security Archives | Catalyst Studio, Inc
This is just a brief post to share that WordPress 4.2.3 has been released and is labeled a “critical security release.” As noted in the official WordPress announcement, it patches a couple of security vulnerabilities, namely cross-site scripting (XSS) and Subscriber role permissions, among other minor bug fixes.
If you’ve received a system email notification that your site has automatically been upgraded to 4.2.3, then you’re good. In the event that your site has not been updated – or the version shown in the email is not 4.2.3 – contact your developer to get on the latest version (just make sure that you backup your site and database beforehand, which is always recommended).
SSL Encrypts Website Data
Since the 1990s, most web users have come to associate “HTTPS” (or, Hypertext Transfer Protocol Secure) with e-commerce websites. HTTPS basically means the website you’re shopping on has a valid SSL certificate that encrypts your session, order and payment information so that hackers can’t get at it. Even novice online shoppers know to look for the “padlock” icon to let them know that their data is secure.
However, in the last few years, HTTPS has moved beyond e-commerce websites. Many people first noticed this on Facebook, where a new security option around 2010 nudged users into using the site securely (with the option to turn it off). Google also did the same thing for Gmail and users of their other services, enabling encryption of all user sessions. Log into Twitter or MySpace, and you’ll see that you’re being routed throughout HTTPS.
Google Now Rewarding Sites Using HTTPS
Earlier this month, Google officially announced that they are encouraging website operators to serve all website content via SSL. The primary reason behind supporting SSL for SEO is to make the web a safer place by securing web visitor information, even if all you do is solicit website visitor inquiries or email addresses for your newsletter signup. The great news is that Google confirmed that pages served via SSL will receive a small ranking boost.
Now, before you get too excited, this doesn’t mean that you’ll instantly leapfrog your biggest rankings competitor, or suddenly dominate your niche. However, it is a relatively simple directive that you can implement today to support your SEO strategy. The advantages granted to sites that migrate to all-HTTPS will be calculated on a per-URL basis (not accrued to the whole website), and it is being calculated in real-time. This means that you will probably continue to see a fluctuation for your pages in the SERPs over time as this becomes the new norm.
Our recommendations? Go all in for SSL. This is especially true for our clients with e-commerce sites already, since the basic ingredients are already in place to protect checkout and user account information. It takes a few additional steps (depending on server configuration) to move the whole site to HTTPS and make Google and other search engines aware of the changes.
If you don’t run an e-commerce site, but want to take advantage of any ranking boost you can (and you should!), call us at (281) 980-4900 us for a review of your site and hosting setup, and we can identify the get optimal way to make this happen, from obtaining a new SSL certificate to installation and search engine index updates.
It’s no secret that we love the WordPress platform around here. When you have a CMS that is so easy to manage – with tons of functionality being added every day – it’s not difficult to see why 19% of the world’s sites run on WordPress. Add in their famous 5-minute install, and how relatively easy it is to poke around “under the hood”, it’s all good right?
Well, maybe not entirely… Read more…