Web Design Blog

While the GDPR laws are written for EU countries, many of my enterprise-level clients have been asking me to add scripts and plugins related to addressing these basic rights:

  1. The right to access.
  2. The right to be forgotten.
  3. The right to data portability.
  4. The right to be informed.
  5. The right to have information corrected.
  6. The right to restrict processing.
  7. The right to object.
  8. The right to be notified.

(original article)

Ecommerce site’s “blind trust” makes the service a perfect place to dump data.

Hackers are abusing Google Analytics so that they can more covertly siphon stolen credit card data out of infected ecommerce sites, researchers reported on Monday.

Payment card skimming used to refer solely to the practice of infecting point-of-sale machines in brick-and-mortar stores. The malware would extract credit card numbers and other data. Attackers would then use or sell the stolen information so it could be used in payment card fraud.

ZOOM, THE video conferencing service whose use has spiked amid the Covid-19 pandemic, claims to implement end-to-end encryption, widely understood as the most private form of internet communication, protecting conversations from all outside parties. In fact, Zoom is using its own definition of the term, one that lets Zoom itself access unencrypted video and audio from meetings.

With millions of people around the world working from home in order to slow the spread of the coronavirus, business is booming for Zoom, bringing more attention on the company and its privacy practices, including a policy, later updated, that seemed to give the company permission to mine messages and files shared during meetings for the purpose of ad targeting.

We are urging all clients to enable "2FA" (2 factor authentication) for any web-related dashboards:

  • Domain registration (e.g. GoDaddy supports it, Network Solutions not yet)
  • Hosting control panel (e.g. InMotion, SiteGround)
  • CMS control panel (e.g. Joomla, Wordpress, Drupal)
  • Newsletter / Subscriber (e.g. Mailchimp supports it, Constant Contact not yet)
  • Google (Analytics, Adwords, Adsense, Webmaster Tools, etc.)

A few articles that I want to share:

  • SEMrush SEO Writing Assistant - Plugin for Google Docs - checks your content for SEO friendliness on the go
  • GDPR, Data Protection, and You: It's not just for the EU and California!  How to create a "compliance plan" when it comes to storing sensitive information, obtaining consent, and managing that data.  
  • It's Not About SSL Certificates: Clarifies a common misconception that adding an SSL certificate makes your site more secure.  Incorrect!  It makes the traffic to and from your site more secure, but doesn't help with software / server / plugin vulnerabilities.  
  • Multi-Column Editing in Joomla: For any clients who want to be able to edit multi-column content using a clean, responsive, browser-based content editor

Apple and Google are both rolling out significant updates to their respective "Map" apps.  Here is a quick recap:

Question:
Our site has been up and running with out any problems since for years! Do I really need to patch my Wordpress (Joomla, Drupal) site?

Answer:
I agree! For over 10 years, many people have been getting away without patching their websites, they've been lucky!

Todays' article includes a screenshot of a typical Wordpress site. This person hired someone else to build their Wordpress site, and it was never patched. Their site was built in 2017 and hacked in 2018 & 2019...

Three scary aspects of having your business listing "Suspended" by Google, after personally going through the experience with my wife's house cleaning business:

  1. Google will not notify you when your listing gets suspended,
  2. Google will not tell you why it was suspended, and
  3. Google won't coach you through getting it un-suspended.

You can sign in to your GMB account and submit an "appeal" to have it reviewed by someone at Google (presumably a human being), but that doesn't guarantee anything. If they review your listing and it is still in violation of Google's terms of service, you'll find yourself sitting around for days (weeks?) wondering if your business listing will ever come back online.  The reason that Google won't "coach" you through changing your listing to bring it into compliance is they don't want to directly educate people on how to game the system.

The new tool temporarily block URLs from showing in Google, it shows outdated content and content filtered by SafeSearch.

Google has launched a new removals tool within Google Search Console. This tool does three things (1) lets you temporarily hide URLs from showing in Google search, (2) show you which content is not in Google because it is “outdated content” and (3) shows you which of your URLs were filtered by Google’s SafeSearch adult filter.

Scam Alert!  I just received this earlier this morning from a company who tried to trick me into renewing my domain registration with them and paying extra for search engine registration - two separate items that aren't typically combined:

Subject: Domain Notification for (redacted).com : This is your Final Notice of Domain Listing
Date: Wed, 18 Dec 2019 07:43:56 -0800
From: (redacted).com Support <This email address is being protected from spambots. You need JavaScript enabled to view it.>
To: (redacted)

Latest Comments

Just received one today (16 Aug 2022) from "Mailchimp". Thanks for sharing!
Thanks for posting this. I just got one today. I was 99% sure it was a scam, and your post confirmed...
Thank you. I just got one of these emails and was suspicious so I did a search.
Another one for 2022 Hello, Your website or a website that your company hosts is violating the copy...
Nate Covington posted a comment in Download XMap for Joomla - All Versions Joomla
Hi, I stopped using Xmap years ago. Not sure about your particular error with Hikashop. I suggest ...


Design & Development

Wordpress, Drupal, Joomla
New custom websites
Bespoke themes and extensions
Redesigns, upgrades, migrations

Web Design & Development


Optimization & SEO

Let us optimize and manage your overall online presence. We offer full service monthly SEO as well as one-time projects.  

Optimization Plans & Pricing


Maintenance, Patching

White glove monthly backups, security updates, maintenance and testing for your Wordpress, Drupal, or Joomla site.

Maintenance Plans & Pricing


Email Newsletter

Bring your web & marketing performance to the next level: monthly blog post roundup via email.  

Stay in Touch!