Web Hosting Blog

Sep 17

  • Created: Sep 17, 2014 2:00 PM

Using Nofollow Tags Correctly On WordPress

Nofollow Tag On WordPress
Nofollow tags are frequently misunderstood. In this article we look at nofollow tags, their rationale, and how to nofollow (or “dofollow”) links on WordPress.

Google’s success as a search engine was largely based on its founders’ development of an algorithm that used incoming links as a signal of a page’s quality. The idea is that the more people who choose to link to a page, the more valuable the page is likely to be to other people. Although Google and the other search engine operators have increased the complexity of their algorithms considerably since the early days, links still play a fundamental role in determining search engine ranking.

However, not all links are trustworthy for the purposes of determining a page’s quality and value. They are only useful if they are “editorial” links — links that are created because the value of the content is what motivated the link. Because there are various other reasons that a page might be linked to, Google decided to provide a mechanism to signal that links should not be followed by search engine crawlers. That mechanism is the nofollow meta tag, which looks like this:

Read more

Posted in: Nexcess
Sep 10

  • Created: Sep 10, 2014 1:44 PM

WordPress Users Should Ensure Theme-Bundled Slider Revolution Plugins Are Up-To-Date

WordPress PluginMost WordPress users knows that WordPress plugins should be updated. Updates frequently include patches that fix security vulnerabilities. Part of every WordPress user’s routine should include regular plugin and core updates. But there’s another source of potential vulnerability that WordPress users may not be aware of: many themes include bundled plugins and those plugins are not part of the WordPress update interface.

It was recently discovered that some versions of the Slider Revolution plugin contained a critical vulnerability. This vulnerability is a particular problem because Slider Revolution is included in hundreds of premium themes, which means WordPress users are reliant on theme developers to update the version included in their themes.

In fact, the vulnerability was fixed back in February and it only became widely publicized in the last few days. The plugin’s developers quietly patched the plugin, mentioned the fix briefly in their release notes, but didn’t disclose any details. Unfortunately, the vulnerability was known to hackers, but its seriousness was not revealed to theme developers or WordPress users. That result is that many WordPress sites using themes that bundled the plugin are vulnerable. WordPress users should check their themes and ensure that bundled versions of the Slider Revolution plugin have been updated to 4.2 or later.

Read more

Posted in: Nexcess
Sep 3

  • Created: Sep 3, 2014 1:21 PM

The Pros And Cons Of Implementing SSL / HTTPS

SSL and HTTPS

Google has ignited a storm of interest in HTTPS, but what are the advantages and disadvantages of offering SSL-encrypted HTTPS connections to your users.

Since Google announced that serving sites over HTTPS would become a search engine ranking signal, the number of people interested in purchasing SSL certificates has skyrocketed. Many webmasters who would never have considered using HTTPS are worried that competitors will have an SEO advantage should they continue to serve their sites in the open.

Whatever you think about Google’s attempt to shape the web’s security policy using SERP position as a carrot (and stick), it’s worth thinking about the potential advantages and disadvantages of implementing HTTPS.

Read more

Posted in: Nexcess
Aug 21

  • Created: Aug 21, 2014 2:28 PM

What Can Big Data Do For eCommerce?

Big Data and eCommerce

Big Data is something of a nebulous concept, and like many ideas without a clear definition, it’s been seized on by various writers and pundits as the next big thing. It’s easy to write endlessly about something when you aren’t forced to constrain yourself to practicalities.

The eCommerce industry is nothing if not pragmatic, ever eager to grasp new technology but only if it proves itself where it matters — on the bottom line. In spite of the hype, big data is having a significant impact on how eCommerce retailers are doing business.

Big data is exactly what it sounds like. Businesses have access to far more information than ever before. That data is drawn from numerous channels: social media, customer relationship management software, web analytics, tracking, logistics, and so on. But data itself is next to useless; it’s only of value if we can harness it in ways that increase sales, customer loyalty, and conversion rates.

Read more

Posted in: Nexcess / Tagged:
Aug 19

  • Created: Aug 19, 2014 11:20 AM

WordPress Misconceptions: Do You Need A Custom WordPress Design?

Custom WordPress Themes

I was recently talking to a friend who wants to create a site for his small business. He’s a landscaper, and needs a simple site — perhaps a few pages to describe his services, a contact form, and a blog. As someone who is fairly knowledgeable about WordPress web hosting, it’s difficult for me to put myself in the position of someone who doesn’t know anything about it, and so it came as something of a surprise that he believed he would need to pay a designer to create a custom WordPress theme for his site. His business is new, and it would be significant burden on his expenses to hire a designer. He didn’t know that buying a pre-made theme was an option and was somewhat incredulous about the idea of using one, worrying that his site would end up looking like millions of others.

First, I’d like to clear up exactly what a theme is. In a nutshell a theme is a set of files that can be installed on a WordPress site to change the way it looks, and in some cases, the way it functions. WordPress is a very flexible system and can be styled in many different ways — you probably have no idea that many of the sites you visit are based on WordPress at all.

The sets of files that constitute a theme are created by developers or designers; some are given away free, some you have to pay for (premium themes), and some are created for a particular site — a custom WordPress theme. The vast majority of WordPress sites use either free or premium themes.

Read more

Posted in: WordPress
Aug 15

  • Created: Aug 15, 2014 3:01 PM

Don’t Fall For ICANN Domain Protection Certificate Scam

ICANN scam

In a recent blog post, ICANN (Internet Corporation for Assigned Names and Numbers) revealed a scam in which registrants of top-level domains like .com and .net are approached by fraudsters and told that they need to buy a certificate to “protect their domain”. Although the certificates are well designed and incorporate official ICANN graphics, the scammers are not associated with ICANN, the certificates do nothing to protect domain ownership, and the offer is entirely spurious.

Web hosting clients and domain name registrants should not pay third-parties for this purported service. Nor should they pay money to any organization claiming to be or to represent ICANN, which does not sell services to domain name registrants (the individuals and organizations that use domain names).

ICANN is a non-profit organization that was created to manage the databases that allow the Domain Name System to translate the URLs we’re all familiar with into the IP numbers that machines use to route data around the Internet, as well as a number of other services connected with DNS and Internet namespace management.

Read more

Posted in: Nexcess, Security
Aug 12

  • Created: Aug 12, 2014 2:45 PM

WordPress 4.0 Beta Is Ready For Testing

WordPress Beta

Every few months the wizards who develop WordPress put out another release. It’s always an interesting time for WordPress users and watchers, who are eager to see what benefit the new features and enhancements will bring to their site (or, if you’re more pessimistic, what new annoyances they’ll have to deal with).

In this article I’d like to take a look at the highlights of the next major WordPress release, as well as how you can get it.

First a word of warning, beta releases are, by definition, under active development — there will be bugs, there may be security vulnerabilities. I’d strongly advise you not to upgrade your production sites to the beta version. There’s a possibility it’ll hose your site or break features.

Read more

Posted in: Nexcess, WordPress
Aug 4

  • Created: Aug 4, 2014 12:40 PM

Roundup of July’s Best ExpressionEngine, WordPress, and Magento Content

July 2014 Blog RoundupAnother month has passed and we’re back with a new roundup of the web’s best ExpressionEngine, WordPress, and Magento content. July saw the release of both ExpressionEngine 2.9 and a new WordPress beta, as well as  the official announcement that Magento Go and ProStores will be shut down. And, of course, Germany won the World Cup. Knowing it’s hard to keep up with all the great content around the web, we gathered up those stories and other relevant articles into one convenient location. If you’d like more great content on a day-to-day basis, follow us on Twitter, Facebook, and Google+. Enjoy and let us know if we missed anything important in the comment section. Otherwise, here’s the best from July.

Read more

Posted in: Monthly Roundups
Jul 31

  • Created: Jul 31, 2014 3:55 PM

WordPress Basics: Combating WordPress Comment Spam

If you have a WordPress blog, you will get comment spam. WordPress comment threads can become a mess of nonsense comments and link spam. Luckily there are tools available that will take care of the great majority of comment spam, although bloggers will still have to keep an eye out, both false positives and false negative can occur.

What’s The Point Of Comment Spam?

The most common motivation for comment spamming is black hat link building. Google and other search engines use the number of incoming links for a page or domain as a signal for ranking them in search engine results pages. More links is better. Comment spammers use automatic botnets to seek out open comment threads that they can use to create a link. This doesn’t really work; Google have become smarter at figuring out what’s spam and what’s not, and WordPress comment links have nofollow meta tags on by default — but that doesn’t stop spammers from trying.

Read more

Posted in: WordPress
Jul 25

  • Created: Jul 25, 2014 2:15 PM

Recent Exploit using Fake Magento Extensions

We are publishing this post in the hope that all Magento users can utilize this information to determine if their site has been compromised and take the steps required to correct the problem.

We were recently contacted by a client regarding a Common Point of Purchase Investigation that was initiated by a credit card issuer. These investigations are used to pinpoint the source of fraudulent activity reported by card holders. Our security team immediately began a comprehensive internal investigation to pinpoint the root cause of the fraudulent activity on the client’s account. Our security team found evidence of Magento core files having been modified to skim credit card data during the checkout process. The skimmed data would then be logged to a fake image file (actually a text file) located in the media folder, then the attacker would download these text files from a remote server.

Next, our security team began a scan of our entire infrastructure to determine if any other client sites were affected by the same exploit. We found a total of 39 sites (out of 15,000 Community and 1,500 Enterprise Magento stores) hosted with us, were affected by the same exploit. We immediately contacted all of the affected clients before their credit card processing companies had even detected a problem.

We have since cleaned all of the sites that were exploited and contacted all of the affected clients about the exploit.

PLEASE NOTE: If you are hosted with us and have not been contacted by our security team regarding this issue, then we believe your site has not been affected by this exploit. We are committed to the safety and security of your data and we take these issues very seriously. As a precaution, we are running hourly scans of our infrastructure to detect any further compromises.

Read more

Posted in: Magento, Nexcess, Security