Site: US UK AU |
Nexcess Blog

Protecting Your Magento eCommerce Store From Ransomware Attacks

February 9, 2016 1 Comment RSS Feed

Magento eCommerce StoreFor a particular type of morally bankrupt individual, the idea of ransomware must appear to be a stroke of brilliance. For everyone else, ransomware is the stuff of nightmares. That goes double for eCommerce merchants, for whom their store and its data is their business and livelihood. The loss of data to a ransomware attack puts eCommerce merchants in an unpleasant position: to pay or not to pay? In this article I want to talk about how merchants can avoid being put in that position in the first place.

First, what is ransomware? In short, an eCommerce ransomware attack exploits vulnerabilities in an eCommerce store or server software to install malware which then encrypts the data on the server before presenting the merchant with a demand for payment. If the merchant pays, the attacker will send a key to decrypt the data. If they don’t pay immediately, the attacker often increases the price.

Read more

Posted in: eCommerce, Magento, Security

Think Bigger Than Blog Articles For WordPress Content Marketing Success

February 4, 2016 0 Comments RSS Feed

WordPress Content MarketingWordPress started life as a blogging engine. Today’s WordPress retains many of the traits of its first years, even though it has long since shaken off its image as “just a blogging engine”. Now supporting a quarter of the top million sites on the web, WordPress is a uniquely powerful and flexible publishing tool. Nevertheless, it remains the best option for bloggers ranging from solo writers to big publishing via millions of smaller publishers and businesses.

But to make the most of WordPress’ capabilities as a platform for promoting your business, it helps to think beyond the blog. Blogs are an essential part of modern content marketing, but WordPress can easily handle many different types of content, allowing site owners to maximize the exposure of their business to multiple audiences.

Read more

Posted in: Marketing, WordPress

Stop Brute Force Bots Wasting Your WordPress Site’s Resources

February 3, 2016 0 Comments RSS Feed

WordPress ResourcesA brute force attack is the least sophisticated technique online criminals have to compromise WordPress sites. It doesn’t take advantage of obscure coding errors or advanced social engineering techniques. Rather, a brute force attacker simply tries lots of username and password combinations until they find one that works. The execution may be more or less sophisticated, with some attackers using botnets to attack thousands of WordPress sites simultaneously, but the heart of a brute force attack is guesswork informed by what the attackers know about commonly used credentials.

Unsophisticated as brute force attacks are, they can be devastatingly effective if a site’s security isn’t up to snuff. Brute force attacks take advantage of user error — sites with easy-to-guess common passwords used in conjunction with common or default usernames can fall to a brute force attack in seconds.

Read more

Posted in: Security, WordPress

Fast And Easy WordPress Development Environments With VagrantPress

February 2, 2016 1 Comment RSS Feed

WordPress Development EnvironmentThere are many reasons a WordPress user might want to create a WordPress installation on their local machine.

  • Testing plugins and themes before deploying them on a live site
  • Creating a dev site for theme development
  • Running WordPress Betas to try new features

Installing WordPress on your desktop or laptop can be a complicated procedure, and most people don’t want to run the entire LAMP stack on their everyday machine, so there are numerous solutions that allow users to create a “sandboxed” WordPress that has everything it needs to run without polluting the user’s PC with software that it wouldn’t otherwise need.

Read more

Posted in: Programming, WordPress

Does Your Company Own Its Domain Names?

January 28, 2016 0 Comments RSS Feed

Domain NamesFor modern businesses, domain names are an essential part of branding. Most consumers are aware of businesses through their domain name, and all companies with a presence online invest a big chunk of their marketing budget promoting their site. That makes domains valuable. They’re the rare commodity that can be had for a nominal cost, but that the loss of which could devastate a business.

That’s why it’s constantly surprising to me that so many startups neglect to secure the ownership of their domain name. Without naming any names, I recently came across a company that had allowed a technical employee to register the company’s domain. The employee controlled the domain registrar account and registered the domain in his name.

Read more

Posted in: Domains

The Six Step Plan To A Successful Business Blog

January 27, 2016 0 Comments RSS Feed

Business BlogCommercial blogging as part of a content marketing strategy is not easy. It’s not coal mining, but nor is it a walk in the park. It’s particularly difficult for business owners who have been told that blogging will increase traffic to their site and visibility in social media, but who have no experience of professional writing.

It’s not just the writing either. Most people can summon up the will to sit down and knock out a 500-word post. A smaller number can keep it up over the long term. But the ability to write only gets you halfway, especially if you’re blogging with a specific goal in mind — generating interest and engagement for a brand. You can write the most dazzling prose on the most fascinating topics, and it won’t get you any further towards that goal if you are writing for the wrong audience.

Read more

Posted in: Nexcess, WordPress

Are dedicated IP addresses still necessary?

January 26, 2016 2 Comments RSS Feed

The short answer: probably, but not for the reasons many still believe. Not any more, at least.

“Once upon a time” in eCommerce equals about 18 to 24 months. Once up a time, if your site needed a SSL certificate to process credit card transactions, you needed a dedicated IP address. Once upon a time, it was believed a dedicated IP address might make your site faster and rank higher.

And to this day, we sometimes still hear the same mantra. If you sell online, it’s just “better” to have a dedicated IP address. Never mind why, it’s just better. Because eCommerce, or something.

Read more

Posted in: Nexcess

2015’s Best ExpressionEngine, Magento, and WordPress Content

January 22, 2016 0 Comments RSS Feed

Roundup2015 was a big year. We were lucky enough to see the long-awaited releases of Magento 2 and ExpressionEngine 3, as well as numerous WordPress releases. More on that below. So for this month’s roundup, we included some of the best recent stories as well as a few articles and bits of news that shaped the year that was. Without further ado, check out 2015’s best content here. If you’re looking for the same great articles on in 2016, follow us on Twitter, Facebook, and Google+. Enjoy and let us know if we missed anything important in the comment section.

Read more

Posted in: Monthly Roundups

It’s Time to Move to Magento 2

January 21, 2016 3 Comments RSS Feed

After months of blood, sweat, and tears, Magento 2 is a reality. From a technical perspective, Magento 2 outperforms its older sibling, but what about from a business perspective?

New eCommerce platforms always provoke familiar questions. Will this be compatible with my workflow? Will it have the modules I use for payment and shipping? Will I understand the platform and its internals?

The short answer: yes. Magento 2 is ready for your live store, and you can both enjoy its new features and integrate it with the most common payment and shipping providers. Even better, the development team rebuilt the Magento 2 administrator panel to make life easier for merchants.

Read more

Posted in: Magento, Nexcess

WordPress No Longer Emails Passwords, Which Is Great For Site Security

January 20, 2016 0 Comments RSS Feed

Site SecurityWith the release of WordPress 4.3, WordPress’ developers have put an end to the problematic practice of emailing passwords to users when they request a new password. The default behavior is now to send a reset link to the user’s email account. In this article, I’d like to discuss why this change is a significant positive move for WordPress users.

What’s wrong with sending passwords via email? The obvious problem is that the password is clearly readable to anyone who has access to the email account, and given that users rarely delete email — often simply archiving it — the password will be available to snoopers for as long as it’s valid.

Read more

Posted in: WordPress