November 2017
M T W T F S S
« Dec    
 12345
6789101112
13141516171819
20212223242526
27282930  
BC Website Designer Canada - Freelance Web Development, Vancouver, BC - 778-848-7950

Chris

Sell My Diamonds – wp-admin htpasswd lock, wordpress security, and the importance of maintenance.

2015-10-22 04_22_05-Sell Diamonds, Gold, or Jewelry - Vancouver, BC, CanadaSo, I’ve been looking after a suite of websites for the last year, optimizing them for top SEO results and securing them against potential hackers. When I first landed this gig, I noticed that they had some embedded links that were invisible on the page – their theme had been hacked as the site had not been updated in quite some time – The original version of their site was practically irretrievable, as core, plugin, and theme files for WordPress had been altered. Rather than try to weed out the potential malware, I rebuilt the site using more effective plugins, and then secured it using Wordfence Security, and an .htpassword file system lockout.

The htpassword lock can’t just be set through the file manager in cpanel, as the .htaccess that goes with it essentially breaks the wp-admin area, by denying access to admin-ajax.php – the following code in .htaccess allows you to use this method to add a secondary login, and prevents index listing.

ErrorDocument 401 “Denied”
ErrorDocument 403 “Denied”

# Allow plugin access to admin-ajax.php around password protection

Order allow,deny
Allow from all
Satisfy any

# Prevents directory listing
IndexIgnore *

AuthType Basic
AuthName “nohacks”
AuthUserFile “(path to password file)”
require valid-user

I often tell people how critical it is to keep your site up to date – this is a good example of what can happen if you neglect maintenance. The site had lost all relevance to google, as it had been used to link (invisibly) to spammy product sites. After repairing it, and improving on it’s organic SEO, it was a battle to remove both inbound and outbound links that were not relevant to it. Google webmaster tools allowed me to remove the offending links in many cases, and the results started to improve – dramatically.

At the time of this posting, the site is listed at #3 out of 23,000,000 results locally. Not bad, we had #1 for a while, but are up against companies with a larger budget.

You can visit the site at Sell Diamonds Vancouver

A Simple Fix for WP Responsive Grid

This plugin is great, it styles your Native WordPress Gallery as a google styled responsive grid… I love it, I use it a lot, but it has one issue that has to be worked around in many themes. It picks up the CSS margin styling of the theme it is running in.

What needs to be done is a simple tweak to your theme’s CSS.

Embed an image on a wordpress page. Right click that image and open the inspector. Find your root elements using the inspector built into firefox or chrome, in many CSS files this is #main or something similar.

We will refer to this base element (which is the sheet’s overall width) as .main_width

the rule then should look like this:

.main_width img{margin:0 !important;}

Alternatively, you could put the gallery in an identified div, such as #Gridfix and add this to your gallery post:

<div id=”Gridfix”>[gallery]</div>

and this to your CSS file:

#Gridfix img {margin:0 !important;}

hopefully this will help a few people searching for the reason why their grid looks all messed up 😀 Happy Coding!

Heartbleed. What does this mean?!

Heartbleed is a software bug in the open-source cryptography library OpenSSL, which allows an attacker to read the memory of the host computer (for example, a Web server), allowing them to retrieve potentially privacy-sensitive data.

excerpt from http://en.wikipedia.org/wiki/Heartbleed_bug

heartbleedThe bad news is, some very popular and high level sites have had password information compromised, including gmail, facebook, and so on. As a precaution it would be wise to change passwords on any of these sites that have already fixed the bug.

There is no good news really, aside from the simple fact that my clients were not affected. Fortunately, the heartbeat port on our server was inactive, and we were not susceptible to this particular bug.

Want to test your server? Try this: heartbleed server test

 

Sign Shop New Westminster

Sign Manufacturinghttp://signshopbc.ca – Sign Manufacturing Company
So we’re starting up another round of SEO optimizations for Sign Shop New Westminster

I’ve found that when I search for ‘sign shop’ when I’m near the shop, on a browser that is not logged in, it shows up as the first unadvertised result, however, the overall PR of the site is low.

So what needs to be done?

Well, to start with, the Alexa pagerank is very low, they have no back-links to speak of yet (aside from this one above)

Google Webmaster Tools and Analytics have now been set up, and will soak up some data over the next week or two – which I can then review to see how well it is ranking for certain search terms. The CTR is very high on the main search terms from what I see so far.

A blog for fresh content will help both his clients and his own website rank better, as he can post about his new clients, giving/trading them backlinks, and also referring to his own site with helpful anchor text. Google loves fresh content.

The headings and content are pretty solid. I think the titles and meta descriptions could use a little tweaking.

One major factor I’m not yet seeing, is a Google places listing. As the advertisements and Google places show up first in the results, this will help with localization.

Vancouver Web Design

I’ve been quite busy lately, with a few new web design projects from Vancouver, BC.

We recently developed an interesting modification of the WP e-commerce module for SEO reasons, removing the top level slug “product-page” from the URLs of a shop, so that we could simply create a category/subcategory hierarchy.  Alongside several other modules, this has created a pretty impressive full featured e-commerce shop with WordPress.

The project was migration from a Magento based solution which was difficult to update and improve upon – some aspects of the upgrade via magento were virtually impossible for a number of reasons.  Canonical URLs in Magento product pages can be a serious problem when trying to create a proper hierarchical structure – they follow one of two rules, the long path, or the short one.

Unfortunately, we were after a different structure, and could not find an adequate solution for this under Magento.

So, after a brief pause to consider the options, and realizing that since the shop needed to be integrated with WordPress anyway, I turned my efforts to finding a solution that would be entirely WP based, and therefore much simpler to update and control.

After a trial run with MarketPress, and finding that this one would not create a proper URL hierarchy – I opted for WP e-commerce.  Here’s the thing – these two plugins are practically indistinguishable in many ways, and must have been based on the same source code at one point.  MarketPress however, was extremely restrictive, only allowing certain payment and shipping options unless you purchase the full version.

WP e-commerce also has it’s *buy my stuff* moments, specifically the product grid layout.  However, there is a plugin that works nicely to enable the grid layouts in this plugin without having to run out and buy it.  With a few minor adjustments to the template files, CSS and WP e-commerce’s options, this looks great.

The next step: Optimized image locations.  Both of the plugins listed above rely on WP’s custom post types to create product pages.  The products get their images from the featured image of the post – So, using the WordPress media uploader is not the ideal method for this, as it will store your images in /wp-content/uploads

I had to make some serious modifications to the templates, and use some extra metadata to code a new multiple product image function for the system which uses the correct SEO paths, but at long last – it’s done!

Pinnacle Lists

Massive WordPress translation from – still not sure.

custom CSS divs in header, homepage body, and footer.

jQuery slideshow based on NIVO slider.

custom widget images and linkage.

entirely designed from a set of 750px width images, globally increased width to the customary 960.

35 pages, a dozen PSD files, and 10 blog posts imported.

redirection plugin and SEO modules implemented.

 

Opticalnow

Canada’s Contact Lens Company

Zen Cart eCommerce system developed for contact lens sales.

jQuery slideshow

lightbox image displays

Ajax powered product menu

In depth attribute system for selecting prescription information.

Futurists

theFUTURISTS 2

theFuturists

WordPress based

Premium theme debugged

Event management system and calendar

YouTube slideshow

Optiontree plugin customized to add secondary slideshow

Article organization

Author profiles