So you have decided to use WordPress for your website. Good decision. It is a great Content Management System (CMS) that scales really well. Now you have to get it installed on your web server. You have two options for this: Continue reading “How To Install WordPress Correctly”
User Experience or UX is a term tossed around in the web development world. In this post, I will explain what I feel that User Experience is and what it is not.
What User Experience Is Not
User Experience is not the design. You can have a great design and a lousy user experience. Conversely, you can have a very simple design and a great user experience. This is because the user experience is not the design. Now, the design is part of it, but the design is only one aspect of it. Unfortunately, I see way too many websites where it is very obvious that the developers where very concerned about how it looked (the design) but not much else because it is really pretty but it was really hard to find what I wanted.
What User Experience Is
If you want a good example of a great user experience look at the Disney Parks. There are many entertainment options that cost way less, so why to people still pay big bucks and flock from all over the world to go to Disney? Because they provide a great experience from the moment you arrive to the moment you leave.
I define user experience as the ability of the user to interact with the product in an easy and enjoyable way. The following items are key to a good user experience:
- Relevant Content. If the content is relevant users will love the experience. If it is really out of date your site won’t do so well. I’ve seen business that have blogs where the latest post is from 2 years ago. That makes for a bad experience. Conversely, Amazon.com is a great user experience. Their products are easy to find, its easy to check out and you get the item really quickly (and you can see the order stats at any time).
- Clear Navigation. If it is really hard for users to find what they are looking for they leave and go elsewhere. It is that simple. My rule of thumb is this: if it takes more than 3 clicks from the homepage to find the page they are looking for, then it is not a good user experience. Move those items into a menu item accessible from the home page.
- Mobile Friendly. Way too many sites aren’t mobile at all. If you want to stand out make yours mobile. I have found that only about 20% of website I view are mobile. Also, on the mobile site don’t try to load everything you would on the desktop site. You wouldn’t try to fit all the furniture from a 5 bedroom house into a 2 bedroom condo, so don’t try to load everything from a desktop site on a mobile site.
- Security. People want to feel safe. If they go to your site and it is not secured correctly, they will leave (especially if they are buying). It is really easy to run a secure site using SSL Certificates and running over https. Read this post to learn more. Make sure your site is secure and it will help people feel safe and comfortable on you site.
So put yourself in the user’s shoes. If you went to your own website, would it be a good experience or would you leave? If you would leave, then go change it so people don’t want to leave. If you wouldn’t leave, keep doing what you are doing…your are the right track.
The bad news is that your organization’s website is at risk, because they all are. There are plenty of people out there with devious intentions whose aim is to embarrass you and steal you and your users information. I have seen many variations of this in my time as a developer, some of them due to my lack of experience at the time. In this article I will give you an overview of the most common ways you can protect yourself from threats. I will expand on all of these topics in later posts but I wanted to start with an overview. So lets begin.
Threat #1: Passwords
You have passwords for your website (if you are using a CMS like WordPress), email accounts, computers, FTP, social media accounts and more. The easiest way to protect yourself is to have strong passwords. An example of a weak password is something like: password123. Now I have not personally seen a password this week, but in my time I have seen passwords almost as week. What you are aiming for is a strong combination of Uppercase, lowercase, digits and special characters. The longer the better. As an example our week password from above, password123 could be made much more secure if it were pa$sWord123. However, I still wouldn’t use that. It’s still too obvious.
Threat #2: Insecure Sites
The second threat is an insecure site, specifically yours. What you need to do is to never enter any sensitive date into a website that is not running on HTTPS with a valid security certificate. And by sensitive date I mean passwords, credit card numbers, driver license number, social security number or anything you don’t want to be made public. Your should be running your site over HTTPS vs HTTP because HTTPS encrypts the data between the client (your device) and the server, which makes it much more difficult to steal. Fortunety, running over HTTPS is not hard too do and I’ll show you how in a later post.
Threat #3: External Threat
The external threat are those individuals with malicious intent, that intend to cause harm on your website and to your organization. There are too many varieties of this to mention but the best things I recommend are related to your website setup. The first is to purchase and run anti-malware software on your web host. This is essentially the hosting equivalent of anti-virus software for your computer. The second is to run security plugins on your website that are finely tuned to detect threats such a brute force attack.
Threat #4: Internal Threat
The internal threat are those individuals in your organization that can harm your site but do so unintentionally and not out of malicious intent. Typically these people accidentally break something they should not have been given access to in the first place. This is an easy one to prevent. Your administrator should limit user permissions so that users can edit what is necessary for them to perform their role and nothing more. For example, if someone in your organization is only responsibility is for posting articles they should not have the ability to add and remove plugins, update themes, etc.