7 WordPress Plug-Ins Guaranteed to Boost SEO Big Time

WordPress continues to be the most predominant web publishing platform around, and the many years it’s had that title is a testament to just how intuitive, versatile, and capable it is for taking your content and making it presentable on the web. The old adage ‘if it ain’t broke don’t fix it’ certainly applies, and while WordPress is elementally the same as it was when first rolled out in 2003.

Here at 4GoodHosting, we’ve always had a front row view of just how well embraced WordPress is in the digital world, and in addition to be a quality Canadian web hosting provider we also try to have our thumb on the pulse of as many aspects of the industry as we can. Page rankings are going to be important for anyone who’s on the web for commercial or promotional purposes. In fact, 61% of marketers say improving SEO and growing their organic presence is their number one priority.

So this week we’re going to share a handful of WordPress plug-ins that are a breeze to install and will serve to improve your site SEO.

  1. Yoast SEO Plugin for WordPress

Feel free to regard Yoast as the Maserati of SEO plugins. It’s usually the first one that will be recommended by an experienced marketer. It is incredibly easy to use and can help you optimize multiple aspects of your WordPress site, addressing and optimizing your URL, meta description, chosen tags, keyword density, internal and external links, and content readability.

It works by first selecting a focus keyword. Next, it will analyze your SEO and provide recommendations on where improvements could be made. Green indicates you’re good as is, orange means your page needs some work, and red means you need to start from scratch as there’s multiple deficiencies. Yoast will then serve up specific actions you can choose to move ‘up’ in the colour spectrum.

Even if you’re decidedly technically inept, you’ll likely have your SEO amped right up with this plugin.

  1. All in One SEO Pack

Yoast definitely takes top spot, but this is quite likely the second best overall SEO plugin (plus the 3+ million installs to date suggest it’s effective). All in One SEO pack was first developed in 2007 and has evolved over the past 10 years to meet the majority of demands today’s SEO marketers tend to have.

All in One SEO Pack includes robust features such as:

  • Automatic meta tag generation
  • Title optimization
  • XML sitemap support for a site that’s more readable to search engines
  • Prevention of duplicate content being created

Essentially, it addresses all of the major elements of effective SEO and – like Yoast – it works with WordPress like a charm.

  1. SEOPressor

SEOPressor also gets high marks from us. This plugin works under the same premise as Yoast and the All in One SEO Pack, delivering comprehensive on-page SEO analysis, as well as providing tips for improvements.

SEOPressor is great as an ‘insta-advisor’, helping you make ideal small tweaks and adjustments that will boost your overall SEO quality. Also, like the preceding two, you don’t need to be anything of a ‘computer whiz’ to get installed and going to work for you.

  1. SEO SQUIRRLY

When top SEO experts like Neil Patel of Kissmetrics and Brian Dean of Backlinko endorse a plug-in, you can A) know it’s good stuff, and B) trust it’s been designed for non-SEO experts.

How SEO SQUIRRLY differs from other plug-ins is that it puts an emphasis on helping you create content that’s designed equally for both search engines and human readers. The importance of this is in the fact that Google places a strong emphasis on positive user experience when orienting their ever-changing algorithms.

SEO SQUIRRL helps you find great keywords, analyzes your articles, offers advice on how to resolve issues, and helps you optimize your content for human consumption, plus it generates an XML sitemap for Google and Bing

  1. SEO Optimized Images

Image optimization is typically a lesser consideration for your WordPress-based site, yet it’s a critical aspect of SEO, and that’s often overlooked. It’s important to ensure that search engines are able to understand the content within your images.

SEO Optimized Images is a WordPress plug-in that makes it easy for inserting SEO-friendly alt attributes dynamically, along with adding valuable title attributes to your images. Long story short, it streamlines the often-laborious process of optimizing the website’s content.

  1. SEO Post Content Links

Any reputable and experienced SEO marketer will tell you that internal linking is of paramount importance for creating a strong link profile. This serves to create better indexing in search engines, it points visitors to other helpful content they may be interested in, which can increase the average amount of time spent on your site.

This is a plugin that takes the guesswork out of internal link building and streamlines the process very impressively. Further, SEO Post Content Links also helps you create proper anchor text that matches current best practices.

  1. SEO Internal Links

Here’s another plugin that’s proven effective for optimizing your site’s internal link structure. Directly from its WordPress description, SEO Internal Links ‘can automatically link keywords and phrases in your posts and comments with corresponding posts, pages, categories, and tags on your blog.’ Enough said? Very likely. SEO internal links is ideal for anyone who’s not so savvy with linking or having a sound understanding of the value of linking and indexing for the website.

In a nutshell, SEO internal links is a convenient way to create internal links, while at the same time avoiding black hat SEO practices that could backfire on you big time should you choose to employ them. Quite plainly, don’t. The damage you can to your site’s credibility in the eyes of the search engine bots isn’t worth the benefits you may get, not at all.

Here’s to you trying one or more and seeing your SEO get a much-needed push up the hill!

Domain Extensions and SEO Impact

Before any website makes its way up onto the information superhighway, the domain name attached to it must be registered with a hosting provider. Here at 4GoodHosting, we’re a top Canadian web hosting provider among many and we can certainly take care of that basic and straightforward formality for you. What we’re going to discuss today, however, is the way that your domain name’s extension (.com being the most common) can have direct and measureable results on your SEO, and search engine ranking more specifically.

Let’s review the basics briefly; a domain name is a unique internet address that is made up of a name and extension (such as .com, .ca etc.). This extension is also referred to as a Top Level Domain (TLD) and it is the most relevant part of your domain name. We’ll move now to putting you in the know with factors that influence choosing the right domain extension and how it dictates your SEO rankings in a significant way.

Various Types of TLDs

In the infancy days of the Web, domain extensions were initially introduced to facilitate browsing across different domains. There were 6 general top-level domains (gTLDs) marketed to folks looking to get themselves up and running, and we saw different domain extension for different types of organizations. Some may be surprised to learn that the .com extension was actually introduced for websites for commercial purposes, and has nothing to do with the term computer.

Much more common nowadays are domain extensions with a country code, also known as country code Top Level Domains (ccTLD). These took off between 1985 and 1990, and examples of these types website name domains are .ca for Canada, .kr for South Korea (who have the fastest internet speeds in the world) .in for India, .co.uk for the United Kingdom, etc.

1998 saw the creation of the Internet Corporation for Assigned Names and Numbers (ICANN), an international nonprofit organization designed to keep the Internet secure and stable. New gTLDs were released in 2001, including .info and .pro, designed for informational websites or those representing certified professionals.

The number of domain extensions has quickly expanded since. There are now even domain extensions that utilize Arabic characters instead of the usual Latin characters. A complete list of all extensions (with Latin characters) can be referenced at the Internet Assigned Numbers Authority (IANA) website.

Specific SEO Benefits for Each Domain Extension

  • Country code Top Level Domain

Advantages

A ccTLD provides Google with the strongest and clearest indication of where a website originates. Provided all other SEO factors are equal, the ‘example.com’ website will be better ranked by Google than an ‘example.ca’ or ‘example.co.kr’.

Disadvantages

The primary disadvantage of a ccTLD is that you will be required to purchase a new extension for each language, which will add to the cost quite considerably. Further, Google’s crawlers (aka ‘bots’) do not recognize multiple websites as one website because they have different extensions. Each website must develop its own authority.

By authority we mean the value that Google assigns to a website. More authority results in Google’s bots staying on the website for a longer period of time and indexing deeper pages of the site. This of course is very beneficial for SEO. Higher authority leads to a greater likelihood that your site will rank high on Google’s SERPS (search engine results pages). There are other factors that determine how well a website performs in this regard, and in fact Google uses more than 200 signals to determine which results are most relevant.

  • Generic Top Level Domain

Generic domain names are increasingly popular these days, with examples like .pizza, .amsterdam and .club, websites that distinguish the nature of the business or venture very explicitly. People continue to speculate about the advantages and disadvantages of these new extensions as they relate to search engine rankings. Google has shared that the new TLDs are not more likely to score high with Google than older TLDs or ccTLDs. However, there are several examples that suggest otherwise, at least to some extent.

Coffee.club is one of them. It climbed to the first page in Google US search results within the span of a week. That’s worth taking note of, as it takes a lot of time to get to the first page on Google US, and that can be true even if you’ve built up plenty of authority.

Coffee.club was purchased in November 2014 and received several links from authoritative websites that announced the transaction. The backlinks had 80% of ‘coffee.club’ as clickable text, and one week after the launch the website was already on the first SERP for the term ‘coffee club’. We can understand that when a gTLD (in part) matches a keyword you want to match in Google, it counts only links with the domain name in the clickable text.

Simply, ‘coffee.club’ is interpreted by Google to be “coffee club”. In such instances a TLD with a relevant keyword will indeed have an SEO advantage over a traditional TLD like those ending with a .com.

Google still insists that there is no advantage or disadvantage to having a new gTLD, stating that each gTLD has the same opportunity to rank well. With a gTLD, it is possible to specify which country the website is intended to serve within the Google Search Console. This of course is done via international targeting, but keep in mind that when you expand your website with a different language you must adjust or disable international targeting.

Choosing the most appropriate domain extension

Your best choice for a TLD will depend on a number of factors. Want to score well on Google.com? Then you’ll be best served by choosing the overall top level domain, a .com. Conversely, if you only sell products in Canada, you’ll be wise to choose the .ca extension. Google will then recognize that your website is intended for the Canadian market and that your aim is to score better on Google.ca.

It continues to be that SEO is often not taken into account when people are weighing which TLD extensions is best for them. For example, there are websites that buy a ccTLD so the website has a nice name and is easy to remember. For example, ‘autorepair.ca’ may seem like the ideal choice for the nature of your business, but it’s probably not going to score well on Google.com. This is because you indicate to Google with the .ca extension that your website is taking aim at the Canadian market explicitly.

When your website is in fact targeted to a specific country, though, it is advisable to choose the ccTLD of that country. In this case, you may need to purchase a new domain with another TLD at any international expansion. The country-specific nature of the ccTLD will definitely have a positive impact on your search engine results.

When you go with a gTLD, Google will not see it as a .com, .pizza, or .whateveritmaybe. GTLDs have as much chance to score well and as a result do not affect SEO status of your website. And yet, even while Google insists on the validity of that, there are cases like those coffee.club mentioned above that show that links with only the domain name in the clickable text are counted in Google search results. This is the case when a gTLD will create a partial match with a keyword you want to match.

The important thing to keep in mind when using a gTLD is that you communicate this choice to the consumer. Consumers will often undertake searches including the domain extension in the search terms. If you choose a gTLD, make sure that you make that fact very clear to your target audience, and that’s most commonly done by presenting your company name WITH the extension attached in Headers or any other component of the communication piece that will be visually grabbing and readily identified

Also – last but not least – go into your Google Search Console and make sure to set the international targeting to the right country.

One Play Ahead: Trends for Web & App Hosting

A big part of what makes an elite offensive player who he is on the ice is the ability to think the game one-play ahead. Gretzky was less concerned with where the puck was and more with where it was going to be next, along with knowing exactly what he’d do with it once the puck was on his stick. Here at 4GoodHosting, we’re a top Canadian web hosting provider who similarly likes to look ahead at trends is the web and app hosting world that will dictate how we should adapt to best serve our customers.

This blog post is based on data from a comprehensive report from 451 Research, and it gives significant insight on where the marketplace should be within 2+ years. It highlights in particular the meteoric rise in demand for managed web hosting in Canada, and how growth for web and application hosting has slowed predictably in recent years.

That’s not necessarily cause for alarm, though – it just means the plays are slower to develop now. Technology is evolving. All you have to do is take the pulse of your own web or app hosting business. Workloads tend to be moving out of the web and app hosting category, and that’s true of some products as well.

Many are responding by shuffling the IT services deck for data-gathering purposes. More and more service providers are specializing, serving a narrower or niche target market. New service categories are emerging, and we realize that we need to analyze the user preferences of our customers very insightfully right now to see where we can best put the bulk of our services technology to work for you.

Here are the numbers of the report, with three statistical predictions:

  1. As a category, web and app hosting will grow from $18.2 billion in 2015 to $25.8 billion by 2019.
  2. Total hosting revenue will increase at an annualized rate of 15.5%. What’s interesting is that the “balance of power” in terms of revenue drivers has shifted. Managed hosting is growing at a far faster rate than web/app hosting.

Here’s how that 15.5% breaks down:

  • Dedicated hosting should grow about 5.7% per year
  • Shared hosting should grow about 10.4% per year
  • Managed hosting should about 18.7% per year
  1. In market share:
  • Web/app hosting will drop from 36.8% to 28.5%
  • Managed hosting will increase a mammoth 71.5%

Promoted Changes

The evolution of technology has changed the way every business competes. There have been discernible shifts in the way customers function and think about IT, and it necessitates changes to the way folks like us will approach our future moves regarding web and app hosting.

A reduced number of workloads need to be managed as part of service delivery. Internet-based infrastructure is increasingly common these days, and ever greater numbers of enterprise workloads exist in hosted environments. IAAS is gaining a lot of ground with web masters whose workloads previously existed as a dedicated hosting environment or VPS.

Further, certain environments are now considered to be part of managed hosting. Increasing modularity of managed services means more versatility, and it’s timely for a widening range of infrastructure types and applications.

Constant Change

Identifying and understanding trends is a must for hosting providers. As a business in this industry you need to keep your feet moving and have your head on a swivel, again like your anticipating where the play is going and the puck is going to be.

Customers are going to be struggling to find these new IT solutions for their businesses, and we imagine every reputable Canadian web hosting provider is going to be very proactive in responding to the new industry realities.

Promising Predictions

The ever-constant growth of the web for business continues to steam ahead as a whole. 451 Research volunteers that the sector should see an additional $7.5B in revenue each of the next few years. That’s a large pie to be pieced, but those who want a little more of it will have to reinvent their business model and very likely the marketing strategy that goes along with it.

Continued growth for web and app hosting will primarily come from 2 sources:

  • Adding new subscribers to grow your customer base
  • Adding new services you can sell to existing customers

The Appeal of Hybrid Cloud Hosting

Most of you will need no introduction to the functionality and application of cloud computing, but those of who aren’t loaded with insight into the ins and outs of web hosting may be less familiar with cloud hosting and what makes it significantly different from standard web hosting. Fewer still will likely know of hybrid hosting and the way it’s made significant inroads into the hosting market with very specific appeals for certain web users with business and / or management interests.

Here at 4GoodHosting, we’ve done well establishing ourselves as a quality Canadian web hosting provider, and a part of what’s allowed us to do that is by having our thumb on the pulse of our industry and sharing those developments with our customers in language they can understand. Hybrid hosting may well be a good fit for you, and as such we’re happy to share what we know regarding it.

If we had to give a brief overview of it, we’d say that hybrid hosting is meant for site owners that want the highest level of data security along with the economic benefits of the public cloud. Privacy continues to be of a primary importance, but the mix of public and private cloud environments and the specific security, storage, and / or computing capacities that come along with the pairing are very appealing.

What Exactly is the Hybrid Cloud?

This combination of private and public cloud services communicate via encrypted technology that allows for data and / or app portability, consisting of three individual parts; the public cloud / the private cloud / a cloud service and management platform.

Both the public and private clouds are independent elements, allowing you to store and protect your data in your private cloud while employing all of the advanced computing resources of the public cloud. To summarize, it’s a very beneficial arrangement where your data is especially secure but you’re still able to bring in all the advanced functionality and streamlining of processes that come with cloud computing.

If you have no concerns regarding the security of your data, you are; a) lucky, and b) likely to be quite fine with a standard cloud hosting arrangement.

If that’s not you, read on…

The Benefits of Hybrid Clouds

One of the big pluses for hybrid cloud hosting is being able to keep your private data private in an on-prem, easily accessible private infrastructure, which means you don’t need to push all your information through the public Internet, yet you’re still able to utilize the economical resources of the public cloud.

Further, hybrid hosting allows you to leverage the flexibility of the cloud, taking advantage of computing resources only as needed, and – most relevantly – also without offloading ALL your data to a 3rd-party datacenter. You’re still in possession of an infrastructure to support your work and development on site, but when that workload exceeds the capacity of your private cloud, you’re still in good hands via the failover safety net that the public cloud provides.

Utilizing a hybrid cloud can be especially appealing for small and medium-sized business offices, with an ability to keep company systems like CRMS, scheduling tools, and messaging portals plus fax machines, security cameras, and other security / safety fixtures like smoke or carbon monoxide detectors connected and working together as needed without the same risk of web-connection hardware failure or security compromise.

The Drawbacks of Hybrid Clouds

The opposite side of the hybrid cloud pros and cons is that it can be something of a demanding task to maintain and manage such a massive, complex, and expensive infrastructure. Assembling your hybrid cloud can also cost a pretty penny, so it should only be considered if it promises to be REALLY beneficial for you, and keep in mind as well that hybrid hosting is also less than ideal in instances where data transport on both ends is sensitive to latency, which of course makes offloading to the cloud impractical for the most part.

Good Fits for Hybrid Clouds

It tends to be a more suitable fit for businesses that have an emphasis on security, or others with extensive and unique physical data needs. Here’s a list of a few sectors, industries, and markets that have been eagerly embracing the hybrid cloud model:

  • Finance sector – the appeal for them is in the decreased on-site physical storage needs and lowered latency
  • Healthcare industry – often to overcome regulatory hurdles put in place by compliance agencies
  • Law firms – protecting against data loss and security breaches
  • Retail market – for handling compute-heavy analytics data tasks

We’re fortunate that these types of technologies continue to evolve as they have, especially considering the ever-growing predominance of web-based business and communication infrastructures in our lives and the data storage demands and security breach risks that go along with them.

3 Years Left: Flash’s Shelf Life Drawing to a Close in 2020

Video content has become so standard in every aspect of the digital world, from news to sports to commercial videos for business and many more examples of where you’ve been able to watch video from your computer or smartphone over the last nearly 20 years in much the same way you were only able to do so with a TV prior to that. Behind that capability was Adobe, and their much-heralded and long-ubiquitous Flash plug-in multimedia player. It’s been a staple for pretty much every device since it emerged in the late 1990s, but now it seems it seems its working life is drawing to a close.

Here at 4GoodHosting, we take pride in being a top Canadian web hosting provider and we believe that a small part of what gives us that distinction is in being in touch with all the reaches of the industry within which we operate. Given that dynamic multimedia content delivery is an important component of many of the websites we host, we feel this is a relevant topic for our blog this week.

Adobe has announced that it will stop updating and distributing Flash by the end of 2020. That’s right, the 2-decade long reign of the most commonplace media player will finally come to an end. Until that time, Adobe will continue to partner with Apple, Mozilla, Microsoft, and Google to offer security updates – including patches – in their browsers but no new Flash features will be forthcoming. The 20 year run as the undisputed ‘go-to’ guy for video within web browsers has been an impressive one, but one can’t deny that Flash and its more outdated versions have become prime targets for hackers because of the extent of its distribution and inherent security vulnerabilities which unfortunately allowed intrusion far too easily very often.

Flash’s Legacy

As mentioned, Flash emerged in the late 1990s, and its popularity was firmly cemented with Microsoft’s Internet Explorer becoming the default browser in Windows. Quickly leaving low resolution GIFs or blinking text behind, Flash allowed designers and developers to make web-based video, and animated, interactive content that could play on any computer or within any browser. Flash has been a website thoroughbred ever since, making it easy to play online games, stream radio station music and – perhaps most importantly for many of us – watch YouTube videos. It has also let people build features like photo galleries, and allowed a whole array of multimedia applications to be implemented, like using webcams for video chat!

So while it is indeed on its way out, we should celebrate Flash’s legacy, and that being one of a profound and positive impact on further creative content initiatives on the web in an era where content had become king.

A Slow, Lengthy Demise

Flash loaded content in a web browser and ensured that the content looks and behaves identically for anyone who loads it, independent of what type of browser or computer they were using to access it. Nowadays, however, we’re fortunate to have advancing technologies that are capable of running natively in web browsers. Having unilateral and wide-sweeping plug-in requirements has become a liability.

The earliest sign that Flash was inevitably going to be phased out came in 2004, when Mozilla, Apple and Opera Software came together to form a group promoting advance core technologies for HTML that would consolidate the building of websites. They wanted industry standards as opposed to proprietary softwares, but the world web consortium didn’t give them much of an audience.

The first death knell really came in 2007, when Apple decided not to support Flash in the newly introduced iPhone. Mobile web was rising to prominence and the fifth version of HTML was promising to replace some of the functionality Flash provided, and as a result developers began moving away from Flash and toward HTML5 and JavaScript.

Indeed, it wasn’t long before HTML5 became the new standard. Rather than use Flash, Apple adopted HTML5, CSS and JavaScript due to the fact that all were open standards that web browsers could build on. Flash still remained integral to the web and was used to create native apps for iOS, but here ten years later even video streaming sites such as YouTube, Dailymotion and Vimeo have made HTML5 their default video player.

What To Expect in 3 Years?

Safari: Apple’s Safari has blocked Flash from running since 2016, but it’s possible to re-enable it on websites that offer a download of Flash.

Chrome: Chrome began asking permission to run Flash on some websites since 2015, and it’ll likely continue to do so, perhaps even more frequently. From the close of 2016, Flash is allowed by default on 10 websites only, including its own YouTube, Facebook, Twitter and Amazon. It’s stated it will disable Flash by default come 2019.

Firefox: This browser will ask you specifically regarding the sites for which you want to enable Flash, but it will also disable Flash altogether by default in 2019. There will, however, be lingering support in Firefox’s Extended Support Release through the end of 2020.

Edge: Microsoft’s newer browser uses a click-to-play option for when you want to run Flash on a website, and this will continue through mid-2018. Following that Edge will be more aggressive about requiring you to authorize Flash, plus in 2019 Microsoft will disable Flash by default, and disable it entirely by the end of 2020.

Facebook: Facebook is home to a large number of Flash-based games, including FarmVille and Words with Friends, which will continue to run on Facebook via Flash until the end of 2020. Nothing more is known regarding this at this time.

The folks at Adobe, meanwhile, have renamed the software for making Flash – Flash Professional CC – to Animate CC, which will be, according to them, the “premier web animation tool for developing HTML5 content.” Adobe is also strongly suggesting that developers migrate their content to open formats like HTML5, WebGL and WebAssembly.

HTML5 has slowly and surely replaced Flash Player as a viable alternative for delivering content on the web. Most browser vendors have integrated functionalities once provided by plugins now directly integrated into the browsers themselves, and with HTML5 built into most of the big name browsers already there is the convenience of no need to install anything to use it.

In the big picture of things, no one should be too distraught over the demise of Flash. Instead we should be eager to see how Adobe plans to usher in the next era of digital content creation.

Seven Steps to a Reliably Secure Server

In a follow up to last week’s blog post where we talked about how experts expect an increase in DDoS attacks this year, it makes sense for us to this week provide some tips on the best way to secure a server. Here at 4GoodHosting, in addition to being a good Canadian web hosting provider we also try to take an interest in the well being of clients of ours who are in business online. Obviously, the premise of any external threat taking them offline for an extended period of time will endanger the livelihood of their business, and as such we hope these discussions will prove valuable.

Every day we’re presented with new reports of hacks and data breaches causing very unwelcome disruptions for businesses and users alike. Web servers tend to be vulnerable to security threats and need to be protected from intrusions, hacking attempts, viruses and other malicious attacks, but there’s no replacing a secure server with its role for a business that operates online and engages in network transactions.

They tend to be the target because they are many times all too penetrable for hackers, and add to that the fact they’re known to contain valuable information. As a result, taking proper measures to ensure you have a secure server is as vital as securing the website, web application, and of course the network around it.

Your first decisions to evaluate are the server, OS and web server you’ll choose to collectively function as server you hope will be secure, and then the kind of services that run on it. No matter which particular web server software and operating system you choose to run, you must take certain measures to increase your server security. For starters, everyone will need to review and configure every aspect of your server in order to secure it.

It’s best to maintain a multi-faceted approach that offers in-depth security because each security measure implemented stacks an additional layer of defence. The following is a list we’ve assembled from many different discussion with web development and security experts that individually and collectively will help strengthen your web server security and guard against cyberattacks, stopping them essentially before they even have the chance to get ‘inside’ and wreak havoc.

Let’s begin;

  1. 1. Automated Security Updates

Unfortunately, most vulnerabilities come with a zero-day status. Before you know it a public vulnerability can be utilized to create a malicious automated exploit. Your best defence is to keep an eye ALWAYS on the ball when it comes to receiving security updates and having them put into place. Now of course your eye isn’t available 24/7, but you can and should be applying automatic security updates and security patches as soon as they are available through the system’s package manager. If automated updates aren’t available, you need to find a better system – pronto.

  1. Review Server Status and Server Security

Being able to quickly review the status of your server and check whether there are any problems originating from CPU, RAM, disk usage, running processes and other metrics will often help pinpoint server security issues with the server in a much faster period of time. In addition, ubiquitous command line tools can also review the server status. Each of your network services logs, database logs, and site access logs (Microsoft SQL Server, MySQL, Oracle) present in a web server are best stored in a segregated area and checked with regularity. Be on the lookout for strange log entries. Should your server be compromised, having a reliable alerting and server monitoring system standing guard will prevent the problem from snowballing and allow you to take strategic reactive measures.

  1. Perimeter Security With Firewalls

Seeing to it you have a secure server means involves the installation of security applications like border routers and firewalls ready and proven effective for filtering known threats, automated attacks, malicious traffic, DDoS filters, and bogon IPs, plus any untrusted networks. A local firewall will be able to actively monitor for attacks like port scans and SSH password guessing and effectively neutralize their threat to the firewall. Further, a web application firewall helps to filter incoming web page requests that are made for the explicit purpose of breaking or compromising a website.

  1. Use Scanners and Security Tools

Fortunately, we’ve got many security tools (URL scan, mod security) typically provided with web server software to aid administrators in securing their web server installations. Yes, configuring these tools can be a laborious process and time consuming as well – particularly with custom web applications – but the benefit is that they add an extra layer of security and give you serious reassurances.

Scanners can help automate the process of running advanced security checks against the open ports and network services to ensure your server and web applications are secure. It most commonly will check for SQL injection, web server configuration problems, cross site scripting, and other security vulnerabilities. You can even get scanners that can automatically audit shopping carts, forms, dynamic web content and other web applications and then provide detailed reports regarding their detection of existing vulnerabilities. These are highly recommended.

  1. Remove Unnecessary Services

Typical default operating system installations and network configurations (Remote Registry Services, Print Server Service, RAS) will not be secure. Ports are left vulnerable to abuse with larger numbers of services running on an operating system. It’s therefore advisable to switch off all unnecessary services and then disable them. As an added bonus, you’ll be boosting your server performance by doing this with a freeing of hardware resources.

  1. Manage Web Application Content

The entirety of your web application or website files and scripts should be stored on a separate drive, away from the operating system, logs and any other system files. By doing so it creates a situation where even if hackers gain access to the web root directory, they’ll have absolutely zero success using any operating system command to take control of your web server.

  1. Permissions and Privileges

File and network services permissions are imperative points for having a secure server, as they help limit any potential damage that may stem from a compromised account. Malicious users can compromise the web server engine and use the account in order to carry out malevolent tasks, most often executing specific files that work to corrupt your data or encrypt it to their specifics. Ideally, file system permissions should be granular. Review your file system permissions on a VERY regular basis to prevent users and services from engaging in unintended actions. In addition, consider removing the “root” account to enable login using SSH and disabling any default account shells that you do not normally choose to access. Make sure to use the least privilege principle to run specific network service, and also be sure to restrict what each user or service can do.

Securing web servers can make it so that corporate data and resources are safe from intrusion or misuse. We’ve clearly established here that it is about people and processes as much as it is about any one security ‘product.’ By incorporating the majority (or ideally all) measures mentioned in this post, you can begin to create a secure server infrastructure that’s supremely effective in supporting web applications and other web services.

IT Security Insiders: Expect an Escalation in DDoS Attacks for Duration of 2017

The long and short of it is that Internet security will always be a forefront topic in this industry. That’s a reflection of both the never-ending importance of keeping data secure given the predominance of e-commerce in the world today and the fact that cyber hackers will never slow in their efforts to get ‘in’ and do harm in the interest of making ill-gotten financial gains for themselves.

So with the understanding that the issue of security / attacks / preventative measures is never going to be moving to the back burner, let’s move forward to discuss what the consensus among web security experts is – namely, that DDoS Attacks are likely to occur at an even higher rate than previously for the remainder of 2017.

Here at 4GoodHosting, in addition to being one of the best web hosting providers in Canada we’re very active in keeping on top of trends in the Web-based business and design worlds. as they tend to have great relevance to our customers. As such, we think this particularly piece of news is worthy of some discussion.

Let’s have at it – why can we expect to see more DDoS attacks this year?

Data ‘Nappers and Ransom Demands

As stated, IT security professionals predict that DDoS attacks will be more numerous and more pronounced in the year ahead, and many have started preparing for attacks that could cause outages worldwide in worst-case scenarios.

One such scenario could be – brace yourselves – a worldwide Internet outage. Before you become overly concerned, however, it would seem that the vast majority of security teams are already taking steps to stay ahead of these threats, with ‘business continuity’ measures increasingly in place to allow continued operation should any worst-case scenario come to fruition.

Further, these same insiders say that the next DDoS attack will be financially motivated. While there are continued discussions about attackers taking aim at nation states, security professionals conversely believe that criminal extortionists are the most likely group to successfully undertake a large-scale DDoS attack against one or more specific organizations.

As an example of this, look no further than the recent developments regarding Apple and their being threatened with widespread wiping of devices by an organization calling itself the ‘Turkish Crime Family’ if the computing mega-company doesn’t cough up $75,000 in cryptocurrency or $100,000 worth of iTunes gift cards.

A recent survey of select e-commerce businesses found that 46% of them expect to be targeted by a DDoS attack over the next 12 months. Should that attack come with a ransom demand like the one above, it may be particularly troublesome for any management group (given the fact that nearly ALL of them will not have the deep pockets that Apple has)

Further, the same study found that a concerning number of security professionals believe their leadership teams would struggle to come up with any other solution than to give in to any ransom demands. As such, having effective protection against ransomware and other dark software threats is as important as it’s ever been.

Undercover Attacks

We need to mention as well that these same security professionals are also worried about the smaller, low-volume DDoS attacks that will less 30 minutes or less. These have come to be classified as ‘Trojan Horse’ DDoS attack, and the problem is that they typically will not be mitigated by most legacy DDoS mitigation solutions. One common ploy used by hackers is to employ a Trojan horse as a distraction mechanism that diverts guard to open up the gates for a separate, larger DDoS attack.

Citing the same survey yet again, fewer than 30% of IT security teams have enough visibility worked into their networks to mitigate attacks that do not exceed 30 minutes in length. Further, there is the possibility of hidden effects of these attacks on their networks, like undetected data theft.

Undetected data theft is almost certainly more of a problem than many are aware – and particularly with the fast-approaching GDPR deadline which will make it so that organizations could be fined up to 4% of global turnover in the event of a major data breach deemed to be ‘sensitive’ by any number of set criteria.

Turning Tide against ISPs

Many expect regulatory pressure to be applied against ISPs that are perceived to be insufficient in protecting their customers against DDoS threats. Of course, there is the question as to whether an ISP is to blame for not mitigating a DDoS attack when it occurs, but again it seems the consensus is that it is, more often that not. This seems to suggest that the majority would find their own security teams to be responsible.

The trend seems to be to blame upstream providers for not being more proactive when it comes to DDoS defense. Many believe the best approach to countering these increasing attacks is to have ISPs that are equipped to defend against DDoS attacks, by both protecting their own networks and offering more comprehensive solutions to their customers via paid-for, managed services that are proven to be effective.

We are definitely sympathetic to anyone who has concerns regarding the possibility of these attacks and how they could lead to serious losses should they be able to wreak havoc and essentially remove the site from the web for extended periods of time. With the news alluded to earlier that there could even be a worldwide Internet outage before long via the new depth and complexity of DDoS attacks, however, it would seem that anyone with an interest in being online for whatever purpose should be concerned as well.

Multiple Domains for the Same Company: Yea, or Nay?

You’ll find many business owners (or their e-commerce shot callers) that are proponents of having multiple domains for a single venture. Others will insist it’s an unnecessary expenditure if you utilize and position for your single domain with maximum effectiveness. For the average person, being able to make the correct determination here may well be beyond what they’re able to objectively determine, so let’s spend a little time this week to help those of you asking ‘is it better to have multiple domains and websites for a business?’

Here at 4GoodHosting, it’s our mix of solid hosting, competitively priced packages, and excellent customer support that makes us a good Canadian web hosting provider, but we feel another aspect that sets us apart is the level of insight we have into our industry and all of the subject offshoots that come from it that will be of interest to our customers.

Having multiple domains means carrying more than one website for the same company. The general logic is that it’s especially wise to do so if you have a product or service that appeals to different audiences. A site that’s tailored to the viewing / interacting / purchasing preferences of each respective target audience. Typically you will aim to customize the messaging, sales content and collaterals, and other marketing strategies so that they’re more likely to be ‘hooks’ for that demographic.

For example, a website for communications professionals will use a different approach than one for a staffing agency, for example, and this means that so a cross-over product (e.g., copy / scan / fax machines) might prove to be challenging to pitch effectively on a single site. It’s in these situations where the business will often consider having 2 (or more) sites with different domains so as to maximize the effectiveness with which they promote themselves to multiple specific buyer demographics.

From the SEO Standpoint Only

Should you take the decidedly narrow view and only consider search engine optimization (SEO), any reputable SEO expert will advise you that multiple domains can hurt your page ranking. That’s because having several keyword-rich domains pointing to your website is of no real specific benefit. SEO is directed towards a single domain name and will be regulated by site popularity, the volume and type of content featured, keywords located in meta and title fields – not to mention whether or not you’re paying or ‘sponsoring’ your spot in the ‘top 4’ at Google. What’s really most beneficial and should take precedence in your decision making process is taking into account the functionality of the site and how it specifically supports your goals. You should determine very specifically what is the exact role of your website (or sites) when choosing to use more than one URL.

Websites that can be identified as serving a simple purpose, like a portfolio of work for example, will be just fine using multiple pages on the same. Or they should be. If the business model is a little bit more multi-leveled, then considering multiple sites is warranted.

But now let’s have a look at where multiple domains for a website are suitable, and where they’re not. But before that let’s take quick stock of 3 considerations many people may overlook when starting to consider multiple domains:

  1. More work – For starters, each of these sites will require unique content, regular updates, and their own specific SEO optimization. You’ll be spending more time seated in front of the screen, for sure.
  2. Increased costs – Unless you’re going to shoulder all of that increased workload on your own, it’s almost certainly going to cost staff time, tech support, and don’t forget that outside vendors are now going to require a pair of paycheques. Yes, there can be economies of scale for hosting and other services to an extent, but that needs to be weighed against the value added to the goals for the sites.
  3. Organization – You’re going to have to do more as regards regular maintenance and content updates, plus you’ll have to ensure your marketing messages are consistent across all platforms, including the websites themselves.

Multiple Domains are Suitable When..

  1. You Have A Single Business with Diverse Audiences

Most people won’t need to be reminded that 1-size does not fit all when it comes to communicating with different audiences online. Each group has its own set of needs and expectations about how products or services fit their needs. When an array of messages is required, separate sites makes it possible to tailor content as well as approach an individual group.

  1. Your Niche Website Is Designed to Showcase a Specialization

Niche websites always tend to more appealing as compared to large, generic ones. Larger are prone to having too much overlap with a competing site, and this diminishes the likelihood of being able to get the value you need from links. Niche sites are ideal for allowing the kind of specialization that makes them helpful with complementing the information (or services) of other sites.

This in turn can support the development of deep, topic-specific content that then works to make your site a valuable (and linkable) resource. That of course goes a LONG way it you getting what you need out of your website

  1. You Have High Turnover

Name changes are more common in certain industries. An accounting or law firm might change associates or partners, adding new names or removing that of a retiree. In addition, if an affiliation exists with a parent company, such as a broker with being part of a larger umbrella of multiple provincial or regional offices, wholesale changes can result from rebranding efforts and the like. In these and other cases, multiple domain names can be helpful in leveraging an established identity or geographic presence.

  1. You’re Visible in Multiple Countries, with Multiple Languages

Those of you doing business in multiple countries might want to consider having separate sites for each geographic location. Localizing the colors, images, and content to match the social and cultural norms will serve to make your site much more user-friendly. Further, matching local preferences and habits can make it so that the URL is easier to find.

Multiple Domains are Less Suitable When..

  1. Your Challenges in Managing Multiple Domain Sites are Primarily SEO related.

When it comes to page rankings, at the most basic level there is zero benefit to having multiple sites, while there very well could be negatives. Garnering bad links to phishing sites is one example, and if it occurs that requires significant technical troubleshooting.

  1. People Are Have Difficulty Finding You

Most people are inclined to look up a company by name, and that means multiple domain names can make it difficult (or confusing) for a prospect or customer to find what they need.

  1. Your Domain is Less Authoritative Due to Name Changes

Frequent changing of one or more of the domain names can hurt the site’s credibility.

  1. Your Related Expenses are Problematic

As mentioned, the time and money that will be required of your for building and maintenance (including troubleshooting) increase in line with the number of sites you’re maintaining.

  1. You’re Experiencing a Diluted identity

Depending on your brand, separating products and services between different sites could undermine the power and market influence of the company.

  1. You’ve Got Merging Issues

Anyone who’s eyeing a possible merge into a single website will need to keep in mind that the migration needs to be done correctly (and that will come with significant expense).

All this said, it’s entirely true that a single website can support multiple product lines and services, but the catch is that it’s got to be decidedly easy to navigate. That needs to be the primary motivation you’ve got to keep at the forefront in your mind, rather than focusing on the ease or low cost of design maintenance.

So, any feedback? Are you a multiple domain holder for your site(s) based on your type of business interests, or the nature of the business itself? Or is a single domain perfectly sufficient for your needs?

Notable Upgrades with Email Hosting on Cpanel and WHS

Being up and open on the information superhighway isn’t a set-it and forget it kind of deal. Every good Canadian web hosting provider will offer their customers what they consider to be the best and most intuitive control panel for site updates when and as needed. Here at 4GoodHosting, we’ve always seen cPanel to be the best choice and recently they’ve made a good thing even better with significant upgrades to their email hosting capacities.

This week let’s talk about some of the awesome features that have been rolled out to make hosting email on a cPanel & WHM server a breeze for webhosting providers, system administrators, and cPanel users.

 

cPanel & WHM Version 58

SubAddressing

SubAddressing (or ‘plus addressing’) refers to the name of an email that incorporates a ‘+’ as part of the destination user. Subaddressing optimizes the filtering of emails out of your inbox without having to configure filters for each sender. It’s definitely useful for system administrators and more standard cPanel users.

You know what it’s like in some instances when you sign up for a user account from any service provider or retailer. You’ll then be bombarded with future ‘offer’ emails and the like, but by using an address like denos+partyrentals@domain.tld to filter them all into a folder named ‘partyrentals’ at my email account denos@domain.tld. Plus you can also track who is sharing your email address with other companies as well with the fact each address acts as a unique one.

One quick thing to note here is you don’t create the folder before you use this address you do have to go to the server and manually subscribe to the new folder.

MDBox

MDBox continues to be a hit with system administrators, and the list of reasons why you should convert from Maildir to MDBox is long.

Both are storage formats used by the mail application on cPanel & WHM servers, called Dovecot. There are more than a few differences between them, but the one that necessitated adding support is that email stored with Maildir uses a simple 1-to-1 format, while MDBox employs what they call a many-to-1 format. For your average Joe cPanel user it makes no difference at all, but for a server administrator it’s something of a big deal. It allows more than one mail message to be stored in a single file for lower inode use, and that lets you enjoy a whole lot faster disk access. Things like backups and account transfers for any cPanel with large email accounts take a fraction of the time, and can be done with minimal server impact.

cPanel & WHM Version 60

SNI Support in Dovecot

cPanel made it a point to be eliminating domain-mismatch SSL as much as possible with the introduction of AutoSSL last year. The idea was to help prevent end-user confusion and reduce support load for webhosts and system administrators. That’s been accomplished by adding SNI support for all services across cPanel, including Proxy Subdomains and common service subdomains. Adding SNI support to Dovecot means that emails users can set up a secure connection to their mail server using their own domain name, with no chance of coming across a mis-matched SSL Domain error that many user will know all too well. No more!

cPanel & WHM Version 62

Email Account Settings

It seemed the primary frustration of end users was when they wanted to check their email outside of the webmail interfaces on the server. Keeping your documentation updated for those users can be a huge resource drain for a Canadian web hosting provider. That starts with the fact that there are a ton of different devices (phones, tablets, laptops, etc) that you and your support team should be fairly familiar with. Then add in the number of native applications (like Mail on MacOS and iOS) and 3rd-party applications (Thunderbird, Outlook, Mailbird, Claws, Opera Mail to name a few) and it becomes a little much.

It’s easy to have the webmail interface send yourself instructions for configuring any cPanel-hosted email account. From there you’ll notice that the email containing instructions also has a mobile configuration file attached to it. Open that mobile config file on your mobile device and that’s pretty much it for the procedure. All you have to do is confirm the settings and enter your password, and just like that the account is set up for you.

More adept users can take this a step further: Add your WHM account login for your server to the cPanel app (for iOS and Android). Then you can login to webmail for any user on your server via your mobile device, and send them the new account setup instructions with ease.

cPanel & WHM Version 64

IMAP Full-Text Search Indexing

IMAP Full-Text Search Indexing is one of those features that’s more sublime in its usefulness and thus appeal for system administrators. The entirety of that is in the way that it delivers incredibly fast search capabilities for all of your email hosted on a cPanel & WHM server over an IMAP connection. As an email user you’ll love how you can search your email so quickly, even if your email is hosted on the server. If you’re not a big fan of folders, it’s pretty darn nice. It comes highly recommended for hecking email on my phone or any iOS device, Microsoft Outlook, SquirrelMail, Horde, Roundcube, and Mozilla Thunderbird.

Quick note: If you didn’t enable SOLR on the upgrade to version 64, you can enable it via the WHM’s Manage Plugins interface (Home >> cPanel >> Manage Plugins), or by running the install_dovecot_fts (full text search) script.

iOS Push Notifications

Another gripe users had had in the past was with the inability to get email in a timely manner from your cPanel & WHM server on an iOS device. As an email user, you are forced to choose between a delay, either that or manually refresh your inbox. cPanel did add the best support possible for android devices in version 54, but didn’t add support for iOS push notifications until version 64.

There’s a lot of manual work that goes into setting up iOS push on a server, and that’s due to Apple requiring extensive configuration. It’s well worth it though, and if you visit cPanel’s website there’s good iOS Push Notifications set up documentation.

cPanel & WHM Version 66

Mail Compression on delivery

Here we are at the latest and greatest from cPanel. This feature promises to be the most exciting to anyone (sysadmin or cPanel user) that is concerned about their email bear hugging up disk space in their cPanel accounts. It has yet to be rolled out yet, but there’s one particular feature of version 66 where they’re adding compression for emailed delivered to your server. It will be compressed as the email is delivered, whether you’re using Maildir, or MDBox, reducing the amount of space needed by any email account on your server. Pairing Compression with MDBox promises to make email hosting blazing fast!

If you’re like us, you love what you do but it’s always best to get away from the desk with updates complete as soon as possible.

The Next ‘Disruption’: Artificial Intelligence Set to Explode

Generally speaking, if you’re an information technologies trend that’s given an acronym then you’re a part of the mainstream understanding, or are soon to be a part of it. The latter part of that definitely applies to artificial intelligence. If you’re not explicitly aware of what ‘AI’ stands for, it’s only a matter of time until you do.

Further, if you think that digital assistants like Siri are encompassing the cutting edge of artificial intelligence technology, you’re very much mistaken. They are in fact examples of artificial intelligence, but voice-recognition based software that access the information on the web based on those recognized prompts is but the tip of the iceberg of what’s coming. Nonetheless, they serve as good and fairly commonly recognized examples of the basic premise of AI; you have a source of deductive reasoning integrated into your devices(s) and it goes through those deductions ‘intelligently’, despite being an ‘artificial’ being.

Here at 4GoodHosting, we’re firmly established as a good Canadian web hosting provider, but we’re also keenly interested in staying on top of trends in the digital world that – and particularly ones that are set to make big waves. AI is definitely one of them, so this week we’re going to discuss specific AI applications that are going to be coming to the forefront in a big way over the coming years.

A significant part of the digital revolution circles around the consumerization and digitization of everyday lives. No revelation there. Whether it’s healthcare, education, government, or the corporate world, it’s going digital in a big way and being tailored towards a more consumer-centric acquisition model. Front and centre are cloud computing, virtualization, user mobility, and a good many more of them.

Data is already everything in regards to these trends, and it’s going to be even more so. Driven by the Internet of Things, the average total amount of data created (and optionally stored) by the majority of devices is predicted to reach 600ZB per year by 2020, and that’s even higher than what industry predictions were for this trend just 2 years ago in 2015. Data of course needs to be created first, and it’s in the creation stage that the volume and magnitude of data’s presence is most notable.

What’s notable as well is this data isn’t benign. Instead it’s a conduit to accomplishing something more based on the prerogatives of the user. It carries very valuable pieces of information that is related to users, products, services, and even the entirety of specific business operations as a whole.

So the question becomes – how do you mine this data in the most timely and effective manner, and get the entirety of your defined value out of it?

In advance of our diving further into the topic, it’s important to understand that many organizations and partners are already looking at ways to bring AI further into the market.

Intelligent applications based on cognitive computing, artificial intelligence, and deep learning look to be the next wave of technology that will radically transform how consumers and enterprises work, learn, and play.

These applications are being developed and implemented on cognitive / AI software platforms that offer the tools and capabilities to provide users with recommendations, predictions, and intelligent assistance made possible by cognitive systems, machine learning, and artificial intelligence. Not surprisingly, cognitive / AI systems are quickly becoming a key part of IT infrastructure and the proverbial early-bird enterprises are working to understand and then plan for the adoption and use of these technologies in their organizations.

Get ready for a new working reality where cognitive systems and artificial intelligence across a broad range of industries will be one of (if not the) primary forces driving worldwide revenues from nearly 8 billion dollars in 2016 to more than 47 billion dollars by the time we reach 2020.

Here’s the big point to understand – deploying and implementing intelligent systems that learn, adapt and potentially act autonomously will become the primary battleground for technology vendors and services partners through at least 2020. These technologies will aim to specifically replace legacy IT and business processes where functions were simply executed as predefined instructions. These machines will contextually adapt and help make powerful business as well as IT decisions

And so, here are the most prominent large-scale AI disruptions that will be arriving very soon:

  • Applied Artificial Intelligence and Machine Learning – These technologies can be more explicitly understood to be AI platforms that process data and help make decisions in a more contextually / other-sensitive manner that goes well beyond simple, rule-based, data processing algorithms. Instead, they are able to learn, adapt, predict, and – in some cases – even operate without any human interaction of any sort. Applied AI is going to be found in everything from self-driving cars to consumer electronics.

For example, IPSoft has an engine named Amelia which has every capability of being your very own digital employee. It acts as a learning engine and takes the initiative to monitor data, movements, processes etc. to learn your business, leverages key data points, and overall learn the entirety of the ‘ins and outs’ of what you do. From there, you can deploy Amelia as a cognitive agent capable of taking on the role of a service desk assistant, customer service associate, and even patient entry assistant.

  • Smart Apps Interacting with Data – How impressed would you be if your apps could help prioritize specific functions for you, based on conditions of the market, the customer, or any defined prerogative? Imagine if you could have a very informal conversation and then have your app go back and define important tasks based on that conversation? Smarter applications will leverage data to help transform the way we conduct day-to-day business. In the very near future almost every application dealing with data will come with a machine learning aspect to it.
  • Intelligence and User Augmentation – AI and smart systems will allow users to “double” up on what they’re trying to accomplish. Most of all, we’ll be able to integrate with wearable technologies, various business functions, and even create and orchestrated flow of information based on very specific use-cases. Leveraging AI and machine learning will allow users to function at a much higher level, bringing even more value to their business. This is NOT user replacement… rather it’s augmenting their capabilities and improving all of the processes surrounding their digital work (and home) life.
  • AI-Driven Security – Security is of increasing importance in the digital world, and particular in how it relates to e-commerce operations. AI-driven security architectures will mesh together with IT infrastructures, virtual technologies, user behaviour, cloud analytics, and a whole lot more. There will be a major need for smarter security systems as we merge into a much more complex – and inevitably interconnected – world. Look for these systems to be able to monitor contextual points around users, devices, flow of information, and much more to create intelligent security architectures. It’s going to be very impressive.
  • General Data-Driven IT solutions – These solutions will continue to deliver considerable value to users, as well as enhancing the services they consume and improving how businesses perform various functions within the digital realm. Some will be concerned that these systems are here to replace them, but that’s a shortsighted and off-base concern. The reasonable perspective is to understand that if you embrace AI technology and incorporate it judiciously it has the potential to bring so much more value to your operations and involvement in the digital business world.

There is always a degree of uncertainty and trepidation that’s attached to incoming new technologies that look as if they will thoroughly reinvent many aspects of the working world. Machine learning and AI systems should be welcomed, as they will help augment functions and aid us in making better, well-informed decisions and focus on growing our businesses, making them more streamlined in their operations, and creating better services.

The explosion of AI is definitely on its way, and we for one couldn’t be any more enthusiastic about it!