Author: sussexlongman

Websites with text input require SSL certificate to avoid a “Not Secure” warning

Websites with text input will require SSL certificate to avoid a “Not Secure” warning

padlocks on bridge

Websites with any kind of text input will require an SSL certificate if they want to avoid a “Not Secure” warning.  With its next update to Chrome 62 rolling out as I write, Google Chrome, the most-used web browser will begin showing sites without an SSL certificate as ‘Not secure’  when visitors enter data.  A SSL certificate encrypts messages and information sent to your website, and will show the secure green padlock in the browser bar (in Chrome). Sites with an SSL certificate also have a https web address rather than a http one.

In practice this means visitors completing checkout forms, filling in contact forms, entering information or logging in to their account, will see a Not Secure notice.

chrome not secure diagram

All http sites in incognito mode will also show as insecure. And furthermore, from some time next year, it is likely that Google will show all http sites as insecure as part of its drive to make the web a more secure place.

“Eventually, we plan to label all HTTP pages as non-secure, and change the HTTP security indicator to the red triangle that we use for broken HTTPS,” – Emily Schecter from Chrome Security Team.

Of course, when a visitor to your site sees this, it is highly unlikely that they will proceed.

chrome non secure warning

If your site requires visitors to fill in data via, for example, membership, checkout or contact forms you are highly recommended to get an SSL certificate as soon as possible. Furthermore, Google also slightly favours sites with an SSL certificate in search results.

Many hosts offer a free SSL certificate via Let’s Encrypt or you may have one included in your hosting package. If not you may have to purchase one from your host. 

Postscript

As far as I can tell, having just updated to Chrome 62, Google may have delayed full implementation. I think it is only marking as non-secure pages containing password and credit card input fields (as Firefox already does). I don’t see  a warning when I enter data into a contact form or even a WooCommerce checkout page.  Still, it’s only a matter of time. Seems it’s not doing it immediately for everyone, but no doubt it’s coming very soon.

Ah, apparently, Chrome rolls out features on a more experimental tentative basis –  see: https://textslashplain.com/2017/10/18/chrome-field-trials/

 

 

Time for an SSL Certificate?

What is an SSL Certificate?

padlock

An SSL certificate is used to encrypt information; without encryption, the information transmitted between a browser and server displayed in plain text, which is much easier for hackers to access. Until recently, it was only really essential to have one if you took direct payments on your website, but Google has indicated it will rank higher websites that have this security layer. In addition, internet browsers like Chrome and Firefox are beginning to show warnings on sites which do not have SSL certificates and where data or text is input (e.g. in a contact, login or checkoout form).

Having an SSL certificate on your hosting is therefore becoming much more important.  A site with an SSL certificate will display the green lock in the browser next to the web address, and your website address will change from http to https. It provides your visitors with a sense of increased trust and safety. 

However, it can add a cost to your annual website hosting. SSL certificates need technical set up, depending on your server and hosting provider. Be aware when moving from non-SSL to SSL that there may also be SEO considerations.  On the positive side, many hosts now offer a free SSL certificate via their own certificate provider or via Let’s Encrypt, a free certificate authority. 

Let’s Encrypt is free and offers a basic SSL certificate – anyone can add if they have access to your website’s control panel. The certificate is a domain validation (DV) one and can only ensure a secure connection to the website. it’s ideal for websites that need encryption without the absolute guarantee of ownership.

However, if your website is a business that’s processing credit cards directly on your site (i.e. not via Paypal) or transmitting sensitive information, it’s recommended that you consider purchasing a certificate so your user’s can rest assure the connection is valid and secure. Such certificates will usually be Organizational Validation (OV) certificates which require additional organizational information about who is purchasing the certificate such as their Name, City, State, Country. (OV) certificates also require the user to respond to an email with a verification code and may also offer warranty protection against losses (check with your host).

Whichever, you choose, if your site is a WordPress one, the Really Simple SSL plugin is highly recommended in helping you make the move.

Who offers the best web hosting?

So Many Web Hosts, which one to choose?

So you want a website but don’t know where to get it hosted? Here are a few recommendations to help you decide.

Tsohost – great value hosting

If you are on the budget and you want to get very good value UK based reliable hosting, then go for Cloud Hosting by Tsohost. The lite package, suitable for most small businesses, is just £14.99 per year, or go for Standard at £34.99 a year for larger or busier sites.  Note one way they keep costs down is to limit their support to 7am- midnight.

Siteground – best all round hosting

If you have a bit more to spend, then go for Siteground with good all round performance and support. Website performance is generally a notch better/faster than Tsohost, and Siteground are recommended by the makers of WordPress themselves. Prices from £6.95 per month, inc free domain.

Fastnet  – Local Hosting in Brighton

If you want local (to Brighton) web hosting, then try Fastnet from £3.99 per month. 

Reviews

See The Best UK WordPress Hosting Reviewed and UK’s Best web Hosting Companies for more information, including reviews of Siteground, Tsohost and other hosting companies.

Anyone to avoid?

From limited experience, I’d definitely avoid Easyspace and  Fasthosts, and probably 123-reg.

 

 

 

 

Best Premium WordPress Themes

Best Premium WordPress Themes

The last few years have seen the development of a number of very good versatile premium WordPress themes with an excellent array of design and layout options and features.  The healthy competition between these themes ensures that they continue to evolve and improve over time. The only downside is that with so many features packed into the themes, some can be a bit overwhelming to start with.

A few things to consider when looking at themes:

  • check out the demos for each theme to see if they meet your requirements – many will have a number of demos showcasing what the theme can do
  • design and layout options, including header, logo and font options.
  • types of gallery/portfolio/blog layouts available
  • menu options – side, top, transparent, mega etc
  • type of page builder included e.g Visual Composer
  • special effects or features such as animation effects or video backgrounds 
  • inclusion of sliders and other plugins – Revolution slider is probably the best slideshow plugin in my opinion but other sliders such as Layer Slider are very good too.
  • support for other plugins if important – buddypress, gravity forms, WPML (multiple languages) etc
  • documentation & support – read reviews
  • all themes listed are currently compatible with WooCommerce  & are currently being updated regularly

Avada is the top selling theme on Theme Forest but I’m not never quite liked it somehow. It’s not included below but in recent updates it has included some nice contemporary features so you may want to check it out.

At the time of writing, these themes will typically set you back about $59-69. So here’s a quick round up.

Theme Forest ratings and sales statistics are as at 1st October 2016


Salient

Salient WordPress Theme

This is a great intuitive theme, and integrates well with the included Visual Composer, for excellent aesthetics. I’ve used it on several sites and like it very much.

  • Theme Forest Rating: 4.81 after more than 4000 ratings and over 50,000 sales (created March 2013)

 


Divi

Divi WordPress Theme

The flagship theme from Elegant Themes, Divi continues to improve and is becoming a really excellent theme, incorporating the Divi page builder, and an excellent choice of design and layout settings.

Available from Elegant Themes – not available on Theme Forest – and for continued access to updates, you’ll need to pay an annual subscription (created Dec 2013).

Continue reading

Best Rated Free WordPress Themes

Best Rated Free WordPress Themes

This list is a brief introduction to some of the best rated WordPress themes currently available on wordpress.org. To qualify for this list, themes must have over ninety five-star ratings with at least 75% of their overall ratings at 5 stars. The list only includes themes that are being actively kept up-to-date  –  that is with an update within the last 4 months as at 30 Sept 2016.

These themes have gained a good track record over time so the only downside to this list is that they may not be the most contemporary themes out there. I’ll do a round up newer free themes sometime soon. 

Free versus Pro

Many of the themes listed provide a free  or lite version and a pro/premium version with all the themes below offering decent free versions. However, often the free version will have more limited colour, typography and page layout options, no slider or limited slides, less widgets or widget areas, less compatibility with plugins such as WPML (and sometimes WooCommerce), limited support and the footer will have a theme credit that cannot be removed (at least without amending the coding). Most of these limitations can be overcome with some coding (if you know what you are doing) or suitable plugins but that might not suit you.

Compare free and pro versions to see what the difference is. Most theme providers are transparent and will have a comparison on their theme home page. Follow the link from WordPress.

The Themes

1. ColorMag

ColorMag wordpress theme

Extremely well-reviewed theme by ThemeGrill – ‘a perfect responsive magazine style WordPress theme. Suitable for news, newspaper, magazine, publishing, business and any kind of sites’.

  • 209 Five-Star Reviews/223 reviews (89%) with 60,000+ active installs

2. Virtue

Virtue wordpress theme

Virtue by Kadence Themes has been around for quite some time and is extremely versatile with tons of options, easy to customize and loaded with great features. It’s fully ecommerce (Woocommerce) ready with all the tools you need to design an awesome online store. The clean versatile design is perfect for any kind of business, online store, portfolio or personal site. Virtue has a powerful options panel where you can set things like your home layout, sliders, custom fonts, and completely customize your look without writing any CSS. The free version has a very impressive range of customisable of options but the even more all singing premium version.

  • 185 Five-Star Reviews/194 (95%) with 70,000+ active installs

Continue reading