Is My Website GDPR Compliant?

As of May 25th GDPR has arrived and that means that we all need to be complying with these new data protection laws. There are a number of considerations around the way in which you collect, use and store people’s information and these are guaranteed to mean you need to change the way you work.

 

Practical Considerations:

The following are a few of the things that you will need to consider with regards to how you manage data:

 

Email Lists

Have you obtained explicit permission from everyone on your company newsletter to store their information and send marketing emails to them? From May 25th 2018 you either must have this or in accordance with GDPR you will no longer be able to send marketing emails to them.

 

Privacy Policy

Companies must now display a privacy policy that states how they process personal data. It should be:

  • Written in readable, clear format
  • To the point and transparent
  • Free / Easily accessible

 

Cookies

Does your site use cookies which can identify individuals? If so, you must now obtain explicit permission from users to utilise these cookies.

‘By using this site, you accept cookies’ is no longer going to cut it either. Users must now have an easy way to opt out.For more reading visit this link

Still have some questions. Visit this GDPR checklist for more information.

 

Is Your Website Compliant?

Ezone Interactive are offering website audit services to help you identify what changes you might need to make to ensure that your website is in line with new regulations. We can review your website and provide a report detailing suggested changes if required. Interested? Contact us for more information, 

 

 

New WordPress 4.9.2 Security and Maintenance Release

WordPress has just released a new maintenance/security update which impacts all the WordPress version since WordPress 3.7.

It has been found that there is a security vulnerability in Flash Fallback, a media element included in older versions of the WordPress library. Now it has been removed from WordPress and the new update Version 4.9.2 will no longer contain it.

WordPress 4.9.2 will also cover fixes for a handful of smaller bugs found in the 4.9.1 release series. These fixes include JavaScript errors that prevented saving posts and the ability to restore previous widget assignments when switching themes, among other 21 bug fixes.

As a client of Ezone, no action is required at your end. We have already updated your site and you can be sure that you now have the secured version running.

If your site is not maintained by Ezone, we recommend that you update your site immediately. Be sure to backup your current WordPress site first and then simply go to Dashboard >> Updates >> Update Now to proceed with the update to WordPress 4.9.2.

Why You Need WordPress Support

Here at Ezone Interactive we have been building and supporting websites for over fifteen years, and our customers have found our support service invaluable. So in this article I thought I would cover some of the reasons why you need WordPress support for your website:

Websites Don’t Run Themselves

A common misconception is that after a website has been built it is finished and can be forgotten about. In actual fact nothing could be further from the truth, your website going online is just the start of an ongoing process. 

To maintain a good ranking in search results you need to be regularly updating content on your site, you need to keep WordPress updated and secure to avoid any security breaches, you need to fix any bugs that develop over time, ensure your site works correctly on new devices… The list goes on and all these things can take up a huge amount of your time.

Content is King

Useful and regularly updated content is key to keeping visitors coming back to your website and in building authority in your sector. Content can take many forms, from running a blog, updating your services as they change or publishing details of your new offers. Not only does this require that you create the written content, but in most cases you will also need imagery which will need to be resized to the correct dimensions and optimised. 

WordPress Needs To Be Kept Updated

Your WordPress website will be built using a theme and plugins and they will all need to be kept updated to ensure that they work with each other properly and with browser updates etc. It is also essential from a security standpoint to keep your website up to date and many updates patch flaws that hackers can exploit.

It is also important to keep your WordPress version up to date as it is continually being improved to give better functionality and security.

What if Something Does Go Wrong?

If something does go wrong on your website what do you do? You need to make sure you have backups that you can revert to should something go irreversibly wrong on your website. 

You also need to have a system in place to alert you if your website does go down, and this is where an uptime monitor can be really important. 

Who Has The Time?

Do you have the time and technical knowledge to do all of the above as well as running your business? If so then you probably don’t need a support service, but it may be worth considering what you could achieve if even some of those tasks were taken off of your desk.

Flexible Plans:

Ezone offer a number of support packages designed to cover all of your WordPress support needs including all of the areas covered in this article from backups to updates and content work to uptime monitoring we can take care of it for you.

Are you an Agency?

Providing support can feel like a hassle when you are trying to focus on larger development projects. Whatever size of agency, if you work with WordPress, then Ezone can help. We offer bespoke white label support solutions to take support tasks off your desk. Interested? Get in touch. 

New WordPress 4.9 Features

WordPress 4.9 is called Tipton, the new update version which was released November 14th. The new features basically offer three major improvements:

  1. Changes to the Customizer workflow
  2. Brand new Gallery widget
  3. Introduction of the CodeMirror editor

Customizer Improvements

Several new features in the Customizer for themes make the workflow process simpler and more efficient. 

changes in WordPress 4.9 customizer workflow

Saving theme changes as draft

The Save Draft button saves any current customization tweaks to your site’s design as a draft and you can finish working on them next time you open the Customizer.

Share Preview Link

The Share Preview Link provides a live URL that you can share to clients and colleagues to collaborate on the new changes to the site design. This is a a very useful addition, particularly when you need to let others who cannot login or have no access to the site see a preview of the latest changes before final publication.

Scheduling changes in the customizer

You can schedule the latest theme changes to go live depending on the date and time you choose.

Creating Menus

WordPress 4.9 guides the user step by step through the flow of selecting menu locations and items making the menu creation process easier.

creating menus in WordPress 4.9

Improvements to the Widget System in WordPress 4.9

The brand new gallery widget in version 4.9 allows you to place dedicated image galleries on the frontend of your site. It’s a super way to create image widgets that will help draw more interest to your posts but won’t slow down your site.

The brand new gallery widget in version 4.9

Just choose a location or drag it over to your desired location and select images from your WordPress media library using the Add Images button

Text Widget Improvements

The not-so-often used Text Widget has also gotten an overhaul. They added a rich text editor so you can add an image and a text link and format it for visual appeal. And, with  the Add Media button you can actually use the text widget to create a gallery that has text and links to it.

rich text editor in Text Widget of WordPress 4.9

Text Widget will also now support shortcodes by default, so no need to use a plugin to help with that.

Video Widget Expands Support

The Video widget in WordPress 4.9 also now supports all oEmbed providers, making it possible to add videos to your site that are hosted by other providers and not just YouTube and Vimeo.

The Video widget in WordPress 4.9

Improvements to Code Editing 

An important change for developers is the new code editor called CodeMirror. It will make the editing experience better as you will easily be able to tweak:

  • your custom css in the wordpress customizer,
  • theme or plugin code from the dashboard editor, and
  • code in the custom html widget.

Live error checking and Autocomplete features will also help keep you safe from coding errors as it gives you a warning message if you are editing your theme’s template files and also auto-detect fatal errors in your code before you save the changes.

It’s great to have these many new and improved features in WordPress 4.9, but it’s just the beginning. WordPress says we can expect even bigger changes coming next year as it incorporates more theme and page builder functions.

Update to WordPress 4.8.3 Now

WordPress 4.8.3 has just been released and if you haven’t upgraded your WordPress website yet, then you should do so as soon as possible.

Version 4.8.3 is an important security update that will fix a serious programming flaw that can potentially expose WordPress-powered websites to the possibility of being attacked and hijacked by hackers by means of injecting malicious SQL database commands.

The bug, CVE-2017-14723, was discovered and reported by security researcher Anthony Ferrara in September. The WordPress core is not affected, the vulnerability lies in WPDB, a set of functions used to talk to the WordPress database, and its ability to include sprint tokens.

The vulnerable functionality was first found in version 4.8.1. WordPress version 4.8.2, which included fixes for many bugs, was supposed to address this flaw. However, according to Ferrara, version 4.8.2 only dealt with “a narrow subset of the potential exploits” and didn’t actually fix the root issue.

In version 4.8.2 and earlier, the buggy code, $wpdb->prepare(), can create unexpected and unsafe queries and potentially allow malicious SQL injection. The newly-released WordPress 4.8.3 security update addresses this flaw by changing the behavior of the esc_sql() function and hardening it to protect it from attacks via plugins and themes.

How to Update to WordPress 4.8.3

If you are a client of Ezone, you needn’t do anything as we have already upgraded you to WordPress version 4.8.3. You can log in to your website as you normally do and be assured that your website is protected from this security threat.

If you wish to upgrade to WordPress 4.83 yourself, follow these steps:

    1. Check first what version of WordPress your site is using. Go to the Dashboard, look in the ‘At a Glance’ panel:
    2. Download the latest version of WordPress 4.83 from the WordPress website, or go to Updates in the Dashboard and choose “Update now.”

Steps to Prepare your Website for GDPR

The General Data Protection Regulation (GDPR) is the European Union’s new data protection legislation. The UK is currently following the Data Protection Act of 1998, which replaced the 1995 EU Data Protection Directive. As there have been unforeseen changes in the way that we have used digital information over the past decades, the laws that are in place at the present time no longer fit many objectives and will be superseded by the new legislation.

Highlights of the GDPR

  • The GDPR will automatically apply in all EU member states effective 25 May 2018. It is already in force since 24 May 2016, but businesses and organisations have until 25 May 2018 to ensure compliance before the law fully applies.
  • It will introduce changes on how businesses and public sector organizations control or process personal and sensitive data of customers, such as their name, address, IP address, religious and political views, sexual orientation, and more.
  • The new data protection laws will also give more people control over what companies can do with their data, such as more rights to access or request deletion of information companies hold on them.
  • It will enforce a clear responsibility for organizations to obtain the consent of people they collect information about.
  • It will introduce more rigid enforcement measures and bring in tougher fines for noncompliance and breaches in order to improve customer trust in the emerging digital economy.
  • The GDPR will also standardize data protection laws throughout Europe, giving businesses throughout the 28 EU member countries a simpler, clearer legal environment in which to operate.

Steps You Can Take Now to Get Your Website Ready for the General Data Protection Regulation (GDPR)

If you are a company that deals with personal data belonging to EU residents then you need to ensure that you are ready for the GDPR. Here are some areas to review and update on your website:

Make sure to clean up your email databases

If you have a database of subscribers that were not collected according to GDPR standards, then you need to do some cleaning up by sending them a re-permission email so that they can choose to re-opt in and stay on your newsletter list. Choosing to re-opt-in will provide proof of consent of subscribers and will make your business GDPR-compliant.

Ask people to actively opt in

GDPR compliance will now require that you use contact forms that do not have pre-ticked boxes, opt-out boxes or default settings. This ‘positive-opt in’ or ‘affirmative action’ will now be required to ensure that people have a genuine and free choice and control, and take some positive action in order to have valid consent.

If you want people’s consent for various different purposes, the Information Commissioner’s Office (ICO) advises that you provide a separate opt-in for each purpose. This is so that, “People should not be forced to agree to all or nothing – they may want to consent to some things but not to others.”

To further ensure that your opt-ins are compliant to GDPR regulations, you must also take note of these additional points:

  • Make sure that people can easily exercise their right to withdraw consent.
  • You must use clear and and plain language when explaining consent.

Change your website Cookie and Privacy Policies

Under the GDPR, the standard text phrase that is included in Cookie notices, “by using this site, you accept cookies,” only suggests implied consent and, as a result, is no longer going to be compliant. Websites that use different types of cookies with different processing purposes will need different mechanisms to obtain valid consent for each purpose, e.g. granular levels of control with separate consents for tracking and analytics cookies and mechanisms to also signal customer consent and for them to make an ‘affirmative action.’

There’s not much time before the EU GDPR is officially in effect. It’s best to start your planning process, and begin implementing the changes your organization will need to make now, especially companies that have multiple websites.

If you wish to consult with Ezone about getting your website ready for GDPR, please do not hesitate to contact us.

Helpful resources from the ICO:

Getting ready for the GDPR
12 steps to take now
Accountability and governance

Update on the Importance of HTTPS

For a long time now Google has been increasing the importance of HTTPS and having your website on a secure server. In January they started marking http pages that collected passwords or payment details as non-secure in the Chrome browser as shown below:

Not secure credit card

We wrote about SSL certificates and Google back in January, you can see that post here: Do I need an SSL Certificate? 

Following the release of Google Chrome version 62 later in October Google will be expanding on the warnings introduced in January so that any page with a form that is running on a http connection will be marked as insecure. It is important to realise that this does not simply apply to contact or payment forms, but to any sort of form. This means that, for example, if your page has a search field on it then it will trigger the warning if the site is not on an https connection.

What Should You Do?

Ezone recommends that if you are considering getting a website built you ensure that whoever is building it for you is going to set it up with an SSL certificate.

If your site is already online then don’t delay as Google are only going to increase the importance of HTTPS in their search results and browser so it will need to be done sooner or later.

There are a number of different providers of SSL certificates including RapidSSL and Symantec and many hosting providers also offer SSL Certificates on their platforms. Lets Encrypt is a popular free option that you can setup on your site if you are comfortable implementing such things on your site.

If you don’t want to have to spend the time working out how to set up an SSL Certificate yourself then check out our SSL Certificate setup service.

 

WordPress Makes Available 4.8.1 Maintenance Release

WordPress has just made available WordPress 4.8.1, a maintenance release to it’s recent version WordPress 4.8 “Evans. ”

This first maintenance release includes 29 fixes and enhancements to help make your WordPress website design more intuitive. Of particular interest in this recent update is the introduction of the Custom HTML widget and technical workarounds to fix the rich Text widget.

When WordPress 4.8 was introduced last June 8, 2017 it added new widgets for videos, pictures and text as well as functionalities to improve editing of links.  However, the TinyMCE functionality to improve the Text widget brought about some issues for those who use Custom HTML and caused the Visual editor to ignore portions of the code.

The dedicated Custom HTML widget in WordPress 4.8.1 Beta 1 addresses this problem. This widget will allow advanced users to specifically add arbitrary HTML to the website’s sidebar and prevent the Visual editor from altering code.

So, when you paste or type in an HTML code into the text widget with the Visual editor active, an Admin Pointer will pop up suggesting that you use the Text tab instead or use the Custom HTML widget.

How Do I Update to WordPress 4.8.1?

If you are one of our clients you needn’t do anything, we have already upgraded you to WordPress version 4.8.1. Continue to log in to your website as you normally do and start enjoying the benefits straight away.

If you are not sure what version of WordPress your site is using you can easily check by going to the WordPress dashboard in the content management system and looking in the ‘At a Glance’ panel:

Looking Back at WordCamp Edinburgh 2017

Last weekend saw the third WordCamp to be held in Edinburgh.

Hosted at Codebase in the heart of the city just next to Edinburgh Castle the weekend promised much: beautiful Scottish summers weather, Haggis and Wapuu’s scampering around the foot of the castle and of course a great event.

Sadly only the last of those things actually came to pass as it rained all weekend and the local wildlife must have been sheltering. However, this didn’t stop the event being fantastic with great people, great talks and a great atmosphere.

The venue with Edinburgh Castle shrouded in mist behind. Sadly no haggis in sight

It was a jam-packed event with:

124 attendees

22 speakers

15 volunteers

Talks covered topics of social change, productivity, security, service provision, Jetpack, agile development, site optimisation, WooCommerce, lightning talks, social media, web design, the Rest API, customer service, development strategy, accessibility and more.

A week later the dust has had time to settle so I thought I would put pen to paper and post some of the top things that I took away from the weekend. It was tough because there was so much to choose from, but here goes:

5 Takeaways from WordCamp Edinburgh 2017

1. Volunteering is awesome.

WordCamp Edinburgh was my fifth WordCamp, having also travelled to London, Manchester, Edinburgh in 2015 and WordCamp Europe in Vienna last year. But hands down this was the WordCamp I enjoyed the most and that is largely because I volunteered at this one.

Volunteers help the organising team with the running of the event, be it registration, handing out t-shirts, operating cameras, helping with lunch or simply answering attendees queries.

I didn’t really know what to expect turning up for the weekend, but was immediately introduced to the organising team and the other volunteers. Everyone was super enthusiastic and keen to run a great event.There was a great sense of camaraderie and I made way more connections at this WordCamp than previous ones as I’d met twenty odd people before registration even opened.
I would strongly encourage anyone to consider volunteering, especially if you are new to WordCamps as it’s a great way to get to know people while at the same time helping to give back to the community.

 

2. Facebook Advertising is Very Powerful

One of the most interesting talks for me was Gavin Bell speaking about Facebook Advertising and vlogging. As an area I knew very little about it was a real eye opener for me. It was fascinating to hear Gavin’s story and gain a better understanding of the versatility and power of Facebook advertising, which really does have incredible reach.

Gavin is a Facebook advertising consultant and vlogger and he spoke about how he got into vlogging, highlighting the importance of video in social marketing and gave us an overview of how he uses Facebook advertising to drill down and target his intended market.

 

3. The Gutenberg Editor is Coming

Kimb Jones spoke in the lightning talks about the Gutenberg Editor. This new block editor is eventually going to be integrated into WordPress core but is currently available as a plugin. The editor is based around blocks and empowers users to more easily add rich content to posts and pages without the need for messy shortcodes and custom fields. There were a lot of questions raised around backwards compatibility and if sites will be broken by the introduction of this new editor due to incompatibilities with themes and/or plugins. It’s well worth taking a look at the plugin to familiarise yourself with Gutenberg as in the future it will be standard in WordPress.

 

4. The WordPress Community is Awesome

Wapuunicorn – the official mascot of WordCamp Edinburgh 2017.

One of the really cool things about WordCamps is the diversity. The events bring together designers, developers, project managers, agencies, hosting providers, accessibility specialists, bloggers, social media experts and many more. They attract people from different countries (according to a tweet this week the speakers alone came from or originated from more than ten different countries) and cultures and with different beliefs and professions and they are all there to make connections and to learn from each other. That is special and part of what makes WordPress so great.

 

5. WordPress Can Transcend Simple Code and Speak to us on a Human Level

Some of the most inspiring talks focused on how WordPress can be used to create personal and social change. Bridget Hamilton spoke about blogging to handle tough issues and create social change and Andres Cifuentes spoke about building multilingual communities. Finally Rachel Martin delivered a talk that I know moved a number of attendees. She spoke about her personal experience of the earthquakes in Canterbury, New Zealand, and how she used blogging as therapy.

Andres Cifuentes speaks about building multilingual communities

 

WordPress TV

Remember if you weren’t able to be at WordCamp Edinburgh, or missed a talk that you were interested in they will be available on WordPress.tv. But it does normally take a few weeks for the videos to be edited and uploaded.

Roll on WordCamp Edinburgh 2018!

There’s a ton more stuff that I could have spoken about in this article such as the swag:

WooCommerce plectrums, probably one of the coolest pieces of swag I’ve seen at a WordCamp

The awesome t-shirts designed by Ben Usher Smith:

Wapuunicorn t-shirts

And the social events in the evenings:

 

The organising team did an incredible job this year, delivering a great event for all. With Ahmed Khalifa taking the reigns next year I’m sure it will be another amazing event (and who knows, next time we might even see a real live haggis!) – I can’t wait!

Basic Image Editing in WordPress

One of the things many WordPress beginners often wonder about is if it is possible to edit an image after it has been inserted into a post or page. Yes, WordPress users may do some simple image editing and also edit image properties once the image is already uploaded.

Here’s how this can be done: Continue reading “Basic Image Editing in WordPress”

This website uses cookies OK Thanks