Wooassist

Assistance for Your Woocommerce Store

You are here: Home / Archives for WordPress updates

Choosing a Theme for WooCommerce – What to Consider?

By Leave a Comment

There are thousands of free and premium WordPress themes. You might need some help in choosing a theme for WooCommerce. But how exactly do you pick one that’s right for your Woocommerce store?

This article explains what to look for to fit the design requirements of your store and also the functionality requirements and to make sure your new theme will play nicely with Woocommerce.

Different themes have different layout styles. Knowing what you want or need will make looking for a theme easier. Right sidebar, left sidebar, full-width, or maybe parallax? Are you going to be using image sliders? Also, it is important that the theme that you choose supports WooCommerce integration.

Once you know what you need, it might be a good idea to talk it over with your web developer. He might already know of a theme that will suit your purpose.

woocommerce-themes

Here are some criteria for choosing your theme:

Aesthetic Needs

Of course, you shouldn’t focus on the look alone. But, you also need to make sure that the theme matches the look and feel you want. You may be able to customize colors, but major changes on the design are best left to pros. As you choose a theme, it should meet at least 80% of your layout, visual, and content needs.

Stay away from poorly coded themes as this could spell problems for your website down the track when updates are needed.

Many themes also offer a lot of other functionalities that allow users to easily edit the look of their site. However, such themes could add unnecessary bloat to your website. This unnecessary bloat could put strain on your page load times and cost you sales.

Be cautious of Themeforest themes as they are notorious for this. Instead of using a theme with many customizable options, you’ll be better off editing the CSS of the child theme to get your desired look.

We recommend Genesis themes and Storefront.

WordPress Updates

Most themes should support the latest version of WordPress. Still, you should verify before making your purchase. Some older themes that are no longer being updated may not support the most recent updates to WordPress. It’s important to keep up with WordPress updates for functionality and security purposes.

WooCommerce Compatibility

Your theme should be able to integrate with WooCommerce.

WooThemes recommends doing a quick check. Take a look at the theme’s demo and view the source code. You can do this by right-clicking on the page and clicking on “View Page Source”. Look for the WooCommerce version meta tag. Search for the words: WooCommerce Version

The closer it is to the current release of WooCommerce, the better. If it is nowhere near, look elsewhere for a better theme.

Also, go with a theme that has less custom WooCommerce templates. This is because having a lot of WooCommerce templates customized will be a pain to update.

The theme should not have a lot of unnecessary customizations which can be done through a plugin.

Multiple Layouts

Review the theme description and demo to ensure that the theme supports the layout you want to create.  Look for the theme’s documentation and review it to know if the theme can accomplish what you need.

storefront

Don’t just assume that the theme you chose will accommodate one or two sidebars, full width pages, or columns within content.

Theme Navigation

How many menus do you plan on having? Some site owners need secondary menu for categories. Check if the navigation bar can accommodate all your primary menu options. If you hired a web developer, discuss your content sitemap and navigation requirements first before buying your new theme.

Call-to-Actions

As an e-commerce website, you want your visitors to do something and eventually buy your product.

call-to-actions

Make sure your theme can support your list of visitor to-do items. A cohesive design, with built-in options for call-to-actions is recommended.

SEO Friendly

WordPress is SEO friendly by default, but not all its themes are. To achieve an ideal SEO ranking, it’s important for search engines to digest your content. In this case, quality code and solid design architecture are required. Here’s a do’s and don’ts guide from Yoast to make your theme SEO friendly.

Level of support

Theme support is usually available by phone, email, video tutorial, instruction manuals, forums, etc.

support

However, some developers don’t have much time to provide support or answer forum questions that often. For beginners, make sure your theme offers lots of support features.

Reviews and Feedback

If there are available reviews, read through them thoroughly to point out any theme pros and cons.

reviews

Take note of trends, plugin conflicts, and complaints. It may not have a 100% satisfaction rating but a strong rating may be present. Look at both positive and negative feedbacks. Take negative feedbacks with a grain of salt.

Fixed vs Responsive

Most WordPress themes are now designed to be responsive. This means that your website adapts to fit the screen size of the device where it’s viewed. If a potential client is browsing your site, he’ll find it easy to navigate. Not all themes are responsive and since Google has started penalizing non-mobile responsive sites, a responsive design is the only way to go. There is no reason you should be creating a non-responsive site. Check out our post on Google’s Mobile-Friendly Update.

Do you have any more tips when choosing a theme for a WooCommerce site? Let us know in the comments.

How to Make Your WooCommerce Store GDPR-Compliant

By Leave a Comment

How to Make Your WooCommerce Store GDPR-Compliant

The GDPR took effect on May 25. WooCommerce store owners are still scrambling to make sure that their sites are compliant with GDPR requirements. If you serve clients from the European Union, then it is imperative that you make your WooCommerce store GDPR-compliant. Don’t know what to do? Read on below.

What is the GDPR?

First off, a brief introduction about the GDPR. The General Data Protection Regulation (GDPR) is a new regulation in the European Union that sets out standards and regulations for data protection. Data protection reform was initiated way back in 2012 and the GDPR is one fruit of that labor. If you are interested in seeing the GDPR in its purest form, you can check out this link.

Why Comply with GDPR Regulations?

If you do not serve customers from the European Union, then there is no need for you to comply with GDPR regulations. Still, your customers will appreciate the gesture if you make an effort to comply. This shows that you value their data and privacy.

If you serve a specific country in the EU or serve a global audience, then you are covered by the GDPR. That means you may receive hefty penalties of up to €20 million if you are found to be in violation of its provisions.

How Can I Make My WooCommerce Store GDPR Compliant?

Due to harsh penalties, it is recommended to act to make your WooCommerce store compliant. We will now detail the tasks that you need to do to comply with GDPR regulations.

Step 1: Update Your Site

The first thing you should do is update your site. The latest versions of WordPress and WooCommerce have implemented features to be GDPR-compliant. WooCommerce now has a feature that allows users to export their data and delete their data. Site administrators are also granted tools to determine how long data will be retained as well as an option to delete user data. Don’t forget to back up your site and test updates on a development site before updating your live site. For more information on the changes relating to the GDPR, you can check out this post.

Other popular plugins that manage user data such as MailChimp and Google Analytics have also implemented measures to make their services GDPR-compliant.

Step 2: Secure Your Site

Another mandate of the GDPR is that store owners should make their site secure. One way of keeping your site secure is by using the HTTPS protocol. You’ll need an SSL certificate to use HTTPS. You can follow this guide on how to install an SSL Certificate on your WooCommerce store.

There are a few other things that you can do to increase the security of your WooCommerce store. This includes keeping your site updated or using a security plugin. You can check this blog post for other important security tweaks.

Step 3: Create Important Pages

You will need to create a Terms and Conditions page, a Privacy Policy page and a Cookie Policy page. We would still recommend consulting your legal department about creating these pages. If you already have these pages, you need to make sure that you add provisions specific to the GDPR.

Create a Terms and Conditions Page

You can create your own Terms and Conditions page or you can generate a terms and conditions page using this tool from Shopify. If you choose to generate a terms and conditions page, you’ll still need to tweak it. And make sure to add any specific terms and conditions unique to your business.

Create a Privacy Policy Page

You can create your own Privacy Policy page or you can download a template here that you can tweak depending on your needs.

Create a Cookie Policy Page

You can create your own Cookie Policy page or you can download this template and tweak it according to your needs.

Notes on Important Pages

After you’ve created all the pages above, you will need to ensure that these pages can be accessed from any page on your site. For this purpose, we recommend adding links leading to these pages on your WooCommerce store’s footer.

Step 4: Create a Data Breach Response Plan

As per GDPR requirements, you will need to detail how your organization deals with a security breach. You can download a template here. Populate it with pertinent information about your Security Incident Response Team and external contacts.

In case of a security breach, you must also inform all customers whose data may have been leaked. You will need to have a template ready for communicating the breach. You can download the email template here.

Step 5: Add a Cookie Notification Pop-Up

You might have noticed that most, if not all, websites that you visit now have a pop-up that declares that the site uses cookies. That’s because the GDPR also requires website to declare that they are using cookies to track user data. Implementing this is easy on WordPress. You can use the UK Cookie Consent plugin to create a cookie notification pop-up on your WooCommerce store.

Step 6: Ensure that Your Email Opt-in Forms are GDPR-Compliant

If you are using MailChimp, you will need to turn on the GDPR fields on your opt-in forms. Note that this does not make your opt-in forms GDPR-compliant. Rather, this is the first step to making your WooCommerce store GDPR-compliant.

You will still need to get consent from new contacts and existing contacts. You read that right. Even if users have already consented to receive emails from you prior to the GDPR, you will still need to get consent again. For more information on how to get consent, you can check out this article from MailChimp.

If you are using a different tool for your email marketing, you can check with your service provider. Check if they have made any changes to help you comply with GDPR.

Step 7: Ensure that the Plugins You Use are GDPR Compliant

To ensure that your plugins are GDPR compliant, you will need to do a plugin audit. This task may be tedious as you have to sift through all the plugins that you use. First, you’ll need to check if the plugins are still being updated by the plugin author. If that plugin author has not updated the plugin in months (or worse, years), then that’s a red flag. A plugin that is not being updated is a security concern and GDPR requires that websites need to be secure.

Once you’ve weeded out the outdated plugins, you’ll need to identify which plugins manage or use user data. Example of plugins that deal with user data are analytics plugins, contact form plugins, and opt-in form plugins. Check if the plugins that manage user data have taken steps to become GDPR compliant. If they have not, consider finding another plugin that is GDPR-compliant.

Final Notes

Doing all the steps above does not guarantee that your WooCommerce store will be fully GDPR-compliant. We still recommend seeking legal advice. If you need any help getting any of these tasks done, you can contact the Wooassist team and we should be able to help.

Do you have any other tips on how to make a WooCommerce store GDPR-compliant? Let us know in the comments.

Why is it Important to Keep Your PHP Version Updated?

By 4 Comments

The WordPress ecosystem is built on the PHP programming language. PHP is continuously being developed to improve security and make code execution faster among many other improvements.

PHP End of Life

At some point, a version of PHP will become obsolete which is referred to as the “end of life” of that version. This means that version of PHP will no longer receive any security fixes.

Unfortunately, many websites are still running on outdated PHP versions. All these websites are at risk.

According to WordPress statistics, 18.5% of WordPress sites are still running on PHP 5.6 or lower. Support for PHP 5.5 ended on December 2018. Another 34.7% of WordPress sites are running PHP 7.2, 7.1 and 7.0. Support for PHP 7.2 ended November 20,2020. That would make 53.2% of WordPress sites vulnerable to PHP exploits.

WP PHP versions
Source: WordPress.org

Why are Majority of WordPress Sites Running Outdated Versions of PHP?

Many users most likely don’t even know what PHP version they have since updating it is more complex than updating themes and plugins. Many non-technical WordPress users are wary of touching their hosting settings or cPanel. And for good reason. one wrong click on cPanel could cause your site to go down if you don’t know what you are doing. This seems to be the biggest barrier to adoption of newer PHP versions.

Some hosts are also slow to adopt and offer newer PHP versions. We recommend WPEngine and Siteground as they are quick on the uptake when it comes to PHP version offerings.

Why You Should Update

Better Security

The main reason that you should update your PHP is for security. As we have already mentioned, older PHP versions are no longer getting security fixes. That means known vulnerabilities are not being fixed on that version which leaves your site open to attacks.

Site Speed

Newer PHP versions will execute code faster so that means faster page load speeds. Faster page load speed means better user experience and good SEO signals. Site speed is an SEO ranking factor. So if you want to hit page one of Google search results, invest in site speed.

Ongoing Support

If you are running the latest PHP versions, you are protected from the latest known vulnerabilities. People work to fix security vulnerabilities in PHP when they come to light. The same goes for known bugs.

How Do You Check Your PHP Version?

Now you’re curious how to update your PHP version. First off, you have to find out what version of PHP you are using. There are several ways to check your PHP version. You can actually check on your WordPresh Dashboard.

Site Health Page

The Site Health page that you can access from your WordPress Dashboard contains a plethora of useful information that you can address to keep your site secure. You can reach it by going to Tools and then clicking on “Site Health”. Or you can just append your domain with:

/wp-admin/site-health.php

WooCommerce Status Page

If you are using WooCommerce, you can also click on WooCommerce and then on Status. You can see your PHP version when you scroll down to the “Server environment” table.

woocommerce PHP version

There are other ways to view your PHP version but these are the easiest methods for WordPress users.

You Know What Version of PHP You are Running, Now What?

If you not running an outdated version of PHP, then you don’t need to do anything. If you find that your PHP version is outdated, there are a few things you need to do before you update your PHP version.

  1. Create a staging environment. You can test all your updates here before updating your live site. You will, essentially, also need to test the PHP upgrade on a staging environment so this is a necessary step.
  2. Create a backup of your site.
  3. Update your WordPress core.
  4. Update all your themes and plugins. If you are using premium themes and plugins, make sure you have an active license for everything so you can receive automatic updates.
  5. Remove unused plugins.
  6. Find and remove abandoned plugins. This could get complicated if your site relies heavily on an abandoned plugin. We have a separate guide for removing abandoned plugins.

Now You’re Ready to Upgrade Your PHP

We recommend letting a developer upgrade your PHP version in case something goes wrong or at least have a developer at your beck and call before you proceed.

How you upgrade your PHP depends on your hosting provider so you should consult your hosting provider’s documentation. You will most likely need to navigate cPanel or your hosting account’s dashboard. Some hosting providers will actually require you to create a support ticket to request a PHP upgrade.

Make sure you are testing the PHP upgrade on a staging environment first so you can sort any issues in a controlled environment.

Have your hosting provider’s contact information at the ready so you can reach out to them right away if you encounter a problem.

If you need technical help with any of the steps leading to the PHP upgrade or the actual upgrade, you can contact us.

If you have any questions, you can also let us know in the comments.

How to Find and Remove Abandoned Plugins from Your WooCommerce Store to Keep Your Site Secure

By Leave a Comment

How to Find and Remove Abandoned Plugins

You probably already know that keeping your site updated is important for security and to keep everything running. But did you know that just updating your WordPress core, themes and plugins might not be enough? What else should you be doing? You should find and remove abandoned plugins.

WordPress does not automatically warn users using a plugin when plugins are abandoned by their developers. This is important because when developers abandon their, they do not receive updates. This includes critical security updates and other updates to make sure that the plugins stay compatible the current versions of WordPress and WooCommerce and your theme.

Why is it Important to Find Abandoned Plugins?

Abandoned plugins are critical security issues as they are likely to contain deprecated code and vulnerabilities that may be exploited by hackers. Abandoned plugins can also break functionality on your WooCommerce. Your lucky if it breaks a layout or something else minor. In some cases, abandoned plugins can affect your product purchase process. Imagine breaking your WooCommerce store’s checkout because of an abandoned plugin.

How to Find Abandoned Plugins?

You can search for abandoned plugins manually by going to your plugins page and clicking on the “View Details” link on each plugin. Clicking on this link would take you to a different page and your next action would depend on where the link takes you.

If the plugin is not in the plugin repository, you might find a different link to visit the plugin’s site.

It Takes You to a Page with the Plugin Details

If you got the plugin from the WordPress plugin repository, you will most likely be taken to a plugin page with all the plugin details. There you can see when the plugin was last updated. You should be wary of plugins that have not been updated for several months. If you find that the plugin has not been updated in over a year, note it down.

It Takes You to a Page that Tells You that Plugin Has Been Remove From the WordPress Repository

If you find yourself on a page that tells that the plugin has been removed from the WordPress plugin repository, this is a major red flag. There are several reasons why a plugin could be removed from the repository. The less alarming reasons are if the plugin author has requested removal of the plugin or there are some licensing issues. However, in some cases, it would be because the plugin has violated the WordPress Plugin Guidelines or has been identified to have a security vulnerability severe enough to warrant a removal. If this is the case, remove the plugin immediately and scan your site for malware.

It Takes You to a Third-Party Plugin Vendor’s Site

If clicking on the link takes you to a plugin vendor’s site, you might need to do some further digging to find if the plugin is still being updated. Search for the developer’s change logs on the plugin to see when it was last updated. It might also be worth checking how often the plugin developers release an update. Also check if you have the latest version of the plugin installed. If it is a premium plugin, there is a likelihood that you are not getting automatic updates because of an expired license. In this case, renew your license and update.

It Takes You to a 404 Error

If it takes you to a page with a 404 error page, check the site’s home page and try to find information on your plugin. The plugin developers may have already gone out of business which means the plugin has been abandoned.

As you are probably thinking by now, scanning your site for abandoned plugins can be a handful. Thankfully, you can use WordFence to scan your site for abandoned plugins. Just install the WordFence plugin and run a scan, if there are any abandoned or outdated plugins on your site, WordFence should alert you of it.

So You Found One or More Abandoned Plugins on Your Site. What now?

In a perfect world, you just remove abandoned plugins and be done with it. However, things are usually more complicated than that. Chances are you are actively using the plugin and you might not be noticing any problems with it. But that doesn’t make the plugin any less of a security threat. We recommend removing the plugin and finding an alternative plugin that is not abandoned. If there are no alternatives available, you can customize the functionality instead. These should all be done on a staging site so as not to disrupt your live site.

But What if the Plugin is Critical to Your Site Functionality?

There’s not really much you can do in this case. You can try to contact the plugin developer or hire a developer to create your own plugin. It is most likely a bigger risk to your business if you keep using an unstable and unsecure plugin. Under the General Data Protection Regulation (GDPR), you will be liable to your customers if their data gets leaked because of a security breach. The fines are hefty so it might be best to err on the side of caution.

If you’ve fixed all the abandoned plugins on your WooCommerce store, you might want to keep yourself updated on the latest security news concerning WordPress and WooCommerce. You can subscribe to our newsletter to receive security updates on your inbox.

If you are looking for more things to do to make your site more secure, you can also check if your site is running the latest version of PHP.

13 Routine Maintenance Tasks that You Should Do on WordPress and WooCommerce

By Leave a Comment

Routine Maintenance Tasks for WordPress

Maintaining a WooCommerce store is a lot of work. There are a lot of routine maintenance tasks for WordPress and WooCommerce that need to be done on a regular basis. In this post, we list down the most important tasks that you should do on your WooCommerce store.

1. Create Regular Website Backups

Create Regular Website BackupsCreating regular site backups is critical. It is your first fallback in case something breaks on your site. While you can make backups manually, it is important to make regular automated backups. Check with your hosting provider if they create regular backups of your database as well as a complete backup of your site. You can also install a backup plugin such as Updraft Plus or BackWPup and set it up to make regular automated backups for you. We still recommend creating manual backups before doing major work on your WooCommerce store though.

2. Update WordPress, WooCommerce, Themes and Plugins

Updating all elements of your WooCommerce store should be done on a regular basis. Do this weekly if you have the time. If not, monthly updates are good enough. Updates include updating WordPress Core, themes, WooCommerce and all other installed plugins. Remember to backup up your site before proceeding with updates since updates could cause your website to break. If you have a development site, it would be best to test the updates first on this staging environment. Then, do some user testing to make sure that there are no errors. After that, you can proceed to update your live site. When that’s done, you will need to do another round of testing. Some important elements to test include checkout, add to cart, contact form emails, opt-in forms and other customizations that were done on the site.

3. Update WooCommerce Template Files

After updating WooCommerce, you will sometimes get an error notifying you of outdated WooCommerce template files. This just means that your theme has not updated to include the latest WooCommerce template files. In some cases, this could cause some formatting issues on your store. If there are no errors on your store, you can simply wait for your theme to release an update that includes the most recent template files. Or you can also fix this manually by following the steps in this documentation from WooCommerce.

4. Change User Passwords

It is important to use strong passwords. However, it is just as important to change passwords on a regular basis. There are times when security breaches can go undetected for a long time. Changing your password regularly blocks out these security breaches that you might not realize are there. You should change your password for WordPress admin, FTP, database and cPanel. And a pro-tip, never use “admin” as your username. This is the first username that hackers try out when brute forcing into websites.

5. Optimize Your Product Images

We’ve always emphasized the importance of optimizing images for your WooCommerce store to keep your site running fast. If you have uploaded any product image that is more than 100KB in size, it might be a good idea to replace that image with an optimized product image. To learn more, you can check out our blog post on how to optimize images.

6. Approve and Respond to Product Reviews

Moderate Product ReviewsIf you are not asking your customers for product reviews then you might want to reconsider. Most people who buy online look for product reviews before they decide to purchase something. One study found that 85.57% of users read reviews before they purchase. And if you are asking your customers for product reviews, then you will need to approve reviews on a regular basis. A word of advice, do not remove negative reviews of your products. Instead, make it an avenue where you can show good customer service. Respond to the negative review. Offer a replacement for a defective product or offer a refund. People reading reviews will want to see some negative reviews to get a well-rounded picture of your product. When moderating reviews, you only need to remove the spam reviews.

7. Approve and Respond to Blog Comments

If you have a blog that is made to drive customer engagement, then your blog will most likely attract comments. Same with product reviews; don’t delete the negative comments. Rather, address them positively. Remove any spam comments as this will negatively impact the user experience of your blog. If you are using Akismet: Anti Spam plugin, this will block out most spam comments. However, some spam comments can still get through and you will need to manage them manually.

8. Test Your Contact Forms and Email Opt-in Forms

Every now and then, you will need to make sure that your contact forms and email opt-in forms are working. Just fill in your forms and send. If you receive it in your email, then you’re all good. But if you don’t, there’s something wrong and you need to do something about it. Have your developer look into it.

9. Optimize Your Database

Over time, your database accumulates a lot of gunk and you need to clean it to make sure your website runs fast. Before you go about this task, make sure you create a backup. You can choose to clean your database manually if you are comfortable and familiar with working on your database. Otherwise, you can use a plugin to do the optimizations for you. Notable plugins include WP-DBManager and WP-Optimize. You can check out our guide on how to clean your database.

10. Test Your WooCommerce Store’s Speed

If you have not yet made optimizations to your WooCommerce store’s speed, you should consider doing it now. Site speed has become increasingly important for WooCommerce store owners. Google now considers site speed as a ranking factor for SEO. Also, if you have a slow site, this will negatively impact the customer’s experience on your site. It is easy for your customers to buy instead from your competitors. You can test your site speed on Google’s Page Speed test and Google will provide you with recommendations on how you can improve your site’s speed. Other notable tools that you can use to test your site are Pingdom Website Speed Test and GTmetrix.

11. Scan Your Site for Malware

One way to keep on top of your website’s security is to regularly test your site for any malware. If you are connected to Google Search Console, it will let you know if malware is detected on your site. If your site has been found to have any form of malware, Google Chrome will actually alert your visitors that your site is dangerous. This can have devastating effects on your traffic and conversion rate. No one will want to enter their payment information on a site that has malware. In extreme cases, Google may block your site from appearing in the Google search results page. You want to prevent this from happening. It would be best to invest on your site’s security by installing a security plugin such as Sucuri Security and WordFence. Even if you have those plugins installed, it is still a good idea to a manual scan. You can scan your website at Sucuri’s Website Malware and Security Scanner, or at SiteGuarding. If any manual scans detect anything malicious, you can contact your developer to fix the issue. You should get it fixed before Google applies any penalties. Wooassist also offers a security hardening service to improve the security of your site so you can prevent this from happening.

12. Fix Broken Links

Broken links are bad for user experience so check your site regularly for any broken links. You can use W3C Link Checker or any other similar tool to check for broken links. Once you’ve found the broken links on your site, you can start fixing them. You can either remove the links or points the links to a new relevant URL.

13. Test Your Checkout Process

Last but definitely not the least; you should regularly test your checkout process. If you suddenly experience loss of sales, it’s a good idea to test your checkout. There might be an error that prevents your customers from checking out. Testing also gives you a feel of what your customers go through so you can optimize your checkout. Once you’ve determined that your checkout has problems, you can check out our post on how to fix the most common checkout problems in WooCommerce.

Final Notes

By doing these tasks on a regular basis, you can keep yourself on top of any issues that may occur on your WooCommerce store. If you find yourself overwhelmed by the all these, you can hire someone else to do it. You can also contact us and our team will be glad to assist with any of these tasks.

Are there any other routine maintenance tasks for WordPress and WooCommerce you think should be done on a regular basis? Do you have any suggestions? Let us know in the comments.

Let us support your online store so you can manage your business

Get started today

Get 2 Hours of FREE SUPPORT

We are so confident that you will love our services that we will give you your first 4 hours at a 50% discount

That’s 4 hours for only $75

Free eBook

5 Things Every Online Store Can Fix On Their Website In The Next Week To Increase Sales

Wooassist

Australia:
59 Luke St.
Hemmant QLD 4174

Philippines:
San Miguel St.
Poblacion, Iligan City 9200

Connect