Posted by & filed under List Posts.

*** Breaking SSL Security News ***

Yes, major hacks of huge enterprises are disconcerting and deserve attention. But what’s perhaps even more distressing is an Internet-wide trend of security best-practices neglect. Consider this: an eye-popping 35% of websites are using an SSL certificate with the outdated, proven-unsafe Secure Hashing Algorithm 1 (SHA-1) algorithm. That’s a total of 61 million websites.

 

  • More than 1/3 of websites use a bad cert
  • Should you be very afraid of SHA-1?
  • Must-know info on the various SHA types
  • Why are we hitting the SHA-2 migration PANIC-BUTTON?

 

TSS

 

It’s easy for people to point fingers when it comes to Internet security. After all, like a FAIL video, it provides a sort of dark entertainment to look at the very public embarrassments of large enterprises and others that have been hacked. From Sony to Target, from Home Depot to the US State Department to worldwide financial institutions, breaches in security have become so commonplace that people often forget their incredible cost, in terms of loss of business (think Sony being thrown almost completely off the Internet) and loss of reputation (think Anthem, which states on its homepage, “Anthem is a trusted health insurance plan provider” – well, maybe).

 

The focus on these huge companies makes us forget the extent to which all companies are at risk, including simple blogs, startups, and other SMBs. Let’s look at a specific way that websites are making their users’ data vulnerable, making it clear how critical SSL upgrading today really is.

 

More than 1/3 of websites use a bad cert

Amazingly, a study by cryptographic key protection firm Venafi reveals that 35 percent of sites globally continue to use a no-longer-secure Secure Hashing Algorithm 1 (SHA-1) SSL certificate. That’s true even though major browser companies – including Apple, Google, Mozilla, and Microsoft – stated that they would not support these certs starting in February 2017.

 

What exactly does that mean? Well, first, it should be understood that February 2017 is not a deadline to change these certificates. The deadline is today – SHA-1 is no longer secure.

 

However, just for further motivation, these are the typical messages and signs a user will see (with variations dependent on browser) when SHA-1 is officially no longer supported – as indicated by Help Net Security on November 21, 2016:

 

  • Crossed out lock icon and https (in address bar);
  • “Privacy error”;
  • “Your connection is not private”;
  • “Attackers might be trying to steal your information from Your Site in Bold (for example, passwords, messages, or credit cards).”

 

All of these warnings are traffic disruptions, which translates into a threat to your profits. When users see warnings like these, they will go to a competitor. They won’t see the comforting and recognizable padlock. In fact, the site could even become inaccessible.

 

Should you be very afraid of SHA-1?

Now, really, if you do think you might still have an SHA-1 SSL cert in place, it should motivate you that your site is currently not considered secure and that changing the cert to an affordable, easy-to-install SHA-2 cert is urgent and follows best-practices. However, it should further motivate you that you’ll be advertised by your users’ own software (the browser) that your site is no longer secure.

 

Regardless of whether you are convinced this SSL switcheroo is necessary, the end result, since not everyone will be informed, is problems. SHA-1-retaining sites will suffer huge hits to user experience (UX) and ballooning of support calls, along with potentially substantial losses in revenue and credibility.

 

Venafi’s cloud services manager Walter Goulet noted that the big, high-traffic sites have left for the security New World of SHA-2, but many sites are still using SHA-1. “According to Netcraft’s September 2016 Web Server Survey, there are over 173 million active websites on the Internet,” he said. “Extrapolating from our results, as many as 61 million websites may still be using SHA-1 certificates.”

 

That’s the exposure, but what’s the specific threat? Hackers can potentially crack Secure Hashing Algorithm 1, rendering it useless – in other words, open access to data. Gordon E. Moore’s theory on the speed of data growth, Moore’s Law, says that overall processing power for computers will double every two years. Electronic Frontier Foundation Board Member Bruce Schneier has framed this issue in terms of dollars on his blog:

  • It takes 2^74 processing cycles to hack the SHA-1 algorithm with the strongest tools available. Those cycles can be converted into time.
  • The approximate cost would be $2.77 million to use public cloud to brute-force-attack SHA-1. That’s not really a lot, depending on the target – and the number is falling fast.
  • The expectation is that it could cost just $43,000 to run a hack of SHA-1 by 2021. Even at that point, to just methodically run through the numbers for a successful hack, it would take 7 years.
  • While seven years may seem like a mini-eternity (well, it’s half a dog’s life), the issue is one of scale. Stronger, better-future-proofed algorithms such as SHA-2, SHA-3, and AES256 can take centuries or millennia to hack. A cackling evildoer might put together a slave botnet of computing power that would help him/her run that algorithm much more quickly, perhaps in less than a month for the right price. “That is precisely what the American NSA, the British GCHQ, and the Chinese military are doing now,” advised PCrisk on November 21, 2016. “Hence there is some risk.”

 

Must-know info on the various SHA types

 

Secure Hashing Algorithm 1 (SHA-1) is an encryption algorithm – in other words, a set of steps a computer takes to scramble and thus conceal information. It encrypts data going in and out of a site that’s enabled for HTTPS protocol by an SSL certificate.

 

So far, so good, right? Well, SHA-1 means well. However, it has known vulnerabilities. SHA-2 and SHA-3 are taking its place. As indicated above, SHA-1 will no longer be accepted by major browsers from February 2017 forward; and it is not currently considered to abide by security best-practices today – accelerating the drive to next-gen SHA-2 SSL certificates.

 

The fact is that this transition away from SHA-1 has been a long time coming but never completely caught on. Part of the difficulty with upgrading was that SHA-1 was the most commonly used hash, until recently lacking support by a vast range of devices and software. In fact, the NSA-devised SHA-1 hash is more than two decades old, first issued as a standard by the federal government in 1995.

 

SHA-2 is not exactly brand-new. It became the hashing standard all the way back in 2002. To understand the improved complexity of SHA-2, it’s actually sometimes considered a family of hashes because of its various bit sizes – especially 224, 256, 384, and 512. So, SHA-2 is not a set number of bits, explained security architect Roger A. Grimes in InfoWorld, but the overwhelming majority of certs in this category have a 256-bit type. “Although SHA-2 is constantly attacked and minor weaknesses are noted, in crypto-speak, it’s considered ‘strong,’” he said. “Without question, it’s way better than SHA-1, which experts believe will be fallible in the near term.”

 

Why are we hitting the SHA-2 migration PANIC-BUTTON?

Grimes was a bellwether for moving to SHA-2 back in January 2015. He said at the time that the challenge of migrating to the new hash would be figuring out which devices and programs work with it. To jumpstart this process, create an inventory of all devices, operating systems, and apps that must support SHA-2. Test that a system does work. Don’t assume that vendor attestations will be accurate.

 

“Upgrading your applications and devices will not be trivial and probably take longer than you think,” said Grimes. “Migrating from SHA-1 to SHA-2 isn’t hard technically, but it’s a massive logistical change with tons of repercussions and requires lots of testing.” Your internal public key infrastructure (PKI) should be updated to support SHA-2 also.

 

***

Are you concerned about the topics discussed in this article? At Total Server Solutions, we offer premium, name brand certificates from market leader Symantec. Upgrade today to SHA-2 SSL.

Posted by & filed under List Posts.

How important is Black Friday to your e-commerce site? Forget the hype. It’s clear from the statistics that this day and weekend are a huge boom for the economy, both online and in-person. Let’s take a look at basic information about Black Friday; sales statistics for the day itself and for Cyber Monday; and tips to prepare your site for a huge spike in activity.

 

  • What and when is Black Friday?
  • Funny, ignoble history of Black Friday
  • Holiday e-commerce sales trending
  • 5 tips to get ready for Black Friday & Cyber Monday

Cloud-Night 

 

What and when is Black Friday?

Before we get into the stats, let’s talk about the basics. Black Friday is the name given to a huge shopping day in the United States. It comes directly after Thanksgiving, which is always the fourth Thursday in November. It also comes three days before Cyber Monday – another big sales day specifically geared toward e-commerce stores. Black Friday and Cyber Monday dates for 2010 through 2020 are as follows, per Timeanddate.com:

  • 2010 – Friday, November 26; Monday, November 29
  • 2011 – Friday, November 25; Monday, November 28
  • 2012 – Friday, November 23; Monday, November 26
  • 2013 – Friday, November 29; Monday, December 2
  • 2014 – Friday, November 28; Monday, December 1
  • 2015 – Friday, November 27; Monday, November 30
  • 2016 – Friday, November 25; Monday, November 28
  • 2017 – Friday, November 24; Monday, November 27
  • 2018 – Friday, November 23; Monday, November 26
  • 2019 – Friday, November 29; Monday, December 2
  • 2020 – Friday, November 27; Monday, November 30.

 

I would be remiss if I didn’t use the Timeanddate Black Friday tool’s dropdown option to see when this holiday will occur in the year 3950:

  • 3950 – Friday, November 24.

Please mark your 40th century calendars.

 

Funny, ignoble history of Black Friday

Everyone hopes that their company makes out well on Black Friday, but the history is actually amusing and not as pleasant as you might think. There’s this idea that Black Friday grew out of companies going “into the black,” that their revenue was boosted into positive territory as they approached the end of the year. That sounds nice, but it isn’t the true origins!

 

The truth about Black Friday is that it was named by Philadelphia police officers in the 1950s. They used the term to refer to the same day, but the term “black” was meant to describe the dismal nature of the day – similar to a black eye. It was a reference to the huge crowds that rushed into the city for the annual Army-Navy game. “Not only would Philly cops not be able to take the day off, but they would have to work extra-long shifts dealing with the additional crowds and traffic,” notes Sarah Pruitt on History.com.

 

In any event, the holiday now means something different than it did at its inception – but it remains one of the most important shopping days of the year. Let’s get on to the sales statistics and tips for improving your success.

 

Holiday e-commerce sales trending

Again, this day usually represent more sales volume than any other day of the year. Money is flowing. Here are some kind of mind-bending statistics related to how huge a day it is for both Internet and brick-and-mortar retailers:

 

Big portion of retail sales – The period between Black Friday and Christmas accounts for about 30% of annual retail sales. It’s particularly high for certain types of retail – such as jewelry, which does almost 40% of sales in that window.

 

Many people active shopping – A well-known poll from the National Retail Federation (NRF) shows these numbers for Black Friday from 2011-2015:

  • 2011 – 85 million
  • 2012 – 89 million
  • 2013 – 92 million
  • 2014 – 87 million
  • 2015 – 74 million.

 

People are moving online – That little dip above is where these statistics really get interesting. Those numbers above show how big a day Black Friday is but are actually specific to brick-and-mortar. As you can see, the number of people shopping in physical stores between 2013 and 2015 went down 19.6%. Those people were going online. There were $2.72 billion worth of e-commerce transactions on Black Friday, a 14% rise from 2014.

 

Black Friday is huge, and if you think it’s shrinking, it’s not. It’s going online.

 

5 tips to get ready for Black Friday & Cyber Monday

 

How do you get ready for this potentially incredible sales weekend?

 

  1. Think like a customer by focusing on usability.

 How user-friendly is your site? That question is answered with usability testing. Basic components of a usability test are:

  • Navigation – Assess your site to see how intuitively someone can move around and explore, through widgets, menus, etc.
  • Content/text – Make sure there aren’t any instances in which your written copy is confusing.
  • Visual coherence – The headers and the text should all work together meaningfully. Colors and fonts should harmonize with one another.
  • Performance – You need a high performance infrastructure, optimized media, and to otherwise set yourself up for reliability and speed.
  • Support – It should be easy and obvious how someone can reach you when they need assistance.

 

“User friendliness can have a significant impact on retention of visitors and the rate of their conversion into customers,” notes Mike Azevedo, CEO of database company Clustrix, in Entrepreneur. “[I]t’s crucial to create a positive experience for visitors.”

 

  1. Roll out the red carpet for mobile.

People spent $42.1 billion on mobile devices in 2013, a figure expected to reach $132.7 billion by 2018. Consumers go from one screen to another during their days. You want a shopping cart that is not just responsive but syncs throughout any customer’s devices. When your site is mobile-friendly, people keep shopping.

 

  1. Personalize your promo.

You obviously want your site to have its own personality, but recognize that behemoths such as eBay and Amazon succeeded with data personalization and marketing to the individual. What can be learned from the .com household names? It’s beneficial (hopefully mutually so) to gather consumer data from various touchpoints and customize content to fit the viewer. To filter users or prospects, use location (ZIP codes) and personal characteristics (sex, age, and similar criteria).

 

Keep in mind, personalization doesn’t mean you’re getting as granular as a unique experience for each user. Azevedo notes that you could just split your customers to receive two different offerings, Promo A and Promo B. “By using visitor data,” he says, “an ecommerce site can not only provide a personalized shopping experience but also increase the chances that customers will ultimately purchase.”

 

  1. Get your social working for you.

You want to think carefully about how you use social, such as how you use images to tell your company’s story, the personality you create around your business, and what hashtags you use. However, you also want to remember strong options such as email newsletters and PPC ads to let people know what you have available for Black Friday and/or Cyber Monday (or Black Friday through Cyber Monday – a relaxed sales bonanza weekend?).

 

You want a specific person in charge of responding to social media comments throughout this massive sales weekend. Complaints are a good thing, because they point you to what needs to be fixed for them and others. Plus, you want to know what people are saying about you and your competitors so that you can monitor and protect your reputation.

 

  1. Think scalability/elasticity from day one.

Azevedo recommends choosing a database that is built with scalability as a top priority throughout development. He suggests that you will be better able to grow if you know your database can expand linearly, processing information and updating seamlessly as more users and devices connect with the network and do business with you.

 

The issue of scalability is one of the primary reasons that cloud computing has become so popular. Being able to access resources based on your fluctuating needs is critical for e-commerce, not just for growth but for expanding and contracting through busy seasons. This scalability that is so essential to the kind of tipping-point growth that every business wants to achieve is inherent in the architecture of a distributed, virtualized cloud.

 

Arnon Rotem-Gal-Oz notes on Stack Overflow that elasticity – being able to adjust resources dynamically – is also a central characteristic of a strong cloud infrastructure. “[W]hen load increase you scale by adding more resources and when demand wanes you shrink back and remove unneeded resources,” says Rotem-Gal-Oz. “Elasticity is mostly important in [a] Cloud environment where you pay-per-use and don’t want to pay for resources you do not currently need on the one hand, and want to meet rising demand when needed on the other hand.”

 

*****

If you want strong results for Black Friday and Cyber Monday, you absolutely have to be fast and efficient. Meeting those objectives will always be directly related to the quality of your infrastructure and your ability to scale and elastically respond to demand. At Total Server Solutions, our SSD-based cloud hosting boasts the highest levels of performance in the industry. Learn more.

Posted by & filed under List Posts.

<<<< Part 1 <<<<

 

In Part 1 of this piece, we essentially talked about why the speed of high performance infrastructure is important, tools to quickly test your site, and how a faster site specifically boosts revenue. Now let’s discuss steps you can take – beyond infrastructure – to accelerate your site, followed by another reason you need strong, reliable hardware: business continuity.

 

  • Beyond infrastructure, how do you get fast?
  • High performance infrastructure: key to business continuity
  • HA as fundamental to high performance
  • Vow to be redundant
  • Is your load imbalanced?
  • Um, did we mention CDNs or the cloud?

 

microcloud-copy

Beyond infrastructure, how do you get fast?

Performance must be considered from multiple angles. Along with internally implementing or working with a web host that has high performance infrastructure, here are a few additional steps you can take to get your site moving, highlighted by Sherice Jacob on the Kissmetrics blog.

  1. Tell your site to gzip it. Many web thought-leaders recommend compressing responses using this common method. “Compression reduces response times by reducing the size of the HTTP response,” notes Chris Coyier of CSS-Tricks. “Gzip is the most popular and effective compression method currently available and generally reduces the response size by about 70%.”
  2. Quarantine your stylesheets. You want JavaScript and CSS sectioned off in their own files, so that they only load once per user.
  3. Crunch your images. You can slim your images with the “Save for Web” feature in Fireworks and PhotoShop. If you are graphically underendowed, you can go to it.
  4. Don’t expect HTML to do the heavy lifting. HTML allows you to adjust size once you have something uploaded (as through the WordPress UI). Bear in mind that the browser still loads the image at full size prior to resizing it, though.
  5. Cache yourself. WordPress and other CMS platforms have caching plugins that set aside the latest version of your site so that the page doesn’t have to populate from scratch with every browser request. WP Super Cache is widely used.
  6. Beware complex detours. You want to retain SEO you’ve built and modify your structure with 301 redirects. However, a jumble of redirects results in latency.

Beyond all the DIY steps you can take above to improve your speed, Jacob also mentions one infrastructural component that she believes is critical: a content delivery network (CDN). “Content Delivery Networks work by serving pages depending on where the user is located,” says Sherice. “Faster access to a server near their geographical area means they get the site to load sooner.”

 

High performance infrastructure: key to business continuity

It’s boring to think about infrastructure for most people, because it sounds like a bunch of machines and wires that are shut away in some warehouse, and that are simply linear conduits for the thought of the animate bipeds. Think about this, though: it is that infrastructure that allows your business to function and operate on a moment-to-moment basis!

 

After all, digital reality doesn’t just connect you with customers through content and e-commerce but with your colleagues. Consider how reliant you are on email and project management or other collaborative software.

 

Since we have become so dependent on these tools in an effort to increase efficiency, the high availability (HA) that is inherent in high performance infrastructure becomes a central concern.

 

HA as fundamental to high performance

HA isn’t optional but necessary if you want to maintain business continuity in a well-integrated, connected company. In other words, you need your infrastructure to suffer very little downtime.

 

A sound high-availability strategy “detects points of failure that can potentially cause the downtime and mitigates failure by distributing the load and traffic across the infrastructure,” notes TechAcute. “In the event of failure, a high availability infrastructure will have failover and recovery mechanisms.”

 

There are numerous reasons why you might experience downtime, because of failures in different parts of your system, such as:

  • Hardware;
  • Operations; or
  • Internal programs.

 

Your downtime could be because of interaction with your website from customers as well. You might have a spike and go down if your server isn’t prepared for Black Friday, for instance. After all, 30% of retail sales each year occur between Black Friday and Christmas, according to Kimberly Amadeo in The Balance. Let’s put that into perspective: If that period of time were even with the rest of the year, it would represent about 8% of sales. The actual 30% results are 3.75 times beyond the 8% expectations, so that’s a 275% increase in expected sales for the average e-commerce site. In the Black Friday economy, 100 lava lamps translate into 375 lava lamps. In an infrastructure that isn’t high-performance and readily scalable, you can’t keep up with that pace.

 

Your site might also become unreliable because you get hit with a DDoS attack or experience other hacking activity. In other words, security is an element that must be built into a high performance infrastructure.

 

Why is avoiding downtime so important, whether it’s caused by a flood of real or phantom traffic? “Aside from loss of potential sales, customers might not trust your brand or business in the future,” explains TechAcute. “Similarly, a business using an enterprise platform to manage its resources will compromise the integrity of internal communications.”

 

One other aspect of the availability that you achieve with a high performance infrastructure is that you are able to meet the expectations of the service-level agreements you hand to your customers. That’s just one more reason you never want your infrastructure to be the weakest link.

 

Vow to be redundant

If you’re writing an English paper, it’s fair of the professor to dock you for being redundant – because in that context, repetition isn’t appreciated. However, you want repetition, i.e. redundancies, and failovers in your infrastructure so that the system has alternatives when parts malfunction.

 

Redundancy is having extra components available in the case a component fails,” notes Brian Heder in Network World. “Failover is the mechanism, be it automatic or manual, for bringing up a contingent operational plan.”

 

These two elements must be considered in the interest of the HA you achieve with a high performance infrastructure.

 

Is your load imbalanced?

When you talk about using a system that has strong load balancing, that means that you are using the simple tactic of distribution to your advantage. By distributing systems, you build a huge amount of redundancy into the system, but you really want to make sure your load is balanced across all your hardware.

 

“Cheap datacenter hosting will not accommodate a surge of users or other factors that can put a heavy strain on the servers,” says TechAcute. “Overload in the servers will cause an online service to go down.”

 

Load balancing means that your traffic is evenly running through various servers, so that your system is naturally more available and can maintain great speed.

 

Um, did we mention CDNs or the cloud?

As indicated by Jacob above, a CDN can be powerful in delivering high availability: it limits the distance between any user by utilizing datacenters in broad geographical locations, improving how quickly a page loads case-by-case.

 

To optimize high availability, it’s best to pair a CDN with the cloud. “Cloud platforms are perhaps the most cost-efficient solution in bringing about high availability,” advises TechAcute, “because your business does not have to invest in the capital expenditure required to purchase, run and maintain hardware.”

 

High performance infrastructure can increase your productivity and revenue, as well as maintain the trust and credibility of your brand. At Total Server Solutions, our high performance SSD-based cloud and CDN grow with you. See how.

Posted by & filed under List Posts.

Do the poor page load times of your website effectively hold your business down – unable to deliver strong user experience, attract high search rankings, and grow? Specifically, how does poor page loading cut into your revenue? Speed up your website to regain control of your upward trajectory. Moving to a high performance infrastructure is one essential step in the process. **WARNING: This piece contains a major potential time-waster.

 

  • Why should your website be as fast as possible? (Stats)
  • High performance infrastructure “hidden” from PageSpeed tool
  • Other handy page load tools
  • More ecommerce sales with a faster site? Yes.
  • SSAE-16-Type-2-audited high performance infrastructure
atl03-subzero-2

 

Why should your website be as fast as possible? (Stats)

There are plenty of studies out there that indicate how critical speed is for the average user. Two of the most eye-opening studies were published a few years ago, as detailed in Econsultancy. Each of them has been circulated heavily ever since (perhaps qualifying as “classic IT market research” given their continuing relevance to understanding user behavior):

 

  1. Forrester Consulting, survey of 1048 online shoppers, 2009
  2. “Why Web Performance Matters,” interviews of 1500 consumers, 2010.

 

Here are some of the most interesting statistics from the two studies, highlighted in tandem by Kissmetrics “Minister of Propaganda” Sean Work in 2011:

  • Nearly three-quarters (73%) of people who regularly surf the Web on smartphones or tablets say that they have come across sites that had unacceptably slow page load times.
  • Just over half (51%) of people who access via mobile say they have either had an experience with an error message due to slowness, or have experienced a site freezing or crashing.
  • Well over a third of shoppers say that they came across a site that they could not reach (38%).
  • Nearly half of consumers (47%) say that they think a website should load within 2 seconds (what would make them happy), and two in five say they will leave if it doesn’t load within 3 seconds (goodbye, customers).
  • If your page load times become 1 second slower, you will see your conversion rate drop as much as 7%.
  • In terms of actual dollars, how much does one second of slower loading cost you? Just as an example, if your site generates $100,000 per day, one second of additional load time means you could be leaving behind $2.5 million of revenue annually.

 

Although these studies are both a few years old, the fact is, human behavior hasn’t changed all that much since the dawn of the information era, the early 1990s. Just look at the 1993 book referenced by Website Magazine in 2014. Penned by IT design consultant Jacob Nielsen, Usability Engineering suggests that tiny slices of time have major impacts on user perception. There are three time limits listed by Nielsen that relate to UX, in terms of basic psychology. “If the application responds instantaneously to the user’s actions, it gives an appearance of direct manipulation,” he wrote – referring to a limit of 0.1 seconds. “This phenomenon of direct manipulation is a great key to increase user engagement.” If loading instead takes 1 second, even at that point the person becomes more aware that the system is in control rather than them; they will have a second to think, but won’t become immediately disengaged.

 

Keep in mind, in today’s world, one second could be considered an eternity. In fact, the New York Times reported in 2012 on Google findings that even 400 milliseconds is too long for users.

 

Why were so many analyses being conducted on speed between 2009 and 2012? It was top news: Google officially announced that they were building speed into their algorithm as a determining SEO factor in 2010. Roger Dooley posited in Forbes, “While [Google SEO quality chief Matt] Cutts noted at the time that initially only a small percentage of sites would see a significant change in ranking or traffic due to page speed factors, I find it likely that the emphasis will increase over time.”

 

Dooley suggests that Google typically does not want to swing things drastically and suddenly in a way that makes it difficult for credible websites to be able to keep pace. However, he thinks the statement indicates that high performance infrastructure would be increasingly represented by the top results.

 

Interestingly, Dooley also thinks that the 2010 “Why Web Performance Matters” study – the one that interviewed 1500 consumers about Internet speed and that listed 2 seconds as the expected load time – had too high of timeframes. As indicated above, Google agrees, and even Nielsen does from 1993.

 

We can debate what the specific period of time is that a user will stick around, and obsess over that hard number, but the most important fact to take away from all these studies is that: 1. Potential buyers have time expectations; and 2. They will leave if those expectations aren’t met.

 

High performance infrastructure “hidden” from PageSpeed tool

 As everyone knows, one of the most important tools out there, that’s very widely used, is Google’s PageSpeed Insights. Here’s a good pro tip: Dooley advises that PageSpeed does not include the speed of your network in its number. That means you could have a great score with that tool, but actually be suffering in search nonetheless because of factors having to do with your network connection and server. In other words, it’s an intentional blind-spot of that tool that could lead to many ecommerce companies and others feeling overly confident about their speed.

 

Other handy page load tools

Two other tools, offering different information related to page speed, are ones that offer:

  1. Geographical diversity: Using the Neustar Website Load Testing Platform (which you can access via a free 30-day trial), you can look at load times from different locations worldwide – so you can get a sense of geographical locations where user experience is stronger and weaker.
  2. Direct comparison: To look at it from a different angle, there’s a tool out there called (**Warning: major potential time waster directly follows.) Which Loads Faster? that allows you to basically race sites against one another. You can check the load time once or multiple times per site. The average milliseconds per page load is then listed, and it will tell you how many times faster the winning site is than the slower one.

 

More ecommerce sales with a faster site? Yes.

The various studies listed above were building on similar research from IT research firm the Aberdeen Group that was conducted in 2008 and republished by popular demand in 2015. “A 1-second delay in page load time equals 11% fewer page views, a 16% decrease in customer satisfaction, and 7% loss in conversions,” reported the Aberdeen researchers.

 

To better understand the need for speed directly in terms of ecommerce, let’s look again at the two studies we initially discussed that were featured in Econsultancy/Kissmetrics from a different perspective. Blogging and conversion author Sherice Jacob, in her analysis of these studies, focuses on different statistics from the studies than those mentioned above. She cites these two stats:

 

  1. More than three-quarters (79%) of visitors say that if an online store is slow to load, they won’t come back.
  2. Close to half (44%) say that they would mention an instance of annoyingly slow ecommerce performance to a friend.

 

“This means you’re not just losing conversions from visitors currently on your site, but that loss is magnified to their friends and colleagues as well,” notes Jacob. “The end result – lots of potential sales down the drain because of a few seconds difference.”

 

SSAE-16-Type-2-audited high performance infrastructure

We will look at some specific ways to speed up your site in the second part of this series (linked below), but one central focus must be your server and network. At Total Server Solutions, we offer an array of high performance infrastructure solutions, backed by our world-class technicians. Let’s do this!

 

 

Posted by & filed under List Posts.

 

 

Very recently, a critical vulnerability has been discovered in virtually all versions of the Linux operating system and is actively being exploited in the wild.  This vulnerability is about nine years old, but only now has it been exposed and, in some instances, exploited.  Dubbed “Dirty COW,” the Linux kernel security flaw (CVE-2016-5195) is a mere privilege-escalation vulnerability, but researchers are taking it extremely seriously due to a few important factors.

dirty-cow

 

First, it’s very easy to develop exploits that work reliably. Secondly, the Dirty COW flaw exists in a section of the Linux kernel, which is a part of virtually every distribution of widely used open-source operating system, including RedHat, Debian, and Ubuntu, which have been in use for almost a decade.

 

Most importantly, the researchers have discovered attack code that indicates the Dirty COW vulnerability is being actively exploited in the wild.  Dirty COW potentially allows any installed malicious app to gain administrative (root-level) access to a device and completely hijack it.

 

Why is the Flaw called Dirty COW?

The bug, marked as “High” priority, gets its name from the copy-on-write (COW) mechanism within the Linux kernel, which is so broken that any application or malicious program can tamper with read-only, root-owned executable files and setuid executables.

 

The notification regarding Dirty COW on RedHat’s bug tracker states:

“A race condition was found in the way the Linux kernel’s memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings,” reads the website dedicated to Dirty COW. “An unprivileged local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system.”

 

(https://bugzilla.redhat.com/show_bug.cgi?id=1384344)

 

The Dirty COW vulnerability has been present in the Linux kernel since version 2.6.22 in 2007, and is also believed to be present in Android, which is powered by the Linux kernel.

 

All servers that utilize our server management plans include ksplice/kernelcare.  This feature automatically updates the server system kernel without reboots.  We’re always trying to be proactive, especially with regards to security.  With that in mind, we wanted to let you know that your server has already been patched and is not vulnerable as a result of this bug.

 

However, if you currently utilize CentOS 5 / RedHat 5, you should be aware that no further updates will occur after April 1, 2017 due to CentOS 5 / Red Hat 5 reaching their End Of Life (EOL).  We highly recommend ALL customers currently using CentOS 5 / Red Hat 5 to update as soon as possible.  Our sales team will be able to help you explore options to move past those two soon to be obsolete OS options.

 

As always, if you have any questions, please contact us, we’re always available to help.

 

Posted by & filed under List Posts.

WordPress is used by many notable companies; generally, it’s market share and other statistics are mind-boggling. Once you join the ranks of WordPress users, how can you become as efficient as possible so that your time with the CMS is well-spent?

 

  • WordPress by the names & by the numbers
  • Tricks to boost your efficiency
  • In conclusion…
Wordpress-logo

 

WordPress by the names & by the numbers

WordPress is, without question, one of the most powerful and respected content management systems that exists. After all, it has made a bigger mark on online marketing than just about any other brand – in the same general league as Facebook and Twitter. The CMS’s free, user-friendly interface, along with the thousands of plugins and themes (many of which are free) have made putting together a website or blog accessible to marketers and businesses.

Customization is still a route that many businesses take; however, as Craig Smith of DMR notes, WordPress makes it possible for small companies to better compete with established enterprises. “WordPress is such an impressive web platform that even some of the larger sites on the web have built their sites on it,” he says, “and a number of established web developers have switched to WordPress as their CMS of choice to build on.”

WordPress is open source, and that can raise eyebrows among those who feel more comfortable with locked-down proprietary systems. However, as indicated above, many household names use WordPress. To make it clear that this tool has been embraced by notable media entities and mega-companies, here are twenty brands using the CMS, courtesy of WPBeginner:

  1. BBC America
  2. Bata
  3. Best Buy
  4. Beyoncé
  5. ESPN Product Blog
  6. eBay
  7. Facebook Newsroom
  8. Ford Social
  9. Fortune
  10. MTV News
  11. The New Yorker
  12. Nokia Conversations
  13. PlayStation — official blog
  14. Quartz
  15. Sony Music
  16. Star Wars — official site
  17. TechCrunch
  18. Time
  19. Variety
  20. Xerox

 

While it helps to look at WordPress in terms of big-name users, it’s also clear how strongly accepted it is by looking at the numbers. Here are key statistics compiled by Smith:

 

  • WordPress was founded in May 2003.
  • As of March 9, 2014, the CMS was supporting 76.5 million blogs.
  • Worldwide, more than a quarter of websites (26%) were using WordPress, as of June 29, 2016.
  • 5 billion posts and 3 billion comments have been published, as of June 26, 2015. Every month, 59.3 million posts and 48.4 million comments are added.
  • As of 2015, the number of new WordPress sites going online every single day was 50,000.
  • Each month, 409 million people view WordPress blogs — accounting for 22.3 billion page-views.

Tricks to boost your efficiency

WordPress may be popular and very mainstream, but how do you get the most out of it? Time is critical in today’s economy. Here are a few tricks to become more efficient within the platform from Jake Rocheleau of DesignM.ag:

 

  1. Make the admin panel your comfort zone.

All of the sections of the WordPress backend includes various features with which you can become more familiar. The default settings hide some boxes, but you can make them visible by clicking “Screen Options” in the upper right-hand corner.

 

Actually, there are more critical menus within the left sidebar. Look at the sub-menus within Appearance, Tools, and Settings. It helps to explore these upfront, since plugins sometimes place additional menu options within that list.

 

It’s important to take it seriously when you see a new release within the admin section (or via email) because of security, but releases also introduce new features, explains Rocheleau. “There are plenty of websites online which talk about WordPress updates and how you can utilize new features to their fullest potential,” he says. “All of the various settings & menus will be important whenever installing a new WordPress website.”

 

Essentially, the features within these menus can make your use of WordPress more efficient long term. It’s wise to create a sandbox to test them out, though. You can use a local PHP/MySQL server or generate a hidden subdomain to install WordPress, play around with settings, and try out new themes or plugins before introducing them to your actual site.

 

  1. Learn to swat the bugs.

What do you do when you run into error messages or similar issues? Look it up. Typically, forum users on WordPress or Stack Exchange will have posted about the problem previously.

 

As you become more familiar with PHP bugs, you will better understand what errors mean without having to search. Problems often arise from little snippets within a plugin or theme, some of which isn’t discussed online.

 

You can also use trial and error via the user interface. Are your page titles not populating correctly, or are the widgets empty? “These kinds of problems often require checking many solutions to ultimately unearth the culprit,” notes Rocheleau.

 

  1. Find treasures by digging into WordPress media.

There is an entire industry of WordPress blogs and news sites. These resources discuss themes and news, rate plugins, and provide how-to guides.

 

Yes, WordPress is simple to use, but it is also as sophisticated as you want it to be. For instance, one interesting field is Custom Post Types. Explore the CMS, and it will both become more efficient and improve the quality of your blog or site.

 

Read an article or two each week to sharpen your understanding, and you will empower yourself to continually improve your installation and web presence.

 

Here are a few blogs that can help:

 

 

  1. Streamline.

One way things can quickly become inefficient is simply by embracing too many plugins and features. Don’t make your site messy and excessively complicated. Latency increases with additional components added to your site. Be minimalist. Your theme files should also be well-organized so you can read them quickly.

 

“One of the biggest reasons for a slow-loading website is a reliance on too many external files,” Rocheleau comments. “Plugins often require their own CSS/JS files which get included into each page as a separate HTTP request.” That means your site slows down, in turn hurting user experience and SEO.

 

Note that you don’t want to shy away from intricate themes or using a variety of CPTs because you are focused fundamentally on simplicity. But at a core level, keep it contained to optimize your efficiency. You want to be able to put up blogs as quickly as possible, and for maintenance to be a breeze. Keep everything straightforward and clean so you know your site well and can fix any issues that arise immediately.

 

  1. Expand your tool belt.

Here are five WordPress tools, such as code generators and cheatsheets, that can help you with management:

 

 

In conclusion…

Along with the admin UI, you can get much more technical, in turn enhancing your efficiency. Pick up a bit of PHP coding, and you can tweak themes, develop plugins, and rework the default functions.php file.

 

Even just based on the above, you should be able to achieve more efficiency within WordPress. Beyond your CMS, though, you need a high-performance infrastructure with guaranteed performance. The Total Server Solutions cloud boasts the highest levels of performance in the industry. Build your cloud now.

Posted by & filed under List Posts.

On March 31, 2017, CentOS 5 will reach its End Of Life (EOL).  At this time, CentOS 5 will no longer receive any further updates.  At the same time, various software vendors such as cPanel, OpenSSL,and Redhat who produce applications which run on CentOS 5 will cease to provide support and updates for their products that are specific to CentOS 5.  

Additionally, server owners who continue utilizing CentOS5 without updating to a new, more current operating system will fall out of PCI Compliance and will no longer be able to accept credit card payments via their sites/servers on their servers running CentOS 5.  

To learn more about current PCI compliance requirements please have a look at this link:  https://www.venafi.com/blog/post/new-pci-dss-v3.1-ssl-tls-requirementsbut-many-arent-compliant-with-pci-dss/

 

Here are some of the reasons that CentOS 5 based servers will no longer be PCI Compliant:

 

  • RHEL/CentOS 5 based servers cannot support SNI which is becoming more important as IPv4 address space dwindles.  SNI was unsupported prior to OpenSSL 0.9.8f but RHEL/CentOS 5 shipped with OpenSSL 0.9.8e, meaning that unless you update, you cannot utilize SNI.

 

  • RHEL/CentOS 5 base servers also can’t support OCSP stapling.  This decreases the latency of the handshake in establishing secure TLS transactions.  OSCP checks certificates for revocation and was not supported prior to OpenSSL 0.9.8g, but, once again, RHEL/CentOS 5 shipped only with OpenSSL 0.9.8e.

 

  • OpenSSL 1.0.1+ adds support for the AES-NI instructions in Westmere/Sandy Bridge/Ivy Bridge or later CPUs.  This support increases performance of SSL/TLS connections and prevents timing attacks against AES.

 

We everyone who is running servers with CentOS 5 to update to CentOS 6 or CentOS 7 as soon as possible.  We are making every effort to keep our customers notified of this important update requirement.  Our technical & sales teams stand ready to help you update to a more current, modern OS on your server.  Please take the time to let us help you get up to date and maintain PCI Compliance and more effective security for your content & customers.

 

More information regarding the CentOS5 EOL can be found at the following places:

https://wiki.centos.org/About/Product

https://blog.cpanel.com/end-of-life-for-centos5/

https://wiki.centos.org/FAQ/General

 

The TSS Sales and Support team is ready to help you upgrade your OS.

Posted by & filed under List Posts.

 

The Internet has grown enormously since the turn of the century and is now used by the vast majority of US citizens. Let’s look at usage stats and five other figures that could be game-changers for your ecommerce perspective. Then let’s review one case study on a fast-growing Internet startup success story.

  • 35% more Americans using the Internet since 2000
  • Five other game-changing ecommerce stats
  • Ecommerce success case study: Beardbrand
  • Priority: Solid and secure ecommerce hosting
hi-density

35% more Americans using the Internet since 2000

The Internet is practically ubiquitous. One way to get a better picture of the incredibly broad use of the Web is to look at the relatively small population that is NOT online and, in turn, is not buying anything through digital channels. Today, 13% of people don’t use the Web, according to Pew Research.

“Over time, the offline population has been shrinking, and for some groups that change has been especially dramatic,” explains Pew research associate Monica Anderson. “For example, 86% of adults 65 and older did not go online in 2000; today that figure has been cut in half.”

Here are fuller statistics on the percentage of US citizens who are not online, broken down into various demographic categories, so we can better understand the people who don’t engage in ecommerce:

  • 13% of adults, including 12% of men and 15% of women
  • 13% of those identifying as white, 16% black, and 16% Hispanic
  • 1% of 18-29-year-olds, 4% of 30-49-year-olds, 16% of 50-64-year-olds, and 41% of those who are 65 and older
  • 23% of those who make less than $30K; 12% making $30K-$49,999; 6% making $50K-$74,999; and 3% making $75K or more
  • 34% of those with less than a high school education, 23% of those with just a high school diploma, 6% of those who completed some college, and 3% of those with a college degree or more
  • 12% of people living in urban areas, 11% of those in suburbs, and 22% in rural ZIP codes.

Interestingly, the 13% of people who are not using the Internet has held steady since 2014. Keep in mind, though, the statistic is far lower than it was just a few years ago. The population not using the Internet in 2000 was nearly half, 48%. In other words, 35% more Americans are using the Web than at the turn of the century, which roughly represents about 80 million additional adult users.

When we look at this population of people who don’t go online, we realize the truth is that nearly nine out of every ten adults are potential ecommerce customers.

Five other game-changing ecommerce stats

Neil Patel’s Kissmetrics discussed a few other eye-opening stats back in 2014, sourced from the eCommerce Survey 2014 by Visual Web Optimizer.

Here are the particularly game-changing stats highlighted by Patel:

 

#1. Shipping fees are often deal-breakers.

One of the most important analytics to ecommerce is shopping cart abandonment, and shipping charges rank as the #1 reason why people leave their shopping carts behind. 28% of users will leave based on a shipping fee they didn’t expect. Here are the other top reasons that people might leave before paying:

  • 23% – because they’re asked to create an account
  • 16% – because they’re just looking or collecting information
  • 13% – because of concerns with security
  • 12% – because checkout was convoluted.

The good news is you can plug the shipping hole. “Be explicit and upfront about your shipping charges,” advises Patel. “If you are going to charge for shipping, inform users about this before they get farther down the funnel.”

 

#2. Many run for the hills when asked to create an account.

Everyone wants people to set up accounts so they can get that incredibly valuable contact information and build customer relationships. However, as seen above, the #2 reason why people ditch their carts in an ecommerce setting – representing 23% of users is that they have to create an account to continue.

Sites are often very aggressive at getting memberships, disallowing guest checkout. As Patel notes, Zulily doesn’t even allow you to browse its site without giving them an email address. On the other hand, Nike offers three options: Member, Guest, and PayPal checkouts. Patel recommends the latter model.

 

#3. If you build a discount, they will come.

Incredibly, more than half of shopping cart abandonments could be reversed – 54% – by discounting the price of the product. That’s especially true of younger shoppers: 61% of 18-24-year-olds and 72% of 25-34-year-olds say they will return for a lower price. Boost your ecommerce by providing discounted prices and by setting up automated retargeting. (Note that this discount advice disagrees with the perspective of Beardbrand founder Eric Bandholz, as described below; essentially, you could go either way on providing discounts, depending on your brand and growth model.)

 

#4. Millennials want to be retargeted.

As seen above with that interest in discounts, younger shoppers like to be retargeted; 72% of millennials respond well to the strategy. It’s really one of the most powerful tools at an ecommerce company’s disposal.

“Retargeting provides a highly focused method of gaining new customers, or converting old ones again,” says Patel. He adds that a remarketing/retargeting plan has proven effective for him, suggesting that others should market using the same tactic.

 

#5. Your customers can do the selling for you.

It’s easy to forget how powerful reviews and testimonials can be. 55% of online users say that they make their shopping choices, in part, based off of reviews.

Testimonials can be powerful, says Patel, but they typically won’t work as well as user-generated reviews – since people know the former are crafted.

Amazon made reviews an essential part of ecommerce by weaving them into their product pages, Patel explains.

“In today’s search world, ‘review’ related queries are high in volume and very high in CTR and conversion potential,” he says, adding that you can capture this traffic with product reviews and user-generated content (UGC).

 

Ecommerce success case study: Beardbrand

Let’s take a look at one company that is largely doing things correctly: Beardbrand. Beardbrand really has gone from zero to hero, a startup that hit $120K of revenue per month in under twelve months. Their ecommerce success is detailed in a case study presented by Receiptful founder Adii Pienaar.

Beardbrand is an ecommerce site that features beard oil and other products for beard care; their target is what they call “urban beardsmen.”

Eric Bandholz, who founded the company, wrote extensively on his site about the steps they took to build the brand and grow so absurdly fast over their first year.

Here are the two main lessons Eric learned during this period:

  1. Invest the money and time. “Eric recognizes that building a reputable brand for your store takes more time and more money because you’ll be investing for the long-term,” notes Pienaar. “It’s not an overnight success.”
  2. Just be the brand, consistently. The angle Beardbrand takes is not to display ads or to discount items in favor of a clean and recognizable user experience.

The three steps Eric took to brand Beardbrand are very straightforward:

  1. He and his team delineated their target demographic, city-based men with beards, and carefully considered the needs of that group.
  2. They focused on strong content, both video and text. They developed narratives. They wrote and visually showed stories. They branded with their logo, ads, business cards, merchandise, and – of course – the website’s design.
  3. They set aside price and concerned themselves instead with a great customer experience. Eric spent a lot of money upfront on the quality of the ingredients and packaging, in addition to his technological and marketing investments.

Priority: Solid and secure ecommerce hosting

Building a solid brand requires a strong online presence, and that means having a digital infrastructure that is solid and secure. At Total Server Solutions, we operate servers in a fully SSAE-16 and PCI-DSS compliant facility. See our ecommerce solutions.

Posted by & filed under Careers.

hiring

 

Location:  Buckhead, Atlanta, GA

Shift:  7:00AM – 3:30PM or 3:00PM-11:30PM

 

Total Server Solutions is a cutting edge data center & hosted services company based in Atlanta, GA.  Our goal is to provide the best, fastest, and most complete technical services to our customers.  At the moment though, we’re missing a key piece of the puzzle.  You!  We employ some of the best and brightest minds in the tech industry.  If you think you’d be a good fit, please read on.

 

Total Server Solutions is looking for a highly motivated, experienced, knowledgeable Linux/UNIX systems administrator to round our tech team.  If you have years of experience managing large Internet based application clusters, heroic organizational skills, and revel in diagnosing and fixing problems, you’ll be a great fit.  As one of our Linux/UNIX system admins, you will be responsible for working out solutions to complex problems that our customers may encounter during their daily operations.  Great problem solving skills are a must.  As a growing, globally oriented company, we offer a relaxed work environment and great benefits.  We look forward to hearing from you!

 

Requirements:

  • 3+ years of supporting Linux Servers in a production environment; CentOS or Redhat variants.
  • Motivation and ability to quickly learn and adapt.
  • Prior experience within a critical production environment.
  • Solid knowledge of LAMP Architectures (Perl/PHP/Python).
  • Knowledge of RedHat, CentOS, and other RPM based distributions.
  • Experience with replication, clustering, tuning, sizing, monitoring including operating systems for running the LAMP stack.
  • Experience in Shell Scripting (bash preferable).
  • Experience in ecommerce platforms (Magento, X-Cart, PinnacleCart, and CS-Cart).
  • Experience in virtual environments (vmware and on app).
  • Experience with Splunk, Zabbix or other system/device monitoring & logging tools.
  • Knowledge of Backup/Recovery/Upgrade procedures.
  • Experience working in 24/7 operational environments.
  • Expectation to be challenged.
  • High degree of independence and exceptional work ethic with exceptional communication skills.
  • Experience with control panel technologies including cPanel, Plesk, DirectAdmin.
  • Must be located, or willing to relocate to Atlanta, GA area.
  • Ability to work weekends and holidays.

 

Not Required but a huge plus:

  • Experience with management tools such as Puppet, Chef, etc.
  • Experience with automated system deployment tools and building pxe/kickstart/etc deployment scripts.
  • Bilingual. (Spanish a plus)
  • Experience with load balancing technologies.
  • Red Hat certifications

 

What you’ll be doing:

  • Linux server maintenance, monitoring, security hardening, performance review
  • Managing MySQL database operations and all things database related.
  • Researching new platform architectures to support business requirements.
  • interact with customer and provide technical support via our helpdesk and live chat

 

What’s in it for you:

  • Competitive Salaries.
  • Medical Insurance.
  • Paid Time Off.
  • Educational Reimbursement.
  • Employee Activities.
  • Paid Parking.
  • 401k.

 

If you are a Linux System Engineer, Linux System Administrator or Linux Engineer with experience, please contact careers@totalserversolutions.com today!  When contacting Total Server Solutions, please state your salary and any other compensation expectations.  

 

Total Server Solutions is proud to be an Equal Opportunity Employer. Applicants are considered for all positions without regard to race, color, religion, sex, national origin, age, disability, sexual orientation, ancestry, marital or veteran status.

 

Posted by & filed under List Posts.

Want to impress people who visit your site? Here are almost three dozen different ways to improve your blog or site so you can better engage with visitors.

 

  • Nearly 3 dozen WordPress design tricks
  • High-speed cloud WordPress hosting

 

The majority of WordPress instances have a similar look and feel. If you want yours to be eye-catching and memorable, it’s critical to make this platform your own, customizing it within the PHP code and theme.

 

AISLE-1

 

Nearly 3 dozen WordPress design tricks

Here are a bunch of different ways you can make your WordPress blog your own:

 

Blog post submission tool

Create forms that you can adjust to your own needs, permitting subscribers or other users to send in blog posts directly through the site.

 

Comment pagination

With Paginated Comments, divide all comments into various Google-friendly pages.

 

Image captioning

With Image Caption, create a caption beneath any images on your blog, populating the information from the title or alt attribute. You can use your own CSS styling too.

 

Random redirection

With the plugin Random Redirect, simply randomize all your content. It “allows you to create a link to yourblog.example.com/?random which will redirect someone to a random post on your blog, in a StumbleUpon-like fashion,” explains Hongkiat Lim of Hongkiat.

 

Dynamic sidebar

Sidebars often aren’t given much attention because there is nothing captivating about them. You can change the sidebar content based on the post by creating dynamic sidebars.

 

Apple Accordion sidebar

Your WordPress sidebar becomes an Apple replica within the jQuery UI, via the Accordion plugin.

 

Google Syntax Highlighter for WordPress

This tool brings the Google Syntax Highlighter, created by Alex Gorbatchev, into WordPress.

 

Date image hack

You can build in a calendar view of the dates you post blogs. This hack from YugaTech replaces dates with dynamic images.

 

Individual post styling

By using the_ID, you can create better style differentiation between different articles.

 

Preventing any content duplication

You don’t want to repeat yourself, because it’ll hurt you in the search results. Avoid duplicating any of your posts with this tactic from Weblog Tools Collection, allowing you to show two loops without repeating posts from either of them.

 

Facelift Image Replacement (FLIR) for WordPress

If you want your text and title to be changed into images so they display better, FLIR makes that process simple.

 

del.icio.us for WordPress

This tool simply allows you to present your bookmarks from del.icio.us within your blog.

 

PopURLs

You can create a similar experience to PopURLs on your site using this set of instructions.

 

Prevent specific categories

 You can use two different tactics to block posts within specific categories. One is with Advanced Category Excluder. The other is to insert this script within the loop:

 

<?php

if ( have_posts() ) : query_posts($query_string .’&cat=-1,-2′); while ( have_posts() ) : the_post();

?>

 

Page Redirect template

Part of the idea with WordPress is that you have a tight and specific system, and it’s that very organization that (ironically) gives you so much flexibility. However, it’s sometimes important in terms of the way that your pages display to operate beyond the standard bounds.

 

With this template, you can set a URL for the content, and while the page is loading, the template redirects to the new page, with whatever tags and categories you want to include.

 

Save buttons for del.icio.us

You can create badges that make it likelier for someone to bookmark your blog.

 

DesignFloat submission

This options allows people who visit your blog the chance to “Float” your articles on Design Float.

 

Stumble It buttons

Similarly, you may want to integrate StumbleUpon so people can easily submit to that community.

 

Menu with dynamic highlighting

Via the use of class=”current,” you can change the style and otherwise modify any menu that’s currently selected in CSS, with this code from Lim:

 

<ul id=”nav”>

<li<?php if ( is_home() || is_category() || is_archive() || is_search() || is_single() || is_date() ) { echo ‘ class=”current”‘; } ?>><a href=”#”>Gallery</a></li>

<li<?php if ( is_page(‘about’) ) { echo ‘ class=”current”‘; } ?>><a href=”#”>About</a></li>

<li<?php if ( is_page(‘submit’) ) { echo ‘ class=”current”‘; } ?>><a href=”#”>Submit</a></li>

</ul>

 

The second line of that script indicates that class=”current” is included within <li> if Single page or Search or Archive or Category or Home is selected.

 

The third and fourth lines indicate that class=”current” is added if any page is selected that contains the slug “submit” or “about.”

 

You can also make menu tabs that use categories dynamic with the following bit of code:

 

<ul id=”nav”>

<li<?php if ( is_category(‘css’) ) { echo ‘ class=”current”‘; } ?>><a href=”#”>CSS</a></li>

<li<?php if ( is_category(showcase) ) { echo ‘ class=”current”‘; } ?>><a href=”#”>Showcase</a></li>

</ul>

 

DZone buttons

Similarly, you can allows guests to recommend your articles on DZone while staying on your blog.

 

Reddit buttons

You can use any of various Reddit buttons to better distribute your blog content and increase how much you’re discussed on that platform. You can use buttons with points. You can also modify them by turning off styles, changing the URL, or opening links in a new window.

 

Better archiving

You can use different strategies, as discussed on Noupe, to change the way your archive page is formatted and displayed. Options include:

 

  • Listing every post you’ve made
  • Presenting everything from the year or month
  • Arranging everything within their categories.

 

Addition of breadcrumbs

You can think of breadcrumbs as an additional navigation method that instantly improves your UX. You can essentially take any theme and give it breadcrumbs with this plugin, Breadcrumb NavXT.

 

Buy me a…

You can include a button that implements donations via PayPal, typically used as “Buy Me a Beer” or “Buy Me a Coffee” by independent bloggers.

 

Notifixious instant messaging

When posts are added, you can send notifications directly to your readers on instant messaging, text message, or email via this plugin.

 

Using Xampp with WordPress

You can use Xampp, allowing you to run WordPress locally. “You can also install plugins, upgrade to the latest nightly and virtually anything else confident in the knowledge that if it goes wrong, there is no impact on your actual site,” explains Lim.

 

Presenting Feedburner subscribers as text

Rather than using chiklets, this quick tutorial allows you to present your Feedburner count as text.

 

Landing pages

When anyone comes from a SERP page to your blog, they are zoned in on something specific. Once they hit your page, they will quickly scan a bit and then leave if they can’t see what they need. You can better keep those people on your site by presenting other posts on your blog that also fit their search criteria.

 

Auto-completion using Ajax

By using auto-complete with your search box, it makes it much easier for users to find their way around your collection of content. Here is a how-to guide from WordPress Hacks.

 

High-speed cloud WordPress hosting

All these interesting functionalities above can be powerful to engaging visitors and spreading your message beyond the bounds of your site. However, you also need a hosting service that’s fast enough to deliver your content to meet the expectations of visitors and search engines.

 

At Total Server Solutions, we engineered our cloud solution with speed in mind, and SSD lets us provide you with the guaranteed levels of performance that you demand. Your WordPress cloud starts here.