Articles

Branding 101: How to Get Your Design Business Online

You’ve named your business. You’ve sorted out the visual branding piece. Now, it’s time to get your business online so you can start making money.

In this post, we’re going to look at where your web design business needs to set up shop online and how to get it up and running quickly.

Step 1: Set Up Your Website

As a web designer or developer, having a website is non-negotiable.

Not only does a website provide prospective clients with all the information they need about you, it can help you automate many of those annoying tasks that get in the way of your actual paid work.

So, let’s start here:

Buy Your Domain Name

If you haven’t done so already, use the business name generator exercise to come up with a domain name. You then have a couple of options for buying it.

To Do:

  • Buy it from a domain name provider like GoDaddy or Domain.com;
  • Or buy it from your web hosting company;
  • Check the next step to see which option makes the most sense for you.

Choose a CMS

Use the same CMS as the one you’ll use to build your clients’ sites. That way, clients don’t wonder why you’d use something like Squarespace for your site, but then recommend WordPress for theirs, for example.

To Do:

  • If you use a self-hosted CMS (like WordPress, Drupal, or Joomla), hold on this until you purchase your web hosting;
  • If you use a hosted CMS (like Wix, Squarespace, or Shopify), you won’t need to do the next step. Instead, just sign up for your website builder and buy your domain name now.

Buy Your Web Hosting

If you’re wondering what the difference is between the various types of web hosting, read this post.

Basically, this is what you’re looking for:

  • A hosting company with a good reputation that provides expert and timely support;
  • An affordable starter plan — either shared or cloud hosting;
  • Server locations near you (at the very least, in the same country as you);
  • Top-notch security features at the server level as well as the physical hosting facility;
  • Caching and other speed optimizations built into the server and on-site equipment;
  • Compatibility with your CMS (look for one-click install, too).

Also, look for add-ons like SSL certificates, CDNs, and, of course, a free domain name.

To Do:

  • Sign up for the hosting plan you want along with your domain name and SSL certificate (this is a must for SEO);
  • Install your CMS from the control panel once you’re ready to go.

Build Your Website

Ultimately, you have two goals here:

  1. To build a website that convinces prospective clients that you’re the real deal;
  2. To build a website that prospects would want for themselves.

So, there’s no need to go crazy with outlandish features or futuristic animations and design. Keep it simple. Keep it neat. And give prospects an honest portrayal of who you are, and what you can do for them.

Design It

The first thing to do is take all that work you did to create your visual branding and use it to design your website.

If you’re building a WordPress website, consider starting with one of these multipurpose themes.

Build Out the Pages You Need

A theme will automatically create the pages you need (most of them, anyway). If you’re not sure which ones to start with, these are the ones your prospects are going to be looking for:

You may also want to add separate pages for Testimonials and Case Studies once you’ve accumulated enough of them to show off. For now, you can include samples of your work in the Portfolio page and testimonials on the Home page.

Fill in the Content

Even if writing isn’t your strong suit, that’s okay. So long as the content you write for your site is free of spelling and grammar errors, your prospective clients are going to focus on what you’re telling them, not on how proficient a writer you are.

That said, if you’re nervous about this piece of your website, here are some tips to help you out:

1. Be concise, it’s not just minimal design that goes over well with modern audiences. Minimal copy does, too.

2. Be transparent. Tell prospects what exactly they can expect when they work with you and why your web design services are going to be different from the competition.

3. Consumers don’t trust companies that use meaningless buzzwords and make empty claims. Instead, focus on writing about the real and very competitive skills you have. According to research from NIDO Student, these are the skills employers look for when hiring a designer:

4. Let your images tell some of the story for you. Just make sure you use (or create) images that will impress your audience.

5. After you’ve written your content, take a step back and tackle the structure and formatting from a designer’s POV.

6. Before you hit the “Publish” button, run your copy through Hemingway Editor to ensure your content is error-free.

Add the Right Features

When I talk about features, I’m referring to anything outside the main design and content on your website. These are usually sales and marketing tools like:

  • Chatbot/live chat
  • Contact forms
  • Pop-ups or notification banners
  • Discovery call scheduler
  • Cookies consent notice

Only add the features you absolutely need. In other words, the features that will automate the marketing and sales tasks you’d otherwise have to manage on your own.

Step 2: Optimize Your Website for Search Engines

Search engine optimization (SEO) is a very important part of the work you do to get your business online. Here’s why:

After you launch your business and website, the next thing you’re going to focus on is getting clients. This can take a lot of work as you pore over the following resources for referrals and leads:

  • Your existing contact list (i.e. family, friends, old employers, colleagues, etc.);
  • Freelance job boards;
  • Industry-specific job boards;
  • Social media posts, pages, and groups;
  • Google search results for “we’re hiring”;
  • And so on…

And when you’re not busy cold-emailing prospective clients or talking to them on the phone, you’re probably going to be working on your business’ processes. Running a business is very time-consuming.

So, what happens when you finally start working on website projects? It’s not like the client search ends there. It’s an ongoing thing. Which is why your website needs to be optimized for search.

Once your site gets indexed by Google and starts to generate authority, your pages will rank better and the increased visibility will start generating leads without you having to actively make the first move.

SEO is a huge topic, so I’m not going to cover it here. However, the links below will do a good job of guiding you towards your next steps.

To Do:

Step 3: Get Active on Social Media

Your website is going to play a lot of roles:

  • Digital business card;
  • Authority builder;
  • Marketing vehicle;
  • Sales platform;
  • Content marketer.

But there’s one very critical thing it can’t do and that’s directly converse with your audience and grow your network. This is why you need to spend time building out your social media once your website is good to go.

As for which social media platforms to use (as there are way too many), here are my thoughts:

Become an authority on Twitter.

Twitter is a good place to share daily thoughts and interesting content you’ve found on the web.

Get discovered on LinkedIn.

LinkedIn is useful because it’s another place to get noticed by potential employers, so make sure your relevant work experience and portfolio are up-to-date.

Connect with other creatives on Facebook.

It’s really hard to get noticed on Facebook unless you pay to play. Instead, use it to find groups that you can turn to for support, referrals, and brainstorming.

Share your work on Dribbble.

While you could use Instagram or Pinterest to show off your work, you might get more traction on a design-specific platform like Dribbble. Serve as inspiration for others and potentially get discovered by prospects looking for designers there.

Down the line you might decide to expand your business into recurring revenue opportunities like online courses. In that case, a platform like YouTube would be great. For now, focus your efforts on the main ones above.

To Do:

  • Create your social media accounts;
  • Brand them to match your website — both the visual component as well as the bio;
  • Start sharing content on a regular basis. You can automate sharing with a social media management tool, but remember to log in at least a couple times a week so you can engage with others, too;
  • Be careful not to commit these social media faux pas.

Wrap-Up

I realize this is a ton of information to throw at you. However, if you want to get your new business online and for it to succeed, you need to maximize the opportunities that are available to you.

I hope this three-part guide to starting a new business has been helpful. If you have any questions on the tips provided along the way, let me know in the comments.

 

Featured image via Pexels.

Source


Source de l’article sur Webdesignerdepot

8 Awesome Black Friday 2020 Deals for Designers (Up to 94% Off!)

If you’re interested in a sneak peek of this year’s best Black Friday deals, stick around. You’ll find a few web designers’ favorites, including a stellar deal or two.

This year, more than a few of the popular retail outlets are shifting away from the traditional “camp out all night and bust open the doors when the store opens” shopping model. You might just prefer this less chaotic, ecommerce approach.

All of us are trying to adjust to what may eventually become a “new normal”. We may not like some aspects of this new normal, but there are bright spots as well.

More shoppers are likely going to shop online because of the coronavirus. That means you don’t have to fight the crowds while desperately attempting to socially distance. The shelves aren’t as apt to go bare, and shopping is easy, convenient, and safe.

1. Slider Revolution

You will find the Slider Revolution plugin incorporated in a host of WordPress theme tools and products. This premium plugin can in fact boast of more than 7 million users around the globe.

What you may not be aware of is that it is much more than just a WordPress slider. With it in your web design toolbox, you can in fact create just about anything you can imagine.

Expect to find:

  • A stunning selection of elements including sliders and carousels;
  • Attention-getting hero sections designed to make your home pages really stand out;
  • Single-page websites with layouts unlike anything you’ve seen before;
  • Modular structuring that allows you to rearrange and reuse sections however you choose and the ability to mix and match modules with any WordPress content;
  • Add-ons whose cutting edge features push the boundaries of web design possibilities.

There’s more of course. To celebrate Black Friday and Cyber Monday you can NOW get any Slider Revolution subscription plan or one-time payment at a 33% discount.

Just click on the banner and use the BLACKFRIDAY code at checkout.

2. Amelia

When done manually, booking and managing appointments can be tedious and subject to mistakes and errors. Amelia provides an automated booking process that is oh-so easy to work with and is error free; just what you need to help you acquire more happy customers.

Key features of Amelia’s fully responsive design include:

  • A dashboard system that enables you to track approved and pending appointments, booking changes, and revenue;
  • Zoom Integration, Google Calendar, and Outlook Calendar sync;
  • The ability to accept and easily manage recurring appointments that customers can schedule;
  • Front-end customer and employee appointment and event managing and backend appointment adding, editing, and rescheduling;
  • Email notifications for pending and approved appointments and events.

And much more that will save you loads of energy and a ton of time. Give Amelia a try, and if you like what you see (and you will), take advantage of the 30% Black Friday discount.

3. wpDataTables

wpDataTables 3.0, with its fresh, new look, gives you a host of different ways to generate attractive, customizable, and responsive tables and charts, and a host of different ways to present them.

  • Tables can be created from most data sources, the most common being MySQL query, PHP array, Google Spreadsheet, Excel files CSV files, and JSON and XML inputs;
  • A working knowledge of SQL is not required!
  • Addons include Gravity Forms, Formidable Forms, Report Builder, and Powerful Filter;
  • wpDataTables users can generate Tables and Charts quickly from massive amounts of data (saving hours of effort);
  • Tables and charts are customizable and maintainable (editable once placed in use);
  • Tables can be created manually if you wish.

Click on the banner now and take advantage of wpDataTables 30% Black Friday discount on all licenses and addons.

4. TheGem – Creative Multi-Purpose High-Performance WordPress Theme

In TheGem, the ultimate WordPress multipurpose toolbox, you will find:

  • A rich selection of 400+ premium pre-built multi-page and one-page websites, all available for Elementor and WPBakery page builders;
  • The ability to mix and match any of this demos, layouts and page sections to create your own unique look;
  • Extended WooCommerce layouts & tools for making online shops, which convert better;
  • TheGem Blocks: an ultimate tool for building webpages at the speed of light.

And much more. Just click on the banner and check this 5-star product out.

5. Mobirise Website Builder

Creating a Google-friendly can take time, unless you have Mobirise at your fingertips, in which case you have a number of helpful tools to speed things up.

  • No coding, it’s all drag and drop;
  • 3,600+ website templates are at your disposal plus sliders, popups, forms, and more;
  • Many eCommerce features, including a shopping cart;
  • Latest Google Amp and Bootstrap4;
  • You can download Mobirise for free.

And, because it’s Black Friday, everything is yours at a 94% discount!

6. Get Illustrations

Get Illustrations offers royalty free and landing page Illustrations ready to drag and drop into your web design. You’ll have access to:

  • An extensive library of 4000+ illustrations with more added every week;
  • A wealth of design formats, including AI, PNG, SVG, Figma, Adobe XD, and Sketch;
  • Free updates and new illustrations weekly (included in the bundle).

Click on the banner and use the Coupon Code BLACKDEAL for your 30% discount.

7. XStore | Responsive Multi-Purpose WooCommerce WordPress Theme

For anyone planning on creating an eCommerce store, the XStore name says it all. Key features you’ll find in this powerful and flexible WooCommerce theme include:

  • More than 95 good-to-go-shops plus a full AJAX shop to get you started;
  • 300+ pre-defined shop/page sections, a header builder, and a single product page builder;
  • Elementor, WPBakery and $510+ worth of premium plugins.

Click on the banner and sign up to become one of XStore’s 55,000+ happy customers.

8. Kalium – Creative Theme For Multiple Uses

Kalium is an easy-to-use, easily maintainable multipurpose theme for WordPress users that is always updated to use the latest WordPress standards.

  • Kalium provides its users with a host of professionally-designed pre-built demos and elements;
  • Many plugins such as: Slider Revolution, WPBakery, Elementor, Layer Slider, Advanced Custom Fields PRO, Product Filter for WooCommerce, Product Size Guide,WooCommerce and other premium plugins are included.

Kalium is responsive, GDPR compliant, and gives you full eCommerce and top-quality customer support. It has a 5-star rating after 36k sales on ThemeForest – seriously impressive!

***** 

If you hit the retail stores remember to social distance.

Or, if you would rather take a brief break from the demands of Covid-19, take advantage of one or more of the above ecommerce sales. As you can see, there are some excellent ones!

 

[– This is a sponsored post –]

Source


Source de l’article sur Webdesignerdepot

Popular Design News of the Week: November 16, 2020 – November 22, 2020

Every week users submit a lot of interesting stuff on our sister site Webdesigner News, highlighting great content from around the web that can be of interest to web designers.

The best way to keep track of all the great stories and news being posted is simply to check out the Webdesigner News site, however, in case you missed some here’s a quick and useful compilation of the most popular designer news that we curated from the past week.

15 Best Illustration Tools in 2020

 

Slidepage 1.0 – Create Engaging and Swipeable Stories-on-the-Web, for Free

 

Notion Timeline – More than Gantt, for all your Projects

 

Unslack

 

UX Lessons from Big Sur

 

Pattern Collect

 

Apple Silicon M1 Chips and Docker

 

Difference Between UI and UX Design

 

How Many WordPress Plugins Should You Install?

 

5 Things I Wish I’d Known Before Starting a Design System at Spotify

 

8 Pure CSS Games You Can Play in your Browser

 

We Can do Better than DuckDuckGo

 

Fulljar – Simple and Privacy Focused Analytics

 

Accessibility in User Experience: How to Include People with Disabilities

 

9 Common WordPress Myths Debunked and Explained

 

Impressive Pure CSS Drawings

 

I Took 21 Online Courses, Here’s What I Learned

 

User Experience: Insights into Consistency in Design

 

How to Use Emotion to Make your Brand’s Content More Compelling

 

25 Free Icon Sets You Can Download and Use Today

 

6 Ways 2020 has Changed the Landscape of Design

 

25 Inspirational Quotes for Web Designers

 

9 Tips to Keep You Sane When Working with Multiple Clients

 

Write Code like You Write a Recipe

 

UI Coach – UI Design Challenge Generator

 

Want more? No problem! Keep track of top design news from around the web with Webdesigner News.

Source


Source de l’article sur Webdesignerdepot

Top New CMS Plugins, November 2020

Since there are so many CMS plugins out there, it can be overwhelming to choose the best ones for your website. We’ve done the research for you; this list contains the top new CMS plugins for November 2020. You’ll find useful plugins for WordPress, Craft, Shopify, and Joomla.

Let’s get started…

WordPress

404 Page Editor

404 Page Editor is a simple WordPress plugin that helps you add custom text to the default 404 page on your website. The plugin comes with seasonal and industry-related 404 templates. One useful feature of the plugin is that it backups your current 404 page before changing it. So you can restore the backup page anytime you choose. The plugin duplicates your current 404.php page to wp-content/uploads/404-page-editor/ so you can easily find it. You can also change the text on the plugin to fit your local dialect. 

UnusedCSS Power-Up

Most WordPress themes and plugins load their CSS in the wrong areas of your website. This can slow down your site. A slow website will reduce user experience and lead to increased bounce rates.

UnusedCSS will help reduce the size of your website’s CSS files by up to 95%. The best part is that the plugin works automatically. It will remove any unused CSS when visitors view any page on your website. UnusedCSS will automatically reduce your website’s load times by reducing your CSS files and page size. The plugin also optimizes the performance of other WordPress plugins and extensions. UnusedCSS also works with WooCommerce themes and plugins.

Simple Redirects

Simple Redirects is a WordPress plugin that helps you to automatically redirect requests to another page on your site or any other place on the web. The plugin allows you to easily redirect users from your old web pages to new pages using 301 or 302 redirects. You don’t have to worry about losing backlinks or page rank. Any incoming links to the old web page will be automatically passed along to the new page. The page rank on the old page is also transferred to the new page. The plugin is useful when migrating a WordPress site when don’t want to retain the URL structure. 

HTML Validation

HTML Validation plugin helps you identify any HTML validation errors on your website. The plugin works automatically in the background of your website and will send you regular reports. There is a progress bar on the report screen to show you the progress of the scan. The plugin uses WordPress Cron to scan the content of your website. There is also an option for the plugin to automatically fix any HTML validation issues on your website. You can also choose to fix the issues manually. 

Just Highlight

Just Highlight is a simple WordPress plugin that helps you highlight text in your posts or pages. You can use this plugin to highlight any portion of the page you want to draw the reader’s attention to. You can highlight the background of the page and also add animation to the highlighted text. In the WordPress admin area, you can change the speed and color of the animation. The plugin is compatible with Gutenberg, and the WordPress classic editor. 

DeviantArt Embed

DeviantArt Embed is a simple plugin that helps you embed any work from Deviant Art into a post. The plugin provides a block for the WordPress block editor so you can easily embed the image. It uses a DeviantArt oEmbed API to pull the images and their descriptions, and creates an embedded image. 

Static Optimizer

Static Optimizer is a static file optimization plugin that serves and optimizes static files on your website. The plugin will help you increase your website speed by automatically compressing your static files. It is easy to set up, you just need an API key to get started. Other useful features that the plugin offers include automatic JS and CSS minification, automatic image optimization, and processing of responsive images. You don’t have to worry about losing your files if their server is down. The plugin automatically backs up your files and will load your original files when their servers are down (either because of an upgrade, maintenance, or outage).  By default, only images are compressed when you activate the plugin; you can also choose to optimize fonts, CSS, and JS files. 

RankBear

RankBear is a keyword rank tracker plugin that helps you analyze your SEO efforts. With RankBear, you can track the keywords for each of the posts and pages on your site. While the plugin has a paid plan, you can track up to five keywords for free. On the free plan, you will receive weekly reports on each keyword you are tracking. You can search for the rank and volume of a keyword in every location supported by the Google search engine. RankBear is a lightweight software-as-a-service plugin hosted by Amazon Cloud Services. The plugin also offers the option to download the keyword reports to CSV. 

Table of Contents Block

Table of Contents Block is a plugin that allows you to easily create a Table of Contents for your WordPress posts. The plugin is lightweight and will automatically add a Table of Content in your website’s posts and pages. You can select the heading tags you want to add to the Table of Content. It also has a dedicated support team to assist you. The plugin works fine with all standard WordPress themes. 

Markease For WooCommerce

Markeaze is an all-in-one communication plugin that allows you to add live chat to your online stores. The plugin will help you improve your customer service by decreasing your response times. With the plugin, you can collect your visitor’s contact information via a widget. This feature is useful in building a subscriber database. You can also use the plugin to track customer behavior on your site, inform customers about new products, help customers with active orders, and collect customer feedback. You can also use the auto-reply function to answer commonly asked questions. 

Craft CMS

Image Toolbox

Image Toolbox is a Craft CMS plugin that offers image-related tools for your templates. The plugin will automatically create a WebP variant of the images you upload. It also has a fallback for browsers that do not support WebP images. Other useful features the plugin offers include automatic creation of placeholder images and generation of responsive images with multiple variants. The plugin also supports Imager-X (or old Imager). 

Element Panel

Element Panel plugin allows you to add elements and an eager-loading panel to the debug toolbar. This feature will help you benchmark your templates in Craft CMS. For elements, the panel has a dashboard that shows how many elements are populated. It also shows how many elements are duplicates. The plugin also shows you how many eager-loading elements are detected. Duplicate elements are grouped by field name. 

Shopify 

VStore Shoppable Videos

VStore Shoppable Videos is a Shopify plugin that allows your customers to shop directly from your videos. The plugin allows you to embed your products into any video. Since videos have a high engagement rate, this plugin will significantly improve your store’s conversion rates. 

ProofMotion Video Testimonials

ProofMotion Video Testimonials plugin helps you to easily collect video testimonials. The plugin sends an automated email or SMS requests to customers asking for their satisfaction feedback after making a purchase. The responses are analyzed to determine whether the customer had a negative or positive experience. Customers that offer negative feedback are sent to customer care to help them with the problem they encountered. Happy customers are prompted to make video testimonials of their positive shopping experience. ProofMotion guides the customer through the interview so they can give the best testimonial. They also offer an on-site widget so you can easily share your testimonials. 

Real ID

Real ID is a Shopify plugin that allows you to verify customers’ real identity using a photo ID and facial biometrics. The plugin is perfect for orders that have an age restriction, verifying flagged fraud goods, and selling expensive goods. Real ID will help you identify whether a government-issued-ID is fake during fulfilment. All the customer needs to do is take a selfie on their phone. This way, even if a customer has access to a stolen physical ID, they won’t still be able to make any purchase. The plugin can verify documents such as passports, visas, national IDs, driver licenses, and more. Real ID will help you handle GDPR compliance. The plugin is available in hundreds of countries around the world. 

Joomla

Accessibility

Accessibility is a Joomla plugin that allows your website visitors to easily access your website content. The plugin will remove any barrier between the visitor and your Joomla site. There is no coding required and you can customize the plugin directly from the module manager. The plugin has a useful feature called Dyslexic Readability; this feature allows your visitors to set the entire document font to a dyslexic-friendly font. Visitors can also grayscale the page, resize the fonts, and resize the word space. From the backend module, you can add any custom CSS and JS. The plugin is also available in 12 different languages. 

Reading Time

Reading Time is a simple plugin that will help you easily show the reading time of your Joomla articles. The plugin is easy to set up and does not require any coding. You can customize every parameter, including the text, in minutes. You can also choose to exclude categories, articles, and menu items. Reading Time also allows you to easily add custom CSS code from the plugin parameters. 

 

Featured image via Pexels.

Source


Source de l’article sur Webdesignerdepot

Popular Design News of the Week: November 9, 2020 – November 15, 2020

Every week users submit a lot of interesting stuff on our sister site Webdesigner News, highlighting great content from around the web that can be of interest to web designers.

The best way to keep track of all the great stories and news being posted is simply to check out the Webdesigner News site, however, in case you missed some here’s a quick and useful compilation of the most popular designer news that we curated from the past week.

Quarkly – Design Tool for Creating Websites and Web Apps

 

Create your Personal Branding Strategy in 4 Simple Steps

 

How to Design a Landing Page

 

No Code MBA – Learn to Build Real Apps and Websites Without Code

 

Your Computer Isn’t Yours

 

Swatches – Generate Colors for Every Purpose

 

Markabaly – Cross-platform Markdown Editor

 

12+ Bootstrap Hero Image Examples

 

The UX of Among Us: The Importance of Colorblind-friendly Design

 

No, your Clean Code won’t Save the Planet

 

My Side Project Rocks – Share and Discover Side Projects

 

How to Test Content like a Pro: A Step-by-step Guide

 

MacOS Big Sur is Here

 

Free Fonts for Prototyping and Wireframing

 

Gamification: The Broken Way of Carrot and Stick

 

Everything You were Wondering About Apple’s New M1 Chip

 

Please Unsubscribe – Fwd Emails to Unsubscribe from Marketing

 

The Fonts in Popular Things Identified Vol. 2

 

How to Become a Self-taught Graphic Designer

 

Using PowerPoint’s Animated GIF Function

 

Scribbble.io – A Blogging Platform for Developers

 

How to Work with WordPress Block Patterns

 

The Power of Happiness: Being Safe, Free, and Supported

 

How to Handle Scope Creep in Web Design

 

Building Products

 

Want more? No problem! Keep track of top design news from around the web with Webdesigner News.

Source


Source de l’article sur Webdesignerdepot

10 Reasons Your WordPress Site Will Get Hacked (and How to Stop It)

A hacked WordPress site is as damaging as having your home burgled. It can completely shatter your peace of mind and adversely impact your online business. 

Why do hackers target WordPress sites? The answer is relatively simple: WordPress is the single biggest platform for website creation these days, so there’s a larger base to attack; this attracts the attention of online criminals. 

So, how can a hack impact your website? 

Depending on the type of attack, your website could suffer any of the following:

  • It could be defaced completely;
  • It could load or operate very slowly on any device;
  • It could completely crash and malfunction;
  • It could display the dreadful “White Screen of Death”;
  • Its incoming visitors could be redirected to other suspicious websites;
  • It could lose all your valuable customer data.

This list is not exhaustive but you get the idea.

Now that we know how a successful hack can impact your website and online business, let us look at the top 10 reasons behind WP hacks and prevent them.

1. An Insecure Web Host 

Like any website, WordPress is hosted on a web host or server. Unfortunately, most site owners do not pay much attention to the web host they select and choose the cheapest they can find. For example, it is more affordable to host a website on a shared hosting plan — one that shares its server resources with many other websites like yours.

This can make your site vulnerable to hackers as a successful hack into any website on the shared server. A single hacked site can consume the overall server bandwidth and impact all the other sites’ performance.

The only way to fix this problem is to opt for a reliable host and a virtual or dedicated server.

Pro tip: If you’re already using a shared hosting plan, check with your hosts if they offer VPS hosting and make the switch.

2. Use of Weak Passwords

Weak passwords are the main reason behind successful brute force attacks that target your account. Even to this day, users continue to use weak and common passwords like “password” or “123456”; if you’re one of them, your website could land in trouble!

Guessing weak passwords allows hackers to enter the admin accounts where they can inflict the maximum damage.

How do you fix this problem? Simple, ensure all your account users (including admin users) configure strong passwords for their login credentials. With at least 8 characters, passwords must be a mix of upper- and lower-case alphabets, numbers, and symbols. 

For added safety, install a password management tool that can automatically generate and store strong passwords.

Pro tip: You can use a plugin to reset passwords for all your users.

3. An Outdated WP Version

Outdated software is among the most common reasons why websites get hacked. Despite being free to download, most site users defer updating their site to the latest version, for fears of updates causing their site to crash.

Hackers take advantage of any vulnerability or bug in an older version and cause issues like SQL Injections, WP-VCD Malware, SEO Spam & other major issues like website redirecting to another site.

How do you solve this problem? When you see a notification about an update on your dashboard, update your site as soon as possible.

Pro tip: If you are worried about updates crashing your live website, you can first test the updates on a staging site.

4. Outdated WP Plugins and Themes

Similar to the previous point, hackers also take advantage of outdated, unused, or abandoned plugins and themes installed on websites. With over 55,000 plugins and themes that are available, it is easy to install a plugin or theme, even from unsafe or untrusted websites. 

Plus, many users do not update their installed plugins/themes to the latest version or do not find the updated version. This makes it easier for hackers to do their job & infect sites.

How do you avoid this problem? As with the core WP version, update each of your installed plugins/themes on your site regularly. Take stock of all the unused ones and remove them or replace them with better alternatives.

You can update your plugins/themes from your hosting account.

Pro tip: We suggest setting aside time every week to run updates. Test them on a staging site and then update your site.

5. Common Admin Usernames 

In addition to weak passwords, users also create common usernames that are easy to guess. 

This includes common usernames for admin users like – “admin”, “admin1”, or “admin123”. Common admin usernames make it easier for hackers to get into admin accounts and control backend files in your WP installation.

How do you avoid this problem? If you are using any such usernames that are easy to guess, change them immediately to a unique username. The easiest way of doing it is through your hosting account’s user management tool, by deleting the previous admin user and creating a new admin user with a unique username.

As the first step, change the default username of your admin user and limit users who have administrator privileges.

Pro tip: WordPress has 6 different user roles with limited permissions. Only grant admin access to users who really need it.

6. Use of Nulled Plugins/Themes 

Coming back to the importance of plugins/themes, users have access to many websites that sell nulled or pirated copies of popular and paid plugins and themes. While these are free to use, they are often riddled with malware. They can compromise your website’s overall security and make it easier for hackers to exploit. 

Being a pirated copy, nulled plugins/themes do not have any available updates from its development team, hence will not have any security fixes.

How do you fix this problem? Simple, for a start, only download original plugins and themes from trusted websites and marketplaces.

Pro tip: If you don’t wish to pay for paid or premium plugins and themes, opt for a free version of the same tools that will have limited features but are still safer to use than the nulled version. 

7. Unprotected Access to wp-admin Folder

To take control of your site, hackers often try to break into and control your wp-admin folder in your installation. As the website owner, you must take measures to protect your wp-admin directory.

How can you protect your wp-admin folder? First, restrict the number of users having access to this critical folder. Additionally, apply for password protection as an added layer of security for access to the wp-admin folder. You can do this using the “Password Protection Directories” feature of the cPanel in your web host account.

Pro tip: Besides these fixes, you can also implement Two Factor Authentication (or 2FA) protection for all your admin accounts.

8. Non-SSL Website

You can easily migrate your HTTP website to HTTPS by installing an SSL certificate on your site. SSL (or Secure Socket Layer) is a secure mode of encrypting any data transmission between your web server and the client browser.

Without this encryption, hackers can intercept the data and steal it. Plus, a non-secure website can have many negative implications for your business – lower SEO ranking, loss of customer trust, or a drop in incoming traffic.

How do you fix this problem? You can quickly obtain an SSL certificate from your hosting company or SSL providers. It encrypts all data that is sent from and received by your website. 

Pro tip: You can get a free SSL certificate from places like Let’s Encrypt, but these provide limit protection that will only be sufficient for a starter site or small site.

9. No Firewall Protection

Lack of firewall protection is another common reason why hackers can bypass website security measures and infiltrate the backend resources. Firewalls are the last line of defence against hackers and work like the security alarm installed on your house. Firewalls monitor web requests coming from various IP addresses, including the suspicious (or bad) ones. 

They can identify and block requests that are known to be malicious in the past, thus preventing easy access for hackers to your website domain. Web application firewalls can thwart various attacks, including brute force attacks, XSS, and SQL injections.

Pro tip: A firewall provides much-needed security and is  your first line of defence. But it’s important to also have a malware scanner installed.

10. Lack of WordPress Hardening Measures

Typically, hackers target the most vulnerable areas or weaknesses within a WP installation, to illegally access or damage the website. The WordPress team has identified these vulnerable areas and has devised a list of 12 hardening measures recommended for every website.

A few of these include:

  • Disabling the File Editor;
  • Preventing PHP execution in untrusted folders;
  • Changing the security keys;
  • Disallowing plugin installations;
  • Automatic logout of inactive users;

How do you implement these hardening measures? While some steps are easy to understand, others require the technical expertise of how WordPress works. 

Pro tip: You can implement hardening measures on your own. However, some measures require technical expertise so in these cases, it’s much easier and safer to use a plugin.

 

Featured image via Pexels.

Source


Source de l’article sur Webdesignerdepot