Site reputation – that’s what hackers want to steal from you for their own personal gain. Don’t think that you need to just be using WordPress to become a victim. I’ve seen regular HTML website fall prey to hack attacks too.
It typically all starts with your user name and password being stolen. Hackers create a phishing page that looks legit that they hope you will click and then enter in your user name and password into. The best defense is to never click links in an email and if you do click a link, never share login information no matter how valid a site or form looks.
Instead, go to your login address using your browser and access your account without clicking a link. You will typically find that there is not a problem with your account or access. But the email you had received had some dire notice that you were going to lose access or your account would be closed. Be suspicious of everything.
Troy Hunt has it right in his article on how and why hackers want to get into your site and steal your credentials. His article is worth the read to allow you to make sure to stay safe. You will be amazed at the extent hackers will use, to mask their presence in an effort to steal your credentials and then your website reputation.
If a plugin that is important to the look and feel of your WordPress website is abandoned, it is best to start looking for an alternative.
Recently in the news, several popular abandoned plugins were purchased and used to disseminate malware. It is not recommended to keep using a plugin that has been marked abandoned at WordPress.og. So what should you do?
One, search for alternatives using the plugin name. In many cases others just like you have had a similar problem and have created, found, or written about good alternative plugins. Do some research and see if you can find a good replacement option.
Two, be sure is has been abandoned by visiting WordPress.org. Look to see if there are comments that point you to alternatives.
Four, leave the abandoned plugin installed and take your chances that nothing will happen and your site will not be hacked. Just be aware that as WordPress updates, the plugin may stop working entirely.
I like WordPress for blogs, but not for websites. Here’s one example of why I am not recommending WordPress for business websites.
Client A did a new website two years ago and moved to WordPress from PHP. They thought that they would be updating their content and so wanted an application that allowed staff to go in and make updates at will.
What happened in reality is that they never added their own content, they paid me to do updates. They had to buy a WordFence premium license to protect their WordPress website from hacking and then pay a webmaster to monitor files and plugins for updates as well as do monthly maintenance.
Now, one of the plugins that is integral to the look and feel of their theme, has been abandoned at WordPress.com. Deactivating the plugin makes the inside pages look bad. There does not seem to be an easy fix replacement for the plugin. It maybe that the best solution is to replace the WordPress theme in the next year due to the loss of this important plugin.
Client B has a PHP-based responsive website that is not WordPress. They have used their website since 2015. It still rates over 90/100 on the Google Page Speed tool in mobile and desktop. This client simply wants a new look and so is looking for a similar PHP responsive site design.
I personally feel that WordPress has a place, but is not my preferred application for website design. Too many clients want to keep their new website three to five years or longer. If you have a WordPress website and a plugin is abandoned what would you do if one is not readily available as an alternative? You’d have to simply start over and buy new.
Search engine optimization is not for every website. Although search engine optimization can really improve the organic search results for some websites, there are a couple of considerations when search engine optimization should not be considered and maybe a full site redesign may be a better investment of money and time.
When not to do search engine optimization:
If your site is created in a template and the site layout becomes broken when new content is added.
Your site looks funny in browsers other than Chrome and Firefox.
You have a site designed using Flash or tables for your layout.
Your website looks dated or non-professional.
As search engine optimization is not inexpensive, in some cases the money that would have been spent on search engine optimization would be better spent on a new search engine friendly design with built-in optimization features.
Plan ahead, bringing a new website online does mean that you will drop organic placement. It happens! Sometimes with redirects, after 4 to 6 weeks a website will pop back up in organic placement, but sometimes, the site stays down and does not regain the placement that the original site had.
It is a reality and one that you should honestly prepare for when you launch a new website. It may be smart to build your new website at a new domain, so you do not lose your organic placement of your old site. If that is not an approach you would like to take, know that you will drop and plan a pay per click budget to drive traffic to your new website and get started quickly with blogging and content creation to try to build inbound links and help your site regain position.
Many businesses will own multiple domains and it may make sense to use one of your domains and leave your legacy website alone. Especially if you have thousands of blog posts and thousands of inbound links.
If your site is relatively small and has under 150 inbound links, your placement is not so strong that you cannot overwrite the URLs on your site and damage your organic placement.
Be careful and thoughtful about the changes you want to make beforehand so you are prepared in case your site does fall significantly in the organic results.
Don’t damage your existing SEO when you launch a new website. Once you have changed page URLs, all inbound links pointing to your website (that helped you garner your old website’s placement) will be broken and the SEO juice gone.
I recommend taking time to do an .htaccess file redirect in the root of your server; list your old URLs and then redirect to the new page that is the best match. If you have a very large blog, consider leaving the old blog up and then starting a new blog site on the server, having multiple incidents of WordPress so you do not lose thousands on inbound links if you have been a very active blogger.
This is of particular importance when you are moving from a PHP or HTML site to WordPress as the format of your website links will be different.
For many well-placed websites, setting up a new domain and leaving the old site untouched may be the best solution. In fact, if the old site is well placed organically you can point your pages to your new website (not with a domain forward, but rather with links in the footer and content). This may pass some of your SEO capital to your new site to help it get established.
When you want a new site and build one, but do not come up with a plan to address your historical inbound links, you break what you had and literally have to start all over again building SEO placement. Don’t damage your existing SEO out of ignorance.
Overwriting your existing website with new URLs without a well-thought out process can really damage your online placement and may be very hard to recover from, so move thoughtfully and carefully.