Your responsibilities as a site owner and the liabilities if you are hacked

We’ve all seen the headlines. “Yahoo confirms major breach — 500k accounts affected” … “JPMorgan Chase hacking affects 76 million households” … “Hackers selling 117 million LinkedIn passwords” … and the list goes on. Hackers are out there, scouring the web and looking for sensitive information they can use or sell for profit.

Even with these well-known companies being hacked, many site owners don’t take the steps to protect their own systems to thwart intruders. Many business owners may not consider the potential liabilities if a security breach does occur.

Every site is a target

There’s a common misconception that hackers only target sites with lots of traffic. Continue reading “Your responsibilities as a site owner and the liabilities if you are hacked”

Does your minimum order amount not include shipping+tax? Here’s the WooCommerce code.

If you run a WooCommerce store and require a minimum order amount before the customer can check out, you may have come across the WooCommerce documentation that includes code for this requirement. It turns out, this code includes shipping and tax in the “order total.” If you require a minimum order amount for the subtotal only, you’ll need slightly different code.

Here’s the code you’ll want to use in your functions.php code instead:

This code will ensure that the customers are meeting that minimum with just the price of the products they’re purchasing.

Different companies have different requirements and you can choose which is best for you. Despite Woo’s documentation only showing the ‘complete total’ code, I would recommend going the subtotal route instead since you’re not benefiting from shipping and tax fees.

Exploring and acting on analytics data from a site with 1 million pageviews/week

Screen Shot 2016-07-06 at 2.06.15 PM

If a website is only seeing 10 visitors a day, exploring visitor stats through Google Analytics can be boring and unnecessary. It’s true – at that point, the dataset isn’t large enough to make rational judgment calls about what needs to be change don the site and how to get more people converting or accomplishing business goals. But when dealing with a site that has substantial traffic flowing through the pages regularly, the real fun work begins.

We maintain and develop some really high-traffic sites. Today we’ll be exploring an ad-supported blog that receives 1 million pageviews per week on average. The goal of this site is to (1) direct the user to the content they are interested in, and (2) get the most pageviews (aka ad revenue) per visitor possible.

In this post, we’ll explore the statistics, ask a question about visitor behavior, answer the question through the available data and segmenting options, then make recommendations for what changes to the site can be made & further analyzed. In future posts, we can review the effects of our changes to see how things turned out. Continue reading “Exploring and acting on analytics data from a site with 1 million pageviews/week”

Tearing down the child theme misconception – they needs updates, too!

photo-1453133451515-5ff7c1d0d63c

If you have a WordPress website and are using a theme purchased from ThemeForest or another theme marketplace, the best practice is to use a child theme for your customizations. This allows you to update your theme in the future without overwriting the custom code that adds additional features and functionality. However, there’s a growing misconception regarding child themes and this post will help clarify the situation.

Recently, both Easy Digital Downloads and WooCommerce came out with new versions that changed how code should be written to change functionality within the shopping experiences. We started receiving messages from site owners who had placed code within their child themes and were wondering why the updates would have affected them if they used a child theme.

Some believe that if you place code within a child theme, that means it will always be compatible with future “updates”. This may be true when it comes to theme updates (depending on how much your theme’s developer cares about backwards compatibility), but there is no guarantee that your code will work with future plugin or WordPress core updates. This is a huge difference. Plugin developers are under no obligation to make their plugins work with previous code snippets that placed in a child theme – and it’s likely that any custom PHP code you place there will need to be updated due to a WordPress or plugin update in the future.

'A child theme keeps you compatible with future theme updates - not plugin or WordPress updates' Click To Tweet

In short, if you place PHP code within your child theme, test your site when new plugin or WordPress updates are released to make sure everything is still compatible and know that you may need to tweak the code in the future to keep your functionality alive.


Did your site’s functionality break due to a recent plugin update – and you need some help getting back in shape? We can help get your site back to normal and maintain it regularly so this doesn’t happen again. Contact us here.

Hide shipping methods when free shipping is available: WooCommerce 2.6 compatibility

If your store offers free shipping, WooCommerce’s default configuration is to show the free shipping option to the customer on checkout, but not automatically select it or remove the paid shipping options. There’s a code snippet that you can add to your theme’s functions.php file to hide other shipping methods when free shipping is available and we’d recommend this to all stores offering free shipping.

With WooCommerce 2.6 being released last month, you may have updated your store and noticed that this code snippet stopped working properly. Turns out, the new version of WooCommerce requires an updated code snippet, even if you haven’t switched over to the new Shipping Zones system. The documentation has been updated on WooCommerce’s site – or here it is for easy copy and pasting:

 

Build it and they will come: an (untrue) story

photo-1458130713137-8b7237fb3648

The barbecue conundrum

You’ve spent a week planning the perfect barbecue. The location is a prime spot on the beach, the weather at the 1PM kickoff will be sunny and warm, the food is purchased and ready for cooking, and the speaker setup will be absolutely killer. When the time arrives, you pack up your things and head to the spot.

When 1PM rolls around, none of your friends have arrived but you start cooking the food. The hamburgers are ready at 1:15PM, but there’s still no one in sight. At 1:30PM, you realize your mistake.

You never invited your friends. You didn’t tell anyone about the BBQ. You spent all that money, put in all that time, and nobody showed up because they didn’t even know it was happening.

Websites are like barbecues

The scenario above seems implausible, but it happens with websites all the time. Business owners and entrepreneurs with “the next big thing” burn through thousands of dollars developing their next great idea and forget about marketing, how they will attract and retain visitors, and how they’ll make money to sustain.

You can prepare the best BBQ ever, but if you don’t tell anyone about it, it’s worthless.

'You can prepare the best BBQ ever, but if you don't tell anyone about it, it's worthless.' Click To Tweet

Continue reading “Build it and they will come: an (untrue) story”

How to report technical issues to your development team

 

There are two ways to write error-free programs; only the third one works. (Alan J. Perlis)

 

Your computer’s software was written by some of the smartest minds in the world. Yet, it has bugs. Errors. Security holes. That’s why your computer prompts you  to update all the time- new patches and fixes are introduced to take care of bugs that are uncovered.

Websites are compromised of software, as well. And just like computers, they can have bugs that affect their performance or usability. But how are bugs discovered and patched?

Uncovering the bugs

photo-1452555099503-3985696e7c0a

When code for a website is written, it goes through a QA (quality assurance) process by the development team. This means someone is performing each task on the site – adding a product to the cart, going through checkout, writing a review, etc – and ensuring that it’s working as expected. QA will also cover testing on different screen sizes and browsers. A great number of bugs – especially showstoppers that prevent core features from working at all – are found during this phase. This means that the majority of issues never make it to the live server.

However, some bugs manage to get past QA. There’s a multitude of different tests that can be tried during the QA process, but bugs can be discovered when something new or different is attempted. Here’s a short list of things that can affect websites:
Continue reading “How to report technical issues to your development team”

The difference between a web consultant and web developer

photo-1465429108843-b037568eb231

A tale of two business owners

Two competing business owners, Luther and Eileen, are looking to grow their companies with a new marketing platform on the web.  They both have the same vision in their head about how the platform should look and what results they should expect over the next few years.

Luther finds a web developer online who charges $20/hour. After explaining his vision for the platform, the developer gets to work right away with great enthusiasm. Just a few weeks later, the platform is launched and Luther is only out $2,500.

Eileen asks her friend for a referral and is recommended to speak with a web consultant. After listening to her concept, the consultant comes back with a list of ideas for alternative approaches to the platform and how it can be more readily adopted by customers. The platform project has turned into a marketing + sales tool that will take $10,000 to build. Eileen approves the project. Continue reading “The difference between a web consultant and web developer”

How to change your WordPress username

Maybe you were zipping through the WordPress setup process and misspelled your username. Or maybe your username is ‘admin’ and you just learned how that’s a huge security risk. Whatever the reason may be, WordPress doesn’t have a built-in way to change your WordPress username. If you go to your profile in the Dashboard, you’ll see a note that says, “Usernames cannot be changed.”

But… there is a way to make it happen!

Steps for changing your WordPress username

Before you begin, note that you will need to be an admin (or have an admin complete these steps).

  1. In the WordPress Dashboard, go to Users > My Profile
  2. Add a letter to the beginning of your email address then scroll down and hit “Update Profile” (e.g. scott@mydomain.com should be Bscott@mydomain.com) — this frees up your email address to be used in a new account
  3. In the sidebar, go to Users > Add New then type in your desired username, your email address, and choose the Admin role (or whatever the current role is for the account you’re changing)
  4. Hit the “Add New User” button
  5. Log out of WordPress then log back in as the new WordPress user
  6. Go to Users > All Users
  7. Hover over your old username and press “Delete”
  8. Important – on the next screen, press the radio button for “Attribute all content to” and select your new username in the dropdown
  9. Press “Confirm Deletion”

You’re now free to roam about the WordPress with your new username. Don’t gloss over step eight or else you will lose all of your posts, pages, and other content that was created under your old account. Happy WordPressing!

Form submissions from Gmail users will start failing soon… Here’s the fix.

Dakirby309-Simply-Styled-GmailWhen a potential customer fills out your contact form, how important is it that you get notified? How much money could you potentially lose if you don’t receive one important email notification from your site? An upcoming change from Gmail could affect your site very soon.

Following in the footsteps of AOL & Yahoo, Gmail will soon change a policy that will stop contact form submissions and other emails from “looking like” they are coming from a Gmail email address. In short, if your contact form uses the submitter’s email address in the “TO” field for the notification, it will fail and won’t ever hit your inbox.

AOL already made this change for AOL email addresses in 2014, as did Yahoo. As such, you may want to check your contact form plugin’s entries list and see if you missed some important notifications…

What’s the fix?

The policy change – or, in technical terms, the “DMARC policy being updated to ‘reject'” – means your automated emails must be coming from a different domain besides @gmail.com, @yahoo.com, or @aol.com.

To prevent the emails from failing, set the “TO” address in your contact form to noreply@yourdomain.com or simply set it to your own email address.

gmail-dmarc-policy

Bonus tip: to make life easier when you’re responding to the email notification, set the “Reply To” to the submitter’s email. When you hit the reply button in your email app, it’ll be set up to reply to the submitter rather than the noreply email address.