Browsing Category

Uncategorized

Uncategorized

16 Steps to Secure Your WordPress Website in 2023

Posted on February 26, 2023

WordPress is one of the most popular CMSs on the web, and its popularity is well-deserved given its capabilities.

Unfortunately, this popularity is both a blessing and a curse, as it makes WordPress an attractive target for hackers; it is the most hacked CMS on the web.

A hacked website can cause a lot of damage to a business. When it comes to hacking, prevention is key. The list below should be able to significantly reduce the likelihood of your WordPress website getting hacked.

  1. Check with your host to see if they can strengthen the environment by adding a firewall and doing a full scan of the server on a regular basis.
  2. Ask the host to make sure the server operating system is up-to-date.
  3. Inquire with the host if they offer a CDN with a Web Application Firewall (WAF), or if they use an external service like Cloudflare, make sure to setup rules to handle requests coming to the admin folder or the login.php page.
  4. Ask the host to update Apache, PHP, and MySQL to recent versions that are compatible with WordPress.
  5. Ensure you have a remote backup service with an easy restoration process.
  6. Strengthen all FTP passwords and change them regularly (at least once every quarter).
  7. Upgrade WP and all plugins to the latest version.
  8. Upgrade the theme or any visual editors to the latest version.
  9. Create a staging server that is no more than one week behind the current site on a similar hosting environment; this will also act as a redundancy and backup.
  10. Install security plugins like Wordfence or Sucuri and subscribe to a paid version.
  11. Enforce WP password changes every month (using a plugin may be necessary), and protect the admin folder using .htaccess .htpasswod
  12. Enable 2FA and Brute Force Protection.
  13. Apply a daily Malware Scan and email yourself the results or any critical alerts.
  14. Do a manual weekly inspection to the website (mainly the upload folder) and test the backup site every week. Check FTP and Apache log files
  15. Remove unused plugins, and check if less-used plugins could be removed.
  16. Use file and folder permissions to secure the website by applying 555 permissions (linux servers only) to the plugin folder, 444 for the config file and the .htaccess file.
On Page SEO Uncategorized

Keyword Research and Content Mapping

Posted on April 9, 2019

It is not difficult to explain to anyone what is a keyword, most of us use Google everyday and we type words/questions in the search box to find information, answers, services and products. When we try to market a service or a product in search engines it is very important to find keywords that can make a difference to the bottom lines (leads and sales), finding relevant keywords to any website is not a difficult task but understanding the intent behind those keywords and map that intent to the marketing funnel needs some extra efforts.

Looking at the funnel above can raise a simple question, why do we need to target keywords in the awareness and interest stage, should not we target bottom of the funnel keywords only?  There are few reasons for that:

  • There is a limited inventory for bottom of the funnel keywords for every business
  • Bottom of the funnel keywords are normally very competitive and difficult to rank for especially for new website
  • Bottom of the funnel keywords do not fit informational content like blog posts and articles which are very important component of SEO

Before going through examples that we can use for each stage, there are three attributes that you need to keep in mind for a keyword that will help you to do the right mapping:

  • Intent, use your judgment to decide the location of a keyword in the marketing funnel, words like buy, hire, services are buying signals
  • Search volume (the number of people that search for a keyword on a monthly basis)
  • Keyword difficulty, this metric is an estimate provided by third party tools like SEMrush predicts how difficult it is to rank for a specific keyword
  • Number of words in a keyword, normally more words means less competition (long tail keywords)

Awareness keywords (top of the funnel):

Let us assume you offer SEO services in Toronto and see what keywords we can use for every stage of the funnel. Thankfully it is 2019 and the level of awareness with SEO is really high but there are still many businesses that do not know about it or know a little about it.

We can target people that never heard of SEO using digital marketing content that speaks to SEO, examples:

  • How to rank higher on google
  • What is Digital marketing

For people that heard about SEO but they are seeking more information:

  • What is SEO
  • How to do SEO

Articles and blogs are the best form of content to use to target awareness keywords, working with a SEO client that doesn't have a blog or an article section to create awareness is almost impossible.

For clients that sell popular products and services (dentists, lawyers etc) awareness might not be required but blogging on a regular basis is still recommended to target top of the funnel keywords (writing interesting educational topics to their users).

Expect a very low conversion rate for top of the funnel keywords, you need to target highly searched keywords or a large number of keywords at this stage to make it up for the low conversion rate. There are many benefits targeting top of the funnel keywords that go beyond short term conversion rate:

  • Establishing authority in the space
  • It is easier to find low competition keywords that can fit the awareness stage, there is almost unlimited inventory of them
  • Blogging on a regular basis will send freshness signals to search engines
  • On average, it takes approximately five to seven touchpoints to close a sale and a visit from those keywords will count as one of them

It is strongly recommended to use marketing automation to nurture top of the funnel traffic and move it down in the marketing funnel.

Interest keywords (middle of the funnel):

Some people also call them also consideration keywords, they are used to target users that become totally aware of what they need to solve their pain point, in our example the client now is aware that they need to do digital marketing  to keep growing their business and they need to hire someone to do that for them as they do not have the expertise themselves or in-house. Examples of the keywords we could be used for this stage:

  • Digital marketing agencies
  • Online advertising services

In general marketing or product pages will be used to target those keywords, in some cases blogs or articles could be used also depending on the keyword. A better conversion rate is expected from those keywords comparing to the awareness keywords but they will be more competitive with a limited inventory.

Decision keywords (bottom of the funnel):

At this stage the user (potential client in our SEO example) decided (possibility after a lot of research) that they need search engine optimization >> to improve their ranking >> that can lead to a relevant high conversion traffic >> which will lead to business growth (in other words they will make more money), the reason I mapped this thinking process that way (which I recommend sharing with the client) is to make sure that the client has the right expectation about the service, every client's ultimate goal is  making more money but our accountability as SEOs at the beginning of the project is to rank and drive relevant traffic, being accountable only for revenue is not fair as conversion rate has too many variables (UX, prices, reputation etc) beyond our control. Examples of keywords to use in this stage:

  • SEO company Toronto (location is a very strong buying signal)
  • SEO services
  • SEO company

The home page, marketing or product pages will be used to target those keywords, blogs and articles do not fit well here. A better conversion rate is expected from those keywords comparing to awareness keywords but they will be more competitive with a limited inventory.

If the conversion rate is still low causing a very high CPA (cost per acquisition) here are few things you can suggest to the client:

  • If you see any glaring UX issues (e.g. missing call to action above the fold) suggest fixing them otherwise propose a UX audit
  • If a call tracking is implemented with call recording listen to few phone calls and make sure they are answered professionally
  • Implement user engagement solutions like exit pop up or chat
  • Apply a competition analysis to find out if the client's pricing is competitive and if they have a unique selling proposition

The keyword research process:

Regardless of the available budget for any client a full keyword research is recommended at the beginning of any SEO project, here are few recommendations that can help with keyword research:

  • Hold a meeting with the client to understand their business and find out if they interested to rank for any specific keywords. It is also important to understand their areas of operation (which countries or cities they can service)
  • Requesting access to any paid search campaign will help a lot to find the right target keywords quickly (keywords with a high number of clicks and a high conversion rate)
  • Asking the client to provide few competitors to be used later in a ranking competition analysis

After getting the information above we should be able to come up with few seed keywords, the seed keywords for a SEO company will be something like:

  • SEO
  • Internet marketing
  • SEO services

The seed keywords will be used in your favorite keyword research tools (e.g. SEMrush, Ahrefs or Google Keyword Planner), I will be using SEMrush for this example

With some work on the filters available in this tool like:

  • Number of words
  • Questions
  • Search volume
  • Country (in my case I have chosen Canada)

You should be able to generate a list of keywords that can fit all marketing stages (top, middle and bottom of the funnel).

Keyword Gap is another tool that is available in SEMrush that can help a lot with keywords research using ranking competition analysis

Please note that there is some vetting required here to refine the keyword lists that SEMrush produces, SEMrush provides Excel exports for all those lists making easier to work with them. After vetting is completed you should have a list of keywords in three groups:

  • Bottom the funnel keywords, those are the most important keywords where the home page and other key pages will be used to target them
  • Middle of the funnel keywords
  • Top of the funnel keywords that will be used in the blog calendar if the client decides to blog

Tow factors will decide which type of keywords you can target first when you start a project:

  1. The level of authority available for the website comparing the difficulty of the keyword (SEMrush provides a keyword difficult score)
  2. The budget available for the project

Here are few scenarios you can expect:

  • Low budget project and low authority domain with difficult keywords: Start the project with easy keywords in the bottom or middle of the funnel and long tail keywords (low search volume relevant keywords with low difficulty and multiple words).
  • Healthy budget project and low domain authority with difficult keywords: Choose easy keywords in the bottom or the middle of the funnel and provide a content plan to target top of the funnel keywords
  • Healthy budget project and high domain authority with difficult keywords: Choose a mix of difficult and easy keywords in the bottom and the middle of the funnel and provide a content plan to target top of the funnel keywords

At this stage we should have a list of target keywords and we can move to the content mapping process where we run our target keywords against the list of keywords that the website is already ranking for (we can get this list from Google Search Console), with some Excel processing like using VLOOKUP we should be able to split the target keywords into 3 groups:

  • Keywords that already ranking somewhere (not top 5 results), already have good content available for them and their landing pages are not used to target other important keywords (those keywords will be placed in the queue for on page optimization)
  • Keywords that are ranking some where (not top 5 results) but their landing pages are used to target other more important keywords, those keywords will be considered content gaps or content opportunities and new pages will be created for them
  • Keywords that do not rank anywhere and there is not landing pages to target them, those will be considered content gaps and new content will be recommended for them

Additional recommendations:

  • Similar keywords that could be targeted using one page must be grouped together (no need to create a dedicated page for every close variation of the same keyword)
  • While doing on-page SEO on existing pages it is very important to look at all keywords each page ranks for and make sure not to de-optimize the page for high traffic keywords
  • Keywords that are not in your target keywords list that are ranking somewhere (not top 5 results) must be be added to the on-page SEO queue (low priority task)
  • Keywords that rank in the top 5 spots, on-page SEO should be done if need be. CTR optimization (on-SERP optimization) is recommended if those keywords have a low CTR
  • Keywords that rank on the first page and trigger featured snippets like answer box (SEMrush can produce this list) must be optimized for the answer box
  • Keywords that trigger Google local three pack (SEMrush can produce that list) must be used to optimize GMB (Google My Business), those keywords could be used to produce city pages (a dedicated page optimized for each major city in the area of operation)

 

Finding the right keywords that take in consideration business priorities, the current level of authority, the keyword difficulty and the existing performance is the foundation of a successful SEO project

Next stop on-page optimization

Technical SEO Tracking & Analytics Uncategorized UX and CRO

Best Tools to Evaluate Website Speed

Posted on January 23, 2019

When it comes to measuring website speed I recommend:

1- Testing the home page + few other key pages from the website

2- Test in different times of the days and different days of the week

3- Test using more than one tool (two at least)

Web Page Test:

Available form multiple locations, multiple devices and using different internet speed, provides speed index (the time required for the site to visually load for users even if there is still process going in the background of the website)

This tool provides insights how to speed up the website, a report, and a video showing the load progress.

Google Speed Insight:

The tool has become more valuable after adding Light House data and Google Chrome data (not available for every website), be aware that score is not speed, speed is measured by seconds only, seeing very low score does matter a lot of your web page speed is 3 seconds or less

This tool provides insights how to speed up the website, a report, a video showing the load progress and industry comparison.

GTmetrix

Available form multiple locations, multiple devices and using different internet speed, this tool can track speed history (paid feature) which is a handy feature to evaluate the website speed though out the whole day or the whole week

This tool provides insights how to speed up the website, a report, a video showing the load progress

Test my Site By Google

This tool is designed to analyze speed on mobile websites with low speed connection (3G), it provides insights how to speed up the website, a report and industry comparison

Google Developer Tools (Advanced)

This is a built in extension with Google Chrome, it has the ability to change connection speed, device, disable/enable cache.

 

Google Analytics (the numbers there are not very reliable)

GA provides average page load time in seconds, I did it find it that reliable, possibility because it averages number from different users and it works based on the code load completion which is not always a reflection of the actuation page load

Off Page SEO On Page SEO Technical SEO Uncategorized UX and CRO

SEO Training Courses and Conferences

Posted on December 18, 2018

The SEO certificates post includes a lot of learning resources as all the certificates require you to go through some training before you can take the exam. If you want a faster rout in a case where you applying a job that needs some SEO knowledge (not an SEO specialist job) you can find many online resources that cover the SEO fundamentals and give you a good jump start in your SEO knowledge

Search Engine Optimization starter guide (by Google) this should be the first document your read, it covers the basics of on-page and technical SEO

Google Quality Guidelines this is very important one to read especially if you are planning to be aggressive in your link building efforts

Google Quality Raters Guidelines Google uses quality raters (humans) to evaluate their search results so their engineers can improve them, what we learned about Google's logarithm throughout the years that it will always try to replicate human quality judgment, reading this document will give you an idea where is Google's algorithm going in the future

SEO Learning Center (by Moz) similar to Google's starter guide

Google Best Practice (mainly for ads) this is Google's best practice document for ads, quality guidelines for ads apply in most cases to SEO which makes this document worthy to read even for SEO specialists

Conferences to attend:

Going to conferences to learn SEO is not going to give you the best ROI however; going there to network and meet new people is the investment you should be looking for

Another benefit of going to those conferences is the status and the credibility it gives you with your clients (especially the big ones), major search engines like Google send speakers to many of those conferences so you will have a chance to hear from the horse's mouth, then you can communicate your SEO recommendations with your clients saying I heard Google saying this at SMX Advance for example.