SEO Audit for site redesign
-
I'm in the process of preparing my company's ecommerce site for a redesign - largely to move to a responsive design and improve issues with UI and some much-needed features. This is a very small ecommerce business (Less than $300K annually), and we have settled on Magento Community Edition for our platform. We understand it to be very "SEO" friendly, and its similar to our current platform - it gives us a lot of flexibility in design, and it appears scalable.
While I am aware of our current sites shortcomings (from an SEO standpoint), I was wondering if I should employ an SEO person/company to do a pre/post redesign audit. I looked at the MOZ checklist, and ran my site through Hubspot and WooRanks free tools, and am aware of what they are reporting as SEO items to be fixed.
As I am so small, I was wondering if an SEO audit in addition to what I already know might be overkill? Any thoughts/suggestions are welcome.
-
Sorry about not being clear on the dev. PrestaShop is totally OSS like Magento or Wordpress. So generally what we do is take a spec from a client, see if their are modules commercially available for the functionality they want. If not, we just figure in developing them from scratch. I think how most people do with a site of that magnitude.
As for the really believing in PrestaShop, I do. It might not be the best situation, but I do have all of my eggs in that basket and I hope nothing bad becomes of it.
-
Totally reasonable, I didn't really know that existed, but it is changed. Sorry for the confusion. Also, like I mentioned I am just a company that uses the product, not someone at the company itself. I do contribute on the blog every now and then too. But as for some links for reference, here are a couple
Magento's forum closed
http://www.magentocommerce.com/boards
Magento Closing products
Like I mentioned above I am just mixing the on the record facts, with what I have heard from some insiders. It could be wrong, it could be right. I know because of the nature of is talked about here we all have to do a little bit of speculation because we are generally discussing systems and companies that we have no direct control of.
But like I mentioned above I can totally see how my name and the posts created a misleading environment and I have changed my name.
-
The chosen account name was a bit of it, but when you then said, " Sure I do shops that cost 10 times that much, because they want custom features that are not part of the stock package." and similar things it appeared you worked for or were the dev for PrestaShop. My apologies on that.
As to the security criticisms of WP, I simply do not see it the way that you do. I also am not aware of any major issues with Magento, rumor or otherwise. I simply think that if you are going to knock something it needs to be very concrete. I have knocked products on this very forum, but I really do strive to be very clear and make it totally "behavioral" (how a system performs or fails to perform) than any conjecture. I do not have the 100s of bot connections and login attempts and I do not have the time to go into a security dissertation regarding our mechanisms. I just do not see that problem. I am sure there are others here who have more experience than mine on WP, Magento, WooCommerce, PrestaShop, etc. I just have not seen the issue in my experience. Nor have I seen it with sites needing HIPAA compliance, etc.
As to my reference to TARGET around your MC/Visa fine statement there have been implied costs associated with lost business and with lawsuits, but I just checked again to be sure and I can find nothing stating that TARGET was fined by MC/Visa. In fact the head of MC said that cards need chips in them right after it happened! Frankly, I cannot find any fines they have paid due to that data breach. Again, using a straw man like fines of "$10K per day" is not a good way to argue. It lends a certain weight, emotionally, to the argument, but nothing real. Your argument regarding MC/Visa fines is a false argument, it is a total straw man. You are implying that due to WP a person would be opening themselves up to huge fines and it is patently not true. It impunes WP and all of the open source developers who have spent tons of time and money on that work.
Again, this is simply about approach. I hope you understand that. So, maybe it is just a bit of really believing in PrestaShop (and trust me that after this I am going to go check it out), I just did not think it was the best way to go about it.
Best
Robert
-
Lesley, if you edit your profile, you can change your nickname that's displayed here. I think that would be a helpful thing to do here, as the current nickname is leading to a bit of confusion. I'd ask the same of anyone that had a nickname like "Wordpress" or "Magento" that wasn't a direct representative of that company.
You can also uncheck the box that says to use your nickname, and you can use you real name for posting instead.
As Robert mentioned, it could be a good idea to include some context with your answer. "I realize that our company is an alternative to product x, but here's why I think there are some issues with product x" and including an outside referenced link could be helpful all around.
Thanks!
-
I see how I could have raised some ambiguity about what I am doing and what I do. The truth is I signed up for a Moz account a few years ago and never converted the trial. Then I decided to try it again and converted over to a paid account. When I signed up the first time I used my company name dh42, so the second time I was not allowed to use that name it was taken. So I chose Prestashop, I did not realize that it would end up being my forum posting name at the time. But I am no more affiliated with Prestashop than you are with Wordpress, I am just a developer that uses the platform, nothing more. I don't have any paid modules or themes for them, I get 0 compensation for them other than what I charge clients to develop sites with their software. But I can totally see how my poor choice of nick leads to believe otherwise.
I think Target ended up having to pay around $100M to get things straightened out after their breach. But at the same time their breach was different than an online store breach, it was a hardware level breach from what I understand. But also their transaction amount is a game changer for fines and penalties as well. When you compare 2 stores and one might do 1 million a year vs the other might do 50 billion the rules are different, contracts are negotiated differently. Target might even run their own clearing house, I honestly have no clue how it is working on their level.
But as for it being the hip thing to do to ward against Wordpress that is totally not where I am coming from. I run Wordpress for my site. Let me give an example, there is a company that does a lot of PrestaShop development that I know, they recently did a redesign of their agency site that does not sell anything. They used PrestaShop as the CMS to run the site. I find that weird that someone would use an ecommerce platform for a static site with no products. I told them that at the time. I still think Wordpress would have been a better solution.
What it comes down to in my mind is using the best tool for the job, not the best tool that you know how to use.
I don't know about your Wordpress installations, but with mine, before I started denying by ip on the wp-login page, I would get hundreds of bot connections and login attempts a day. So much so that some of the smaller sites it would be 80% of their monthly traffic. People run bots like this all the time. Those are the people that I think have enough time on their hands. All they have to do is check a config file on the server, like pull a fileexists on say wp-content/ecommerce-package/img.jpg, if the file exists then start the brute force attack. Just like bots are set up around timthumb flaws, I would be willing to bet that there are people that set them up around other flaws as well.
I just have the opinion that Wordpress is inherently insecure on a lot of levels, not just the login system. If you look at any major platform, Magento, Shopify, OS Commerce, PrestaShop, ect, they all have a few things in common. They use a real MVC that separates code from templates, they all have two login systems, they have a module system that extends, not adds functionality. They are built with an ecommerce security minded focus, not an ease of use ease of extension focus.
But I would like to reiterate that I am sorry about the confusion with my name, it was just a poor choice to chose and I am not affiliated with PrestaShop other than being a developer that uses their platform.
-
After posting re the Processor fines, I finished my other project and am returning. On returning, I realize that you are selling a WP alternative and I did not realize that prior: "The PrestaShop one is..." To me, this is not a good thing to do within Q&A and I am even willing to look at your product myself. I just do not think it helps when we sell our own products/services in that way (juxtaposing your product against another). Frankly, when it comes to ecommerce, there are many safe and quality ecommerce platforms. When you make an argument against Magento: "Just a note on Magento, there are a lot of rumors that the CE is going to be discontinued soon, and that argument is a rumor, but you sell a product like theirs, how reasonable is that? To say that WordPress was never meant to be for ecommerce is a bit disingenuous IMO; was Google ever "meant" be in ecommerce? How many things on the Internet are absolutely what they were originally intended to be?
If that is a valid argument, then any offline business that is now online or also online, should not be used as they were not intended to be online.
You may have a great product, but to knock others on a forum like this when you sell that product is not a great way to sell in my opinion.
I hope you can understand I am not against you or against your product; I just disagree with your methods.
Sincerely,
Robert
-
Prestashop,
I will come back in a few hours and add more re WP security and ecommerce, but I have to say that the last statement stands out: **Most CC issuers like Visa, Mastercard, ect charge about 10k a month for non compliance with PCI standards, that 50% dev cost can be mitigated real quick with a couple fines levied your way. **
This is a strawman argument. I have been processing with MC, Visa, Amex, Discover, and even Diner's Club for 30 years. I have processed over $100 in that time In order to get a compliance fine, you are going to have to go well beyond choosing WordPress as your CMS on an ecommerce system. You are going to have to go well beyond someone getting into the system via a login and stealing all the data. Here is the question about it: "What was the compliance fine for Target after losing millions of cards and passwords?"
Name a system and someone with enough desire and time can crack it. I just disagree that his is a reasonable argument for not using WP. There may be others, but this is not one I would use. We build ecommerce sites using WP and I have zero fear of exposing a client because of that. I think too often in our world people recommend against WP because it seems to be the vogue thing to do and we then don't think it through enough.
-
I hate to be that guy, but the responsible dev practice in this situation is to not use Wordpress as an e-commerce platform.
As far as platform everything is relative in cost. I can set a site up using PrestaShop for close to the same in cost as a site using Wordpress (I am shooting off the hip at what a general Wordpress e-commerce site would cost, but I am thinking 3-5k range just as far as time involved) Sure I do shops that cost 10 times that much, because they want custom features that are not part of the stock package.
But lets speak on robust security and the cost of it. Say you create a site on PrestaShop and one on Wordpress. Say the PrestaShop site costs you more, just for sake of argument. Say 50% more.
Then say the sites are pretty basic sites, they figure shipping manually in an easy way and they use Auth.net for processing transactions.
Both platforms have a auth.net module for their ecommerce integration. But with Wordpress, who made the module? How secure is it? The PrestaShop one is developed by Auth.net and PrestaShop and has went through a 3rd party security analysis and testing.
The default Wordpress login system will let you try as many password combinations as possible to get logged in. You can download and install a module like wp_better security to limit that though. But on the front end of an ecommerce site, how do you set that up for UX? If you lock people out of the site, you might miss sales. You would manually have to manage it, or just disable it, because it might be problematic if you have a site that has 1000 purchases a day, you might be spending a couple hours a day dealing with manual password resets and ip white listing. So I would be willing to bet that most merchants will either write a really lax rule or disable the module after a while, it will just cost them too much money. Since Wordpress uses the same login system for the regular customers and the admin, then it will leave the site open to be cracked on an admin level. But there is always the possibility that someone can create a privilege escalation attack too. Then a regular user's access has been escalated to a SU or Admin. But your site does not store credit card info, because you use the AIM method for auth.net, so they are not really going to get anything. OR are they? If it was me, I would just write an override that processed orders as normal, but at the same time printed the CC info to a text file. Then you would be none the wiser.
Most CC issuers like Visa, Mastercard, ect charge about 10k a month for non compliance with PCI standards, that 50% dev cost can be mitigated real quick with a couple fines levied your way.
-
Some valid points re: Wordpress security. Some of these risks can be mitigated by a good developer taking reasonable precautions.
I have sometimes used a custom e-commerce solution -- together with a WP/Yoast combo framework.
I have also seen small clients drop a bundle on incredibly robust security for a site with little or no sales. So they are left with little money to spend on promotion or marketing. It's a bit like hiring armed guards and a supe-duper alarm system for an empty bank vault. You also need to think about getting some money on vault to start with.
Like everything else in life, it's a risk tolerance trade off.
-
Daniel,
I like the WP Yoast combo as well. Another choice for that platform is WooCommerce. We have used that on several smaller ecommerce sites quite well.
Best
-
The security issues with Wordpress are real. It was never designed to be an ecommerce platform, it lacks the security. One of the major security points is the login system. Wordpress only uses one login system, while most ecommerce applications use two. This means you are really open to a cracking type attack. One basic security principal is to never store your admin's in the same table that regular users are stored in. That way, if someone does crack a password in that table, all they will see is 1 user account information, not have control of the whole shop.
Plus you run into the lack of features as a security issue too. Sure you can extend the features with plugins, then you have code written by who knows who, code that might not be secure or might have back doors in it. It is just a bad situation.
Not to mention that the way the templates are written is a huge security risk as well. Wordpress has executable code in the template files. That is how their templates are made. I cannot thik of another ecommerce platform that does this. It kills the whole MVC principal which is built on scalabilty and security.
-
So...this a great discussion. Yay! Many thanks.
And I appreciate everyone's perspectives.
On the supposed security vulnerabilities of WordPress:
**I think it is much exaggerated. **
WordPress (and its plug ins) are certainly vulnerable...in the sense that they are ubiquitous.
But so what? In the real world...lots of people also break into Yale door locks...because there are so many of them. Does this mean Yale locks are inherently insecure? No. You just need to take reasonable precautions..given the ubiquity.
Some of my clients with Wordpress sites have been hacked. In all cases, the problem was rectified within 3-9 hours (including night and weekends) due to robust back up plans.
Like everything in life, all this is a tradeoff: sites that are seldom hacked due to obscuity...,vs. sites that are often hacked due to ubiquity.
I have been at this a long time.
My mega/meta/uber conclusions are:
-
go with a platform that will be here to stay
-
unbiquity is a virtue
-
beware of grandiose claims from obscure start-ups...or failing platforms
-
-
They have had a paid model for a while, it is called enterprise edition. If I remember correctly licenses start out around $14k a year. But at the same time I don't use Magento so I could be totally wrong, I just remember looking into it at one time and thinking it was too high.
PrestaShop is a good open source package. It is what I use.
But again I would just like to say these are rumors I have heard about Magento, they just seem true since they are shutting so much down.
-
Daniel - you are right. I am so glad I posted this! I hadn't a clue!
-
Really! Wow, my developer will be in for a shock. I assume they are focusing on their enterprise edition? Is there no more open source carts out there that are good?
-
I considered Wordpress (it's my blog platform), but oh, the vulnerabilities! I have heard that it is the one of the best with regard to SEO. We have about 1000 SKU's, and are constantly adding and discontinuing items. Need a lot of flexibility in design and functionality - that's where I think Wordpress carts were falling short. We need lots of promotional pricing options, loyalty program, giftcard management, etc. Need a template-based system that allows us to add landing pages and content pages when ever we need them.
-
Prestashop....thanks for the heads up.
As they say on Teletubbies..."Uh-Oh!"
What is the scuttlebutt on what the paid model would look like? What would be included?
Artfx....looks more and more like Magento might not be the right choice for you.
Never a good idea to swim towards a sinking ship! Even rats know better.
-
Just a note on Magento, there are a lot of rumors that the CE is going to be discontinued soon. They already announced they are dropping 2Go and another business product. They closed the community forums a couple months ago, I have heard several rumors at events in the industry that they are going to a paid only model.
-
I’m a great fan of the Yoast/WordPress combo.But you would need an e-commerce solution on top of that. It could range from Shopify to one of the WordPress plug-ins. It all depends on how complicated your e-commerce is. The developer I worked with on my Magento site (three years old) says he wouldn’t make that choice today. Updates and day-to-day management are just too exasperating.
-
Thanks, Daniel. And just when I thought my decision was made about the platform! Is that your only complaint about Magento? It seems as though Magento was the most popular choice with regard to an SEO-freindly platform. Is there one you think is better that is open source?
-
Agree with the answers, but not the idea that Magento is especially SEO friendly. Input of image tags on products is a royal pain!
-
Thanks, Robert. That's a great suggestion to manage errant URL's and minimize lost rank due to improper redirects. I am a new user of Screaming Frog as well, and really need to take full advantage of it.
-
Yep, I get all of that. I've experienced page rank siphoning, blatant misuse of my brand name, not to mention a lot of frustration with the big guys that somehow garner traffic for stuff they don't even have! So I guess you helped me answer that question!
-
Artfx
You have started off correctly, I suggest that you also run the site through Screaming Frog and download the data so that you have an idea of what you do have and the responses. When you do the redesign also run Screaming Frog and check page to page - especially if you end up with redirects.
You could do an SEO audit, but it sounds as if you are already clear you have issues. If questions come up in the redesign, ask them here in Q&A and get the pro help you need. If, after all of that, you need paid SEO audit help, you will have heard a lot and be better prepared to interview SEO firms for that project.I hope that helps you out. Also, Magento is used by a ton of people; you should be fine with it.
Best
Robert
-
Selling on the web is a highly competitive game. I am a tiny company and big companies crush little companies like me every day. All they have to do to get into my space is to toss some new products onto their site and upload those pages and they could be kicking mylittleass by Monday morning. Anybody between you and the heavy weight champion of the world could be showing up in my space within hours.
Kicking mylittleass is the profit growth that my competitor's shareholders are demanding.
So, if I do something like implement a new design and go to a new platform and tweak my UI and a few other things without getting some input from someone who knows more than I do, about different things than I do, and who is watching some of the other methods being used by other people that are getting success then I have really done nothing to improve my competitive position.
I can go into work next week, implement these new things, whistle while I work, sip coffee, stay comfy and think that I am being competitive or I can get a smart person to tell me where I am loafing, kick me in the pants and push me into kicking my biz up a notch.
Every dollar that I have made has been taken from somebody else. Every single dollar. That's how it works on the web. So, if you are not reaching for their throat when they are reaching for yours then you might see your revenue fall by 50% by the end of the month.
Just saying that I get second, and sometimes third opinions on smaller moves than you are talking about for a company that is not that much bigger. I am writing a check to a consultant almost every month.
I think that it is a lot better to get periodic input than it is to get input only at major changes and that is an awful lot better than to think... "I am a nobody and it really isn't worth paying somebody to tell me how I can kick it up a notch... and I don't want to hear them telling me "you are screwing up here".... "do this differently".... "you are slacking here".... If I have that attitude, I'll be a nobody for sure.
The heavyweight champ has a coach. I think I could use one too.
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
How Progressive Enhancement Will be Helpful for SEO?
We have bundle of webpages where we load the content dynamically with the help of Ajax. Since we, need to implement Ajax crawl scheme for making Google to read those Ajax dynamic content we planned to go with hashbang URL's (!#) by creating HTMl snapshots. But last week Google withdrawn their support on crawling the Ajax crawling scheme we are planning to go with progressive enhancement approach as stated by Google in a press release. So, I just want to know what is meant by progressive enhancement and how we can implement in the case of webpages where we load the content dynamically with the help of Ajax? Please advice me on this.
Web Design | | Prabhu.Sundar1 -
Seo and CSS media queries
Hello to all participants! I'm starting on responsive design with css media queries and I was wondering if hidding content can, in this case, can also be bad for seo? I know that hidding content is bad (eg. display: none;), but is it also like that with responsive design or does Google see it other way? If I have a news column with title, image and text for 1024px and hide the text and image leaving just the title for 768px, or smaller, will Google consider this black hat and will it be bad for seo? are there any articles I can read about this subject, and other similar subjects? sorry for my english 🙂 thanks
Web Design | | Lusodados1 -
Visits to Site and Serps?
Do google and bing factor in how many people visit your site per month to determine your serps rankings? If so, does it matter if they visit your site by searching a keyword phrase or by typing in the name in the search bar? My instinct tells me that if the search engine sees 1000 hits per month for a site by keyword phrase and that is high for the industry then they might rank that site higher in the serps. I was wondering if the same would be true if the site is designed and coded properly for a keyword phrase but receives the same 1000 hits per month from visitors typing in the sites name in the search field rather than the search phrase, would that then translate to higher rankings for the keyword phrase? Thanks for your help.
Web Design | | bronxpad0 -
Two sites in same industry and which shopping cart
Right. So I suspect I am going to sound paranoid here - but you'll all forgive me right?? I am sure I saw a reply to a question on the Q&A suggesting that it was a bad idea to have two sites in one industry as Google may see it as trying to get two bites of the SERP cherry... is this accurate? I have an existing asp.net site in the maternity wear industry here in Australia and am wanting to start another site to appeal to a different customer base... the market is quite broad. There will be a core list of products that are the same between the sites, but also some quite different products. Content, product descriptions and categorys will be different. I have another website that I bought with reasonable age and links in the industry that I was going to 301 to the new site to give it a kick in the juice. So, not wanting to deceive my customers in anyway, I was thinking I would call it a "division of" or "sister site to" the existing ecommerce site, with a single link back and forward between the two sites. Would there be anything wrong with this in googles eyes? Even with same contact details? They would be run on totally different platforms and hosted by totally different providers. Or would you keep them totally seperate and only have contact details in images? Or a step further and have totally different phone numbers etc? Then the shopping cart - I would love some suggestions on which opensourse cart to use, preferrably one that I can set up myself, and that has a good framework for seo. I want to use schema.org, authorship, seo friendly urls all of which I am having trouble getting out of the developer of my asp.net site.... I don't want the new site to be asp.net Thanks in advance!!
Web Design | | catfree0 -
Turning my Design Business site into a site to promote SEO
I need advice on retooling my website for my SEO biz. I have shifted my business model from graphic designer who does websites, to "internet marketing consultant who does graphics too". My main website and domain name is over 10 years old, so I've made the decision to keep it, even though it has no keywords in the name. The name works well for the new business, otherwise. The site has a PR3 and I rank well for small business advertising terms, which gets me graphic design business. I intend to keep doing graphic design, but that is a smaller part of my income. I had considered making 3 satellite sites with keyword domain names to cover my offerings of graphic design SEO, website development, and internet marketing. But am leaning against it for several reasons (that all of us SEO's know) but mainly the fact that I cannot keep up with both working for my clients and blogging on multiple sites and link building for multiple sites. So my question is (you knew there was one coming, right?), what is the best approach to building categories of web development, internet marketing, and SEO into my existing graphic design/advertising oriented website? This is slightly embarrassing to ask as an SEO, but given the multiple approaches possible, and knowing the importance of doing it right the first time, it's best to get an consensus perspective on the BEST approach. My main concerns are the navigation system and the links from the homepage into the site. I have too many pages I've identified as essential to link off of the home page and navigation menus? (Website development, social media marketing, link building, keyword research, pay per click, online advertising, graphic design, brochures, catalogs, Logos, Branding, SEO, keyword research etc.) I've always tried for the ratio of one link off of any page for every 100 words of content. Do I create a home page that is of monster proportions? Do I just have the 4 basic areas linking off the home page then create a "landing zone" of 4 folders and create down from that? I am concerned about URL length as I go deeper with that approach. Or, does it make more sense to have a dozen second-level pages, and not link them all off the home page, and build from beneath (and relying on external juice). Next issue is the nav system. It will be huge. Am I best off just keeping it to 4-6, and creating subnavigation on everypage within the site according to section (PITA)? I've read dozens of blog opinions on how much nav systems do or do not hurt link juice. I've always thought footer links were right next to worthless to pass any juice, but given this situation, does it make sense to make a footer link for each major page (about 20)? Thanks for your opinions.
Web Design | | JCDenver0 -
Separate .mobi site or make .com site mobile friendly?
Our website now has enough mobile traffic to justify going mobile friendly, which it is not at this time. I am in favor of making a separate .mobi site designed specifically for mobile phones and smart phones for several reasons. It is cheaper, faster, and easier to accomplish. I think our mobile users will have a good experience though obviously not as much info as our full site. I would use ourdomain.mobi with link or a redirect for mobile users from from the main site. My top three choices for implementing that are http://allwebcodesign.com/setup/mobi-templates.htm#detailsarea
Web Design | | zharriet
Template that can be viewed by mobile or desktop. http://www.onbile.com/ http://www.networksolutions.com/mobile-website/index.jsp Does this seem like a good solution?1 -
How WP Themes work with Navigation Structure for SEO and JQuery Headers?
I am trying to find the best WP Theme for our company. I noticed most of them do not offer a left hand side navigation on the home pages, and usually are on the right side on the inside pages. I always thought that Home Page links were very important for SEO. Currenly we have a left drop down navigation with all of our product catagories, keyword optimized. The structure follows for all the pages. Is this not as important to Search Engines anymore? Is it better to have a products link, to all the products and then the inside pages, have just a navigation bar, for that particular catagory? This seems to be very common on all the templates i am seeing. I also noticed, and really like the JQueary Tabs. I would use this for displaying, PDFs and Specifications Charts. Also, some home page images are using a jquery slider with some text, linking to a page. Is Jquery the new javascript and do search engines see what is in the code? I also noticed they all have footers that have links and some other information. Is this a SEO must have?
Web Design | | hfranz0 -
Recommendation for a company to make a site more mobile friendly?
Hiya, We have a client who uses us for SEO, and a separate company for web development. They have a fairly large site on a bespoke CMS. They're happy with the site, but the user experience on mobile devices is not right. Can anybody recommend a company specializing in that area? Preferably a UK company but not essential. Thanks 🙂
Web Design | | SteveOllington1