Creating a company website in WordPress

/0 Comments/in

A business website aims to persuade visitors to make a purchase. To achieve this, a few important elements are needed:

  1. A great product
  2. A clear website
  3. Engagement with your customers

We will discuss these three points in detail and provide guidance on how to achieve them.

A Great Product

The product is, of course, your responsibility. In writing this article, we assume that you have a top-quality product.
A product sells best when:

  1. It is innovative, allowing you to have less competition and sell more.
  2. For a clear website, continue reading…

A Clear Website – The Pages

A clear website should have the following elements:

  1. A homepage that, within 1 minute, tells visitors what you offer and how you differentiate yourself from others. (Homepage)
  2. An informative page about the person selling the product. (About Us)
  3. A product page that displays where it can be purchased and provides information about the product’s features. (Shop)
  4. A contact page that includes contact information such as phone number and email. (Contact)
  5. A Frequently Asked Questions (FAQ) page.

If you’re new to WordPress, learn how to create pages here.

Engagement with Your Customers

Personal contact is still the best way to make sales. Including your phone number and email address (or contact form) is essential.
You can also provide an option for customers to enter their phone number so you can call them back.

Contact Form 7
With Contact Form 7 (plugin), you can create simple or advanced contact forms.
Contact Form 7 offers many possibilities, but it requires some understanding of how it works. Fortunately, we have written an article on how to use this plugin.

Establish Policies for Your Product or Service

Document how your product should be handled and what it should not be used for.
Consider creating a page with the terms and conditions of the product warranty and when it becomes void. (Terms and Conditions)

Create Landing Pages

Landing pages are specifically designed to promote your product or service with a beautiful layout and clear explanation.
You can create landing pages most effectively and easily with Visual Composer (requires some research and experience).
The advantage of Visual Composer is its ease of use when inserting elements such as videos, contact forms, dynamic content, and more.

Social Media

You want visitors to share your website or follow you on social media.
Here are some excellent plugins for social sharing:
1. Social Share Button Adder (free)
2. Monarch by Elegant Themes (paid)
3. Social Warfare (free)

SEO – Search Engine Optimization

To achieve the best possible ranking in Google, you need plugins that allow you to customize the description and title of your pages.
1. All in One SEO Pack (free)
2. Yoast SEO (free)

 

 

In 4 Steps: Putting a new product in your WooCommerce shop

/0 Comments/in

The advantage of WooCommerce is that the shop makes use of the existing features and appearance of WordPress.
Although you see many possibilities, creating a new product is similar in many ways to creating regular WordPress pages and posts.

Step 1: Title and Description

woocommerce product aanmaken wordpress

The title you choose is very important for visitors and for your position in Google. The product title is also used as the link/page name.

The description should correspond to the product and provide an explanation. It is your opportunity to sell the product and be found in Google.

A description of 200-300 words is recommended at a minimum. For example, you can describe what the product does, its benefits, and how to use it.

Step 2: Product Image

The product images determine 50% of whether you sell the product or not.

TIP: Make sure you have multiple images of the product!

Think of 1 clear image/photo and multiple photos taken from different angles. Don’t be fooled by the small size you see in the product gallery because visitors often click on it and then see a larger version on the website.

woocommerce wordpress afbeeldingen van product

Step 3: Price, Shipping Method, and More..

This is often the moment when you take a deep breath because there are only a few fields you need to fill in, but there are so many options to see!

woocommerce

Don’t be intimidated; what you mainly need to fill in are:

  • Selling price
  • Quantity (if you have a stock that can run out)
  • Extra: related products (display other products)
  • Extra: enter some dimensions and weight
  • Extra: enable/disable the rating option

Step 4: Categorize and Publish

opslaan en categorie kiezen

Finally, choose a category so that you can easily find the product and show visitors more similar products.
You’re familiar with save as draft or publish from pages and posts, but don’t forget the blue button 😉

 

WordPress hacked yet again?

/0 Comments/in

Your website is offline, and you contact your hosting provider only to find out that your WordPress website has been hacked.

And it’s sending spam…

For security reasons, the hosting provider has taken your website offline.

Why your website is offline

Many websites are hosted on a single server, which is a powerful computer with a single IP address. When too much spam is sent from that IP address, major mail servers put it on their blacklist.

In other words, if your website continues to send spam, other customers won’t be able to send emails, and their emails won’t reach their recipients.

To cut a long story short, your website is now offline and inaccessible until you remove the file responsible for sending spam.

Where can you find a spam script?

searching filesThe spam script can be a single file located among the files in your WordPress site on the server.
Sometimes, the file is found in your uploads directory because it can be written to by third parties.
However, with a vulnerability in your plugins, the main directory is also accessible to hackers and hacking scripts.

The file can be located anywhere.

We often find the spam script in the uploads directory, among plugins, within themes, and in subdirectories.

You might think, “I’ll remove the spam script from my website, and then the website will go back online.”

Sounds logical, right?

Piece of cake!

A spam script means a hacked website

A spam script in your WordPress site indicates that hackers or automated scripts have found a way to access your server. That’s how the spam script ended up on your website and server.

That vulnerability needs to be patched!

A vulnerability can be present in an outdated plugin, in WordPress itself, in the passwords you use, or in the server’s security.

Closing that vulnerability requires expertise and experience!

Hackers are cunning and use special codes and proven tricks.
For example, Base64 code is written in PHP but encoded so that the server and search programs cannot detect it!

Fortunately, you’ve found WPbeveiligen!

We identify vulnerabilities and hack scripts, carefully remove them, and ensure that your WordPress site is not easily hacked again!

Click here! Get your hacked WordPress website cleaned and secured now!

Securing WordPress with a plugin

/0 Comments/in

Is it necessary to secure WordPress with a plugin?

By default, WordPress is relatively secure, and any XSS hacks are neutralized in updates. However, the plugins and themes developed by others have vulnerabilities that allow hackers and automated scripts to gain access to your website.

Securing WordPress starts with hiding and securing your admin area. Through the admin area, a hacker can do whatever they want, such as creating new posts and pages and injecting ads into your content or layout.

But… I have hosting security, right?

The hosting provider’s role is to protect against DDoS attacks and ensure the server functions properly. They implement security measures such as firewalls and brute-force protection, primarily focused on safeguarding the server itself. The server’s security software is NOT designed to protect Content Management Systems.

This is because certain permissions and freedoms are required for a Content Management System to edit, create, and delete files.

Protection against hackers? My website isn’t that popular!

Out of a thousand websites, 999 are discovered by automated scripts through Google and get infected with a virus. So even if your website is for a local fishing club, the automated script doesn’t discriminate and will still inject malware.

Malware? Virus? Hackers? Injection?

These terms can be confusing! Isn’t a virus for computers? Like the Windows viruses in the early 2000s? Explanation: A server hosting your website is a “stripped-down” computer with only an operating system like Linux. Linux has fewer viruses that work due to root protection. However, with WordPress, it’s different.

And isn’t malware something in my browser? Explanation: Malware is short for Malicious Software. It refers to the scripts/software that hackers place, or rather “inject,” on your server.

Injection is a term from medicine, right? Explanation: It involves taking a piece of code and releasing it on the server, which then spreads to various directories and files.

Hackers are intruders who primarily work with electronics. In this case, they spend days experimenting with a known vulnerability and target their virus to exploit that vulnerability.

Can a plugin stop all of that?

Not just “any plugin,” but the enhanced iThemes Security PRO NL can. This plugin has undergone years of development, testing, updates, and improvements in both the United States and the Netherlands to make hackers’ lives more difficult and protect your WordPress website.

How does the plugin work?

Against viruses: The security plugin restricts write and execute permissions on important files, making it more difficult for viruses to spread and modify critical files.

Against malware: Malware has certain characteristics and often executes commands that this security plugin can block.

Against injections: Injections are often attempted through the navigation bar, and this security plugin blocks suspicious injections and long codes that hackers try to inject into your website.

Against hackers: Hiding the LOGIN admin screen and implementing two-factor authentication are some of the most important preventive measures. Additionally, this security plugin hides various features that hackers exploit to gain access to your website, such as user information, database details, WordPress version numbers, and more.

In summary…

It is essential to secure your WordPress website against attacks, viruses, and malware. The iThemes Security PRO NL plugin offers the best protection for WordPress. We have been using this plugin for years and cannot imagine operating without it. Can you?

Uploads folders of WordPress are a weak link

/0 Comments/in

The upload directories of WordPress can be used by any plugin to store files.

Hackers exploit this by placing malware in the upload directories through vulnerable plugins.
With that malware, they can send spam and display advertisements for their own (often illegal) products on the website.

Securing the weak link

Preventing plugins from placing files in the upload directories is not an option since it would hinder their functionality.

However, you can ensure that the malware cannot be executed!

How?

With this security plugin, you can simply click to disallow the execution of files (malware) in the upload directories.


This is one of the many options the security plugin offers to make your WordPress site much safer!

Maintaining WordPress this is how you do it!

/0 Comments/in

WordPress maintenance? Is that necessary?

It’s not a moped, after all.

It doesn’t rust, since when do you need to maintain digital data?

In the article below, we will explain why you need to maintain your WordPress website and guide you through the process of updating your website in 5 steps.

Updating is 80% of the maintenance WordPress websites need.

Maintaining WordPress against cybercrime

WordPress, especially the plugins, are constantly tested by hackers for vulnerabilities. And unfortunately, they succeed 🙁

Hackers have been making a living for years from the income generated through advertisements and products promoted via hacked websites.
maintaining WordPress against hackers
The advertising industry is worth millions, just look at the ads on YouTube, television, newspapers… they are everywhere!

And cybercrime, as they call it, is still on the rise!
Why is that? Because the internet has global reach, from the office to the couch with a smartphone. People of all ages can be reached and are primarily active online.

Note: we are talking about automated hacks here. These are programmed once and then executed thousands of times a day by a computer.

1) Maintaining WordPress: Backup

First, make a backup of your entire website.

You can easily do this with UpdraftPlus, with just a click of a button, you have a backup! The free version is sufficient, and the premium version offers even more features.
making backups for WordPress

2) Maintaining WordPress: Update WordPress

Start by updating WordPress itself.

This can usually be done within WordPress itself, but if it fails due to file permissions or other errors, you can manually replace WordPress on the server using an FTP program like FileZilla.

3) Maintaining WordPress: Update Plugins

Update the plugins and check if your website is still working.
maintaining WordPress plugins
If you want to be extra cautious, update your plugins one by one. This may take longer, but it avoids a lot of trouble if there are issues with a new update of a plugin.

Did you know that we can handle the updates for you monthly?! That saves you a lot of effort. We also update more frequently when vulnerabilities in plugins are discovered.

4) Maintaining WordPress: Update the Theme

Update the theme, but be aware that it may disrupt the appearance of your website.

PRO TIP: Check the release log of the theme first; it often happens that only updates with visual adjustments are released. You don’t have to apply those updates every time.

Update your theme only if there are security updates.

For more information, you can also refer to the article Updating WordPress, the ultimate guide.

5) Maintaining WordPress: Don’t Give Hackers a Chance

Not all plugins and themes are adequately maintained by developers.
This allows hackers to exploit vulnerabilities in plugins and inject unwanted advertisements and other viruses into

your website.

Free plugins are sometimes not updated because the developer is too busy with other work.
Premium plugins are not always updated on time because developers are not always aware of vulnerabilities in their plugins.

What you can do to prevent hacks

Vulnerabilities in plugins and themes are inevitable. It is important to minimize the opportunities for hackers.

This can be achieved with a good security plugin for WordPress.

The security plugin does the following:

  1. Limits file permissions in sensitive folders and files
  2. Filters injections through vulnerable plugins
  3. Sends notifications when your website unexpectedly changes
  4. And more!

A security plugin is not a luxury; it is essential to protect your website against hackers and hack bots.

Maintaining WordPress: The Easy Way

We work with WordPress 7 days a week. We have the expertise, passion, and knowledge to keep hackers out and maintain the security of WordPress websites.

For a small monthly fee, we maintain, update, and secure your WordPress website.

Convenience and security above all!

Managing the database through the WordPress admin

/0 Comments/in

The WordPress database contains a lot of important information.
Think of all the pages, users, news articles, and more!

Sometimes you need to manage the database, for example when you can’t log in anymore or when there are errors.

We regularly check our clients’ databases because hacks and unwanted advertisements can be found in the database.

If you don’t have PhpMyAdmin

If you want to manage the database, you undoubtedly use PhpMyAdmin. But on some web hosts, PhpMyAdmin is not installed at the regular address: www.yourdomainname.com/phpmyadmin

PhpMyAdmin may still be accessible through cPanel, DirectAdmin, or your web hosting control panel, but if you’re not an experienced programmer, you’ll need to search carefully and log in 2-3 times.

There is an easier way!

Use ARI Adminer Lester’s WP DB Manager to manage your database

ARI Adminer is a plugin that is no longer available, so you install (at the time of writing) the WP DB Manager, which you can install via your plugin management or manually download and install through this link. Then it’s just a matter of starting it up, and you’ll have a good reasonably functioning control panel at your disposal, where you can edit, delete, and empty database tables.
In many cases, it is not necessary to enter database credentials to use this database manager! And that saves you some searching 😉

https://nl.wordpress.org/plugins/ari-adminer/

WP-DBManager

Safety first!

Once you have made the necessary adjustments with this great plugin, it’s a good idea to remove it.
Of course, you don’t want to leave unnecessary plugins on the server that can provide extra opportunities for hackers and malware!

Adwords campaign turned off due to policy violation

/0 Comments/in

Google is strict when it comes to advertisements and “misinformation.” It is considered a policy violation, and your AdWords campaigns will be disabled as a result.

The email notifying you that your AdWords campaigns have been disabled often leads to questions:

1. How can my website suddenly violate the policy when you haven’t made any changes to the site yourself?
2. Which policy is Google AdWords referring to?
3. How can I get my campaigns re-enabled?
4. How can I prevent this from happening again?

Point 1: How can the website suddenly violate the policy?

At this moment, thousands of computers are scouring websites on Google. When they come across a WordPress website, these computers run a program that tests the website for plugins, themes, or an outdated version of WordPress.

If the test reveals that there are components on your website that contain vulnerabilities, the program will attempt a series of known attack methods specific to that particular plugin, theme, or WordPress version. If one of the thousand attempts is successful, the program will place advertisements on your website.

These advertisements are often illegal or unwanted and deviate significantly from the intended purpose of your website.

Google recognizes illegal/unwanted information and has a policy to block websites with such information from AdWords and the Google search engine.

Point 2: How does the policy work?

The policy is designed to ensure that visitors to your website find the information they were searching for on Google. In short, any inappropriate or illegal information that is displayed violates the policy.

The AdWords scanner checks millions of websites every hour that advertise in order to maintain the quality of advertisements for search results on Google and for ads shown on websites.

Point 3: Re-enabling AdWords campaigns

The only way to re-enable AdWords is by removing the false/illegal information.

Afterward, it may be necessary to have the site checked (which you can do through Google’s Webmaster Tools).

Point 4: Preventing it from happening again

With the previously mentioned injection of false advertising, the program also inserts so-called “backdoors.” These backdoors allow a script to automatically reintroduce the advertising if it has been removed. To prevent it from happening again, you not only need to remove the false advertising but also locate and remove the “backdoor.” This is often a piece of code spread among the files of your website.

WPbeveiligen specializes in removing unwanted advertisements. We also identify and remove the backdoors, after which we implement and configure security measures to prevent it from happening again.

With the active maintenance and security services we provide, you can be assured that your website will no longer experience blocked AdWords campaigns due to policy violations.

90% WordPress sites infected undetected

/0 Comments/in

90% of all WordPress websites are infected with malware without you knowing it.

Here are 5 reasons why WordPress sites are infected unnoticed:

  1. Malware is hidden from server security
    That’s the trick of hacking scripts – they place malware on your website that operates stealthily and goes unnoticed by the server’s security measures. One way this works is by externally loading scripts and encoding the code.
  2. Do you know what malware is, or base64 encoding? How cookies are used to display/hide the malware? Chances are you don’t know what server malware, viruses, scripts, base64 encoding, and cookies do. That’s why you can’t tell when your website is infected (unless you, like us, secure and restore websites five days a week).
  3. You don’t expect hackers to target your website
    A hacker won’t personally target your website but has written a script that tests and infects thousands of websites per hour. It’s all automated. Every website found on Google is a potential target, regardless of its size.
  4. The ad is only visible once… to you!
    The aforementioned cookies ensure that ads are shown only once or that visitors are redirected once. So, the second time you visit the website, you think everything is fine. But every new visitor still sees the ads.
  5. You trust your web administrator, your hosting provider
    Bad news: 70% of web administrators cannot completely remove malware, let alone detect it!

Pure scare tactics! Marketing!

No, unfortunately, it’s not just a strong story. The above five reasons are daily realities. There is a significant amount of internet crime because WordPress, plugins, and themes are used globally. Clever hackers who want to make money create malware in Russia or China, which works just as well here and spreads from server to server.

What you can do to prevent and detect malware

Still a bit of advertising

We manage WordPress websites for many businesses that value security. We provide preventive security, maintenance, monitoring, backups, and more! Everything to ensure that your site is free from malware or to prevent future infections.

We can do the same for you!
Sign up your website!

Prevent your e-mail from getting into the spam folder with SPF

/0 Comments/in

SPF stands for Sender Policy Framework and is a protocol that determines whether the sender of an email is authorized to send messages from a specific mail server. The main purpose of SPF records is to prevent spam, but more importantly for you:

The SPF record informs other internet services that your email truly originates from your website, preventing your emails from being filtered into the spam folder!

Where can you add the SPF record?

dns example

You need to add the SPF record at your web host. When registering your domain name, you should have received login credentials from your web host that allow you to modify the DNS settings of your domain name.

The structure of an SPF record

First, you need to indicate that the record is an SPF record by adding the following:

v=spf1
This tells the DNS which version of SPF you are using, which is important for reading the SPF record.

Next, you specify when an SPF is valid:

all for all outgoing mail servers.
a If the sender’s IP address matches the IP address (A record) of the domain.
mx When the mx record matches the SPF address.
ip4 & ip6 When the mail is sent, it is transmitted via IP addresses (of your domain).

Okay, there are many possibilities, what is common?

v=spf1 a mx ptr ip4:123.456.789.000 mx:yourdomain.com include:_spf.google.com include:_spf.hotmail.com ~all

Note: Choose TXT as the record type and replace the crossed-out information with the IP address of your own server/website and your own domain name.

example dns spf