Join us on Monday, June 1st, for the Portland WordPress MeetUp on Zoom as I take us on a walkthrough of the this year’s WordPress theme.
Category: learn WordPress
Follow these five steps to add an SSL Certificate to a WordPress website in a quality hosting environment.
Why Add an SSL Certificate?
SSL stands for Secure Sockets Layer and is the standard technology for establishing an encrypted link between a server and a client. When a website shows the https:// version of the URL it means that all traffic to and from the website is encrypted. Only the website can read credit card details or passwords entered there. The “s” in https stands for secure.
Some users will not leave personal information on a website without the encryption. Because of this and because users spend more time on secure websites, Google and other search engines include site security as a ranking factor.
From HTTP:// to HTTPS://
Moving a website from http:// to https:// can seem daunting but is easier in a good hosting environment. In this post we will go over the steps to add an SSL Certificate using SiteGround hosting, one of the few hosting services recommended by WordPress.
First, Add Lets Encrypt
On SiteGround, in your website cPanel, go to the Security section and select Lets Encrypt.
Yes, it really is that easy. You will now have two identical websites. One that begins with http:// and the other with https://.
Second, Update Content to HTTPS://
Update your content to https:// by adding the SSL Insecure Content Fixer plugin. This plugin updates content to https:// as soon as it is activated.
Again, that is easy, but there may be come glitches.
Third, Confirm all Content is Linked to HTTPS://
If the green lock to the left of https:// is gray or there is a yellow triangle in front of it, then some of your content is still linked to http://. Check your website by entering the URL at WhyNoPadlock.com. Any problem content will be indicated here.
When I added the SSL Certificate to my own website the images in the widgets near the footer were still linked to http://. In the Dashboard I went to Appearance -> Customize and opened the widgets. Then I edited each image URL to include the “s” after http. After updating I checked the site on WhyNoPadlock.com again and the problem content had been fixed.
At this point the padlock had turned green and the yellow warning triangle was gone.
Fourth, Redirect HTTP:// to HTTPS://
At this point your https:// website should look good and show a green padlock and the https:// at the front of your URL should also be green. You will still have an http:// version. Search engines actually consider this an entirely different website, one with the exact same content.
To save your standing in search engines, redirect the http:// version by adding a piece of code to your .htaccess file. This code will force anyone going to your website to see the https:// version. Even if they enter http://yourwebsite.com it will reconcile at https://yourwebsite.com.
Below is the piece of code you will add to the .htaccess file. Before making any changes in the .htaccess file, be sure to save a copy of the original. If something goes wrong and your site breaks, you can always put the original back and fix the site.
RewriteEngine On
Rewrite Condition %{Server_Port} 80
RewriteRule ^(.*)$ https://yourdomain.com/$1 [R=301,L]
It should be entered into the .htaccess file right after this line: # BEGIN WordPress
Fifth, Ensure You Can Measure Site Performance
Even if your site was already added to Google and Bing using the http:// version, you will need to add it again with the https:// version. Add the new version of your website to Google Search Console, Google Analytics, and Bing Webmaster Tools if you want to measure your website performance, learn how users are finding your website, and which pages are the most popular.
Portland WordPress MeetUp
This presentation was delivered at the Portland WordPress MeetUp on Monday, February 6th, 2017 at the U.S. Bancorp Tower Conference Rooms. For more information on this MeetUp or to view the discussion please go to this event at Portland WordPress MeetUp. The Portland WordPress MeetUp is an opportunity to learn about WordPress and get help with specific questions.
Categories
Get Searched … In a Good Way
Every day web visitors use Google or Bing to search for a solution to their problems. So, how do you go about submitting a website to Google or Bing? Did you know that WordPress has site analytics as part of the JetPack plugin?
At yesterday’s Portland WordPress MeetUp I walked about 40 WordPress users through the steps of submitting a website to major search engines and then what to do with the data.
Review the presentation below. I enabled full screen and the pan and zoom feature we have come to expect from Prezi.
Or, contact me to have your website optimized for organic search engines.
Since launching Waterlink Web I have frequently helped clients who came to me with lovely websites, beautifully designed, but missing key safeguards to protect their site from hackers. These clients paid for websites but were never given the essential training in how to post, add categories and tags and, most importantly, how to help their website’s Search Engine Optimization.
This post includes the content from a July 2014 WordPress Users MeetUp where I spoke on “Safeguarding Your WordPress Clients” and the elements that should be included in every WordPress site but often are not.
Security Begins with a Name
What I am referring to here is the User Name. When a WordPress designer adds a client to administer the website, the User Name should be unique, hard to guess and something the client will remember and like using. It cannot be changed!
Never make it “admin.” Admin is the most common user name in WordPress and the first thing hackers will guess when trying to break into a website.
Security Continues with a Password
Have you heard the term “password rot?” What this means is that your password is the strongest on the day it is created. Once we create a password we think it is clever, we can remember it and we start using it on multiple sites.
Well, your WordPress site may be pristine without malwear but another site you log into may not be. So, the “bots” on that other site get your password and then they can log into other sites you frequent, including your WordPress site.
Ideally a Different Password for Each Site You Visit
So how do we track all of these different passwords? There are plenty of tools that can help from low tech to high tech:
- Sticky Notes, while decidedly low-tech, no “bot” has ever looked into a desk drawer and found the list of passwords.
- Password Managers, such as 1Password for Mac or LastPass, can ease the burden of remembering passwords.
- Two-step authentication, offered by Google as well as GetClef, this password system can require a telephone for additional authentication and protection.
If you cannot manage all of your passwords, then pick the passwords that are most important and manage those.
Updating also Safeguards Your Clients
It is frightening how many WordPress sites are designed and turned over to clients without the necessary training in how to update the plugins or theme, leaving these sites potentially open to hackers.
As President of Waterlink Web I always make sure each client is taught how to do the basic security maintenance on their website.
Include a Backup Plugin
Every WordPress site should be secured with a backup plugin. There are various options including Vault Press, a premium plugin that is included in JetPack. At this MeetUp most users preferred the following:
- Backup WordPress, a free backup plugin.
- Backup Buddy, a fairly low cost backup plugin that offers additional services.
Include a Search Engine Optimization Plugin
Good Search Engine Optimization helps your client be successful. If your client is successful, then you are successful.
Good SEO is never really done. It includes content that is kept current, that users want to access and link to. One of the things that makes WordPress such a great tool is that once the site is set up it is easy for your client to add new and engaging content and, with a little help, improve their SEO. Waterlink Web includes Search Engine Optimization with each site we design and develop.
The SEO plugin I prefer for my clients is WordPress SEO by Yoast. I prefer it because it is easy to follow the steps for improving your SEO on each page of your site and provides an overall ranking for your pages.
Blog Posts – Never Leave Uncategorized
Because we have all posted, at least once, without selecting or adding a Category, do your clients the favor of eliminating “Uncategorized” on their posts.
This is how:
- In the admin panel, under Posts, scroll to Categories and select. Put in a Category, something that will always describe your posts, such as your website name.
- After that is saved, go to Settings and scroll to Writing. Under Default Post Category select your new default and save it.
Now your posts will never be “Uncategorized.”
I also recommend brainstorming with your client before turning the website over and inserting a series of Categories that he or she can draw from when Posting.
Blog Posts – Categories and Tags
Just as each post should have a Category, Tags are also helpful both in SEO and in helping your users find content on your website.
Think of Categories as chapter titles in a book and Tags as a listing in an index. For example, if your website is about hats, then Categories might include Cowboy, Fedora, etc. Tags might by felt and straw because many hats are made of felt or straw.
To Learn More …
Just log into the Waterlink Web – About page to learn more about me and how my marketing background will help your website and business succeed. My goal is your success.