity not too long ago. The idea behind scaling and reorganizing a website to fit smaller screens was introduced only in May of 2010 by Ethan Marcotte in his A List Apart article. It began to take off in 2012, only 5 years ago! Now, having a responsive website is a requirement for every new web design project.

Why do you need a responsive website?

Simply, you need a responsive website because most people are browsing your website with portable devices. Desktop websites are built for larger screens and they may not look good or be usable on smaller devices. Since more than 50% of users are browsing your website on a mobile device (see this), you might be missing out on an opportunity to reach your customers effectively. Following this user trend, Google also gives responsive websites a boost.

If you would like to update your website and create virtual business tool that is accommodating to all viewable electronic devices, our design team will create a solution that is not only cost effective but also performance driven.

Keep in mind, SiteHatchery.com offers a variety of services tailored for business owners. From web hosting, to custom analytic reports and intense security measures – SiteHatchery.com is an active ingredient when it comes to the recipe of successful web support.

September 24, 2017June 11, 2018

Why Your Website Should Have the Latest Updates

Why Your Website Should Have the Latest Updates. In this post, I’ll explain why it’s important for your website to have the latest updates from the platform vendor. Most of my examples and discussion will be centered around WordPress, since many of my clients are using it for their content management system (CMS), though the principles will apply to any major platform.

Security
The first and most important reason for keeping your website updated with the latest code is: security.

Since I started developing about a dozen years ago, several of my customers have complained about viruses or malicious software being embedded on their websites. Typically, means that the website gets redirected, or code gets embedded into a page. Bots will attempt to gain access to the website to capture your customer’s payment information, get admin login details, or even to scrape content. Hackers love to spend their time trying to find new ways to exploit or uncover vulnerabilities in a website or a CMS. This is why it’s so (so!) important to keep things up to date regularly.

WordPress is a great way to manage a website. It’s the most popular CMS in the world. In fact, of the 10 most popular CMS platforms, WordPress has about 59% of the market share and represents almost 28% of the top 10 million websites (Wikipedia reference). While I would recommend WordPress for most of my customers, a negative is that the source code is completely exposed, since you can freely download it from WordPress.org. This, combined with the overwhelming popularity of the system, it becomes a primary target for hackers. Luckily for us, though, the software has been rigorously tested and continuously developed by a massive world-wide developer network, since it’s inception in 2003.

Forced Third Party Plugin Updates
Most of the malicious software I’ve hunted down can be traced back to vulnerabilities in third party modules or plugins, such as calendars, sliders, or galleries. Because of limited resources, limited reach, or just poor management, third party software is usually not tested and updated as frequently as is the parent CMS platform. Once a hacker has exposed a vulnerability with a particular plugin, it simply runs a script to search for accommodating websites, and then attacks. These viruses can be particularly hard to nail down because it often replicates itself or inserts lines of text or JavaScript code onto pages.

When you update WordPress, outdated plugins may no longer work. Also, there is an indicator that shows whether a plugin has not been recently updated. This forces third party plugin developers to continue to update their software so that it does not become irrelevant, or get bad reviews.

Performance
Another reason why it’s important to keep your website’s code updated is that newer versions may have improved performance. Essentially, this means that platform developers spend a lot of time trying to make code faster so that your website loads more quickly and takes fewer resources to render a web page.

Your customers WANT your website to be fast. For this reason, Internet companies have invested billions in infrastructure and people will gladly pay their higher subscription fees. If your website is slow, this is a sure automatic turn off to your customers. They’ve been trained to think that way.

Google has also been a force behind the industry’s push toward faster websites. A faster website will generally rank better than a slower website. Google has built this metric into their search algorithm.

You need to have a fast website. Since your CMS developers are likely working hard to improve performance, you need to take advantage of their updates that address this important objective.

Bugs
Another reason to have a plan for updating your code regularly is that software bugs may be present. The term “bug” is just tech jargon for an error in the code’s logic that might cause problems. In my own experience, though I thoroughly review code, write unit tests, perform interface testing, and stage releases, I can tell you that it’s impossible to account for every single issue that might crop up ahead of time. The great thing about a platform like WordPress is that there is a huge group of programmers that regularly test for bugs. Not only this, but it’s massive user base will also report bugs that crop up during use.

Have a Plan
For the reasons mentioned, it’s vitally important that you have a plan in place to update your website regularly.

I strongly suggest that you only update the website yourself if you first download a backup of the website files and database. I suggest that you do not let WordPress or other platforms update automatically since someone really needs to test thoroughly after the updates are run to be sure nothing is broken. One of my customers had a website hosted on their own server. They clicked the Update button and it destroyed their website. Unfortunately, they did not have backups available on the server and their website was completely lost. The lesson: know what you’re doing before you click the button.

If on the other hand, you would rather have someone handle the back-ups of your website. SiteHatchery.com offers a Website Updating service. The service includes a member of the SiteHatchery.com team, creating back-ups and securing valuable information prior to updating your website. The developer will verify the update is in good working order, ensuring the website is operating as it did before.

Let us handle the heavy lifting, we will assure your website is current, stable and always performing.