HWS Logo

01423 313 230    info@harrogatewebsolutions.co.uk

Read All The HWS Blogs

Latest Blog

Recently we have seen an influx or emails using a method known as spoofing. Put simply spoofing is as follows, an employee receives an email that appears to have originated from one source when it actually was sent from another source. Email spoofing is often an attempt to trick the user into making a damaging statement or releasing sensitive information (such as passwords). For example, the spoofer may send an email from 'name@spoofer.tld' but it may be received as info@yourdomainname.co.uk. This is common and don't worry, it doesn't mean someone has access to your emails, domain or domain DNS. 

 

Often this method is used to send spam however lately we have seen a rise in the number of scammers asking for a bank transfer. Please ensure all emails asking you to make a payment or send sensitive information are validated with the person of whom this is supposed to be coming from in person or via phone call.

 

Please do not visit any of the domain names mentioned in this blog as they were for demonstrational purposes only. If you have any questions please do not hesitate to contact info@harorgatewebsolutions.co.uk


Wordpress Security Tips

 

Keeping a Wordpress website is an ongoing process that you must stay up to date with. Not staying up to date can lead to hackers gaining unwanted access to the website and causing serious damage.

 

Points highlighted red are points that should always be considered and checked.

 

Updating:

A few simple steps you can take is to just keep the Wordpress version up to date. The Wordpress team are always rolling out updates and fixes for security issues raised by both the developers & the community. It's, therefore, important to make sure when a new update is released you do it. Keeping plugins updated is also just as important as they too should receive regular security updates to continue to operate securely on the latest version of Wordpress.

 

Secure Hosting:

Besides keeping everything up to date version wise you should consider server security too. Make sure you are using a trusted and secure hosting provider as hackers will often look for ways into the server not necessarily the website. If you are unsure about yours, you can always take a look out our managed hosting plans here.

 

Accounts & Permissions:

It's also standard practice to ensure you setup user permissions whether your website allows users to sign up or not. Make sure all user permission are set correctly for the given role as incorrect permission may give an unwanted user undesirable access to your website. Remeber to set a strong password for the admin account and change it on a regular basis. It's also a good idea to change the default Wordpress username from 'admin' to something a little more unique which makes it more difficult for someone to guess the admin login.

 

Limit Login Attempts:

One plugin we do suggest installing is 'Limit Login Attempts' which will allow you to set how many attempts you or a user can make before being locked out of that account for a set time. This can stop automated bots from trying to guess their way in with common usernames and password and the same for hackers.

 

SSL:

You can also install (or have setup) an SSL certificate, this stands for 'secure socket layer'. It encrypts data between the browser and the server so information sent in forms can't be stolen. There are a few other gains from this too which are listed below:

- Customer Trust (looks much safer)
- Good for preventing against phishing attacks
- Can boost search engine rankings
- All information is encrypted

 

Conclusion:
Keeping any Wordpress website is an always ongoing process as well as a tough and time-consuming job. However, there are countless ways to protect again hackers, phishers and other types of attacks using some simple steps. While doing some of these takes time, it's time that won't later be spent clearing up after your website was hacked and potentially malicious or dangerous content was placed on the website. If you are unsure about any of these we advise you speak to a specialist who can help you further, if you are interested you can view our hosting packages here where we can implement the above security features into any Wordpress website.


Website security is more important than ever with more hackers & scammers using all kinds of dangerous methods to steal data, redirect website traffic too dangerous websites or even break them which can ruin businesses. Fortunately, there are a countless number of measures you can take to fully properly yourself regardless of whether you have a one-page website or a 400 page eCommerce website.

 

The most simple thing you can do is make sure your website was built by a reputable company as poorly written code can pose a massive security risk by allowing scammers to steal data or inject dangerous code. It doesn't matter how much other security you apply to your website if the code uses old deprecated methods and is poorly written it will never be secure. 
This generally only applies to content management sites and eCommerce websites.

 

Another simple measure you can take is by purchasing something called an SSL certificate, it stands for 'Secure Socket Layer' and encrypts any data that is sent from the server. In layman’s terms, it provides the green padlock with HTTPS you see at the top. When you fill out a form and press send, the data is secured with an encryption and no one can access it other than the server the website is on. As a plus SSL certificates are also a ranking factor for Google, sites with them generally are seen as more legitimate and as such Google prioritises them above non-secure sites not to forget the more professional look. There are multiple different types of SSL available but your hosting provider should be able to inform you in more detail about these and which one is best suited to your website.

 

If your website uses something called a CMS or 'Content Management System' (somewhere to log in and make changes) then make sure you use a strong password using alphanumeric & special characters to make as hard as possible for people to gain access. For example 'simple' may become '$imP!e' as this is much harder to guess. Again make sure to not use this elsewhere, keep all your password unique and change them every few months. Avoid writing them down or storing them in an obvious file on your PC or laptop.

 

Do you have a contact form on your website? Let's say you do, does it have a captcha of any kind? A captcha is something which only humans can complete, it may say 'repeat the numbers and letters shown in the above box' Not having one opens your email inbox to spam, we recommend Google's reCaptcha as it's incredibly secure and easy to complete if it's your first time on the website. If it's not your first visit Google's reCaptcha will ask you to tick boxes or complete some other kind of verification to avoid spam. Again if your website utilises some kind of user based area either account or comments section, ensure you use a captcha to stop spam accounts from being created or advertisements in the comments section.

 

If you are unsure about any of the above or would like to know more HWS would be happy to assist you, email us at info@harrogatewebsolutions.co.uk or call now on 01423 313230.


The Importance of Website Statistics

How well is your website performing? Do you have up to date statistics on your website? If not you are missing out on important information regarding your website and its’ visitors.

If you don’t use Google Analytics or other statistics software such as AWStats, how can you tell where your website traffic is coming from and what pages people are dropping off?

Using statistics you can tell which pages on your website are bringing you business, and whether or not people spend time on your website.

You can also find which searches people used and how many people accessed your website via your social media accounts.

All in all, it is important to know how your website is performing and how the performance can be improved, and statistics can aid with this a lot.


Do I Own My Website

How much do you actually know about your website? Today Harrogate Web Solutions will go through some questions you should be asking yourself about your website.

 

Do I Own My Website?

This might seem like a trick question, but it is surprising how many companies don’t own their website. Services such as Wix and 1&1 allow you to build a website for low fees, but if you wanted to change hosting, it would prove difficult and expensive, especially as you don’t own it.

 

Can I Transfer My Website Anywhere?

Leading on from the previous question, being able to transfer your website to an alternative hosting company is incredibly easy or difficult depending on the website and domain you have. For example, moving a hand built (php) website on a .co.uk domain name could take as little as 5 minutes for the files, and 24 hours for the domain name.

Conversely, a WordPress or Magento website on a .com domain name takes at least a week to transfer the domain name, and due to the huge amount of files, at least 2 hours to transfer and setup the website.

 

Who Has My Domain Name And Who Is It Registered To?

Wherever possible, Harrogate Web Solutions register domain names to the client who bought them, despite paying the renewals each year. However do you know who your domain name is registered to? Ensuring it is you makes moving in the future exponentially easier.

 

Are My Details Correct On The Internet?

This point expands away from just your website. Are your details correct on Facebook, Google Maps, your business cards even? The smallest typo could spell big potential losses due to people not knowing how to contact you.

 

How Many People Actually Look At My Website?

Analytics are unbelievably important when it comes to improving anything, your website included. If you don’t know how well your website is performing how can you know what pages are or aren’t pulling their weight?

 

As the world embraces the internet more and more, having control of your own domains and keeping details up to date is a necessity.


Cookies have always seemed a grey area to many people, and since the cookie law passed in 2011 they have seemingly disappeared, but what actually is a cookie?

 

A cookie is a small text file that stores information in your browser (such as chrome, safari or edge) that contains data about

  1. your stay on a website + returning visits

  2. data entered into a website (such as log in details for that particular website)

  3. data about websites you have visited (this is usually for advertising through Google AdWords)

Unfortunately some websites took cookies too far and used them to gather data from web users, so the cookie law was passed so people would know if cookies are in use on a website, and what their purpose on that website is.

The law doesn’t state how a website should notify the user about the use of cookies, only that in the privacy policy of the website it tells the user what they are and how the website uses them (see ours here). Harrogate Web Solutions prefer to ensure the user knows what is being stored in their browser rather than a tiny, unnoticeable, link in the footer. To confirm users remember, every 30 days the banner is reset and will be shown.

If you have any further questions about cookies please ask, we will be more than happy help.


Businesses & Social Media

With there being so many Social Networks around it can be hard to decide which are worth your businesses time and which ones not to bother using. Harrogate Web Solutions today will explain the pros and cons of some of the major Social Networks and whether or not your business should be using them.

 

Facebook

Pros: Facebook is by far the biggest Social Network based on the number of users it has, and as they all ‘like’ things, Facebook collects the data to accurately recommend you to potential customers.

Cons: Must have a personal account to create the business page.

Summary: You should seriously consider using Facebook for your business.

 

Twitter

Pros: Instantaneous, updates occur in real time and users react quickly too.

Cons: As a micro-blogging platform, there is a character limit on posts. Text posts tend to go unnoticed, images are recommended to catch peoples attention.

Summary: Twitter is the network we recommend the highest due to the real-time updates, so many potential customers are available on demand.

 

Instagram

Pros: Instagram is great for showing the personal side of a business, and is a useful tool for showing off products.

Cons: Without interesting content you will be most likely ignored. Also content posted to Instagram must be posted from a smartphone.

Summary: If you have regular, interesting content to share, Instagram is recommended.

 

LinkedIn

Pros: Primarily for businesses trading with other businesses, and it can create connections with other businesses very well.

Cons: Not great for generating sales if you don’t sell to other businesses.

Summary: Usually a LinkedIn account is useful, but not essential for businesses who sell only to the general public.

 

Google+

Pros: Integrated with Google Maps, which benefits SEO greatly. Also integration with Google Hangouts which can be used for webinars or presentations.

Cons: Similar to Facebook in how it works, but with less users.

Summary: Google+ is recommended simply for the integration with Google Maps, posting updates is up to you, try it and if you get a response keep going.

 

YouTube

Pros: Worlds largest video sharing platform. Was also recently integrated with Google+, so webinars/presentations can be uploaded or livestreamed to YouTube via Google+. YouTube can also be used to show off new products in use.

Cons: If you have no content to share in a video format it wouldn’t benefit your business.

Summary: If you create webinars or have interesting content to post, we would recommend a YouTube account.

 

Pinterest

Pros: Similar to Instagram in that you can share photos, not only that but you can create albums (‘boards’) of photos, however unlike Instagram you can link to content that isn’t uploaded direct to Pinterest. For example you can ‘pin’ a YouTube video to a board.

Cons: Pinterest requires a lot of work than the other Social Networks mentioned to get a response.

Summary: If you have the time available for regular pinning and repinning, Pinterest can be successful for you.

 

Closing words

It is important to note for all of the Social Networks you chose to use that content you upload is relevant and interesting, spamming followers with boring content or posts that either paint you in a bad light or is irrelevant to your business is generally ignored and could harm your brand’s reputation.

 

Social Media is becoming more and more important for how brands are grown, so it is important that businesses learn to use it to its’ full potential.
If you enjoyed this blog please feel free to like our Facebook page, and follow our Twitter and Instagram accounts.