Google Mobile First Index to roll out in 2018: how to get ready

Google Mobile First Index to roll out in 2018: how to get ready

Dec 21, 2017 | Responsive Design, SEO

In November, 2016, Google announced they were starting to experiment the so called “Mobile first indexing”. 2018 will be the year in which this will effectively roll out, little by little, for all websites.

What is Mobile First Index?

Up to now, Google has crawled websites using their Desktop Googlebot for most of the time. This means that their indexing mostly looked at desktop versions of web pages.

This will experience a huge shift in 2018 when the mobile first indexing will effectively roll out and Google will switch to their Mobile Googlebot more. When this happens, they will index websites looking at the mobile version of their pages first.

Is my website ready for Google Mobile-First Index?

If you have a website with a Responsive Web Design already in place, you may have not much to worry about, since content between Desktop and Mobile versions of your pages is very much likely to be equivalent.

Need a Responsive Web Design for your website?

Get it now

Still, Google gives us the following suggestions to look at, if we want our website to be ready when the mobile first indexing rolls out in 2018. This will also prevent our website from not showing up as they should in the Mobile Search Engine Results Page.

1) Both Mobile and Desktop content has to have the same quality

If you design your website content thinking of Mobile audience first, then this is going to be very easy to achieve. Anyway, Google wants to make sure “the mobile version of the site also has the important, high-quality content”, which includes text, images (with alt-text), and videos.

2) If Structured Data is in place, it has to be both on Desktop and Mobile versions

Structured Data (such as Schema.org markup) is growing more and more important for SEO as it helps Search Engines to better index your content (often generating snippets such as Rich Results).

If you have them in place on your website, it should be both on the mobile and desktop version of the site.

3) Metadata has to be equivalent on both Desktop and Mobile versions

As for everything else, metadata such as page titles, meta descriptions and ALT text on videos and images has to be equivalent across different versions of your website.

4) For internationalisation, check hreflang links on separate mobile URLs

When using link rel=hreflang elements for internationalization, link between mobile and desktop URLs separately. Your mobile URLs’ hreflang should point to the other language/region versions on other mobile URLs, and similarly link desktop with other desktop URLs using hreflang link elements there.

5) Make sure your hosting server can handle potentially increased crawl rate

This does not affect websites that use responsive web design, as they don’t have different website versions hosted on separate hosts (such as m.example.com).

Let us help you find what you need! Fill our secure form!

This form collects your details above so we can contact you back in relation to your enquiry. Please see our privacy policy for more information.

Website/Technical Request

Consent

3 + 10 =

2 smart steps to improve your website performance

2 smart steps to improve your website performance

Oct 27, 2017 | News, Responsive Design, Security, SEO

  • You want to get the most visitors to your website;
  • you don’t want to be excluded from Google searches on smartphones;
  • you don’t want visitors to see warning messages that might drive visitors away from your website.

If these three sentences resonate with you in any way, you may want to give a look at these two smart steps to improve your website’s performance.

1) Equip your website with a Responsive Design

Responsive Design

Responsive Design makes sure that browsing works fluidly across all screen sizes from desktop, laptop, tablet and smartphone. This is done by building your website in a manner that presents differently to different screen sizes, so the website visitor has a very positive experience no matter what size screen they are looking at.

2) Get HTTPS, setting up a SSL to secure data on your website

Adding the S for “Secure” to your web address will both improve your ranking and avoid warnings such as “this site may not be safe” when visitors arrive. Adding the “S” requires a Secure Socket Layer that encrypts data transferring to and from your site from visitors and adds authentication to your website that says it is safe for visitors.

Need help to set up a Responsive Design or SSL on your website?

Contact us now

The rise of the mobile-first design approach

You may now be wondering how did we get here.

From 1996 to 2014, it was all about growing businesses into deciding that they should have a web presence. Some did it just to be there (in case they might miss something). Then, as time went by, more and more businesses took to a web presence and grew their effort to maximise its effectiveness.

Finally, with the rise of mobile devices such as smartphones and tablets, more and more people shifted towards them, moving away from desktop computers.

Amazon, Ebay, Netflix, YouTube, Facebook, Instagram and other social networks and services have been strong drivers of bringing more and more users online as everyone now can connect to the web reaching out their device in their pocket.

The role of Search Engines

Search Engines such as Google, as their algorithms grow more and more sophisticated, want to provide their users the best possible experience when searching for something through their service.

Aware of the rise of mobile browsing, this means that a website has to:

  • be easy to browse from any device;
  • keep their users privacy safe.

Mobile-first design approach

On April 21, 2015, The rise of mobile devices in the online browsing market, led Google to roll out the so called “Mobilegeddon” algorithm update. This update gives priority – in mobile Search Engine Results Page – to websites that display correctly on mobile devices.

Last January, Google started issuing a penalty to those websites that display intrusive popups on their users’ devices.

The list goes on.

Safety through HTTPS encryption\SSL certificate

HTTPS encryption has been declared to be a ranking factor since August 2014, although people are getting more aware of it only just lately, when major web browsers started to clearly show in their URL bar whether a website has such encryption in place or not.

On Chrome browser, for example, you will now see to the left of the web address:

  • Secure

  • Info Info or Not secure

  • Dangerous Not secure or Dangerous

For website owners this can be a big negative. Someone is just about to visit your website and they are now being warned away, because “you are HTTP and not HTTPS!”.

Again, the focus here is on the visitor first and the website owner second.

For websites that are just information – this appears at first to be a bit strong but adding the “S” to HTTP adds a Secure Socket Layer to ensure data is encrypted and therefore protects the website visitor. This matters whether they are simply browsing your website or entering personal details and other sensitive information such as credit card details, etc.

Now, the bottom line is that if you do not have a HTTPS on your website – visitors are likely to reduce due to warnings and lower rankings.

If you do add HTTPS (using a Secure Socket Layer) then you are seen to respect your potential website visitors and you are rewarded by Google and the browsers by not having warnings showing to visitors.

Let us help you find what you need! Fill our secure form!

This form collects your details above so we can contact you back in relation to your enquiry. Please see our privacy policy for more information.

Website/Technical Request

Consent

7 + 2 =

WordPress 4.8.2 Security and Maintenance Update released

WordPress 4.8.2 Security and Maintenance Update released

Sep 21, 2017 | Security, Wordpress

On September 19, WordPress released a new Security and Maintenance Update.

Needless to say: if you are a WordPress website owner, you should update now, if you didn’t already. Also, be sure to backup your website, if you didn’t do it recently!

To Backup your website is always important before installing Core updates. This prevents issues (such as your website becoming broken or unbrowsable) from rising, especially with Plugins, as they may not always be 100% compatible with the new version.

Need help with your WordPress Backup and Update? Contact us!

What does WordPress 4.8.2 update fix?

Cross-site scripting vulnerabilities (XSS), mostly.
This is a short list of the main bugs that have been found and that the 4.8.2 update fixes, along with a brief explanation, where needed:

  • Cross-site scripting (XSS) vulnerabilities were discovered:
    • in the oEmbed discovery;
    • in the visual editor;
    • in the plugin editor;
    • in template names;
    • in the link modal.

XSS is a kind of vulnerability used to bypass websites’ access controls.

  • Path traversal vulnerabilities were discovered:
    • in the file unzipping code;
    • in the customizer.

A path traversal attack (aka directory traversal attack) aims to access files and directories that are stored outside the web root folder.

  • An open redirect was discovered on the user and term edit screens.

Through open redirects an attacker may successfully launch a phishing scam and steal user credentials. This can happen by redirecting the victim to links identical to the original site, so to have a more trustworthy appearance.

There are other 7 maintenance fixes. If you are interested, you can check the full Release Notes for WordPress 4.8.2 directly from their website.

We are available to chat with you over these and other WordPress related issues anytime. Contact us!

Let us help you find what you need! Fill our secure form!

This form collects your details above so we can contact you back in relation to your enquiry. Please see our privacy policy for more information.

Website/Technical Request

Consent

9 + 13 =

WP-Base-SEO: fake SEO Plugin for WordPress it’s actually a Malware

WP-Base-SEO: fake SEO Plugin for WordPress it’s actually a Malware

Apr 11, 2017 | Security, Wordpress

If you are Administrator of a WordPress website, pay attention!

The security firm SiteLock has reported that WP-Base-SEO, a fake version of the legit WordPress SEO Tools plugin, has infected lots of WordPress websites.

As SiteLock shows, WP-Base-SEO does a very good job in faking legitimacy, providing references to the official WordPress Plugin Database and instructions on how to use the plugin properly.

Still, digging deeper in the main PHP files of the plugin, they found out a base64 eval request. It’s a PHP function very often used for malicious purposes and, as such, its use is disregarded by PHP.net. In this case, it opens up backdoor access to the website.

The security news website Threatpost states that over 4.000 WordPress sites have been infected by WP-Base-SEO. It is likely that the attackers have mass-scanned WordPress websites searching for outdated plugins to target. This is a very common practice.

Just to provide an example, in April, 2016 an outdated version of WordPress RevSlider image slider plugin, was held responsible for 2.5 terabytes data leak that went under the name of “Panama Papers”.

How to increase your WordPress website Security?

As always:

  • Keep the WordPress Core updated to the latest version
  • Pay attention when installing a new WordPress plugin on your website: look for good ratings and legit feedback from the WordPress Plugin Database users
  • Keep your plugins updated to the latest version
  • If a plugin has not provided any update in the last few months, consider removing it from your website.

We at Handyweb have dealt with WordPress Security issues and can help you if you need solutions! Contact us!

Let us help you find what you need! Fill our secure form!

This form collects your details above so we can contact you back in relation to your enquiry. Please see our privacy policy for more information.

Website/Technical Request

Consent

3 + 14 =

WooCommerce 3.0 Major Update Released

WooCommerce 3.0 Major Update Released

Apr 10, 2017 | E-commerce, Wordpress

WooCommerce 3.0 is a new Major Update for the worldwide-known eCommerce plugin for WordPress.

Codenamed “Bionic Butterfly”, this new version of the plugin has been in development since August 2016 and in beta since December 2016.

Let’s find out what’s new!

A new Product Gallery

This is probably the most visible improvement to both the end user and the administrator. The WooCommerce 3.0 Update comes with a new product gallery, providing a really clean, slick and intuitive user experience.

Mobile browsing of such product pages has been really improved: tap on a thumbnail to display the image in its true size, swipe to scroll, pinch to zoom, swipe up to close.

As you can see in the above video, the whole page is fully responsive without compromising design quality.

CRUD classes and new CLI for developers

WooCommerce 3.0 also introduces CRUD (Create, Read, Update, Delete) classes, to help developers retrieve data from the database more easily, and a new Command Line Interface powered by the REST API.

If you are a developer, you can read all about the new CRUD classes and the new Command Line Interface over to WooCommerce Official Development Blog.

Other Improvements

Other than plenty of performance improvements, WooCommerce 3.0 comes with some tweaks that benefit both the Administrator and the User.

This is just a quick round-up of all the features and improvements included in the “Bionic Butterfly” Update. For more details you should check the official Blog post about it!

Backup before updating

You should always backup your website before an update, especially if it’s a Major Update such as this one.

We are experienced in WooCommerce setup and management, as many of our clients make use of the plugin for their eCommerce businesses. We can help you and guide you through the process of backing up and updating your WooCommerce installation.

Let us help you find what you need! Fill our secure form!

This form collects your details above so we can contact you back in relation to your enquiry. Please see our privacy policy for more information.

Website/Technical Request

Consent

9 + 10 =

WordPress 4.7.3 Security and Maintenance Update released

WordPress 4.7.3 Security and Maintenance Update released

Mar 7, 2017 | Security, Wordpress

WordPress has just released a Security and Maintenance Update.

The 4.7.3 update fixes important secuirity issues that 4.7.2 and previous updates still didn’t manage to fix completely.

Of course they suggest to install the update immediately and. as WordPress users ourselves, we can’t help but strongly suggest you to do that.

So, if your website uses WordPress as a Content Management System (CMS), you should backup your website and update WordPress Core to the latest version.

To backup your website is always important, especially before installing Core updates, so to prevent issues. Also, if your website has Plugins installed, these may not always be 100% compatible with the new version which can lead to your website becoming broken or unbrowsable.

Need help with your WordPress Backup and Update? Contact us!

What does WordPress 4.7.3 update fix?

Being an open source, heavily community-reliant CMS, WordPress updates are usually based on the huge amount of feedback coming from its huge user base (WordPress 4.7 has been downloaded over 17 million times).

This is a short list of the main bugs that the 4.7.3 update fixes, along with a brief explanation, where needed:

  • Cross-site scripting (XSS) via media file metadata.
    XSS is a kind of vulnerability used to bypass websites’ access controls.
  • Control characters can trick redirect URL validation.
  • Unintended files can be deleted by administrators using the plugin deletion functionality.
  • Cross-site scripting (XSS) via video URL in YouTube embeds.
  • Cross-site scripting (XSS) via taxonomy term names.
  • Cross-site request forgery (CSRF) in Press This leading to excessive use of server resources.
    CSRF is a type of malicious website exploit where unauthorized commands are transmitted from a user that the website trusts.

There are other 39 maintenance fixes. If you are interested, you can check the full Release Notes for WordPress 4.7.3 directly from their website.

We are available to chat with you over these and other WordPress-related issues anytime. Contact us!

Let us help you find what you need! Fill our secure form!

This form collects your details above so we can contact you back in relation to your enquiry. Please see our privacy policy for more information.

Website/Technical Request

Consent

4 + 7 =

Brought to you by Handyweb.ie 

Website: www.handyweb.ie
Phone: +353 (0) 44 93 45145
Email: info@handyweb.ie
Services: Web and App Consultants, e-Commerce, Responsive Web Design, Search Engine Optimisation, Digital Marketing, Social Media, App Development, Online Payments, Online Business Automation