Every day we hear stories about small site owners being burned by unscrupulous web hosts. This happens far too often, so we decided to put together a checklist of things that you should check out before deciding on a web host.
Now, of course at Crazy Domains we don't have any of the bad practices we're outlining – we like to think we're pretty good at what we do. But even if you decide against using our services, you should know these things about bad web hosts.
If someone is charging you to create subdomains or to use IMAP to check your email, then you've got a problem.
This is often the practice of bargain hosting companies who bring you in on a price that's too good to be true, then nickel and dime you to death with added fees. Make sure you check what's provided with your account.
This goes hand in hand with the first point. You're not going to get good hosting for $1 per year – it's just not possible to run a business with profit margins that thin. Know that these super cheap web hosts are cutting corners somewhere to make those prices possible.
This is one of those semi-unscrupulous practices that web hosts are notorious for. It's common for hosts to offer rock-bottom prices for the first year (or even month) and then increase them wildly for the following time periods.
These web hosts want to you to get comfortable using their services, interfaces and navigation methods then make it much more profitable to retain you once your site is established.
This is a huge one. Being a webmaster is a complicated and often technical process. For the average site owner, it's an entire new set of skills that you need to develop.
It's practically inevitable that you'll come up against something that you might not understand – for this, your host needs to have 24/7 support with multiple ways of contacting them, and preferably a large, well-written knowledge base to back it up with frequently asked questions.
If your host doesn't have a blog that's maintained by employees of the company (not just by a bunch of freelance writers more interested in creating links to their own sites than in helping people) then run the other way.
Every host should be active in social networks as well – it's just another way that we can be more available and accessible to our customers.
This one seems like it'd be a no-brainer for any host, but some can't even make sure that your sites are up when they're supposed to be. Make sure they guarantee this – this means you're entitled to compensation for the time that your site spends offline below a certain percentage.
99.9% is good to shoot for. That comes out to less than 2 minutes of downtime per day for maintenance or work on the servers.
Unfortunately, not everyone is going to be happy with the service that they get from a host. That's just a fact – nobody can be perfect all the time. That's going to lead to some angry reviews from people who don't feel like they've got their money's worth.
On the other hand, affiliate programs have led to a lot of disingenuous review sites – reading these, it seems that the host who pays the highest percentage can do no wrong and you should BUY BUY BUY.
Make sure that the host doesn't pay (even indirectly) for their reviews. It's a sure sign that something isn't right. Negative reviews that smear other hosts are also a popular practice.
Security's important – whether we're talking about passwords or your WordPress site. But servers also need ironclad protection, and this is the responsibility of your web host.
Make sure that your sites won't get attacked from the inside – partitioning on shared or cloud hosting is very important, as are dedicated server teams who work to mitigate attempts to hack them.
This is another one of those basic things that shouldn't be that hard to get right, but somehow is. If you've got a simple site on a powerful hosting account, it should be fast. Blazing fast.
Make sure that your host uses Solid State Drives for their pricier options – they make all the difference when it comes to how fast data is retrieved.
So make sure that you check these 9 things before you decide on a web host. A little bit of research now can save you a lot of trouble, expense and frustration later on.
Responsive design is the hottest thing to happen to websites since having a website. No exaggeration, a fully responsive site is just about the most important thing you can do for your business online, after having a web address that's easy to remember. But what does it even mean? How can a website not be "responsive," and why should you even care?
In the beginning, there was the internet. We viewed text-only websites on our bulky CRT monitors at our desks, over a slow dial-up connection. Dinosaurs and sabre-toothed cats roamed the tundra outside. Mobile phones had gone from the size of a house brick to being the size of a box of matches. But, over time, mobile phones started to do something else: access the internet.
WAP allowed us to be free from the shackles of our desktop computers (those of us who didn't have laptops) and to view some poorly-designed websites on the move. And so began the growth of the mobile web.
As mobile phones grew in size and power, the internet became more mobile. Websites could be viewed from anywhere, and frequently were. Good website designers and forward-thinking companies appreciated the importance of a mobile-friendly website – so, often, two sites were made. A desktop site and a mobile site. The website would detect if you were a mobile visitor, and redirect you to the alternate site.
This was all very well, but as a solution it hasn't been ideal. Laptops were getting smaller, mobile phones were getting bigger and more powerful, tablets have become more popular, and smart watches are now gaining on Swiss watches for popularity. It's not enough to just have an alternate "mobile" site any more.
In short, responsive design is web design done right. Responsive design is how the internet should be viewed. No longer should there be two sites, or desktop and mobile, designed: one site is all you need, if it is truly responsive. But what does responsive really mean?
The term "Responsive" design was originally coined by Ethan Marcotte in the article Responsive Web Design.
Responsive means that your website responds to the visitor. We're not talking a redirect to an alternate site, or a small number of alternate screen sizes, but instead really taking the time to have a website that will respond and adapt to any screen size, to change orientation when a device is rotated. Marcotte said:
This is our way forward. Rather than tailoring disconnected designs to each of an ever-increasing number of web devices, we can treat them as facets of the same experience. We can design for an optimal viewing experience, but embed standards-based technologies into our designs to make them not only more flexible, but more adaptive to the media that renders them.
CSS is part pf the key to being responsive, with careful attention given to fluid grids and images. There are lots of great tutorials and how-to guides, with Marcotte sharing a lot of good information in his article. Another good place to start is with 70+ essential resources for creating liquid and elastic layouts.
You get it. Websites that are fluid and responsive for visitors. But why should you care? Do your customers really care if your site is fancy, so long as they can get the information they need? Let's quickly look at the top reasons to give a damn.
A recent report from MarketingCharts.com found that the top mobile shopping problems reported by customers were all related to responsive design, with the top problems including "having to enlarge [the page]" "having to use the 'full site' version" and "Text is too small." Your poor design is driving away customers and visitors.
They may not be personally interested in your business, but what Google does care about is indexing your site. From April 2015, Google actively started ranking more highly sites that were mobile friendly, and the search giant has long held a dim view of duplicated content: meaning that if you have different versions of your site with the same content, you could be penalised in Google's results for it. Take the test here to see if your site is mobile friendly.
On the balance of probability, devices aren't likely to become any less varied. Desktops gave us laptops, laptops gave us tablets, tablets have opened the door to wearables – and who knows where we go from here. The fact is, the technology is here to stay, and multiple devices with various screen sizes are only going to proliferate further. As Marcotta says, making a whole design for every different device, input mode, and browser is "a zero sum game".
Isn't it annoying if you don't know the address of the website you want to visit? You can't remember if they have a separate mobile site, if you need to prefix the address with m. first, or if it will be enough to visit the main site, which may or may not redirect you? Responsive design means your visitors only ever need to know your one address, and will be confident that only is it the right one, but that it will work.
Why waste valuable time making different websites for every device or screen size under the sun, when your valuable assets can make one website and do it right? Responsive design is an investment in your business, but it saves you both time and money in the long run, and keeps visitors when they cone to your site.
Except that the major industry players are shaking up the internet in a big way. With Facebook and Apple now publishing news directly on their platforms, Google has stepped into the ring to defend the internet from the "walled garden" of content locked on platforms. Google's Accelerated Mobile Pages aims to provide "web pages that are optimised to load instantly on users’ mobile devices."
AMP is, essentially, a stripped down version of HTML using a restricted set of tags, and boasting load times "as much as 10 times faster than the standard mobile web," publishers including the Guardian and New York Times have already signed up. The only trouble is, some argue, is the it is creating "a two-tiered system separating the Web from the mobile Web," making the open Web less of a level playing field.
Will Google AMP signal a return to separate mobile sites? Will responsive design win out? Only time will tell.
Start building your own great looking and responsive website today with Crazy Domains: it's so quick and crazy easy with our Website Builder.
We've talked before about how SSL can boost your rankings in Google…
…but what else is it good for?
More than that, what on earth is it and how does it work?
That's what we'll be looking at here, so keep reading to find out.
SSL is a protocol. That means it's the way that two computers send information to each other over the internet.
SSL stands for Secure Sockets Layer, but that's actually the old protocol. Nowadays we use TLS, or Transport Layer Security, but still call it SSL because it sounds better.
Basically, it encrypts the information that the computers send to each other. Later on we'll look at how it does that, but first let's examine why SSL became necessary.
When the internet was first created, there wasn't very much sensitive information floating around on it. The connections weren't powerful enough to support serious web-based applications, there was very little in the way of online buying, and most people didn't put a lot of private stuff online.
Because of that, we used HTTP – the Hypertext Transfer Protocol. HTTP is fast and efficient because it sends all its messages in plain text.
That's fine if there's nothing sensitive – yeah, someone can listen in on the traffic if they know what they're doing, but there was no harm in it.
All that has changed.
It's rare that one of us goes a day without sending some sort of private information over the internet, and SSL is largely the reason that we can without worrying too much about it being intercepted and misused.
So now that we know why SSL (rather, HTTPS) is necessary, let's go on to how it works.
Warning – nerd stuff ahead. If you're only interested in how the various types of SSL certificates are different and not in various methods of online encryption, then maybe skip ahead.
In encryption, there are two methods that we need to look at.
This is when you use one code to encrypt a message – the same code to encrypt and decrypt the message.
Let's say we're using a code there a=1, b=2, c=3 and so on.
I want to write "hello, world!" using this code.
I use this code to encrypt the message and get the following:
8 5 12 12 15, 23 15 18 12 4!
Now, to decrypt the code you need to use the same code. You run it backwards and get the original message. Simple, right?
The trouble with this type of code is that you can only use it if both parties know it already. And the problem with using it online is that you need to send the code (which is also the key) over an unencrypted connection, which defeats the whole purpose of the exercise. Anyone who has this code can read the message.
That's why we have…
This is a considerably more complicated method, and can be best explained using an analogy.
Think of a padlock. Anyone can close it, but you need a key to get it open.
In asymmetric encryption, there's a public key. That key functions like the padlock – it can be used to "lock" any message, and its function is to be publicly accessible. The difference here is that you use different codes to encrypt and decrypt the message.
There's another key, though – the private key. This is the one that can figuratively unlock the message.
But hang on – can't any piece of maths just be run backwards to get the original method? How does asymmetric encryption actually work?
In order to get into that, we'll need to look at a concept called modular arithmetic.
Modular arithmetic is a mathematical system that limits how many numbers it uses by making them "wrap around" another number.
Think of a regular 12-hour clock.
It's eight o'clock now. In six hours, it will be 2 o'clock. This is because the clock functions like a modulo, where the numbers wrap around at 12. Mathematically, this is expressed like this:
8+6=2 mod 12
So I can have a result (2) with many different beginning values – keeping the example of the clock, it can be 1+1, 3+11, or any number of different initial values that give me my final value.
This lets me encrypt something while keeping my modulo secret – from the output you get, there's almost no way of knowing how I encrypted it unless you know the modulo I'm using.
Using my previous message (hello, world!) and the same numerical code, we can put a twist on it so that it can't be decoded by reversing the original code. Please note that this is not the actual way that this encryption works – it's simply a very primitive example of one concept that allows it to work.
We take the numbers:
8 5 12 12 15, 23 15 18 12 4!
And now we run them through the following formula:
X * 3 mod 10
We get the output:
4 5 6 6 5, 9 5 4 6 2!
This is an awful code because it creates output that can't even be decoded if you know the modulo, but it's just an example. The real amazing part of the mathematics behind this sort of encryption is choosing the numbers so that it's possible to encrypt the message, but not decrypt it.
For a real in-depth analysis of how this encryption works, see this link.
SSL uses both of these methods to ensure that connections are secure and fast.
You see, asymmetrical encryption takes a lot more computing resources than symmetrical encryption does. To make the connection faster, SSL uses asymmetric encryption to secure not the message that you're sending, but the key for a symmetrically encrypted secure session. Now that the key isn't being sent over an insecure connection, you can send anything you want, knowing that it's safe.
All SSL certificates use the technology that we outlined above. So what makes the types of certificates different?
Most of the time, a site uses SSL for the reasons above – encryption and security.
There are also certificates that verify information about the organization that the certificate has been issued to, though. These are used to enhance trust in the organization.
These certificates show that you have the right to your domain and encrypts your traffic using HTTPS. The domain is validated by email and it usually includes little information about you and your business.
EV SSL certificates have much more information in them about the site and the organisation associated with it. These make it much more difficult to mount phishing or man in the middle attacks and provide the green address bar that is commonly associated with SSL.
Wildcard SSL certificates have the advantage of being able to secure subdomains as well as your main domain. If you had many subdomains that all have sensitive transactions or information going on in them, then this is the type of certificate you'd need.
Certificates also differ in the size of the warranty they offer. This warranty covers possible fraudulent transactions on the site that the certificate covers, giving people more protection for the business they conduct online.
So that's it – a basic overview of what SSL and HTTPS are, the ways that they encrypt our data and help keep us safe.
There's more to it than ecommerce, though. SSL is also used by those interested in combating surveillance and spying.
If you're interested in securing your site, then we have a great selection of SSL certificates available for you to choose from.
Security application provider Splash Data have revealed their list of the 25 worst passwords of 2015 – with the Gold and Silver medals for the blindingly obvious continuing to go to 123456 and password.
According to statistics portal Statista the typical character length of online passwords worldwide as of June 2015 was between eight and 12 characters, so does password length make a difference?
There are various sites on the internet that offer to check your password security strength, and even ignoring any that are traps to steal your password, for many their wisdom is flawed. Longer does not necessarily equal better when it comes to passwords.
Morgan Slain, CEO of Splash Data, says:
"We have seen an effort by many people to be more secure by adding characters to passwords, but if these longer passwords are based on simple patterns they will put you in just as much risk of having your identity stolen by hackers."
The difference between using 123456 and 12345678 is negligible – and while you might think that by replacing letters with numbers is smart move (like the 66 percent of people who combine letters and numbers) abc123 is only just outside the top 10.
In the article Why you can't trust password strength meters award-winning security experts Sophos say:
"The reality is that some guesses are far better than others because our password choices are not random... [Attackers] know that some words are used more often than others and they know about the cute tricks and bad habits we use to obfuscate them." Making "password" into "passw0rd" does not make your account more secure.
If password length isn't the last word in strength, and switching out letters for numbers is amateurish, what can you do to be safer online? Mozilla have some advice on creating secure passwords using a passphrase
Want to keep your own website safe from hackers? It's Crazy Easy with our Site Protection and scanner, scanning your website every day for threats and problems.
In our last post we talked about the galaxy of free things you can do to drive valuable visitors to your website, and the importance of social media and relationship building. One crazy easy way to drive site traffic is through the magic of blogging. But how do you even get started? And why should you care about a blog in the first place?
Choosing the right blog platform is like choosing a car, only without a sales manager eager to meet their targets for the month. They come in various shapes, sizes, and colours and all have different benefits. At a glance, the big hitters can be summarised as follows:
It sounds simple, right? Just close your eyes, pick one, and start writing: what could be easier? Except that as a casual blogger you're going to have different wants than the serious business blogger, and that's barely even the start of it. If you want the best blog you need to consider your options more carefully.
What budget do you have for your blog? You can set up a blog for free in minutes on Wordpress.com, Blogger, Tumblr or Medium, but if you want a more premium service you should consider Wordpress.org, the platform's software for self-hosting. While the Wordpress.org software is free to use, a custom domain name and web hosting are required and will come at a small cost – though it's Crazy Easy to get started quickly and affordably for as little as $99/yr with our Online Startup Package.
Why would you pay for hosting and a domain with Wordpress.org when you can get a blog for free? The benefits! Wordpress.org has the added benefits of allowing plugins, full theme support, and the added bonus of allowing monetisation: the latter is a big plus if you're a serious business blogger and want to make any kind of a living from it.
Other sites have various benefits that are also worth considering. Want an active, engaged and progressive community? Tumblr is a good choice – plus with its like, reblog and follow buttons it has advantages over more stand-alone platforms like Wordpress.
The beauty of choosing Medium over Tumblr is the emphasis on content over style. While Tumblr is especially favoured for multimedia content, and themes can be easily changed, Medium keeps you to the standard template with a user base favouring long form content and more in depth discussion. An added advantage of Medium is the site's daily emails, along with its Staff Picks and Top Stories categories – giving good content great exposure to a growing and loyal user base.
If you have an existing Google account, it's incredibly easy to get started using Blogger – as a Google product, you don't even need to sign up again or login with Twitter. Because it's a Google product, you'll find it integrates easily with Google Analytics and Blogger makes it incredibly simple to add ready-made widgets to your blog sidebar: a benefit that is not something you get with Tumblr or Medium.
Wordpress.com's biggest benefits are that it is free to use, has no maintenance requirements (unlike Wordpress.org) and if you find yourself growing more confident with blogging and want something with more power, it's a cinch to move to Wordpress.org. For more info, check out our post Everything you need to know about Wordpress but were too afraid to ask.
The discussion of the pros and cons of one blogging platform over another may leave you wondering, why should you even bother blogging? What are the benefits? The list of good reasons can get quite expansive, but the top 5:
Blogging doesn't have to be difficult or expensive: whether you're wild about Wordpress or barmy for Blogger, get started today and start enjoying the benefits.
Did you read The Crazy Easy guide to getting traffic part 1? Take a couple of minutes now to go and check it out.
Now that you're finished, let's take a look at free promotion for your website.
Everyone loves free things.
As soon as people hear "free", they charge forward. But before charging into any of this, remember – it's free, but takes a lot of work.
That said, there's a powerful 1-2 punch you can use to skyrocket traffic, sales and build the reputation of your brand.
Let's look at what you need to do.
Remember that in the spirit of our Crazy Easy guides, this is not comprehensive. It's the first place you can learn about free site promotion – but do further reading to find more answers.
This is where most people would write "SEO" and leave it at that.
But I'm not most people. SEO is only one part of the picture.
A search engine is a giant digital confession booth, shopping mall and information directory.
And it's got only one job: to give people what they want. It's a very simple sentiment, but it bears repeating over and over until it's completely imprinted on your brain.
Search engines give people what they want based on what they're looking for.
Let's say you've got a sporting goods company in Melbourne and your site ranks high for the phrase "buy tennis balls in Melbourne".
That's awesome. People who want to buy tennis balls and are looking for a place to get them are going to come right to you. Once they're at your site, you know that they want tennis balls (they searched for them, after all) so the chances of buying them are high.
So how do you rank for this search query?
You make sure that when the search engine decides to give people a great site, it decides to give them yours. You can break it down into three important areas:
This can be understood as making sure your site works properly and that search engines can read it. Obviously if things are broken, then your site isn't what people want.
If it takes fifteen seconds for a page to load, that isn't what people want.
This is pretty obvious… but what is less obvious is that there are things that search robots don't understand.
Is your site text delivered using pictures? Bots can't read pictures.
Do you have a bunch of pages with similar or thin content? Bots see them as being all the same.
Is your site an unreadable piece of junk on mobile? Bots really don't like that.
Are your pages isolated with no links between them? Bots can't find them.
Do these questions make your head hurt? We haven't even scratched the surface.
Now you know why SEO firms can charge thousands of dollars a month.
Luckily, for many small sites with simple technology behind them (WordPress, Joomla!, Magento) these problems are mostly resolved – not completely, but to the level that the majority of people will need. These platforms are good because they are fairly SEO-friendly.
You can use plugins like Yoast to help you with the technical optimisation of your WordPress site.
But there's more.
Next, we deal with how well the search engine is able to understand your content and how much it likes it.
Text should be readable by search engines – that means it needs to be delivered in HTML, not images or Flash.
But there's much more to it than that.
Your method of delivering content just lets the bots understand what your page is about.
People, on the other hand, care about what you write. And search engines care about what people care about.
Everyone tells you to write good content… but few people tell you how.
Luckily, I'm not everyone.
There are a few vital things you need to remember when writing.
Let's go with an example.
Imagine writing a post about nutrition and targeting the keywords "high-protein snacks".
What are people searching this term interested in?
They want snacks, so they're interested in small things they can eat throughout the day.
They want options, so give them a list.
They want high protein, so include the nutrition facts.
And, most importantly, you search the competition.
The best article might have 25 snack ideas.
Bump that to 50. Sit and sweat and rack your brains until you come up with a piece of content that's so much better than everything else that it blows it out of the water.
See what I mean about it being a lot of work?
On the technical side, make sure our robot overlords absolutely understand what your post is about.
Include the subject in:
"Unique" doesn't mean that you read Wikipedia and shuffled the words around.
It means that your content not only hasn't appeared anywhere else on the internet, it also provides a unique viewpoint, new ideas, or expert analysis.
If you write the post above about high-protein snacks, you might also have written a post about healthy meals that people can make in a hurry.
Link back to it. Maybe your readers will be interested in that post.
If you have a store and you sell jackets, include a link to pairs of mittens or boots or other items that people often buy together.
This helps the robots navigate your site and provides your users with even more value.
It's all about relationships.
Search engines look at a number of external factors to understand how much people value your content and, basically, why they should rank you.
Think about it:
If you go to a web page that solves half of your problems, are you going to put a link to it on your site?
Are you going to share it on social media?
Of course not.
You want something that your visitors will also find valuable.
So how do you get links and social shares?
If you think that links and sharing are primarily a reflection of how good your site is, without any other considerations, you're in for a nasty shock.
Reach out. Build relationships with other websites – after all, we often forget that the internet is a network.
If you are truly offering value on your site and being genuine in your outreach, people will respond. Obviously don't spam people with requests for links, but if you can get on someone's radar and build a real relationship with them, that can be worth a fortune.
This can be as simple as mentioning their product in your articles and on Twitter a couple times, or it may require a lot of email outreach.
This is a short, very condensed version of what you need to do to get your site to rank in search engines.
There's another way of promoting your site for free, though.
Excited? Think it's going to be easier?
Think again.
SMM is a much less exact science than SEO, which is saying quite a lot.
That's because search engines tend to prefer certain types of sites – authoritative sites with lots of links, engagement, and in-depth content.
Social media depends entirely on your audience, and that's a golden mantra you have to repeat to yourself over and over again.
It's not about me. It's about them.
One group of people likes cat videos, another scientific articles.
Sites can go from blank WordPress installations to having ten thousand visitors their first month all because their content appealed to social networks.
If you truly understand your audience, then your social media presence will be unstoppable. If you don't, you'll never make waves no matter how many times you try to optimise your campaigns.
If there's a golden rule to social media marketing, it's this:
These people have let you into their lives. Respect that.
If they complain, listen.
If they ignore you, post something different.
This is general advice, but there are specific rookie lessons everyone should learn.
The biggest ones are listed below:
It's tempting to create accounts on Facebook, LinkedIn, Twitter, Pinterest, Tumblr, Google+, YouTube, Medium, Flickr, LiveJournal, Reddit and Vimeo right away…
…but you shouldn't, for the simple reason that it's better to do one social platform well than to do fifteen badly.
Remember your audience.
You might produce 2-3 pieces of content a week if you're prolific. In the meantime, give people something that might interest them. Other content creators will also thank you.
Just like in the SEO section of this article, you need to connect: because this is a network.
The idea that you can operate like the biggest, most famous brands in the world and just publish funny content only leads to frustration.
Reach out to other people – comment on their posts, share their content, and remember…
That's what it takes to promote your site for free. On social networks and everywhere else, remember – people don't connect with brands, they want to connect with personalities.
You can optimise everything, but if you act like a robot, people are going to treat you like one.
Hopefully, you've learned something new about SEO and SMM and can go out into the world armed with those new acronyms to get more traffic for your site.
It's not easy, but nothing worthwhile is.
We hope you get a lot out of using these tips, and that your sites are successful in the future.
 |
| d8nn / Shutterstock.com |
More than ever before in 2015, the world turned to search for its news. As stories big and small made the headlines, as we woke up on bright mornings to social media reports of events unfolding half a world away, or saw trending stories in our networks, we turned to our search engines of choice and searched for answers.
Search giants Google and Bing have produced their reports of what you searched for in 2015, we present our Crazy Easy overview to some of the biggest news stories.
 |
| Sean Gallup/Getty Images |
France's capital city was hit twice in less than a year with terror attacks. The year was barely started when gunmen attacked the offices of satirical magazine Charlie Hebdo, killing 11 people and injuring another 11 – before the attackers were killed in a confrontation with police, they had shot a further five people.
Two million people joined 40 world leaders in Paris on January 11 for a a rally of national unity. Less than a year after the Charlie Hebdo attacks, on November 13 2015, the world was shocked by a series of co-ordinated terror attacks on the city as terrorists attacked a cafe, restaurant, stadium and theatre.
According to Google, that day saw the highest search interest for Paris in the history of search engine, as people around the world turned to the internet to try and find out what was happening, and if loved ones in the city were safe.
Google's trend data shows cities around the world asking questions such as "What is Pray for Paris?" and "What happened in Paris?" Microsoft's Bing search engine shows top search terms including "Tributes for Paris", "Paris sumbol", "Peace for Paris" and "How to help France."
 |
| Annie Leibovitz for Vanity Fair |
When former Olympian-turned-reality-tv-star Caitlyn Jenner announced her identity as a transgender woman in April 2015, it was big news. When Jenner then posed for the cover of Vanity Fair magazine, online searches went stratospheric.
In Australia, Jenner was Google's most-searched "global" person of the year, and high in the rankings for other countries around the world. According to Bing, following Caitlyn's TV appearance and magazine interview, searches for "Caitlyn Jenner" increased over those for "Bruce Jenner" by 3-to-1. Microsoft reports Caitlyn Jenner was Bing's Most Searched Celebrity, putting Miley Cyrus in the shade -- and bumping last year's "winner" Kim Kardashian all the way down to fifth place, like a Celebrity Big Brother runner up.
With over 366 million searches, Google reports that Caitlyn's story also "sparked record interest in the transgender community — with more searches recorded than ever before" with questions including "What is transgender?"and "What is the difference between transsexual and transgender?" topping its list. Google also recorded a spike in interest in Transgender issues since 2004.
 |
| Star Wars: The Force Awakens |
In December 2015, the seventh installment of the Star Wars franchise – The Force Awakens – was released in cinemas.
Star Wars has been something of a trending topic, on and off, since 2012 when Disney took over the popular franchise from its original creator George Lucas – with periodic spikes and surges in interest with each new poster, rumour or teaser trailer to hit the internet.
The film went on to break various box office records in its opening weekend in December 2015, with Google recording over 155m searches for the film – making it also the most-searched Star Wars film to date.
Google also reports an incredible 61,998,525 (and rising) YouTube views of the film's official trailer, questions on the search engine including the ever-persistent debate "What order should I watch Star Wars?" and that the villainous Darth Vader from the original trilogy is the most searched-for character, bringing in 45% of all searches for the franchise's characters.
 |
| Niranjan Shrestha, AP |
When an 8.1 magnitude earthquake struck the Himalayan country of Nepal on 25 April 2015, "How can I help Nepal?" quickly became the world's most-asked question on Google (beating typically popular searches "How can I make my cat love me?"and "Why do men have nipples?").
Triggering a landslide on Mount Everest and killing 9,000 people, Nepal's earthquake has the dubious accolade of being Google's second most-searched earthquake of all time, after the 2011 earthquake in Tōhoku, Japan.
Over 85m people searched for information about Nepal's earthquake, and how to help following the devastation. Around the world, search topics included "How can I donate to the Nepal earthquake?", "How can I help Nepal?" and "Where can I donate tents for Nepal?"
The red planet has captured our collective imagination for hundreds of years. In the 19th century, an Italian astronomer saw straight lines on the surface of Mars and described them as canals -- even though he was mistaken, we have clung like a drowning man to the idea that there might be water and life on the planet.
In September 2015, the internet went wild when NASA confirmed that evidence shows there really is flowing water on Mars. David Bowie's song Life on Mars was played on repeat. Dr. Karl took the nation's questions live on Triple J. And in Australia alone, more than 10 million people searched Google for answers to their Martian queries.
While interest in Mars typically outperforms our other solar neighbours, Google's search trends show a big spike immediately following the announcement with visitors asking questions like "What did NASA find on Mars?" (while hoping desperately was intelligent life, or at least water, and definitely not Martian killing machines) and "How long does it take to get to Mars?"
According to Bing, reports "searches for ‘Mars’ spiked more than 530 percent from August to September after discovery of water on its surface."
With Google commanding 66 percent of online searches, it looks like in 2016 the world will continue to turn to it for answers to its questions – whether it is transgender issues, questions about cats and Star Wars, breaking news of tragedies around the world, or scientific discoveries, search remains our best indicator of what the world is asking. Celebrities and sport predictably outweigh politics and science, but what will be making you look in 2016?
 |
| Gil C / Shutterstock.com |
So you created your site, you've got it up and running and everything works perfectly. You're ready to watch that return on investment start rolling in.
A day passes.
A week.
Nothing.
The reality is, your site needs something extra.
Here's the deal:
Sites are lost without promotion.
This post is going to let you get started promoting your site. It's an easy intro to a big and scary world.
It's the post I wish I'd had when I first started out.
Ready?
Paying to promote a website rubs a lot of people the wrong way.
Guess what?
Everybody does it.
How about Amazon?
Google advertises on Google – a bit meta here.
The Wall Street Journal?
Oh, and look at these handsome devils.
This is because there's profit to be made from paid online advertising – sometimes up to 5X the costs of promotion - source.
Here are some of the terms you'll need to get started:
CPM (Cost per mille, or cost per thousand impressions) is a fairly dated advertising model, but it can bring in a great return on investment. You're paying for eyeballs pointed at the screen – for every thousand visitors a site gets, you pay a certain price to have your ad displayed.
So what can CPM ads do for you?
One reason is that they can be much cheaper than other types of ads. Instead of paying 1-5$ per click, you could pay $1 for 1000 ad impressions.
The problem with this is that the CTR, or click-through rate (the number of times people actually click on your ad) is usually low.
People just don't often click on online ads. When is the last time you did?
However, research from Nielsen suggests that clicks aren't everything. You can boost your brand recognition by having ads on well-trafficked resources, meaning that CPM functions much more like a traditional advertisement.
If you're advertising a brick and mortar business, then you might want to look into CPM advertising, especially if you have a local market that hangs out on specific sites.
It's slightly more difficult to measure the effectiveness of this type of “exposure” advertising.
You can measure the number of clicks they get (and you should) but the end result can be more than just the clicks.
If you want something that's easier to measure, or if your business is mostly conducted online, then you'll want to go further down the rabbit hole.
This advertising model is still the most common, used on the biggest advertising platforms online.
You pay for actual interactions with the ad – if 1,000 people see your ad but only 10 people click on it, then you only pay for those 10 clicks.
PPC is popular because it's very effective. Whether you're buying banners or Google search ads, you can measure your ROI very precisely and make sure your ad is profitable.
Furthermore, your ad also gets shown, which gives you some of the benefit that CPM does – exposure.
PPC has its drawbacks, though:
Making a profitable PPC campaign is difficult and requires research. Even experienced marketers can have trouble making money with PPC, and the level of optimisation that some of us go to is daunting.
Additionally, the costs can reach $50 per click in competitive niches.
If you've got a well-optimized site, a local business, or aren't working in an ultra-competitive market, then PPC might be your ticket to great returns.
This is when you pay the advertiser every time someone makes a particular action on your site – usually, this is a sale, but it can include providing an email address, signing up for a free trial, or any other action you can think of.
This type of advertising is not very popular for large, easy to join advertising networks (like Google's AdWords program). This automatically makes it less common.
Also, most site owners don't really like serving CPA ads.
Think about it:
You display a banner ad on your site, people come to your site and see it. Then they click on it, click around the site it's advertising a bit, then leave.
As an advertiser, I'd feel cheated by that scenario. The person was obviously attracted by the banner, but because of the site they landed on they didn't end up buying anything. That's not my fault, that's the fault of the site owner.
If you can manage to get into a good CPA advertising network, then it's usually a good bet. CPA is the lowest-risk because you can use it to pay for leads – no important action, no payment.
Now that you've got a handle on the basic types of paid promotion, you probably realise the world of paid online promotion is a big, scary one.
While you can definitely get good results from doing it yourself (and I recommend you try once you do a bit more research), it's also a very easy place to lose money.
Here's how to do it right:
Creating a campaign with a good click-through rate is useless if you don't know what the people who click on your ad actually want.
It is too easy to assume that everyone wants the same things that you do. Think like your customers – create a consumer profile and make sure you always pay attention to feedback that you receive.
Sometimes a single campaign is successful, sometimes it isn't. But failing to plan is planning to fail.
If you don't have a global marketing strategy that involves paid promotion, then you're just gambling.
People don't often click on an ad then immediately make a purchase. They go through a process of doing research, understanding what benefits your business brings them, making a decision, then making a purchase.
Study the psychology of this process – it can only help you grow. It will be different for different customers at different businesses, but it should be something that you understand well.
Experiments are the lifeblood of this process. Small alterations in your campaigns can lead to big differences in the results. Don't be afraid to set a low budget on an experimental campaign – it could be your ticket to a new market.
Wrapping up, I want to stress that this is one thing that you don't get better at by reading rules and guides. You need to actually do it.
Don't get stuck wondering what's the best advertising platform for you. Remember that it all depends on how you connect and communicate with people.
If you don't want to spend a lot of time and money on experiments, there are professionals who can do it for you.
You can get a Google Ad Campaign right here at Crazy Domains. Get it here.
Next week we'll be going into some free ways that you can use to promote your site. You'll find out a great 1-2 punch to skyrocket your traffic and sales.
The Internet can be a scary place.
It seems like every day we're reading about some new weakness (Stagefright, anyone?) that, once you cut through the technical jargon, means that none of us are safe. As one of the most popular platforms for website creation, WordPress is a common target for hackers and often features in stories like this.
Even if we allow that some of the hype is media scaremongering, it's still a sobering thought that the sites you work so hard on can be taken away, broken, or used to distribute malware.
It's frustrating when your hard work gets stolen or ripped off. That's why we decided to write a quick tutorial on the common threats that WordPress sites face and some easy ways that you can reduce the threats to them. We tried to make this as easy as we could without too much technical mumbo-jumbo.
First we'll go over six of the most common threats to WordPress sites and how to fix them. At the end we have some suggestions on software and plugins to use when securing your site.
Brute force password attacks are when a computer tries to guess your login information by trying every combination of numbers and letters it knows. For a person, this could take years, but for a computer it could guess a relatively short password in minutes.
This is especially dangerous if the attacker already knows your username. It's just one fewer thing they have to guess.
But hang on, how could they know your username? Well, if you left it as “admin” then they already do.
Even if you've changed the username from “admin” (and you really should), there are still ways of finding it out.
Type in your browser window “my-site.com/?author=1” (replace my-site with your domain name and add your WordPress subdirectory if it's not on your main domain, so this could be example.com/blog/?author=1).
Most often, you'll see your username come up. If not, try typing the same thing again with 2 at the end, and keep going until 10. You'll see your username soon enough.
Once an attacker has your username, they can try to brute force your password.
If you have an easy password, then believe me – the only reason your site hasn't been hacked yet is that nobody has really tried to.
There are plugins out there to prevent user enumeration, but the best ways to prevent brute-force password attacks are to choose a strong password and limit login attempts.
It goes without saying that “admin/123456” is not a good username/password combination (although it is distressingly common). A strong password is long, not a word from the dictionary or Wikipedia (in any language), and contains a variety of symbols.
CLU is the acronym to remember: Complex, Long, and Unique.
That, unfortunately, also makes your passwords almost impossible to remember.
One option is to use a pass phrase instead of a single word. A computer is going to take a long time guessing a 25-character phrase (assuming 1000 guesses per second, that's 550 years - source) that's comparatively easy for a person to remember – it's harder for a computer to guess a random phrase than it is to guess just one word. A password like "B0ndfriskingmaniacvillain" can be easy to remember, but very hard for a computer to brute-force.
Just remember - if your attempts to make a secure password lead you to writing it down and sticking it onto your monitor, then that's already a bad password.
If you prefer even more secure passwords, or want a way to avoid having to remember them, there are some resources you can use for that. We'll include a couple in our list at the end of this article.
You can also enable multi-factor authentication, and there are great programs in our list that let you do that as well. It can seem like a pain, but effective security measures often mean that we need to change our habits just a little bit.
No matter how strong your password is, if someone has an infinite number of attempts to guess it, they eventually will. On the other hand, even a relatively weak password can't be guessed in just a couple of tries.
Good security plugins and software (you can skip to the end of the article for our suggestions) will limit the number of unsuccessful login attempts and block IP addresses that try to brute-force your passwords.
Remember that no reputable developers try to make software with security flaws. That means that when something comes up, developers stay up all hours patching their software and fixing the code.
Imagine their disappointment when people don't update their sites. A new version of the code isn't going to help if you've still got the old version on your site because clicking the "update" button was too hard.
Check your plugins and themes regularly to make sure that they aren't out of date and that they don't have serious security risks. It also makes the developers happy that people value their work.
Another important thing to remember here – people who crack and distribute free versions of WordPress themes? They're usually including some of their own code in there. And when we say “code”, we mean “viruses, Trojans, and backdoors” that they can use to damage your site.
Enough said. The latest versions are the versions with problems that nobody knows yet. In the world of information security that's as good as it gets.
Also, don't try to pirate themes. It's just not worth it. Only download themes from sources that you can trust, and if someone has created a great theme, just buy it. It saves time and trouble in the long run.
Here's where we get into a little bit of code – but don't worry, it's very simple code.
The first of the two files we'll be looking at is wp-config.php. This is a very important file that WordPress uses to communicate with databases.
The databases are where posts, settings, and users are all stored. You want to make sure that nobody can access this file other than you.
The second is the .htaccess file. This is a file that Apache (the software that web servers use, not the tribe) uses to decide how to retrieve files.
It's also a very important potential vulnerability. The good news is, it can be used to close down access to both itself and to the wp-config.php file.
Just by seeing these files, attackers can gain valuable information about how your site is configured, which can lead them to discovering vulnerabilities. Obviously you don't want this to happen.
Here is the code you need to put into your .htaccess file:
<Files wp-config.php> order allow,deny deny from all </Files> <Files .htaccess> order allow,deny deny from all </Files>
Just go to your .htaccess file and put that code in there. If you need help finding your .htaccess file, check out our Support articles for an explanation.
This code will tell your server not to let anyone access those files, but won't stop you from getting to them with local access.
This isn't so much a specific WordPress problem as it is a general security problem, but it's such an important one that it deserves a mention here.
Phishing, as we reported earlier can take many forms – it can come as spam emails that directly ask you for your passwords, as faked sites that ask for login details – basically, any way you can think of for someone to try and steal your username and password.
Now, being suspicious is normally not a good thing. But online it can save you.
Don't use links that you get in emails to log onto sites. Log on in a separate window by navigating to the site as you normally would.
Also, never tell anyone your login details over email. No matter who they claim to be.
This is the most common threat to WordPress sites, and almost deserves an article to itself. It's a way that attackers can put their own code into your site. Let's look at how that's possible.
HTML is the language used to create web pages, and it's what is called a tag-based language.
For example, if I want to create bold text, I use a tag that is placed around the text that I want to make bold - like this: <strong>text that I want to make bold</strong>. The tags aren't shown to the person visiting the page, instead they change how the text inside them is displayed.
Note - I'm describing HTML in a really over-simplified way, but it works for the example I'm trying to make.
Almost all tags in HTML function like the <strong> tag, with one exception. That tag is <script>.
<script> says to the browser,
"Hey, what's written inside this isn't text, so don't show it to the user. Instead, it's a piece of code."
This is really useful for creating interactive sites, but it can lead to some big problems if it's misused.
Now, some fields in a site allow use of HTML - sometimes you want your visitors to be able to put a link in a comment, or make their text bold. That's fine, and it usually doesn't hurt anything (unless it's a spam link).
However, if they can put <script> in your pages, then that's a disaster waiting to happen. They use that vulnerability to change the way your site works, which is never good. Forget what you learned at nursery school - not everything needs to be shared, especially control over your site.
For example, if you have a page that prints the most recent search that a user has made (something that reads: "You searched for X", for example), then this is a sort of pseudo-code that might be what your server says (note: this is not real server code):
print "<html>" print "<h1>You searched for</h1>" print database.latestSearch print "</html>"
This lets an attacker search for
<script>doSomethingTerrible();</script>
When the page loads, that script will execute because the page will read:
<html> <h1>You searched for:</h1> <script>doSomethingTerrible();</script> </html>
Because the page loads user input as HTML without blocking the <script> tag, the attacker is able to add this script to a page.
That's XSS in a nutshell, and while there are more complex ways of doing it (hence all the vulnerabilities related to it) that's the basic way that XSS works.
But hang on, you might think, there's nowhere that people can create user input on my blog. Why should I be scared of some script tag?
What about the comment section? The same place where people tell you how much your posts rock can also be the place that attackers inject code into your site.
This is how most XSS attacks are made, so protect yourself by manually approving comments. It may seem like a lot of work, but it can save your site.
Akismet is one of the most common ways of securing comments - it also helps you eliminate spam. No WordPress site should leave home without it.
You should never allow comments that have a bunch of what looks like nonsense in them - this is probably obfuscated (hidden or disguised) code, and you should delete those comments with extreme prejudice.
Apply this principle to all user input on your site, and again, make sure that you update your plugins as soon as new versions come out, as new XSS attack methods get found very often.
There is so much software out there that you can use to harden your WordPress site that there is no excuse not to use the very best. These are just some programs that you can use to improve your security, categorized by the threat they cover. Using substandard software will bring you substandard results, so accept no substitutes.
Now what you've all been waiting for – here's our Crazy Easy software list, solutions that you can use so you don't have to worry about your WordPress site getting hacked. We've divided it into solutions based on what problems they solve.
LastPass is a service that remembers your passwords for you.
Passwordcard is a free resource that lets you create a card that generates and stores your passwords. It's a great, comparatively low-tech solution to the problem of creating and remembering effective passwords.
1password is similar to LastPass – it creates strong, unique passwords for you and remembers them for all your accounts.
Clef is an app for two-factor authentication. It uses your smartphone as a sort of digital key and is very easy to use.
The Stop User Enumeration plugin makes it impossible for attackers to find out your admin username.
The WordPress security scan is a simple testing tool that will find many of the vulnerabilities that we discussed in this article. It works as a good checklist to make sure that you have implemented your security correctly.
wpscan.org is a black box WordPress vulnerability scanner. It takes a little bit of technical know-how to use and install, but is very effective. It gives you a full understanding of your site's vulnerabilities.
The WordFence plugin is one of the most popular security plugins for WordPress and its advantages are enjoyed by literally millions of site users.
The BulletProof Security plugin is another very highly-rated security plugin and works as a general security solution with many interesting features. This one is great for the more technically-minded site owner.
The Crazy Domains All-in-one Site Protection and Scanner will monitor any site (not just WordPress) with daily site scans, malware and hacker protection, blacklist protection, and expert guidance. It's really Crazy Easy site protection.
One thing to remember is that WordPress security is not static – it's not something that you do once and forget about forever. Hacking is like all software development. It exists in a constantly changing world that now, more than ever, refuses to stand still. Make sure you're checking frequently. Even if you have software that checks frequently for you, it's always good to be sure.
We hope that you found this guide useful – make sure to share it with your friends if they also have WordPress sites. Together we can help each other make our sites more secure so that we can spend more time making them the best they can be.
They say to never judge a book by its cover. The uncomfortable truth is that most of us still make snap judgements on appearance.
It can't be said enough: appearances matter. When it comes to business, how you look is the most important element in boosting website traffic and driving sales.
The psychology of colour is an essential consideration for any logo or website. From Coca-Cola's exciting, bold and youthful red logo, to the dependable and trustworthy blue logos of Wordpress and Twitter. Your brand's personality should match with the logo, if you find that your creative and imaginative brand's logo is telling customers something different, you may need to rethink it.
Colour is also important to your website. A light colored background with dark text is generally preferred: remember, simple is usually better. Consider again what the personality of your brand is when choosing the dominant colour of your website, and remember that colours like red can be used sparingly but to great effect when you want to draw a visitor's attention to important elements.
Over at ConversionXL Ott Niggulis considers which colour converts the best, and gives an excellent insight into the controversy and debate, particularly around "call to action" buttons. Niggulis says of test results that favour one colour button over another:
You look at those tests and results and you see amazing results that tell you that this color or that color converts the best.
That is, until you look closer. More often than not they reveal something similar e.g. there was no previous button or the button is just so much more prominent, it stands out from the rest of the page and thus converts way better.
Logos speak louder than words, and the ultimate success of a logo is to not need words at all to be recognisable. Consider Nike, McDonald's, and Apple: all three have evolved to exist simply and cleanly without a single word.
A logo makes your band memorable and unique in a way that your core values or mission statement never can. Care, thought and consideration should go into the right logo for your brand, and it should be as important as any part of your business.
According to a study published by Missouri University of Science and Technology, website visitors form a first impression in less than two-tenths of a second – and spend some of their longest time on a website looking at a company's logo.
Consider the case of the London 2012 Olympics: a logo that was compared to looking like Lisa Simpson, it was widely mocked and considered a waste of money. On the other hand, Twitter have one of the most recognisable and famous logos of our current time, and was bought from a stock image site for $15. With Crazy Domains, you can get a professional logo designed in just 48 hours for less than $200.
An experiment cited on sciencedirect.com demonstrated that positive expectations gave users a related positive impression of a website. While in the experiment, users first read positive reviews, the same experience is given when users are greeted by a well-designed website – making users more forgiving of any later issues they might experience.
