Adriana Cacoveanu

Adriana Cacoveanu

ADRIANA CACOVEANU, Content Writer

Adriana is the OPTASY team's digital content creator and copywriter. Her “mission” within our team is to masterfully blend the 2 main ingredients' listed in any valuable blog post's recipe (valuable information + the reader-friendly writing), as well as to craft informative and engaging content promoting our work: study cases on Drupal.org, fresh content for various pages on our company website, e-book content etc.
 

Back to Blog Posts
7 Common Mistakes in Interpreting Analytics Data: Statistical Pitfalls for Your UX Team to Avoid
All sorts of highly likely confusions, data taken out of its context, “obsessing over” numbers, approaching analytics with no clear goals in mind, metrics subjected to your own biases... We're all prone to making mistakes when analyzing data. Still, as a UX team striving to pull off an accurate picture of the user behavior, you need to take note of the most common mistakes in interpreting analytics data (UX analytics).  … of the biggest "gaffes" in reading data. Those responsible for all the wrong assumptions about your users that you'll end up making:   that low numbers are always a bad sign that if results show a correlation, there is definitely a causal relationship, as well   ... and so on. Now, allow me to “expose” to you the 7 most common mistakes that one can make when interpreting statistics:   1. Visits and Views: Confusing Them and Obsessing Over Them Using these two notions interchangeably is a pitfall that not only rookie data analysts fall into: With different UX analytics tools using different terminology for the very same concept and (even) confusing terminology used within the same tool, no wonder that you end up taking views for visits and vice versa. And still: make sure you fully understand the terminology, otherwise you risk to:   report on the wrong data put together some dangerously inaccurate reports   This is, no wonder, one of the most common data interpretation errors. Now, let's define views and visits and present them as two different concepts once and for all:   a view (or “pageview”) refers to a view of a page on your website tracked by the analytics tracking code a visit (or “session”) refers to a user's whole of interactions taken on your site, within a specific time frame   And now, speaking of views and visits, another one of the too common mistakes in interpreting analytics data is: Obsessing over views and visits! As a UX designer though, you may want to leave the challenge of increasing visits and page views to the marketing people in your team to handle. And, instead, to focus your efforts on that data that 's relevant to the user experience.   2. Settling for a Birdseye View Instead of Digging Deeper into Data Scratching the surface of the available data:   a quick assessment of the data at hand rapidly going over the “headline”  figures   … will only tell you something about your website's current performance in terms of traffic, but won't give you any clue on how to improve UX. How to increase the conversion rate. In other words: visits are no more than metrics signaling you how many visitors landed on your site during a given period of time, but this metrics won't reveal anything about how they actually engaged with those visited pages. See? Analyzing data as broadly as considering sessions to be the key indicator of performance and UX is another one of those common pitfalls in interpreting statistics: By far the best method of reading analytics data, as a UX-er, is to approach it with some well-defined goals in mind. This way, you'd focus your efforts on specific metrics, relevant for understanding user behavior, instead of getting yourself “drown” in a sea of data.   3. Common Mistakes in Interpreting Analytics Data: Not Looking Beyond Numbers … and not putting them in their contexts. For that's the proper way to interpret them. Otherwise, you're just... analyzing quantitative data stating the obvious: The “what” and not the “why”. This is undoubtedly one of the most common mistakes in interpreting analytics data: falling under the “spell” of numbers! Instead, you'll need to keep in mind that:   it's real users that those collected numbers represent once taken out of their contexts, numbers lack their true value they become truly valuable only when interpreted in connection with the user experience:   What do they tell you about the overall user experience on your website? This is why you should always apply qualitative methods when analyzing quantitative data. User research methods that enable you to go from “what has happened” to: “Why is it that visitors behaved that way on my website?”   4. Always Taking Low Numbers for a Bad Sign Another one of those more than common mistakes in data analysis is: Always thinking that low or a drop in numbers is a bad thing. Context is everything here! Just think of reading data analytics as a three-phase process:   what you want to see in those numbers what the available data seems like what it really means   Let me give you one good example: Less time spent on a web page could be good or bad. If we're talking about your redesigned homepage, it could very well mean that users do find its new design more intuitively efficient. That they can get to the pages on your site that they're interested in far more easily. In other words: do put those drops in numbers against their contexts before you alert everyone in your team that the site's going down the hill!   5. Overlooking to Segment Users For you surely agree that every given visitor uses your website differently:    on desktop  on mobile at different times of the day    And that multiple users interact differently with your site. Need I say more? Don't overlook these valuable considerations on your users' behavior when interpreting your quantitative data. Before you rush to make all the wrong assumptions reading your analytics data, make sure you break those figures down into multiple relevant segments:   mobile users desktop users users from different countries users falling into different age groups and so on   It's user base segmentation that turn quantitative data into... relevant data. And which, most importantly: Provide you with priceless clues regarding the areas on your site that you should be focusing your UX efforts on. Let's just say that your site has a conversion rate of 7%. Before you get overexcited about it, make sure you break that figure down. You might just discover that 9% comes from your desktop users and only 1% from your mobile users. And there you have it, there's your clue! Now you know just where to focus your UX efforts.   6. Not Setting Clear Goals Before Approaching Your Analytics And, as already stated, this could get you “tangled up” in a huge amount of data. But, if you take some time to define your goals first things first, you'll know just what you'll want to achieve from your data analysis session. And to:   direct your UX efforts towards those specific objectives focus exclusively on those metrics relevant for interpreting user behavior   If you don't know where you're heading, how can you know just how to get there; how to improve UX on your website?   7. Settling for a One-Size-Fits-All Reporting Setup Another one of those common mistakes in interpreting analytics data is sticking to a standard reporting setup. That instead of trying to custom-tune it so that it should deliver you precisely the data you need. The one relevant for your own website. Since each site works differently, you can't expect a one-size-fits-all approach to data analytics to perfectly suit them all, in the slightest details, now can you?   So, You've Analyzed Your Data: Now What? For reading your analytics data is just the first step. Now it's time you:   get some actionable takeaways from your analyzed data get to action   Are there usability tests that you need to run to figure out why the conversion rate is higher on your desktop site than on its mobile version? Or maybe you need to implement some user research methods to identify those contexts where users visit your site from their mobile devices? Time to put together your “data-fueled battle plan”! ... Read more
Adriana Cacoveanu / Jul 12'2018
These Are the 15 Best Drupal Security Modules Worth Installing on Your Website
I'm a woman of my word, as you can see: here I am now, as promised in my previous post on the most effective ways to secure a Drupal website, ready to run a “magnifying glass” over the best Drupal security modules. To pinpoint their main characteristics and most powerful features and thus to reveal why they've made it to this list. And why you should put them at the top of your own Drupal security checklist. So, shall we dig in?   1.  Login Security   It's only but predictable that since the login page/form is the entry to your Drupal site, it is also the most vulnerable page there, as well. Therefore, secure it! In this respect, what this module enables site admins to do is : define a certain number of login attempts; too many invalid authentication attempts will automatically block that account block/limit access for specific IPs   Moreover, you get notified by email or via Nagios notifications when someone is just username/password guessing or using other kinds of brute force techniques to log into your Drupal site. In short: the Login Security module, through its variety of options that it “spoils” you with, empowers you to set up a custom login policy on your site. To define your own restrictions and exceptions. 2. Drupal Core Update Module     As already mentioned here, on this blog, when we've tackled the topic of Drupal security: Keeping your Drupal core updated is that easily underrated, yet most powerful security measure that you could implement! Now what this module here does is assisting you in keeping your Drupal codebase up to date: safely patched and having all the crucial upgrades. And I don't need to remind you the security risk(s) that all those site owners ignoring the latest patches to Drupal core expose their websites to, right?    3. Captcha   Captcha is one of the best Drupal security modules since it's one of the most used ones. And no wonder: could you imagine submission forms on your website with no Captcha? The age-old system is one of the handiest ways to keep spammers and spambots away. So, having this module “plugged in”, providing you with the needed captcha support, becomes wisely convenient.   4. Password Policy   The module enables you, as your Drupal site's admin, to define specific rules for “wannabe users” to follow when they set up their account passwords. From constraints related to:   special symbols that those passwords should include, to ramp up both the given account's and your own site's security to uppercase letters to numbers...   … once you plug in this Drupal security module in, it's you who gets to set up the policy for creating account passwords.   5. Security Review, One of the Best Drupal Security Modules The Security Review module is that “Swiss knife” that you need for hardening your site's shield. Meaning that it's an all-in-one tool. One that comes with its own Drupal security checklist that it regularly goes through and sets against your website, detecting any missing or improperly implemented security measures. Moreover, it automates a whole series of tests for tracking down any signs of exploits and brute-force attacks:   arbitrary PHP execution XSS exploits SQL injection suspicious PHP or JavaScript activity in content nodes   Once it identifies the vulnerabilities, it “alerts” you and gives you the best recommendations for mitigating those security risks. All you need to do is follow the suggestions.   6. Security Kit Another module that “empowers” you to take full control over the security strategy on your Drupal site. To set up specific options for minimizing the chances of exploitable “cracks” showing up in its security shield: For instance, it could recommend you to set up HTTP headers on your Drupal site.   7. Session Limit     Here's another one of those best Drupal security modules that's also one of the widely used ones. Why is it a must-have on your own Drupal site? Because it enables you to set a limit to the number of simultaneous sessions per user, per role. This way, you trim down the chances of suspicious activity being carried out on your site and eventually leading to brute-force attacks.   8. Automated Logout       Another module that's a must on your Drupal site: It basically enables you, the site admin, to define a policy that would log out users after a specified time period of inactivity.    9. Two Factor Authentication     LinkedIn, Google, Twitter, Instagram, Facebook are just some of the big names that have adopted this user authentication method for security reasons. So, why shouldn't you, too? Especially when you have a dedicated module at hand, Two Factor Authentication, to:   provide you with various methods to select from: pre-generated codes, time-based one-time PINS or passwords, codes sent via SMS etc. give you full freedom in defining that two-factor authentication strategy that suits your site best   The principle is as simple for the user, as it is effective for your website, from a security standpoint: The user gets a security code that he/she'll then need to use for logging into your Drupal site.   10. Coder   A command-line tool, with IDE support, that gives your codebase a deep scan and detects any drift from the coding standards and best practices. Why has it made it to this exclusive list of 15 best Drupal security modules? Cause vulnerabilities might be lurking right in your Drupal code, not necessarily in your users' weak passwords or unpatched core modules. Having a tool at hand that would identify and notify you of all those weak links in your code, where the best practices aren't being followed, is just... convenience at its best.   11. SpamSpan     Another key module to add to your Drupal security checklist.  For you do agree that email addresses are some of hackers' easiest ways to infiltrate into your website, don't you?  Now what this module here does is obfuscate email addresses so that spambots can't collect them. Note: a key strength of SpamSpan is that it uses JavaScript for this process, which enhances accessibility.   12. ACL       “A set of APIs” This is how we could define this module here, which doesn't come with its own UI. Its key role? To enable other Drupal modules on your website to set up a list of users that would get selective access to specific nodes on your site.   13. Paranoia       Why is Paranoia one of the best Drupal security modules? Because it will end your “paranoia” — as its name suggests — that an ill-intentioned user might evaluate arbitrary code on your site. The module practically identifies all those vulnerable areas where a potential attacker could exploit your site's code and blocks them.   14. Content Access         Limiting or blocking access to key content types on your site is no more than a common-sense security measure to take, don't you agree? Therefore, this module here's designed to assist you throughout this process:   as you define detailed permissions on your site: to view/edit/ delete specific content types … by user role and by author    Word of caution: do keep in mind that, since Content Access uses Drupal's node API, you shouldn't enable other modules using the same endpoints on your website!   15. Google Apps Authentication         A module that ramps up not just your site's security, but also its accessibility. Just think about it: Nowadays anyone has at least one Google account. Therefore, “anyone” can easily log into your website using his/her own Google account credentials. Once, of course, you will have installed and turned this Drupal module on. END of list! These are the 15 best Drupal security modules worth installing on your site.  Scan them through, weigh their key features, set them against your site's specific security needs and make your selection! ... Read more
Adriana Cacoveanu / Jul 04'2018
OPTASY Is a Gold-Level Sponsor of Drupal North Regional Summit 2018: Moving Drupal Forward!
Save the date(s): 10-12 August! And join us for a 3-day conference on building with Drupal, driving this open-source technology forward and strengthening & growing the community behind it: Drupal North Regional Summit 2018.  You'll find us in our booth at the Toronto Reference Library's exhibit hall, to be more specific, since this year OPTASY's a proud gold sponsor of the fourth edition of this event:  The biggest annual summit in Canada focused on promoting Drupal.    Why Would You Attend Drupal North Regional Summit 2018? That's right: why would you pack your bags and get en route for Toronto's Reference Library when summer is at its peak and everyone's looking for a place in the sun? For a bunch of strong reasons, actually:   first of all, if you're already living in Canada, why would you want to miss the biggest annual event in North America promoting Drupal? no less than 300+ individuals and organizations will be attending it if you're a Drupal developer, this is a once-in-a-year opportunity to grow and to... outgrow yourself; the event's schedule is “overcrowded” with sessions covering a variety of Drupal-related topics, with “can't miss” keynote sessions and networking opportunities … grow your profile by sharing your knowledge and expertise all while enriching it as you learn from other Drupalists attending the event as a Drupal-powered organization, Drupal North Regional Summit 2018 is a great chance to recruit new talent (and this is the event's key “mandate”: to showcase Canadian Drupal talent), to make connections with other Drupal-fueled businesses...   Whether you're:   in the government, nonprofit, education, business field a freelancing Drupal enthusiast looking to keep his/her knowledge up to date … don't miss the largest summit in Canada promoting Drupal!   It'll be a win-win-win type of situation:   you (the Drupal developer) get to keep your knowledge up to date you (the organization) get to dig through a pool of Drupal talent and also to network with other key decision-makers from some of the most notorious companies in Canada running their businesses on Drupal and it's a winning situation for Drupal itself: all the individuals and companies attending the summit will help to extend its reach to more people and more businesses    OPTASY Proudly Supports Drupal and the Drupal North Regional Summit 2018 Why? What's in it for us? Why are we so proud to be one of the gold sponsors of this Drupal summit in Canada? Because we like to practice what we preach: To give back to the (Drupal) community, what the community gave to us for free. And along these +15 years years since we've been developing in Drupal there's been plenty of work done by all those developers contributing to Drupal and moving this open-source technology forward that we leveraged in our own projects. It's only but common sense to give something back now and to contribute ourselves, too. And sponsoring Drupal events is one way that we can do that. But there are other reasons, too, why we decided to support the Drupal North Regional Summit 2018 as a gold sponsor. All of them deriving from the above-presented reasoning:   the 3-day conference makes the perfect “lab” where brilliant solutions to well-known issues in Drupal get identified and shared with the community, new Drupal modules get put into the spotlight, new ways of innovating this technology get presented in other words: investing in this Drupal summit we invest in us, as a team and as a company, and implicitly in our own clients, as well ... all the knowledge and “steamy-fresh information” that we get from this conference will then be put to use when working on our clients' future projects it's also a great place to network with existing and potentially new Drupal-using companies and an opportunity for us to “expose” the key advantages that set OPTASY apart as a Drupal agency: +15 years hands-on experience, proven Drupal expertise, pure passion for what we do, a strong work ethic and stellar communication skills confirmed by our clients   So, are you curious about Drupal's main strengths as a technology of the future? Interested to discover what precisely helps it stand out? Are you looking for a Drupal partner with both the proven experience and the proper “weakness” for innovation to turn your ideas into digital reality? Stop by our booth then, in August, and let's talk Drupal, growth opportunities and everything in between! ... Read more
Adriana Cacoveanu / Jul 02'2018
What Are Some Quick and Easy Ways to Secure Drupal? 7-Step Security Checklist
You have patched your Drupal website, haven't you? If so, then that critical 3-month-old security flaw, Drupalgeddon2, can't get exploited on your site. Even so, with the menace of a cryptocurrency mining attack still lurking around the unpatched websites, you legitimately ask yourself: what are some quick and easy ways to secure Drupal? “Which are the most basic steps to take and the simplest best practices to adopt to harden my Drupal site's security myself?” Now, using keywords such as “security measures”, “quick”, “easy” and “handy”, I've come up with a list of 7 basic steps that any Drupal site owner can (and should) take for locking down his/her website. Here they are, in no particular order:   1. Keep Your Drupal Core and Modules Updated  Not only is this one of the simplest ways to secure Drupal, but one of the most effective ones, as well. Even so more now, with the Drupalgeddon2 Drupal security threat still fresh in our memory, ignoring the regularly released security updates for both Drupal core and its modules is just plain recklessness or... self-sabotage. Keep your Drupal version updated: apply security patches as soon as they get released, avoiding to leave your site exposed and exploitable. As simple as that! And where do you add that this is one of those Drupal security best practices that's the easiest to integrate into your routine. Since to run the latest updates you only need to:   sign in to your Admin panel go to “Manage”  scroll down to “Reports” → “Available Reports” click on “Check manually” if there are any critical security updates that you're advised to run, just click “Update”   This is all it takes for you to: seal any security loopholes in your Drupal core prevent any identified vulnerability from growing into a conveniently easy to access backdoor for hackers to get in   2. Install Drupal Security Modules  Strengthening the shield around your Drupal site with some powerful Drupal security modules is another both handy and effective measure that you, yourself, can easily implement. Luckily, you're definitely not out of options when it comes to good security modules in Drupal. And I'm only going to run a short module inventory here, since I'm already preparing a blog post focused precisely on this topic. Therefore, I promise to delve deep into details about each one of the here-listed modules in my next post:   Secure Login   The Security Review (Drupal 7 only)     Paranoia    Captcha     Two-factor Authentication    Content Access         Security Kit     Password Policy       Automated Logout     Password Strength     Downloading, installing security modules on your Drupal site is both:   quick and simple to do highly effective    And they serve a wide range of purposes, from:   enforcing strong password policies to monitoring DNS changes to locking down your site from security threats to blocking malicious networks to turning on a firewall on your site   As for their selection, it depends greatly on your list of priorities when it comes to improving your site's security. Take some time to weigh and to compare their features.   3. Remove Unused Modules: One of the Easiest Ways to Secure Drupal  Being the “easiest” security measure to implement doesn't make it also “the most popular” among Drupal site owners. Owners who more often than not:   underrate the importance of running a regular module usage audit on their sites ignore the Drupal security threat that an outdated piece of code (or an unused module) could turn itself into, once exploited by an attacker   So, don't be one of those site owners! Are there modules on your site that you no longer use?  That have grown outdated and that are just... lingering there, using your site's resources and risking to grow into an exploitable backdoor for hackers? Identify them and remove them! It won't take more than just a few priceless minutes of your time.   4. Enforce a Strong Password Policy Since it's not just the admin (you do have a smart username and password for logging into your admin dashboard, don't you?) that will log into your Drupal site, but users, too, implementing some strong user-side security measures is a must. In this respect, creating a strong password policy — one that would enforce the creation of complex, “hard-nut-to-crack” type of login credentials — is one the best and the easiest ways to secure Drupal on the user's side. Come up with a policy that defines specific requirements for setting up passwords of high enough entropy (letters, uppercase/lowercase, symbols, different characters combos). And don't hesitate to rely on dedicated Drupal modules for enforcing those requirements defined in your policy:   Password Strength   Secure Login    5. Block Access to All Your Sensitive Files I bet you don't want important folders, core files — upgrade.php., install.php, authorize.php, cron.php —  to be easily accessible to just... anyone, right? So, how about limiting or blocking access to them? And you can easily do that by configuring your .htaccess file —  it's the one containing details of crucial importance regarding your website access and credentials to specific parts and core files on your site: Just specify the IP addresses allowed to access those core folders, files and subdomains. Here's one “enlightening” example: <FilesMatch "(authorize|cron|install|upgrade)\.php"> Order deny, allow deny from all Allow from 127.0.0.1 </FilesMatch> Note! Now speaking of limiting access, don't limit your restrictions to your core folders and files. Remember to restrict/block access to your web server, to your server login details, as well. How? By adding a basic layer of authentication limiting server access and file access usage. Also, do remember to cautiously manage access to certain port numbers that your site/app might be using.   6. Back Up, Back Up, then... Back Up Some More  You can't anticipate brute-force attacks, but you sure can “land back on your feet” if the worst scenario ever happens. And you can only do that if you have a clean and recent backup at hand to just rollback and restore your website. In other words: back up regularly!  And remember to always back up your files and MySQL database before any update that you run on your Drupal code and modules. It is one of those common sense Drupal security best practices that should be included in any basic security checklist! Where do you add that you even have a dedicated Drupal module —  Backup and Migrate — to assist you with this process. Some of the back up “burdens” that this module will take off your shoulders are:   backing up/restoring code and multiple MySQL databases integrating Drush  backing up files directory setting up several backup schedules AES encryption for backups 7. Review All User Roles and Grant the Minimum Permissions Necessary How many user roles are there assigned on your Drupal site? If you don't quite know the answer, then it's obvious: You must give your entire user role system an audit! And to stick to this habit, one of the simplest ways to secure Drupal, after all. Review all the user roles and, most of all, review each one's set of permissions and make sure you trim them down to the minimum necessary for each role.  This way, you'll also limit access to critical files for those users that shouldn't have the permission to download or visualize them. And speaking of permission, do keep in mind to review all your file permissions, as well! See which user roles are granted permission to access key directories or to read, write or modify certain files on your website and block/restrict access where necessary. The END! Of course, this isn't even close to a complete list of ways to secure Drupal. If it had been an exhaustive one, it would have continued with more Drupal security best practices, such as:   getting the SSL Certificate securing HTTP headers using secure connections only   Etc. etc. I've only focused on some of the easiest and quickest measures that anyone, with little, close to no technical know-how at all, can implement. And I feel like stressing out the term “practice” here: Securing your Drupal site is a constant process; a series of persistent efforts and not a one time thing. Remain vigillant and cautious and don't rely on just a one-time, multifaceted security hardening “marathon”.   ... Read more
Adriana Cacoveanu / Jun 28'2018
How to Fix a Hacked WordPress Site: A Step-by-Step Guide on Identifying and Removing Malware
“Mysterious” pop-ups that you did not initiate, inexplicable auto-linking keywords, frequent freezing of your website... These are all but clear signs that your WordPress site has been hacked! Now what? Where should you look for the “infection”? Here's a step-by-step guide on how to fix a hacked WordPress site. And it goes without saying that the very first step to take is to: Keep calm! Next, you'll need to figure out how precisely that malicious individual has found his/her way into your site. What security vulnerability has he detected and exploited? Once you've determined how your WordPress website's got hacked, figuring out how to remove the malware is already a half-solved problem. So, let's dig in before this hypothetical infection has spread out throughout your entire website:   Step 1: Identify the Hacked Files (and Change Your Password) Remember what we've already agreed upon, that the very first step to take is precisely not to panic? So, while keeping your cool, start your “investigations” by asking yourself 3 key questions  — this, of course, after you've already asked yourself “How to remove malware from my WordPress site?”:   Are you able to access your admin panel? Is your site already marked as insecure (by Google)? Is your site redirecting automatically to another website once you log yourself in?   At this point, I also strongly recommend that you changed your password, as well. And this before you jump to the next step of your investigation. Note: remember to change it again after you've cleaned up your website, as well.   1.1. Give Your Site a Thorough Scan Using a Security Tool/Plugin And I do think that it never gets redundant for me to stress out: Turning on a powerful WordPress security plugin on your website is one of the best shields that you could activate around it. In case of an emergency situation, like this one here, you'd simply enable it to scan your site remotely and track down malware locations and malicious payloads and, most of all: A good security plugin would identify and alert you, in real-time, of all the changes made to your website. Note: everyone knows it, yet most website owners stubbornly ignore the importance of keeping their loads of WordPress themes and plugins updated regularly. They just overlook the fact that out-of-date files are by far hackers' “top favorite” security vulnerabilities.    1.2. Check Whether Your Core Files Have Been Compromised And since they're by far the most valuable files on your site, it's only normal to check their integrity first things first:   wp-includes root folders wp-admin   Most of these core files should never ever be modified. And there are 2 ways of checking them:   you either use the diff command in your terminal or you check them manually, via SFTP   If they're unchanged and therefore clean, move on to the next step of this “how to fix a hacked WordPress site” guide:   1.3. Check the Integrity of the Recently Modified Files It may also be that precisely the recently modified files on your WordPress site are the “corrupted” ones. To know for sure, identify the files that have been recently modified. And again, you have 2 options at hand for this type of “investigation”:   the manual check running the right commands in your Linux terminal   For manually identifying these newly changed files that might have been hacked just go through these steps here:   log into your server (use the SSH terminal or an FTP client) if it's SSH that you're using, then it's this command that will automatically list all the files that got modified the last 15 days: $ find ./ -type f -mtime -15 if it's SFTP that you're using, just scan through the last modified date column for all files on your server … detect any files that recent changes have been made to   Now for tracking down these possibly “infected” recently modified files using the terminal, just follow these 2 simple steps:   run this command in your terminal: $ find /etc -type f -printf '%TY-%Tm-%Td %TT %p\n' | sort -r  next, if you want to identify the directory files, enter this command: $ find /etc -printf '%TY-%Tm-%Td %TT %p\n' | sort -r    Are there any unexplainable changes made to those files in the last 7-30 days?   1.4. Check the Diagnostic Pages  A conveniently handy way to remove a virus from your WordPress website is to “track it down” using Google's or another website security authority's tool to give your site a deep scan with. Has yours already been blacklisted by one of these authorities? Then simply run the Google Transparency Report:   go to Safe Browsing Site Status website enter your website's URL there check both the Site Safety Details and the Testing Details sections    It's a quick and easy way to collect valuable information about any suspicious downloads, redirects, and spams on your site, as well as priceless data about Google's recent scan that ended in malware being detected. Note: another way of identifying malware that's within your reach is by using a free webmaster tool — Google Webmasters Central, Norton SafeWeb, Bing Webmaster Tools etc.   Step 2: How to Fix a Hacked WordPress Site: Removing the Detected Malware After all your preliminary investigations, you should put together your battle plan for actually removing the identified hack from your WordPress site. And for restoring it to its pre-hack clean state, too, obviously. For this, here are the most effective measures at hand for you to apply:   2.1. Is a Clean Backup Available? Use It to Compare Pre-Hack to Post-Hack Files Is there any need for me to stress out that: You should back up your website on a daily basis! And the very situation that you're in now is by far one of the strongest reasons to do that: “How to fix a hacked WordPress site” will get reduced to: “simply comparing a clean backup to the current hacked version of your site!" Identify the files that have been modified and get them removed. It goes without saying that you risk losing some of your files —  those added/updated after the last backup — but you do want a clean website now, don't you? 2.2. Remove the Identified Infected Files from Your Website Once you've restored your WordPress backup, you can easily remove any suspicious plugin, theme or other types of file. Note: do handle core files with utmost caution, though! Mind you don't accidentally overwrite your wp-content folder or your wp-config.php file. When it comes to infected custom files, you could replace them with a clean recent backup or with fresh new copies. “But how do I remove “malicious” code manually?” you might ask yourself. Let me go briefly through all the key steps required:   log into your server (via SSH or SFTP) back up your website track down the recently modified files replace any suspicious files with copies from the WordPress repository use a text editor for opening up any custom files there and remove any suspicious code that you'll detect  test your newly cleaned up website   Word of caution: manually removing a malware infection from your WordPress site does call for special safety measures. Never remove corrupted code without first backing everything up!   2.3. Remove All Malware Infections from Your Database Tables, as Well  Now, you do agree that a “how to fix a hacked WordPress site” tutorial couldn't possibly skip the step where database tables get cleaned up of any malware infection. Here's how you do it:   connect to your database using your database admin panel create a backup of your database give it a deep scan looking for any suspicious content  if detected, open the table containing that specific link or spammy keywords manually remove that infected piece of content give your website a “post database clean up” test remove any tools that you might have used specifically for this operation —  Adminer or maybe Search-Replace-DB   2.4. Check All The User Permissions: Look for New, Unfamiliar User Accounts My advice to you, when it comes to user accounts, to user roles and permissions on your WordPress site is to: Keep just one single admin user and stick to the essential user roles (and granted permissions): author editor contributor  etc.   This is one of the most effective prevention measures that you could take so you don't end up asking yourself “How to clean up a hacked WordPress site?” Now, coming back to our investigation here, here's how you remove all the unfamiliar WordPress user accounts from your website:   first, back up both your site and your database log into your admin panel and click the “Users” tab track down any unfamiliar new user accounts there, hover over them and delete them   Note: another wise thing to do is to re-check each user's roles and permissions. If you feel like updating them, simply use the users' role editor plugin.   2.5. Detect and “Close” all the Backdoors And you want to treat this aspect with maximum seriousness. Otherwise, following each and every step indicated to you in this “how to fix a hacked WordPress site” tutorial becomes... pointless. For the attackers would always have this “secret passage” to infiltrate themselves into your website over and over again. “But what are backdoors more precisely?” you might ask yourself. They're files similar to your site's core files — wp-config.php and key directories such as /uploads, /themes, /plugins —  yet strategically placed in the wrong directories.  Here are some PHP functions that you could recognize them by:   str_rot13 assert base64 move_uploaded_file eval system stripslashes gzuncompress   Word of caution: keep in mind that there are plugins on your WordPress website that could be legitimately be using these PHP functions; therefore, make sure you test all those "apparently suspicious changes" before rushing to remove the so-called "malicious" functions. Otherwise, by removing benign functions, you might just break your website.   2.6. Request a Review of Your Site, to Have all Malware Warnings Removed Now, once you've repaired all the damage caused on your Wordpress site, it's only but logical to... let the blacklisting authorities know that your site's clean now. For this, you can just request a review of your recovered website.   2.7. Change Your WordPress Salt Keys  The very last step to take in this “How to fix a hacked WordPress site” process is to change the security keys from your wp-config.php file: This way, even if a potential attacker stole your password, he would get automatically auto-logged out once you've changed your WordPress salt keys. Next, you can just change your password, as well as the ones of other users on your site.   Or, Just Cut All These Steps Down to a Single One: Preventive Maintenance Which means adopting a WordPress maintenance and support plan tailored just for you and your specific security feature needs. This way, not only that you'd save the time (and spare your nerves) that you'd otherwise invest in carrying out all the steps included in a tedious “how to fix a hacked WordPress site” process, but: From running regular updates to on-going maintenance of your website's core components to regular security audits, you wouldn't need to... move a single finger. Our WordPress maintenance and support team would handle it for you. “Prevention is better than cure” is so much more than just a saying... ... Read more
Adriana Cacoveanu / Jun 19'2018
What Does It Take to Develop a Mobile-First Content Strategy for Your Drupal Website?
There's no way around it, not anymore: with Google's index now mobile-first, adopting a mobile-first approach when building a new Drupal site (or redesigning a legacy one) is… a must! It no longer depends on a specific project's needs or on the used technology. The need to develop a mobile-first content strategy has gone from particular to universal. And facing the challenge of:   (re)creating optimizing structuring   … content on your Drupal website means conforming to those specific patterns that mobile users have developed for reading content on their smartphones. In short: developing a fully responsive Drupal site comes down to centering your mobile content strategy around the idea that: It's for the smallest screen sizes that you should plan your content for, first things first … then scale it up from there. Now, let's see precisely what it takes to develop a mobile-first content strategy. What focus points and must-have components to include:   1. Take the Smallest Screen Size as the Starting Point In other words: think mobile-first! And by “mobile” I do mean “smartphones” — the smaller the screen size, the better.  This way, you'll be adjusting your content so that it makes the most of the smallest interface. Starting “small” is the best way to stick to the “keep it simple” approach: Thinking through every content-related decision in the light of the viewport size challenge will constrain you to keep the truly essential content elements only. Hence, this “spartan” way of eliminating the unnecessary will reflect on your site's desktop design, as well:  It will turn out cleaner and lighter.   2. Use Visual Content Wisely: Weigh Your Choices of Images  The golden rule when it comes to the imagery that you'll use on your responsive website is: If an image doesn't enhance and complement your content, then you're better off without it! And I know what you must be thinking: “But people remember what they see far more easily than what they read.” True, you need to keep in mind that visuals do come at a cost, though: Those stunning, visually-arresting images on your website risk to divert your users' attention from the message itself. And still, probably the most heavy-weighing reason why you should use images wisely when you develop a mobile-first content strategy is: weigh. Visuals risk to take up valuable screen space and thus:   outshine your calls to action themselves impact your site's overall performance (leading to frustration)   Now that doesn't mean that you should strip your content off ALL the visuals! Absolutely not! Just to be cautious and weigh your every choice, think through your every decision involving the usage of an image.  Once you've selected the truly essential ones, keep in mind:   not to no resize them (or optimize them in any other way) before uploading them to your CMS: let Drupal do the heavy-lifting here  to leverage the Responsive Image module's (Drupal 8) capabilities for resizing them to fit the given screen sizes   3. Content Before Design This is the right sequence to follow when you're designing (or re-designing) your Drupal site with mobile users in mind: First, you create and strategically organize your content and upload it to your Drupal 8 CMS. It's only then that you focus on styling and developing a responsive and visually-striking web design. If it's legacy content that you're dealing with, trying to convert it to mobile, the very first step to take when you develop a mobile-first content strategy is: Removing all the design elements from your written content.   4. Create a Hierarchy of Your Calls to Action Making the most of a small interface means also setting your priorities in terms of calls to action: Pair each one with a corresponding objective, evaluate them all wisely, then select THE call to action that's most critical for you and place it — and it alone — above the fold.   5. Organize and Optimize Your Content for Mobile Devices I'll briefly list all the key requirements that mobile-friendly content should meet — aspects to pay attention to when writing content for mobile devices — for I'm sure they're nothing new to you: the phrases should be kept short and concise, thus eliminating the burden of “never-ending-scrolling” the content should be sharp, targeted and skimmable, so users can easily “digest” it and modular, so that users can swiftly browse through it “modular” meaning made either of multiple clear paragraphs — each one standing for one thought — or chunks of 3 paragraphs at most    6. Optimize Media, too, When You Develop a Mobile-First Content Strategy And there are a couple of essential steps that you mustn't overlook when it comes to mobile-optimizing your media:   always go for thumbnails instead of video players that your users would have to load and thus strain on your site's valuable resources don't ever use autoplay on your audio and video content  optimize your sound, image and video files both for large and small devices   7. Trim Down Your Navigation Menu In other words: when you develop a mobile-first content strategy, consider simplifying your navigation to its truly essential links. No user would gladly scan through a “beefy” navigation menu taking his device's entire screen:   flatten your navigation: stay away from the technique of piling up submenus, layers and navigation points feel free to place the links that you'll remove on other places on your website (or even to turn them into calls to action)   8. Convert Your Legacy Content to Mobile-Friendly Content  If it's a legacy Drupal website that you need to restructure and to adapt to your mobile users' specific patterns for browsing through and consuming content on their smartphones, then it's time you:   dug into your static HTML … and cleaned it up   And by “cleaning it up” I do mean:   removing inline media removing the fixed-width tables eliminating floats with content  breaking it down into skimmable chunks of content   … that can be easily structured into content fields. The END! These are the 8 main aspects to focus on when you develop a mobile-first content strategy.  Now time to test the “saying” that: “Creativity strives under constraints.” … and to make the most of those small interfaces. ... Read more
Adriana Cacoveanu / Jun 11'2018
Top Enterprise Content Management Systems vs Drupal: Comparing Features and Prices 
Content is a way too valuable asset not to handle it with utmost care — from its creation to its revision, all the way to its... distribution. And with utmost efficiency, as well! But how do you choose the business software to “orchestrate” your entire content workflow? Since, on one hand, you have the top enterprise content management systems in 2018 and, on the other hand, you have... Drupal? And the dilemma that you're facing right now could be summed up like this: Choosing between a complex ECM system with a load of powerful tools that comes at a cost and a feature-rich one — already famed for its robustness and customization options — with no price tag on... Now to ease your decision-making process, let's compare these enterprise information management solutions, the top rated ones, to Drupal, by weighing their feature loads and costs.   1. But What Is an Enterprise Content Management System More Precisely? First, let's try to define what we mean by “content” in relation to a content management software: Content is all the written pieces of information entering and “moving about” your organization. It comes in the form of: internal process documents content for your company website (or blog) sales-focused content targeted, custom content available to paying cutomers only ... and the list goes on. As you can see, I've intentionally left out graphical and audio-visual content. And this because it's only text-based digital content that a CMS would handle. Now, coming back to our initial question: An enterprise content management system is a software geared at managing all the processes in your content's lyfecycle: creation, revision, publication, distribution to multiple channels, promotion etc. Packed with different sets of tools designed to automate all your content-based processes, an ECM system is a... “Swiss knife” type of business software. The one you'd use to streamline your content workflow(s).   2. M-Files, One of the Top Enterprise Content Management Systems in 2018 Introducing the enterprise-leveled information management solution of the year: M-files! The promise that it makes?  To break the “siloed information” pattern and enable users to access specific content from any buiness system, any device. … to easily access it, but also to organize it, to manage it, to identify particular information/documents, to set up custom workflows and even to manage document reviews.    Top features   version control  automated workflows pre-built search engine: you get to track documents by type, name, keywords; it provides within-text search features as well  notifications: users get alerted whenever they'll need to review or approve changes made to documents approval processing  permission management and offline access  integration capabilities: it easily integrates with Microsoft Dynamics, NetSuite, SAP, Salesforce  document collaboration tools: co-authoring features and check-in/check-out tools    Price Mi-files is one of those enterprise content management vendors that leverage the quote-based method for pricing their services. Basically, there are no standard prices, as there are no standard packages that they offer, only tailored content management solutions.   Cons The great majority of negative user feedbacks revolve around the M-Files mobile app's limited functionality.   2. OnBase  Another one of the top enterprise content management systems in 2018 is OnBase: An all-in-one software coming “equipped” with: business process management tools integrated document management tools records management tools And before I “expose” to you its most heavy-weighing features, I feel that I should put the spotlight on its versatility feature first: You get to easily configure your OnBase ECM system to fit any environment of choice.   Top Features    approval process control indexing version control built-in search engine document management   Cons Do expect a steep learning curve! So, be prepared to invest a significant amount of time in growing comfortable with using it. In learning to “juggle” with all its apps and functionalities.   Price You'll need to contact the OnBase team for a custom pricing plan.   3. Box  Box is a cloud content management platform built to assist you with:   online sharing your files storing your files integrating content across your entire “infrastructure” of digital tools via open APIs collaborating within your team   Top Features    granular access permission easy integration with other platforms  advanced security capabilities: device trust, watermarking, data governance easy integration with other platforms collaboration tools: a document management system that enhances collaboration among end-users on various file types and devices; tools which also enable them to choose the right storage place, to set up metadata-driven content workflows etc.   Cons Even top enterprise content management systems manage to collect their own “pile” of “bad reviews”. What users reproach OnBase here, for instance, is its user-based pricing model.  In other words, if you have +100 people in your company, expect to get charged separately for each email domain... and thus to overstretch your budget over time.   Price Box pricing plans start from €4.50 per user/month (we're talking about a starter business plan here) and can go up to $500 per month or more if it's a “build with BOX platform” plan that you'll select.   4. Drupal  And now that we've put the top-rated ECM systems in 2018 into the spotlight, let's see what Drupal here has to offer. How it can counterbalance all these heavy loads of tools, features, and functionalities.   Drupal's Key Features    advanced integration capabilities: Drupal “spoils” its end-users with conveniently accessible API, backed by a rich collection of modules built precisely for 3rd party integrations no maintenance effort required: since it runs in Acquia Enterprise cloud, Drupal gets automatically updated; maintenance is already included in the Enterprise support costs plan feature richness: and we're talking here about features, plug-ins (thousands of them) and content management tools that you get right out of the box modular architecture: which goes hand in hand with the unlimited freedom of customization that you'll get to leverage high performance: Drupal's already famed for its robustness and capabilities to withstand high influxes of traffic unmatched scalability a full toolbox (contributed modules here included) put at editors' disposal: Drupal's also won its reputation as a CMS that's been constantly improved to enrich the experience; all the in-built content-handling tools speak best of its “empower the content creator/end-user” philosophy   Price   license costs: unlike the top enterprise content management systems previously outlined, Drupal's open source; there are no license costs, only support costs associated with the Acquia Enterprise Platform  vendor lock-in: all modules and plug-ins that you might select and mix and match to custom-tune your CMS are free development costs: Drupal resources are available to anyone who wants to build and then to custom tune and scale up its CMS   In conclusion... … Drupal comes feature-packed and, moreover, it “spoils” you with unlimited freedom of customization. And all this without putting a price tag on. On the other hand, some of the top enterprise content management systems do tempt you with their feature richness, but at a cost. One that can go up precisely if you feel like customizing your ECM solution or scaling it up sometime in the future.  In short: you do get your share of customization freedom... but not for free. So, it's not really an “apples vs oranges” type of dilemma that you're facing, but rather an: Apples vs Apples with a price tag on ... Read more
Adriana Cacoveanu / May 29'2018
Which Are the Free Magento 2 Blog Extensions You Should Be Using? 9 Must-Haves
Informative, entertaining, engaging and... a key revenue source! These are just some of your expectations regarding your Magento 2 blog, right? Well, then, get ready to check them all off your “wishlist” digging through my shortlist of can't-believe-its-free Magento 2 blog extensions. From SEO-oriented to shipping-focused features, from functionalities centered on social media to those geared at enhancing page loading speed, these 9 extensions are, each, extra functionalities to inject into your blog. So that it (your blog) should serve your specific needs and help you reach your goals. And that without having to “stretch” your budget (there are only 100% free extensions in this list)... Oh, yes: and they're all wearing the signatures of certified Magento partners! And now, let's get straightaway to these must-have Magento 2 extensions that you should be turbocharging your blog with:   all of them “spoiling” you with configurations that make customization unexpectedly easy … blending perfectly into your blog's design and fitting into your codebase (no need to depend on an “army” of coding experts)   1. Magento 2 Image Slider  Let's review a visual/aesthetics-oriented extension first things first. For, as above-mentioned, a “money-making” blog shouldn't be purely informative and helpful, but... engaging, visually-arresting, as well. So, imagery does play its major part here! Now here are a few of this extension's key features:   supports no less than 10 sliders built-in support for inserting video text, image one of those fully responsive free Magento 2 blog extensions provides tons of animations, with Live Preview, for you to select from supports OWL Carousel  conveniently intuitive UI you're free to display it anywhere on your blog with CMS & Widget   2. Facebook Live Chat  A blog is the ultimate channel of communication with your brand's audience. With your e-store's regular and potential customers. Well, then moving from standard communication to... instant communication is a must if you want to meet their expectations. And this is what makes Facebook Live Chat one of the must-have free Magento 2 blog extensions.  It's that chatbox incorporated into your blog that's powerful enough to turn “just” guests into loyal customers. And now, let me point out to you some of its most powerful features:   there's a Like button and a store profile incorporated into the chatbox user statistics capabilities unlimited History Chat you get to set upcoming events, define greeting text and integrate your e-store's Facebook profile into the chatbox simple backend operations for enabling/disabling the chatbox displayed on your blog familiar UI; a Facebook Messenger Interface-alike chatbox    3. Magento 2 Lazy Load  A must-have extension for your Magento 2 blog if you care enough about the user experience that you provide there. And page loading speed does play a key role in improving/negatively impacting it.    Moreover, besides optimizing your blog's performance, Magento 2 lazy load creates some aesthetically-pleasing image transitions influencing the UX. But let's get deeper into details and “unearth” all those advanced features that make this extension one of the must-haves:   it helps you save your web server resources —  saves bandwidth and minimizes server requests it creates smooth, blurring effect transitions for your lazy load images … and a smooth, visually-pleasing transition when users keep scrolling down your pages it gives your blog a ranking boost by creating friendly code strings it optimizes your blog's page loading time you're free to enable/disable the “Lazy Load” mode for each one of your blog's pages you get to set advanced time point for loading pages   4. Better SEO, One of the Free Magento 2 Blog Extensions You Should Be Using Inject Better SEO into your blog and... propel it in the search engines results! And it's not “just” packed with clever features, but ideally easy to use, as well. Built to fit into your blog's existing code structure and to empower you to customize it to serve your SEO goals in detail. I'm talking here about:   meta descriptions meta keywords   … that this extension's flexible enough to allow you to insert quick and easy. Now that we've settled that Better SEO makes an ideally customizable, blog/store-friendly extension, let's check out its powerful features:   SEO checklist —  a more than handy “TO Do” list, pointing out to you the SEO tasks to complete for reaching a high SEO score its detects duplicate content issues advanced HTML/XML sitemaps —  one for the users, the other one to be used by search engines structured data — implements schema structured data metadata template rules —  easy to define mass and dynamic metadata for your pages, categories, layered navigation provides you with actionable SEO reports rich snippets preview cross links social optimization    5. Exto Analytics Applying a marketing strategy that lacks the proper data-fuel is like aiming at a target... blindfolded.  So, if relying on pure chance doesn't define you and if you want to go beyond the data provided to you by the native Magento 2 reporting functions, go with Exto Analytics. Here are some more heavy-weighing reasons to do so:   real-time mobile dashboard, so you should remain “connected to” your data anytime anywhere convenience at its best when it comes to handling your reports — you get to sort data by specific columns and even to turn off the columns feature itself date range picker —  compare and evaluate your blog's performance on different periods of time your previous data gets added to your reports, as well, once you install the extension a chart, enabling you to visualize all data reports in parallel   6. Magento 2 Admin Theme From user experience to... admin experience. As your own blog's admin, you should also consider making your dashboard's more user-friendly and intuitive. For a high level of convenience on your side will bubble up, eventually, in the experiences that you'll create for your visitors. But let's see specifically what makes Admin Theme one of the best Magento 2 blog extensions to use:   mobile optimized easy to use and quick to customize retina ready clean, neatly structured code a different interface for Login & Forgot Password admin icon font translation-ready   7. Magento 2 Infinite Scroll It does precisely what its name says: it keeps loading content, without interruption, as your blog guests scroll down. Fluidity in the way you present content to your readers translates into improved user experience! And now, let's scan through this extension's specific features:   you can display and easily change the “Show” button, along with its loading text the navigation bar can be placed anywhere on the page you can implement it both on your category page and in the search page the pages that your readers land on get automatically loaded  while scrolling down, your blog guests know, at all time, what section on the blog they're on you get to customize your progress bar to your liking users get to share the links of those specific pages that they reach during their scrolling (for instance, if they're on page 8 of your blog, they can bookmark/share the link of precisely that page)   8. Better Blog  Now, let's imagine that you don't own a blog yet, “only” an e-store. And that now you want to integrate a simple blog, as well. One that should:   be conveniently easy to configure have a beautiful layout design to “wow” your readers with load fast come packed with much-needed backend features, making updating content unexpectedly easy for you, the admin   Checked, checked, checked! The Better Blog is undoubtedly one of the must-go-to Magento 2 extensions no matter the size of your current e-commerce site. Once integrated into your Magento store's backend, you'll get to manage both your store and your blog from the very same place. Here are the main reasons why it still is one of the best Magento 2 blog extensions:   SEO friendly: SEO-friendly URLs, metadata information, XML sitemap  open source code layered navigation, with a significant impact on UX (your blog guests get to quickly track precisely those posts that they're looking for out-of-the-box comment functionality: Disqus Comment, Facebook Comment blog topics built-in product recommendations feature: "Who Bought This Also Bought", "Auto Related Products", "Frequently Bought Together" the option to integrate your store or your blog's sitemap responsive design social sharing buttons blog widgets: show your (recent) posts on your site's homepage (sidebar here included)   In short: you get to integrate a simple blog with your e-store with no need for a third-party framework! Moreover, you'll be managing comments, categories, posts, right from your Magento 2 admin, quick and easy. And you'll get informed each time when a blog guest has posted a comment, not to mention that the extension grows into a powerful “ally”, supporting your SEO efforts. One of the must-have Magento 2 extensions without question!   9. Magento 2 SMTP  A powerful extension to “turbocharge” your Magento 2 blog with so you:   gain total control over your email customization process get enabled to run test sections on your Magento 2 SMTP server   And it does all that by providing your blog with configurable port and host. Now, let's go through its cool features:   it stores all sent emails logs built to support 20+ SMTP service providers enables you to test how well your current email setting's doing it empowers you to customize your emails in the slightest detail   The END! These are the 9 best Magento 2 blog extensions that you should be using. Scan them through, “weigh” their feature loads while setting them against your own needs and growth plans for your blog and... go for the most suitable ones! ... Read more
Adriana Cacoveanu / Apr 27'2018
Which Are The Best Magento 2 Extensions to Boost Sales on Your e-Store With? Top 5
They use the same platform, Magento 2, therefore (theoretically) they all leverage the same functionality, same features and loading performance, right? And yet, there are e-stores that... stand out! There's no secret here: it's the powerful extensions that “fuel” their success, extending their functionality. And which are the best Magento 2 extensions for you to consider? Which of them best fit your own e-commerce site? For we're talking here about 1,500+ extensions for Magento 2. So, needless to add that there's a dedicated tool for pretty much any specific e-commerce requirements that you might have:   to easily manage your inventories to streamline all your customer & supplier-involving operations via a centralized system to easily monitor and quickly track sales for creating invoices to have tracking metrics and in-depth marketing analytics at hand   In short: it's the Magento 2 extensions that supercharge your e-store with even more functionality; that help you provide your customers with that ideally convenient and feature-rich shopping experience that they're expecting.  The one that will translate into... boosted sales! And now, without further ado, here's the shortlist of 5 best Magento 2 extensions for you to evaluate:   1. Deliver Date Scheduler It's in the (little) details: Winning your customers' trust and eventually their loyalty and … spiking your sales. “Details” like this can't-live-without Magento 2 extension here which practically:   takes the unknown and the uncertainty out of the equation (out of the entire order delivery process) “empowers” your customers, who get to choose the most convenient dates for their products to be delivered; and it's you, the admin store, who'll make the date suggestions, based on your product availability and shipping provision     And there's more!  This extension's a toolkit all by itself, actually, packed with various features ranging from:   the option to trigger reminder emails for your customers the option to select a calendar view and a particular format for that delivery date and time of arrival that will be displayed to them the option to enable your customers to keep a close track of and to constantly monitor their ordered products' delivery process   2. Magento 2 Store Credit And here's another one of those feature-rich, “Swiss knife” type of tools on our list of best Magento 2 extensions! One loaded with so much “store credit-centered” functionality that it would be a pity not to have it on your e-store. Here are just a few examples of what it can do and how precisely it's going to enrich and make your customers' shopping experiences even more convenient:   customers get to use their credit for purchasing any available product, anytime you, as the store owner/admin, get to refund your customers by credit they get to spend it for paying their shipping fees, taxes they even get to share their store credit with their friends, family customers can either earn or buy  their credit  you, the store admin, get to easily add/subtract the specific credit values right from the backend an easy way of keeping track of the store credit balance & history in the same place   And, surprisingly enough, this list goes on and on. Now with so many powerful features, all bundled into one extension, each one adding a different layer of “convenience” to your customer's shopping experience, you just can't afford overlooking Magento 2 Store credit!  3. Best Magento 2 Extensions: Use the Follow Up Email as Your “Trump Card” And you hit the nail right on the head with this extension here! Whether it's: discreetly guiding your customers back on the “right track”, the one leading to a purchase    turning customers into your brand's advocates, winning their loyalty through perfectly tailored, strategically set up follow up emails  … this Magento 2 extension here is your most reliable ally. But let's talk facts/functionality. Let's see what is it that the Follow Up Email extension can help you achieve:   shopping cart triggers: guide your customers back to their temporarily abandoned carts trigger wish lists: shared, product added customer triggers: billing and shipping address, logged in, subscriber, birthday set up your own custom schedule and automatically send emails on those specific dates use Google Analytics to monitor your email marketing campaign's performance support multiple pre-created emails for each event type custom-tune the design of your emails' templates to your liking define as many rules and conditions for each event type, that you create your emails for, as needed   And the list of conveniences for you, the store admin goes on (e.g. test emails that you can send) and those with an impact on your customers goes on. In short: the Follow Up Email is one of those Magento 2 extensions that can make a difference between just “selling” and clever, targeted sells. Between a shopping cart abandoned for good and a completed purchase order. Between a one-time shopper and a regular customer... 4. Hide Price Another powerful extension, whose functionality you should fully “exploit” when setting up your pricing policy. One that perfectly fits your store's specific e-commerce requirements and needs. And its functionality comes down to:  enabling you to manage price display on your product and category pages and to hide prices for guest visitors or certain customer groups Now, if I am to detail a bit on this functionality, it's an entire collection of advanced features that I'll eventually dig up:   remove/replace the standard “Add to cart” button with a custom button text that should instill your customers to perform the action you want them to (e.g. to register for getting the price) restrict price visibility to particular customer groups get notified of any new quote requests  … send email replies to those requests trigger pop-ups whenever your store guest clicks your custom Add-to-cart button, pop-ups geared at collecting user data so you can tailor your product prices accordingly hide price for particular products hide your “Add to cart” button for the non-logged-in visitors on your website   Adjusting your prices to your customer's needs and expectations —  and you can do that only after you've collected enough relevant user data — is what will stand behind your customers' loyalty and your high conversion rate. And it's Hide Price, one of the best Magento 2 extensions, that can “fuel” your strategically thought out pricing policy! 5. Reward Points High-quality products/services, phenomenal customer service and hard-to-resist-to prices aren't enough for engaging (and hopefully converting, as well) your store visitors.  In this respect, the Reward Points Magento 2 extension is a true... game changer! One to add to your wealth of resources at hand for boosting your sales and “luring” returning customers. It enables you to reward them in multiple ways! And now, let's pass in review some of its most powerful features:   several ways for your customers to spend their credit points you're free to set up different spending & earning point rates customers get to earn credit points if/once they've referred to a friend they also get to keep a close track of their transactions' history and points' balance right from their “My account” page set up your rewarding policy by product, behavior, catalog, cart, you name it define a maximum no. of points that a customer can gain or spend on a particular product   The END! These are the very best Magento 2 extensions: powerful enough to “fuel” your growth plans, advanced enough to help you enrich the shopping experience that you provide on your e-store. ... Read more
Adriana Cacoveanu / Apr 23'2018