Articles

Retour vers le futur: Pages Web côté serveur avec Kotlin (Pt. 1)

Retour vers le futur: Pages Web côté serveur avec Kotlin (Pt. 1)

,

Dans cette série, nous allons apprendre à créer des pages web côté serveur avec Kotlin. Vous découvrirez comment créer des applications web modernes et performantes. Prêt à voyager dans le futur ? Allons-y !

Le développement Web a subi de nombreux changements depuis que l’Internet est devenu populaire dans les années 1990 :

L’architecture du développement web a connu une variété de changements depuis que l’internet est devenu populaire dans les années 1990 :

Tout d’abord, il y a eu les pages HTML les plus basiques, complètement statiques, sans aucune dynamique. Plus tard, des technologies telles que l’interface commune de passerelle (Common Gateway Interface) ont permis de générer le code HTML d’une page de manière programmatique. Puis sont arrivés des moteurs de modèles tels que JavaServer Pages (maintenant Jakarta Server Pages), ASP.NET et Thymeleaf, qui ont permis aux développeurs de travailler avec des fichiers de modèles principalement « ressemblant à HTML » avec du code de programmation intermélangé.

Ensuite, des frameworks de « script côté client » basés sur Javascript tels qu’Angular, React et Vue sont apparus, ce qui a transformé le développement web en deux disciplines distinctes : le développement « backend » qui contenait le code traditionnel du serveur web et de la logique métier, ainsi que le développement « front-end » (en utilisant les frameworks ci-dessus) qui se concentrait sur la visualisation d’un site web et recevait des données du backend.

Cependant, cela ne signifie pas que les tendances de développement ne progressent que dans une seule direction et jamais en arrière. Par exemple, les bases de données NoSQL telles que MongoDB ont rapidement gagné en popularité en grande partie en raison de leur capacité à contenir des données non structurées par rapport aux bases de données SQL traditionnelles telles que PostgreSQL et MySQL, mais ces dernières ont également évolué et peuvent maintenant contenir des données non structurées via les types de données JSONB et JSON, respectivement. De même, de nouveaux frameworks Javascript tels que Next.js commencent à offrir des options pour le rendu côté serveur en plus de leurs capacités de rendu côté client traditionnelles. De nouveau, les moteurs de modèles côté serveur comme Thymeleaf ont également continué à évoluer, Thymeleaf lançant une nouvelle version du framework le mois dernier.

Source de l’article sur DZONE

/par

Frontend Team Roles and Skills, Breaking the Silos and Borders

,

About 15-20 years ago, web application developers had the knowledge and the technical skills necessary to create an application: HTML, CSS, JS, PHP/Python/ASP, Web Server Management, MySQL/Postgres (both data and service management), etc. 

With time the web applications became more complex with bigger requirements. New technologies, frameworks, and paradigms bounce into the development and pushed developers to specialize in some areas arising new roles from this specialization.

Source de l’article sur DZONE

/par

Jenkins Pipeline Script to Build and Deploy Application on Web Server

,

In this article, we will discuss the automation of application deployment on a web server using Jenkins Pipeline. We will use Jenkins Pipeline as a script. Jenkins Pipeline as script can be of two types: declarative type and scripted type. Here, we will use declarative Jenkins Pipeline script.

Prerequisite Knowledge

  • Git, GitHub
  • Building Java applications using Maven
  • Jenkins
  • Web server like Tomcat, JBoss, etc.

If you are new to Jenkins Pipeline script, then we would recommend you to go through this article first.

Source de l’article sur DZONE

/par

How to Sell on Pinterest Without a Website

,

You don’t need an online shop to sell on Pinterest, but owning one can give you the upper hand.

The only problem is that managing an eCommerce store is expensive.

On the other hand, selling on Pinterest has a low entry barrier. So it’s an excellent place to start even if you can’t afford a website.

Plus, Pinterest has many engaged users who are happy to buy your product, craft or offer. This is the only social media network where the most significant users hold the most disposable income in America.

This guide shows you how to sell to these top spenders on Pinterest, whether you own a website or not.

What Pinterest Brings to the Table

Pinterest is not just a visual discovery engine. The social network brings more to the table.

With 433 million monthly active users and over one billion web visits in August 2022, the platform offers businesses new opportunities to reach highly engaged audiences.

Data Source: SimilarWeb

Also, data shows that about 38% of pinners have a college education, whereas Snapchat is 20%, Twitter is 32%, and Reddit stands at 15%, offering you access to a sophisticated market.

The social network enables about two billion monthly searches.

The company’s data revealed that 97% of the searches are unbranded, providing a level playing ground for all competing brands. However, for context, 42% of Google search queries are with branded keywords, meaning many searchers already have a brand in mind before searching.

Also, 80% of pinners said they discovered new products or brands on Pinterest, and 85% buy things they’ve seen from brands. Additionally, pinners are 55% more likely to buy a product after seeing a visual on Pinterest compared to other platforms.

The platform is not all talk and no action.

For instance, nearly nine in ten weekly pinners make buying decisions on Pinterest, and 50% of users have bought after seeing a Promoted Pin.

Pinterest might not be as popular and imposing as Facebook, Twitter, YouTube, LinkedIn, and TikTok, but the user engagement shows the platform can hold its ground against some perennial favorites.

Its numbers are impressive, making Pinterest too good to pass up.

Selling On Pinterest Without a Website

You can sell on Pinterest without a website.

It’s an excellent option for affiliate marketers. A Pinterest business account will work best since it lets you monitor analytics and run ads. You might also need a Facebook page and a Medium account to further your marketing.

When you’re ready, here’s how to start selling on Pinterest without a website.

Organize Your Products into Boards

Pinterest Board is a collection of pins.

It lets you stay organized. You can create different boards to categorize your products. For example, having boards for televisions, sound systems, video players, and other products in your catalog will make sense if you deal in electronics. You can further classify the boards into sections, like LG, Samsung, and Sony.

Boards make it easy for shoppers to find your products.

To create one, log in to your profile and click the Saved tab.

Click the + icon to reveal a drop-down menu, then select Board from the options.

Enter the product category in the name field to create the Board.

Open the newly created Board, click the ellipsis icon (the three horizontal dots), then the Edit board option to type a befitting description for the Board.

Use the Organize option to create and organize the pins into sections.

 

Publish Your Products as Pins

Create visually engaging pins to display your products.

One exciting thing about Pinterest is that you can create unlimited pins for the same product using different visuals, titles, and descriptions. And the more pins you create, the greater your chances of increasing your visibility and CTR.

The mistake most brands make is creating a single pin for a product and leaving the rest to fate.

But it doesn’t work that way.

As a visual discovery engine, you’ll need to create a lot of pins to stand out and hold your ground on Pinterest. It also lets you cover most of the keywords pinners use to discover products on the platform, stretching your visibility further.

To create pins, head to your profile and select Create Pin from the Create drop-down to begin.

On the next page, select the Board you wish to have the Pin on from the drop-down, then enter the Pin’s title. Of course. Use the keywords people are likely to search for to target Pinterest searchers.

You can see in this Pin that Cicinia, an online retailer of bridal dresses and accessories, uses searchable keywords in the title. But the Pin doesn’t have a description. Don’t make the same mistake.

Write a compelling description to entice users to click your link.

You can search your keywords on Google to see what other brands have as their descriptions if you don’t know what to write. Then, add a discount code to the description if you have any. It supports up to 500 characters, so make the most of it.

Finally, upload your visuals, add your alt text describing the visual you uploaded, then include the destination link, in this case, your affiliate link, and publish the Pin.

Repeat this step for the rest of your products.

Promote Pins on Pinterest

Pinterest comes with a built-in ad manager.

With this tool, you can promote your pins to the perfect audience. It lets you target people based on demographics like age, gender, and location. You may also run campaigns based on their interests or search terms.

Additionally, Pinterest allows advertisers to upload their customer lists for custom targeting. However, it works best for sellers that own a website.

Running ads means you don’t have to compete with the over 240 billion pins for attention. Instead, promoted pins put you on the spot and in front of the right people.

Dimniko, an online advertising agency, helped a client sell over 22,500 products with Pinterest ad campaigns, generating up to 11-times ROAS.

The brand pivoted to Pinterest after experiencing slow sales from other channels. According to them, the client spent around $15,000 daily on Facebook ads, generating $3 million monthly in Shopify; that’s $6 for every $1 spent on ads.

But with Pinterest, they generated $1.29 million with $116,000—$11.12 per $1.

Dimniko advised Pinterest advertisers to kill assets that didn’t meet the KPI in the first seven days and scale the budget of the top performers by 20% every two to three days.

They admitted that half of their sales were due to their retargeting strategy and suggested that new advertisers should start with their existing buyers and ‘actalikes.’

Go Beyond Pinterest

Several opportunities exist for you outside Pinterest.

Depending solely on the channel to reach prospects is a considerable risk. The platform only controls about 450 million of the estimated 4.7 billion global social media users, so there are always more people to reach.

You can do this organically by publicly sharing your pins or boards using trending and relevant Twitter and TikTok hashtags. Also, brands like Bergdorf Goodman use Facebook to promote their pins.

Like them, you can post your pins’ links as updates on your Facebook page.

Promote the post to reach more people.

Blog on Medium

Nearly 43% of global internet-enabled persons use ad blockers, meaning there’s little future for intrusive marketing.

So, content marketing is a no-brainer.

It lets you reach prospects through organic search when they are most likely to purchase. Also, creating consistent, valuable, and engaging content helps you answer customers’ questions, build trust, and influence buying decisions.

Studies found that content marketing generates three times more leads than traditional marketing channels. Also, brands that create content have a six times higher conversion rate than non-adopters.

Thankfully, you don’t need a website for content marketing with Medium. It’s a free and intuitive online publishing platform that lets anyone create, share and discover content.

Sign up on the platform. Research keywords and create quality content with them. You can repurpose the article into a video with tools like Lumen5.com and share it on YouTube.

Selling On Pinterest With a Website

A website puts your Pinterest marketing on steroids.

At least you won’t have to upload your products manually. Instead, the platform can automatically pull your products from your online store to Pinterest and update your catalog regularly. It also lets you retarget non-converters and upsell existing buyers, improving conversion and customer lifetime value.

Follow these steps to connect your website to Pinterest and sell on the platform.

Set Up Your Online Store

Create an online store if you don’t have one yet.

Pinterest currently supports Shopify and WooCommerce stores and online shops that can integrate with the following:

  • Lengow
  • ChannelAdvisor
  • GoDataFeed
  • Feedonomics
  • Products

Next, add the website to your Pinterest business account to claim ownership. Verifying your site allows you to access analytics for the pins you publish from your website and pins other users created from your site and get a verified merchant tag.

You can claim your website by adding a DNS TXT record to your domain host, uploading an HTML file to your website’s web server, or adding an HTML tag to your website code.

Add Your Product Catalog

Upload your catalogs to start selling on the platform.

Catalogs are a feed ingestion tool that lets you connect your eCommerce shop to your Pinterest store. The file lists all your available products and their corresponding attributes, creating a data source for the Pinterest store.

Pinterest ingests the data source every 24 hours to create your product Pins and process up to 20 million products per account. You’ll need to contact Pinterest support if you have more than that number of products.

You can add up to 20 data sources to promote your products across different markets, languages, and currencies. However, uploading your data sources to Pinterest is only available in selected countries. If you’re eligible, the steps here can get you started. 

Alternatively, you may use third-party integrations like Shopify’s Pinterest app and Pinterest for WooCommerce plugin to get your products on Pinterest. Tools like Lengow, ChannelAdvisor, GoDataFeed, Feedonomics, and Productsup can also streamline your Pinterest data ingestion.

Create Rich Pins

Rich Pin is a step up for Pinterest pins.

They have extra information like price, product availability, description, and product link, providing pinners with rich shopping experiences. Rich pins encourage higher click-through rates, enabling you to sell more. They also make better ads.

With rich Pins, you don’t need to update your product Pins manually whenever the need arises. Instead, they update automatically each time you change your product titles, description, price, or availability.

Another fantastic thing is that rich Pins require only a one-time, easy setup. Pinterest will convert all your product Pins to rich Pins if you enable the feature for your account, and new Pins will appear as rich Pins.

Shopify natively supports Pinterest product-rich Pins, so it doesn’t require manual setup. Open any product page, copy the link and append .oembed to the URL, then validate with the Pinterest Rich Pins Validator.

If your store runs on WooCommerce, install the Yoast SEO plugin and enable Open Graph in the plugin setting. Next, copy any of your product URLs and validate. It’s that easy.

However, you’ll have to roll up your sleeves for custom sites.

It requires you to manually add rich metadata to the header of all your product pages. Pinterest supports Schema.org properties. Use any product schema generator like Merkel Schema Markup Generator to generate the JSON-LD code for each product page.

 Next, use Google Tag Manager to add the code to the page’s HTML.

To begin, log in to your account and select Add a new tag under the “New Tag” section.

Choose a name for your tag, then select Custom HTML as the tag type.

Scroll down to Triggering to choose a trigger, then click the + icon.

Name your trigger and select Page View as the trigger type. Next, choose Some Page Views under the “This trigger fires on” section.

Specify your trigger condition, save and then publish your tag.

Repeat the steps for all your product pages, then validate any URLs to apply for rich Pins.

Stay Organized With Product Groups

Product groups help you manage your inventory.

It also lets you promote a product category instead of individual Pins. You can create a product group manually or leave that for Pinterest to handle if you use Shopify. The app can automatically sync your Shopify collections to create relevant Pinterest product groups.

The auto-created product groups include All Products, Top Sellers, Back In Stock, Best Deals, New Arrivals, and Most Popular.

You can add others manually if you need different product groups like brand, custom label, product type, category, or gender. First, ensure the fields exist in your data source and name the products based on your chosen filters.

Follow these steps to create a product group:

  • First, log in to your Pinterest business account from your desktop.
  • Click Ads on the top menu and select Catalogs.
  • Select View product groups, then Create product group.
  • Apply filters to select the products for the group
  • Go to the next page and enter a name for the product group.

Prompt With Shopping Ads

A website lets you take your Pinterest ad campaigns to a new level.

For instance, you can retarget non-converting shoppers to recover lost sales or upsell active buyers to improve their lifetime value. You may also create an act alike (equivalent to Facebook’s lookalike) audience to reach your ideal prospects, eliminating guesses from your targeting.

However, the first is to install the Pinterest tracking tag.

It’s a code snippet that lets Pinterest track your store visitors and their actions while on your site. The code helps you measure your campaign performance, optimize your conversion, build a targeting audience and become a verified merchant.

To install the tag, log in to your Pinterest ads account, click the Ads tab on the top menu, select conversion from the drop-down, and follow the rest of the instructions to complete the process.

Create your audience and run shopping and personalized collections ads to promote your products. Also, launch dynamic retargeting campaigns to upsell buyers and retarget shoppers that abandoned their carts. Run these campaigns concurrently for the best results. This resource can guide you in setting up high-converting Pinterest ads.

Also, don’t forget to promote your store outside Pinterest for maximum reach.

Wrapping It Up

So you don’t need to own a website to sell on Pinterest.

With just an affiliate link, you can get started on the platform. That might even change soon. The social network is piloting a feature that lets shoppers checkout and pay for items on Pinterest so that they don’t have to leave the app to complete their purchases.

The in-app checkout will probably redefine social commerce in the coming years, and getting onboard Pinterest and setting up your stores now means you’ll always be ready for the mad rush.

Thankfully, the tips in this article can get you started.

 

Featured image by rawpixel.com on Freepik

Source

The post How to Sell on Pinterest Without a Website first appeared on Webdesigner Depot.

Source de l’article sur Webdesignerdepot

/par

Image CDNs: How Edge Computing Provides a Faster Low Code Image Solution

,

Many websites today use some type of traditional Content Delivery Network (CDN), which means improvements in website load times, decreases in bandwidth, and better redundancy and security. But not everything is optimized, specifically when it comes to images, and image CDNs can help with that! 

Traditional vs. Image CDNs

A traditional CDN treats images as static. If you want to tailor images to better match various mobile device types, then you need to create many variants of each image and upload them to your web server. It also means you must develop responsive code that will tell the server and CDN which image variant to deliver. This is clunky, time-consuming, and inefficient. For a large website, the amount of code needed can be astronomical. Using this static image model, there’s just no realistic way for each image to be effectively sized and compressed for every possible device model – at this point, there are thousands of them. The combination of these two unfortunate factors leads to potentially slow load times and poor UX caused by oversized images delivered to mobile devices.

So what is an image CDN? An image CDN builds on the traditional CDN model with the addition of device detection and image optimization. Instant detection of the device model and browser requesting the images is done right at the device-aware edge server (true edge computing!) Additional information, including screen resolution and dimension, pixels per inch, and support for next-gen image formats (such as WebP, JPEG 2000/JP2, and AVIF), provides even more details crucial for superior image optimization. Using this information derived from device-aware edge servers, the image CDN optimizes each image and serves the perfect version for each device and resolution, meaning users get the finest webpage experience faster.

A Bit About the Edge (Whoa, Living on the Edge?)

With a single server website, a web request would have to travel from the requestor, back to the origin server (wherever that was geographically located), be processed, and then travel back to the requestor. Depending on the physical distance between the requestor and the origin server, this could introduce a great deal of latency, which means lag time on page loads. 

A traditional content delivery network (CDN) is a global network of servers that optimizes web performance by using the node geographically closest to the user for faster delivery of assets. It takes static content like images and stores them on the edge. But usually, these edge servers are relatively simple in terms of their role in business processes. They mostly index, cache, and deliver content. And traditional CDNs like to keep edge servers simple because of concerns over CPU usage, storage, and scalability.

But what if these edge servers could also provide computing power that enhances performance and business processes? This is called edge computing. Slowly, CDNs are starting to open their edge servers to allow enterprises to deploy apps/services on the edge. Likewise, Cloud computing networks (e.g., AWS, Azure, Google Cloud) provide virtualized server capacity around the world for those who want to use geographically distributed servers. In a sense, Edge Computing is a marriage of the CDN (where edge servers synchronize/work with each other) and Cloud computing (where servers are open to applications). 

Edge computing is a fascinating concept, but what is the killer app that will enhance business processes and improve website performance? The addition of device detection to edge computing provides the ability to transform from delivery of static images to a new model where images are dynamic and tailored exactly to devices. 

Edge computing is computing that is done in a geographically distributed space, with many servers located at or near the source of the web request. This reduction in bandwidth and latency leads to fast processing times, increased site speed, and improved customer experience. And edge computing doesn’t require new infrastructure — it leverages the networks of existing providers to create Points of Presence (POP) around the globe. 

The Edge Servers are…Aware?

Device-aware edge servers, like those used by the ImageEngine image CDN, take edge computing to a new level. Device detection is actually one of the use cases where edge computing really shines. Normally, the edge server would have to send a Javascript query to the device to figure out any information about a requesting device’s model, browser, operating system. But with a device-aware edge server, the User Agent string is captured and decoded. This contains all of the information necessary for device detection without the need for any back and forth – a definite speed improvement. So you’re starting ahead of the game! 

Each time a new request comes to the device-aware edge server, the image is processed by that server (meaning optimized for that specific device parameters) and stored right there in cache, primed for future use. This is done in three stages: changing image size based on device resolution, compressing the image using an image optimization tool, and selecting the most efficient file format for the device. 

If the device-aware edge server has already processed a request from a similar device model before, then it can serve the device-optimized image from its edge cache, leading to a lightning-fast server response — and ImageEngine’s device-aware edge servers can serve up cached images 98% of the time! Not only is there geographical proximity because of the distributed global POP network, but the smaller size of the optimized image compared to the full-sized original cuts up to 80% off the image payload. This can cut up to several seconds off page load times. When almost 70% of people say that page speed influences their likelihood of making a purchase, every single second counts! 

Some image CDNs detect the device information and group the devices into “buckets” of similar types and serve an image based on that type. While this is certainly an advancement over a traditional CDN, and works passably well for some common devices, it still isn’t a truly optimal solution. There are so many variants of browser, screen size,  resolution, etc., even among very similar devices, that images are still often oversized (too large payloads) and lead to poor load speed. A true image CDN, such as ImageEngine, serves the perfect image for every device, every time.

So Now You Want To Get Started (Don’t Worry, It’s Really Simple)

One of the best things about the ImageEngine image CDN is the ease of integration – and it can integrate into any platform that supports a 3rd-party CDN. All you need is to sign up for an account and receive a delivery address during your two (yes, 2!) minute signup process. This delivery address is used to redirect image traffic for optimization and superior delivery performance. Next, you’ll have to make some slight adjustments to img tags on your website, but that’s really all the work you’ll need to do. There are no DNS changes during a standard (generic delivery address) integration. You read that right, none at all. Contrast that to a traditional CDN integration, where there is just no way around some messing around in the DNS – in fact, usually some fairly extensive DNS changes. 

This low-code, virtually no code, integration saves you time. It saves you money. It saves you the hassle of putting multiple team members on a new project. And it means that you can be up and running in about 15 minutes with a standard install. You can be serving optimized images to your site visitors at blazing fast speeds before lunch! And don’t worry, ImageEngine has an experienced integration support team available to answer any questions you might have. 

There’s also no issue with adding the ImageEngine image CDN on top of an existing CDN. Traditional CDNs may have security features that you may prefer to keep for your site. It requires slightly more integration but provides the same benefits of a solo ImageEngine implementation — screaming fast image load times and perfectly optimized images from device-aware edge servers. All that is recommended is that the ImageEngine image CDN actually serve the images directly, not simply process them, to get maximum benefits.

Adopt an Image CDN and See The Benefits

We’ve learned that image CDNs bring numerous benefits to your site AND your business. Using device-aware edge servers, image CDNs provide measurably better UX to your visitors. Pages load potentially seconds faster with perfectly optimized images, meaning your customers get to the heart of your message right away, and you don’t lose potential sales. 

Image CDNs are actually 30%+ faster than most traditional CDNs, improving site speed accordingly. From an SEO perspective, that’s huge! And your SEO gets an additional boost from the improvement to your Largest Contentful Paint scores (which can help you gain valuable rank on Google’s SERPs). Implementation is simple and fast. You get all this, plus cost savings: since you have smaller payloads because of the fully optimized images, you’re delivering fewer gigabytes of data.

Source

The post Image CDNs: How Edge Computing Provides a Faster Low Code Image Solution first appeared on Webdesigner Depot.

Source de l’article sur Webdesignerdepot

/par

10 Reasons Your WordPress Site Will Get Hacked (and How to Stop It)

,

A hacked WordPress site is as damaging as having your home burgled. It can completely shatter your peace of mind and adversely impact your online business. 

Why do hackers target WordPress sites? The answer is relatively simple: WordPress is the single biggest platform for website creation these days, so there’s a larger base to attack; this attracts the attention of online criminals. 

So, how can a hack impact your website? 

Depending on the type of attack, your website could suffer any of the following:

  • It could be defaced completely;
  • It could load or operate very slowly on any device;
  • It could completely crash and malfunction;
  • It could display the dreadful “White Screen of Death”;
  • Its incoming visitors could be redirected to other suspicious websites;
  • It could lose all your valuable customer data.

This list is not exhaustive but you get the idea.

Now that we know how a successful hack can impact your website and online business, let us look at the top 10 reasons behind WP hacks and prevent them.

1. An Insecure Web Host 

Like any website, WordPress is hosted on a web host or server. Unfortunately, most site owners do not pay much attention to the web host they select and choose the cheapest they can find. For example, it is more affordable to host a website on a shared hosting plan — one that shares its server resources with many other websites like yours.

This can make your site vulnerable to hackers as a successful hack into any website on the shared server. A single hacked site can consume the overall server bandwidth and impact all the other sites’ performance.

The only way to fix this problem is to opt for a reliable host and a virtual or dedicated server.

Pro tip: If you’re already using a shared hosting plan, check with your hosts if they offer VPS hosting and make the switch.

2. Use of Weak Passwords

Weak passwords are the main reason behind successful brute force attacks that target your account. Even to this day, users continue to use weak and common passwords like “password” or “123456”; if you’re one of them, your website could land in trouble!

Guessing weak passwords allows hackers to enter the admin accounts where they can inflict the maximum damage.

How do you fix this problem? Simple, ensure all your account users (including admin users) configure strong passwords for their login credentials. With at least 8 characters, passwords must be a mix of upper- and lower-case alphabets, numbers, and symbols. 

For added safety, install a password management tool that can automatically generate and store strong passwords.

Pro tip: You can use a plugin to reset passwords for all your users.

3. An Outdated WP Version

Outdated software is among the most common reasons why websites get hacked. Despite being free to download, most site users defer updating their site to the latest version, for fears of updates causing their site to crash.

Hackers take advantage of any vulnerability or bug in an older version and cause issues like SQL Injections, WP-VCD Malware, SEO Spam & other major issues like website redirecting to another site.

How do you solve this problem? When you see a notification about an update on your dashboard, update your site as soon as possible.

Pro tip: If you are worried about updates crashing your live website, you can first test the updates on a staging site.

4. Outdated WP Plugins and Themes

Similar to the previous point, hackers also take advantage of outdated, unused, or abandoned plugins and themes installed on websites. With over 55,000 plugins and themes that are available, it is easy to install a plugin or theme, even from unsafe or untrusted websites. 

Plus, many users do not update their installed plugins/themes to the latest version or do not find the updated version. This makes it easier for hackers to do their job & infect sites.

How do you avoid this problem? As with the core WP version, update each of your installed plugins/themes on your site regularly. Take stock of all the unused ones and remove them or replace them with better alternatives.

You can update your plugins/themes from your hosting account.

Pro tip: We suggest setting aside time every week to run updates. Test them on a staging site and then update your site.

5. Common Admin Usernames 

In addition to weak passwords, users also create common usernames that are easy to guess. 

This includes common usernames for admin users like – “admin”, “admin1”, or “admin123”. Common admin usernames make it easier for hackers to get into admin accounts and control backend files in your WP installation.

How do you avoid this problem? If you are using any such usernames that are easy to guess, change them immediately to a unique username. The easiest way of doing it is through your hosting account’s user management tool, by deleting the previous admin user and creating a new admin user with a unique username.

As the first step, change the default username of your admin user and limit users who have administrator privileges.

Pro tip: WordPress has 6 different user roles with limited permissions. Only grant admin access to users who really need it.

6. Use of Nulled Plugins/Themes 

Coming back to the importance of plugins/themes, users have access to many websites that sell nulled or pirated copies of popular and paid plugins and themes. While these are free to use, they are often riddled with malware. They can compromise your website’s overall security and make it easier for hackers to exploit. 

Being a pirated copy, nulled plugins/themes do not have any available updates from its development team, hence will not have any security fixes.

How do you fix this problem? Simple, for a start, only download original plugins and themes from trusted websites and marketplaces.

Pro tip: If you don’t wish to pay for paid or premium plugins and themes, opt for a free version of the same tools that will have limited features but are still safer to use than the nulled version. 

7. Unprotected Access to wp-admin Folder

To take control of your site, hackers often try to break into and control your wp-admin folder in your installation. As the website owner, you must take measures to protect your wp-admin directory.

How can you protect your wp-admin folder? First, restrict the number of users having access to this critical folder. Additionally, apply for password protection as an added layer of security for access to the wp-admin folder. You can do this using the “Password Protection Directories” feature of the cPanel in your web host account.

Pro tip: Besides these fixes, you can also implement Two Factor Authentication (or 2FA) protection for all your admin accounts.

8. Non-SSL Website

You can easily migrate your HTTP website to HTTPS by installing an SSL certificate on your site. SSL (or Secure Socket Layer) is a secure mode of encrypting any data transmission between your web server and the client browser.

Without this encryption, hackers can intercept the data and steal it. Plus, a non-secure website can have many negative implications for your business – lower SEO ranking, loss of customer trust, or a drop in incoming traffic.

How do you fix this problem? You can quickly obtain an SSL certificate from your hosting company or SSL providers. It encrypts all data that is sent from and received by your website. 

Pro tip: You can get a free SSL certificate from places like Let’s Encrypt, but these provide limit protection that will only be sufficient for a starter site or small site.

9. No Firewall Protection

Lack of firewall protection is another common reason why hackers can bypass website security measures and infiltrate the backend resources. Firewalls are the last line of defence against hackers and work like the security alarm installed on your house. Firewalls monitor web requests coming from various IP addresses, including the suspicious (or bad) ones. 

They can identify and block requests that are known to be malicious in the past, thus preventing easy access for hackers to your website domain. Web application firewalls can thwart various attacks, including brute force attacks, XSS, and SQL injections.

Pro tip: A firewall provides much-needed security and is  your first line of defence. But it’s important to also have a malware scanner installed.

10. Lack of WordPress Hardening Measures

Typically, hackers target the most vulnerable areas or weaknesses within a WP installation, to illegally access or damage the website. The WordPress team has identified these vulnerable areas and has devised a list of 12 hardening measures recommended for every website.

A few of these include:

  • Disabling the File Editor;
  • Preventing PHP execution in untrusted folders;
  • Changing the security keys;
  • Disallowing plugin installations;
  • Automatic logout of inactive users;

How do you implement these hardening measures? While some steps are easy to understand, others require the technical expertise of how WordPress works. 

Pro tip: You can implement hardening measures on your own. However, some measures require technical expertise so in these cases, it’s much easier and safer to use a plugin.

 

Featured image via Pexels.

Source


Source de l’article sur Webdesignerdepot

/par

How to Install and Configure Apache2

,

In this article, we will see how to install and configure Apache2 web server in Ubuntu 16.04.

Note: Throughout this article, we will be referring to domain name as website1-example.com. Replace this domain name with your actual domain name whenever required.

Source de l’article sur DZONE

/par

What Is SNI and How Does It Work?

,

Want to know what is SNI and how it works? Well, you’ve come to the right place (not sure about the right time though). Quite often, this great technology goes under the radar, and that’s somewhat understandable. So, here we are doing what we always do – unscrambling the “technical” stuff.

Let’s get under the hood of the technology that is Server Name Indication.

Source de l’article sur DZONE

/0 Commentaires/par