4 Excellent Website Security Tips For Businesses

While you may not think your website is of value to hackers or vandals, it can be compromised at anytime through certain vulnerabilities. Most of the time, website are hacked not to damage the owner, but to use as a staging point for attacks and email relays for spamming others. Proper website security can help protect you and others online from predatory behaviors.

If you’re a client of Cohlab and have one of our websites, be sure you’re on our maintenance program so we can protect your website. If not, our new Trustdyx websites offer sleek designs without plugins or major security holes, making your business website safer than ever.

Get in touch today to learn more.

1. Updates

Whatever server or CMS you use, keeping software and plugins up to date is extremely important. It might seem easy, but modern websites have many moving parts which interact together. When one piece is updated, it may not work perfectly – or at all – with the other pieces.

While there can be downsides to updating, having a professional take care of it can ensure it’s done correctly and everything continues to work smoothly.

The risk to not updating is that hackers exploit those who don’t update, since so many websites use the same or similar products to get the job done.

2. Passwords

You know you should use a variety of complex passwords . . . but, do you? It’s crucial to protect your hosting and website administration area with strong passwords.

Hackers have many ways of stealing or breaking through passwords, from simply stealing and guessing to sophisticated cracking tools and network analyzers.

When considering your password, be sure to use best practices like:

  • Minimum of eight characters
  • Upper and lowercase letters
  • Symbols and numbers
  • No identifying information (i.e. name or birth date)
  • No keyboard strings (i.e. qwerty or 12345678)

Alternatively, with a Trustdyx website, no password is actually needed. Changes can only be made through a proprietary program, making it even harder to hack.


HTTPS is a protocol used to provide security over the internet. If you look at the top right of many websites, before the “www” will be “https://”. This means no one can intercept or change the content being transmitted between the website server and your browser. Credit card and login pages should all be HTTPS, but soon every page of a website will need to be as well.

Without HTTPS, an attacker could create a visually similar website and redirect your visitors there, and they would be none the wiser if they didn’t investigate further. The attacker could then steal any information they enter into the fake website.

That’s why our Trustdyx websites offer HTTPS standards as part of their website security package, to protect you and your visitors.

4. Backups

Once you think you’ve taken all the website security precautions you have, the best thing you can do is have a good plan in place for recovery. With regular backups, if something were to go horribly wrong at least you can recover your website to a point earlier in the day or week.

With Trustdyx, every time a change is made to the website, it’s backed up. That means if something were to go wrong, we could restore your site to the exact point before an attacker altered it.

Once you think you have done all you can then it’s time to test your website security. The most effective way of doing this is via the use of some website security tools, often referred to as penetration testing or pen testing for short.

The results from automated tests can be daunting, as they present a wealth of potential issues. The important thing is to focus on the critical issues first. Each issue reported normally comes with a good explanation of the potential vulnerability. You will probably find that some of the medium/low issues aren’t a concern for your site.

4 Traits To Look For In An eCommerce Web Development Firm

Web development is a complex process, and with eCommerce web development there are many more factors to take into account.

Instead of users coming to a website to learn about a service, then calling or emailing for more information or an appointment, an eCommerce site contains the entire sales process, and needs the requisite abilities and security to make sure the transaction goes through smoothly, quickly and safely.

eCommerce web development isn’t something you want to trust to just any web developer. A firm like ours can help you build a responsive, secure eCommerce website, so contact us for more information!

Let’s go over 4 traits you’ll want to look for in an eCommerce web development firm.

4 Traits To Look For In An eCommerce Web Development Firm

1. Responsive Web Designmoney-card-business-credit-card-50987

When browsing the internet on your phone, you’ve likely searched for a product, clicked on a search result and been taken to a hard to navigate website. It might even take you to the home page instead of the product you were looking for!

These problems arise when a website isn’t designed to be responsive. An eCommerce web development firm will make one website which will react to whichever kind of device it is being viewed on rather than build a mobile and a desktop site.

2. Site Optimization

Statistics show that 40% of users will abandon a website which takes more than 3 seconds to load. This is especially true for mobile users, who make up nearly ¼ of all eCommerce sales.

In order to keep those customers on your site you’ll want to optimize it to run as quickly as possible by using an eCommerce web development firm. This is not only on the ‘back-end’, but also in the way information, pages and menus are organized and displayed.

3. Search

It’s important to make sure your eCommerce web development firm knows the importance of having a search function on your website. 30% of visitors to eCommerce sites use the search function to find the products they need.

The firm should also be able to employ ‘faceted search’, where users can sort results by color, size, price, manufacturer, etc.

4. Security

All eCommerce web development firms should make sure the sites they build support SSL to encrypt information. This is true not only for credit card and other payment information but also personal information like addresses, phone numbers, emails, etc.

After internalizing these 4 traits, you’ll be able to find a great eCommerce web development firm to work with. Be sure to contact us if you’d like more information about eCommerce websites, or are ready to create or reimagine yours!

The Definition of a WordPress Core: Why Maintenance and Updates Are Crucial

A core is defined as the central, or most important part of something. Your WordPress core does not deviate from this. It is the central and most important aspect of your website. That is the reason that maintenance and updating of your core are so crucial. As the center of your site, WordPress unveils updates for critical reasons. Failing to remain up to date with these changes can lead to serious issues with the security, reliability, and functionality of your website. Updating should become a regular routine that is strictly adhered to. You can bet that if your WordPress core requires updating, it was done to protect, or enhance the experience of your visitors.

Update Types

WordPress releases updates of three different types, for three different purposes. The first type of update is security updates. These updates are usually small scale repairs issued periodically to correct any freshly discovered vulnerabilities. They do not include any features or significant changes to the WordPress Core. Security updates ensure that your website is safer from the attacks by hackers. The second type of update is slightly more involved. They are called patch updates, and though they also do not include any features, they are an update to your core, and may even include security patches within them. These are generally released on a more scheduled basis. Finally, major releases are the third type of update. These are the updates that add features or change the functionality of your core. Typically, it is major releases that most avoid because they do have the potential to cause site issues. However, it is always wise to back up your site before updating and ensures that if there is any problem, you are covered.

Managing WordPress Core Updates

Because updates are so important, managing them properly should be an ongoing task on your to-do list. There are automatic updates available. However this only applies to your core and will not handle updates for your plug-ins. Often, website owners will create a schedule or calendar to check their site for any updates available. This can be somewhat useful, but is still commonly overlooked. The best way to manage your updates is by investing in a maintenance service to take the burden off your shoulders completely. Not only will this remove one more thing from your list of tasks, but providers of this service often provide a number of other significant benefits such as automatic backups and SEO strategies.

In the end, how you choose to manage your updates is a decision that you must make alone. If you are tech savvy and well organized, the process may be manageable. However most have found that automating the process and taking advantage of other excellent and valuable services provided by a professional SEO and web development firm is a worthy investment. Cohlab offers WordPress Maintenance and Support Services that not only ensure that your CMS and plug-ins are always up-to-date, but also provides other great services including 24/7 security monitoring, secure offsite backups, and many more. These packages are a great way to make sure your website is in tip-top shape at an affordable price far less than what your valuable time is worth. Check out our packages and let Cohlab take the worry and burden off your shoulders.

Wondering how you are doing? Use our complimentary Digital Marketing Scorecard to gain valuable insight on how your website rank compares to others. We are also glad to answer any questions you may have and provide Cohlaborative digital marketing solutions to meet your company’s needs.

Maintaining WordPress Maintenance Plugin Updates

If your website is managed by a content management system (CMS), the chances are relatively strong that it is WordPress. Furthermore, if you use WordPress for your site, the chances are even stronger that you have various plug-ins to increase the functionality of WordPress. Higher still is the likelihood that if the above is true, you have at least one if not many plug-ins that are missing their latest update. There are many reasons why WordPress maintenance plugin updates are often neglecting. Some go with the “if it ain’t broke, don’t fix it” philosophy. Your plug-ins need updating, but you have not noticed it is causing any issues so why worry? Others believe that updating a plug-in is an invitation to experience issues and site crashes because of compatibility issues. However, the most common reason perhaps is that in the hustle and bustle worrying about your WordPress plug-ins is simply not a priority. For all these reasons, there is one simple reply, “Do It!”

More about WordPress Maintenance Plugin Updates

You may have noticed that on your WordPress Dashboard, at the very top of the screen you will see a notice advising you that updates for your plug-ins and WordPress itself are available. Instead of ignoring those, it is critical that you take the time to update them. After all, the notice does say “please”. WordPress often releases updates, sometimes weekly, and so do your plug-ins. The reasons are many. There may be security issues that a plug-in will correct. Alternatively, there may be added functionality that will make your life easier. Whatever the case may be, updates are necessary and should not be neglected?

Why Updating WordPress Plug-Ins Is Important

Security issues are perhaps the number one reason you want to make sure your plug-ins are up to date.  Take a look at live world wide hacking attempts that are going on now.  Developers who create their plug-ins are often working with the code daily and may find issues with the original version. They may have user feedback that shows people are having issues with it. Either way, if taking the few seconds of time, literally, that it takes to update will save you from a hacked website, it is a no-brainer. Also, because WordPress maintenance plugin updates may improve the speed of your website, plug-in updates are critical from a digital marketing perspective. If your site is slow to load, visitors will head directly to your competition. Also, because WordPress updates regularly, the thousands of available plug-ins may have compatibility issues with the new version. You should always be updating WordPress, and your plug-ins to make sure everything is functioning as it should. If it is not, the worst case scenarios include frustrated visitors, or worse, a site crash.

Still Have Excuses not to Worry About WordPress Maintenance Plugin Updates?

It is understandable. Some people simply aren’t comfortable making any changes without professional guidance. Others may want to simply set it and forget it. Alternatively, they want it updated by someone else to free up their time. Fortunately, there is help available. Cohlab offers WordPress Maintenance and Support Services that not only ensure that your CMS and plug-ins are always up-to-date, but also provides other great services including 24/7 security monitoring, secure offsite backups, and many more. These packages are a great way to make sure your website is in tip-top shape at an affordable price far less than what your valuable time is worth. Check out our packages and let Cohlab take the worry and burden off your shoulders.

Wondering how your digital marketing efforts are doing? Use our complimentary Digital Marketing Scorecard to gain valuable insight on how your website rank compares to others. We are also glad to answer any questions you may have and provide Cohlaborative digital marketing solutions to meet your company’s needs.

When Disaster Strikes: Help For Fixing Your Hacked Website

It can happen at any time with very little warning. People often find out it’s happened to them in a number of ways. An angry client may call asking why their computer is telling them your website may be harmful to their computer. A co-worker may send a short email. Or, you may happen to be on your website yourself when you see the awful notice that everyone else who visits your site will see as well, that you’ve been compromised. If you have or ever do find yourself in this situation, you shouldn’t be surprised. In fact, hackers will attack many thousands of websites on a daily basis. In most cases, your site will not look any different, but hackers may be using a broad spectrum of ways to compromise your data and that of your clients.

If you’ve read our blog article entitled, “An Overview of Hacked Websites”, you would have learned the risks and means of having your website hacked. You may also have learned some valuable information on how to prevent an attack from occurring. However, what if your website has been hacked? What are the steps you can take to correct the situation with as little harm and headache is possible? In this article, we will cover the steps to help fix your hacked website.

Google’s Advice for Fixing Your Hacked Website

In the event that you have been hacked, it is important to understand the situation as best as possible. The first step is to watch the video posted by Google that explains the basics including how and why websites are hacked. The video will also briefly explain the process of recovery and removal of any warnings to visitors by Google, and the options available to you. These options include to do it yourself or hire a professional. Following the video, Google gives a list of steps that show more in depth what must be done to restore your compromised website.

The Initial Step

The first step is to contact the host of your website. By letting them know as soon as possible, they can verify that no other sites they host have been hit, and also can help recover your site in some cases. Even if they are unable to help recover it, they may be able to help steer you in the right direction as to whether or not a professional is needed. Building a support team is important, and your hoster will be the first outside member you should include.

Taking Action

Like when a person has a bad virus, a quarantine is often set up to prevent the hackers from causing further harm. The same is true for your site. It is important to prevent your server from allowing pages to be viewed by users. In other words, simply shut it down. This may not be as harmful to some companies as others who operate solely from their website, but in either case it is crititcal to close the site so things cannot get worse.

From here, its important that you contact Google Webmasters to verify that you are the site owner and also to make sure the hacker has not already verified themselves and changed any settings with your analytics. Finally, Google Webmasters is also able to help determine the nature of the attack and give clues as to how you can resolve it.


This next step can be a bit more difficult for the novice and will most likely be the place that most small businesses will most likely need professional assistance. The basic idea is that the owner should examine all site files and settings and verify which have been affected. From there, the goal is to determine the hacker’s main intent for the breach. You will be searching for any included code, page modifications, and other similar details.

Once the examination is complete and you’ve listed everything that is abnormal, you will need to determine the vulnerability that allowed the site to be hacked in the first place. It is important to examine the entire site even if a vulnerability is caused. It could be in fact that you have more than one vulnerability that requires attention. This may include a virus on the main computer of the administrator, weak passwords, software that is out of date, and other such weak points.

Hacked Website Cleanup

When all of these steps are completed and you have all the background information required it is time to clean your site and maintain its security for the future. The goal is to remove anything that is bad and replace it with good. Any vulnerabilities should be fully addressed and a plan should be created and implemented to help prevent any future attacks from occurring.

The final step which will return your site to a fully functioning and warning free site is to request an official review by Google. Review the steps you’ve taken and make sure that nothing was missed. Submit a review request an Google will examine your site and will either give you an approval, removing any warnings to visitors, or require you to re-review your steps and see what may have slipped by. Being hacked is not a fun process. There are ways to help prevent it, but no site is immune.

Download our Top 10 Ways to Protect and Restore your Website for more in-depth information.

Wondering how you are doing? Use our complimentary Digital Marketing Scorecard to gain valuable insight on how your website rank compares to others. We are also glad to answer any questions you may have and provide Cohlaborative digital marketing solutions to meet your company’s needs.

5 Spring Cleaning Tips for Your Websites You Can Use All Year Long

After months of cold temperatures and gray skies, the thermometer is finally beginning to rise and the sun is once again showing its cheerful face. As we recover from our annual bout of cabin fever and begin to feel the energy and motivation that spring often brings, we often look for ways to do some much needed spring cleaning. However one thing many people miss is the spring cleaning that may be needed on their website. Just like our houses and cars, after a time they need a little freshening up, and spring is a wonderful time to make it happen. Here are the top 5 tips to give your website a spring makeover.

# 1 – Scrub Your Website Content:

Content is the lifeblood of your website and is one of your websites most important attributes. It is a key component that will generate traffic and increase the amount of time people are interacting with your brand. If you have older content that should stay on your site, consider freshening it up with a new structure. Perhaps change the titles to something a bit more interesting, or include updated statistics and information. Also, make sure there are no broken links. Another project could be to add links within content that is the least visited to help traffic. Or, simply add content that is fresh and relevant to provide something new to drive people to your site.

# 2 – Sweep Your Website Design:

If your website is looking a little tired and outdated, it may be time for a bit of design rehabilitation. This type of website spring cleaning may require a bit more thought and effort, but it can be invaluable to your digital marketing efforts. Imagine yourself as a visitor to your own site and think about if the information seems well organized. Are the pages are easy to navigate? Consider the message your website is providing visitors, and determine if there are any small adjustments you can make so it is more inviting and interesting.

# 3 – Dust Your Details:

It’s often the little details that people notice about your website that seem the most unprofessional. Check out things like your copyright date in the footer, the events on your calendar page, the staff on your about us page, or the contact information. Make sure everything is current. You might also want to read through your content, or have another set of eyes do it to find any grammar or punctuation issues.

# 4 – Tidy Up Your Website Calls to Action:

Websites serve many purposes. One is for marketing and brand recognition, but another is to prompt people to take action. To really move people to take the action you are shooting for, spend some time thinking about how well your call to actions are crafted. Make sure they are very clear and easy to find. Think about if they are easily shared to social media. If you have been wondering why your call to action is ineffective, it may be it just needs a ten-minute tidy.

# 5 – Shake Out Your Website SEO:

Search Engine Optimization is pretty important, that is if you hope people will find your website. It’s a good idea to take some time to review your SEO and make sure it is clean and polished. First take a peek at your analytics and use it to determine your best traffic drivers, and also any errors that visitors may be running into. Also important, think about how you are using social media. Add links to share content on your various platforms. Consider doing some guest blogs. Review your personal and professional contacts and think about who may benefit from your content. In short, seek out new ways to drive traffic and expand your traffic sources.

Make Your Website Shine Year Round

It’s always refreshing to spend some time doing a little spring cleaning. And while the warmth and brightness of spring is a good reminder to do a little freshening up, the truth is that these same tips to tidy up your website are great things to consider any time of the year. Efforts you make with your web presence today can bring excellent advantages for a long time to come.

Wondering how you are doing? Use our complimentary Digital Marketing Scorecard to gain valuable insight on how your website rank compares to others. We’re also glad to answer any questions you may have and provide Cohlaborative digital marketing solutions to meet your company’s needs.