blog

It's time to move your website over to HTTPS

Rob Miles - Wednesday, August 23, 2017


Starting October 2017, Google Chrome (version 62) will show a 'NOT SECURE' warning when users enter text in a form unless the pages are served over HTTPS.

The new warning is part of a long term plan by Google to mark all pages served over HTTP as 'not secure'.

What is HTTPS?

HTTPS stands for Hyper Text Transfer Protocol Secure – this is the secure version of HTTP, the protocol used when data is transferred between your browser and the server that hosts the website you are visiting. In the case of HTTPS, all the communication between your browser and the website you are visiting is encrypted.

This means that all data exchanged, like personal data you are filling into a webform, the information you are getting when opening up your Member only webpage, and so on is encrypted at one end (the browser or the server), sent across the Internet and decrypted at the other end, thus making it unusable for a potential attacker that might intercept it.

Why move to HTTPS?

  • Avoid the 'not secure' message and help protect users' data.
  • Various search engines have recently started favouring HTTPS enabled websites when displaying websearch results.
  • HTTPS enabled websites are regarded as more trustworthy for visitors.

Why now?

Adobe only recently announced that you can install SSL certificates for private domains managed by Business Catalyst. In order to enable the secure connection, an SSL certificate is used.

Is my website HTTPS-ready?

If your email or DNS records are hosted by Business Catalyst, then yes. If your email or DNS records are hosted externally then it's slightly more complex as we'll will first need to switch to the internal DNS system. We can handle this for you so please ask if you're not sure.

How do I get started?

If you care about your Business Catalyst site and your site visitors, it's time to move forward or get left behind. Please email design@milesdesign.com.au with any questions or to get started.

Offer is available for Business Catalyst websites hosted by Miles Design only.

SEO month on business catalyst!

- Monday, January 20, 2014
For most online business owners, having their site as a top recommendation on search result pages is a healthy indicator that their business is going places. And this should be indeed part of your BC site’s growth strategy: more visitors = notoriety + more sales + a bigger client database.

This month BC will talk about SEO and a series of articles, tutorials, webinars will follow, to analyse this topic in depth.

http://www.businesscatalyst.com/bc-blog/SEO-month-Business-Catalyst

top 5 new business catalyst features

Rob Miles - Friday, February 01, 2013

Below are my top 5 new Business Catalyst features for business owners. If you'd like any help implementing any of these features for your website, please contact us.

1. SEO metadata for pages

 

With the recent January system update, BC have brought the enhanced SEO Metadata tool out of beta. BC will automatically enable the new interface for all sites that don't require migration and newly created sites. If you don't see the new interface, you need to manually run the migration process by visiting: Site Settings > Beta Features > SEO Page Interface, and clicking “Go to the migration page”. Learn more here

2. improved web form and comment security

 

BC has introduced a new native CAPTCHA engine that will be available in parallel with the current engine. They've made it more difficult to visually read, but also more secure against spam bots that base their actions on image detection. You can switch between the existing and new CAPTCHA engines under: Site Settings > Captcha. Learn more here

3. incontext campaign editing for business owners (beta)

 

BC has introduced a new editing experience for business owners that’s intuitive and separates content from style inside your email campaigns. When you go to edit the content of this template, you're only manipulating the raw content itself, and hence are unable to break elements or the overall layout. Learn more here

4. embed dynamic modules inside email campaigns

 

You can now insert dynamic modules such as news items and blog posts inside email marketing campaigns. Using the new specifiable module templates feature, you can easily create and render these modules in a way that’s email newsletter friendly, opposed to simply inserting the web-version of the module. Learn more here

5. new V3 admin interface

 

If you haven't been using it already, I recommend that you switch to the enhanced V3 admin interface. Click the "V3 Preview" in the top right of the admin area. V3 will become the default interface for all users starting with BC's April/early-May system update.

business catalyst january system update

Rob Miles - Thursday, January 31, 2013

Below are my highlights for business owners:

A new, persistent navigation ribbon

 

BC has updated the Admin V3 navigation ribbon for ease-of-use and to make it easier for new users to understand. The new ribbon can persist even when you’re visiting the front-end of your website, and contain the following modes:

  • Preview (a new mode, for previewing the front-end of your site)
  • Manage (formerly “Site Manager”)
  • Content (formerly “Site Editor”)
  • Develop (formerly “File Manager”)

As part of this update, BC is also bringing the new “File Manager” out of alpha and renaming it “Develop” mode. In addition to editing your HTML/CSS/JS files via this mode, you can now also set Page Properties for your site.

A range of Web App enhancements

Based on a lot of valuable feedback from the Partner community, BC has added several enhancements to the Web Apps feature. As of this system update, you’ll be able to:

  • Render a custom page when accessing the root URL of a Web App. For example, if you have a “blog” Web App, the items can be made accessible at /blog/my-blog-post, and you’ll have the ability to customize the /blog page
  • Render Web App items inside a sub-folder, such as /folder/subfolder/webapp-name. For example, you could have /blog/authors/bogdan (where Bogdan is the Web App item name)
  • Instruct BC to not display or index the Web App items of a specific Web App. Today, all Web App item’s URLs can be indexed by search engines. For example, /states/california should throw a 4040 page

Stay tuned for more exciting Web App updates in the near future.

Email marketing list filtering

BC is bringing this great feature out of beta, while introducing a range of new list filters. For full details on this feature, see the previous release notes

Inventory control for products

After extensive testing and integrating the great feedback from the Partner community, BC is finally bringing Product Inventory Control out of beta.

For full details on this feature, please refer to this forum article

SEO Metadata for pages

 

With this latest system update, BC is also bringing the enhanced SEO Metadata tool out of beta. BC will automatically enable the new interface for all sites that don't require migration and newly created sites. If you don't see the new interface, you need to manually run the migration process by visiting Site Settings > Beta Features > SEO Page Interface, and clicking “Go to the migration page”. Read more about this feature here.

Admin V3 default for all users in April/May

BC is giving you 3 months to migrate over to using the new V3 Admin interface, before making it the default interface for all users starting with the April/early-May system update.

Streamlined email marketing editing experience

In line with BC's on-going beta development of the email marketing editing experience, with this system update you’ll notice that they've introduced a new editor and also moved the “Subject” field to the “Content” step of the wizard, for easier reference and editing.

They've also integrated the fantastic Redactor editor in place of the existing WYSIWYG editor, for editing Email Campaign content. If you've enabled the "Visual, in-context editing" beta feature via Site Settings > Beta Features, you'll be able to see the new editor in action. BC is planning to roll this change out across all sections of Business Catalyst in future updates.

SPAM and Security improvements

With this update, BC is updating the SPAM management feature to not send comment workflow emails when a comment is marked as SPAM – keeping your inbox clean.

They're also turning on the Secure Redirect feature for all websites, to ensure a secure experience for your website and it's visitors. If you would like to redirect visitors to external websites from your site, you should add them under Site Settings > Secure Domain Redirection.

For more information on any of these features, please refer to the Business Catalyst Blog or contact us

business catalyst new feature highlights

Rob Miles - Thursday, November 08, 2012

Below are my highlights for business owners:

Level 1 PCI Compliance

Adobe Business Catalyst is happy to announce that they are now certified Level 1 PCI DSS compliant. If you’re not familiar with PCI, the Payment Card Industry Security Standards Council’s mission is to enhance payment account data security by driving education and awareness of the PCI Security Standards. They created the PCI Data Security Standard (PCI DSS), designed to prevent, detect, and react to security incidents. All Level 1 PCI DSS compliant service providers must undergo an annual independent audit by a Qualified Security Assessor (QSA) to confirm compliant status.

Introducing the “Beta features” program

BC has introduced a new opt-in beta program, so you can easily take new features or system enhancements for a test drive, while they’re still in the development and testing phase. The goal of this program is to gather your valuable feedback on new features, and make sure they’re production ready before rolling them out across all sites. The new “Beta features” screen can be accessed under “Site Settings” from the Admin Console, and lets you opt-in on a feature-by-feature basis, per client site. 

Product inventory control for attributes (beta)

This much anticipated feature enables you to manage product inventory and stock levels based on what we now call “variations”. You can enable this on a site-by-site basis from the new Site Settings > Beta Features section of the Admin Console. 

 

Email list segmentation (beta)

In order to send a targeted email campaign in the past, you have been required to first create a custom report to filter your customer database, then go back and create the campaign. BC are simplifying this process by enabling business owners to segment their customer database and create targeted mailing lists during actual campaign creation. This new feature is accessible in beta from the new Site Settings > Beta Features section of the Admin Console. 

Embed dynamic modules inside email campaigns

BC are now enabling you to insert dynamic modules such as news items and blog posts inside email marketing campaigns, using a completely revamped Module Manager. These modules are then dynamically rendered when the campaign is sent, so the recipient sees the latest content. Using the new specifiable module templates feature, you can easily create and render these modules in a way that’s email newsletter friendly, opposed to simply inserting the web-version of the module.

A fresh set of email newsletter templates

We all know the time it takes to build beautiful email newsletters that look great across the wide-range of email clients out there. That’s why BC has put together a brand new set of cross-client compatible email templates for you to use. 

 

The ability to “exclude” lists or custom reports from final email campaign recipients

Easily exclude a certain list of recipients from your total pool of recipients. For instance, this is especially handy if you’re sending to a large list, but would like to exclude all customers who haven’t made a purchase in the 6 months.

 

New campaign performance report for email clients recipients are using

A brand new report for monitoring which email clients your recipients are opening newsletters with. Keep an eye on this metric, and make sure you optimize your campaign content to look great in the most popular clients.

Updated “sending” status for campaigns so you can easily monitor it’s sending progress

Keep an eye on the sending progress of your campaign as it sends to recipients. 

Refreshed Toolbox (previously Module Manager) for Admin v3

A completely revamped module manager (aka Toolbox) that neatly docks to the right of the WYSIWYG editor. 

 

Easily add Google Apps accounts for domain email

Simply select the new “Use your Google Apps account for email” when adding or editing your domain. Read this article for further details. 

Introducing Akismet for SPAM protection

In the previous months we've noticed an increase in SPAM related (primarily) to blog comments – and we'd like to thank our partners for making it clear to us that this was dramatically impacting most of the sites hosted on BC. Akismet is the de facto SPAM protection solution for blogs – easy to manage and use, smart (it learns quickly which comments are SPAM and which are not) and reliable. BC has extended Akismet for all types of comments on BC (web pages, products, catalogues, web apps, etc). For web forms alone BC are still investigating if Akismet is the right solution, as people tend to feel more secure if CAPTCHA is involved when filling out a form (whether we are talking about a donation form, a payment form or just a contact form).

All site owners or partners will have to manually enable Akismet on their websites. BC hasn't enabled it by default. Click here for more information

Improved tax rounding engine

BC has improved the algorithm that calculates the value of sales taxes. This invoice calculation now respects best practices in the industry, fixing error propagation and including intelligent rounding for 2 decimals. To enable the improved tax rounding engine on existing sites, please follow this guide. The improved tax rounding engine is enabled by default for all new Business Catalyst sites.

User interface consistency for renamed modules

The new admin user interface has been updated to consistently use new names for these modules:

  • Media downloads (former Literature)
  • News (former Announcements)
  • Events (former Bookings)

Offline payment security improvements

The security of the current offline payment workflow has been improved in order to meet international security standards for offline payments:

  • A new, additional “Offline payment password” must be set, and updated every 90 days
  • Pass phrases are now unique to each order. You can no longer use the one pass phrase to access every secure PDF

This will help transactions be more secure and protect business owners from potential attacks. Here's a more detailed view of this feature.

SEO options enabled out-of-the-box

The Site Settings > SEO menu entry in Admin Console has been removed. The available options were:

  • SEO friendly URLs for eCommerce, Announcements, Web Apps – these will be enabled for all sites
  • Enable partial URL matching for SEO friendly URLs – this will remain as is for all sites, and will no longer be possible to enable it for new sites, which will have it turned off
  • Enable sitemap.xml for search engines – this will remain as is for existing sites, and always enabled for new sites

Note that trial sites will not be indexed by search engines. Should you want to disable search engine indexing after upgrade, please use a custom robots.txt file or upload an empty sitemap.xml.

If you'd like to use a custom sitemap.xml file, simply upload it to your site. If this file exists, it will be served instead of the BC-generated sitemap.xml.

Updated user and email accounts user interfaces

To simplify the user and email accounts management workflows and increase Admin interface performance, BC has updated their corresponding user interfaces.

While email and user accounts will continue to share data to facilitate email and admin access for the same email address, the management of emails and user accounts will be separated. In addition, for better security, the user and email accounts will be created using an invitation workflow, which means that the user creating the account will not be able to set a password for the account they are creating.

In addition, by separating the email and user account management, BC are dropping the option of having a user that doesn't have admin and email access. While these accounts will continue to live on the system, they will have no interface to manage them. To manage these, you will need use the old user interface to enable email or admin access for each of these user accounts.

Enhanced code editor for File Manager

The file manager code editor has been enhanced to support syntax highlight and other features. This is just a start to make code editing more productive inside BC, more will come.

 

New plan names

BC wanted plans to have names that are more descriptive of what they actually include, and as such, have been updated as follows:

  • Starter > webBasics+
  • Business > webMarketing
  • Pro 1 > webCommerce
  • Pro 5 > webCommerce 5
  • Pro 10 > webCommerce 10

For more information on any of these features, please refer to the Business Catalyst Blog or contact us.

creating a Google-friendly website

Rob Miles - Friday, May 07, 2010

Today I'd like to share with you some tips for creating a Google-friendly website taken from Google's own Webmaster guidelines. You can access the original article here. I hope you find these useful.

things to do

Give visitors the information they're looking for

Provide high-quality content on your pages, especially your homepage. This is the single most important thing to do. If your pages contain useful information, their content will attract many visitors and entice webmasters to link to your site. In creating a helpful, information-rich site, write pages that clearly and accurately describe your topic. Think about the words users would type to find your pages and include those words on your site.

Make sure that other sites link to yours

Links help our crawlers find your site and can give your site greater visibility in our search results. When returning results for a search, Google uses sophisticated text-matching techniques to display pages that are both important and relevant to each search. Google interprets a link from page A to page B as a vote by page A for page B. Votes cast by pages that are themselves "important" weigh more heavily and help to make other pages "important."

Keep in mind that our algorithms can distinguish natural links from unnatural links. Natural links to your site develop as part of the dynamic nature of the web when other sites find your content valuable and think it would be helpful for their visitors. Unnatural links to your site are placed there specifically to make your site look more popular to search engines. Some of these types of links (such as link schemes and doorway pages) are covered in our webmaster guidelines.

Only natural links are useful for the indexing and ranking of your site.

Make your site easily accessible

Build your site with a logical link structure. Every page should be reachable from at least one static text link.

Use a text browser, such as Lynx, to examine your site. Most spiders see your site much as Lynx would. If features such as JavaScript, cookies, session IDs, frames, DHTML, or Adobe Flash keep you from seeing your entire site in a text browser, then spiders may have trouble crawling it.

things to avoid

Don't fill your page with lists of keywords, attempt to "cloak" pages, or put up "crawler only" pages. If your site contains pages, links, or text that you don't intend visitors to see, Google considers those links and pages deceptive and may ignore your site.

Don't feel obligated to purchase a search engine optimization service. Some companies claim to "guarantee" high ranking for your site in Google's search results. While legitimate consulting firms can improve your site's flow and content, others employ deceptive tactics in an attempt to fool search engines. Be careful; if your domain is affiliated with one of these deceptive services, it could be banned from our index.

Don't use images to display important names, content, or links. Our crawler doesn't recognize text contained in graphics. Use ALT attributes if the main content and keywords on your page can't be formatted in regular HTML.

Don't create multiple copies of a page under different URLs. Many sites offer text-only or printer-friendly versions of pages that contain the same content as the corresponding graphic-rich pages. To ensure that your preferred page is included in our search results, you'll need to block duplicates from our spiders using a robots.txt file. For information about using a robots.txt file, please visit our information on blocking Googlebot.