This article originally appeared on the Prime Design Solutions website.

(The audio for this podcast is no longer available, but it is summarized below.)

Regardless of the type of business or organization, digital marketing is likely to be a huge component of your promotion strategy. While some listeners will be able to confidently navigate this technological landscape, others find themselves intimidated by the alphabet soup of “https,” “CMS,” IP addresses” and so on. In this podcast we’ll review the common technical areas encountered when setting up a website or email, helping you make decisions about maintenance and keeping your digital presence secure.

What’s the difference between a domain name and web hosting/web space?

Web hosting is the place where your web site files are stored. A domain name is the text you type into your browser’s address bar—something like www.primedesignsolutions.com, or google.com. It’s the human-friendly way to access a website. If domain names didn’t exist, you’d have to remember a series of numbers (an IP address) to get to a site.

Web hosting/web space encompasses the files that run your site, like HTML or PHP files. It also includes any images on your site, Javascript, or anything else that appears when a user accesses your site.

You could think of web hosting like your house where you physically live, and a domain name as your mailing address that helps people find you.

How do I register a domain name or buy web space?

  • If you’re doing everything yourself, it’s best to register your domain name with the same company that will be hosting your site. Most web hosting companies offer to register a domain, sometimes for free the first year, with the purchase of web space.
  • If you’re going to be going with a marketing firm, they typically handle everything for you.
  • If you just want to buy a domain, and have the account under your control, you can go to any place that sells domain names, called a domain registrar. GoDaddy is probably the most popular domain registrar (though we don’t recommend web hosting from GoDaddy). You could go to GoDaddy.com, enter the domain you want, and click “Search.” If your domain is available, you have the option to purchase it. If it’s not available, they give you a few “similar” alternatives — if www.yourcompany.com isn’t available, the registrar might suggest www.yourcompanyinc.com, or www.yourcompany.net, and so on.
  • Domains cost between $10 and $18, depending on where you purchase them. It’s important to know that it’s not a one-time fee—you must renew your domain every year. If the payment isn’t submitted, your domain will expire, and you could lose it.
  • Once a domain expires, the website and associated email will no longer work. There is a grace period, but the time frame depends on the registrar, how popular your domain is, and the extension (.com, .org, etc).
  •  If you choose to buy a domain name and web space on your own, always keep track of all account information. This is vitally important, and includes:
    • The company where you purchased your domain and/or web hosting. There are a lot of options, and if you lose track of this it can create real problems down the road if you need to renew or make edits.
    • The login credentials to the control panel and/or billing area.

Is free email included with my web hosting?

It depends on where you purchase your hosting. Most hosts do offer free e-mail, but as with most free things, there are usually hidden non-monetary costs. Examples:

  • Proprietary e-mail is sometimes difficult to set up on a smart phone, mobile device, or email client like Outlook.
  • It’s sometimes difficult, or not very intuitive, to use.
  • Address book/contacts area is often clunky.
  • Attachments must be downloaded in order to be viewed—there isn’t always a preview option.
  • Spam protection isn’t that great. It’s usually something you have to set up on your own, and keep maintaining, for it to work well.

Prime Design Solutions recommends and offers Gmail through Google Apps. It’s $5 per person, per month.

  • Gmail is pretty much industry standard, so it’s easy to set up on almost any device or with any client.
  • It’s easy to use. Period. It works well on smart phones, tablets and email clients.
  • Google spam protection is fantastic right out of the box—no need to configure and maintain!
  • There is more to just Google Apps than email. You also get access to Google Calendars, and Google Drive (a storage area for files — and you get a very generous amount of space), just to name a few other useful tools.

Why would I pay for Gmail when I could get a free account?

Gmail’s paid service allows you to have e-mail with your domain name. So instead of having name@gmail.com, you could have name@primeds.com. This also means you can have whatever name you want—you’re not limited to what hasn’t been taken. For example, jirvin@gmail.com is unavailable, so I would have to come up with something unique (which would probably be something like jirvin123987@gmail.com, and that’s yucky).
It’s more professional to have email with your own domain name. It gives you credibility, and helps gain your customers’ trust. Imagine if you were viewing someone’s website—who would you trust more? jirvin@primeds.com or jirvin123987@gmail.com?

What is Google Analytics?

Google Analytics is a free Google service that monitors your website and generates statistics about your site’s traffic. It also measures conversions and sales, with the following features:

  • It can tell you about who visits your website as well as how they visit your website, among other things. User information can include their geographic location. How they visit your website can mean what sites refer them to you, what page they access first, and so on.
  • You can see what pages people visit the most, and how long they spend on those pages—essentially find out what the most popular pages are. Once you know this, you can produce more content that people will like, and keep them coming back for more!
  • You can also see what pages don’t do so well. Maybe you have a shopping cart, and you see that a lot of people are abandoning the cart at a certain step. With this information, you can take a closer look at that certain step, see and fix what’s making people click away.
  • There’s also a statistic to see what kind of device a visitor is using. If you notice that 80% of your visitors are viewing your site on their phone or tablet, you definitely want to make sure your site is responsive, meaning that it responds to the dimensions of the device (mobile, desktop, or tablet), or at least offers a mobile view.

Domains, web space, email, and now analytics… How do I keep track of all these separate accounts?!

We use something called a password manager. It’s an application that lets you store all the vital information for your logins—things like the url, the username, and password. There are lots of different kinds of password managers, and lots of free ones, so you might want to try a few to find the one that works best for you.

We prefer Password Safe. It’s free, and we like how it’s set up. You create a password database that contains all your account information, and then you password protect that database. Of course, this is a password you’ll want to remember, as it’s the key to accessing all your other passwords!

If that sounds like overkill, even something as simple as a password protected Excel spreadsheet could work. The important thing here is organization.

What are some best-practices for protecting my site?

  • The best and most obvious thing you can do is have a very strong password. If you have a password manager, something like Password Safe, there’s no reason not to have a crazy gobbledegook password you can’t remember (there are password generators online that can help with this) — your password manager will remember it for you.
  • Make sure your content management system (CMS) and all related plugins and add-ons are up-to-date. Bugs and security holes are found, and fixed, all the time. Keeping everything updated keeps your site safe. That said, a lot of times it’s best to contact whoever set up and maintains your website and ask them to update your site for you. Depending on the complexity of your site and how many third-party plugins and add-ons you use, updating could break your site.

How about for WordPress?

On the front end (which is the admin area), be careful about what plugins you install to a WordPress site. Plugins are custom-made bits of coding that can be added to a website that can make your site do a great deal of interesting and useful things. But it’s easy to get plugin fever and start downloading and installing plugins for everything–and that can create security problems.

You’ll want to do a little bit of investigative work on a plugin before you use it. We install a new or unfamiliar plugin in a dev environment so we can test it out without breaking a site that’s in production. We also check to see how often the plugin is updated, what other users have said about it, and if the plugin author has made any other plugins. WordPress itself is pretty secure, but it’s really easy for a plugin to introduce vulnerabilities.

On the back end, in the code itself, there are more things you can do to lock down WordPress. These are things we do when we install WordPress, but a lot of them can be added later. Some of the more basic things include:

  • Generating and adding security keys to the config file.
  • Changing the wp_ table prefix in the database to something random.
  • Changing your admin user name to something random instead of “admin.”
  • Creating htaccess files to lock down key directories in the site. An htaccess file is a set of commands that the server listens to — it lets you do all kinds of things, like password protecting a directory, or allowing only certain file types to be accessed by WordPress.

What about CMSMS?

CMS Made Simple, or CMSMS, is a content management system that isn’t as popular or well-known as WordPress. The fact that fewer sites use CMSMS automatically makes it less hackable, much in the way that Apple computers are much less vulnerable to viruses than PCs — fewer users mean that fewer people try to attack it.

There are fewer security options out of the box, but one that we like, and one that’s interesting, is that CMSMS gives you the ability to rename your admin area folder. So instead of yourdomain.com/admin, you can have yourdomain.com/somethinghardtoguess. WordPress allows you to do something similar, but we’re a little uncomfortable implementing that because of plugin compatibilities.

Is WordPress or CMSMS better? What about Drupal, or some other content management system?

They all have their strengths and weaknesses. WordPress might be more popular, but because it’s popular, it’s also more likely to be attacked. It’s not an easy target, but it’s a larger one.

CMSMS might be less popular, so it’s less likely to be attacked, but it also doesn’t have a large developer community. There are thousands of plugins for WordPress (not all are great) but there are only a few hundred modules for CMSMS, and they’re not always as up-to-date as WordPress plugins.

When choosing a CMS, it’s best to look at what you want to do, and then pick the right tool for the job. CMSMS is great for making general websites, but WordPress handles blogging a bit better. WordPress is easy to use, but is best for smaller, less-intricate sites, while Drupal has a steep learning curve but handles larger, enterprise-level sites especially well. There are other CMS options, including Joomla, DotNetNuke, and ExpressionEngine.

There are times when not having a CMS is a good decision too. If you have a small three or four page informational site, and it’s going to stay that size, a straight HTML site may be your best, most affordable option, and you eliminate security problems.

Help, I think I broke something!

Stay calm! It happens. The best thing you can do is ask for help right away. Contact whoever manages your website and tell them what the problem is, and exactly what happened. Don’t leave out information because you don’t think it’s important, or you’re embarrassed. The tech you work with just needs to know about it so they have all the information necessary to fix things. It makes it a lot easier to find out what the problem is.