Adriana Cacoveanu

Adriana Cacoveanu

ADRIANA CACOVEANU, Content Writer

Adriana is the OPTASY team's digital content creator and copywriter. Her “mission” within our team is to masterfully blend the 2 main ingredients' listed in any valuable blog post's recipe (valuable information + the reader-friendly writing), as well as to craft informative and engaging content promoting our work: study cases on Drupal.org, fresh content for various pages on our company website, e-book content etc.
 

Back to Blog Posts
Can I Trust LastPass with My Passwords? No! Our Unexpectedly Bad Experience with Them
“Trust LastPass at your own risk!” would be our answer. One based both on:   this password manager's own “beefy” record of critical security vulnerabilities, cross-site scripting bugs, breaches and major architectural issues our bad experience with LastPass, as a client   And before we dig into the heavy load of evidence that we base our “case” on, allow us to expose some of their former clients' testimonials:   “I lost my entire LastPass passwords in March 2017. It was a disaster for me. I have had LastPass since the beginning, can you imagine all the passwords saved over the years? I think you should do some research on LastPass and the changes, the bad changes that have happened with LastPass” (Barbara's comment, 5 Best LastPass Alternatives to Manage Your Passwords)   “About a month ago when I tried to log in to LastPass I got the message that I had entered the wrong vault password - but I can assure you that nor I, nor my cat has changed it... When I contacted LastPass, they in a rude manner "taught" me that what I hadn't experienced what I had in fact had experienced, since it is "impossible", and their "help" consisted in giving me the clue to the main password to LastPass - i.e. the password, which I explained to them isn't valid anymore... “ (Robert's comment, You Should Probably Stop Using LastPass Temporarily) “Around a month ago I switched from LastPass to Bitwarden as my password manager. To make sure my passwords were protected I deleted my LastPass account, now I get an email asking me to renew my subscription for my DELETED LastPass account. I wonder what else they stored about me... “ (user/dumah310, LastPass storing email from deleted account) 1. But First: How Does LastPass Work? In plain language: LastPass stores your encrypted passwords (and secure notes) in the cloud and secures them via a master password. And the “master password” is both the strength and the main vulnerability of this password management service. Now before I back up the above statement with our own experience with LastPass, here's an excerpt of an “enlightening” HackerNews post: “Users must also devise a “master password” to retrieve the encrypted passwords stored by the password management software. This “master password” is a weak point. If the “master password” is exposed, or there is a slight possibility of potential exposure, confidence in the passwords are lost.“ 2. 5 Security Vulnerabilities Over the Last 7 Years... and Still Counting “How secure is LastPass from being hacked?” I'll leave it to you to evaluate it while going through its “impressive” record of security flaws and vulnerabilities reached over the last years:   2.1. In 2011 a Cross-Site Scripting Vulnerability Was Detected   In February 2011 Mike Cardwell, a security researcher, tracked down an XSS bug on the company's website. Once “exploited”, this vulnerability could basically enable attackers to steal:   hashed passwords the list of websites that users log into (along with the IP addresses, time and dates of their logins) their email addresses underlying cryptographic salts   LastPass fixed that bug within hours.   2.2. That Same Year A Second “Likely” Security Breach Was Identified Later on that year, in May, the company's team spotted a new “anomaly” in both their incoming and outgoing network traffic. Therefore, suspicions arose that a hacker might have accessed their servers. What kind of risks did this “abnormal activity” entail? Well, the attacker could check thousands of passwords in a short period of time, using a combination of user emails, guesses on their master password and the salt. As LastPass CEO confirmed it himself back then, in an interview for PCWorld.com: “ You can combine the user's e-mail, a guess on their master password, and the salt and do various rounds of one-way mathematics against it. When you do all of that, what you're potentially left with is the ability to see from that data whether a guess on a master password is correct without having to hit our servers directly through the website.”    2.3. In 2015 A Hacker Attack Compromised the Company's Servers   Here's another answer to your “Can we trust LastPass?” question: In June 2015 a post on the company's blog announced that their team had detected suspicious behavior on their network. The result? LastPass servers got hacked and the cryptographically protected content compromised. And we're talking here about:   user passwords password reminders cryptographic salts email addresses   2.4. In 2016 A Vulnerability that Enabled Reading Plaintext Passwords Was Exposed Within a year, in July 2016, a new security vulnerability in the autofill functionality was identified and then detailed by the representative of DETECTIFY, an independent online security firm. Basically, the article raised new suspicions about whether one could trust LastPass with their passwords: The URL-parsing code of the LastPass browser extension — the HTML piece of code that was added to every page that the “victim” would visit —  was poorly written. Sloppy enough to enable a potential attacker to read plaintext passwords once the user landed on a malicious website.   2.5. In 2017 a “Major Architectural Problem” Was Discovered  In June 2017 Google's security researcher Tavis Ormandy made a new discovery: A security vulnerability in the LastPass Chrome extension (that applied to Firefox and Edge, as well), which, once exploited, could enable a hacker to steal passwords or engage in remote code execution. He described it as a “major architectural problem” to point out that this time we weren't facing some... signs of carelessness, but a hole in LastPass' security shield instead. “How safe is LastPass?” Users started to ask themselves again and many even started looking for alternatives.   3. About Our Own Unexpectedly Bad Experience as a LastPass Client  Let us share with you some glimpses of our rough experience as LastPass users.  I would start by saying that: Yes, the worst-possible scenario did happen to us. We've apparently lost all the passwords “safely” stored in our LastPass account. There are zero chances to retrieve them, to export them to another password manager or/and to get a refund, considering that we had paid for one year in advance. How did it all begin? With us trying to log into our account, as usual. But, we got this “welcome” message instead: “Invalid password” We next tried to reset our master password, using their reset password form. With no success, though: “LastPass account recovery failed for... Your current web browser did not save account recovery data on this computer. Please try account recovery again with every browser and on every computer you...” And then the “dialogue of the deaf” began, with: Us stating that we did NOT reset our password, for it was not possible and the LastPass support team claiming that we did restart it. And telling us that there's no option but to:   create a whole new account say goodbye to all our passwords "safely" stored there for good; there's no chance to export that user sensitive data to another password manager service lose all hope of getting a refund for the money we had paid in advance, due to their “No refund policy”   In short: if for some mysterious reasons, one day LastPass doesn't recognize your current master password anymore and you're not allowed to reset it either... you're doomed. Now, can you guess what's our answer to this question: “Can we trust LastPass?”   4. Bottom Line: Should You Trust LastPass? “Trust this service at your own risk!” For one day, no matter whether you've:   disabled the auto-fill functionality enabled a two-factor authentication (for both LastPass and your other critical accounts) chosen an "invincible” master password for your LastPass account kept both your software and your machine “spotless clean” and up-to-date used one different password per account   … you still run the risk to find yourself locked out!   Just talking from experience...   ... Read more
Adriana Cacoveanu / Oct 09'2018
What Makes Magento 2 the Best Choice for Mobile Commerce? 6 Obvious Reasons to Consider It
Why Magento 2 and not Shopify, WooCommerce, Joomla, BigCommerce, Volusion and the list of popular e-commerce platforms could go on? Why is Magento 2 the best choice for mobile commerce? After all, they all provide responsive product pages design, right?  Yes, but that's just the “tip of the iceberg”.There are lots of other factors to consider, as well, when striving to ensure your e-store's success on mobile:   the shopping cart the checkout experience the page load times (considering the high level of unpredictability specific to mobile connectivity) the admin UI the “manage your store on the go” functionality   … and so on. Magento 2's built to meet all your mobile commerce-specific expectations, plus a few more. Now, out of all the most obvious reasons why you should consider it as your platform of choice for your mobile e-store, we've selected the 7 most compelling ones:   1. Intuitive and Easier to Use Admin UI A huge “leap” forward from Magento's discouragingly complex and confusing former admin panel. How is it better?   it's cleaner it's more (non-technical) user-friendly it's easier to use    Practically, in Magento 2 store admins are no longer dependent on developers for every little change they need to make in their online stores. From finding precisely the tools they need to adding new product listings, admins can now perform all the common tasks in their dashboards much quicker.   2. A Simple Checkout Process: It Makes Magento 2 the Best Choice for Mobile Commerce And this is that part of your mobile e-store that can make or break its reputation for good.  A cumbersome, overly complex, lengthy checkout experience will only make your customers “run for the hills” and never come back to... pick up their abandoned carts (and maybe even spread the news about the frustrating checkout experience they had in your store). Do you see my point here, right? This platform's simple, frictionless checkout process is directly responsible for the success of any e-commerce website using Magento 2.   3. All Magento 2 Themes and Templates Are Responsive by Default Magento 2 comes jam-packed with free, responsive themes for you to just scan through, select from and use to deliver mobile-friendly shopping experiences. That, of course, in addition to the always available options of:   going with a third-party theme having a Magento 2 developer build a custom theme for you, from scratch, and to tailor it to your store's specific needs   4. Easy to Manage Your Magento 2 Store Right On Your Smartphone Another enhancement that makes Magento 2 the best choice for mobile commerce.  Just imagine that as a store admin you'll get to manage all its features:   catalog management features CMS SEO and marketing features order management   … on the go, right from your mobile phone, right from your admin panel. And it's this type of convenience that turns Magento 2 into the most popular platform among e-commerce business owners.   5. Caching Capabilities And you need to consider how unpredictable a mobile connectivity can get.  Luckily, Magento 2's got your back: its catching capabilities are the “safety net” you need when your online store's visitors are facing issues of limited connectivity. It supports Varnish Full Cache, which makes it easy for developers in your team to boost your Magento store's performance despite the internet connectivity's limitations.   6. Powerful Built-In Marketing Features  Speaking of conveniences, Magento 2 provides you with a heavy load of robust marketing features right out of the box. I'm talking here about:   visual merchandising optimized product category pages  sharing an email drag and drop functionality wishlist creation feature customer segmentation   In short: all the modern features you could possibly think of for “fueling” your mobile marketing strategy with. The END!  What do you think, can these 6 reasons here stand for 6 clear answers to your question:   “What makes Magento 2 the best choice for mobile commerce?” ... Read more
Adriana Cacoveanu / Sep 20'2018
How Can You, As a Client, Prevent Missed Deadlines on Your Web Projects? 6 Best Practices
Lots of helpful tips and tricks, tons of best practices, plenty of great advice on how to prevent missed deadlines on your web projects. And yet: all these “how to's” are targeting project managers, team leaders and, overall, web development teams. But what about you, the client? What can you do to help the teams working on your web projects avoid missing deadlines? What best practices should you adopt in order to streamline the development process? And what bad client habits should you break to avoid scope creep and, implicitly, delaying your own project? Now that we've gone through all your possible questions and dilemmas as a client regarding the “deadline issue”, let's dig for some answers, too. In this respect, here are the 6 best practices that you should stick to when working with a web development team, to ensure that they'll meet their deadline:   1. Clearly Articulate all Your Project Requirements — Ideas, Vision, Expectations Do speak now or forever hold your peace! In other words: share your detailed specifications, your requirements, even just your glimpses of ideas in a very early phase of your project's development life-cycle. This way, you'll empower your contacted team to come up with an accurate project estimate. And thus, to ensure that they'll meet the deadline you will have agreed upon. What's your vision for the project? What do you expect your software product to do? What features should it incorporate? What are your predictions in terms of website traffic? Be sure to express all your requirements as accurately as possible, whether under the form of:   drawings on a sheet of paper detailed specifications verbal explanations screenshots   2. Over the Budget? Discuss Prioritization of the Key Features Another best practice to prevent missed deadlines on your web projects, as a client, is to prioritize specific tasks included in the project.  And this practice gets particularly helpful when you find yourself budget-constrained. What are the essential features and functionalities that your website/application should have? Identify them, then discuss prioritizing those specific implementations with the development team.  This way you:   stay on budget (still) meet the deadline set some realistic expectations draft an updated roadmap for your development team to follow   Tip: are you familiar with the MVP (minimum viable product) philosophy?   3. Give Them Timely Access to Materials They Need to Move Forward More often than not, it's clients' failure to carry out their own parts of the projects (on time) that lead to significant delays in the development process. And forgetting/overlooking/refusing/being out of reach to give your development team timely access to those materials that are crucial for their work is one such example. I'm talking here about materials such as:   project-specific content data brand fonts   … and other resources they might need to advance in their work.  Which leads us to another best practice that clients (too) often fail to follow:   4. Be Reachable: Stay Active on Communication Channels  It's crucial that you be available on (all) communication channels. The team of web developers working on your project might need:    your approval on certain tasks that they will have completed before they can focus on the next development phases your input to the next-in-line deliverable your decision regarding a multi-solution challenge they're facing   So, you do get the point: the more difficult it'll be for them to reach you, the higher are the chances that they miss their deadline.   5. Ask Your Questions to Prevent Missing Deadlines on Your Web Projects Do dare to ask the project manager, the customer service manager or team lead all your questions. Whether technical or not. For you do not need to be a Drupal, Magento, WordPress, React, Laravel, Angular or any other technology expert. Yet, you must ask your development team any inquiries that you might have regarding the used tools and platforms. ... regarding their specific procedures, internal processes and, overall, their particular approach to project management. Ask your questions and allow them to shed light on any “blurriness” that you might be facing. Otherwise, confusions will only lead to last minute changes of scope and missed deadlines.   6. Set Realistic Deadlines to Accommodate Your Last-Minute Requirements, Too Are there any last minute changes, unplanned requirements or off-the-plan tasks that you need to integrate into your project's development cycle?  Talk about them with the project manager and maybe you'll reach an agreement to add a few more developers to your project.  And also, keep in mind to set a realistic deadline to accommodate all these emergencies, as well.    What's a Scope Creep More Precisely? Something that many clients are guilty of, I must say.  It comes down to: Changing the scope of a project.  And there are multiple causes for this:   urgent, last-minute requests coming from the client, that imply high volumes of extra work poor scheduling poor budgeting lack of cooperation   The END! These are the 5 most effective best practices to adopt, as a client, in order to prevent missed deadlines on your web projects.  ... Read more
Adriana Cacoveanu / Sep 18'2018
What Is the Best WordPress Plugin for Posting to Social Media? Top 5
Repetitive (not to say boring), time-consuming... And it all gets even more cumbersome when you add more authors to the equation and you increase frequency to more than just 2 posts a week. Yes, I am talking about regularly sharing your blog posts on your social media. But what if you could just schedule them and create your own calendar? And automate the whole process? Then, the question that arises is:  “What is the best WordPress plugin for posting to social media?” One perfectly equipped to:   cope with an above-the-average posting frequency  work in the context of a multi-author WordPress blog re-post old posts, as well track the overall success of your posts   And there sure are lots and lots of “luring” WordPress plugins to schedule posts, so: Which one best meets all your particular requirements? Let me give you some clues here. 5, to be more specific: WordPress' Default Feature for Scheduling Posts: Main Limitations Let's not jump straight to the WordPress plugins to schedule posts for social media before we've evaluated what the platform's built-in feature offers us, in this respect. For, you can very easily schedule your blog posts to social media in WordPress without the need of a plug-in solution. Here's how this out-of-the-box functionality works:   you go to Settings > General, in your admin panel you set your Timezone (since WordPress uses Universal Time by default) next, once you're ready to hit the “Publish” button and launch your blog post “out into the wild”, just hit the “Edit” button next to it … and set the time and date that you'd like your post to be shared on social media then, you click the “Schedule” button   And that's it! Your post will get automatically published according to your preferences of time and date. But what if:   you'd need to go through this process several times... a day? there are several authors posting on the same blog and, implicitly, sharing content on the same social media accounts?   For more complex expectations about your scheduler, you go with a plugin. With the best WordPress plugin for posting to social media, that should meet all your requirements.   1. Blog2Social A hands-off solution to rely on for both:   automating your posting on social media; from your WordPress blog straight to your social media networks scheduling their publishing; you get to set a specific time for your posts to go live   It will automatically share your content on LinkedIn, Pinterest, Medium, Twitter... Screenshot: WordPress.org  Features you'll love:   automated posting to several social media networks setting the time and date that you want your posts to be published tracking and monitoring your posts' success on each network tailoring your posts' templates so that they fit each network's specifications you're allowed to select the right images for your posts automated re-publishing of your scheduled old posts   2. Social Auto Poster     If this is not the best WordPress plugin for posting to social media, then it's definitely the most flexible one: You get to configure it to the slightest detail; to fine-tune it till it meets even your “overly” specific needs. Moreover, it enables you to auto-share both new and older blog posts. Screenshot: Codecanyon.net Top features:   choosing the post type to be shared auto-sharing new blog posts to those specific social networks that you will have selected custom scheduling: set the most suitable days and hours for sharing content on social media auto-posting to all your linked Facebook accounts supporting any kind of format: post, eCommerce products, page, custom post type   A social auto-poster WordPress plugin that's conveniently compatible with a whole “plethora” of networks: Tumblr, Facebook, Twitter, Pinterest, Instagram...    3. NextScripts   Here's another “must-check” WordPress plugin that's loaded with social media integrations. Screenshot: WordPress.org Let us look over some of its “hard-to-resist-to” features:   automatically sharing both new and older posts you're free to configure which posts should and which ones shouldn't get published … and also the time and date for publishing them you're also free to delay your scheduled posts auto-importing mentions/comments from your social media accounts as WordPress comments   4. Revive Old Post   Is keeping the same level of consistency — through regular posting at... regular times of the day/week — getting a bit challenging? Maybe, at times, you have no fresh content to share with your visitors... Screenshot: Revive.Social Then how about bringing some of your old articles back into the spotlight? Especially since you have Revive Old Post at hand, probably the best WordPress plugin for posting to social media. Once you've set everything up, the plugin turns into a 100% hands-off solution. You'll be putting the whole process of re-posting old content on... autopilot. But, let us go through some of this plugin's key features. Basically, it empowers you to set:   the age of the posts to be re-published the number of posts to be posted per day the posting frequency how many times the same old post can be posted the format of the posts to be shared on social media   Note: once plugged in, the Revive Old Post enables you to track the traffic that re-sharing these old posts will bring on your blog, right in Google Analytics.   5. Auto Post Scheduler ​​​​​​ It makes the best WordPress plugin for posting to social media especially in the case of a multi-author blog. One with a high volume of content drafted for being published on a daily basis. Screenshot: WordPress.org Basically, it's one of those few WordPress plugins to schedule posts that takes the full process, with all its particularities, off your back: From sharing scheduled posts, to recycling old posts to be published, it will automate all posting to social media-related operations. The END! These are the top 5 WordPress plugins to schedule posts for social media that you should evaluate first when looking for the best social auto poster for your own website.   ... Read more
Adriana Cacoveanu / Sep 14'2018
Designing for a Global Audience? 5 Things to Consider for Making Your Website Internationally Friendly
Designing for a global audience should be straightforward simple, right? You'd just translate the written content on your current website into all the different languages of your target audiences and you're good to go... Well, not even close. Closer maybe, but definitely not close.  For, as the Globalization & Localization Association (GALA) says it, far more accurately than I could: “The aim of localization is to give a product the look and feel of having been created specifically for a target market, no matter their language, culture, or location.” And proper localization (or contextualization, if you prefer) is precisely what you should aim for when trying to reach a global audience. Now, making your website internationally-friendly is subject to a lot of considerations; translating the written content into different languages is but one of the many steps to take. Let me point out to you just 5 of the essential ones to keep in mind:   1. Can Your Current Web Hosting Solution Handle That Amount of Traffic? Let's take this hypothetical (yet not impossible) scenario: You've been selling custom-designed stationary in Canada for a while now. Your eCommerce website's server is in Vancouver. Still, your Canadian customers just don't seem so “mesmerized” with your hand-crafted products as you expected them to be. So, what do you do? You go global! You start selling your stationary in... South Korea, as well, and online orders start to ramp up.  But your web hosting provider doesn't have servers in Asia, as well, to back you up with, and so the page loading speed on your website gets close to... lousy. There are scripts, files, images to be loaded and to all these all too common heavy-weighing factors, now you add the distance factor, as well...  Your server just can't handle it... In this hypothetical case here, you have 3 viable solutions at hand:   you supercharge your website with a CDN for high speed you replace your current provider with another one that can provide you web hosting globally you upgrade your current hosting plan, opting for one that can handle higher volumes of traffic   It's up to you how you'll equip your website to cope with the expected larger-than-normal amount of traffic.   2. Is the Used Imagery Culturally Relevant for Your International Audiences? And yes, when designing for a global audience you need to consider this aspect, as well: Will all the international audiences that you're targeting resonate with the images displayed on your website? Do these images convey the same message, irrespective of culture, location, spoken language...? Are there any culture-specific meanings or symbols that you might have overlooked? Make sure they're not “packed with” references that a global audience wouldn't understand. Or risk misinterpreting... And, above all: Take your research seriously when you're planning to reach global audience; ensure your site's imagery can't get interpreted as offensive in some of the cultures that you're targeting.   3. What Do Your Chosen Colors Symbolize in Different Cultures? Make sure that you base your color choice on an in-depth research on the color symbolism in different cultures. And not solely on aesthetic aspects. In this respect, the examples of colors having both positive and negative connotations, depending on the cultural area, are numerous: Take white, for instance, a color that means both cleanliness, innocence or/and... death (in China). Choose your color palette wisely and do not leave the selection up to your designers entirely. Designing for a global audience is no more than a compromise, after all: You trade visually-striking design for a globally-relevant one. One that's both... global and local.   4. Remember to Use Hreflang Tags when Designing for a Global Audience  Why bother?  Well, you could take the hreflang tags as some kind of “traffic signs” indicating to  the search engines:   that the content on your website has been translated into multiple languages precisely which version of that content they should deliver to your site's visitors, depending on their location   As for how you can add them to your site's content, the Moz team has a more than “enlightening” blog post on the topic of hreflang tags, so I'm not going to get into details here. Now, let's move on to the last point on my list of aspects to pay attention to when designing for a global audience:   5. Is Your Website Optimized for Globally Accepted Keywords? And “globally accepted” sure doesn't come down to: Showing the translated version of each one of your target keywords each time it shows up. Now, let's take this common example: What if you're optimizing one of your site's pages for the keyword “dinner recipes”, but in some parts of the USA the equivalent “supper” is more frequently used? Then, you'll need to:   do your own research on all the possible keyword variations  account for them when doing keyword optimization on your website's pages   Et voila: these are just 5 of the essential aspects to consider when designing for a global audience. As you can see, translating the words on your website is just the very base of the “pyramid” of techniques to apply for avoiding common gaffes when you go global. That if you want to do it the right, of course... Photo by Kyle Glenn on Unsplash. ... Read more
Adriana Cacoveanu / Sep 11'2018
10 Drupal SEO Mistakes You Do Not Want to Make on Your Website: From Least to Most Harmful- Part 2
You've put so much effort into crafting and polishing the content on your Drupal website and it just won't... rank? Why is it that search engines' web crawlers won't index its “juicy” content? Why they won't give your site a big push right to first-position rankings? As it clearly deserves... Could it be because you're making these 10 Drupal SEO mistakes?  Knowingly or just recklessly... And with the first 5 of them already exposed in the first part of this blog post, I'm keeping my promise and here I am now, with 5 more SEO mistakes that you don't want to make on your Drupal website, ranging from:   embarrassing gaffes to faux pas to catastrophes...   1. Underrating Meta Tags: One of (Too) Common, Yet Costly Drupal SEO Mistakes  And let me just say it: forgetting (or choosing not to) to check those 3 on-page ranking factors:   description page title tags   ... is one rookie SEO mistake.  And one costly neglect, too... Why? Because by simply checking your meta tags, making sure that the content entered there:   contains all the relevant keywords is user-friendly and engaging   you hit 2 birds with just one stone:   search engines' crawlers will just know whether specific web pages on your site are relevant for specific search queries or not; whether the keywords that you will have added to your meta elements are precisely those that online visitors use users will get a “teaser” of what the page is about, helping them decide whether it matches their searches and expectations or not   Note: Drupal's got your back with a dedicated Metatag module that you should install even before you “release your website out into the wild".   2. Ignoring the Slow Page Loading Speed  If it takes more than 2 seconds to load... then you'll lose them. Visitors on your Drupal site will lose all interest in accessing that given page. And could you blame them?  Instead, you'd better:   blame yourself for accepting this status quo and refusing (or just postponing or not putting enough effort into it) to optimize your site for high speed rush to address this major UX issue risking to grow into a critical SEO issue   How? By:   compressing all JS and CSS files using a dedicated tool of your choice (and thank God there are plenty of those to choose from!) compressing all overly large pages reducing images, graphics, and videos to reasonable sizes disabling all those Drupal modules that you haven't used in ages (or maybe never...) enabling caching (and luckily there are Drupal cache modules — like Memcache, for instance — that can help you with that) upgrading your server or even moving to a new hosting company optimizing your site's current theme See? Improving your Drupal site's load time is no rocket science and it doesn't require overly complex measures, either. They're no more than... “common sense” techniques. Assess the resources that implementing them would require and... just do it:   the user experience on your Drupal website will improve significantly search engines will “detect” this increase in user satisfaction … which will translate into a higher ranking    3. Overlooking to Redirect From Its HTTP to Its Secure HTTPs Version Migrating your Drupal site to HTTPS is a must these days. Just face it and deal with it or... be ready to face the consequences! Yet, if you overlook to redirect your site to its new HTTPS version, thus sending its visitors out to... nowhere — to error pages — then... it's all but wasted effort and resources. One of those SEO Drupal mistakes with long-term consequences on your website's ranking.   4. Broken Internal Images Leaving broken internal images and missing ALT attributes behind is a clear sign of SEO sloppiness... And now, here's what we would call a “broken image”:   an image that has an invalid file path an image with a misspelled URL   The result(s)?   first, a broken image has an impact on the overall user experience; your site visitor gets discouraged and quits the page in question next, search engines rate your site's content as “of poor quality” and finally, all these lead to an inevitable drop in Google search rankings   5. Underestimating (or Just Ignoring) the Importance of an XML Sitemap for SEO Not generating an XML sitemap of your Drupal site is more than just one of those Drupal SEO mistakes that you should avoid: it's a missed opportunity! A huge one! Here's why:   an XML sitemap would include all the URLs on your website … as well as information (via heading tags) about your site's infrastructure of web pages, for search engine crawlers to use … “alerts” about which pages they should be indexing first an XML sitemap provides an early index of your website all the pages on your website get submitted to the search engine database even before they get indexed in their own database   Note: the sitemap.xml file not only that communicates with and informs search engines about the current content ecosystem on your Drupal site, but will “keep them posted” on any updates of your site's content, as well. So, what an XML sitemap provides is a prioritized, conveniently detailed and easily crawlable map of your Drupal website meant to ease web crawlers' indexing job. And the easier it gets for them to crawl through your site's content, the faster your site's indexing process will be. In short: if the robots.txt file alerts search engines about those pages that they shouldn't crawl into, the sitemap.xml file lets them know what pages they should index first! Tip: discouraged by the thought of manually building your site's sitemap? Well, why should you, when there are Drupal modules built especially for this?   Site map (Drupal 7)       Sitemap (Drupal 8)         Simple XML (Drupal 8)     XML Sitemap     From taxonomy terms, menu links, nodes, useful entities, to custom links, these modules will automatically generate all the entities that you'd need to include in a detailed sitemap of your Drupal site. The END!  Just face it now: you'll inevitably continue to make gaffes influencing your site's SEO, no matter how many precautions you might take... Yet, these10 Drupal SEO mistakes here, ranked from least to most damaging, are the ones that you should strive to avoid at all costs... ... Read more
Adriana Cacoveanu / Aug 27'2018
10 Drupal SEO Mistakes You Do Not Want to Make on Your Website: From Least to Most Harmful- Part 1
You have made, are currently making and will continue to make various Drupal SEO mistakes. From those easy to overlook gaffes to (truly) dumb neglects, to critical mistakes severely impacting your site's ranking...  Just face it and... fix it!  And what better way of becoming aware of their impact on your site than by... getting them exposed, right? By bringing them into the spotlight... Therefore, here are the 10 SEO mistakes you really don't want to make on your website: the “culprits” for your site's poor ranking. Take note of them, assess their occurrence/risks for your Drupal site's SEO and strive to avoid them:   1. Overlooking or Misusing Header Tags Do it for the crawlers or do it for your site visitors. For whichever reason you decide to structure the content on your web pages using H1, H2, H3 tags, Google will take note of your efforts... And it all comes down to setting up an SEO-valuable hierarchy on each page on your Drupal site. One that:   crawlers will painlessly scan through, which translates your website getting indexed more quickly users will find conveniently “readable”, which bubbles up to the overall user experience   Note: one of the worst SEO gaffes that you could make —  one that would confuse the crawlers and intrigue the site users — would be to use multiple H1 tags on the very same page.  It's one of those silly, yet harmful rookie Drupal SEO mistakes that you don't want to make!   2. Duplicate Content: It's Literally Killing Your SEO Now, speaking of running the risk to confuse the crawlers in your Drupal site, duplicate content makes the "ultimate source of confusion” for search engines. And how does this show on your site's SEO?  Basically, since the crawler can't identify the right page to show for a specific query, it either:   "refuses" to rank any of them or applies specific algorithms to recognize the "suitable" page for that search query   Needless to add that the second decision is discouragingly time-consuming, while the first is simply... disastrous for your site's ranking. "But how did I end up with duplicate content on my website in the first place?" you might ask yourself. Here are 3 of the most common causes:   HTTP vs HTTPS  URL variants WWW and non-www pages   Now, since an identified and acknowledged mistake is already a half-solved one, here's how you can get it fixed:   just set up a 301 redirect from that web page's primary URL to the new one set up a rel=canonical attribute on the old URL, one that would let search engines know that they should handle the new URL as a duplicate of the original one   Note: It goes without saying that all metric records and all the links that search engines will have monitored on these two duplicate pages will then be automatically attributed to the original URL.   3. Optimizing for the Wrong Keywords And this sure is one of the most frequent Drupal SEO mistakes, that goes back to: Not investing enough resources (of time mostly) in a proper keyword research strategy. And no, trying to rank for the prime keywords isn't a foolproof action plan! The result(s)?   you end up targeting all the wrong keywords you optimize your site's content for all the wrong terms, that your target audience isn't actually searching for   Wasted efforts for putting together non-targeted (or not properly targeted) content... Instead, invest time in identifying and then ranking for the right search terms. For yes, it will take longer to carry out a proper keyword process and for your site to start ranking for those keywords. But it won't be wasted time...   4. Having Pages with Duplicate Title Tags on Your Drupal Site Here's another way of confusing crawlers even more: Faced with two separate web pages having the same <title> tags, search engines won't know which one of them stands for a specific search query. And their confusion only risks to lead to your Drupal site's getting banned... Moreover, it's not just search engines that will get discouraged by the duplicate titles, but site visitors, too. They won't know which is the “right” page to access. “OK, but how can I get it fixed?”   you install and turn the Metatag module on you craft and give each page on your Drupal site a unique title    5. Ignoring Robots.txt: One of the Common Drupal SEO Mistakes Now, before answering your otherwise valid question: “Why do I even need Robots.txt file on my Drupal website?” … we'd better see what this protocol brings, right? Take it as a standard that websites use to communicate with crawlers and web robots “in charge” with indexing their content. It's this file that points out what web pages should be crawled and indexed and which ones should be skipped. Now, if it's a blog that you own, ignoring this protocol isn't one of the biggest Drupal SEO mistakes that you could do. But if it's a larger Drupal site, with a heavy infrastructure of web pages, that you're trying to optimize, then having Robots.txt file makes all the difference... Tip: do consider installing the Robots.txt module for streamlining the efforts of making your site “crawling-friendly”. END of Part 1! Stay tuned for I'll be back with 5 more Drupal SEO mistakes — ranking from seemingly harmless to critical — that you definitely don't want to make on your website. ... Read more
Adriana Cacoveanu / Aug 24'2018
Drupal Project Management: Specific Challenges and Approaches
Let me guess: you're a Drupal developer (temporarily) turned into a... Drupal project manager! Or maybe a PM new to Drupal, facing the challenge of your first Drupal project management assignment? Have I guessed it? Now the questions roaming in your head right now must be:   What Drupal project-specific challenges should I expect? How should I address them? How should I approach the Drupal developers, site builders and themers involved? What questions should I ask them at each phase of the project? And which are the stages of a Drupal project management process more precisely? How do I collect accurate and explicit requirements for my Drupal project?   “Spoiler alert”: managing a Drupal project the right way isn't so much about using the right project management modules and “heavy-lifting” tools. It's about:   understanding the specific challenges that Drupal projects pose understanding the specific phases of the process empowering the people in your team to capitalize on their Drupal expertise within the given time frames and according to your client's objectives   Now, here's an insight into the process of managing a Drupal project. One shaped as a list of predictable challenges and their most suitable solutions:   1. Proper Planning: Get The Whole Team Involved In other words: defining objectives and setting up a final time frame with the client without getting your team, too, involved in the process is like: Throwing spaghetti at a wall and hoping that it would just... stick somehow. They're the Drupal experts, you know... Therefore, getting the Drupal developers, themers and site builders engaged at this stage of the project is no more than... common sense. They're the (only) ones able to:   give you an accurate time estimate for developing and implementing each functionality/feature tell if certain of the requested features can't be delivered identify interdependencies and conditions provide you vital information about the Drupal-specific architecture and the project-specific development process … information on what components to take, whether new contrib modules need to be developed to support certain functionalities etc.   Get your Drupal team involved in the planning and preparation process and strike a balance between their valuable input, the client's objectives, and time frames.   2. Tempted to... Micromanage? Empower Your Team Instead Yet, resisting temptation won't be easy. Especially if you're a former Drupal developer now turned into a Drupal project manager. You'd just die to get your hands dirty with code, wouldn't you? To supervise, closely, how every single line of code is being written. Refrain yourself from that... Instead, do keep your focus on the bigger picture! And, moreover, empower each member of your team to... shine. To excel at what he/she's doing.  That instead of obsessing over details, getting everyone on their nerves and making them doubt their own skills: By focusing on each one of the small steering wheels, you'd just lose sight of the larger mechanism that's a Drupal project.   3. To Tell or Not to Tell: Do Encourage Your Team Members to... Tell Hiding the dirt under the carpet, from the stakeholders' eyes/ears and having members of your team remain silent over certain bottlenecks in the project will only act as 2 “Trojan horses”. They'll lead your Drupal project to... failure. Instead:   dare be honest with the client and inform him/her if you run the risk of a delay  encourage your team to be open with you and with their teammates when they hit sudden challenges, unexpected issues   By:   hiding ignoring “genuinely” underrating   ... issues detected in the development process — instead of getting them “exposed” and dealt with —  you're only sabotaging the Drupal project. And now speaking of encouraging good communication within your team, how about creating a dedicated open forum for them to use? This could be the “place” where they'd share any issues that they will have detected in the project. Or challenges that they face and can't address by themselves.   4. Juggling with Resources, Timeline, and Unforeseen Events I'm not going to lie to you about this one: keeping the balance between staying flexible and being capable to assess risks is not going to be easy... Unplanned issues will strike, new requirements will come to “jeopardize” this balance, unexpected changes will need to be accommodated under the same time frame... Should you keep yourself rigid and inflexible to all changes, sticking to the initial plan? Or should you “assimilate” all the incoming requirements and additions to scope with the risk of a project delay? And that of overburdening your team with unscheduled tasks... Can't help you with a universal answer here, one that would apply to all Drupal project management scenarios. It's you, together with your Drupal team, who should be able to estimate:   the changes' level of complexity the project delay (if it's the case) the chances for these additional tweaks to turn into contractual changes   5. Drupal Project Management Is 90% Good Time Management And it all comes down to: Breaking your Drupal project down into small, manageable tasks.  Tasks that can be easily turned into goals and objectives:   daily objectives weekly objectives and so on...   Efficient Drupal project management, even if we're talking about truly complex ones, is all about making it... manageable. About ensuring that the lists of tasks are logically structured and (most of all) time framed! Needless to add that this strategy acts as a motivation-booster for your team:  Just think about it: with every ticked off task, each team member can visualize the project's progress in... real-time. A progress that he/she, too, will have contributed to. The END! These are the Drupal project-specific challenges that any project manager dealing with this CMS faces, accompanied by their life (reputation)-saving solutions.   ... Read more
Adriana Cacoveanu / Aug 21'2018
Bringing Gutenberg to Drupal: A Modern Admin UI, a Better Editing Experience in Drupal 8
It's a robust, flexible and admin feature-packed CMS, there's no point in denying it. And yet: Drupal (still) lacks a modern UI that would make building rich web content —  such as landing pages — a breeze. But there is hope: the Gutenberg editor has been ported over, promising a better editing experience in Drupal 8. The team behind this daring project? Frontkom, a Norwegian digital services agency that:   refused to just sit and wait (for a year or two) for the in-progress initiative of modernizing Drupal's admin UI to grow into a core solution decided to capitalize on their experience in working with the Gutenberg page builder  … and on this content editor's open source nature, too … to bring it over to Drupal 8   Now, if you're determined to improve the editorial UX on your Drupal site, to “spoil” your editors with a modern, intuitive and flexible admin UI, keep on reading...   1. The Drupal Gutenberg Project: Aiming for a Modern Admin UI in Drupal 8 And by “modern” I do mean the opposite of the Panels & Paragraphs & Layout combo solutions currently available for editing text in Drupal. Solutions that only manage to make the entire workflow... discouragingly complex. Especially if it's rich web content that editors need to create via the Drupal admin UI. And this is precisely the context where the Drupal Gutenberg project was born: Drupal desperately needed/needs a modern, JavaScript-based admin UI. With WordPress 5 users already enjoying this fancy content editor and the Frontkom team's having gained experience in using it, the idea of porting it to Drupal started to form: "Why wouldn't we make it possible for Drupal users, too, to benefit from this content editor?"  And here are some of the original Gutenberg project's features that lead them into thinking that, once ported, the editor would significantly improve the editing experience in Drupal 8:   it's (highly) decoupled it's open-source it's React.js-based  it provides a simplified, smooth and cool functionality-packed admin UI it's Medium and Squarespace's inspired it turns the creation of complex landing pages into a breeze   Page editing in Drupal 8 wasn't going to be the same again! Their initiative turned into a Drupal 8 module —  Gutenberg Editor —  currently still an experimental one.  Curious enough? The first step to satisfy your curiosity is to take a look at their live demo: an interactive glimpse into the Gutenberg text editor implemented in Drupal 8.   2. The New Gutenberg for Drupal: Top Features Improving the Editing Experience in Drupal 8   2.1. All the Page Elements Are... Content Blocks That's right, the team behind this project capitalized on the “everything is a block” Drupal 8 concept when adapting the Gutenberg UI to Drupal. The result? Both the Drupal core blocks and 20+ Gutenberg blocks are available in the resulting admin UI. Basically, a Drupal 8 editor can insert into the web page that he/she's creating any of the core Drupal blocks and of the Gutenberg blocks of choice. Speaking of which, let me point out just a few:   Heading Image gallery Auto embedded social posts Buttons Custom Drupal blocks Layout blocks   Needless to add that you're free to enrich this list with your own custom blocks, too.   2.2. Easy Switch from Visual to Code Editor That's right, the Gutenberg UI enables you/your editors to quickly switch to code editor —  opening up a neat markup —  and to apply any needed tweaks on the output.   2.3. Positioning Content Is Straightforwardly Intuitive Editors get to select precisely where they want to position different types of content on a page. And the very same results that they generate while in the Gutenberg admin UI get instantly reflected on the live web page, as well. And there's more! More great admin features improving editing experience in Drupal. For instance: Full control over font sizes and colors; tweaking them becomes a breeze with the new editor.   2.4. There's a Blocks Search Box And not only that:   using this search box you can track down precisely those content blocks that you need to add to your page but you can access them inline, as well, using “/”.   2.5. Full Control of the Layout Another great thing about the content blocks available in the Gutenberg UI is that: they can have child blocks, too! This way, it'll get unexpectedly easy for your editors to split their used blocks into columns on a grid.   2.6. Auto Embedded Social Posts/Videos And all it takes is pasting their URL.   The Story of a Real Challenge: Making Gutenberg CMS-Agnostic Open source, but not fully CMS-agnostic...  The team behind the Drupal Gutenberg project had to come up with a suitable solution for this challenge. And they did come up with a multi-step solution to make the fancy text editor work in Drupal 8, as well:   first, they created a fork and removed the WordPress specific features they used the Gutenberg editor as a dependency  next, they set up a standalone NPM package then they built the Gutenberg Editor module   In short: a fork of the initial Gutenberg project is still maintained while being used as a dependency of the new Drupal 8 module. Therefore, each time Gutenberg gets an update, the corresponding Drupal module, too, gets a new release. Now, digging deeper into the project's architectural design, we discover 2 elements that the team had to re-write for Drupal:   the URL defining the editor routes (edit page route, new page route, preview page route) the API-request, now configured to “talk to” Drupal (instead of the WordPress API)   How does the new module work?   as a text editor, which can be easily enabled for each content type all it takes is a long text field for it to work: it replaces the node edit UI for that specific content type   Note: the Frontkom team also “promises” us to re-use many of the Drupal-specific stylings for the editor's UI elements in order to add a familiar Drupal feeling to it.   What Next? What's The Project Roadmap Ok, so what we know for sure now, regarding this ambitious initiative turned into a Drupal module is that:   the Drupal Gutenberg module is downloadable, yet still experimental (for developer use only) the team's still working on the project, implementing new features and functionalities aimed at making it feel more... Drupal native the final version will be presented to the eager/intrigued/curious/skeptical Drupal users and developers in the coming months   The END! Can't hide that I'm more than curious what you think about this contrib solution for improving the editing experience in Drupal 8:   Are you looking forward to using it, hoping that this editor would make up for the inconvenience of working with Drupal's current admin UI? Are you skeptical about the perspective of being tied up to a WordPress page builder?   ... Read more
Adriana Cacoveanu / Aug 17'2018