Category Archives:
Tutorial & Guides

Wordpress is great blog and cms software. Since it's used by over 20% website platforms, it's necessary to make it more efficient for better speed. One day, your find you have made a big wordpress site and you have to wait long time to get it loaded, it's time to optimize for better performance. Based editorial experience, we have composed the following 6 tips on how to optimize your wordpress site speed.

Tips 1. Get a right wordpress hosting service
Hosting is the most important and should be your primary consideration for any kind website. WordPress can be the core platform for any kind website development such as personal blog, enterprise website, content management system website etc. You will need different hosting plans for different website purpose. If you just use wordpress for hobbies that's viewed by very few people, a budget hosting service will work perfectly because no much server resource will be ultilized there. However, if you're going to promote your wordpress site to a business platform, a regular shared plan will not work. Instead, you will need either vps or dedicated server or a special optimized service for wordpress like wpengine. We highly suggest check out the top 5 wordpress hosting providers for success choice.

Tips 2. Use WordPress Cache plugin
Wordpress cache plugin is great feature that should be used by all sites. We highly recommend to install W3 Total Cache which is simple and powerful to all sites. Your wordpress site speed will be greatly improved after installed this plugin because all your static contents will be cached so they don't have to reload every time when visited.

Tips 3. Use CDN Service
CDN is used by most big websites. Especially for those world wide popular sites, CDN is a MUST for quality loading speed from different locations. The concept of CDN is to deliver your site content to different networks, when users send out http requests to your website, it will be downloaded from the most nearby network nodes. In this way, fast loading from different locations is possible. High performance CDN services are not cheap but worthy of the money if you plan to deliver services to different areas on the planet. You can also use some free cdn service like cloudflare or simply install this Free-CDN wordpress plugin.

Tips 4. Optimize wordpress database
When you write/update your articles, wordpress will leave lots of duplicated contents in database. Also, if you have used some spam control plugins like akismet, it will create a big table in database. Such useless data will result in big size database and slow down its performance. We highly suggest install WP-Optimize to clear out such data and optimize your tables every few periods.

Tips 5. Optimize your pictures
Pictures always take long time to load, you can either compress it before uploading to website or use WP-Smushit plugin for live compression on website. It's highly recommended plugin if your wordpress site is photo gallery based. It will greatly reduce the picture size for better loading speed.

You might also need to avoid hot linking if you have great pictures on website. When more and more people link to your pictures, your server resource usage will be high and your site performance will be downgraded a lot. There's great wordpress plugin called hotlink protection. It's highly suggested solution if you have lots of great value pictures and would like to improve performance as much as possible.

Tips 6. Add delay loading function
It's extremely helpful solution if you have long page on website. Delay loading will only load the first screen content, when you scroll down page, rest contents will be loaded. Such function will not only help with fast loading, it will also save bandwidth. We can easily add this function by jQuery Image Lazy Load wordpress plugin.

If you're operating a wordpress site, you can follow above tips and receive better loads. All above writing is generated from editorial experience so you can use directly with worry free. Of course, you might have other solutions based your website requirements, just feel free to share your experience.

For most windows hosting service, we're required to configure SMTP authentication for script email or form email. The concept is to disable using localhost for smtp server and force to use real email server to handle the service. Why they do that? How can we configure smtp authentication on website and how we will benefit from this requirement? This article will explain such from indepth reviews and guide on how to configure smtp authentication for popular web applications.

How does SMTP authentication work?

SMTP authentication is occurred before we sending out email message. When we compose an email we need the exact email address & password and authenticate to it. Once we send out an email, ISP will check where the email is sending to and relay the message to receipient mail server, this process is called email relay or SMTP relay. SMTP authentication checks if you're authorized to send emails using that account on server end.

Why SMTP authentication?

From above explanation, we know a valid email account and password is required in order to send out email. However, things are little different on web server. Most servers have smtp enabled by default using localhost. Unlike regular email service, localhost smtp doesn't require smtp authentication at all. The original purpose is to simplify web form programming where you can send emails easily via script. But this leaves a problem, senders can abuse the service easily. For example they can use it for bulk mail purpose or spam! The direct effect is hosting server will be overloaded so any existing service will be slowed down. What worse is the entire server might be blacklisted by major ISPs and all other customers on the server will not be able to send mails any more.

SMTP authentication will solve the problem perfectly. Via smtp authentication, you must specify the correct SMTP credentials in coding. In this way all your emails will be sent out via actual email servers where you have to follow various rules such as daily limits, spam filters etc. In a word, smtp authentication protected both web and mail servers and all clients will benefit from it. That's why localhost smtp is not allowed any more by more and more hosting providers. Alternatively, they will guide you to use smtp authentication.

How to configure SMTP authentication?

SMTP authentication requires smtp server credentials to be specified in script, this includes smtp server address, full email address and login password. If you are not sure how its used, we highly suggest using phpmailer – a pre-configured email script with smtp authentication enabled. Downloads and sample codes can be founded on this phpmailer page.

However, since cms softwares are used more and more these days, we don't have to program such service by ourselves. Below is a list of SMTP solutions for popular cms applications including wordpress, joomla

SMTP authentication for WordPress
Wordpress uses localhost for smtp server by default. You have to install a plugin for smtp authentication. We highly recommend using Cimy Swift SMTP which is simple and compatible with other email services like Gmail. Just fill out the required smtp details then click "save changes" to enable. Now your wordpress site will send emails through your specified email account.

SMTP authentication for Joomla
SMTP authentication for Joomal is pretty easy. The system has both options provided, you can choose to use smtp or default email functions. To configure SMTP authentication for your joomla site, login to admin panel -> Global configuration -> Mail settings, select "SMTP" from drop down selections and click yes value for "smtp authentication" -> fill out your smtp server details then click save to reflect the changes.

SMTP authentication for Drupal
Similar to wordpress, you need to install extra drupal module for smtp functions. You can download drupal smtp module on this drupal download page.

You need to extract the package and upload to modules directory then go to your drupal admin -> site building -> modules to enable it. Once the module is enabled, navigate to site configuration -> SMTP Authentication Support section then fill out your smtp server details. You need to enter the same email address as "From address" for "Site Information" under "Site Configuration" tab or else your smtp setting will not work.

IIS web server provides a great feature called "ScriptMap". A script map is to map a specific extension to an executable engine on Web server. You can easily handle lots of server end settings by this technology. Moreover, it's great solution for website protection. You might have added all available solutions to protect your site from hacking, but scriptmap will give another guard layer. This article will guide us to learn about script map side by side and tips on how to use it properly.

ScriptMap working principle is, add a specific file extension for example ".asp" to point to an existing scripting library like asp.net, php or other libraries. In this way you can use any available executable engine to process your files. Most extensions are configured by default during IIS installation. More details and guidance on how to add scripmap handler can be found on this microsoft kb.

Top Features of Script Map

Manage Asp.net Version
Asp.net installation will auto add its current dll mappings to IIS handler. Before IIS7.0, when you want to switch .net framework you have to login IIS manager then click the asp.net tab on website properties. Normally it will frize iis manager few seconds or minutes depends how busy your server is. It will either slow down the server or simply stop entire server IIS process. You have to give iis restart commands after the change. It's absolutely not acceptable for production server. Here hosting providers can make use of scriptmap advantages. What they need to do is only to map your site to the specific .net library. It's fast and professional.

Manage PHP Version
Most IIS servers got multiple versions PHP installed. PHP is configured the same way like asp.net and its managed directly from scriptmap handler. In order to use the desired PHP version, you just need to add a new php mapping to installation directory then everything is done.

Make Unknow file Extensions readable
Sometimes your web developer might produce some kind file extensions that're not readable by web server. If you know what engines it requires to make it working, then just go ahead and add the extensions to scritmap handlers.

Website Security Protection
The greatest feature of script map is its security protection. Script Map protects your web application in two ways, file extension and downloadable data protection. File extension protect means to change your file extension to something not commonly used. For example if your site is asp programmed, the file extension is always *.asp. Hackers will easily find any potential security hole then hack into your applications. But if you change the .asp to others for example .cpp and map it to asp engine, hackers will not hack it easily because they will have to research a lot for what scripting you used.

Sometimes you keep sensitive datas in access database or excel files that can be downloaded directly once user got the exact location on your site. It's absolutely a big security hole. However you can use script map to avoid such issues. After mapped the file extension to other script engines, it will not give out download option on user end and your data is protected in safe place. Same tricks can be also applied to your other website properties, what you need to do is to map the file extensions to a non executable engine.

How to add script map on user end?

Script Map is only available for IIS users. Means you must be hosted on windows hosting server. Many providers give out the function directly from hosting control panel where you can add the specified extensions directly. The following screenshot shows how its offered.

However, after IIS7.0, there's revolutional improvements where we can manage settings from IIS manager directly. You must ensure remote iis manager is supported for your hosting service. Once you have connected to your website on iis manager you got all available options to work with. You will see how services being configured on hosting server for custom changes. In this way you don't have to contact hosting support for such small assistance.

Hosted email service has an important feature called "catchall". It's provided by almost every email solution. Once you have enabled this feature to your email account, it will route all incoming mails to the specific address in case it's sending to some non-existing addresses. It's extremely helpful for those big business groups who heavily rely on email communication. But how will it help with personal webmaster? What would be the pros and cons to have catchall email enabled?

Pros of catchall email

Never loose a single email

Catchall is absolutely one of the smartest design of email. With a single address you can receive all incoming mails that's sent to non-existing addresses. You won't loose a single email if someone mistyped your contact mail address thus your potential business will be saved. Catchall is simple your email guard to ensure all your messages can be received.

Easy management

You might have to create multiple email addresses for different departments and people. However, maybe one person is in charge of multiple positions but you do have the need to show different contact email addresses for professionality. For this case, you just need to enable catchall for your main email account then provide any address on your website or business card, all incoming messages will be routed to your main address. In this way you don't have to login to different accounts to check new messages. You can manage all from the central account.

Less Costs

Most business email services are provided by the number of accounts. For example you might pay $10 per 5 addresses and some day you need one more account for different purpose. You have two options, purcasing new service from provider or simply enable catch all to one of your address. With catchall you pay nothing to service provider, it's absolutely good solution to reduce cost.

Cons of catchall email

Heavy spam is expected

The primary consideration for catchall address is spam. Since it will route all messages no matter if the receipient address exists or not, it's normall to see high traffic on this catchall address. If most emails are tagged as spam, you will have to find out the healthy messages in hard time. Unless you have good spam control system, catchall is not suggested for use. You must configure proper spam and content filters in order to make sure your catchall address will be working in right way.

Large storage is required

Because of the high traffic for catchall account, your inbox might be full in short time and you always have to clear out some old messages. It's not good solution if you want to keep all messages in same place. Unless you have lots of email storage and you can allocate by your own, catchall feature is not recommended to turn on. If you are on business trip for some time and forget to check emails, once the inbox is full, no incoming mails will be received. That means you have to check your chatchall address regularly to make sure your box storage is not flooded.

How to enable Catchall Email?

Different email programs may have different configuration guidance. Most email softwares provide this function from admin email accounts like smartermail. You just enable/disable the feature directly from user center. Since most users are cpanel based, here're the steps to enable email catchall from cpanel center.

• Step1. Loggin to cpanel control panel and scroll to "Email" section then click on the Default Address icon.
• Step2. From the drop-down menu select the (sub)domain for which you would like to set up a default address.
• Step3. Here you have several options, please select option 2 "Forward to email address" and enter the address you would to receive catchall mails.
• Step4. Click "Change" to apply the changes you have made.

Based all above explanation, please use catchall feature carefully and make sure to check the inbox often. Because you will receive lots of wanted/unwanted mails and they will eat up the storage quickly.

When there's some sensitive data needs to be protected through your website, SSL would be the most affordable choice beside any other security configuration. SSL will encrypt your data before sending out to internet, so even the transer is hajacked by somebody, they will only get unreadable characters. Your data is still kept in safe place. Most web hosting providers offer SSL registration and almost every hosting company provides free shared ssl for your hosting account. Should you purchas your own dedicated SSL certificate or make use of the free shared one?

About dedicated SSL certificate

A dedicated ssl is registered through a specific domain which you're going to install it on and you can only use it under the exact domain URL. There're two types dedicated certificates – single domain and wildcard domain certificate. The single domain ssl only works on the specific URL you entered when sending out the signing request. For example you have entered www.domain.com or domain.com(without www) then your ssl can only be installed on the specific address. Basically if you installed SSL on www.domain.com then you can view the secured url via https://www.domain.com but not https://domain.com, the vice versa. If you would like to use https on both urls you need to purchase wildcard version. Actually, once your have wildcard ssl installed you can use https for any sub domain site like https://*.domain.com.

The process to order SSL certificate

• Generate CSR(certificate signing request) from your hosting provider. Here you need to enter the domain name you need for ssl, your company name & GEO location and contact email address.
• Send CSR to your SSL provider. they will verify your provided information and sometimes they will call you directly to verify your domain ownership. Once they confirmed your request, they will assign the SSL certificate and send it to your contact email. Some leading ssl providers like versign and rapidssl will handle your order pretty fast.
• Contact hosting provider for installation. They will install the certificate based the previous CSR and your provided ssl information. Please note, a dedicated IP address is needed for ssl installation so if your hosting package doesn't offer free dedicated ip service, you will have to purchase it separately.

If you're cpanel based, the above process can be simplified and can be fully handled by yourself by following this cpanel guide.

About Shared SSL

Shared SSL is just a relative term. It's actually working the same as dedicated certificate. Shared SSL is installed on server names which is well known as "temp URL". Because a shared server might host tens or hundreds of hosting accounts, all of them can ultilize the same temp URL via secured https address, that's how we call it shared ssl. Technically speaking, a shared ssl is actually wildcard ssl certificate that's used by lots of clients. Shared ssl is always provided for free to existing clients because it doesn't require any additional configuration.

Shared SSL vs Dedicated certificate

You might run into this question easily when you got the need to secure your store. Which one should you use? They're both good choice depends your different requirements, but there's some slight difference between the two. Let's go ahead and read below.

Price consideration. Shared ssl is 100% free to use while you have to pay tens or hundreds dollars for a dedicated ssl certificate. You need to evaluate carefully about which one to integrate with. Unless you are running a large store that come with big amount transactions, shared ssl is good enough for security protection purpose.

Level of Security. There're multiple versions ssl certificates from providers. 128bit is cheap but some part outdated. 256bit is good but more expensive. However, most shared ssl doesn't have such issues because it's always configured with the highest version in wildcard format.

Ease of use. If you have used single domain certificate, you might have to deal with both www address and no www address in programming. You need to do local testing before put it alive. But such issue doesn't exist on shared ssl because there's just a unique address provided.

Branding. Dedicated certificate would be good choice if you're promoting your brand. Since shared ssl is configured on hosting server domain instead of yours, it might bring negative effect to your site authority. Dedicated certificate is 100% assigned to your own domain so above issue doesn't exist. When your site is gaining more popularity, it's crucial to get your own certificate instead using the shared one.

Conclusion

If you're promoting a small shopping cart site with less online transaction, shared ssl is good enough for security protection and easy integration. But if you're promoting your site to a big online platform, a wildcard dedicated ssl is your best choice for any side consideration.

A good web hosting service might be easy to pick up by following our user guidance. But what if you have very limited online payment choice? For example sometimes you can only pay via check, credit card or bank transfer etc because that's the only choice from hosting website. You might have to search for another service provider untill they meet your technical and payment requirements. In this article we'll discuss the importance of paypal support for web hosting service and compare the leading payment solutions.

All leading web hosting providers are trying to simplify the order process and enable fast paying to save customers as more as possible. A complicated order process with less payment choice will simply drive your customer away. The most popular payment options from hosting providers include credit card, bank transfer, check, google checkout and paypal etc. Among all those solutions, paypal would be the most popular choice from user end for its great advantages over all other methods. Below is a compiled list of paypal advantages over credit card, check, bank transfer and other choice.

Easy and fast
It's easy to use paypal to accept payment online. No matter if you're business group or personal retailer, you have full access to its merchant service to configure the gateway. It's pretty fast to accept payment online via paypal. You don't have to play with lots of coding stuff for a full functional payment system. Just few clicks away to send your payment. It's crucial point to save your customer on website.

Widely used
Paypal is supported in most countries and districts in the world. You can create payapl account 100% for free to add or send funds. Paypal has lots of local support in different areas so you can always get local language support in case English is not officially used in your district. Paypal also has the longest history in auto payment solution which is recognized for reliable and secure.

Buyer protection
No matter if you have purchased the right service/products. Once there's problem in using it, you can chargeback directly and funds will be sent back to your account once paypal verified your request. The process is pretty straight so you don't have to worry about your money security. In case you run into problem with your hosting provider some day and no better solution but to cancel account, paypal is the best tunnel to get your money back. You don't have to check with your bank account service like credit card or check, all transaction on paypal is almost instant.

Easy integration
Paypal is probably the most easy gateway service to support an online store. You can use paypal gateway to support various payment methods including credit card(visa, master card, express etc). However, if you need to integrate credit card payment system separately, you have to deal with lots of technical stuff and most probably you will need a developer to make sure everything is properly setup. On the other side, you just need to fill out a form and copy over the codes to your website then it will be functional as expected.

Paypal supported Web Hosting

Paypal is supported by all leading hosting companies to meet up different user requirements. Some popular hosting like www.arvixe.com and webhostinghub etc are 100% paypal friendly. However, some hosting providers refuse to support paypal because they want to avoid the transaction fee. Just take a quick view on popular web hosting forums you will know that many providers do not have this option no matter how good their service is from advertising.

Our suggestion is, avoid such hosting service and protect yourself from unauthorized charges. Many hosting services have auto renew configured and most of them are default choice if you don't configure it manually. That means when your account due, their system will auto charge based your existing payment details. There's no problem at all if you're going to use the hosting for the next one or two years. But what if you don't want to use it anymore? You might have to waste lots of time to request money back. If you used paypal to pay the service, they can not auto charge at all because you have to approve it before the fund is sent out.

Conclusion

Paypal should be your primary consideration if you have the choice. It will protect your funds as much as possible and simplify your experience in using hosting service. In case you have to deal with money back issue, it will save your time too. You don't have to go out office or call your banks to verify anything, all you need to do is logging into your paypal account and keep your sight on it.