fbpx

Blog

Best Practices

Upgrade PHP on Amazon Lightsail

PHP is a programming language that stands for PHP Hypertext Preprocessor. I know, I know. How can an acronym stand for itself? It just does. PHP is the backbone of WordPress sites.

There are many reasons to keep the PHP version of your website up to date.

  1. First and foremost is cybersecurity. Each new version of PHP has patches for previously discovered vulnerabilities. Keeping your site on the latest revision means you get all of the security patches.
  2. New versions of PHP also tend to boast better performance. That means your website will load faster and be better for users.
  3. There are also new features that come with PHP or may be relied on by new features of WordPress. Keeping everything current ensures you can take advantage of these when they are released.

Unfortunately, unlike some other hosts, there is no single button you can click to upgrade PHP versions on Amazon Lightsail. I upgrade all of my servers annually. There is not often a major release of PHP and even when one comes out, it is not immediately available in Lightsail. Checking and performing the upgrade once per year is about the right cadence for me.

To do so you must:

  1. Log in to the current site and perform a backup using Updrafts Plus plugin
  2. Spin up a new instance of a WordPress Binami server
  3. Log in using the default user password and install and connect Updrafts Plus backups
  4. Restore the latest backup
  5. Move the static IP associated with the live site to the new server
  6. Perform a bncert-tool upgrade and generate a new certificate

It’s not quite as convenient as a single button press, but there are other upgrades that come with the latest and greatest server configurations for WordPress utilizing Bitnami in Amazon Lightsail. So it is a good annual maintenance activity to keep your sites fast, secure, and user friendly.

Analytics

Switch to Google Analytics GA4 before July 2023

In this blog, I will try to explain what is happening with Google Analytics in layman’s terms. A lot has been going on for the past few years, but most websites could safely ignore it … until now.

There is an “old way” of capturing data on a website called Universal Analytics, or UA. UA properties were based on the way the internet first came to be. It was mostly a desktop – not mobile – way of browsing. It relied on cookies and IP addresses and a lot of things that have since fallen out of favor for various reasons, mostly privacy concerns. As the internet matured and changed, Google found new and improved ways of tracking users all while respecting privacy laws and best practices.

In October of 2020, they announced a “new way” of implementing analytics called GA4. In reality, UA and its first predecessor were GAs 1-3. This fourth way is the biggest leap or departure from the old. As such, it required a whole new analytics property to be set up and embedded in your website. Some jumped at the chance and ran both analytics simultaneously. Others have dragged their feet on making the migration. If it ain’t broke ….

Then Google announced that in July of 2023, the UA “old way” would stop working. It will no longer collect any data, and if you haven’t implemented GA4, you will have no analytics on your website. Suddenly, a lot of people sat up and paid attention to what was happening.

Implementing GA4 is easy. Implementing GA4 to its fullest potential is difficult. That’s why I’ve partnered with Daylight Strategy to map out the best possible tracking for events and conversions for all of my clients. If you need a boost on getting your website updated, they are a great technology partner specializing in this space.

Best Practices

ChatGPT: The end of blogging as we know it

ChatGPT has been in the news a lot lately. Everyone is at least vaguely aware that it’s some sort of artificially intelligent chat bot. But I didn’t fully grasp the ramifications until I took the time to play with the tool myself. You can check it out too at https://openai.com/blog/chatgpt/.

You will need to create a user account, but that is free. And then you can see some examples of prompts that it can respond to. Have a conversation and marvel at the fluidity. Ask it questions and get answers back promptly and completely.

The major criticism (and rightfully so) is that it is so fast and authoritative on subjects that people tend to believe it – even when it’s wrong. It’s also using information scrapped from the internet to build its knowledge. There was a time that Google Translate was a free online tool that could be used to translate websites in real time. Until they realized that most of the translated content out there was translated by them, and a feedback loop occurred resulting in poorer quality. They eventually put a very small fee to use the API and knocked most users off as a result to try to preserve the bank of human generated content to pull from. What happens to ChatGPT when the internet it pulls from was also written by AI?

Want to know why I think it will have a big impact? Because, secretly, I didn’t write my last blog: Registering your nonprofit with PayPal. Instead, I went to ChatGPT and said, “Write me a blog about registering a nonprofit with PayPal” and the body of that blog was its immediately response. Nobody noticed. And I really had no notes of how to improve it after the fact.

Now that’s scary.

Best Practices

Registering your nonprofit with PayPal

Paypal is a popular online payment platform that allows individuals and organizations to send and receive money electronically. Nonprofits, in particular, can benefit from using Paypal as it allows them to accept donations from a wide range of donors. In this blog post, we will explain the steps to take to register your nonprofit on Paypal.

Step 1: Create a Paypal account

The first step in registering your nonprofit on Paypal is to create a Paypal account. You can do this by going to the Paypal website and clicking on the “Sign Up” button. You will need to provide some personal information, including your name, email address, and a password.

Step 2: Apply for nonprofit status

Once you have created a Paypal account, you will need to apply for nonprofit status. To do this, go to the Paypal website and click on the “Donations” button. Then, click on the “Nonprofits” link and follow the prompts to apply for nonprofit status. You will need to provide some basic information about your organization, including its name, mission, and EIN (Employer Identification Number).

Step 3: Verify your nonprofit status

Once you have applied for nonprofit status, Paypal will review your application and verify your nonprofit status. This process can take several days, so be patient. Once your nonprofit status has been verified, you will be able to accept donations through your Paypal account.

Step 4: Set up donation buttons

Now that your nonprofit status has been verified, you can set up donation buttons on your website or social media pages. To do this, go to the Paypal website and click on the “Donations” button. Then, click on the “Create a Donation Button” link. You will be prompted to enter some basic information about your organization and the donation button, such as the donation amount and the currency. Once you have completed this step, you can copy and paste the code for the donation button onto your website or social media page.

Step 5: Start accepting donations

Once you have set up donation buttons, you can start accepting donations through Paypal. You will receive email notifications every time a donation is made, and the funds will be transferred to your Paypal account. You can use the funds in your Paypal account to pay for expenses related to your nonprofit, such as rent, salaries, or program costs.

In conclusion, Paypal is a great platform for nonprofits to accept donations. It is relatively easy to register, and the process is straightforward. By following the steps outlined in this blog post, your nonprofit can start accepting donations through Paypal in no time.

Search Engines

Google Advanced Search: Site Syntax

In the The most basic SEO test I touched on a technique for restricting Google to only searching your specific domain. In this blog I want to expand a bit on that functionality.

Ways to use this kind of search

  • You can add site:yourdomain.com to any search. It doesn’t have to be stand-alone. It’s just one of the many advanced option in Google search so feel free to pair it with image searches, phrases, negations, etc.
  • You can use it for any site, not just your own. Many people use this trick when frustrated by a particular site’s poor on-site search algorithm.
  • You are not restricted to the entire domain. You can also restrict to a particular directory on a domain, like dijonmarketing.com/blog, for example.

A site search is something I do on a very regular basis and is a great tool to add to your advanced googling arsenal.

Best Practices

Using GSuite in compliance with HIPAA

HIPAA is the Health Insurance Portability and Accountability Act. In short, it requires any organization that handles protected health information (PHI) to act as trustworthy and cyber-secure stewards of that data. Most often people associate this with doctors’ offices. You wouldn’t want your personal health records to be publicly available. Nor would you want your data sold to advertisers to monetize your most private data, likely without your knowledge.

Any organization that will collect or store PHI must be aware of the laws regarding HIPAA and ensure those systems for collection and storage are also HIPAA compliant. Enter GSuite, or Google Workplace, as it is most recently branded. It is fully capable of protecting data within its ecosystem, but your organization must first opt in for this type of protection.

This Google Help Article: HIPAA Compliance with Google Workspace and Cloud Identity has the most up to date information on how to enable these features in your instance. Essentially, you just need to check a box and and answer a couple of simple yes/no questions. Inside the Admin Console, navigate to Account > Account Settings > Legal and Compliance. There you will find Security and Privacy Additional Terms for Cloud Data Processing Addendum to Google Workspace or Cloud Identity Agreement. Review the appropriate clauses and if your organization fits and requires this additional layer of security, click Review and Accept.

Best Practices

Bitnami bncert-tool manual update to pull new certificates

Using free SSL certificates from LetsEncrypt is a great way to keep your site and your users secure. The only downside is that each certificate is only good for 90 days. Either you need to remember to renew your certificates every 90 days or you need to set up auto-renewal on your hosted server. If you’re using Bitnami packaged app for WordPress, then it’s easy! The bncert-tool will automatically check to see if your certificates are nearing expiration and automatically update them without needing anything from you.

… Until it does. This week I got notified by two different sites that their certificates were nearing the expiration date. That normally doesn’t happen because they’ll get renewed automatically well in advance. When I logged in to investigate, I saw that even manual attempts to renew the certificate were failing. The issue ended up being that I needed to upgrade my bncert-tool.

Bitnami bncert-tool References

Learn About The Bitnami HTTPS Configuration Tool is a great resource with everything you need to know about setting up bncert-tool. The command to upgrade is simple and takes only a few minutes to run and then you will be able to renew your SSL certificates.

sudo /opt/bitnami/bncert-tool

If your tool is out of date, this command will inform you of that fact and ask if you would like to upgrade. Just hit ‘Y’ and Enter and the update will happen in the background in a matter of seconds. Once it is complete, you can run the same command a second time. This time it will walk you through the process to update your certificates.

I upgrade mine and my clients’ servers once per year. This is to get the latest Bitnami stack as well as the upgraded security features for each new revision of PHP. So this should be a rarity that an update of the tool is required in between annual server migrations. But just in case you’ve run for a long time without checking, be on the lookout for expiration notices and take action!

Search Engines

How to remove a URL from Google search results

Every so often, you may wish that a particular page of your website would suddenly disappear from Google. It might be that you’ve sunset a particular program and don’t want organic searchers to find your organization for related keywords anymore. Maybe an intern accidentally published a work-in-progress page unveiling an upcoming event you’re not ready for the world to see. Whatever the reason may be, it does happen sometimes that you need a result to disappear – and fast.

Just deleting the page is usually sufficient. Google’s crawlers will eventually discover that the address they’ve indexed leads to a 404 “page not found” error. They’ll then remove it on their own. But that could take weeks. Even if users won’t arrive at the page in question and view the content, your domain could still be linked to that particular search term much longer than you’d prefer.

Google Search Console to the rescue

There is an option to immediately (albeit temporarily) remove a particular URL or a pattern of URLs from Google Search results. Log in to your Google Search Console account and choose Index > Removals from the left-hand navigation. Select Temporary Removals > New Request. Here you can enter the URL in question, or choose “Remove all URLs with this prefix.” That second option is useful if you want to remove an entire directory of content.

As mentioned, this is not a permanent solution. But it is fast and effective for those emergency situations. You may find yourself having to submit a new request after about 6 months if you haven’t taken steps to permanently rectify. Only by deleting or completely obscuring the content from public crawlers will you permanently have it disappear from search results.

Best Practices

Confirm Nonprofit Status on PayPal

PayPal can be an easy and low cost way to power donations on your nonprofit’s website. Their layouts contain specific options for donation buttons. You can define set donation amounts, optionally include a custom amount, and have a checkbox for recurring monthly donations. They take care of the transaction, the cybersecurity (which is the biggest deal), and connect to your bank account, all for 2.9%+$0.30 per transaction.

But wait … you can get all of those same great features but at a reduced rate of 2.2%+$0.30 if you confirm your nonprofit status with PayPal.

Steps to confirm nonprofit status

  1. First, make sure you have an active PayPal account. It will need to be a business account set up as a Charity.
  2. Visit https://www.paypal.com/charities
  3. Click on “Get Started”
  4. Log in to your nonprofit’s PayPal account
  5. You’ll be asked to provide identifying information like your charity’s EIN number, a recent bank statement, and account holder identity.

Once you are confirmed, you’ll enjoy lower fees on every transaction allowing each donation to have an even greater impact.

Search Engines

What influences personalized Google search results?

Google search results pages are always changing. You might get different results than a coworker for the same search query. You might even see different results for yourself on two different occasions. What all goes into personalizing Google search results just for you?

Search Result Influences

  • Search History – This one can be especially confusing if you search specific terms related to your organization often. Google will start to remember what you clicked on the last time you searched and may artificially bubble your preferred results to the top. If you are evaluating your current performance for a set of keywords, using a different browser or an Incognito tab can help avoid this bias.
  • Geographic Location – This one is sometimes obvious. If you search for “pizza near me” naturally you want your results to be restricted to within a certain radius of your current position. But it isn’t always so hyper local. What country you’re in, for example, can factor heavily into the results.
  • Time of Day – You might rightfully expect different results for a certain search at noon versus midnight. Certain ads may have “day parsing” activated that would only show them during potentially peak search times for related keywords.
  • Device – This was a big push recently towards “mobile first” indexation. Doing so allowed mobile-friendly designs to rank better for mobile searches. When you’re on a smart phone with the smaller screen, having content tailor suited for legible display is an obvious advantage. With the push toward more mobile searches every day it makes sense you might see different results than when you’re on your desktop computer.

Hopefully all of these enhancements (and there are certainly many more) provide a richer, faster, and more convenient searching experience for most users. But it’s important to keep it in mind especially if you are trying to demonstrate a search ad or organic ranking performance.