Tag: Website

9 security tips to protect your website from hackers

You may not think your site has anything worth being hacked for, but websites are compromised all the time. The majority of website security breaches are not to steal your data or mess with your website layout, but instead attempts to use your server as an email relay for spam, or to set up a temporary web server, normally to serve files of an illegal nature. Other very common ways to abuse compromised machines include using your servers as part of a botnet, or to mine for Bitcoins. You could even be hit by ransomware. 

Hacking is regularly performed by automated scripts written to scour the internet in an attempt to exploit known website security issues in software. Here are our top nine tips to help keep you and your site safe online.

01. Keep software up to date

It may seem obvious, but ensuring you keep all software up to date is vital in keeping your site secure. This applies to both the server operating system and any software you may be running on your website such as a CMS or forum. When website security holes are found in software, hackers are quick to attempt to abuse them.

If you are using a managed hosting solution then you don't need to worry so much about applying security updates for the operating system as the hosting company should take care of this.

If you are using third-party software on your website such as a CMS or forum, you should ensure you are quick to apply any security patches. Most vendors have a mailing list or RSS feed detailing any website security issues. WordPress, Umbraco and many other CMSes notify you of available system updates when you log in.

Many developers use tools like Composer, npm, or RubyGems to manage their software dependencies, and security vulnerabilities appearing in a package you depend on but aren't paying any attention to is one of the easiest ways to get caught out. Ensure you keep your dependencies up to date, and use tools like Gemnasium to get automatic notifications when a vulnerability is announced in one of your components.

02. Watch out for SQL injection

SQL injection attacks are when an attacker uses a web form field or URL parameter to gain access to or manipulate your database. When you use standard Transact SQL it is easy to unknowingly insert rogue code into your query that could be used to change tables, get information and delete data. You can easily prevent this by always using parameterised queries, most web languages have this feature and it is easy to implement.

Consider this query:

If an attacker changed the URL parameter to pass in ‘ or ‘1’=’1 this will cause the query to look like this:

Since '1' is equal to '1' this will allow the attacker to add an additional query to the end of the SQL statement which will also be executed.

You could fix this query by explicitly parameterising it. For example, if you're using MySQLi in PHP this should become:

03. Protect against XSS attacks

Cross-site scripting (XSS) attacks inject malicious JavaScript into your pages, which then runs in the browsers of your users, and can change page content, or steal information to send back to the attacker. For example, if you show comments on a page without validation, then an attacker might submit comments containing script tags and JavaScript, which could run in every other user's browser and steal their login cookie, allowing the attack to take control of the account of every user who viewed the comment. You need to ensure that users cannot inject active JavaScript content into your pages.

This is a particular concern in modern web applications, where pages are now built primarily from user content, and which in many cases generate HTML that's then also interpreted by front-end frameworks like Angular and Ember. These frameworks provide many XSS protections, but mixing server and client rendering creates new and more complicated attack avenues too: not only is injecting JavaScript into the HTML effective, but you can also inject content that will run code by inserting Angular directives, or using Ember helpers.

The key here is to focus on how your user-generated content could escape the bounds you expect and be interpreted by the browser as something other that what you intended. This is similar to defending against SQL injection. When dynamically generating HTML, use functions that explicitly make the changes you're looking for (e.g. use element.setAttribute and element.textContent, which will be automatically escaped by the browser, rather than setting element.innerHTML by hand), or use functions in your templating tool that automatically do appropriate escaping, rather than concatenating strings or setting raw HTML content.

Another powerful tool in the XSS defender's toolbox is Content Security Policy (CSP). CSP is a header your server can return which tells the browser to limit how and what JavaScript is executed in the page, for example to disallow running of any scripts not hosted on your domain, disallow inline JavaScript, or disable eval(). Mozilla has an excellent guide with some example configurations. This makes it harder for an attacker's scripts to work, even if they can get them into your page.

04. Beware of error messages

Be careful with how much information you give away in your error messages. Provide only minimal errors to your users, to ensure they don't leak secrets present on your server (e.g. API keys or database passwords). Don't provide full exception details either, as these can make complex attacks like SQL injection far easier. Keep detailed errors in your server logs, and show users only the information they need.

05. Validate on both sides

Validation should always be done both on the browser and server side. The browser can catch simple failures like mandatory fields that are empty and when you enter text into a numbers only field. These can however be bypassed, and you should make sure you check for these validation and deeper validation server side as failing to do so could lead to malicious code or scripting code being inserted into the database or could cause undesirable results in your website.

06. Check your passwords

Everyone knows they should use complex passwords, but that doesn’t mean they always do. It is crucial to use strong passwords to your server and website admin area, but equally also important to insist on good password practices for your users to protect the security of their accounts.

As much as users may not like it, enforcing password requirements such as a minimum of around eight characters, including an uppercase letter and number will help to protect their information in the long run.

Passwords should always be stored as encrypted values, preferably using a one way hashing algorithm such as SHA. Using this method means when you are authenticating users you are only ever comparing encrypted values. For extra website security it is a good idea to salt the passwords, using a new salt per password.

In the event of someone hacking in and stealing your passwords, using hashed passwords could help damage limitation, as decrypting them is not possible. The best someone can do is a dictionary attack or brute force attack, essentially guessing every combination until it finds a match. When using salted passwords, the process of cracking a large number of passwords is even slower as every guess has to be hashed separately for every salt + password which is computationally very expensive.

Thankfully, many CMSes provide user management out of the box with a lot of these website security features built in, although some configuration or extra modules might be required to use salted passwords (pre Drupal 7) or to set the minimum password strength. If you are using .NET then it's worth using membership providers as they are very configurable, provide inbuilt website security and include readymade controls for login and password reset.

07. Avoid file uploads

Allowing users to upload files to your website can be a big website security risk, even if it’s simply to change their avatar. The risk is that any file uploaded, however innocent it may look, could contain a script that when executed on your server, completely opens up your website.

If you have a file upload form then you need to treat all files with great suspicion. If you are allowing users to upload images, you cannot rely on the file extension or the mime type to verify that the file is an image as these can easily be faked. Even opening the file and reading the header, or using functions to check the image size are not foolproof. Most images formats allow storing a comment section that could contain PHP code that could be executed by the server.

So what can you do to prevent this? Ultimately you want to stop users from being able to execute any file they upload. By default web servers won't attempt to execute files with image extensions, but don't rely solely on checking the file extension as a file with the name image.jpg.php has been known to get through.

Some options are to rename the file on upload to ensure the correct file extension, or to change the file permissions, for example, chmod 0666 so it can't be executed. If using *nix, you could create a .htaccess file (see below) that will only allow access to set files preventing the double extension attack mentioned earlier.

Ultimately, the recommended solution is to prevent direct access to uploaded files altogether. This way, any files uploaded to your website are stored in a folder outside of the webroot or in the database as a blob. If your files are not directly accessible you will need to create a script to fetch the files from the private folder (or an HTTP handler in .NET) and deliver them to the browser. Image tags support an src attribute that is not a direct URL to an image, so your src attribute can point to your file delivery script providing you set the correct content type in the HTTP header. For example:

Most hosting providers deal with the server configuration for you, but if you are hosting your website on your own server then there are few things you will want to check.

Ensure you have a firewall setup, and are blocking all non essential ports. If possible setting up a DMZ (Demilitarised Zone) only allowing access to port 80 and 443 from the outside world. Although this might not be possible if you don’t have access to your server from an internal network as you would need to open up ports to allow uploading files and to remotely log in to your server over SSH or RDP.

If you are allowing files to be uploaded from the Internet only use secure transport methods to your server such as SFTP or SSH.

If possible have your database running on a different server to that of your web server. Doing this means the database server cannot be accessed directly from the outside world, only your web server can access it, minimising the risk of your data being exposed.

Finally, don’t forget about restricting physical access to your server.

08. Use HTTPS

HTTPS is a protocol used to provide security over the Internet. HTTPS guarantees  that users are talking to the server they expect, and that nobody else can intercept or change the content they're seeing in transit.

If you have anything that your users might want private, it's highly advisable to use only HTTPS to deliver it. That of course means credit card and login pages (and the URLs they submit to) but typically far more of your site too. A login form will often set a cookie for example, which is sent with every other request to your site that a logged-in user makes, and is used to authenticate those requests. An attacker stealing this would be able to perfectly imitate a user and take over their login session. To defeat these kind of attacks, you almost always want to use HTTPS for your entire site.

That's no longer as tricky or expensive as it once was. Let's Encrypt provides totally free and automated certificates, which you'll need to enable HTTPS, and there are existing community tools available for a wide range of common platforms and frameworks to automatically set this up for you.

Notably Google have announced that they will boost you up in the search rankings if you use HTTPS, giving this an SEO benefit too. Insecure HTTP is on its way out, and now's the time to upgrade.

Already using HTTPS everywhere? Go further and look at setting up HTTP Strict Transport Security (HSTS), an easy header you can add to your server responses to disallow insecure HTTP for your entire domain.

09. Get website security tools

Once you think you have done all you can then it's time to test your website security. The most effective way of doing this is via the use of some website security tools, often referred to as penetration testing or pen testing for short.

There are many commercial and free products to assist you with this. They work on a similar basis to scripts hackers in that they test all know exploits and attempt to compromise your site using some of the previous mentioned methods such as SQL Injection.

Some free tools that are worth looking at:

  • Netsparker (Free community edition and trial version available). Good for testing SQL injection and XSS
  • OpenVAS Claims to be the most advanced open source security scanner. Good for testing known vulnerabilities, currently scans over 25,000. But it can be difficult to setup and requires a OpenVAS server to be installed which only runs on *nix. OpenVAS is fork of a Nessus before it became a closed-source commercial product.
  • SecurityHeaders.io (free online check). A tool to quickly report which security headers mentioned above (such as CSP and HSTS) a domain has enabled and correctly configured.
  • Xenotix XSS Exploit Framework A tool from OWASP (Open Web Application Security Project) that includes a huge selection of XSS attack examples, which you can run to quickly confirm whether your site's inputs are vulnerable in Chrome, Firefox and IE.

The results from automated tests can be daunting, as they present a wealth of potential issues. The important thing is to focus on the critical issues first. Each issue reported normally comes with a good explanation of the potential vulnerability. You will probably find that some of the medium/low issues aren't a concern for your site.

There are some further steps you can take to manually try to compromise your site by altering POST/GET values. A debugging proxy can assist you here as it allows you to intercept the values of an HTTP request between your browser and the server. A popular freeware application called Fiddler is a good starting point.

So what should you be trying to alter on the request? If you have pages which should only be visible to a logged in user then try changing URL parameters such as user id, or cookie values in an attempt to view details of another user. Another area worth testing are forms, changing the POST values to attempt to submit code to perform XSS or uploading a server side script.

Related articles:

  • How to make it in the web design industry
  • 18 great examples of WordPress websites
  • The 10 best HTML5 template designs


Radically Redesigning Your Website Versus Incrementally Making It Better

As a business owner who wants to make a variety of changes to your website – or perhaps build or design a new site from scratch – you face important decisions about how you want to invest your energies. Should you take what you’ve got and slowly whittle away at it, using the help of a designer, copywriters, and your own team, until you achieve substantially better results? Or should you throw everything out (or most everything out) and re-imagine it entirely?

This incremental versus “radical” overhaul approach has parallels in the world of business process improvement. As a business owner, you obviously understand the importance of systems. To create excellent systems, you can use two basic strategies. One is known as Business Process Improvement (BPI), and it basically involves taking a process already working in your business and making it faster, stronger, better, more profitable, less annoying, less prone to error, etc. For instance, maybe your accounting process is causing cash flow issues – you’re not collecting until the end of the month and running out of cash to make payroll. You could use Business Process Improvement to reorient your cash collection process, so that you could get paid earlier in the month to make payroll easier and eliminate the cash flow crunch.

On the other hand, in the 1980s and 1990s, an entirely different kind of process realignment emerged called Re-engineering. In Re-engineering, you make wide-reaching changes to your process in the hopes of radical change. For instance, maybe right now you have a team of retailers at a several stores, and you have 100 people on payroll. Through Re-engineering your sales process, you might develop an electronic way to retail your goods that would obviate the need for all but a skeleton crew of five people in the U.S. plus outsources. You could cut a lot of jobs and save a lot of money. That’s the idea of Re-engineering (and also why some people loathe this approach – because it often leads to the shedding of lots of suddenly redundant jobs!)

This all begs a key question: which kind of process improvement strategy should you apply, when, and under what circumstances? Here are some guidelines that apply to making any kinds of decisions within your business, including design, website and copywriting ones:

  • Understand the purpose of the project. Why are you getting your website redesigned? Why do you want to improve your copywriting? Why do you want to improve your conversions? Articulating your purpose will give you a clearer sense of what to do.
  • What kinds of changes are necessary for you to meet your website design goals? Are you looking to bump up your conversion numbers by 20%? If so, incremental improvement may be the way to go. Or are you looking to increase traffic to your website by 10,000% or install a wildly new image for your brand or team? If so, then a Re-engineering inspired approach might be better.
  • Do you have a map for the current way that your site is being run? An established “way of doing business” that defines rules for your employees (or your designers/copywriters) for updating and maintaining the website? If so – if you already have some kind of map – then improve on it incrementally. If not – if you don’t have an orderly way of doing business already – then Re-engineering might be better.

What’s great about being the top WordPress Developer Los Angeles, we can redesign your website no matter how you want to rework your site and your design, the Connective Web Design team is here to help. Call or email us now for a free consultation.

The post Radically Redesigning Your Website Versus Incrementally Making It Better appeared first on Connective Web Design.


Expressing “Constructive Criticism” about Your Website Design Constructively

Whether you’re already knee-deep into revising the contents, structure, flow and design of your small business website, or you’re just contemplating reworking the site, you’re undoubtedly hoping for a smooth and simple process. Perhaps you have “low drama” people on your team; perhaps you’ve already found copywriters and other vendors to handle parts of the process, and you’re pleased by the preliminary conversations you’ve had so far.

But what happens when things start to get hairy? What happens when incoherent copy comes back or a shabby logo design hits your desk, leaving you sighing and frustrated? When and how should you offer constructive criticism? When should you “pull the plug” on a relationship with a vendor (or someone in house) and find a new person or team to assist?

These are prickly questions, and the answers could have profound ramifications not just for your website’s look and feel but also how your company functions in the months and years ahead. It’s easy to go wrong in both directions. For instance, you could be too lax and too forgiving with a vendor and wind up with a product that doesn’t look good… or things could “come to a head” and explode into a fight once you eventually, begrudgingly acknowledge that the work is substandard. On other hand, if you are too quick to fire or to give criticism, you could lose good people and also set your project back for no good reason.

Obviously, the clearer you are about the purpose of the design and the copy — and about the principles by which you want to govern the process — the better. As they say in sports, the best defense is a good offense: by doing proactive work upfront and getting everyone in line with your vision, you won’t have to criticize and cajole as much.

That said, here are some other general strategies to help you keep things on track:

  • The sooner you feel that “spidey sense” that the process is slipping off of the rails, the sooner you should speak up. If the copy is coming back with typos, or if the initial design sketches just seem “bleah” and/or inappropriate, don’t wait until third round of revisions to say anything. It’s easier to course correct when you have three or four weeks before a deadline than it is to ask people to pull all nighters.
  • Offer up a “praise, criticism, praise sandwich.” Here’s the basic idea. First, say something that you like about the work that’s been done (or about the person who is doing the work). Next, state the criticism. Finally, finish by saying something else that you like about the person or the project. This practice will make people more receptive to what you have to say.
  • Be specific and concrete. Rather than make it personal, say exactly what you didn’t like and exactly how you would like things to be different. Leave ego out of it, and make it about the work, not about the folks involved.
  • When things go wrong, build systems to prevent problems from recurring. For instance, say that your current design guy just keeps screwing up. Rather than blaming the design guy alone, think about how your company can revise its hiring or training systems, so that after you fire your current design person, you won’t accidentally hire or train another bum steer.

To maximize the effectiveness and beauty of your site, call the experienced team here at Connective Web Design for a free and thorough site evaluation as we’re the top Los Angeles Web Development Company.

The post Expressing “Constructive Criticism” about Your Website Design Constructively appeared first on Connective Web Design.


Making Your Copywriting Sparkle, So That Your Website Meets Its Goals

As you contemplate either revising your business website from wholesale or improving it by tweaking, changing colors, adding graphics, and so forth, you probably also want to take a look at your copywriting.

Copywriting is kind of a mystical art. Many business owners both respect it and fear it… for understandable reasons. When done right, copywriting can radically improve your conversion rates and win you lots of points from the search engines; you can enjoy massive dividends for months and years after you purchase such copy. On the other hand, the perils are as bleak as the perks are exciting. Poor copywriting can drive away visitors, cheapen your brand and even annoy or perplex long-term, loyal clients and stakeholders.

As you work through your site design, you may want to manage the copywriting process in-house by designating someone on your team (or maybe even taking time yourself) to write the copy. However, this process can consume a lot of in-company resources. If your time is worth $300 an hour, for instance, and it takes you an hour to write a single page of copy for your website, you are effectively “paying” $300 an hour for every page of copy that you produce.

On the other hand, if you hire out to write the copy, you must have a good oversight process in place. The internet is lousy with “content houses” and writers who offer their services cheaply. But when it comes to copywriting, you get what you pay for. Overly cheap, inarticulate, and unsubtle copy can actively cause your business harm. And never try to game the search engines by adding lots of bulk, uninteresting, poorly written, irrelevant copy to your site or blog. Not only will doing that not help you, but it could backfire and get your site downgraded by the search engines. Worry less about keyword stuffing and throwing lots of content up there… and worry much more about the user experience.

What is the content supposed to accomplish on your site? What are your parameters for its success or failure? How quickly do you want it? What tone do you like? Once you have these questions answered, recruit and vet high quality copywriters to get the work done.

Some copywriting can literally be worth its weight in gold and then some.

For instance, the most successful sales letter copywriters often charge $30,000 or more for 8 to 10 page letters designed to sell high-end products to cold traffic. Odds are that you don’t need that level of copywriting. But be prepared to pay anywhere from $0.10 per word (for the cheapest “good quality” content) to $0.20+ per word.

Also, remember: Less is more. If you can only afford four pages of quality content, go for that, instead of buying eight pages of mediocre content.

In terms of your site design, however, you also want a team that’s going to know how to integrate the copy, facilitate user engagement and improve and build your brand. To that end, please call the Connective Web Design team today for a confidential consultation with us. Connective Web Design is the top Los Angeles SEO Company.

The post Making Your Copywriting Sparkle, So That Your Website Meets Its Goals appeared first on Connective Web Design.


How to Get Your Website to Rank in Google Search – Part Two

Beyond the Core SEO Signals

Think of the core signals listed in Part One as the broad picture signals of what it takes to get your website to rank: relevancy, popularity, authority, and technical SEO. Within each signal, there are smaller factors that provide an opportunity to vastly improve your website. Part Two below will get into the nitty-gritty details of what it takes to rank.

On-Site Factors

Cleaning up the on-page issues of the website is probably the best place to start. After all, you want to leave a good impression on your visitors. It doesn’t matter how good the off page optimization is if you can’t convert your website visitors into customers.

Google Wants Unique Content

The old saying goes, “Content is King!”

Google loves a website with a lot of great content. Remember to keep it relevant and accurate to the searcher’s query. Don’t stuff unnecessary keywords for products or services you don’t offer in hopes of getting more traffic. That’s considered spamming and against Google’s best practices.

Quality content can be hard to come by, so do research on your competitors who rank well to see what works for them. That can help inspire creativity for your content, but you have to make sure your content is unique. That is the biggest factor for any content you place on your website.

DO NOT USE another website’s content. Google has indexed millions of web pages and can cross-check content very quickly. If the website crawlers read content on your site that was first published elsewhere, Google will likely reduce your page rank in favor of the original owner.

Don’t skip out on how much content you place on your website either. Content length is a big factor. That doesn’t mean every page you have needs to be crammed with content. But, if you have quality content that is longer than your competition’s, Google will probably give your site a boost.

Unique On-Page Content Site-Wide

This is something that seems to be missing on a lot of websites – it’s actually more common to see websites with duplicate content throughout the entire site. This won’t necessarily result in a penalty from Google because you are only duplicating your own content. However, this may give Google the impression that your website is lacking quality. If your content is unique sitewide, this could be the difference between where you and your competition rank.

For example, if your company has multiple locations, you can create additional web pages for each city you serve. You should not simply copy and paste the same content on all the city pages but make each page unique to that specific city, while still delivering the same message your consumers will need to satisfy their search across each page.


Keyword rich content is crucial.

When writing your content, do keyword research to find out what searchers use to find your product or service. There are many tools that you can utilize to help the process. Keyword.io is a useful tool to see what keywords are used across the web. Just place your potential keyword in the search bar and the view the results. This can help you come up with new keywords and phrases to add to your content.

The right keywords are also very important.

It is very common for business owners use the wrong keywords for what users are searching. Be careful when you optimize based on your knowledge. Being the authority in your industry, you probably know the industry jargon. Don’t focus on the keyword you think you should optimize for, focus on what the research says that users search for, because if your potential client base doesn’t know your keyword, then they probably won’t search for it.

You can even try typing a keyword into the Google search bar and see what comes up from auto-suggest. This is a useful tool to see what keywords searchers have actually used in Google.

Be careful with over optimizing though. Although it is important write content that is easily read and indexed by crawlers, the trick is to write meaningful content that is keyword rich and written for humans. This means writing content that is a happy medium between being easy for the user to read and understand versus optimizing for Google bot crawlers.


Video is an excellent way to add content to your website. It creates a visual opportunity to get your message to the website visitors without the user having to read. Unfortunately, most people skim content – but utilizing video can combat a user’s natural urge to skim.

Optimizing your videos properly can help with search ranking as well. YouTube is owned by Google, so Google tends to prioritize Youtube videos over other video sharing platforms. Creating a YouTube channel for all your videos creates an additional resource for your web visitors that can enhance their experience.

Google has shown favoritism to websites with video links embedded in their web pages. An increase in your time spent on site by users watching a video shows Google that your website provides a value to web users.

Dwell Time and Click Through Rate

Time on site was touched on earlier, but here we can dive into the details. Remember how an increased bounce rate can reduce rank? The opposite can be said as it relates to time on site. Depending on your industry, time on site is a good thing. It creates relevancy signals to Google, while potentially adding to your website authority. Google recognizes long dwell times on sites as an indicator of a satisfactory user experience.

A high Click Through Rate (CTR) from the search page to your website suggests to Google that the information on your website is worthwhile. More clicks to your website compared to how often your competitor’s website is clicked in similar searches indicate quality. This is a trust signal Google uses to determine the value of the information provided onsite.

These are factors that are impacted by website content and overall user experience.


This is a ranking factor that Google has admitted to using.

In an effort to improve the privacy and security of web searchers, Google has been reducing the search rank results for websites that lack the SSL certificate. Their end goal is to have all sites with an HTTPS display higher than those without. If your website needs the SSL certificate, you can purchase, activate, and install the certificate at a low cost. The benefits outweigh not paying the fee because you’ve created a trust factor for Google that offers a better user experience to your customers, which results in improved website performance.

Keyword in Root Domain

This is a great way to start off your website with a strong ranking signal. The downside is that most businesses choose their name as the domain, and it is understandable why. But, if you can purchase a domain with your keyword included, then you have an edge on the competition.

For example, let’s compare West Marine and Overton’s. Both companies provide products for boating and maritime recreation.

Westmarine has the domain www.westmarine.com and Overton’s is www.overtons.com.

Both URLs are the company name, but for the example, this will show how important the keyword in the domain can be.

Searching for marine products and boating products provides a significant variation in results, yet they are both keywords that can be used interchangeably.

For the search term “boating products,” Overton’s is number one, but West Marine is third.

The results show that for the term marine products, Overton’s is nowhere on the first page, and West Marine is second.



As you can see on the left image, Overton’s failed to place on the marine products page but each company listed shows marine in their name. This is a prime example of how having a properly placed keyword in the main domain URL can lead to an improved search result.

If you are asking, “how did West Marine rank for boating products?”

This likely comes down to relevancy, authority, and popularity. Marine products are boating products. Overton’s didn’t show for marine products because the competition for that key term was too strong.

Even though it is not an exact match, if the domain was www.overtonsboating.com, then there is a chance the keyword boating could boost the site for a marine-related search. The URL www.overtonsmarine.com would almost certainly receive more domain authority in a search query.

Companies that offer services can really take advantage of this. A plumber with the URL www.raleighplumbers.com has a solid chance that their website will rank for the search term, “Raleigh plumbers.” This is going to be competitive domain and will probably cost a little extra to purchase, but it is worth the cost.

Page Load Speed

The slower a web page loads and takes to display to the visitor, the more likely you are to lose that potential customer. Not only do you lose a customer, but over time this will increase your website’s bounce rate. This is a bad signal to Google. If your visitors are leaving quickly, this indicates to Google that the website is irrelevant to the keyword search or there is a poor user experience after a searcher clicks through to the website. Either way, this will hurt your rank.

Additionally, Google tests website speed on their own. You can be sure they take note of slow load speeds and adjust rank accordingly. That is why it is crucial to make sure all aspects of your website are tidy and fast. From HTML code to any plugins and images, it is essential to reduce the amount of data that has to load when a page opens.

One way to improve page loading speed is to compress images and other large files. Google’s Page Speed Insights is a good place to test your page’s speed. Google even offers tips on how to decrease your load time. Download the compressed files and upload to their correct location in your FTP server.

Responsive Web Design

Mobile traffic continues to grow as the primary search traffic. That is why it is essential to have a website with responsive design. This means that your website will provide a seamless, easy to use interface on mobile, just like a desktop. Basically, your website reacts to the type of device used and displays accordingly.

Google is shifting to a Mobile First index format, which means rankings could be displayed based on mobile instead of desktop versions. If your website doesn’t have a mobile design, this could negatively impact your SERP rank. If your website is not mobile friendly, then it is time for a redesign.

RankBrain and User Experience Signals are Key to High Search Rank

Google uses RankBrain as a way to monitor user patterns when interacting with search results. The data is collected and helps to analyze the behavior of searchers. If feedback on your website is positive, then Google may place your website higher in the SERP. If the data points to a poor user experience from the examples listed above, then you can expect to fall below your competition.

Let Us Talk about Link Building for a Bit

There aren’t many people who truly enjoy link building, but those that do have formulated ways to make the process work for them. Their success is usually through providing quality content that someone else values and wants to share or by trial and error link building. The process is arduous but necessary to help elevate your website’s rank.

Be sure to use strong anchor text for links built on and to your site from other sources. Strong backlink profiles have been shown to provide certain websites with a boost over others in the SERP rank. It is time-consuming and sometimes the value of a specific link doesn’t seem worth the time it took to get it.

Focus on creating quality backlinks from sources that are trusted, but also can use your help. Guest blogging is a great way to get a high authority link to your content. Reach out to a few sources and see how they respond. If they are enthusiastic about your contribution, they may have found a fountain of links that you can gain over time. Just be professional and avoid spammy tactics.

Improve Your Website Google Search Ranking

The digital marketing professionals of TheeDesign can optimize your website to improve search ranking, thus allowing you to the increase in sales opportunities.

Updating your website with valuable content, repairing technical issues, and providing a better overall experience for the user, offers the best chance to increase your visibility in the Google search results. So many factors are at play, that unless you have the support of a qualified marketing team, you are probably missing out on several key areas for a better ranking. Utilizing the expertise of digital marketers who understand the intricacies of how Google applies rank factors will free you up to focus on what matters: running your business.

Contact the internet marketing professionals at TheeDesign in Raleigh, NC at 919-341-8901 or schedule a consultation to find out how your business can benefit from strategic video marketing.

The post How to Get Your Website to Rank in Google Search – Part Two appeared first on TheeDesign.


Do Website Dimensions Matter for Responsive Design?

Do Website Dimensions Matter for Responsive Design

Design space on websites varies depending on the browser and device. So do website dimensions still matter?

One of the biggest misconceptions about websites is that they appear the same way to all people at all times. The truth is, websites have never been set in stone. While early web designs were essentially designed rigidly with set dimensions for all computer screens, the way those websites were displayed varied from monitor to monitor. And these days, any good website will re-arrange its elements to conform to the screen it’s viewed in.

This reconfiguration capability is known as responsive design, and it’s what allows websites to display properly across computers with varying monitor sizes, as well as the wide array of tablets and cell phone dimensions.

Because of this, it may be tempting to think that website dimensions don’t matter anymore—that you can basically make anything fit wherever you want. But there are still some aspects of your web design that have to conform to basic design constraints. If you don’t, you’re punishing your user with a bad experience. Here are the top 5 areas where website dimensions matter most.

1. Body copy.

Believe it or not, there is a lot of science behind the way we read text. When lines are too long, it adds eye strain and makes it hard to follow. Similarly, when lines are too short, constantly jumping from line to line can cause readers to lose their place.

If you have your body copy spanning the entire width of your screen, it’s going to be hard to follow. You need white space padding, as well as some room for other content areas. But if you’re too narrow, your design is liable to look silly, with a string of text down the middle and nothing to either side.

As it turns out, reading comprehension is best for lines that are about 50 characters long, but they read fastest at about 100 characters to a line. Since 50 characters is far too narrow for most contexts, we recommend the best width for most body copy is about 600 pixels, and then have your design respond to screen size if necessary.

2. Blog titles.

Blog titles have two major restrictions: the number of characters people most like to read, and the number allowed on Google.

Yes, it is tempting to add in more keywords to your blog title, but after about 60 characters Google will cut your title off and your readers won’t be able to see the whole thing. And, as we said earlier, 50 characters is the best length for reading comprehension.

So, use your space wisely to create a concise, gripping title. Then use your body copy for your keywords.

3. Paragraph length.

We’re advocates for long-form content, but that doesn’t mean your paragraphs have to go on forever. Quite the contrary: long paragraphs are harder to read and can be intimidating to visitors.

Instead of giant blocks of text, break your writing into shorter lines. You’re not printing this. You don’t have space constraints.

A few words to a line will do.

4. Navigation Menu length.

Navigation menus are one other area where users sometimes try to stuff too many items. However, there’s only so much space you can fit in the navigation menu. The more items you include—and the more words you use to describe those items—the more challenging it will be to display the menu effectively.

Five or six menu items is almost always plenty. If you need more complex navigation, then work with your web developer to find a usable solution. There are more options than simply cramming more text into the menu.

And when you write menu labels, keep it to one word as much as possible. There’s no need to use “Our Thought Spot” when “Blog” will do just as well. More importantly, your visitors know what a blog is, and they know what they can expect to find there. The more creative you get with your navigation menu, the more confused your visitors are likely to be.

We’ve said it before, and we’ll say it again: Your navigation menu is not a place to get whimsical. It’s the table of contents to your site. Keep it practical.

5. Other text constraints.

Some areas simply don’t have a lot of room for text. Think about sidebars, website footers, or other areas of copy. If you try to fit too much content into these areas, you’re more likely to wind up with a design that has been blown out of proportion. If an area was never intended to have more than a line or two of copy, don’t feel like you need to cram in a full paragraph.

Yes, website dimensions do matter. Just not in the way you think.

So, in the end, responsive design hasn’t done away with some of the set width constrictions of your web design. But doesn’t mean every element of your page is rigid, either. The important thing to bear in mind is that these website dimensions will always depend on your design and how it interacts with the rest of your site.

Be aware of how your website will respond to different conditions, and don’t make design choices that will hinder usability for people on mobile devices, or for anyone with accessibility concerns. By being mindful of the space constraints on your website, you can create a better user experience for everyone.

The post Do Website Dimensions Matter for Responsive Design? appeared first on build/create studios.


Starting a Small Business? You Will Need a Website

Right now, you are likely feeling a flood of emotions. Excitement at starting this new adventure and the greatness that you envision for it. Tentativeness when coming across aspects of your new business that are new to you. Pride that you are taking ownership of this new venture and possibly even of your life.

Although your to-do list is likely quite extensive, one item that you will want to highlight is building and maintaining a website. You can do this pretty much on your own or pay somebody else to do it, but, one way or the other, you will want to have a website for your new business for a variety of reasons.

It’s Your Storefront

Even if your business is not a home one and you have a space that is open to the public, there is a good chance that more people will visit your website than your brick-and-mortar location. And those who drive or walk by your business may want to research you online, including visiting your website, before stepping inside. However, if you do not have an online presence, they will likely either lose interest or respect and quickly make a decision to not give your business an opportunity to sell to them.

Keeping Customers Informed

Whenever there is information that you need to get out to your customers, having a website that you can update is essential. Of course, using social media outlets such as Facebook and Twitter serve myriad purposes too, especially where updating your customers go, but your website needs to be the focus. Do you have to close on Wednesday due to a planned power outage, staff meeting or other reason? Are you holding a sale on Monday? Update your website. Doing so will reach more of your customers and prospective customers than placing notes at your place of business.


You’re Now Open 24/7

You will most likely only have somebody working at your brick-and-mortar location during certain hours of the day. What are those interested in what you are offering supposed to do during the other times? Head to your website, of course. If it applies to your new business, you could even sell some or all of your products online while you are having dinner with your family, sleeping or otherwise relaxing.

Saving Money on Brochures

Instead of printing and distributing expensive brochures, you can instead place them online in PDF or a similar format and point those interested in what you are offering there to peruse your creations.

It Costs Little to Maintain

Although the start-up costs for your website will vary depending on whether you get it professionally designed or do it yourself, the costs to maintain it per month will usually be between $25 and $100 a month. Given all of the benefits of having a website for your business, spending that amount every month should not even be given a second thought, especially when you compare that to how much it would cost you to place an advertisement that quickly loses its value with a local media outlet such as a television or radio station or a newspaper.

A Place for FAQs

A page on your website listing the frequently asked questions that you receive or expect to receive has a number of benefits. Doing so makes your business more customer friendly in that they can find out what they need to know in an easy fashion, and having this so readily available lessens the chances that you will ever be inundated with these types of questions while you are looking to get other things done.

Although you are wearing several hats, do not diminish the significance of adding webmaster. The benefits of spending some time and finances on this easily outweigh any negatives. Learn more about our Los Angeles Web Development, or get an estimate today with our Web Design Pricing Calculator.

The post Starting a Small Business? You Will Need a Website appeared first on Connective Web Design.


8 Signs It’s Time for a Website Redesign

When you are working on the same website every day, it can be difficult to tell when the site starts to become less effective at selling your products or promoting your business. With more and more people going through search engines to find businesses that can provide a service that they need, a strong website that entices the user to convert is vital to a successful company. If you are experiencing the following eight symptoms with your website, your site most likely is ready for a redesign.

1.    Your Site Takes a Long Time to Load

Most users expect pages to load quickly. If your pages take more than two seconds to load, users are more likely to become impatient and navigate away from your website. In fact, according to an Akamai survey, half of all users admit to leaving a site if the page takes more than two seconds to load. Worse still, Google has announced that page speed is a ranking factor on mobile, so if your site’s mobile version loads slowly due to being out of date, you run the risk of losing high ranking.

You run the risk of losing half your potential customers if your website pages take a long time. Test the speed manually by loading and reloading your website pages. Be sure to try it on computers and mobile devices, so that you can be sure that your site is loading quickly on multiple different devices.

2.    Your Shares on Social Media Do Not Look Good

When you share a product on social media, it should look appealing. It should have a good image, a description that is interesting to consumers and should give them a clear idea of what you are sharing. Around 31 percent of website traffic comes from social media, so a weak social media presence will have a significant impact on your business.

If previews and shares of your site don’t look appealing, they won’t catch the eye of users scrolling through a social media feed. If your site isn’t modern enough to help produce high-quality shares on your social media, it could be hindering or hurting your business.

3.    Your Site Is Hard to Use on Mobile Devices

Smartphones, tablets, and other mobile devices are becoming increasingly common. Desktops and laptops are no longer the only ways that people find online information. In fact, mobile devices overtook computers as the primary searching tool a few years ago. If your website does not function well on mobile devices, you will lose many potential customers.

Pay attention to whether the text is legible, if the images appear correctly, and if the site is easy to navigate on a mobile device. Your website analytics can show you the percentage of visitors to your site who come from mobile devices. If the percentage is large, it should be a priority to improve your mobile site. If it isn’t large, it might also be because your site makes it harder for users to navigate.

4.    Your Website isn’t Contributing to Business

If your business isn’t gaining any leads through the website, it is due for a redesign. Your site can be an extremely productive asset if used correctly. It’s important to check your ranking and your digital footprint to ensure that the issue isn’t a traffic problem rather than a conversion problem. However, if you have high traffic to the site but a low conversion rate, that’s a good indicator that you’re your website design is hurting your business’ ability to draw leads.

5.    Visitors Do Not Stay on Your Site for Very Long

For most websites, users staying on the site for longer periods is almost as important as getting users to visit the site in the first place. To measure this, the first thing you should check is your bounce rate. A bounce rate is how often people leave your site having only visited one page. You can also look at the average pages that visitors use per session. Bounce rates, pages per session, and other information about your website traffic can be found using Google Analytics or other tracking methods that your content management service (CMS) might provide.

A high bounce rate, such as higher than 80%, means that your site isn’t enticing visitors to stay longer than one page. A redesign can help draw customers in and keep them longer – the longer that a user stays on your site, the more likely they are to contact you. Bringing down the bounce rate, upping pages per session, and longer times on site will indicate your website is better at converting.

6.    It’s Difficult for People to Find What They Are Seeking

Like loading times, visitors want to be able to find what they are looking for quickly. They will grow impatient and leave if it takes them more than a few minutes (sometimes even seconds) to reach the page that they want. Users should be able to buy, subscribe, and inquire about what they need without requiring outside help. If you are receiving a lot of calls or email from people asking about using the site, it is a sign that you need to redesign it to be more user-friendly.

7.    Your Competitors Have Redesigned Their Websites

An effective way to judge the design of your website can be to look at the websites of your top competitors. If they recently redesigned their sites and it looks extremely different or more modern than yours, you should consider revamping your website to something more current. A newer design also subtlety shows customers that you are keeping up with the trends, not only in web design but in your industry as well.

8.    Your Brand, Products, or Services Have Changed

One of the most basic reasons to redesign your website is if your company is offering something new or different. People visit your website to understand the products and services that you have, so it is vital that you have information up that is still relevant to your business. A redesign will ensure that your new brand, product, or service is highlighted properly.

An Effective Website Is Vital to the Success of Your Business

Without a functioning and appealing website for your company, you’ll lose potential customers and clients. A company’s online presence is significant to its and you will not be able to keep up with your competitors if online users do not like your website. It’s extremely beneficial and important for your business to remain aware of the status of your website and redesign it whenever it begins to lose impact on users.

Stop worrying about whether your website needs a redesign and do something about it. Contact ourcustom web design project managers and developers in Raleigh, NC at 919-341-8901 or schedule a complimentary consultation.

The post 8 Signs It’s Time for a Website Redesign appeared first on TheeDesign.