Websites, SEO, and redirect questions
- 
 I'm only familiar in making webpages in the same way that @Sparkum is... clearly we are both way out of touch.  
- 
 Oh ok sorry then yes I am completely using a CSM! 
- 
 Sorry nope not on the same boat as you, just have no idea what I'm talking about haha. Currently looking into Boilerplate for a random task at work though, slightly more towards how you probably know I assume 
- 
 Dont give up on me guys, Bump haha 
- 
 @Dashrender said: Isn't Wordpress also one of the most hacked webpage type? By that definition, is Windows the most hacked OS?  
- 
 @Breffni-Potter said: @Dashrender said: Isn't Wordpress also one of the most hacked webpage type? By that definition, is Windows the most hacked OS?  That's kinda a given. Now the question is, are there more windows computers in the world or linux ones? (server and home users both are part of this question) 
- 
 @Dashrender said: Now the question is, are there more windows computers in the world or linux ones? (server and home users both are part of this question) according to this, https://en.wikipedia.org/wiki/Usage_share_of_operating_systems 
 Linux by far - which makes sense when you consider Android phones/tablets/etc
- 
 @Dashrender said: @Dashrender said: Now the question is, are there more windows computers in the world or linux ones? (server and home users both are part of this question) according to this, https://en.wikipedia.org/wiki/Usage_share_of_operating_systems 
 Linux by far - which makes sense when you consider Android phones/tablets/etcJust think about all the websites out there. I'm sure a vast majority of them run on Linux or Unix. Very few run on Windows. 
- 
 @coliver said: @Dashrender said: @Dashrender said: Now the question is, are there more windows computers in the world or linux ones? (server and home users both are part of this question) according to this, https://en.wikipedia.org/wiki/Usage_share_of_operating_systems 
 Linux by far - which makes sense when you consider Android phones/tablets/etcJust think about all the websites out there. I'm sure a vast majority of them run on Linux or Unix. Very few run on Windows. Are there more websites on the internet than people on the planet? How about this, are there more websites on the internet than connected people on the internet? Probably not, probably not by a long shot. 
 Plus when you consider that a single webserver can host hundreds or more websites, you're reducing the number of linux boxes you need to run those websites.
- 
 @Dashrender said: @coliver said: @Dashrender said: @Dashrender said: Now the question is, are there more windows computers in the world or linux ones? (server and home users both are part of this question) according to this, https://en.wikipedia.org/wiki/Usage_share_of_operating_systems 
 Linux by far - which makes sense when you consider Android phones/tablets/etcJust think about all the websites out there. I'm sure a vast majority of them run on Linux or Unix. Very few run on Windows. Are there more websites on the internet than people on the planet? How about this, are there more websites on the internet than connected people on the internet? Probably not, probably not by a long shot. 
 Plus when you consider that a single webserver can host hundreds or more websites, you're reducing the number of linux boxes you need to run those websites.I'd guess there are probably more websites then people connected to the internet. I'm not sure though I wonder if there is stat for that somewhere. You're right about the webserver thing though... 
- 
 Yep, WordPress is a PHP application running about 30% of the top million sites on the internet so it is a big target for hackers and their bots. It's also the thing that most shared web hosts offer their users in a "set it and forget it, you don't need to know anything about this" autoinstall process. Those two things combine into an all-too-common story: people that really shouldn't be administering a PHP web application (or anything, really) are led into installing, configuring, and maintaining WordPress for their little food blog or whatever because it's easy to start with. Then they're left to the wolves as soon as the site is installed and vulnerable to exploitation. This means that you will be miles and miles ahead of the majority of WordPress installations out there in terms of security if you implement anything vaguely resembling web application best practices. Even if you just make sure to update your site once a month! If you take a look at the vectors people get infected with, they are almost always vulnerabilities that were actually patched months (or even years) ago. Example: The most infamous wave of infections to hit WordPress users in the past few years was caused by a critical vulnerability within RevSlider 4.14 and below, which was a slider plugin packaged with themes for sale on ThemeForest without the ability to auto-update itself. The devloper patched the vulnerability in February of 2014, but didn't tell anyone and didn't release the update to anyone besides their paying customers - so no one who got the plugin as part of a package deal had access to the security update. After a while, they released an updated version that people could use without having paid for their own license... but even after that, the majority of affected sites were maintained by people that didn't understand the importance of staying up to date and so it didn't help much. As a result, this one plugin was the vector for a wide variety of malware campaigns throughout the next year... and bots are still roaming around trying to exploit this particular bug because there are still sites that are vulnerable to it. So long story short, as a site visitor you should probably be wary of any WordPress site that seems to be slapped together with defaults for everything. My tell for this is basically: if I can plainly see that it's WordPress based on the URL, then I'll make sure NoScript is on and think twice about visiting it at all. The only exception is the wp-content directory because a ton of plugins require that you use that directory without renaming it. As a site administrator, you should make sure that you have a good security plugin configured and don't have a user named "admin" but otherwise you should be all set to avoid 99.9% of the WordPress "hackers" (script kiddies using WPScan) out there. With that out of the way, regarding SEO: According to this Yoast post, 301 redirects are the proper way to preserve link SEO when altering the link itself. In terms of images, they should still have the same media library URL unless you're changing the whole site URL as well... so you shouldn't need to create redirects for those. 
- 
 Awesome, thats the confirmation I've been looking for. Fun little read about how such slight things can screw over tens if not hundreds of thousands of people. 
- 
 @Dashrender said: I'm only familiar in making webpages in the same way that @Sparkum is... clearly we are both way out of touch.  Me too! 
- 
 Sounds like things have gotten significantly easier to manage/maintain. @scottalanmiller do you have any suggestions on tutorials for modern webpages? Then of course I have to have someone who's create tell me what to design, I don't have a create bone in my body. 
- 
 @Dashrender said: Isn't Wordpress also one of the most hacked webpage type? As someone that has been using WordPress for years, and managing more and more sites everyday, I can promise you WordPress is very secure. The Problem is plugins. People don't take care when installing them and don't keep them up to date. Or, they set there username and password to admin.  



