Amazon Inspector is our automated security assessment service. It analyzes the behavior of the applications that you run in AWS and helps you to identify potential security issues. In late 2015 I introduced you to Inspector and showed you how to use it (Amazon Inspector – Automated Security Assessment Service). You start by using tags to define the collection of AWS resources that make up your application (also known as the assessment target). Then you create a security assessment template and specify the set of rules that you would like to run as part of the assessment:
After you create the assessment target and the security assessment template, you can run it against the target resources with a click. The assessment makes use of an agent that runs on your Linux and Windows-based EC2 instances (read about AWS Agents to learn more). You can process the assessments manually or you can forward the findings to your existing ticketing system using AWS Lambda (read Scale Your Security Vulnerability Testing with Amazon Inspector to see how to do this).
Whether you run one instance or thousands, we recommend that you run assessments on a regular and frequent basis. You can run them on your development and integration instances as part of your DevOps pipeline; this will give you confidence that the code and the systems that you deploy to production meet the conditions specified by the rule packages that you selected when you created the security assessment template. You should also run frequent assessments against production systems in order to guard against possible configuration drift.
We have recently added some powerful new features to Amazon Inspector:
Assessment Reports – The new assessment reports provide a comprehensive summary of the assessment, beginning with an executive summary. The reports are designed to be shared with teams and with leadership, while also serving as documentation for compliance audits.
Proxy Support – You can now configure the agent to run within proxy environments (many of our customers have been asking for this).
CloudWatch Metrics – Inspector now publishes metrics to Amazon CloudWatch so that you can track and observe changes over time.
Amazon Linux 2017.03 Support – This new version of the Amazon Linux AMI is launching today and Inspector supports it now.
Assessment Reports After an assessment runs completes, you can download a detailed assessment report in HTML or PDF form:
The report begins with a cover page and executive summary:
Then it summarizes the assessment rules and the targets that were tested:
Then it summarizes the findings for each rules package:
Because the report is intended to serve as documentation for compliance audits, it includes detailed information about each finding, along with recommendations for remediation:
The full report also indicates which rules were checked and passed for all target instances:
Proxy Support The Inspector agent can now communicate with Inspector through an HTTPS proxy. For Linux instances, we support HTTPS Proxy, and for Windows instances, we support WinHTTP proxy. See the Amazon Inspector User Guide for instructions to configure Proxy support for the AWS Agent.
CloudWatch Metrics Amazon Inspector now publishes metrics to Amazon CloudWatch after each run. The metrics are categorized by target and by template. An aggregate metric, which indicates how many assessment runs have been performed in the AWS account, is also available. You can find the metrics in the CloudWatch console, as usual:
Here are the metrics that are published on a per-target basis:
And here are the per-template metrics:
Amazon Linux 2017.03 Support Many AWS customers use the Amazon Linux AMI and automatically upgrade as new versions become available. In order to provide these customers with continuous coverage from Amazon Inspector, we are now making sure that this and future versions of the AMI are supported by Amazon Inspector on launch day.
Available Now All of these features are available now and you can start using them today!
Pricing is based on a per-agent, per-assessment basis and starts at $0.30 per assessment, declining to as low at $0.05 per assessment when you run 45,000 or more assessments per month (see the Amazon Inspector Pricing page for more information).
When first setting up any website, one of the hardest — but most important — things to decide is what to call it. Your website’s domain will play a big role in defining your brand’s image, search optimization, “buzz-worthiness,” and more. Unique domains are becoming increasingly scarce commodities as thousands of new sites come online each year. With millions of websites already vying for real estate on the web, and each with a distinct domain name, finding the perfect thing to call your site is now more important than ever.
Get your domain today with InMotion Hosting’s easy Domain Registration service.
Of course, understanding what to consider when choosing a domain requires that you know what a domain really is. In simplest terms, the domain name is made up of two parts: the part you create from scratch (like “InMotionHosting”) and the part after the dot, known as the “Top Level Domain” or “TLD” (such as “.com,” “.biz,” “.org,” etc.). You officially buy your domain and register it on the web through a registrar. The registrar ensures that you are the only one who can use that domain while you own it and notifies computers all over the world that when a user types in your domain it is your site they should reach.
5 Considerations for Choosing the Perfect Domain Name
Now that you understand what a domain is, what the parts of the domain name are called, and how to purchase one, it is time to make your choice. But, you need to do more than just pick the first name that comes to mind and happens to be available. After all, this domain will have a huge impact on your success online. So what should you think about when choosing your domain name?
1. Target Audience
Who will you be trying to convince to buy your product or service? Are they young? Old? Male? Female? Do they live in a certain area? When people use a search engine to find you, what sort of search terms will they use? Is your business online or does it have a physical presence in the real world, too? All of these considerations should factor into your final decision.
You also need to think about the terms people will use when they search for your type of product or service. If you can incorporate one or more of those terms directly into your domain name, you may get a direct boost to your search ratings. For example, if someone searches for “teddy bears,” a company with a domain like “FluffyTeddyBears.com” will probably rank higher than something with a generic name like “JimsToys.com.”
Similarly, if your business has a physical location, and you want people in your area to find you, consider including your city or state name in your domain. If someone in your vicinity is searching for a place near them offering your type of product or service, they will likely start their search with the name of your city. So, “DetroitCarCareExperts” or “BestPizzaOrlando” will be more likely to show up in their results than just “A1Mechanics” or “MariosItalian.”
2. Don’t Use Your Own Name
You may be very proud of your company or organization’s web presence, but you should probably avoid labeling it with your own name. While it might be a good idea to own and control the domain of your name for personal purposes, for business purposes there is really no benefit. It is highly unlikely that you share a name with whatever it is your company does, so anybody who is not searching specifically for you may miss you in search results or not understand what they are seeing.
Of course, there are two notable exceptions to this suggestion. The first is if your name is your brand, such as a celebrity or famous athlete. In that case, it makes total sense to use your name for your domain, because that is what people will be trying to find. The other exception is for a business that already shares your name. Many industries like to use the proprietor’s name, like fashion designers, hair stylists, realtors, and others. In that case, it might make sense to have a domain with your name in it. But, for an added boost, if your business has your name in it, but you want to appeal to a broader audience, you could have a domain that describes your business, like “RockportHairDesigns,” but then incorporates the actual owner/business name in the content throughout the site.
3. Spelling Counts
Some may find it fun to include obscure words or intentional misspellings in their domain name as a way to set themselves apart. But, be careful doing so. This may, again, exclude your site in search results for common words. For example, a company selling low-rider truck customization may rank lower in search results if they call their site something like “LowRyderz.” It may also make it difficult for users to find your site if they only hear the name and try to type it in directly, not knowing how to spell it. Go with something easy to spell for your domain name, and save the tricky and artistic misspelling or difficult verbiage for individual products or accent points on your site.
4. Brevity is the Soul of Wit
It was true in Shakespeare’s day, and it is still true in our modern, digital age. What seems more likely for someone to remember: “DetroitCornerBakery” or “DanAndGlendasBestLittleDetroitCornerBakery?” The more words you add to your domain name, the harder it is to read and remember. The perfect length domain name is a careful balancing act between brand identity and search engine optimization. Great online brands like Google, Ebay, Yelp, and others have learned how to mix a strong brand presence in the marketplace with a very short domain name that people can easily remember. They have also spent millions in search engine marketing and optimization to make sure they rank highly in search results. On the other hand, smaller businesses may need the boost of adding things like a product name and location in order to boost search results, but have to avoid getting too wordy. A possible compromise may be using widely accepted abbreviations, like “auto” instead of “automobile,” “SoCal” instead of “Southern California,” or “NY” in place of “New York.”
Also, avoid using articles, like “a,” “an,” and “the,” such as “TheDenverRealtyCo.” People are likely to forget about these words when typing in your domain, and may end up on a competitor’s similarly named site by mistake.
5. Avoid Mimicking Another (More Popular) Brand
Speaking of similarly named sites, many find it a pretty tempting pitfall to try to use a domain name that closely resembles someone else’s site name. Many have thought if they could use a major brand name in part of their domain, it might trick customers into visiting their site, driving up traffic. This was actually a favorite trick of unscrupulous web developers in the early days of the Internet. But, with a deluge of trademark and copyright infringement lawsuits, and the purchase of many variations of popular brand names as domains, the practice has almost entirely fallen out of favor. It is much more likely that using a variation of a more well-known brand in your domain will not generate any more business for you, but could anger site visitors looking for the other company, attract lawsuits, and create a number of other headaches you would probably prefer to avoid.
Use the Goldilocks Approach
Finding the right domain name may be tricky. But, keeping these ideas in mind should put you on the right path. Take your time, think it through, and find a domain that is just right for your business or organization. Want to try out more than one variation? Buy them all and see which generates the best results. In the end, choosing the right domain name will be a mix of careful strategy, intuition, and a dash of your own personality.
And remember, purchase any 12- or 24-month Business Class plan from InMotion Hosting and your .com, .net, .org, .us, .biz, or .info domain is FREE for the first year (excluding promotions).
In the past, it was very clear what you meant when talking about a business’s corporate network. A few servers and PCs, a laptop or two, maybe a VOIP solution, all protected by a firewall. Remote work, where it existed, was relatively rare, and subject to heavy authentication. Then the smartphone was born. Suddenly, the […]
The post Modern Enterprise Networks Are Larger Than Ever – Here’s How You Can Keep Yours Secure appeared first on Liquid Web Official Blog.
If you have created your own website before, you know that compelling imagery is one of the best ways to give your site personality and make it stand out from the crowd. Whether it’s creating a custom banner for your header or improving the photos you post, knowing how to use Adobe Photoshop can be a […]
The post 3 free places to learn how to use Adobe Photoshop appeared first on Name.com Blog.
A huge botnet of home routers has targeted WordPress sites with brute-force attacks over the last few weeks. Brute-force attacks are a risk for WordPress websites with insecure passwords, and they can cause problems even if a site has secure passwords by consuming a significant proportion of its resources. A botnet is a collection of… Continue reading →
Determining whether or not to use WordPress Multisite can be a confusing choice. Should you develop multiple sites under a single installation, or keep each separate? Depending on the scenario, WordPress Multisite can be an extremely beneficial solution. Yet, there are some instances where it is not so much of a good fit.
Trying to decide on whether or not WordPress Multisite is the way to go? Read on for several examples of notable brands implementing this technology in the wild today. But first, let’s dig deeper into what a multisite network actually is.
What is WordPress Multisite?
Source: JDM Digital
Originally called WordPress MU, this feature was envisioned to enable blogging networks. In 2010, WordPress Multisite replaced WordPress MU. Multisite offers a lot more than MU, with sites ranging beyond blogs to include corporate sites, internal networks, and more.
With Multisite, there is one host, one install of WordPress, and many sites. It’s like an apartment complex with a shared roof (hosting), common spaces (filesystems), and many private apartments (sites). If you’re looking to dig deeper into the technicalities of this solution, see our beginner’s guide to WordPress Multisite to get the 411.
Let’s now take a look at some real-life examples of notable brands implementing this technology today.
The University of Texas at Austin
Photo source: uttexas.edu
You’ll hear it over and over again…WordPress Multisite is great for universities. And it’s true! The University of Texas, for example, allows its faculty, staff, and students to create their own site within the network that can easily be self-serviced.
Teachers can create and put their curriculum on a site within the network, making it easy for students to access collateral. If a student wants to create a site for a club, sports team, or personal site, they can do so within the school’s multisite network as well.
UT ultimately has control into what goes into the network, providing six accessible themes to use, as well as a structured web domain.
Believe it or not, Best Buy has an individual website for each and every one of its 1,000-plus stores. WordPress Multisite becomes a huge helper in this instance, storing each site under a single WordPress installation. Each store can then individually host its own customer ratings, current inventory, upcoming sales, and more.
Not to be confused with WordPress.org, this is possibly one of the best examples of a notable brand using WordPress Multisite. Anyone can go to WordPress.com and start a personal blog — once that blog is activated, it is then added to WordPress’ Multisite network.
Currently, there are more than 409 million people who view over 15.5 billion pages each month within WordPress.com’s Multisite network.
The New York Times
Another great application of WordPress Multisite is in the publishing industry. The New York Times enables Multisite for its writers, allowing them to manage individual columns. This gives great agility to its writers and editors who can publish content immediately as they write breaking news stories.
So far we’ve covered education, retail, self-publishing, and news publishing brands who use a multisite network to help achieve flexibility and publishing control with their online presence.
Self-service and travel tool Cheapflights.com also uses WordPress Multisite for its geo-centric locations across the globe, including news.cheapflights.com and news.cheapflights.co.uk.
Rather than setting up a new WordPress site each time, when setting up a new region site, it can be done through the multisite network. This allows the new site to have the same look and structure, yet gives the site owner control over the content that focuses on the region’s specific needs.
While WordPress Multisite is not for everyone, there are some great use cases for it. You can allow users to create their own site with some constraints, as well as centrally manage each individual site from an admin role. Multisite is probably not a good idea, however, if you want a lot of different content and you want all of your sites to look different.
Want to know more? Check out this white paper for some additional insights:
Best Friend or Worst Enemy? The Do’s and Don’ts of WordPress Multisite
The post 5 Examples Of Brands Using WordPress Multisite Today appeared first on WP Engine.
The post 7 Online Copywriting Tips to Improve Your Website appeared first on HostGator Blog.
An impressive online presence matters. It’s the difference between visitors learning more about you or losing interest in your brand. To grab your target audience’s attention, upgrade your copywriting skills to engage with visitors. “You can’t transform a crappy painting into a masterpiece with a few brush strokes. Likewise, you can’t transform crappy copy into […]
Find the post on the HostGator Blog
Building your LinkedIn Profile to be the best professional representation of you is just the first step in taking your career to the next level. While that may sound like a lot of work, updating your profile shouldn’t feel like a chore. All-Star status is a thing. You’ll notice that on both our desktop and mobile experiences, we’ve added a profile completion meter to help show you how your profile stacks up, with quick tips on how to improve your profile in minutes. The more complete it is, the...
The popular Independent Publisher design is a WordPress theme that has long been beloved for its simplicity and legibility. So we are happy to announce that it has been improved, ever so slightly, with the design talents of Caroline Moore and Kjell Reigstad.
Introducing Independent Publisher 2:
Independent Publisher was first designed, developed, and released four years ago by Raam Dev in his introductory post to the Independent Publisher Project:
“I’ve been using WordPress for the past 8 years and in that time my site has always had a modified version of someone else’s theme. I always found it easier to start with a theme created by someone else and simply modifying it until I had it the way I wanted.” —Raam Dev, 2013
I recently caught up with Raam to learn about the origins of Independent Publisher.
JM: How did Independent Publisher come to be?
RD: I had that design swimming around in my head for years—it’s the culmination 7 years of hacking away at a constantly-evolving WordPress theme for my personal site, tweaking and updating it every few months to apply my latest understanding of what ‘good design’ meant. Over the years I had gotten so many requests from people who wanted to use the theme that I was using, but the current theme was always so hacked-together that I wasn’t able to easily share it. Finally in 2013 I decided to put everything that I’d learned into building a theme that could be shared and that’s where the Independent Publisher theme was born. I’ve been amazed by how many people use it—it’s such a weird feeling to visit the site of a stranger on the internet only to discover they’re using the theme that I helped build!
JM: Are you a designer or a developer? I mean, your last name is … “Dev.”
RD: I’m definitely a bit of both. I love building things but I also love thinking about the ultimate purpose of what gets built, the ‘why’ behind the ‘what.’
About my last name, it hadn’t even occurred to me how appropriate my last name was for the type of work that I do until my developer friends started asking if it was really my last name.
JM: What advice do you give for budding designer/devs like yourself when starting off in creating a theme?
RD: Start with the end in mind. When I built the Independent Publisher theme, I kept revisiting the same set of questions at every step along the way: What’s the ultimate purpose of this theme? What is it trying to do? What is its ultimate objective?
JM: How have mobile devices changed how we consume content these days?
RD: If there was ever a good example of the importance of considering the design impact of what we build, mobile would be it. With mobile devices, users don’t get to choose the size of their web browser. They have little choice about the constraints imposed on them by the devices in their hands. That means it’s up to us developers and designers to ensure that content can be consumed as easily as possible on mobile.
In case you are wondering, “What is a theme?” I can tell you that according to Automattic founder and CEO Matt Mullenweg, “themes” began from WordPress version 1.5 way back in 2005. A theme is an encapsulation of code and design knowledge — it lets you customize the look and feel of a WordPress site to be exactly the way that you want. If you are a designer that is new to themes, I suggest that you read this short essay by Mel Choyce on “3 Reasons Why Every Designer Should Create A WordPress Theme.”
Because Independent Publisher came out in 2013, it deserved a tiny set of enhancements. We thought the best two people to lead the design challenge needed to be our theming veteran Caroline Moore and our typography expert Kjell Reigstad.
JM: What makes a good theme?
CM: A rock-solid code foundation like Components and a design that feels like home. My favorites are bold, colorful themes with lots of personality; Scratchpad by my colleague Laurel Fulford comes to mind.
JM: What makes for good typography?
KR: Good typography doesn’t get in the way. It’s balanced, legible, and subtle.
JM: Are there any aspects of Independent Publisher that caught your attention when it was first released on WP.com?
CM: Using a Gravatar as a site logo wasn’t common around the time Independent Publisher was released, so that stood out to me as a neat way to make the theme more personalized right out of the box.
JM: What makes one paragraph more legible than the other?
KR: There are a number of variables that affect the readability of paragraphs. Aside from the more obvious ones like typeface and font size, I find leading and column width to be the most important.
Leading (also known as “line-spacing”) is the space between lines of text. If the space is too wide, your eyes have to work hard to jump from one line of text to the next. If it’s too narrow, your eyes have to work hard at differentiating each line as you’re reading. Leading adjustments can be very subtle, but the right balance makes a big impact.
Column width is a little more self-explanatory. If a paragraph of text is too wide, your eyes will have to take a large horizontal jump each time you progress onto a new line. If the paragraph is too narrow, your eyes will have to make the jump more often. Both of these cases can cause eye fatigue. An ideal column width is somewhere in the middle.
JM: What about this Independent Publisher refresh benefits the reader?
KR: In my opinion, the best update is the switch to using system fonts by default. More often than not nowadays, websites load in custom font files to display all their text. This is great visually, but it does lead to slightly longer page load times.
System fonts are are included with your device by default. These are pretty standard fonts, and tend to be very widely available. You’ve probably heard of many of them: Helvetica, Times, and Georgia for instance. Switching to use these fonts means we don’t have to load in additional font files every time your site loads. This saves time, and is especially handy when visitors are on a slow or unstable mobile connection.
Best of all, the system fonts we used are beautiful! Headlines are set in your computer’s default sans serif font Apple’s San Francisco font, and Android’s Roboto for example, and body text is set in Georgia by the beloved Matthew Carter.
JM: Where do you see the world of themes heading, Caroline?
CM: I want to see themes condensed into a single CSS file, applied over different components that you can mix and match to build any kind of site you can imagine.
JM: If I’m a beginner to design and want to learn more about typography, how do I start, Kjell?
KR: This is a quick, 6-minute video that I made last year to share the joy of typography:
JM: Thank you Raam, Caroline, and Kjell!
So there you have it — enjoy the new power of Independent Publisher 2, and set yourself free to write with enhanced legibility, special tweaks for mobile, and an overall faster experience for your readers.
Read more about Raam Dev, Caroline Moore, and Kjell Reigstad on their respective websites:
Filed under: Better Blogging, Design, Themes
This week, I attended the first of the upcoming AWS North America summits at Moscone Center in San Francisco. As always, the summit was a blur of technical sessions, product and service announcements and vendors and partners in the expo hall (including yours truly). It was great seeing everyone there — a special thank you
The post AWS Summit San Francisco in Review appeared first on The Official Rackspace Blog.
Last Thursday, Dell EMC announced it has sold Spanning Cloud Apps, which it acquired in October 2014. The company hasn’t released the terms of the deal yet, but it will allow Spanning to become an independent company.
Spanning is known for offering SaaS applications, such as Office 365, G Suite and Salesforce applications. The company will be led by Jeff Erramouspe and all 56 employees will stay with Spanning.
Read the full story here.
For more than 15 years, Rackspace been the trusted Microsoft technology partner of choice for organizations transitioning their productivity applications to the Microsoft Cloud. As a hosting provider for more than half of the Fortune 100, with more than 15 years of hosting experience under our belts, Rackspace has unmatched expertise when it comes to
The post Introducing Fanatical Support for Office 365 Enterprise appeared first on The Official Rackspace Blog.
Do you want to use more video in your Twitter marketing? Wondering how each type of Twitter video works? With the launch of its native live video service, Twitter is prioritizing video higher in the news feed, making it the perfect way to reach your audience more often. In this article, you’ll discover how to [...]
This post Twitter Video: How to Create Engaging Video Content first appeared on .
- Your Guide to the Social Media Jungle
Cloudflare provides numerous benefits to ecommerce sites, including advanced DDOS protection and an industry-leading Web Application Firewall (WAF) that helps secure your transactions and protect customers’ private data.
A key Cloudflare feature is caching, which allows content to be served closer to the end user from our global network of data centers. Doing so improves the user's shopping experience and contributes to increasing the proportion of people completing a purchase (conversion rate).
Walmart found improving page load time by 1 second increased their conversion rate by 2%
Research for Amazon showed every 0.1 second of delay costs 1% of sales
The Barack Obama campaign website saw an 80% page load time boost resulted in a 14% increase in donations
What is caching?
Most ecommerce websites rely on a backend database containing product descriptions and metadata such as prices. Without caching, each visit to a product page might involve several database requests to pull all the required data, which can introduce added latency to page load time, particularly on a busy website. Serving the website's homepage and product pages from Cloudflare's cache not only eliminates these costly database calls, but also reduces the load on your origin infrastructure.
To make the most of Cloudflare and to help maximize the speed of your website, serve as much content as possible from the Cloudflare cache.
How Cloudflare caching works
By default, Cloudflare caches static content based on a fixed list of file extensions which includes assets such as images, CSS files and PDFs.
The reason Cloudflare only caches static content out of the box (and does not cache HTML content by default) is to avoid the risk of inappropriate data being cached. For example, if the shopping cart page is cached, then the next visitor might receive the cached version and see a cart with the incorrect contents. Therefore, while enabling more caching will let you make the most of Cloudflare, it requires careful and considered implementation.
Additional caching on Cloudflare can be enabled in one of two ways - using Page Rules or by sending cache headers from your origin. These two methods are explained in more detail here. In this blog post we’ll use Page Rules, but keep in mind you can use headers from your origin too.
Using caching on ecommerce sites
A typical HTML page on an ecommerce website will contain static content (such as the product description) and dynamic content such as:
a header section which varies according to the visitor’s logged in state - e.g. if the user is logged in, it may offer the user a “Logged in as..." message
a basket section which populates as the user shops on the site
The user might have one or more session cookies to maintain these dynamic elements.
There are few ways to make the most of Cloudflare's caching, while taking into account the dynamic nature of ecommerce websites.
Method 1: cache everything on Cloudflare but bypass the cache for private content
Note: the Bypass Cache on Cookie feature is only available on the Cloudflare Business and Enterprise plans
Many visitors to a site will be brand new, first time visitors - in other words, they won’t be logged in to the site and won’t have any items in their basket.
Serving their request from the Cloudflare cache means they can quickly view the page they’re looking for (whether the homepage or a specific product page). As they're a brand new visitor, the entire page can be served from the Cloudflare cache.
With most ecommerce platforms, as soon as the user logs in to the site or adds an item to basket, a relevant cookie is sent to the browser.
Cloudflare can cache the pages, but will bypass the cache should Cloudflare receive either of the cookies from the browser.
This is achieved by introducing a Page Rule with a “Bypass Cache on Cookie” setting:
In the above example, the Page Rule will cause all requests to the site to serve from cache, unless the web browser has sent a cookie named “loggedin” or “iteminbasket”.
Obviously every ecommerce platform is different, so always think through your settings and ensure you use the correct cookie values to ensure that there is no risk of private data (e.g. someone’s shopping basket) being served from cache and shown to another visitor.
This means Cloudflare will serve the bulk of the page content and only small requests will pass (via Cloudflare) direct to origin to populate dynamic elements such as the basket contents.
To configure this, use a Page Rule with Cache Level “Cache Everything” for the static content and another Page Rule with Cache Level “Bypass” for the dynamic (AJAX) requests.
In this example, any requests going to www.example.com/ajax/basket_contents.php and www.example.com/ajax/logged-in-state.php would match the first Page Rule, which has cache level “Bypass” - Cloudflare will proxy the request but the request won't touch the Cloudflare cache.
Other requests, e.g. to www.example.com/products/product_page would not match the first Page Rule but would instead match the second “Cache Everything” Page Rule - thus the product page is served from the Cloudflare cache. Within that product page, the dynamic elements (such as the basket contents and the logged in state) are dynamically populated using the AJAX requests.
You should also consider introducing additional appropriate Page Rules for special pages such as the checkout pages - for example, you may wish to create a Page Rule that bypasses the cache for all the checkout pages.
Remember: only one Page Rule will execute for any given request, and Page Rules are processed in the order they exist in the Cloudflare control panel. Read over our Page Rules tutorial to better understand how they work.
Optimizing further: using Railgun
Note: the Railgun feature is only available on the Cloudflare Business and Enterprise plans
Cloudflare’s Railgun technology optimizes the connection between Cloudflare and the website origin, for accelerating dynamic HTML content - content that can't be served from the Cloudflare cache.
Railgun helps in two ways:
Establishing a persistent connection between Cloudflare and the website origin (to speed up initial connection times)
Compressing the data that passes from the origin to Cloudflare by only sending content that has changed
Railgun can happily be used in conjunction with the previously discussed caching methods.
If you’ve implemented method 1 (the bypass cache on cookie method) then Railgun will accelerate the requests which pass directly to origin due to the presence of the relevant bypass cache cookies.
Method 2 (caching everything on Cloudflare except AJAX calls to populate dynamic sections) is already more efficient than method 1. Railgun can still be used to further accelerate the AJAX requests that pass from Cloudflare to origin.
Railgun is a little more advanced as it requires installation of a small software package on (or very close to) the origin webserver to handle the compression. You can read more about Railgun here and find the installation documentation here.
Log file analysis is an important tool in any technical SEO audit and really, any regular analysis where you need to better understand how your site is being accessed and crawled by search engines.
What Are Log Files and Why Use Them for SEO?
Most web servers maintain a log of all access to a website by humans and search engines. Data that is usually logged includes the date and time access, the filename(s) accessed, the user’s IP address, the referring web page, the user’s browser software and version, and cookie data.
Although search engine crawling behavior changes daily, log files allow you to see longer term trends to identify crawl patterns (for example, if it’s trending up or down). In addition, you can check to see if specific pages of your site, or sections, are being crawled.
This is rich data you can use in your technical SEO analysis. Because log files contain the click-by-click history of all requests to your web server, you want to make sure you have access to this and know how to use it.
Other ways log files provide benefits over web analytics include:
It’s not possible to see the history of your analytics data prior to having analytics set up or modified. In contrast with log files, you can go back as far in time as you like. Quick caution: for many web hosts the prior statement is true, but you should check with your web host to make sure they are keeping your log files available to you, otherwise they may delete them after a period of time.
If this is done incorrectly, or some pages are missed, your data will be wrong and these problems can be hard to find.
Custom tagging is needed in analytics for more complex analysis, such as seeing how many people clicked on certain links.
If you’re using a third-party hosting provider, you may be able to get access to a log file analytics package from the vendor. You can then use Excel to analyze those files by converting them into an Excel format.
Log File Analysis: What You Can Find
There are seemingly endless ways you can slice and dice your log file data. Let’s look at just a handful of scenarios you can get insights into.
Crawlers Accessing Your Site
Do you want to ensure your site is crawled by specific search engines? Log files can tell you the types of web crawlers accessing your site and how many requests from them you get per day. This includes tracking people who may be scraping your web site. You can also view the last crawl date.
Crawl Budget Waste
Search engines like Google have a specific number of pages they will crawl on any given website on any given day (aka “crawl budget”). Here is an important excerpt from my May 2016 virtual keynote with Gary Illyes on the concept of crawl budget:
Eric: So historically people have talked about Google having a crawl budget. Is that a correct notion? Like, Google comes and they’re going to take 327 pages from your site today?
Gary: It’s not by page, like how many pages do we want to crawl? We have a notion internally which we call host-load, and that’s basically how much load do we think a site can handle from us. But it’s not based on a number of pages. It’s more like, what’s the limit? Or what’s the threshold after which the server becomes slower
I think what you are talking about is actually scheduling. Basically how many pages do we ask from indexing side to be crawled by Googlebot? That’s driven mainly by the importance of the pages on a site, not by number of URLs or how many URLs we want to crawl. It doesn’t have anything to do with host-load. It’s more like, if…this is just an example…but for example, if this URL is in a sitemap, then we will probably want to crawl it sooner or more often because you deem that page more important by putting it sitemap.
We can also learn that this might not be true when sitemaps are automatically generated. Like, for every single URL, there is a URL entering the sitemap. And then we’ll use other signals. For example, high PageRank URLs…and now I did want to say PageRank…probably should be crawled more often. And we have a bunch of other signals that we use that I will not say, but basically the more important the URL is, the more often it will be re-crawled.
And once we re-crawl a bucket of URLs, high-importance URLS, then we will just stop. We will probably not go further. Every single…I will say day, but it’s probably not a day…we create a bucket of URLs that we want to crawl from a site, and we fill that bucket with URLS sorted by the signals that we use for scheduling, which is site minutes, PageRank, whatever. And then from the top, we start crawling and crawling. And if we can finish the bucket, fine. If we see that the servers slowed down, then we will stop.
To translate that a bit, there are a specific set of priorities Google will have for crawling a site. It may not be a specific number of pages, but that may still lead to Google spending time crawling pages that you have marked with NoIndex tags, rel=canonical tags, or other pages that are more or less a waste of its time. Log file analysis can help you discover just how much of this is going on.
Search engines may not be crawling the most important pages of your website. Through log file analysis, you can see which sections (folders) or pages (URLs) are crawled and the frequency of those crawls. You want to ensure major search engines like Google and Bing are accessing the files you want and including them in their index. You can help set crawl priority via your XML Sitemap. https://support.google.com/webmasters/answer/183668?hl=en
The basic way to do that is to import your log file into Excel and filter on the presence of the URL or folder names. More complicated Excel analysis of the search engine crawl priorities requires a more in-depth knowledge of Excel that I’ll go through in an upcoming article.
Duplicate URLs Crawled
Crawlers can waste crawl budget on irrelevant URLs. For example, when URL parameters are tagged onto a URL, created for the purposes of tracking performance, like a marketing campaign, https://ga-dev-tools.appspot.com/campaign-url-builder/ like this:
Once you’ve identified these, there are ways to address it by going into the site’s Google Search Console account, selecting “Crawl”, and then “URL Parameters.” Here’s a screenshot of what you might find (this is just an example, and the message you receive might be very different):
Response Code Errors
If you’re working with an SEO platform (like Moz) or a crawler tool (like Screaming Frog SEO Spider), you usually have access to this type of information. However, if you don’t get this info anywhere else, log files can tell you about 404 errors or any 4XX or 5XX errors that could be impacting your site.
When you’re analyzing the data, group the requests by file type (HTML, PDF, CSS, JS, JPG, PNG, etc.). Within each group, cluster by server response code (200, 404, 500 and so on).
Files that are in the site’s crawl path should return the response code 200 or redirect to files that eventually resolve as 200. Your goal: Not to have errors in the site’s crawl path.
Again, many other tools can tell you about things like temporary redirects (302s). But so can log files. It’s worth mentioning that Google said in 2016 that 302 redirects won’t result in PageRank dilution, http://searchengineland.com/google-no-pagerank-dilution-using-301-302-30x-redirects-anymore-254608 but you can still use this data to prioritize the updates that make sense for the site and business, but they can still lead to the wrong page being indexed by Google (they may keep the page that 302 redirects in the index instead of the page that the redirect points to).
Other ways you can use log files to dig into juicy data:
Look for images that are hot linked (requested from HTML files on other sites). This will show you when people are using your images in their content, and you can then go verify that they are at least providing some level of attribution.
Look for unnatural requests for files that do not exist and there’s no reason to be looking for them. This could indicate hacking attempts.
Look at requests from absurdly outdated user agents. For example IE5 or NN4, as those could very well be bots that you may want to consider blocking. This is something that you can do in your .htaccess file (Apache servers) or ISAPI rewrite (IIS servers). If you want to take this further, you can also write scripts that can dynamically detect bad bot behavior and block them from accessing your site at all.
Look for requests to files that may not be included in your standard traffic reporting, for example for PDF or Word documents.
Log files can be an overlooked treasure trove of SEO data that is crucial to uncover. Using log files in addition to your web-based analytics helps inform the diagnosis of a website’s health, and can help you solve tough problems the site may be facing.
Starting and growing a YouTube channel takes a lot of time, effort, patience, and often money. You have to create good, compelling videos, and they have to capture an audience at the right time. If you’re lucky, something will go viral and will end up on peoples’ related videos and recommended videos for months. If you’re not lucky, you’ll languish with sub-100 view videos for the indefinite future, hoping to be discovered through sheer volume of content. With 300-500 hours worth of video uploaded to YouTube literally every minute of every day, you’re not going to have the volume to flood the market like you want.
There are two ways you can try to get around this. The first is to embark on a campaign of extreme social and growth-hack-style casual marketing. We’re talking social media posts, a blog, a mailing list, a Facebook page, the whole nine yards. You’re going all-out with the free strategies to force a brand presence and try to encourage viral exposure.
The other method is to suck it up and spend some money. You have to spend money to make money, most of the time, and a little investment can go a long way towards kick starting the popularity you need to become self-sufficient. You won’t have a positive return on investment, at least not right away, but you’ll certainly get the subscribers, viewers, and engagement you need to get the ball rolling.
What I’ve done is put together a list of possible services you can pay to get you some exposure on your videos. Some of them are obvious, some are a little less so, and some you might never have heard of before. I’ve split them up in a few categories for easy browsing.
Social Media Ad Networks
Social media is the bread and butter of many advertising campaigns. There are a lot of different social networks, but some of them don’t really work with YouTube unless you have a specific type of content.
For example, LinkedIn ads won’t really work for YouTube content unless you’re heavily focused on business, marketing, or job search content. If you are, well, you’re good to go, and you can consider this a free entry on the list.
Facebook/Instagram Ads – Facebook and Instagram are both covered by the same system. Facebook is the largest and most targeted ad system available, which makes it an excellent choice. Instagram is highly visual and, if you’re in a visual niche like beauty or fashion, can be a great place to advertise.
Twitter Ads – Twitter is another good ad network, though it doesn’t have the engagement or the targeting options of Facebook. Twitter is great to advertise using short gifs or video clips of funny moments from your content. On the other hand, you need to produce a lot of ads, because content gets stale very quickly on Twitter, and your YouTube channel is unlikely to trend.
YouTube/Google Ads – What better place to advertise your YouTube channel than on YouTube itself? Using Google ads, you can get web ads, ads on blogs all over the web, and ads on YouTube natively. Google also has fantastic website integration and analytics, if you’re into that kind of thing. It depends heavily on whether you’re building a website or just a channel, to determine which elements of AdWords you want to use.
StumbleUpon Ads – Normally I don’t highly recommend StumbleUpon, because it’s the epitome of short attention span, no engagement views. However, highly visual content is what hooks people from Stumble, and YouTube videos have a way of going viral when they’re exposed to enough people through the platform. Give it a try.
Pinterest Ads – Pinterest has many of the same benefits as Instagram for visual, crafty, DIY and other graphical forms of content. The only downside is that promoted pins don’t have nearly the same sort of variety and control as Facebook/Instagram ads, so you’ll have to work a little harder to reach your audience.
Reddit Ads – Reddit is an excellent community for basically anything if you can find the right sub. However, it’s pretty resistant to blatant ads or ads for sub-par content. Basically, I recommend posting your content organically a few times to get the feel of the place, and if they like it, invest in ads to get it circulated more.
Traditional Ad Networks
Traditional ad networks will make up the bulk of this list, but I’ve tried to angle on the side of video-focused networks. On the one hand, this means you’re going to have to make some video ads most likely, but for a YouTube creator, that’s not necessarily a problem. A video trailer or a simple video ad can go a long way where a text ad can’t. However, it does also means more work, and you may be competing with some very high quality producers.
One thing to note is that I haven’t actually personally used most of these networks, so exercise caution before you invest heavily.
Outbrain – Outbrain is one of the high end native advertising networks, which means your content will show up as “related content” on a lot of mid-to-high-end blogs. It also does pretty well with clickbait-style content, at least with sensationalist headlines or video titles, so experiment to see how you can get more clicks that way.
Taboola – The primary competitor for Outbrain, Taboola is much the same in pretty much every way other than the sites the ads appear on. They have different display networks, so if you can get into both of them, you can double up on the variety of sites you reach. Of course, you want to test to make sure you can get anything valuable from them before you invest.
BrightRoll – This ad network is typically for larger players, but if you have the cash, they’ll certainly let you spend it. Publishers are required to have at least five million views per month on their videos or three million on their sites or apps, so you know you’re getting on some relatively large sites.
AOL Platforms Adap.tv – Adap.tv was a pretty great video ad network that was acquired by AOL a few years back. Surprisingly enough, it’s maintained AOL’s relevance in the online sphere, and they didn’t even have to send out demo disks to do it. They even have a private marketplace for publishers you can use if you have the right kind of content.
SpotXchange – One of the more traditional ad networks on this list, they have over a thousand publishers in their network and billions of video ads each month. There’s a lot of viewership to be had here and their costs are surprisingly low for what they offer.
Adobe Primetime (Formerly Auditude) – Another good old network acquired by a major company, this one was completely rebranded and added to part of the Adobe Marketing Cloud, which is their name for a swarm of various web apps, SaaS offerings, and services. Because of the control they offer publishers, you tend to get higher quality views from this network.
Exponential Interactive – The video advertising hub of this network is AdoTube, and it’s pretty good for what it is, at least as far as I’ve been able to see. Plus, they tie in well with web ads if you’re splitting focus on a website, because they’re part of the same group as Tribal Fusion. Take advantage of both if you can.
Videology – Founded by the same guy who founded advertising.com, so you know it’s big and focused. This one is excellent because it’s primarily focused on sites and viewers in the U.S., which makes it great for higher CPM rates on your YouTube ads.
YuMe – A network that focuses on programmatic purchasing for ad fill, and gives you access to multi-screen video audiences, which may or may not be a benefit depending on what you actually get out of it. Your content will largely be pre-roll ads on other videos in locations other than YouTube.
Undertone – Banner and pre-roll video ads with a high impact, they boast pretty high CPM rates for publishers, which means pretty high ad rates for advertisers. However, they have a good cross-screen presence on apps and mobile devices as well as desktop viewers.
YouTube Promotion Networks
These ad networks specifically work with YouTube creators to promote YouTube content, generally in terms of views and engagement, not conversions or revenue. I’ve seen some good reviews and some bad reviews for all of them, I haven’t used any of them personally, and as always, my recommendation is only as good as your experience.
Test them out and see if they provide adequate returns, and only then consider going all-in with a sustained ad campaign.
Promolta – This one is sort of a hybrid between traditional ads and view buying. They’re focused on promoting YouTube videos, and they have a network of display sites to show your video around. I’ve seen some controversy about them using a Swagbucks-style display that doesn’t get much engagement, though, so test before you invest.
Virool – Somewhat similar to Promolta, this one isn’t too bad, and has strived to be on the good side of the law – Google – in their dealings. They had a public issue with their own marketing a while back, leading to delisting and subsequent appeals that got them reinstated, but as far as I know they never used shady techniques for their actual ad promotion.
Emerse – Not to be confused with the electronic medical record search engine, Emerse has been a relatively small but potent network since 2007. They’ve worked with Coke, Microsoft, Visa, Disney, and a bunch of car companies, as well as working with the Obama election campaigns.
Viboom – A smaller network, this one has generally outstanding reviews and is considered safe by the people who both use it and post about it publicly. Their cost is a little high — $30 for 1,000 views on average – but the views tend to be pretty good. They guarantee real views that won’t be purged in an audit, which is more than many will say.
Sprizzy – This is a newcomer to advertising, and they have approached it with a very media-centric viewpoint. In addition to helping promote YouTube videos, they do Kickstarters and other crowdfunding campaigns, which makes them a favorite of many indie groups and small developers.
FameBit – This is a media-centric network that works with brands as a sort of paid influencer marketing. You pay for exposure and they hook you up with large brands for various partnerships and promotions. Due to the high value and limited availability, however, they have strict entry requirements.
There are some very good freelancers with excellent promotion skills. Some of them have their own connections or their own channels they can use to promote yours. Some of them are simply very adept at running campaigns on various ad networks like those listed above, making their service basically outsourcing ad management. Some of them, however, are likely botnet view spammers or other black hat services.
I highly recommend caution, particularly when an offer seems too good to be true at the cheaper price points. Do a very small test and focus analytics on the before-and-after comparison before you buy a large package. Also, I recommend waiting a bit to make sure YouTube doesn’t audit and remove fake views after you make a purchase. It’s better to have a few views removed than it is to have your AdSense account closed on you.
SEOClerk – This is like Fiverr for social and search marketing professionals. You can find people willing to promote just about any kind of content, using a wide variety of both legitimate and black hat techniques. Make sure you vet your freelancers carefully.
Freelancer – One of the largest global freelancing hubs online, this site will put you in touch with a lot of potential marketers, but at the same time you have to avoid a lot of low-effort, low-bid contractors from third world countries.
Upwork – The Frankenstein golem of what remains of Elance and oDesk, this site has had some public backlash recently, but you can still find some high quality freelancers around. Many of the best moved on to their own private websites, though.
Fiverr – The prototype for a lot of small payment microservices, Fiverr can be good or terrible depending on who you pay for what services. Avoid straight view buying – you’re likely to end up paying for bots more than anything.
The post List of 25+ Paid Services to Promote a YouTube Video appeared first on Growtraffic Blog.
Everything from your first cup of coffee & your commute to the office, to your afternoon snack & evening walk with your dog can now be connected and tracked. This is the kind of world we will soon live in – a world where every device or appliance we use in our day-to-day is connected […]
The post Three New Attack Vectors That Will Be Born Out Of IoT appeared first on Liquid Web Official Blog.
By Sara Atwood
The birds are chirping and the blossoms blooming, and you know what that means: it’s time to tackle your spring cleaning. Winter’s thaw is an annual reminder to clear out the clutter — and not just in your garage. Websites spawn their own digital dust bunnies and need an annual scrub to keep things running smoothly.
This spring, take time to air out your website. Visitors will appreciate — and reward — a freshly scrubbed, updated site. Superpower your spring cleaning with this checklist of chores and your website will be sure to pass any white-glove inspection.
1. Update copyright and time references. Sure, the info stuffed in your website’s footer can feel like a fussy detail, but it’s one that can speak volumes about the attention you pay to your content. Visitors are sure to question the validity and functionality of an out-of-date website, so exude relevancy and timeliness by making this quick update. Go a step further and ensure your copyright date is always current by adding a few lines of code.
2. Renew domain names. Don’t let your domain disappear — renew your registration now or set a calendar reminder to do it before it expires.
3. Check for broken links. Like dusting, this tedious chore is best checked off more than once a year, but hey, we all get busy. Broken links will frustrate your visitors, repel customers, and damage your search engine rankings. If you haven’t hunted down these pesky pests recently, find yourself a link checker and tracking. There are a number of tools that can help here, but we recommend Screaming Frog.
Want to improve your SEO? Check out these 5 no-brainer tips for beginners.
4. Check and update contact information. There’s little more frustrating than returned or unanswered email. Make sure your customers’ queries are going to the right inbox by double checking and, if necessary, updating your email address and other contact information: phone, fax, addresses, social media accounts, etc. Make sure the info for all your brick-and-mortar locations (if you have them) is present and accounted for. While you’re at it, delete any superfluous or unused email accounts, and don’t forget to remove every reference to them from your website.
5. Test functionality. Fill out any forms, take any surveys, sign up for every email list offered on your site, and make sure the process is simple, intuitive, and most importantly, functional. Check that comments work on your blog, and don’t forget to test-drive your checkout process from shopping cart to deposit of money into the correct account. Fix any bugs and consider ways you can smooth out the process.
6. Update prices and review inventory. Operation and manufacturing costs fluctuate through the year, so take a look at your numbers and check your prices for fairness to the customer — and to your profit margin. Also, take a second look at the products you have listed for sale. Any slow movers that need to be rethought, repriced, or retired? Make sure to remove any discontinued products from your site.
7. Review consistency. Scroll through your content to ensure that fonts, image sizes and style, and copywriting and grammar style are consistent throughout your website. Tidy up any inconsistencies to ensure a professional look. And while you’re at it, check for relevancy and timeliness too, especially in introductory posts, popular content, and product descriptions. Repurpose or delete dated content.
8. Update bios. Keep your website feeling fresh by updating your bio and polishing up the “About Us” page. Double check any key stats or numbers listed on this page as well. Don’t forget to update staff positions and job duties that may have changed in the past year, so credit is given where it’s due and customer queries are addressed to the right person.
9. Note your news. Nothing feels more stale on a website than old news, and little is more repelling than a “what’s new” post from 2013. When’s the last time you’ve updated your news page? There’s no time like the present: write a quick and catchy update, or consider nixing this page if you can’t keep it timely. If you have a calendar or events page, delete past events and update with current information.
10. Update policies. The policy page is an easy one to fall through the cracks, so make sure to pull it out of the cupboard and give it some love this spring. Check that your company’s current practices are accurately and clearly represented — make sure nothing is overlooked — and make changes as needed.
11. Review analytics. Take a look at Google Analytics and sift out trends. Determine which pages are frequented the most, and which are getting a bit moldy. Polish up your popular posts and consider how you can get more mileage out of them — a social media post or campaign, perhaps? As for the dustier pages, bring in more visitors with links and shoutouts in more popular posts, repurpose the content, or consider axing them entirely. If the pages you want people to see aren’t getting enough traffic, it’s time to rethink how the content is teased and the information presented.
12. Evaluate calls to action. Are your “subscribe,” “donate here,” and “buy now” links drawing enough attention? Rethink how you can shine up your calls to action so your website can better accomplish its purpose and clinch new customers.
13. Review your hosting plan. After you’ve dusted off the details, take a step back and look at the place your website calls home. Is your current hosting plan working for you and your customers? Take a closer look at your analytics: are you seeing your website traffic grow over time? If you started out with shared hosting and are attracting more and more visitors, it might be time to graduate to a plan that will enhance your site’s performance and stability. Consider whether your website would benefit from a VPS or a dedicated server.
Ready to upgrade your hosting plan? DreamHost can help.
The post Spring Clean Your Website With This 13-Point Checklist appeared first on DreamHost.blog.
Ahh family game night. What better way to spend a Sunday evening than causing long-lasting tears in your familial relationships after a questionable Yahtzee toss or unyielding game of Monopoly? We’re celebrating the fun and drama that comes along with this time-tested ritual during this week’s Bottoms Rupp sale. This Thursday, April 27 from 3 to 5 p.m. […]
The post Bottoms Rupp | It’s family game night appeared first on Name.com Blog.
Every week brings fresh news and updates in the world of WordPress. Here we recap some of the biggest stories in the WordPress community provided by Torque. Dedicated to informing new and advanced WordPress users about the industry, Torque is a hub for WordPress news, business, and community.
This week’s WordPress Digest features stories on Automattic closing its San Francisco office, your guide to hiring a WordPress developer, how to auto-sync your Git repositories into WordPress, and more.
DOC POP’S NEWS DROP: IS AUTOMATTIC CLOSING ITS SAN FRANCISCO OFFICE?
If you’re on a hunt for a new office in San Francisco, rumor on the street is that Automattic might be shutting down their San Francisco corridors. Watch Doc Pop’s news drop above for the latest on the topic.
EVERYTHING YOU NEED TO KNOW ABOUT HIRING A WORDPRESS DEVELOPER
While WordPress is fairly easy to use out of the box, to build a fully-functional, responsive site, you might consider hiring a developer to do it for you. This guide will equip you with what you need to know prior to hiring, including what questions you should ask prospects, whether or not to hire a single freelancer or a team of developers, and more.
HOW TO AUTO-SYNC YOUR GIT REPOSITORIES TO WORDPRESS
Whether you’re using GitHub, BitBucket, GitLab or similar to deploy changes, syncing these changes with WordPress can be somewhat tedious. However, this article will show you how to automatically sync your GitHub repositories with WordPress using a third-party installation. In no time your development workflow will be taken to the next level.
USING THE WORDPRESS REST API WITHOUT AN EXTRA HTTP REQUEST
In this tutorial, learn how to get properly formatted REST API responses without any additional HTTP requests. You’ll also learn how to make a no page refresh pagination post archive. Learning how to do these things is beneficial because reducing page requests will result in faster page load times.
TORQUE TOONS: WP SMUSH WINS PLUGIN MADNESS
Plugin Madness recently wrapped up and WP Smush took home the trophy. Check out Torque’s latest comical take on the event here.
Stay tuned for more feature stories and WordPress news from torquemag.io!
The post WordPress Weekly Digest: 4/24/17 appeared first on WP Engine.