Help! I’m not selling anything on my webshop!

/0 Comments/in

The importance of “getting customers on your website” is often underestimated. While there are many successful websites and webshops that attract millions of visitors and earn substantial profits, the reality is that the online market is highly competitive. Thousands of webshops offer products and services for sale, making it challenging for new businesses to stand out.

Before starting a webshop, it’s essential to ask yourself some critical questions:

1. Is my product or service already available on the internet? If yes, can you compete and are you willing to take on that challenge? If not, have you done market research?

2. What is the net profit margin of your product or service? It’s crucial to consider all costs, including investments, expenses, and overhead, to determine the actual profit.

3. Are you starting this webshop as a hobby or a serious business plan? Understanding your commitment and goals is crucial.

4. How much are you willing to invest, and what sacrifices are you prepared to make to achieve your goals?

Once your webshop is up and running, you will face various challenges:

1. Building a customer base and establishing a brand may take 2-5 years.

2. Dealing with customer complaints and issues, even if your product or service is excellent, is part of running a business.

3. Determining the duration and level of customer service you can provide is essential.

4. Handling negative publicity effectively is critical.

5. Acquiring and retaining customers require a thoughtful marketing strategy.

6. Ensuring steady income streams and long-term business growth is essential for sustainability.

7. Having a clear vision of where you want your business to be in 5-10 years is important for setting goals.

8. Having a backup plan (plan B) in case things don’t go as expected is essential.

Starting a webshop with a positive outlook is natural, but it’s important to be prepared for the challenges and responsibilities that come with it. Online webshops have at least 60% of the problems and challenges that physical stores face.

To succeed, you need to find a way to differentiate your webshop among thousands of others and attract customers on the vast internet. It may seem easy to start an online business, but it comes with various challenges that require careful planning and preparation.

If you have a WordPress website or are planning to have one, WPbeveiligen specializes in securing WooCommerce webshops, which is crucial for WooCommerce and WordPress due to potential vulnerabilities.

Using Google webmaster tools

/0 Comments/in , ,

Google Webmaster Tools is a free service provided by Google that allows you to see how your website appears in search results. It offers various valuable information, including:

1. Search keywords and the number of clicks/visitors your website received for each keyword.
2. The number of inbound links to your website from other websites.
3. Indexing status with a graphical representation.
4. Blocked pages on your website.
5. Crawl statistics.
6. Potential security issues.

These are powerful tools typically used by experienced webmasters.

WPbeveiligen uses Google Webmaster Tools primarily to check whether clients’ sites have been approved by Google. Additionally, they ensure that the site appears in Google search results and that any red warning pages from Google are removed after recovery from malware.

Re-submitting your website for review through Webmaster Tools is crucial if your site has been infected with malware and its search results have been negatively impacted.

To get started with Google Webmaster Tools, you need a Google account. Once you are logged in, go to the Google Webmaster Tools page. Click on the “Add a property” button to add your website. You’ll need to verify that you are the owner of the website, and the easiest method is by downloading an HTML file and placing it in the root directory of your website using an FTP program.

Once the verification is successful, you can access various information about your website’s performance in Google’s search engine.

In the left-hand menu, you can choose the specific information you want to view. Google Webmaster Tools is a valuable resource for website owners and can provide insights to improve your site’s performance in search results.

10 WooCommerce extensions you can’t live without

/0 Comments/in

WooCommerce is one of the fastest-growing webshop software on the internet, and a significant reason for this is that WooCommerce runs on WordPress and is available for free download. Additionally, it’s easy to install with just a few mouse clicks.

However, WooCommerce is not entirely free. The trick lies in how the webshop operates. While WooCommerce seems comprehensive at its core, when you want to customize the registration fields or the checkout page, you’ll find that you need extensions. These customization options are not included by default in WooCommerce, and as you might have guessed, you can purchase them separately.

Does this sound familiar? Yes, it’s similar to the free games for phones with in-app purchases.

Nevertheless, there is an advantage:

Your webshop is not overloaded with features by default.

Below is a list of “extensions,” as WooCommerce calls them, that are crucial for a large webshop. Most of them can be purchased from the WooCommerce store, and we have provided links to each extension.

Essential WooCommerce Extensions

Extension 1: Customize Checkout Fields

The checkout field editor

This extension is necessary if you want to customize the fields that visitors fill in during the checkout process.

Extension 2: Wishlist

The wishlist addon

Allow visitors to save their favorite products. Without registration, they can save favorites and come back later to purchase them. The favorites are stored for 30 days, and for registered users, favorites can be saved as long as they want. It allows the customer to save for later.

Extension 3: Newsletter Subscription

Newsletter subscription

Customers can subscribe to the newsletter with just one click during checkout. This extension works in conjunction with Mailchimp.

Extension 4: Currency Converter

Currency converter widget

Visitors from other countries can choose the currency in which they want to see the amount. The currency converter widget uses a general database to display the currency at the current exchange rate.

Extension 5: PDF Invoices

PDF invoices

While you might expect WooCommerce to send invoices in PDF format by default, everything is done via emails. This extension ensures that customers also receive a downloadable PDF that can be printed or used for administrative purposes.

Extension 6: Payment Gateways

Mollie gateway

To receive payments via iDEAL and other methods, you can establish complicated connections with your bank. But this involves a lot of work.

Mollie is a Dutch company that provides payment options and simply deposits the various payments into your account without the need for contracts with your bank.

Extension 7: Multiple Shipping Addresses

Shipping multiple addresses

By default, you can only enter one shipping address during checkout. But what if you make multiple purchases at once and want them sent to different addresses? This extension allows that.

Extension 8: Product Image Watermark

Product image watermark

Prevent others from copying and using your product images by automatically placing your logo on the image with each new upload.

Extension 9: Multilingual Webshop

WPML

This is not an official extension of WooCommerce itself but a plugin that works with the webshop to make it multilingual. WPML has a Multilingual E-Commerce module specifically designed for this purpose.

Extension 10: Security

WordPress antivirus

An antivirus for WordPress is not a luxury but a necessity, especially if you use WooCommerce. You want to protect your customers and their data as much as possible, and you can achieve this with this antivirus plugin for WordPress.

Paid Extensions vs. Free Extensions

For the above extensions, you pay a small amount. However, it is recommended to make this investment over free alternatives. These paid extensions can be downloaded from the WooCommerce site, ensuring that there are no hacks or backdoors.

The Sky is the Limit?

Don’t clutter your webshop with too many extensions/plugins. Each plugin loads code, which can slow down your website. Additionally, hackers frequently test plugins for vulnerabilities, and they often find them. In short, every additional plugin is a potential vulnerability.

Try to have your WooCommerce webshop work with a maximum of 5-8 targeted plugins. Less is more when it comes to security.

Plugins, the weakest link in WordPress

/0 Comments/in ,

WordPress takes security seriously, and the company behind WordPress, “Automattic,” regularly releases security updates. Since 2007, we have been working with WordPress, and we can say that WordPress has always been one of the safest Content Management Systems, and it still is.

However, not every corner of the WordPress world is sunny. With 48,000+ free plugins created by unknown companies and developers, there are also many vulnerable plugins that become the weak link in WordPress’s watertight system.

Some Popular Plugins

Here are a few examples of popular plugins that have had security issues:

  1. All in One SEO – Improves Google rankings (2 vulnerabilities in 2016)
  2. W3 Total Cache – Speeds up the website (8 vulnerabilities in 2016)
  3. Contact Form 7 – Creates easy-to-use contact forms (last 3 vulnerabilities in 2014)
  4. Advanced Custom Fields – Enhances WordPress for advanced business websites (2 vulnerabilities since 2014)
  5. Akismet – Prevents comment spam (last vulnerability in 2015)

These are just five random plugins, but at the time of writing, there are 5194 known WordPress core, plugin, and theme vulnerabilities.

1 or 2 vulnerable plugins on my site are not a problem, right?

You might think, “Who would try those vulnerable plugins on my website?!” But here’s the bad news: at least 30,000 to 50,000 computers are actively hacking and processing 1000 requests per minute! Fully automated!

Calculation:
30,000 computers x 1000 requests = 30,000,000 x 24 hours
That’s 43,200,000,000 hacking attempts per day.

This only refers to home hackers who use programs to search the internet (Google) for injecting plugins. If we add the scripts running through servers, you wouldn’t believe how many websites are attempted and successfully hacked daily (to show advertisements).

All that effort for a little advertisement?

Indeed, once a site is hacked, the hacker will only display advertisements.

Consider what that does when a hacker can place their product on thousands of sites weekly, and some people end up buying it. The hacker exploits the trust that these sites have built with their customers. When a customer buys a product from the hacker’s webshop, the hacker earns good money. Usually, these products are expensive, and there’s uncertainty about whether they’ll arrive. In short, there’s a lot of money to be made in a short time without much effort.

Preventing Hackers from Exploiting Your Website

This antivirus plugin is specially developed for WordPress. The plugin is fully in Dutch and gives you a great advantage over hackers.

The plugin blocks injections, protects your server, and shows you who is attempting to log in to your WordPress falsely. This antivirus plugin combats hackers in over 200 ways and blocks many of their attempts.

All our sites run with this antivirus plugin because we don’t give hackers a chance!

More Tips to Protect Against Hacks

  1. Install a good antivirus for your WordPress website.
  2. Keep your WordPress up-to-date.
  3. Do not install unnecessary plugins and remove inactive plugins.
  4. Ensure your server is up-to-date.
  5. Regularly check if everything is running smoothly using Sucuri.
  6. Check the plugins you use for known vulnerabilities.

What happens on the server?

/0 Comments/in

To keep your WordPress website secure, it’s essential to monitor what’s happening at the file level. Having a clear overview of all activities on the server ensures that hackers have no chance, and you can take action before Google, Adwords, and other sources block your website.

Let’s provide a brief explanation of these terms and how they work:

WordPress at the File Level

WordPress consists of various components on the server to function fully. This includes the administration panel, which resides on the server, as well as the display of your theme, homepage, registration pages, and more. If hackers can manipulate these files, they can accomplish a lot—such as obtaining customer data, login credentials, or redirecting visitors to their own sites.

Overview of Activities

As if that’s not bad enough, they can also add a file to send emails via your website using your address! Having such a file on your server is something you definitely want to avoid. Therefore, knowing the activities taking place on your server is crucial.

How to Monitor Server Activities

If you are a keyboard enthusiast like us, you can use an FTP program to access the server or use the file manager of Directadmin/Cpanel.

However, there’s an easier way!

With this security plugin: Website File Changes Monitor* for WordPress, you can see what’s happening on your server. The plugin is relatively new at the time of writing and is free to use.

scanner for wordpress

*In the past, we recommended iThemes Security, but it has been showing too few changes in the logs in recent months..

WordPress implements forced update

/0 Comments/in

In WordPress 4.7.0, a new API was introduced that turned out to be insecure.
The new REST API, which is enabled by default in all WordPress 4.7.0 releases, can be used to modify posts without having administrator rights.

This is every hacker’s dream! With automated injections, modifying posts could lead to millions of sites displaying unwanted text, advertisements, and links.

Silence is golden

The WordPress developers were informed of the vulnerability by a major security company. From that moment on, the developers worked tirelessly to test and fix the vulnerability.
To prevent hackers from gaining an advantage, they kept knowledge of the vulnerability quiet and implemented a forced update. It was only a week after the update was released to millions of sites that the news became public.

What is a forced update?

This forced update is different from any regular update. Normally, you can choose whether you want to update WordPress automatically or not.
This update to 4.7.2 was forced and applied even to websites with “automatic updates” turned off.

Who disables automatic updates?

You would expect that automatic updating only has advantages. You don’t have to pay attention to updates yourself, and your website never falls behind.

But sometimes, the plugins you use are not up to date, or there are no more updates provided for the plugins.

At that moment, the new WordPress release may conflict with your plugin, causing the plugin to stop working or display errors on your website.
And if you don’t notice it because the update was done automatically…

What does WPbeveiligen do with updates?

For websites with 2-5 plugins, it is relatively safe to allow automatic updates. However, when it comes to websites with 8-20 plugins, we prefer to perform updates manually, especially for plugins. While updating, we check the website to ensure everything is still functioning correctly. If an error occurs, we can immediately identify the cause.

Google Adwords and Malware

/0 Comments/in

Google AdWords has a strict policy against malware. If your website contains malware, your AdWords campaign will be suspended until the malware is removed!

What is Malware?

Malware is the collective term for Malicious Software, which results in unwanted advertisements or viruses that attempt to steal data on the web.

How does Google AdWords detect malware?

Websites are scanned daily, and in some cases, every minute for the displayed texts. The source code is scanned, and the website is tested for Trojans, phishing, and more.

Google AdWords and malware don’t mix!

Your ads will be immediately suspended, resulting in potential loss of income and customers. Malware must be avoided at all costs.

What can you do against malware, viruses, and phishing?

It is essential to secure your website properly. Automated scripts that attempt to place malware on your website should not be given a chance.

Your WordPress website should be secured at several key points:

  1. URL injections must be blocked
  2. File permissions on the server must be set correctly
  3. The WordPress admin panel must be hidden
  4. The server must be made inaccessible for directory browsing
  5. WordPress, plugins, and themes must be kept up to date

A good plugin that can help with this is the WPbeveiligen Antivirus.

What to do if malware is detected?

Take immediate action to make your website safe and free from malware.

Hire us to make your website free from hacks!
We will remove the malware and secure your WordPress website to prevent future incidents.

We will also ensure that your AdWords campaign is reactivated as soon as possible by following Google’s procedures or contacting Google AdWords directly.

Securing your WordPress website

/0 Comments/in

Securing Your WordPress Website: Is It Really Necessary? Isn’t WordPress Secure Enough?

Hackers are constantly searching for vulnerabilities in WordPress and its plugins. And unfortunately, they have been successful!

These hackers are not just amateur programmers with too much time on their hands.

You’re dealing with full teams, where each programmer uses their knowledge to create a hack.

Secure WordPressPlugins + Themes = A Vulnerable Site

Among the 48,749 plugins available for free download and the 40,000+ paid premium plugins and themes, there are 6144+ WordPress plugins and themes that have reported vulnerabilities known to hackers.

Securing your WordPress website is no longer a luxury with all these vulnerabilities! It has become necessary to protect your WordPress website.

A hacked WordPress website can cause the following issues:

  • Sending spam (unwanted advertisements) using your website address
  • Capturing and redirecting customer information
  • Displaying advertisements (links) within your own content

Securing Your WordPress Website Against Hackers

Hackers are not personally involved in hacking your WordPress website.

Hackers deploy scripts online that continuously search for WordPress websites via Google and test them for vulnerable plugins and outdated WordPress versions.

It’s important to keep WordPress up to date and prevent these (hack) scripts from gathering information about your website. The more a hacker and/or script knows about your website’s data, the easier it is for them to find a vulnerability.

Securing Your WordPress Website Against Vulnerable Plugins

Plugins are developed by web agencies and programmers from all over the world. Many of these programmers are unaware of hackers’ tricks. Even though they create brilliant plugins, those plugins are unfortunately susceptible to automated hacks.

Securing Your WordPress Website Against Injections

WordPress has various methods for updating news, such as through the app or APIs. It’s crucial to prevent these injections!
An injection is a command given to your website through a specific URL, typically through the navigation bar.

Secure WordPressPlugins like iThemes Security PRO NL block long commands, significantly reducing the possibility of injections.

Securing Your WordPress Website with WPbeveiligen

We actively secure WordPress websites seven days a week. We know hackers’ tricks and have the knowledge to defend against them.

Let us secure your WordPress website!

WordPress has been hacked, now what?

/0 Comments/in

WordPress is often hacked through vulnerable scripts. We still call it hacking because there has always been someone who wrote an automated script, and their advertisements appear on your website due to the hack. In fact, it’s more automation than hacking, as the script works 24/7 without the hacker being involved anymore.

But once you have an advertisement or your website is sending spam due to the hack, it’s important to get rid of it.

Restoring the hacked website

You can follow this step-by-step guide to restore your hacked website:

  1. First, make a backup of all data and the database
    The data includes the entire www/httpdocs folder.
    You can often export the database through phpMyAdmin or using a backup plugin.
  2. Try to update as much as possible
    Download WordPress and manually upload it to the server (using an FTP program). Also, replace the plugins with new ones and, if possible, the theme.
    Note: Updating the theme may sometimes cause style changes. Only consider this if you have the necessary knowledge to adjust the settings/style.
  3. Check your server for backdoors and unwanted files
    A hack never comes alone. Besides the modifications to your website through advertising injection, there are usually files and codes (see WPbeveiligen detection tool) on the server that allow the hacker and their script to regain access to your website.
  4. Check all plugins and themes for vulnerabilities
    You can do this using this website.
    If your plugins contain vulnerabilities, it’s recommended to use alternatives.
  5. Secure your WordPress website
    The hack has entered your website, and without security, it will happen again.
    Install a good security plugin on your website and configure it.
  6. Afterwards, verify that your website is fully restored
    You can do this through webmaster tools or using the Sucuri malware scan.

Good luck!

It’s a significant task that requires knowledge and patience. If you’re unable to do it, you can contact us. We restore WordPress websites on a weekly basis and provide a guarantee for our services!

Creating a company website in WordPress

/0 Comments/in

A business website aims to persuade visitors to make a purchase. To achieve this, a few important elements are needed:

  1. A great product
  2. A clear website
  3. Engagement with your customers

We will discuss these three points in detail and provide guidance on how to achieve them.

A Great Product

The product is, of course, your responsibility. In writing this article, we assume that you have a top-quality product.
A product sells best when:

  1. It is innovative, allowing you to have less competition and sell more.
  2. For a clear website, continue reading…

A Clear Website – The Pages

A clear website should have the following elements:

  1. A homepage that, within 1 minute, tells visitors what you offer and how you differentiate yourself from others. (Homepage)
  2. An informative page about the person selling the product. (About Us)
  3. A product page that displays where it can be purchased and provides information about the product’s features. (Shop)
  4. A contact page that includes contact information such as phone number and email. (Contact)
  5. A Frequently Asked Questions (FAQ) page.

If you’re new to WordPress, learn how to create pages here.

Engagement with Your Customers

Personal contact is still the best way to make sales. Including your phone number and email address (or contact form) is essential.
You can also provide an option for customers to enter their phone number so you can call them back.

Contact Form 7
With Contact Form 7 (plugin), you can create simple or advanced contact forms.
Contact Form 7 offers many possibilities, but it requires some understanding of how it works. Fortunately, we have written an article on how to use this plugin.

Establish Policies for Your Product or Service

Document how your product should be handled and what it should not be used for.
Consider creating a page with the terms and conditions of the product warranty and when it becomes void. (Terms and Conditions)

Create Landing Pages

Landing pages are specifically designed to promote your product or service with a beautiful layout and clear explanation.
You can create landing pages most effectively and easily with Visual Composer (requires some research and experience).
The advantage of Visual Composer is its ease of use when inserting elements such as videos, contact forms, dynamic content, and more.

Social Media

You want visitors to share your website or follow you on social media.
Here are some excellent plugins for social sharing:
1. Social Share Button Adder (free)
2. Monarch by Elegant Themes (paid)
3. Social Warfare (free)

SEO – Search Engine Optimization

To achieve the best possible ranking in Google, you need plugins that allow you to customize the description and title of your pages.
1. All in One SEO Pack (free)
2. Yoast SEO (free)