Once you use AMP on WordPress, and if you want to use AMP pages on your regular HTML site, you’ll need to do a little research. There are lots of sites and information from Google on how to set up and how to validate your new AMP pages.
This is what I have learned in the process of working on my own website pages.
The original and new AMP page need to be pointed to each other. The AMP page points to the original page using a canonical reference telling Google that the non-AMP page is the original. The non-AMP page then points to the AMP page so that Google can discover it using a special meta tag amp reference.
There are specialized AMP image references and specialized CSS references. Additionally, Google will require that the viewport be set in the page head section to validate the page.
It is not complicated to set up these static AMP pages, but it is complicated to get them to validate. That being said, the future for Google is all about AMP and mobile. With a little effort you can make your blog and website more attractive for Google to index (and cache) in this new “Mobile First” world.
Many legacy website owners are now looking at upgrading their websites to leverage new technologies but what type of site should you consider as you weigh your options?
WordPress Websites Pros and Cons
I have a love/hate relationship with WordPress. I love the power and adaptability. I love the free plugins, but I hate the security problems and I hate the lack of really fine control both for SEO use and for image placements.
If a client decides that they want to do their own content updates, WordPress is perfect for them, but at a cost.
If a client does not buy a security monitoring service like WordFence or SiteLock, they may leave their expensive new website open to becoming hacked and banned on Google (until remediated from a hack).
Being secure costs money and WordPress is not a set it and forget it application. Be prepared if you decide to do your own updates that you need security software and need to do your own weekly site updates to keep WordPress secure.
HTML Websites Pros and Cons
For clients that are never going to do their own updates and do not need special plugin features from WordPress, I love a regular HTML version website. I love the control of page and image naming, the ability to have total control over site architecture, and the security of knowing that hackers do not typically use HTML websites as a platform to spew spam or malware.
HTML websites do not need regular security review, analysis and monitoring as WordPress sites do. But as technology changes they typically should be replaced about every five years.
If you need help with a SEO focused information-rich website for your service business and are not using ecommerce, pick up the phone and chat with me about your needs at 540-693-0385. I’d be glad to let you candidly know if our services would be a good match for your needs.
Security, you never realize how much you really should be thinking about it until your site is hacked. For business owners, let me caution you to not leave this most important aspect out of protecting your online presence to staff without some oversight.
Here’s what you as the business owner need to know about security.
You need a back up and redundancy plan.
You need to know what your webmaster is doing on security.
You need to routinely monitor the Google Search Console for messages.
Sometimes the Bing Search Console will notify you faster of a hack, so monitor there too.
Look for weird URLs and strange activity in Google Analytics.
Make sure you do regular back ups of your website files and keep several archives not just one.
Back up your back up!
If you use WordPress as the backbone for your site see below.
Remain vigilant. If you have security plugins monitor the messages.
If you have WordPress…
I like WordFence as my security plugin. I am getting nice results and actionable message about access, updates to do to stay secure, and not too many messages that I get “security fatigue”.
I do use other plugins as well for WordPress. Below are the ones I will typically install for clients.
Locks out brute force attacks and bad passwords.
WordPress File Monitor
This plugin monitors the core files for changes and uploads.
Sucuri or WordFence
I have used this program but found that the number of messages was too overwhelming so at this time I am using WordFence instead. Just make sure you use something AND make sure to actually read the alerts!
Everyone likes a bargain! Sometimes however you’ll want to pay for an app or WordPress plugin that is really valuable, but why pay when you can get one that does the trick for free?
I deleted Askimet as my spam plugin in WordPress when they moved to pay to play and really tried to wring $5 a month out of their users after years of free service. I understand that everyone needs to make a buck, but in the world of WordPress what they offered was not unique.
I searched for spam filtering plugins. I found Cleantalk and tried it for the seven day free trial period. I liked the interface, but just did not feel that paying for it was worth it to me. Cleantalk bills $8 per year. Not a lot, but free is free.
Now I am trying out the free WordPress plugin Anti Spam Bee. This plugin appears free – well at least for now.
Before you buy of any plugin, make sure to try it out. I may be back with Cleantalk, but for now I am going free, free, free with the big yellow bee of Anti Spam Bee.
My firm blogs for many clients and in the process we’re on blog sites more frequently than the blog owner. In some cases my team was the first to notify the client of a hack. Typically when a site is hacked, we cannot login to write or see the WordPress site when we go to gather links for a blog post.
To keep your WordPress blog or WordPress website from being hacked these are my tips for security.
1. Make sure you are using a secure password. Many times the client’s webmaster will send us our logins and the password is something like 123456. For security, I like passwords like this A&Ji3nGba*3!. Impossible to remember but really hard for a hacker to guess.
2. Secure your site from brute force login attempts. I like the WordPress plugin Login Lockdown. This plugin allows you to lock out intruders who are repeatedly trying to get in by blocking their IP address.
3. Monitor your core WordPress files. I really like this plugin. It monitors your core WordPress files and emails you when there have been changes and advises you what files have been changed. I cannot begin to tell you how easy this makes fixing a hack attack by having an idea where to start.
4. Use an exploit monitor. I use the WordPress plugin called Exploit Scanner. We’ve found several deep hacks with roots in a parent website feeding into an on-domain blog this way. By scanning the WordPress files for explode and hidden elements we have been able to quickly identify a hack and work fast to remove it.
There is nothing worse for a website owner than to do a search for themselves on Google.com and find a note next to their site for users not to visit it due to malware or Google to turn off the links to their site.
These simple preventatives are what we suggest for every blog owner they are easy to install and require just minimum of vigilance.
I am in the process of finishing up and readying for launch a new website built on the back bone of WordPress. I have to say the website has turned out nice, but I wanted to share with you a few of my thoughts on using website built like this for search engine placement.
I think that if you want to save money on webmaster services, like the control of being able to add and update your content at will; a well designed website using WordPress has no comparison. But for people, like me, who are used to full and complete source code control for SEO purposes a website built with WordPress leaves much to be desired.
Professionals in my industry know that template based websites (and that is really what a WordPress built site is- a custom template) do not allow you full source code control. Although the designers that have worked with me on building this site have really done a great job, there are instances when I wanted to name my uploaded images my own way; I wanted to custom design my site architecture and be able to change the names and structure easily if I needed to down the road; I wanted to add special design or style elements to my pages without having to create hacks to make the page work the way I wanted it to within the template constraints. In other words, there is an element of control, subtle though it may be, that is simply missing with a WordPress site versus a custom created, built from the source code up, website.
I guess with all new improvements to allow customers to control their own content there are trade offs, but I’m not sure that I want to lose that control for every customer.