Is WordPress Secure Enough for Microsoft? An Interview with Brad Williams.

Cybersecurity is a hot topic right now — it’s in the news almost daily. And as WordPress becomes more popular, site owners are looking for ways to make it more secure to prevent devastating hacking attacks. We recently had the opportunity to interview Brad Williams, the co-founder of WebDevStudios, a WordPress development company that’s thirty employees strong. He’s also a podcaster and co-author of Professional WordPress and Professional WordPress Plugin Development. He shares his advice on how to protect your site from cyber criminals.

A Little Bit About Brad

Brad set up his first website when he was a sophomore in high school (when AOL came free on a floppy disk). From then on, his interest in computers and the Internet skyrocketed. “Being able to connect with people all over the world was fascinating. Back then it was the Wild West,” Brad says.

After high school, Brad joined the Marines to explore computer programming. He eventually taught himself ASP and .NET, which launched his career in web programming. At his first job out of the Marines, he learned business and how companies can use the web both for marketing and to improve operations.

Brad became focused on open-source platforms when he launched his own web development company. Over time, he realized the potential that WordPress had and his company began developing exclusively on WordPress. “WordPress has always had a big focus on user experience and the user interface. Clients can easily figure out how to use it. They’re comfortable with it and they like it.”

Is WordPress Secure?

Even with the popularity of WordPress, it has its share of doubters. There are a lot of myths going around about WordPress, especially in the area of security. Brad walked us through why these myths just aren’t true.

Companies like Microsoft, Uber, Viacom, and Disney are all using WordPress. But, as Brad shares, “You need to be concerned about security no matter what platform you use. You should implement security audits and stay focused on protecting yourself.”

Unique, Complex Passwords Protect Against Hacking

A lot of the vulnerabilities are due to weaknesses in user authentication. If hackers can figure out your email and password, they can hack your site — no matter what platform you use. You need to choose a complex password that’s not easy to guess and not the same as the password you use on other sites. You can install a plugin that forces users to create strong passwords to ensure passwords are adequate.

SSL Certificates Prevent Interception

If you’re not using SSL, your information can be intercepted by a hacker. Brad cautions, “You need to be extremely careful if you’re on a public wif-fi network and you’re not using HTTPS.” A good rule of thumb is never to log in to any site on public wi-fi unless it has an SSL certificate.

Two-Factor Authentication Adds Extra Protection

It’s also a smart idea to use two-factor authentication. This method requires two forms of identification, such as logging in with your username and password and then entering a pin number. You can enable two-factor authentication on just about any platform you’re using — from banking to your hosting account.

Keep Software, Plugins, and Themes Updated

Bots scour the Internet looking for sites to compromise. Will explains, “A bot will check every site to find vulnerabilities. It will try myriad username and password combinations, trying to hit on one that works. And if you don’t keep your site’s software, plugins, and themes updated, bots can find holes to enter.”

Protect Your Server

Your server has to be protected, and not every hosting company is created equal. Brad says, “If you don’t know what you’re doing, if you’re not a SysAdmin, go with a managed host. I like managed WordPress hosts like WP Engine and Pagely, because they’re focused exclusively on WordPress and they’re really good at what they do.” Brad suggests asking the hosting company you’re considering about their approach to security and what they’re doing to protect clients’ websites.

Backups are Essential

Whether or not your site is hacked, you’ll want to have a backup in case of a data loss. Brad says, “Backups are the most important things in life! There are two approaches to backups: you can backup everything on your site, or you can just backup your database. I like to do a full backup once a week and a database backup once a day.”

Brad uses a tool called Backup Buddy that creates both types of backups on a schedule. He recommends backing up your data to two locations, to ensure you will have what you need. You should also encrypt your backups. VaultPress is good service that backs up your database in real time.

Be Careful With Plugins

There are over 50,000 plugins on And there are just as many outside of Plugins add code to your site, and if the code isn’t secure, it opens you up to attacks. Some plugins are highly secure, and some have serious vulnerabilities.

Brad advises, “My recommendation is to only use a plugin if you really need it. Check the reviews and ratings to see what people are saying about it. Is it actively being developed? Is the developer responsive to support request? How many active installs does it have?” A good goal is to use less than ten plugins.

What to Ask When Hiring a Development Team

When you’re looking at hiring a team, ask, “What kind of security recommendations do you have for us?” See what they’re doing with their sites and how much they know about security. If the developer doesn’t bring up security, you should.

Brad left us with a final thought: “Never get complacent. Whether it’s your WordPress site or your phone, always be thinking about security. Protect yourself.”

You can learn more about WordPress security issues by going to and searching “security.”

Hear all that Brad shared in the conversation.

by Jeff Carver on January 22, 2018.

Get Signal Over Noise Using SEO: A Conversations with Tim Lowry

Nearly everyone knows the value of high search result rankings. If your website can be found easily by qualified prospects online, you’ll enjoy a steady stream of customers. We recently enjoyed a conversation with Tim Lowry, the founder and head of SEO at TipTop Search + Marketing. Tim has worked with small businesses and Fortune 500s. He learned the ropes of digital at a book publishing company, where he was responsible for getting book titles seen on Google, Amazon, and other online platforms.

Tim eventually launched his own search marketing firm. Today, he helps companies and brands get found on various platforms online.

Successful SEO Depends on Your Content Management System

Not all content management systems are created equal when it comes to SEO. Some are extremely limiting, restricting access to certain areas of the site. Tim shares, “The biggest mistake I made starting out was not properly vetting the content management systems that new clients were using before starting on their projects. I’d realize once I got into the website that a CMS wouldn’t let me do what I needed to do to get results. We then had to hire a developer to go into the code.” Before launching an SEO project, do your research to know what your CMS allows and budget in any programming help you’ll need.

Signal vs. Noise: How to Get Found

There’s a lot of noise out there — a lot of content. The job of a search engine is to sort through the noise to create the “signal” that searchers are trying to find. Tim shares a startling statistic: “Just north of 50% of search engine results never receive a click.” Companies need to provide real value in order to attract people’s interest get the search engines to reward them with better search rankings. Search engines look at engagement levels — the more engaged people are with your content, the better search engines will rank you.

It’s Not About Keywords Anymore

Google has around 200 ranking signals that they look for. One of the major ranking signals is the nature of the content — how helpful is it? Tim offers an illustration: “For example, someone who types in, ‘How do I fix a dent in my car?’ isn’t necessarily looking for a body repair shop yet — they’re evaluating first if they can do it themselves. If a particular body shop provides a comprehensive step-by-step guide for people who are looking for this information, then chances are that this body shop will earn that person’s business when he or she later searches a more buying-related query.”

Other important signals include the focus of the content (where keywords become helpful), social sharing, and high-quality backlinks.

Tools to Measure Success in Google Search Results

There’s a suite of tools that you’ll need to use so you’re not just throwing darts blindly, hoping some will hit their mark. And these tools are supplied by Google. Tim says, “Google wants you to be successful, so they help you learn how to provide more value to your audience.”

The main tool you need is Google Analytics. If you don’t have Google Analytics, then you’re not going to know how your traffic is getting to your site. Google Search Console will give you front-end information — the search phrases that are bringing traffic into your site. Google Adwords will tell you the monthly search volume of different queries. Beyond these, there are additional technical tools that will help you go deeper and fine tune for greater success.

Broad Search Terms vs. Long Tail Terms

There are two ways of thinking about search terms. Going after high-value, broad search terms is challenging and will take time. Going after long-tail search terms that aren’t as popular but still have a good number of monthly searches will allow you to get some quick wins while you’re working on the broad search terms. Long-tail search terms can actually bring better traffic to your site because they’re more specific, and the user’s intent is more obvious.

Tim’s Thoughts on Split Testing Headlines Via Google Ads

Many people test different versions of headlines by running different versions of Google ads. Tim doesn’t recommend this approach, because you’re not going to necessarily get an accurate metric of performance for other situations (like organic search results or on a landing page or on other ad networks).

There are better ways you can A/B test headlines. Tim suggests using two landing pages that are optimized the same way but have different headlines (or whatever factor you’re testing). Keep in mind that you need to target a slightly different variation of the keyword for each of the landing pages so they’re not competing in Google. There are software programs you can use that will manage the testing process for you.

Don’t Forget the Nurturing Funnel

Not everyone will be ready to buy when they find you. At the top of the funnel are people who are interested in buying, but they’ve just started doing research. You need to capture these people and get them into a drip email campaign with additional valuable information so that you’re top-of-mind when they’re ready to buy. If people are halfway down the funnel already, you need to share case studies or what sets your company apart. You also need something for people who are now ready to buy, such as promotional offers.

Tim left us with the following advice: “You need to be working on getting organic rankings all the time. Once your organic rankings are bringing in sufficient traffic, you can drop back on your paid ads.” Organic is something that you should be focusing on continually, because the rankings fluctuate.

Hear all that Tim shared in the conversation.

by Jeff Carver on January 15, 2018.

Tools: Project Management

Sophisticated projects demand a sophisticated management approach. Keeping commitments and delivering projects on time requires team transparency and concrete deadlines. Unfortunately, meeting deadlines within a group is not always easy. It requires a tracking process that allows goals to be broken down into tasks. And transparency calls for open, visible conversations.

This is why we use Basecamp as our project management software. Basecamp makes it easy to create and assign tasks, discuss ideas, keep up with milestones and measure the progress of a project.

Robojuice relies on Basecamp to keep every team conversation, task and deadline in one place. This visible documentation protects against communication breakdowns, and no one is left asking what happened or when a task is due.

As we constantly advance our processes, Basecamp has become a powerful tool for delivering a refined experience.

by Kevin Dees on March 21, 2016.

Tools: File Sharing

File sharing—we do it all the time, which is why it should be easy. Whether it’s Wireframes, designs, contracts, code or process documents, locating fundamental information should be straight forward.

That’s why Robojuice utilizes a program called Dropbox. Dropbox takes cloud file sharing and makes it as simple as adding folders on your desktop. Because Dropbox stores files in the cloud, our clients can access their files from any device, any time, anywhere.

Code is another matter. For programing, we use GitHub to share and collaborate with clients and developers. GitHub has the ability to version, secure and keep everyone up-to-date on the project programing process.

Achieving organization through programs like Dropbox and GitHub is not only crucial to on-time delivery, but it also provides peace of mind for Robojuice and a refined experience for our clients. We know it’s important to take time for the simple things, like how we share files.

by Kevin Dees on March 14, 2016.

The Refined Tools

The right tools for the job definitely applies in the digital world. Using technology tools to maximize impact, efficiency and influence allows for a more refined experience. Here are just a few areas to explore.

Project Management

Emails, text messages, calls, text documents and other communication items become confusing and frustrating for clients and therefore do not create a refined experience. Using a proven project management software to have all conversation, schedule, tasks and discussions in one place and transparent to the contributors makes lives easier all around. And, having access to that tool on multiple devices really helps.

File Sharing

Having files available in an organized manner aids the overall experience. Not having to request files when they are missing or misplaced, not sending them over email or flash drive or CD or other file transfer methods again allows the overall experience to be smoother. And, keeping the access to those files from your multiple devices makes us all happy.

Content Management Systems

These systems are important for managing our digital assets. Make sure the proper system is selected for the right project is a major step. Know the details of who will be managing the system, who has access to update and edit the system, necessary features and functionality, the community and the lifespan of that system are some of the many points to consider before selecting a content management system tool.

Take the time to find the right tools. Tools make a difference and the right tools produce a more refined experience.

by Jeff Carver on July 7, 2015.