Cyber Security Archives - Digital Marketing Experts

Why Website Security & HTTPS Matter

Caitlin Maclean — Fri, 04 Apr 2025 10:00:00 +0000

For e-commerce businesses, security isn’t optional—it’s essential. Customers must feel confident that their personal and payment information is secure when shopping online. A secure HTTPS connection protects sensitive data, enhances search engine rankings, and significantly improves the user experience.

At teclan, website security is a top priority. We ensure all e-commerce websites we manage are secure, fully encrypted, and trusted by users. Here’s how you can assess your website’s security and HTTPS to ensure your online store remains safe and trustworthy.

Step 1: Checking Your HTTPS Implementation

Ensure your entire site is secured with HTTPS. All pages, including product and checkout pages, should load via a secure connection.

How to Check Your Website’s HTTPS Status:

Look for the Padlock Icon 🔒 – If your browser displays a padlock in the address bar, your website is using HTTPS.
Use Google Search Console – Check the “Security & Manual Actions” section for any security alerts.
Use tools like SSL Labs (Qualys SSL Test) – This free tool evaluates the configuration and strength of your SSL certificate.
Inspect Browser Security Panels – Modern browsers provide detailed security insights that highlight insecure elements.

Common Issues to Address:

Mixed Content Warnings – Ensure all images, scripts, and style sheets are securely loaded via HTTPS.
Insecure Redirects – Avoid redirecting visitors through unsecured HTTP pages.
Expired SSL Certificates – Keep your SSL certificates valid to avoid security warnings in browsers.

Step 2: Reviewing Your SSL/TLS Certificate

A valid SSL certificate is critical for HTTPS security. Expired or incorrectly configured certificates trigger warnings in browsers, affecting user trust.

How to Validate Your SSL Certificate:

Click the browser padlock icon to inspect certificate details.
Run an SSL Labs test to highlight potential vulnerabilities.
Confirm your certificate is issued by a reputable authority such as Let’s Encrypt, DigiCert, or GlobalSign.

Best SSL/TLS Practices:

Use updated protocols (TLS 1.2 or TLS 1.3) – Disable outdated and insecure versions (TLS 1.0 and 1.1).
Activate HTTP Strict Transport Security (HSTS) – This ensures browsers only connect via HTTPS.
Automate SSL certificate renewal – Prevent service disruptions with automatic renewals.

Step 3: Resolving HTTPS and Security Issues

Address Mixed Content Warnings:

Ensure all site resources (images, scripts) use HTTPS.
Update internal links and resources from HTTP to HTTPS.

Redirect HTTP Traffic to HTTPS:

Ensure all HTTP URLs automatically redirect visitors securely to HTTPS.

Implement HSTS (HTTP Strict Transport Security):

Enforce HSTS to ensure browsers consistently use HTTPS, reducing potential security risks.

Step 4: Maintaining Security Through Ongoing Monitoring

Website security requires continuous attention and updates. At teclan, our ongoing security measures include:

Regular SSL certificate verification to maintain valid certificates.
Implementation of security headers such as X-XSS-Protection, Content-Security-Policy, and Referrer-Policy.
Utilising Web Application Firewalls (WAFs) from services like Cloudflare or Sucuri to protect against cyber threats.
Conducting daily security and malware scans with reliable tools such as Sucuri, Wordfence, or Google Safe Browsing.
Regularly monitoring Google Search Console for timely security alerts and taking immediate corrective action.

Conclusion: Prioritise Website Security

A secure website builds customer trust, improves SEO rankings, and ensures long-term business success. By maintaining valid SSL certificates, fully implementing HTTPS, and consistently monitoring for security issues, you create a safe and seamless experience for your customers.

At teclan, we specialise in auditing, addressing, and maintaining robust security practices for e-commerce websites. If you require help enhancing your site’s security or managing HTTPS implementation, please contact teclan today!

The post Why Website Security & HTTPS Matter appeared first on Digital Marketing Experts.

Are Your External Links Hurting Your Website? teclan’s Trustworthiness Check

Caitlin Maclean — Wed, 02 Apr 2025 11:00:00 +0000

Introduction

External links are critical to an e-commerce website’s SEO, credibility, and user trust. Poor-quality or irrelevant links can damage rankings and reputation, while authoritative links enhance site trust and search visibility. At teclan, we follow a structured approach to reviewing and managing external links to maintain site integrity and maximise SEO benefits.

1. Identifying External Links on the Website

A combination of automated tools and manual checks to assess all outbound links:

Automated Tools

Google Search Console → “Links” report to view all external links.
Ahrefs, SEMrush, Moz → Analyse link quality, spam scores, and authority metrics.
SEO Spider → Extracts external links and flags any broken or redirected ones.

Manual Link Review

Product Pages & Blogs → Do outbound links enhance user experience?
Affiliate & Partner Links → Do they lead to legitimate, high-quality businesses?
User-Generated Content → Do forums, comments, or reviews contain spammy links?

2. Evaluating the Trustworthiness of External Links

Domain Authority & Trust Score:

Use Moz, Ahrefs, or Majestic to check DA (Domain Authority), DR (Domain Rating), and spam scores.
High-authority domains (e.g., .gov, .edu, and trusted brands) boost credibility.
Avoid low-quality or spammy sites with high spam scores.

Content Relevance & Quality:

Ensure linked pages are relevant to the e-commerce website’s audience.
Avoid misleading, clickbait, or outdated sources that could harm brand trust.

Website Security & Activity:

Ensure linked sites use HTTPS for security.
Check if the site is still active—avoid linking to expired or parked domains.

3. Fixing or Removing Low-Quality External Links

Update or Replace Untrustworthy Links:

If a link points to an outdated, irrelevant, or broken page, replace it with a high-quality alternative.

Use No Follow for Low-Trust or Paid Links:

For affiliate links, sponsored content, or links you don’t want search engines to follow, apply the “nofollow” tag.

Disavow Harmful Links (If Necessary):

If the website has unwanted spammy backlinks, teclan submits a disavow file in Google Search Console to prevent SEO penalties.

4. Continuous Monitoring & Best Practices

To maintain link quality, utilise these ongoing strategies:

Regular Link Audits – Monthly reviews using Ahrefs, SEMrush, and Screaming Frog.
Manual Review of Blog & Product Links – ensuring all outbound links remain relevant & valuable.
Limit Excessive External Links – Too many outbound links dilute page value.
Use “Sponsored” Attribute for Paid Links – Google-compliant transparency for monetised links.
Monitor User-Generated Content – Filtering spammy links in comments & forums.

Conclusion

By systematically reviewing and optimising external links, teclan ensures e-commerce websites maintain SEO integrity, user trust, and strong domain authority.

The post Are Your External Links Hurting Your Website? teclan’s Trustworthiness Check appeared first on Digital Marketing Experts.

Is your website protected from malicious bots?

Caitlin Maclean — Fri, 06 May 2022 15:33:45 +0000

If you’re a frequent internet browser, you are likely to have come across many warnings about keeping your information safe online and to avoid clicking unknown links from suspicious contacts. There is good reason for warnings like these, as phishing scams and malicious bots are becoming a major threat on the Internet. According to a report by CXOtoday, the top four industries that have been attacked by malicious bots recently were e-commerce, travel, media, and online marketplaces.

Increase in cyber-attacks during the pandemic

During the pandemic, e-commerce site traffic and purchases broke records. With this, came an increase of online fraud. Between January and June last year, there was a 74% increase in phishing scams according to HMRC. Phishing scams are a form of cyber-attack which fool victims into installing malware or handing over sensitive information. Often, phishing scams come in the form of emails or texts that appear to come from a trusted sender, but on closer inspection will highlight a suspicious sender address or link.

What is a malicious bot?

A bot (short for robot) is a typically a software application which helps to perform tasks across the internet faster than a human could. Google, for example uses (good) bots to index all the websites they can find to produce their search results.

On the other hand, cyber criminals often use malicious bots in order to obtain sensitive information such as customer records or bank details, or in more serious cases to breach tough security measures and take over user accounts. They can cause errors on websites to disrupt a site’s availability, or exploit vulnerabilities within applications and APIs. Bots can also be used by businesses to directly target competitors – in rare situations such bots will scrape web content to aggregate the likes of product prices and names.

What is the threat to e-commerce websites?

Reports have highlighted there has been an increase on attacks from malicious bots within the e-commerce industry, with account log-in pages in particular being a key target. In order to evade detection, bots are becoming even more sophisticated in order to imitate human user behaviour as closely as possible. Because of this, they can bypass some common website security controls especially if a password or username is weak.

From data scraping to payment fraud, advanced bots could cause devastating damage to e-commerce websites. This, in turn, can cost businesses thousands, if not millions of pounds due to damages and losses incurred by cyberattacks. In 2020 a survey by Kount highlighted that two-thirds of businesses said a single attack from a malicious bot cost their company almost £100,000 in lost revenue. It is therefore crucial that businesses have tough cyber security measures in place to protect themselves and their customers.

How do you combat malicious bots?

It is important to try to stay on top of up-to-date technology that scammers and cyberattacks are using in order to steal sensitive information. We are likely getting to a point where Web Application Firewalls (WAFs) are becoming as essential to websites as SSL (Secure Sockets Layer) certificates. A web application firewall is a specific form of application firewall that filters, monitors, and blocks specific traffic to and from a web service.

Cyber security is now as important as hosting, web design, and domain management. It is essential for the safety and security of your online business; the increase in scams, and attacks from malicious bots, identifies how crucial it is to keep your website secure.

Sometimes as business owners, technical website elements can slip past the radar. At teclan, we ensure that your website is protected and prepared — whether you’re building an entirely new site or looking to migrate an existing website, we work hard to ensure your site is as secure as possible. Our Gatekeeper packages go a long way to ensure your website is protected against malicious attacks while our web-mastering services make sure your site is kept updated and in great shape. We can also help you obtain a Business Security Accreditation so that you and your audience have peace of mind that all aspects of your online business are carried out with maximum attention to security.

The post Is your website protected from malicious bots? appeared first on Digital Marketing Experts.

Elementor Plug-in Security Threat Highlights Importance of Cyber Security

Caitlin Maclean — Fri, 22 Apr 2022 09:40:10 +0000

Many websites are built using the WordPress platform and one of the most popular plug-ins for this platform is Elementor. It is so popular that it can be found on over five million websites. Recently, a vulnerability allowing attackers to upload arbitrary PHP (Hypertext Preprocessor) code that would enable a full website takeover, was discovered in Elementor (beginning with version 3.6.0). This vulnerability was made possible due to a lack of satisfactory security measures within a new ‘Onboarding’ wizard feature. A case like this only highlights the importance of implementing proper cyber security measures.

What caused the vulnerability?

The issues were caused because there was a failure to use capability checks within the plug-in. Makers of website plug-ins are obliged to code capability checks as these act as a security layer. Capability checks review permission levels of users when they are logged in to a relevant website. Website users are assigned ‘User Roles’ which can include the likes of an admin, editor, and subscriber. For example, website subscribers should not have the ability to access posts to edit them but may be able to write a comment below said posts, and a capability check should highlight if the permission level is being breached.

A new module introduced to version 3.6.0 of Elementor failed to include any capability checks. Therefore, full-site takeovers were made possible as the capability check function was missing from the plug-in which would prevent unauthorised users from making changes to the site. This is a problem as WordPress states the importance of capability checks in their handbook:

“If your plug-in allows users to submit data—be it on the Admin or the Public side—it should check for User Capabilities. The most important step in creating an efficient security layer is having a user permission system in place. WordPress provides this in the form of User Roles and Capabilities.”

WordPress

My WordPress site uses Elementor — what should I do?

As the threat was introduced to Elementor version 3.6.0, any previous version of the plug-in will not be impacted by the vulnerability. However, it is always recommended that plug-ins are frequently updated so that your website is fully optimised. Our expert webmastering services ensure that your website is always up to date. At this stage, we would recommend updating to Elementor 3.6.4 as the Elementor Changelog states that this version fixes issues related to the Onboarding Wizard Module which caused this vulnerability in version 3.6.0.

What other cyber security measures should I be taking?

Cyber security is now as important as hosting, web design, and domain management. It is essential for the safety and security of your online business and this recent threat to Elementor identifies how crucial it is to keep your website secure. Sometimes, for business owners, technical website elements can slip past the radar. At teclan, we ensure that your website is protected and prepared — whether you’re building an entirely new site or looking to migrate an existing website, we work hard to ensure your site is as secure as possible. Our Gatekeeper packages go a long way to ensure your website is protected against malicious attacks while our webmastering services make sure your site is on top of the technical game.

The post Elementor Plug-in Security Threat Highlights Importance of Cyber Security appeared first on Digital Marketing Experts.

Our Experts Answer Common Cyber Security & Hosting Questions

Caitlin Maclean — Fri, 18 Feb 2022 16:14:10 +0000

So, you’ve got your business up and running successfully, and you’re ready to take the internet by storm. But have you prepared your website to be protected against cyber-attacks? Sometimes as business owners, technical website elements can slip past the radar. At teclan, we ensure that your website is protected and prepared — whether you’re building an entirely new site or looking to migrate an existing website, we work hard to ensure your site is as secure as possible.

If you’ve never encountered web hosting or cyber security in the past, you’ll likely have questions about what it all entails. From SSL certificates to the benefits of security software, our experts answer some of the most commonly asked questions.

What is website hosting?

In short, web hosting is the basic infrastructure that enables a website to be on the internet. The web host (usually digital companies) sells or leases space within a server that stores the files necessary for the consumer’s website to be accessible on the internet. Generally, web hosts will need to make sure you own a domain (the website address), and if you don’t own one, will often help you purchase one. With internet users expecting quick loading speeds, it is almost essential that your website is hosted on a fast server with speedy hardware. This ensures the best chance of a website to be delivered quickly to a user’s web browser.

What is cyber security?

Cyber security is now as important as hosting, web design, and domain management. It is essential for the safety and security of your online business. The core function of cyber security is to protect websites, systems, programs, and networks from any potential digital attack. Typically, these attacks try to access, destroy or steal sensitive information such as passwords or bank account details. Attackers often have the motive to extort money. It is therefore extremely important that businesses and websites are protected.

Why is cyber security important?

In the offline world, many venues tend to be protected from threats, thefts, and attacks with the use of security guards or CCTV. As we spend almost as much time online as offline these days, it is important that protection translates to any business we conduct on the internet. On a personal level, a cyber-attack may lead to the loss of important data, identity theft, or financial fraud. At a business level, the damage is potentially much worse due to the employee and customer data stored within your network, so it is essential the online business space is protected with cyber security measures.

Is my site secure with just an SSL certificate?

Not completely, no. An SSL (Secure Sockets Layer) certificate ensures that the traffic between your website and the user is encrypted so that anyone snooping on this traffic is prevented from seeing any sensitive data being passed on (such as usernames and passwords). This does not protect your site from malware or any other form of attack. It is therefore recommended that additional established cyber-security measures are put in place. Do your research and you’ll be able to find a cyber security package that has all of the measures in place for your business.

Won’t security software slow down my website?

Often, we’re told that website speed can be negatively impacted by unnecessary software. However, cyber-security software should be considered essential. In fact, security software can improve the speed and performance of your website. Many web application firewalls (WAF) include a CDN (Content Delivery Network) which delivers larger files such as images and JavaScript to the end-user more efficiently by serving them up via a cache on the nearest server to them.

Web hosting and cyber security can seem a bit intimidating, especially if it’s an area you’ve previously never encountered. At teclan, our experts take the worry out of managing your website’s hosting by providing a dedicated network of fast servers with quick hardware, housed within a speedy data-centre resident on a T1 fast network. Our cyber security packages provide complete reassurance to you and your customers that online data is protected. Contact us to find out how we can get your website up and running with the best possible protection.

The post Our Experts Answer Common Cyber Security & Hosting Questions appeared first on Digital Marketing Experts.

Is Your Password Strong Enough?

Caitlin Maclean — Fri, 23 Oct 2020 11:10:07 +0000

It has recently been reported that President Donald Trump’s Twitter account was easily hacked into by Victor Gevers, an ethical hacker from the Netherlands. You may be thinking “I’ve read this story before” and you’d be correct. This is not the first time Trump’s account has been allegedly hacked. Four years ago, Gevers cracked Trump’s password ‘yourefired’ – an easy guess as this is a reference to his catchphrase on The Apprentice USA.

Surely, in the aftermath of this first blunder, Trump’s team would advise him to create a much stronger password with two-factor authentication across all of his public profiles. Apparently not. The alleged cracked password this time? ‘maga2020!’ If we can learn anything from Trump’s supposed mistakes it’s that when setting up any public profile, your password should be strong. This is particularly important for public figures and businesses. Best practices for account security include strong passwords, two-factor authentication and limiting the access to said account.

While Twitter has responded to these claims stating there is no evidence of the most recent security breach, it is interesting to note that after Gevers was in contact with the likes of the American Secret Service, a two-step verification for the account has been activated. Only Gevers and Trump’s team knows whether or not this attack actually occurred but the story highlights important lessons to learn for businesses and public figures alike. Strong passwords are a necessity.

Don't be trumped by a weak password

A strong password should:

Include upper and lowercase letters, numbers and symbols.
Avoid using obvious personal information within a password which is easy to guess. (Trump has discovered this the hard way.)

There is also a benefit to using password generators or a password management app as these can auto-generate and store strong passwords. The teclan team practices this for ourselves and our clients.

The teclan team is always here to help with any concerns you may have regarding your online business. From cyber security and password protection to professional web design and social media marketing, our team will help your business succeed.

The post Is Your Password Strong Enough? appeared first on Digital Marketing Experts.

Is your business protected?

Caitlin Maclean — Tue, 16 Jun 2020 15:25:34 +0000

So, you have a beautiful website design, have sorted out your hosting and domain management and ensured your Digital Marketing is up to par. But what’s missing? Think Cyber security.

Cyber security is just as important as all of these elements. Without it, your business could face serious repercussions and damage your customers’ trust.

Don’t Fall Victim

Everyday websites suffer from all types of attacks impacting businesses of all sizes. You may have recently become aware of the ‘highly sophisticated cyber-attack‘ faced by easyJet, affecting around nine million of their customers. Data breaches such as this give hackers access to personal details and information that should be secure and private. While this is an extreme example, it is important you have the peace of mind that your company is protected.

We Offer Peace of Mind

Our Gatekeeper Packages are ideal for businesses who want to be assured that their customers’, and their own data, is safe. At teclan, we offer security packages which cover the likes of daily scanning for compromised files and malware, and installing a Web Application Firewall (WAF) to protect your site from bots and unwanted access. By performing regular backups, we make sure that you are covered should the worst ever happen.
You can view our range of Gatekeeper security packages here.

Your Website is Secure — What Next?

Modern Internet browsers highlight to visitors sites that do not have a security certificate in place. An SSL allows an encrypted connection between the visitor and the website. This ensures that data cannot be easily accessed by third parties. SSL certificates provide customers with the knowledge that they are protected and that your company is one that they can trust. It is vital to display an SSL certificate if your business plans to advertise on Google Shopping and is used as a factor for SEO ranking.

We Are Here To Help

Our team of experts are always here to provide support and advice regarding SSL and all forms of cyber security. Just get in touch and we will be happy to help!

The post Is your business protected? appeared first on Digital Marketing Experts.