Author Archives: Mady Cullen

How to Improve WordPress Security?

How to Improve WordPress Security?

Hacks on WordPress, reported last year, aren’t any less to be ignored and most of them are attributed to websites missing out on version upgrades. Core, plug-ins when not up-to-date or when insecure or when not rightly configured contributes to hacker attacks on the site. Don’t be surprised to know stats from the WPScan Vulnerability Database that says more than 50% of the vulnerabilities (1570 on 2407) are ‘just unique’ ones! How to improve the security for WordPress/ prevent hacks on WordPress? Read on.

  1. Stop using the default admin account because most hackers guess it! Make sure to provide a different username during WordPress installation or make it unique if you already have a weak username.
  2. Prevent comment spam by disabling comments after 30-60 days of the blog posted date. A huge number of WordPress sites get affected by comment spam and become irreversible losing a lot of information. To edit a WordPress post, disable “Allow comments” from the Discussion Meta Box. To disable comments for the entire site, get into Discussion settings and switch off the checkbox allowing people to add comments on new posts.
  3. Remove the login link by getting into Appearance within which Editor followed by Footer.php and removing the link here where you have defined the Copyright.
  4. Ensure WordPress is up-to-date because anyone can easily modify the source code, it being an open source tool. Every time vulnerability is reported, WordPress fixes it in its next version; no wonder you don’t update the version and then you get attacked! Getting the new features, higher speeds, better or newer compatibility with add-ons are other good things you crack by being updated.
  5. Make sure to report the security issues or bugs on WordPress immediately. To prevent the damage spreading across more and to release a quicker fix, every security issue is ought to be reported to the WordPress core development team immediately.
  6. Don’t leave the file permissions or write access open! Wp-admin/options.php should be owned by you and permissions set to 644.
  7. WordPress security plug-in is highly necessary. Don’t miss to have it and limit the attempts of login! Certain attacks simply try username/passwords repeatedly and gets in somehow. Limit login set up blocks the IP temporarily and stops consecutive login tries. Extra protection by captcha and redirection to home page on abnormal requests are to be taken care inclusively.
  8. 2 step authentication is powerful than just a single step. 2 factor auth plug-in restricts anyone from having access to the site without being able to access user’s mobile phone or mail box. Generating OTPs using apps like Google Authenticator is highly recommended. For slow mail servers, go with HOTP; for better servers choose TOTP which is the better one.
  9. Ensure the pc is not affected by any malware.
  10. Ensure the site is on a secure hosting of WordPress.

Having the right CMS/content management software/ content management platform for content update on the website, having a responsive web design or a responsive website is highly important in terms of making more conversions. But then if you lack in the basic security checkpoints, what’s the point in having all the other features; you become the hacker food quite effortlessly! If you believe you require an enhancement to the WordPress Security or any assistance with regards to ecommerce services, contact us at QeHTML right now!

How Do WordPress Blogs Get Hacked?

How Do WordPress Blogs Get Hacked?

Websites are hosted on cloud due to the ease it gives in deployment compared to having them on one’s own infrastructure. While there are a lot of positive aspects, security is one of the main & important limitations that are on the negative side of cloud hosting. Storage of vital information as in audit logs is one thing that is quoted as an example of a security attack.

The auditing methods we have in place for firewalls & intrusion detections may be configured but not monitored or analyzed at periodic intervals and the impact isn’t any easy to ignore! Just counting on the website access logs isn’t enough; in addition what’s the frequency of collection, since when is the collection made, is there an access to the logs are all things to be noted.

The below info-graphics covers gives you an edge on hacks on WordPress and security for WordPress,

Hosting contributes to more than 40% of the WordPress attacks, while themes do close to 30%, Plugins do close to 20% and loose passwords make it to the rest of the attacks. Websites not content-managed or those not managed using the right content management software are at the risk; these websites account to more than 80% of those being attacked. Web host servers left with no upgrade contribute to more than 10% of the attacks. Ask yourself if you are using the content management platform that suits your needs at the best!

A website is hacked every 5 seconds and 30,000 are attacked in a day! Out of 1000,000 websites, more than 40000 run on WordPress and of these 30000 of them are among the ones having versions of WordPress vulnerable to attacks. This means 73% of the most 40000 most known sites are extremely visible to the eyes of hackers!

WordPress plugins are the biggest contributors to WordPress attacks; 1305 of them are known today by way of vulnerability databases contributing to a huge 54%. Next comes the theme vulnerability that accounts for 344 attacks, which is 14% of the total while the rest 700s (31%) are WordPress core vulnerabilities! Cross-site scripting and injection of SQL form the base of these plug-in & theme attacks.

WordPress versions 3.0 and 3.0.1 occupy the top most position among easily attacked WordPress versions followed by 3.5, 3.5.1, 3.6. Among the most vulnerable plug-ins, 5 are commercial & they are downloaded around 20 million times; sadly one of them is a security plug-in from WordPress. Yithy, appius, infocus, shotzz, echelon are some of the highly attacked WordPress themes.

While you make a note of how important it is to have responsive web designs/responsive websites/content management, it’s necessary you know more on why there are attacks on websites and how to go about dealing with them!

To prevent hacks on WordPress, there aren’t any complex procedures but a few highly important check points when regularly taken care we are at no risk of our WordPress sites getting food for the hackers. Stay tuned with us to know on these check points or prevention measures to be sealed from malicious attacks! Ask us more at QeHTML.

Why your website is the most essential business tool?

Why your website is the most essential business tool?

Irrespective of the size of the business, a website is a must; it’s the most indispensible business tool a business cannot avoid having. Coming to how it should be, it’s just not enough with a good look but has a long way to go in terms of the content, content management, navigation, communication window, responsiveness and a lot more. When the internet bloomed 2 decades above, a website sat on basic html, text and a few images; since then it has gone through various developments till today where the internet and technology drives the need of responsive websites owing to the growing use of smart phones/tablets.

How should be a website so it serves as the best outface of the business?

  • Mobile friendly websites refers to a website that looks the best on hand held devices as well, having the right size of single column, navigation-friendly and basic yet effective design. Don’t be surprised to know they are the most favourites for the Google algorithm! Mobile optimized websites are exclusively designed for phones and may mostly redirect you to the desktop version due to the inability to accommodate a lot of features. Responsive web designs/mobile-responsive sites are the best of the above where the site restructures itself to the size and resolution of the device; these are the ones picked up by the search engines!
  • Content and management: It’s with the content people engage in your website. Having the most relevant content, in simple terms, just to the context yet effective and having it regularly updated by way of content management systems is a big criteria for the search engines recognize you
  • Landing pages: Landing page design is one of the most important aspects in website development. They should relate at the best to what your website intends to convey, with the right text, content, images, videos, graphics, to the intended audience and navigation!
  • Customer-centric: Creating a customer centric design is necessary rather than just trying to sell who you are. Make sure your website conveys what you can do for the users
  • SEO: The websites being search engine optimised is yet another necessary design aspect of the web design and drives what your website ranks in SERPs. Having a prominent search button is required; it is the combination of these both that pushes your site to the top most result page. Don’t be shocked to know more than 90% of the users don’t even go to the page 2 of results!
  • Clear strategy and brand-driven: Having a great marketing strategy requires defining feasible long term and short term goals, web designer knowing how to bring them in, and most importantly to convey them in a manner every user can interpret which is very crucial to generate traffic
  • Online marketing: Web marketing like Google Adwords highly target online advertising so the searchers are directly taken to your website. Make sure to have this optimised if not yet done!
  • Call To Action: Directing the users straight and distinctly to the CTA buttons is required so the users get to know how to ask for your services/products.
  • Website redesigning is necessary simply because trends keep changing, user expectations keep rising (is there anything more you need for the reasons to redesign?!) and it’s quite obvious you need to keep in par with the customer needs in terms of how the website looks and what it conveys. Html5/CSS for coding, content management using WordPress, Drupal, Joomla, are all some of the basics to be taken care; if you are missing out on them, be alarmed it’s high time you do the redesign.

While you do the best of offline marketing and other forms of business communication, make sure you don’t miss out on having a website which is the inevitable business tool towards the business growth. If you are on a look out for assistance in any of these or more in ecommerce services like responsive conversion, website redesign or more, do contact us at QeHTML!

Things to know about PSD to Wordpress

Things to know about PSD to WordPress

PSD image form is the one we open with Adobe Photoshop or other image edit software but to run it online on WWW and even to do an optimized data maintenance with less time consumption, it is required we have it in a suitable format. A good looking user-friendly design and an efficient coding are the 2 basic needs of a great web design. Amateurs need to know the 2 basic phases of web development, web design and coding for which the knowledge of PHP, JavaScript, HTML and CSS is necessary. Photoshop is used for designing due to its easy options post which PSD to HTML/CSS is made; however coding it is not easy and this is where WordPress, the best open source web build and user-friendly CMS tool helps to create a high-quality website!

Conversion of PSD to WordPress isn’t complicated but at the same time requires 5 steps to be followed for the ease of doing it,

  • Slicing PSD is the first and the foremost step which is to cut the design file into multiple image files so one doesn’t have to code the whole design in just one image. Each distinct component is woven into a single image post which the multiple images are combined seamlessly. Image editing using Ms Paint or Adobe Photoshop to get a pixel perfect image is recommended. Also note Features that can’t be dynamically created need to be cut in entirely while header, footer and others that are dynamic needn’t be cut in full.
  • Index.html and style.css: Coding the sliced images into HTML and styling using CSS comes next. Complete roll over effects along with placing pixel perfectly is the main aim. Responsiveness or non-responsiveness is decided here and CSS accordingly used. Name the CSS file as style.css and the html as index.html. W3Schools, https://developer.mozilla.org/en-US/learn/css, TutsPLus give a good learning of HTML/CSS
  • Index.html to WordPress theme: Creating the WordPress theme to upload into the WordPress software is the next; that is addition of functionality to the WordPress theme converted from PSD, using plugins as needed. Once the WordPress theme file structure is available, break the single html into multiple files based on the theme. Then break the index.html into the php files for index, header, footer, sidebar and the rest
  • Add WordPress tags: WordPress function tags inbuilt in the theme are the best over complex html files. Add WordPress PHP tags to the earlier created WordPress theme files (tags and functions here http://codex.wordpress.org/Template_Tags and http://codex.wordpress.org/Function_Reference). Store these WordPress files and place in the folder wp-content/themes from WordPress installation chunk. The custom theme is then activated with WordPress dashboard
  • Add the functionalities: More functionality is easily added with the relevant plugins or using the dashboard. Changing the core code is no more a pain. Installing a drop down (or any other functionality) is so easy with the plugin for it!

Implementing such nuances is very important when making the conversion from photoshop designs and a flawless coding expert is a must. To know more on each of these in web-trends or for services on WordPress Integration or PSD to WordPress or for CMS services or for anything in ecommerce services, don’t lose a chance to call us because you know you get the best from us always!

Google Alert for non-mobile friendly websites

Are you a mobile search freak? The news here is for you!

Google comes up with an update purely for today’s mobile obsessed generation of users! Why not the users get all the privileges when they put in a high figure on the smart phone purchase and on a fast blowing internet pack?

The information a customer gets should be independent of his search device, be it a pc or a mobile or a tablet. It is simply because the hand held device users are soaring enormously high in numbers since a few years. It is for the same reason mobile friendliness is brought up as a ranking signal by the web giant Google. Google has rolled out an update to mobile SERP this year this month that enhances the ranking logic such that users get more options of mobile friendly relevant results on a search.

and the Webmaster mobile guide from Google can help you with support on getting a mobile friendly site, so you don’t fall a prey to this update. The update would be severe/strong to the extent that a very good quality content website might be pushed back in Google ranking if it is not mobile friendly, so beware and continue to make your website mobile friendly!

The mobile friendly update by Google was launched this April where the web giant is in a high speed to boost the mobile friendly web ranking on the mobile SERPs. Hence the searchers today get the most relevant search result pages/web links which they can easily read on their devices, without twisting or turning themselves to fight with the pages zooming or pinching them. Highlights of such search results are they can be viewed comfortably, their tap targets are conveniently spaced, unplayable content is not included and no scrolling is necessary to handle them.

The search query is enhanced to pick up a good balance between the website content and website mobile friendliness. Though a website with a very high quality content comes up in the top page via the query, it is an alert for those web owners to wake up and rise up to making their site mobile friendly!

Non mobile friendly websites/all device compatible websites would gradually start getting a lesser mobile traffic when searched in Google where Google does a reprocessing to accommodate the websites that turn from being non mobile friendly to mobile friendly. The process of declaring your website being converted now can be made through using the Fetch with submit to index defined here

Having said on the Google update, it is necessary you get reminded on reasons to redesign/redesigning website, having a responsive web design using HTML5/CSS, having a user friendly website because it’s all about what Google marks you. Isn’t it?

Get smarter, ask us for what you want, be it non responsive to responsive or magento implementation or mobile friendliness to be adopted or UX enhancement or design facelift or CMS integration or anything in ecommerce!

Which CMS is best for your needs

Which CMS is best for your needs?

The revolution, content management systems have caused today, has resulted in a non-technical or a nerd can equally update any website with this tool. While the basic necessities of an ecommerce website, as in having responsive websites/responsive web designs for web development and mobile friendly websites for the best conversions always hold good, it’s not to be missed that having a user friendly CMS is necessary to have the content managed quite independently.

WordPress, Drupal, Joomla are the most popular Content management systems worldwide; picking one of them to choose the specific business profile is the need of the hour.

CMS Comparison chart goes below:

Having seen the basics and goodness of each of the CMSs above, let’s talk a bit on features and stats related. WordPress holds the biggest of the 3 in market shares with 65%, while Drupal and Joomla hold the 3rd and the 2nd most popular CMS respectively worldwide. Free themes and free plug ins are available for all three of them. Frequency of updates is good for all of them being from 30-40 days whereas the choice should depend on the need as per the facts mentioned in the smart art above.

To talk on the skill level needed, Technical expertise is not a necessity and text paste from MS word to a WordPress site is easy while Drupal needs the highest expertise technically also it is the best to produce advanced sites and Joomla is in between WordPress and Drupal where there’s a less effort to understanding it and the best for fairly complex sites.

Having spoken a lot about the 3 highly prevailing CMSs, WordPress, Joomla and Drupal, hope you must have a really fair idea of what your need is and what is the best for you. if you are looking for the best service provider to do this for you, just ask us.

Most Important Factors to be considered before choosing a CMS

The growth of hand held devices and the respective users today have necessitated businesses to use responsive websites or responsive web designs in web development because having a mobile friendly website is very important to broaden the customer base. In addition, having the content at par with the trends and technology is extremely important if you wish to stand apart, as an ecommerce service provider. Having a lot of Content management systems today, WordPress, Drupal, Joomla, CMS Comparison to choose the best and the most user- friendly CMS has become a big challenge.

Eye-alluring CMS doesn’t mean the best-for-use one; let’s go through some of the factors to be considered in studying the systems and the top 5 CMS prevailing today.

What is an open source CMS? A content management tool built on a platform built on a code easy for anyone to use and distribute is termed an open source CMS. To mention on popular CMSs, it is WordPress for blog build and growing ecommerce sites; Joomla for appreciably established ecommerce companies; Drupal for big enterprises. To mention on the ease of learning, WordPress is the easiest of all and Drupal is the toughest while the rest are moderate.

To know which is the best for you, consider,

  • Functionality in crux: Managing a website, that’s creating it, adding, deleting, editing and maintaining the webpages should be accompanied by a few other functions that’s necessary for the core stability of an ecommerce website. Check if the CMS you choose suffices it.
  • Editor capabilities: Editor being one of the core elements of CMS, used by publishers for provision of heading and lists should let the editor have an access to handle images, files and whatsoever is required for the web design.
  • Asset management: A bad CMS design affects the usability. CMS providing for the images are preferred along with the capability of image editing, pdf uploads and more.
  • The best Search option: Users mostly look out for the search option in a website. Make sure your CMS does this at the utmost perfection.
  • Flexibility in customization: The CMS should be easy enough to retrieve and show the content customized for the device/pc. Make sure you check upon this.
  • User feedback: CMS enabling user communication via a chat or comments or ratings is a must, with the necessary plug in or 3rd party interfaces. Check it.
  • Role maintenance: CMS should be capable enough to let the blogger lend permissions of add/change/comment over the blogs or manage the functions/accesses as necessary.
  • Versioning: Having a CMS that controls versioning to get you the last saved state in case of an erroneous move, is an advantage though not a mandate need
  • Multi web support: Driving more than one website with a single CMS installation sounds attractive. Isn’t it? It is useful too.
  • Multilingual possibility: CMS supporting multiple languages is not something to be ignored, even if you are a domestic business today. It eases the future expansion, make sure to have it.

In short, to choose a CMS, consider the below: Adaptability, Manageability, Scalability, Security, User friendliness, Plug ins connected, HTML CSS support availability, Social media & SEO compliance, the ease to migrate and internationalization capability. To get the best of CMS services, don’t hesitate to give us a call or visit our website.

Fonts in HTML Emails – Drawbacks, Solutions and Industry Standards

We deal with html flyers, email flyers, newsletters and a lot more email content in our everyday lives. Fonts in emails, html emails have been not really quite pleasing and demand certain set of rules to be followed. We do face problems with respect to the system font, Google web font, hosted fonts, texts within the images and so. So how do we go about handling them?

There are suggested tools which do have their own pros and cons.

Talking about System Fonts that is the ones installed in the computer, email clients access them and use them as a basic feature. Those system fonts present by default in system pcs and macs are termed quite safe; Termed so because using them would let the subscribers see the font in the same manner, with no changes. On the cons, having to choose from just ten fonts restricts one from showing the individuality which could be given a variation by choosing different colours in the background or so.

Google web fonts are those hosted on a server. These are downloaded by the email client when delivering the mail where it’s applied to the text. Since all email clients might not use these fonts, it is advised to use the fall-back fonts along.

The right way of using custom fonts is placing them at the end. This is to help the Outlook 2007, 2010, 2013 smoothly transit when using the engine of MS Office for email displays.

Showing Open Sans in the code anywhere in the head works on Thunderbird, Mac Mail, iOS, Windows Phone and email clients supporting CSS3. Apple mail, iOS devices, Outlook 2000 and 2011, Thunderbird, Lotus Notes 8 and 8.5 and Android 2.3./4.2+ support web fonts

Google web fonts around 600+ are less complicated, for free, easy to interface to generate font style-sheet, so easily usable for commercial and non-commercial needs. Downloading a desktop version is the best for designing.

Choosing a font family from https://www.google.com/fonts and using the styles and character sets based on need via Standard or @import or Javascript options would help.

Owning own fonts and hosting them is possible too but with costs for hosting and the bandwidth used. Enabling subsettings ensures we stay in boundaries to use the fonts, without dragging in third parties.

Displaying text as an image helps in easy customisation. One needs to take a check on images aren’t blocked for display, performance aspects, if the text could better serve the purpose.

Various email clients have various rules, pros, and cons. Having said these and being equipped with the expertise to interpret your needs and wants, we assure the web design services are promised to be the best suited based on your choices and business standards. Feel free to contact us for email flyer/newsletter / responsive flyers/ responsive html email and much more.

Have Joomla Website? Have you ensured security?

Have Joomla Website? Have you ensured security?

To achieve a secure Joomla set up, there are ten aspects to be diligently taken care of.

1. Cheap hosting providers to be strictly avoided. They use shared servers hosting 100 other sites of which a few are high porn ones. Sharing the same IP, your website would be slow too also with a bad reputation due to a bad surrounding. Easily prone to hacking as well; hence better to go with the list of recommended and Joomla approved hosting providers.

2. Backups are important- Ensure to take Joomla backups so when hacking occurs we have a hold to build from scratch.

3. Adjusting settings of PHP is a must. Skipping the settings for security of PHP is a threat to Joomla. Ensuring all the smallest possible settings and tweaks to make the PHP server and Joomla, prevents all if not just a few security issues at the occurrence itself avoiding further consequences.

4. Avoiding same password username all over is a well-known basic good practice while many of us fail to follow it we ought to admit. (Joomla, bank, yahoo, gmail, facebook, amazon and what not!) Also admin account should be named something other than the word ‘admin’!

5. Missing to ensure all are fit in a newly installed brand new Joomla powered website isn’t any sense. Anything can go wrong anytime leading to Joomla issues unless a regular maintenance of Joomla installations is made.

6. Having no development server to try the upgrades and installations, before pushing to the live site is a bad practice. Mistakes can be corrected well before they reach the live site.

7. Installing all the 3rd party extensions isn’t quite healthy. To ensure optimal Joomla security one should go with the least extensions needed. While some of them are secure, most others are flooded with vulnerabilities. Hence it’s the best recommended to go with the professional components from reputable companies.

8. Updating Joomla releases is an absolute necessity. Every stable release as and when it comes up needs to be updated by a website sitting on it without which the website is never going to consume the release fixes and vulnerability removals leaving the site open to all problems. This is the case for extensions too

9. Joomla forums are to be kept in touch with, so one doesn’t go ahead with posting crazy stuffs. Version of Joomla, 3rd party extensions’ version and all to be kept in place so when there’s a hacking in future we just to know what to do and how to get out of it!

10. Fixing just the corrupted file isn’t enough in case of getting hacked. Logs to be checked, passwords to be changed, entire directory to be trashed, rebuild from scratch to be done and take care of all warnings so security issues don’t pop up.

Having said these, we ensure we are up to date with the trends in web design, details on CMS security, and content management software to ensure we have a secure CMS. If you are looking for the best in web designing incorporating all the aspects in the best manner to the classy design that impresses Google, feel free to contact us.

Magento 2.0 giving new hope to eRetailers!

Magento 2.0 giving new hope to eRetailers!

Magento 2.0 provides a number of exclusive features to facilitate optimal marketing and analytical techniques improving scalability and new features to help maximize conversions in eCommerce. Magento 2.0 provides enhanced performance and scalability to ecommerce portals, features to endorse more of business agility, and productivity improvements.

Choosing Magento over other tools for website creation has a lot of merits of which a few are listed below,

–Cost-efficiency and rapid development facilitated

— Maintenance of e-portal with various features is possible

–Magento templates, Add-ons, Widgets, Magento Modules that are free or paid, respect to every ecommerce solution is available.

–Constant business growth with Magento is possible due to its inbuilt search engine optimization (SEO) tools driving user traffic towards e-commerce web destination.

–Error-free results and an excellent performance in e-commerce business prospects is ensured due to a competitive community supporting it.

Why e-commerce platforms must have Magento? Take a look below,

  1. Separating databases is easy so we can maintain one MySQL serving all the pages. With caching a lot of users can be accommodated. Checkout can be separated out so those users don’t clash with those who browse through

  2. For the best theme based experience with its plain background enabling easier theme addition where features can be chosen as we like it, it is the best

  3. Easy migration of attributes, logs, shop settings, customers, orders, EAV and more is possible

  4. Magento 2.0’s command tools with the roll back feature make backup processes much easier. Significant media and files as well could be easily restored; the system would be kept in maintenance mode and switched to normal once restoration is complete.

  5. Component based architecture like specific components such as customer, catalog sales, checkout, CMS and so while others stand as separate components lets us use based on needs. To replace own code, disabling the existing one, one needn’t hack the code base thus contributing to flexibility and credibility.

  6. Upgrading files into modules with a proper refreshing of the module and update happens smoothly with the PHP based composer aspect. Hence flawless data access is easily achieved in time constraint involving business cases

  7. 3 mode flexibility, that is developer mode for file creation and error reporting, production one for the best web experience saving the exceptions in logs and the default one where limited access is enough is a great feature worth mentioning

  8. Javascript conflict is much lesser in Magento 2.0 compared to its version 1.x and this is because it supports just one framework-JQuery.

  9. PSR compliant coding is a great note of magento 2.0

  10. Enhanced admin functionalities and great scalability makes it stand apart in website creation pool

Having said these and knowing the retailers expectations of an ecommerce platform, we assure Magnento is amazing in managing quite a lot: huge storage, transparency in transactions, automatic guest check out, improvised catalogue and cart. To get the best in ecommerce Portal development services accommodating the best ecommerce checkout practices, to reduce abandonment practices and to have an elevated user experience of your site, feel free to contact us.