Select Page

The Importance of Using the Model View Controller MVC Design Pattern

Naturally working on a lot of web application projects in multiple languages from Java EE to PHP to websites to mobile applications, one common thing that we see time and time again is the lack of thought that goes into design patterns for websites and web applications. Often having to pick up projects at this point, generally when they have already gone seriously wrong, we can’t but help think that there must be a better way to prevent these issues we see through sharing best practices to ensure scalable web applications are built and can be maintained with ease. Specifically for this blog post we are going to look at the Model View Controller MVC design pattern.

If you are working in any form of software development, website development or web application development, I’d argue that this is one of the most powerful design patterns to get your head around as when you fully understand the relatively simple approach behind the MVC design pattern this allows you to think about the structure of your code and project before jumping in and writing a single line of code. By taking this time up front, I can absolutely guarantee that this will save you an unbelievable amount of time working on your application over time and most importantly, for the businesses you are working with this will help to ensure bugs, features, functionality improvements and tweaks can be delivered much faster with fewer errors.

 

What is the Model View Controller MVC Design Pattern

So let’s just take things back a step as if you haven’t been working away on larger web application projects previously, you may not even be aware of the MVC design pattern, hopefully you are away of what design patterns actually are if you are working in web application development though, if not, then I recommend going on a date with Amazon to learn about design patterns.

The MVC design pattern is a way of structuring your code to break up the key elements of your web application which includes;

  • Model: These are the bits of code that actually do things
  • View: These are the bits of code that make the things look pretty
  • Controller: These are the bits of code that control what happens when someone requests a resource such as a page on your website, the business logic of your web application

Ok, so it’s a little more complex than that in the background, but that is MVC explained in the simplest way. I’m not going to talk about the theory of MVC to the n’th degree, instead I’m going to look at the practicalities of MVC while dabbling into the Single Responsibility Principle design pattern and how the two link together extremely well.

For the purposes of this blog post, we are going to focus on Java as the programming language to highlight this concept as Java is better than PHP. Fact (in my opinion). 😉 (cue the haters…). On a serious note though the reason why we’re looking at Java for this example is because it is more suited to using a structured MVC design pattern for projects than PHP is, on the whole, which is due to the separation of the Model (Java classes), the View (JSPs) and the Controller (Java Servlets) which link in nicely together. For the same MVC setup in PHP you will probably be looking at something like the Zend Framework which has been designed to focus around an MVC architecture. With that understanding, let’s look at the practicalities of MVC and why this is such an awesome design pattern that you really need to be using.

 

Benefits of the MVC Design Pattern

Before we jump into a few simple examples of using the Model View Controller MVC design pattern, lets first just look at why this is such an awesome design pattern and why you should seriously consider using this for a variety of the web application projects you are working on.

 

Separation of Concerns

Being able to separate the key parts of your web application into the Model, the View and the Controller is an extremely efficient way of working. Being able to separate out the key functionality within your application from the business logic from your application and separating the visual and layout side of your application means that you can clearly focus on the task at hand and work effectively throughout your code.

 

Focused Developers and Niche Sill Sets

By breaking out your web application into key aspects this allows individual developers within the team to be highly specialised and focus on the areas that they are good in without worrying about other skill sets that are likely outside of their expertise. For example, front end developers who are extremely proficient in HTML, Javascript and CSS are likely to be a little confused by back end technologies such as Java Servlets, database connectivity and APIs. Likewise, developers focusing on the business logic of an application are likely more well suited to this opposed to writing the key functionality and connecting with external APIs and more.

This also allows updates to various points within your web application without impacting the other aspects. For example, you can quite simply make changes to your user interface without impacting the business logic within your application. This is an extremely powerful setup to allow your web application to be modified with ease.

 

Parallel Development across Multiple Teams

As your web applications grows, multiple teams of developers will be working on your application code base to enhance features and functionality. By using a true MVC design pattern, this allows multiple people to work on your code base with ease.

As your web application grows using a non-MVC design pattern, you will soon reach the point whereby developers are struggling to work on a project without impacting the work of another developer, to the point whereby this may actually restrict the amount of work that can be completed during any given time scale. This is not a good position to be in and if you reach this point, you will soon see how much more efficient the MVC design pattern really is.

 

MVC in Practice

Within Java, you have your deployment descriptor which is designed to control how requests are handled when a user types in a URL on your website. For example, when someone visits www.example.com/login/ the web.xml file will send the request on to the Controller file named Login.java in this example;

 

Web XML File

 

The Controller – Login.java

Taking this example, the Controller is just a standard Java Servlet which is designed to handle the incoming request and control whatever you want to do with these requests. For example, and keeping things basic, on a login page a user may have been redirected to this page after trying to access a restricted resource and it would be nice to redirect the user back to the page they were trying to access instead of to a generic login landing page;

 

Controller Java Servlet

 

The concept of the Controller is designed to take care of the business logic part of the web application so you can build in the logic you require whilst keeping the key functionality separate. This is hugely important as this means that as the development team grows one team can be working on the business logic while another team can be working on the key functionality without impacting the workflow of either team. The above example is purely the Controller which then forwards the request onto the JSP to provide the View aspect of the process, but we have missed one key aspect, the Model. In the example above there are no calls to and Model classes designed to pull in key data, so let’s look at an example where the Model is used before we look at the View part of the process.

The Model

So let’s imagine that whenever somebody accesses the login page, an email is sent to someone. You would never do this in practice as this is just pointless, but this highlights the concept of the Model. In the same context and looking at something more practical, you would use the Model to retrieve some data from the database such as a snippet of text for example which is controlled by a content management system type setup. Never the less, we’ll use this as an example.

 

Java Controller Requesting a Model Class

 

The functionality to send an email has been broken out into its own class designed to break out the business logic which is “When someone views the login page, send an email” from the actual functionality for sending an email.

 

The Model – SendEmail.java

Looking specifically at the Model class, this is designed to actually implement the core functionality that you require. In this example send an email. From here, you can control specific functionality and separate this functionality completely away from the business logic of the application. Here helps you to work more efficiently by building up a solid and scalable library of core functionality that drives your web application rather than just simply working with a system which contains highly coupled code.

Taking this example beyond the simple SendEmail() functionality which is purely focused on completing a specific action in the background, another more specific example would be to collect data from the database which is then sent on to the View which is for the user to see who has requested the original resource. For example, taking the MVC web application to the perfect situation whereby every single aspect of content is purely database driven, the result would be a Model class along the lines of getMetaTitle(url) which is designed for the Controller to generate the correct meta data for the page that has been requested.

The Model classes are where the real power lies within your web application. Here lies the true power of how your web application implements the cool features and functionality throughout the entire system. The Controller allows you to do exactly that, control how the Models are pieced together when a specific URL is requested which allows you to create the fantastic experience for your website visitors.

 

The View – Login.jsp

So let’s look at a more practical example whereby you have used a Model class to retrieve some data from the database for what the HTML H1 should be. Once you have received this data in the Controller Servlet you need to then add this data to the Request object so that this can then be retrieved by the View JSP;

 

Controller Java Servlet Passing Data to JSP

 

As can be seen in the code above from the Controller Servlet, setting the attribute for the data that you wish to pass to the View is the next step in the process. From here, now let’s look at the View part of the MVC design pattern to look at how to retrieve this data in a safe way.

Here we can take a look at the View, login.jsp, which is designed to handle the visual side of the web application. From here you have the ability to retrieve data passed to the View from the Controller and there are several ways of doing this.

At the most basic level, you can use a small scriptlet such as;

 

<%= request.getAttribute(“htmlH1”) %>

 

Which is will output the data contained within the stored attribute named “htmlH1”. So if you wanted to wrap this in a H1 tag then this would look as follows within the JSP;

 

<h1><%= request.getAttribute(“htmlH1”) %></h1>

 

Simple and effective. The problem here though is that as your web application scales, particularly on an international level, this isn’t the best approach to take as there can be a variety of differences for different locales such as time and date formatting along with currency formatting etc. So lets look at how best to handle requesting data from the Request object and displaying this within the View JSP through the use of the Java Standard Tag Library, JSTL.

JSTL has been designed to be a more user friendly way of displaying content within the JSP without the need for using scriptlets which should never really be used if possible. With JSTL the tags used will look very similar to any web developer who has been using HTML for a while. They follow the same logic with tags and attributes, the difference being is that JSTL is designed to apply common activities to JSPs such as simple items including displaying some content such as the HTML H1 tag content or something more advanced such as a For or While loop. Below follows on form the basic example given already, with the use of displaying the HTML H1 tag on the page;

 

Display HTML H1 in JSP Using JSTL

 

Here there are a few things to point out to understand what is happening. Firstly, there are two lines at the top which allow you to use the full power of JSTL which are;

 

<%@ taglib prefix=”c” uri=”http://java.sun.com/jsp/jstl/core” %>

<%@ taglib uri=”http://java.sun.com/jsp/jstl/functions” prefix=”fn” %>

 

The first line is for using the Core JSTL functionality, while the second line is to use the JSTL functions for things such as data manipulation. In this example, we’re only going to need the core functionality. So is you notice the section for displaying the HTML H1 tag is as follows;

 

<h1><c:out value=”${htmlH1}”/></h1>

 

The <c: prefix in the code above is telling the JSP to use the JSTL Core functionality which was referenced previously in the page. Next this is telling JSTL to display the contents contained within the attribute named “htmlH1” which we set previously in the Controller Servlet. So that when you look at this on the original Login page you just requested then you see this information as you would expect;

 

JSP Login Page

 

Sounds simple, right? Well, yes, it actually is extremely simple to use a Model View Controller MVC design pattern when you think through the structure of your code instead of just jumping in and writing code. The difference being is that when you stop to think about the design pattern that you are using within your web application that you can quite easily make huge improvements both now and in the future. The Model View Controller MVC design patter is just one of many extremely powerful design patterns that you should seriously consider using to make your code easier to create, scale and maintain in the future.

 

Summary of the Model View Controller MVC Design Pattern

Hopefully this covers the Model View Controller MVC design pattern in enough detail to understand why this is such a powerful design pattern to use when developing your web applications and also looks at the practicalities of implementing such a design pattern. Sure, you will certainly be writing more lines of code to implement such a design pattern although I can guarantee that you will be creating a much more efficient system overall and a system that is easier to scale and maintain in the future.

The key to implementing a great MVC design pattern throughout your web application comes down to planning. You need to be planning this design pattern extremely well and to make sure that your entire development team is working towards the same goals. It is important to discuss these things on a regular basis as this will ensure that everyone is developing code with this design pattern in mind.

The Importance of Using Progressive Enhancement Website Development Techniques

We’ve spotted a trend recently with many website developers utilising technologies that make it difficult for search engines to crawl and index the website. Meaning that when search engines find it difficult to understand the content of your website, that you are in a position whereby Google may either penalise your website for spammy behaviours or simply losing a significant portion of the traffic to your website and ultimately revenue too. Clearly for websites that are generating a lot of visits from search engines, if this suddenly dropped off, how much revenue would you lose out on?

The trend we have spotted is around using JavaScript technologies which are inhibiting search engines from crawling websites. So while a new website may look flashy and all-singing-all-dancing, but if the new website cannot be easily crawled by search engines then quite simply you are going to be losing a lot of organic traffic to your website and ultimately sales / enquiries. Don’t make the same mistake that so many website developers do and use the latest technology without thinking through the consequences of what this means for your overall digital marketing strategy.

 

Common Problems

The common problems we are seeing more frequently at the minute are with developers using JavaScript technology which often looks nice for users. From a search engines perspective, JavaScript technology is difficult to crawl which can confuse the search engines and would always be recommended to avoid.

As a prime example, a local business recently re-launched their ecommerce website which certainly looked pretty but when viewing the website with JavaScript turned off (as Google would see it), then there is no content to display at all;

 

Website Using Too Much JavaScript Technology

 

A website that looks good but can’t be indexed to Google is the equivalent of having a beautiful shop on the high street and keeping your doors locked at all times – you aren’t going to be generating any sales. For this business specifically, they have been notified of the issue and are working to fix the problem. Let’s be clear though, this is the exact reason why it is important that you are working with the right digital agency who understands how each piece of the digital marketing jigsaw fits together. A good looking website is often not the same as a good performing website. Good performing websites think about usability, functionality, SEO, PPC, Email Marketing, Conversion Rate Optimisation and more.

 

Why this is a problem for search engines

Developers love to use new technology, but this isn’t always the right decision to make. As a nice comparison, if a new website removed the traditional login username and password and instead replaced this with fingerprint scanning technology to access the website, which is possible. Sounds like a fun and exciting thing to play around with, right? But when you dig a little deeper, this means that only those with the latest Samsung Galaxy phones and certain specialist laptops would be able to use this technology, forcing everyone else away.

There is always a place for new technology and we would always encourage people to experiment with new technology to lead the way in their industry. That being said, you cannot do this at the expense of forcing people to use this technology if they don’t have the means to do so.

The same is true for Google. Search engines cannot easily index content that is powered by JavaScript. Which means that all pages on your website need to be accessible when JavaScript is turned off. Google recently updated their official guidelines on the topic which states that websites should be developed using Progressive Enhancement. So while some of your JavaScript based content may be being found by Google, it would always be recommended to follow Google’s guidelines on the topic to improve the chances of benefitting the website in terms of SEO;

 

What is Progressive Enhancement?

So what exactly is progressive enhancement? Well it comes down to creating a website (or mobile app) that can be run on all devices easily with basic functionality. Then if a certain device has a specific piece of functionality or technology, then you can enhance the usability of the website based on this technology. Most importantly, don’t assume that everyone accessing your website has all of the technology available that you think they do.

For example, how many times have you been prompted when accessing a website from your laptop which asks if it is OK if this website uses your location?

 

Website Wants to Use Your Location in Browser

 

While this technology can certainly work on website, it is often rather inaccurate due to the way your location is essentially guessed based on several factors. Compared with the GPS signal from your mobile phone which is accurate to within a few feet of your location. This is a prime example of when progressive enhancement would be used, with a baseline set of website features not using the Geolocation and only asking the user if you can use their location when they are accessing from a mobile device. People accessing services through their mobile device are used to giving websites their location in return for some form of added features or functionality. As an obvious example, Google Maps clearly needs your location to help you get from A to B.

From a search engines perspective, it is important to use progressive enhancement at all times to ensure that they can easily crawl and index your website and content. Far too often are JavaScript based websites (and Flash websites back in the day!) are built without thinking about how Google is going to be able to crawl them. When using progressive enhancement, this ensures that the baseline website is still accessible to Google when JavaScript is turned off.

Progressive enhancement is not only recommended by Google, but it is also recommended by the wider community opposed to the older approach of graceful degradation. The reason behind this is because it provides a much better user experience when people are accessing a website from a variety of devices with multiple technologies.

As a simple summary of the above, all modern smartphones come built with GPS, accelerometers, gyroscopes, compasses, barometers and more. Whereas most laptops and desktop computers don’t have any of these technologies built in by default. Any website that depends on technology for key features or functionality that not everyone has is doomed to fail.

 

How to Test

To check your own website is displaying correctly for Google, turn JavaScript off in your web browser and navigate around your website. If you can’t easily access all parts of your website with JavaScript turned off, then the chances are that search engines are also having difficulty. While it is true that Google does attempt to index JavaScript based content, they do still find it difficult which is why they recommend progressive enhancement their self.

Removing any ambiguity from your website means that Google will be able to crawl and index your website with ease. It is easy for Google to assume that you are showing one version of content to the user and another version of content to search engines – for which websites can be penalised for this behaviour. Always use progressive enhancement as a way to develop websites effectively.

If you need any tips, advice or pointers related to the technology your website is using then get in touch. We have a range of services to support your individual needs, from starter Digital Lifeline support packages to our high end consultancy packages designed to be tailored to your every need.

Online Fraud and Cybercrime is a Serious Threat in 2015

Being part of Manchester Digital, we get access to exclusive events talking about the serious changes in digital and current trends. We recently attended an event talking about online fraud and cybercrime, and honestly, this is much more serious threat that most businesses even realise.

At the event we heard from DC David Stott from Cheshire Police force and Raoul Charlett, a Complex Fraud and Corruption Investigator. Talking about cybercrime and fraud proofing your ecommerce business. Also speaking was Gareth Williams from Metapack who covered various tips and advice about how businesses can protect their-self online.

 

Traditional Business Fraud

Some of the more common business related fraud relate to long term frauds within organisations, invoice diversions and even internal fraud related to BACS, accounting and false invoices being processed. These clearly have serious consequences for businesses beyond the obvious monetary costs. From data loss, disruption within your business, the branding and PR nightmare if this information gets released and more.

What is more worrying is around the lack of capability for a lot of digital fraud to be investigated. As you know, the UK has borders and so does the capabilities of the law enforcement organisations who can pursuit such fraud. Typically speaking, a lot of digital fraud is instigated overseas which means that the efforts involved in bringing criminals to justice required a lot of work and often never actually happen. This is a huge issue for businesses, particularly those running ecommerce websites as you can lose a lot of money in the process with little chance of getting this back.

 

Data Commissioners Office

Information Security

One point reiterated at the event was about how all organisations storing personal information that is used for specific purposes must register at the Information Commissioners Office. If you aren’t sure if you need to register, then it is recommended to complete the self-assessment on the website, and if you do need to register this is only a nominal fee of £35 per year.

With data breaches on the rise, it is essential that businesses treat data security seriously as it is a criminal offence if you don’t do this and are required to do so. Over recent years we have seen literally billions of customer details stolen from only a small handful of companies storing personal information for their customers.

 

Digital Fraud and Cybercrime

Moving onto some of the more modern frauds that happen, it is often the ones you may not even have thought about, yet are a serious problem for businesses. We are increasingly speaking with clients and other businesses about how to mitigate the risk for their businesses related to cybercrime and we are able to provide key recommendations on this topic.

Digital Fraud and Cybercrime

 

Intellectual Property Theft

How secure is your intellectual property within your business? As a digital organisation, your intellectual property isn’t likely to be in the form of manufacturing processes, secret recipes, physical designs or some of the other traditional areas that you would generally relate to intellectual property theft.

When looking at digital businesses, how secure is your data, your databases, your software code and other sensitive information about your business, your customers, products and services? In our experience, for many small to medium sized businesses, there is often quite a significant opportunity for fraudulent activities and cybercrime to take place due to lack of procedures, understanding and internal training.

 

Hardware Security

This is way beyond our level of expertise at Contrado Digital, although we like to keep our ears open to the news related to hardware security. Specifically around open source and freely available software called Reaver which is designed specifically to hack into WiFi routers using WPS, WPA and WPA2 passwords using a brute force style attack.

To keep this into perspective, once someone accesses your internal network, they often have access to a wide range of other data within your business if your data isn’t locked down and secured well. This is beyond simply having a more secure password on your router, this comes down to how you and your staff access the files, data and systems within your organisation. To the point that you not only have the internal security of only allowing access to data from an internal IP address, but also only allowing access to data for staff who have the authority to view this data, regardless if they are within the internal office IP or not.

 

Systems Prevention

There are a lot of technical ways and some common sense methods which you can use to protect your business from cybercrime and online fraud. Have a think about some of these questions to see how they relate to your own business;

  • What is your fraud policy?
  • How are individual members of staff managed in terms of the data they can access?
  • Do your staff understand how Trojans, malware and phishing scams work, specifically related to clicking links and opening emails from unknown sources?
  • How do you mitigate risks from updating your accounts, specifically related to invoice fraud?
  • How do you investigate new customers to check that they are genuine? A note on this topic is that you can be legally responsible and open to jail time if you have not performed detailed enough checks and your customer ends up being identified as part of a criminal organisation. This could have serious implications for your business
  • How do you thoroughly vet new and existing members of staff? This sounds obvious, but have you spoken to their references?

A note on background checks related to companies is rather interesting, as the data that you will often be researching on freely available company check websites and companies house is only as accurate as the data that is entered by the company. This is really important to understand because this data does not state that the data is accurate, the information you see on these services states that this is what the company has said is accurate. This can be significantly different, particularly when online fraud and cybercrime is taken into account. Do you honestly believe a companies that is not legitimate would submit legitimate data? The same applies when another company could be created with a very similar name to your business which could confuse people trading with you, or you viewing another company.

An interesting service that was recommended included WebFiling Protected Online Fraud (PROOF) which helps companies, i.e. yourself, safeguard your information and protect against corporate identity theft and fraudulent filings. The short video below explains this in more detail;

 

Another check point discussed was The Gazette which allows you to check company information from an official source. When checking details of a company you are either working with currently or about to work with, it is essential to check through as many sources as possible to get a good understanding of who you are working with.

 

Hackers for Hire

Thinking hacking and cybercrime isn’t that much of a threat? Think again. There are services popping up such as HackersList which allows you to actually rent hackers for a specific project and pay for their services. And this is just the public face of what is happening. Within the underground there is an awful lot more happening that most people simply aren’t aware of.

Hacking is always seen as this big bad term, yet often hacking isn’t that difficult. Hacking can be extremely simple, particularly when companies employ sloppy web developers and leave their customer details wide open for anyone to access. This isn’t difficult for anyone to access with half a brain cell and a small bit of technical knowledge. This isn’t cyber criminals working away, this can be simply equated to finding a hidden link on a page that happens to be the same colour as the background. The technicalities behind this aren’t much more complex than that.

 

London Met Fraud Advice

The London Metropolitan Police are very much leading the way when it comes to cybercrime and security prevention in an official sense and have a very valuable website on the topic to help individuals and companies protect their-self. If you aren’t too familiar with some of the basics of protecting yourself and your business, I’d suggest you spend a bit of time researching this and understand what you can do within your own business.

 

MetaPack

MetaPack Logo

 

MetaPack is a service designed to track ecommerce deliveries from end to end while looking to reduce fraud at every step of the process by using smart technology. Interestingly, 80 of the top 100 online UK retailers use MetaPack which managed around 50% of the online orders in 2014 (excluding Amazon).

Another interesting fact is that between 1-3% of sales are classified as Goods Lost in Transit (GLIT) which is actually an extremely high amount when you think about the scale of online orders within the UK, some of the highest per capita in the world. Some of the common problems related to this simply comes down to different departments within larger organisations simply not talking to each other, whether this is people or systems, think sales, website, warehouse all using different spreadsheets, databases and platforms  with no centralised system.

A prime example of this is for items with a higher value which is often simply not worth the ecommerce retailer collecting the item from the customers. Imagine, as a fraudster, ordering a bathroom suite, 5 items, from 5 companies (bath, toilet, bidet, tiles and basin). When each arrives, calling each company to inform them that the item has arrived damaged. Then when they ask if you would like another item delivering, you say no and they simply issue a refund without ever collecting the apparently damaged item from you because it is too expensive to collect or verify. This is clearly an issue if you don’t have the correct procedures in place for your business and happens more than you could imagine.

 

Officials

While I hate to say this, the authorities are too slow to adapt to the changes within digital to keep up with the ever changing technologies, threats, knowledge and information with an ever decreasing budget for public services. When you compare the resources and knowledge the official sources have on cyber security and online fraud in comparison to what is actually happening, this is worrying. To the point whereby Stuxnet managed to go unnoticed for quite some time. If you haven’t heard about this, read up on it if you don’t want to sleep at night.

This is going to change over time within the authorities, although as a business you need to take responsibility and protect yourself to avoid any serious issues within your business.

 

Website Security

WordPress Maintenance and Security Header Image

Online fraud and cybersecurity covers a lot of topics from user behaviour, training, IT hardware, physical security and more. This blog post isn’t designed to be a resource covering all of these topics, instead more of a warning to companies to take online fraud, cybercrime and security seriously.

We do our part related to website security which is why we offer services designed specifically to help businesses manage their online security through our WordPress Security and Maintenance packages along with providing industry leading web hosting solutions for small to medium sized businesses.

 

Summary

Online fraud, cybercrime and security needs to be taken seriously by businesses within the small to medium sized range. Do not take the threat lightly and assume that it will not happen to you. Cyber criminals will be targeting non-corporate businesses as these are the businesses who often have the least security policies in places throughout their website and internal procedures.

If you would like to talk through how business could be impacted, get in touch to discuss your specific business needs and how we can help protect your business.

What We Learnt From Resolving a Large Google Unnatural Links Warning

You may have heard about how Google has been dishing out unnatural link warnings over the past couple of years as they released their algorithm update, Google Penguin. We recently had the pleasure of resolving a resolving one of these warnings for a client who came to us with this problem – which had been generated as a result of previous shoddy work from an old supplier. Here is what we have learnt from this process and how these warnings often aren’t actually as bad to resolve as one may initially think, if you understand how Google is thinking. Firstly though, let’s take a look at what Google Penguin is and where these unnatural link warnings come about.

 

Google Penguin

So Google Penguin is an algorithm update that Google announced a couple of yea
rs ago. The algorithm was brought about to penalise websites who were building links from low quality websites to their own website with the aim of increasing their visibility within the search engines. Basically to manipulate their SEO efforts.

 

Website Backlinks

 

Google is determined to stop people and businesses gaming their algorithm and instead looks to reward websites who generate high quality and natural links from relevant websites. There is a clear reason why businesses have attempted this previously and that is because more visibility in the search engines ultimately leads to more traffic and sales.

After Google launched their Penguin algorithm, they started to send webmasters notifications and warnings via Google Webmaster Tools informing them that they needed to clear up their act. In a lot of cases, this was accompanied by a penalty in the search results leading to less visibility, less traffic and ultimately less sales. Yes, in the online world it seems that Google is indeed the judge, jury and executioner.

 

Unnatural Link Warnings

Well at least Google was kind enough to let people know which links pointing to their website were deemed to be low quality and causing the penalty and link warning, right? Well, no. That would be too easy! Google was a pain and gave virtually zero guidance as to what was causing the problem. So we had to investigate and start digging deep. We were looking for links that would be deemed to be seen as low quality by Google. Digging deep through thousands of backlinks across a large number of domains was the time consuming solution in this case. Below is the type of message you will see within Google Webmaster Tools if this problem is happening on your website;

 

message from GWT - unnatural links

 

Google officially recommends that you manually email each of the website owners where the low quality links are present and ask nicely if they could remove the link from their website. This is great in theory, but in practice this is absolute nonsense. Website owners of low quality websites are simply not interested in doing anything of the sort and any attempt at doing so is a waste of time. But let’s stick with this train of thought for now though, as this is what Google wants people to do.

 

Unnatural Link Warning Investigations

For the website in question, we identified all of the websites on the internet that were linking to the site and all of the pages. In total, this was almost 1000 domains and over 10,000 pages. Quite a few websites to crawl through to identify if the website would be deemed as ‘low quality’ by Google.
Total backlinks and domains to disavow

 

Google kindly put together a Disavow tool which is designed to inform Google which of the websites that are linking to you should be ignored during their ranking algorithm. For example, there is absolutely nothing stopping any single website owner on the planet linking to your website without your sign off. This is how the internet works, always has and always will. So the fact that Google introduced a penalty designed to penalise websites based on other peoples’ actions is a little odd to say the least and quite frankly is nothing more than Google admitting that their ‘all-knowing-algorithm’ isn’t actually as good at determining quality as they like to think, which is why they needed to enlist the help of thousands of website owners around the world. That said, it was introduced to target specific websites that were actively either selling links to websites, target low quality directory websites which offer no value to anyone along with other pointless websites on the internet that have no value to anyone.

Back to the investigation though. What we found for the client we were investigating this for was that over 51% of the websites (domains) that were linking to their website would be deemed as low quality by Google, which in total accounted for 17% of their total backlinks. This is quite a significant percentage of their backlinks that was causing the penalty. On further investigations we did find that these had clearly been built by a previous person who was aiming to game Google’s algorithm into making the client websites more visible on Google. Hence why you should never look to game Google and also why we don’t go out and build links for clients, it simply isn’t the right approach and hasn’t been for a good number of years now.

Ok, so remember that Google’s official guidelines are that you should go out and contact everyone who is linking to you and ask for that link to be removed, before submitting a Disavow file and a reconsideration request. Well, you don’t really need to do that. Just tell Google you did.

As a quick overview of the types of links we found that we needed to tell Google that they are low quality, via the Disavow file and reconsideration request. This included paid links (a big no-no), directory websites, thin affiliate websites, unrelated guest blog posts on other websites, low quality articles and even a few hacked websites. There are many other types of low quality websites that you really don’t want to be having links from, but this gives you an idea.

So once you have identified all of the websites that are linking to you that are deemed to be low quality, then Google recommends that you identify the specific pages of that website and add them into the Disavow file. Again, the reality of this is that this is a waste of time. If you have the time, energy and inclination to crawl through 10x the number of links then feel free, and while you are at it feel free to visit and make me a brew with all of the free time you have. Personally though, I like to take a more streamlined approach to achieve results. So here, we just Disavowed the whole domain.

 

Disavow Files and Reconsideration Requests

Knowing many other businesses who have gone through this same process, it was clear that Google very rarely used the information you gave them first time round and were generally quite unhelpful during the process. So we went through their recommendations and followed their guidelines anyway with this in mind.

 

Attempt 1

We created a Disavow file, submitted it to Google Webmaster Tools then wrote a lovely reconsideration request with all of the details about the history of the work and how this would never happen again to this client as they are working with a great company now (aka. us). Sob-story and all. We also told them that we had painstakingly taken weeks to contact each any every website owner to remove the links and they simply hadn’t got back to us (we hadn’t actually done this, they just needed to hear this).

 

message from GWT - thanks for submitting reconsideration request

 

Result? No surprise, they gave the helpful information that “there are still some low quality backlinks that you need to remove”. We were expecting this. Thanks Google, very helpful.

 

Attempt 2

So we added a few more domains (around 20) into the Disavow file, followed the same process as before.

 

message from GWT - thanks for submitting reconsideration request

 

Result? Same again. Nothing.

 

Attempt 3

So we added a few more (around 5) into the Disavow file for a third time, repeated the process including the ‘begging letter’ aka the Reconsideration Request. This time talking about how we had spent an awful lot of time to do this costing a considerable amount of resources to go and how they weren’t being that useful.

One thing to note is that we did leave a week or two in between each time so that it would at least appear to Google that we had been working very hard between submitting the reconsideration requests.

Result? Yes! We had this lovely message from Google;

 

Manual link spam action revoked

So what did we learn?

Be patient. Tell Google what they want to hear. Don’t waste your time on contacting website owners. Disavow the whole domain if it looks suspicious, life is too short to worry about individual pages.

Not sure if your current SEO activities are working? Then get in touch and speak with one of our professionals who will be able to help support the growth of your business online for the long term. Working with the Disavow file and reconsideration requests within Google Webmaster Tools can be a risky business if you don’t know what you are doing. You could end up telling Google to ignore some very powerful links to your website which would do even more harm, lower your visibility on Google and decrease your sales. Don’t play around with this unless you are confident about what you are doing. Better yet, leave it to the experts, get in touch to find out more.

Creative Entrepreneur December 2014

Just before Xmas I was invited to speak at the Creative Entrepreneur event at Media City in Manchester to share insights into how online retail is changing. In-between speaking, it was great to listen to other online retail experts to hear their thoughts about where things are heading. So we can take a look through some of the discussions points in this blog post.

Creative Entrepreneur December 2014

 

ASDA

First up we heard from Dom Burch, the serial speaker and senior director or marketing innovation and new revenue at Walmart UK (Asda). He shared his insights into how some of ASDA’s recent campaigns have been hugely successful in many aspects online and offline.

Dom’s first tip was around innovation and the importance of innovating throughout your entire business, regardless of how big or small you are. Innovation is key to long term and sustained growth. Simply dipping a toe in the water isn’t going to cut it here, Dom advised that you need to be giving projects at least 6 months to succeed (or fail!) so that you can be confident that you have exhausted all possibilities for the idea and had the time to gather data and assess the results accurately.

With all innovative ideas, you are starting with a goal of some kind for the business. Starting with ambitions to “become a big business” is equivalent to starting with the idea of “making a video go viral”. It’s simply the wrong approach to take and will inevitably lead to disappointment as goals are not hit. Instead, start with goals that are relevant for your business, goals that are in-line with your customer demands and goals that you can actually influence.

In between these ideas, Dom shared a few interesting statistics about ASDA;

  • ASDA FM listeners have more people listening that Radio 1 and Radio 2 combined
  • There are over 18 million customers who visit ASDA stores weekly
  • ASDA’s website has over 300 million impressions every month

These are quite similar figures to what was announced last year at a digital marketing conference in Manchester.

With ASDA spending over £100 million per annum on broadcasting adverts, Dom’s approach was to get the PR team using Twitter, which was quite a challenge. Spending as little as 2 hours per week on Twitter, the newbie-to-Twitter PR team were already having a conversation with the editor of Vogue within 2 weeks. Where else could you get this kind of conversation going in 2 weeks? It simply wouldn’t be possible.

Another tip came in the form of doing something yourself first so that you know how to do it. This is something that I firmly believe in personally and in business. If you don’t at least understand what is happening, how can you ever hope to really manage this process? This is not to say you need to be an expert in every aspect as this would be impossible. Instead, it is hugely important to get a good grasp on every aspect within business and digital so that you can fully understand why things are being implemented and the reach they will ultimately have.

 

Build Measure Learn Iterative Process

 

The simple process above will help you to build fast, fail quickly and innovate throughout your business at speeds you have never done before. Ideas are worthless, implementation is key and the only way to see what does and doesn’t work is to loop through the process as fast as possible, while giving every idea the time and energy to succeed.

Have a think for a moment, what are the 10 ideas that you have been talking about in your business last year? I can guarantee that there will certainly have been more than 10 ideas, but what were the 10 most important ideas? How many of these have you actually implemented, 5, 3, 1, none? Start the year off as you mean to go on. Run through these 10 ideas and measure everything to see how they impact your business. Capture the data and make informed decisions about the success of each campaign or idea.

For established businesses like ASDA, they aim to spend between 1-5% of their marketing budget on what Dom called “Trial and Error” campaigns which may or may not work. For businesses within the SME market, I would suggest this should be much higher as you are often still in the stages of experimenting with campaigns to see what works for your business. We naturally review and manage a lot of campaigns in the day to day work we do, although even we cannot tell you with 100% accuracy what will or won’t work for your individual business. We can certainly take into account the years of expertise and make a highly educated decision, although every business and every customer is different.

ASDA know that 74% of their customers are on Facebook, 20% are on Twitter and 15% of their customers watch YouTube daily. This information allows ASDA to invest their digital marketing spend in the right areas and not simply spend money on ‘more followers’ with no engagements. Their YouTube strategy focuses on how-to style videos and researching products which are broken down into 3 main groups;

  • Hygiene content: Something that is core to what you do and for your core target market
  • Hub content: Regularly created content designed to push this in front of your audience
  • Hero content: Large scale campaigns to raise brand awareness, think about the epic Volvo Trucks campaign

The next of ASDA’s campaigns that was shared was with the involvement of Tanya Burr. Who you ask? Ask your teenage daughter if you have one. If you don’t, like me, then I also had to Google her to find out a bit more about her! She is described as a “Beauty, Fashion, Baking, Lifestyle Blogger & YouTuber” in a nutshell. And more than that, she has 1.2 million followers on Twitter. This is the reason ASDA worked with her, to reach this huge audience. The reach that ASDA’s products gained on social media was astronomical, just take a look through the number of views for each video that they produced together and you will start to understand how collaborations like this can pay off. Where else could you gain that kind of reach? To put things into context, Game of Thrones receives around 1.3 million views every week, which is less than what ASDA managed to reach with this collaboration. Likewise, Tanya Burr has more followers on Twitter than Sheryl Cole, Madonna and BBC Radio 1. Just because you have likely never heard of people like Tanya, doesn’t mean that they aren’t hugely successful.

When looking at YouTube videos specifically, always keep an eye out on the engagement levels and not simply the number of views of a video. Any brands that have a lot of views yet very few likes/dislikes means that they have likely paid a lot of money to drive traffic to the YouTube video and no-one liked it so they just bounced straight back out again. High engagement levels allow you to listen directly to your customers in ways like never before. ASDA’s videos with Tanya weren’t simply ‘buy this product’ videos, that’s boring and a fast way to drive customers away. Instead, they focused on food, health and wellness, beauty and style.

ASDA took this whole campaign one step further by creating the Mums Eye View YouTube channel which linked together their partnerships with Tanya Burr, Zoella and the Lean Machines. Google them all to grasp the scale of what is being achieved with strategic partnerships. This is a very young audience that ASDA was targeting here and one that has clearly paid off. With reports of as little as 2p per view of a YouTube video, 70% retention rate, 4 minutes minimum viewing time with an average of 7 minutes in length per video. You could only achieve these results with effective digital marketing that focuses directly on your customers. Not once did ASDA think “let’s make this video go viral”. What this also shows is that people like long form content on the web. No more do videos have to be 2 minutes in length, don’t be afraid of pushing the boundaries to meet customer demands.

This brings us nicely onto newspapers and traditional newspaper advertising. Quite frankly, no-one reads newspapers anymore, and I don’t say that lightly. Ask yourself, when was the last time you bought a newspaper? Personally, I can’t remember the last time I bought one, other than on the occasional times when I’m featured in one to keep as a little memento. Keep everything into context, could you seriously generate a response of someone looking at your advert for 4 minutes in a newspaper? I don’t need to answer that for you, it is clear. For ASDA, they know that 4/5 people don’t shop in ASDA and that is OK. So why spend £150,000 on a single press release in a national newspaper when 4/5 people of the people still reading newspapers aren’t ever going to be interested in ASDA anyway?

The summary of Dom’s keynote speech was that brands and businesses need to take a step back and see what is happening in the world. It’s time to start creating more content that relates to your audience.

 

Cyber Security

The next session was all about cyber security and the steps you can take to protect yourself. You need to look no further than the recent headlines about how many companies have been hacked into last year with millions of customer details stolen; eBay, Sony, Moonpig and endless more including 273 million customer details stolen from Yahoo and 250,000 customer details stolen from Twitter.

Some interesting statistics announced around cybercrime included that it costs the UK economy over £6.8 billion per year and the global economy £238 billion annually. With 81% of large businesses having experienced security breaches in 2014. The cost of a typical breach is now at £1.15 million, up from £600,000 in the previous year.

Some of the most common attacks are due to very basic hacking just after Update Tuesday. Windows PCs are updated every Tuesday with security patches that have been identified to keep your system and data safe and secure, yet so many people either ignore the messages on their computers or simply turn off the automatic updates. This is mad! As part of the weekly update from Microsoft, the hackers use this information as a shopping list of exploits on computers around the world they can attempt to get access to. If your system isn’t up to date, then you could be at risk.

Moving onto more sophisticated attacks such as DDoS attacks, which stands for Distributed Denial of Service attacks, these can bring down websites with ease. To the point at which you can actually purchase an attack on the black market to target a specific website for a specific amount of time. Unlawful and illegal hacking is turning into an underground commercial business. DDoS attacks are actually quite simple;

 

How DDoS Attacks Work

 

This method for DDoS are often using thousands, hundreds of thousands if not millions of computers from around the globe. For example, here you can see a short visualisation of a DDoS attack happening in real time on my personal blog a couple of years ago;

 

 

Have a read more about the full details if you are interested. The exact same thing happened to Mastercard, Visa and PayPal when they decided to stop sending funds through to the hacker group Anonymous. Whether you agree or disagree with this is another discussion all together and one that doesn’t have a simple answer. The important point here is that DDoS attacks are a real and present threat for businesses. While it is unlikely that you will encounter the wrath of some of the more prolific public hacking groups, the reality is that a lot of business websites for SMEs are hosted on cheap and nasty web servers that are poorly configured and have very little security built into them. Make sure your web server has the right protection in place to at least minimise the chances of DDoS attacks affecting you. The unfortunate reality is that if someone is determined enough to bring your website down, they will do. You can make it harder for this to happen though by having the right infrastructure in place for your website.  Aren’t sure if your website and web server is protected? Then get in touch and we can review to check for vulnerabilities.

Moving away from hacking and looking at other types of data breaches now. Some of the most common data breaches often come in much simpler formats and often due to human error, aka. lack of awareness about threats. Threats including basic passwords on mobile and tablet devices to avoid automatic access to cloud based file storage systems for your company if a device is lot of stolen, to a deeper understanding of programming languages to avoid rookie mistakes.

Website vulnerabilities in particular happen for a number of reasons including unpatched software/content management systems/plugins, poor coding practices, poor server configuration, unencrypted data and more. Getting all of the above right is the absolute minimum businesses should be doing. Simply having a website built and not thinking about on-going updates is madness with how easy it is to exploit unloved websites. Every website should have regular and on-going maintenance to keep the website, content and data secure.

As of this year, there will be new EU Data Protection legislation that will be coming into force that businesses must adhere to. All of which is designed to move the current legislation into the digital age where customer data is collected at an alarming rate, often with very little visibility about what is being collected. This is likely to include full disclosure when data breaches happen so that customers are aware of what has happened. Far too often, businesses try and sweep large data breaches under the rug and hope that no-one will notice.

During the session, a live demonstration was given showing how easy it is for someone to steal your details – Even with my background, I was surprised at the level of things that can be done to steal personal details without you ever knowing what has happened. For example, simple things like clicking a link in an email can allow hackers to steal all of your saved login information in your browser. It really is that simple. Likewise, downloading a seemingly normal looking file from an untrusted source can result in a Key Logger being installed on your computer which will then be able to ‘read’ every single key you press, including your online bank account details and email passwords.

You may have heard about the infamous Stuxnet virus that swept the world almost by stealth last year. If you haven’t, you really need to read a few articles about this serious security threat; Wired, Business Insider, Wikipedia and what is even more worrying is that the source code for the virus is now publicly available on certain websites.  As a quick overview if you haven’t come across Stuxnet before, the virus was designed specifically to find a physical controller located in power plants that controlled the heating/cooling of the nuclear material. As you can imagine, hacking into this and reporting an incorrect figure would lead to catastrophic results. This shows how sophisticated hacking has become. Some sources say that the virus was created by the US to target Iran’s nuclear facilities – how true this is, I don’t know. Other notable viruses including Duqu and Flame again highlight the level of sophistication that is happening right now.

Other common hacking attacks include the likes of SQL Injection attacks and Cross Site Scripting (XSS) attacks. Have a read up on these, again hugely important issues to be aware of and protect yourself against. Inexperienced and junior people working in digital are often oblivious to all of this type of information and most importantly how to protect against it. Always work with a company and people who are professional and have a very deep understanding of the industry they are working on. Remember the quote “If you think it’s expensive to hire a professional to do the job, wait until you hire an amateur”.

Now can you see why it is important to keep your systems, website and servers secure? Good, I’m glad the message has been received. If you don’t know what to do next, then get in touch and let’s have a chat.

 

Online Retail Panel

Online Retail Session 3

Next up was the panel that I was part of alongside three other digital agency owners in Manchester and London along with the Head of Online Retail for Iceland Foods, Andy Thompson. The session took a rather interesting turn to talk around a lot of digital topics about business growth through online retail, internal communication challenges and solutions along with some blindingly obvious opportunities for large brands to improve their sales online. The talks should be going online once they have been edited which you can look forward to watching, so for the meantime, here is a quick summary of the whole event and more information can also be found on the website;

 

 

Online Retail Panelist

Digital Marketing, SEO and the Internet of Things

The last few sessions of the day are combined within this section. We heard from many different speakers and panellists in the final sessions with lots of great tips for businesses. One key message that is extremely relevant for the SME market is that you simply can’t have social media accounts without creative content. You need to be creating your own content and sharing this socially along with utilising other great content around the web to fuel your social media channels.

 

The Tales of Things by Oxfam

Oxfam was involved in a very interesting project with the University of Salford titled The Tales of Things. Oxfam have invested £1.4 million over the past 3 years with the aim of revolutionising business systems and processes through the use of digital technologies. The Tales of Things project was a very interesting one and one which I believe we will start to see more of over the next few years.

The idea was around selling donated products that also have a QR code attached to them. Customers looking at the item would then scan the QR code to listen to a short story from the person who donated the item. Oxfam found that this actually increased sales by 57% in the Manchester shop. They then extended this into Selfridges in London where celebrities donated items with the same concept behind. Within 14 weeks, they had this technology applied in 10 Manchester shops. This is ultimately a historical archive for objects that are traded, thus turning an object into something more than an object as it has a story behind it.

Personally I hate QR codes with a passion due to the way that they are misused in 99% of circumstances by businesses. Although in this instance with Oxfam, this is a really great way to bring things to live and genuinely adds value to the product being purchased and the customer experience.

This project has been on-going for a few years now so have a good read about the finer details over at the BBC, Oxfam and Tales of Things.

 

Cool Tech

Where would we be without a blog post talking about some cool technology that is on the horizon? Here is a really cool digital air hockey game that Tom Cheesewright and I played (which I think I won, Tom may disagree, not that I’m competitive in any way! );

 

Digital Air Hockey - CreativeEnt

Image courtesy of Aleksej Heinze

 

And this was even more amazing, a 3D holographic projection (apologies for the poor quality, it was taken on my smartphone);

Summary of Event

Overall, the event was excellent with lots of great tips and advice to take away and implement. I’m sure there are a lot of questions about what you need to be focusing on in your business after the security discussions and digital marketing opportunities discussed above. Get in touch and we can talk things through with you to see how we can support the growth of your business.

Keep an eye out for next year’s event

We are now a Purple WiFi Authorised Reseller

WiFi Authorised Reseller

 

That’s right, we’re now a Purple WiFi Authorised Reseller! You may be wondering just exactly what Purple WiFi is and why we have chosen to work with Purple WiFi. Before we go into that, let’s just look into the near future to see where the world is heading.

At some point in the near future, all business will start with some form of digital interaction. Whether this is business to business or business to consumer, or what is starting to be referred to as person to person. With smart technologies creeping into our daily lives from Google Glass, the Oculus Rift and a 3D printed mini me, we are seeing traditional online and offline areas blending into one. No longer is ‘digital’ a marketing channel that is completely separate to core business. For many businesses, ‘digital’ is becoming core business as brands start to interact with customers at every step along the way, from visiting physical stores to purchasing products on the website to connecting with customers on social media. Everything is digital.

For this reason, we predict that in the very near future, brands are simply going to have to join the dots for customers between all touch points, regardless of whether this is online or in the real world. That is why we have become a Purple WiFi Authorised Reseller, because the software is capable of joining these dots together which we believe are becoming increasingly important. Joining the online and offline worlds together in a way that has traditionally been extremely difficult for brands to do is now possible.

 

What is Purple WiFi?

Purple WiFi is extremely advanced and cutting edge technology that is designed to turn the current free WiFi in your premises into a marketing tool to directly increase revenue. To keep this really simple, Purple WiFi is a piece of software that is installed on your router (the ‘thing’ that connects your customers to the internet).

 

WiFi Marketing and Analytics Service Page Header Image

 

It is this software that gives your free WiFi the boost that is needed to which customers are in your premises, how many times they have visited before and how long they have stayed. In addition, you can see full customer demographic data including name, age, gender, email address and hometown. All of this amazing data allows you to understand who your customers are better than ever and communicate with them to increase the frequency of their visits. Get in touch with us to see a full list of the amazing demographic data you can capture with the tool or to request a demo.

Essentially, if a customer visits your venue once per month and we can turn this into them visiting once every two weeks through targeted email marketing, then this has doubled your revenue per head for that specific customer. It isn’t always about getting ‘new’ customers through the door, if you can achieve the same revenue growth from your current customers then this is also a good opportunity.

 

Why we have chosen to work with Purple WiFi?

Quite simply, Purple WiFi are the leading players in the market providing this software who are working extensively with global hardware manufacturers including Cisco, Linksys, NetGear, TP-Link, Cisco Meraki, Deliberant, HP, Mikrotik, Open-Mesh, Ruckus, Xirrus, Airtight Networks, Buffalo, Trendnet and Ubiquiti.

The Purple WiFi software works on the leading hardware solutions for your wireless network, meaning that you can be confident that you can start to benefit from this software sooner rather than later.

 

Turning Purple WiFi into our WiFi Marketing and Analytics Service

Purple WiFi on its own is great, but as with anything, if you don’t use the tool to its full advantage then you won’t get the most out of it. After speaking with a lot of businesses ranging from bars and restaurants to bowling alleys and shopping centres, one of the common themes coming from discussions is around the time it will take to manage the platform.

This is why we have created a service around Purple WiFi which we call ‘WiFi Marketing and Analytics’. It is this service that is designed for us to do look after the marketing part so you can focus on doing your job within the business. Instead of having to learn how to use another tool to maximise its potential, we will do that for you and use our expertise and knowledge of running multiple campaigns to get the best results for your business.

Whether you are simply looking to offer your own branded free WiFi solution for your customers, or whether you are looking to utilise this for a data capture tool, or even if you are looking for the full works to utilise all of the above and turn your free WiFi into a marketing tool to increase revenue. Whatever you are looking for, our WiFi Marketing and Analytics service can be tailored to your specific needs and we can talk you through how this works in practice within your own organisation.

Find out more about our WiFi Marketing and Analytics service over on our services page which talks you through how this works in more detail along with giving some ideal examples of how this new technology can be used to the full advantage. Purple WiFi only sell the software through authorised distributors like ourselves, so get in touch to find out how this can work for your business.

We don’t simply build websites. We work with your business to increase revenue through digital technologies, which just happens to include things like web design, search engine optimisation, pay per click advertising and now WiFi Marketing & Analytics. Get in touch if you would like to know more about how we can support the growth of your business through digital marketing and new technologies.