Web Design
Thursday, 15 December 2016 13:57

What the Future Holds!

Web Development Spain

2017 is approaching, so what does the future hold for your business online? Nobody can accurately predict everything, but a clear pattern is forming!

1. Mobile Websites: It's no secret that mobile computing has now taken over! If you haven't got a mobile compatible site by now you may as well pack up and go home. Simply because there's a world of business opportunities out there......and you won't be seeing any of it! You are outside looking in!
Walk down the street, go into any bar.....and what do you see? People on smartphones! And they won't be looking at sites that are not mobile compatible. In fact, they may not even be given a choice if they want to see a desktop based site, as Google will be basing rankings on the mobile version as per their recent Mobile First announcement. No mobile version? No ranking!

2. Desktop Websites: These will now have less importance, so do not design a site based purely on what you see on a traditional computer. In fact, some analysts are speculating that we could be entering an era where the clock is now ticking on this technology. Personally, I don't ever forsee a time where traditional sites will become redundant.....but there's no doubt that their importance and relevance are going to keep diminishing as each year passes.

3. Voice Search: Semantic search and user intent based on natural language patterns rather than basic keywords is going to become the norm. Voice-based queries are generally much longer, and phrased in a more natural way, so ensure that your site delivers information in a conversational (but professional) manner. Communicate by giving answers, not sales pitches!

4. Site Loading Times: As more and more usage switches to mobile, don't overload your pages with a large number of resource-heavy material like videos, high resolution images etc. Obviously don't dumb the pages down and make them appear bland to your users, but maintain a balance between form and function.

5. Fast delivery of relevant information: People want info.......and they want it immediately! So ensure that what people initially read on mobile is going to grab their attention. Don't waffle on about things that are irrelevant to their needs or interests.....just get the message across!

So that's the way things seem to be heading! Good practices like quality content, user experience, intuitive navigation, Social Media marketing, and SSL security are still the foundation on which your site is built. But Mobile Rules!

What do I think? Personally, I think the whole world has gone mad! We have now reached a scenario where the majority of people are living their lives vicariously through mobile phones!
I'll take real life any day! The storyline at my age may be a bit monotonous but the visual experiences more than make up for it!
See you in 2017!

For more info contact us at

Published in WebSpain
Monday, 28 November 2016 13:07

Mobile First!

Mobile Devices

Google have announced major changes to the way they index websites! It's now Mobile First!
What this means is that instead of Google using the content of the desktop version for evaluating a website, they will now be visiting the mobile site first. Effectively, the desktop version has been demoted.
We've been into the mobile era for some years now, and if you still don't have a mobile compatible site in place, then you've got a problem. Google have stated that they will still crawl the desktop version, but how high you're going to rank with just that one option remains to be seen.

If you've got a mobile compatible site then you're still not necessarily in the clear. Because if your mobile site was just a barebones "stripped down" version containing limited content.....then that's what will be evaluated and your rankings will drop accordingly. In fact, Google have even said to remove sites like this until they are on a par with the desktop version.
That's a worrying scenario for those people who've paid for a mobile site, because now they're going to find that what they've got is not what Google wants! They'll probably need a new mobile site, which may well entail having to replace the desktop version as well.

However, if you're a WebSpain client you'll know that there's never any need to worry! This will not affect you!
Simply because we've only ever built mobile sites that contain the full content of the desktop version. No difference whatsoever, and it's been that way since we started building mobile compatible sites four years ago. And unlike others, we never charged extra for mobile compatibility, they came that way as standard!

To summarise, businesses without mobile compatible sites have got a problem, and businesses with stripped-down mobile sites have got a problem!
WebSpain clients can just relax, you don't have a problem........because we were ahead of the curve on this years ago!

For more information contact us at

Published in WebSpain
Saturday, 05 November 2016 09:24

HTTPS/SSL Security is Taking Over!

HTTPS Websites

HTTPS/SSL security on websites is important! I've been saying it for some years, and recent statements from Google demonstrate that it's now becoming the minimum acceptable standard......"A web with HTTPS is not the distant future. It’s happening now, with secure browsing becoming standard!"

Let me clarify that! It's now no longer evaluated as an optional addon that gives additional benefits......it's now classed as a critical indicator of your professionalism. Google is not in the business of deliver poor or potentially unsafe search results to users, so it's looking for signs that demonstrate you are a serious business entity. Basically it needs to know that you are who you say you are, and that any site visitors are not at risk of identity theft, phishing etc.

This is part of a mission that Google have been on in recent years to make the web a safer place. And it's really picked up momentum now. Here's their latest Security Bulletin where they say "More than half of pages loaded and two-thirds of total time spent by Chrome desktop users occur via HTTPS, and we expect these metrics to continue their strong upward trajectory".

Google Blog

We're now heading towards two classes of web sites......the professional and secure ones with HTTPS, and the unprofessional and insecure ones who are trying to do everything on the cheap while taking no responsibility for their clients' personal security. 
If you were Google, who would you recommend in search listings? If you're a site visitor, who would you trust to do business with?

As I've listed before, these are some of the benefits of having HTTPS/SSL data encryption in place:
1. 2048 bit encrypted connection between the user and the site giving a higher level of security for data transmission.
2. An SSL certificate also provides authentication. This means that users can be sure that they are sending information to YOU, and not to a criminal’s server.
3. Protection from Phishing, where a criminal tries to impersonate you or your website.
4. Dedicated IP address that gives you protection from any IP blacklisting of your site and e-mail caused by other users on the shared server IP address.
5. Enhanced professionalism giving clients confidence in doing business with you.
6. Trust! Browsers give visual cues, such as the lock icon in the address bar, which tells visitors that their connection is secure.
7. SSL is a criteria for search engine ranking, so potentially higher placement in searches.

None of the above is opinion! None of it is conjecture or hypothesis! It's the cold hard facts with verifiable links to substantiate them. Do YOU need it? Once again, I'm not going to give you an opinion!
I'll just let Google answer that one...."As the remainder of the web transitions to HTTPS, we’ll continue working to ensure that migrating to HTTPS is a no-brainer, providing business benefit beyond increased security. Don’t hesitate to start planning your HTTPS migration today!"

If you require any more info just contact us at

Published in WebSpain
Tuesday, 25 October 2016 09:55

Worried about Dirty COW?

Server Vulnerability

Worried about Dirty COW? You should be, because last week a serious vulnerability was discovered in the Linux kernel which runs the majority of the world's servers. It was so critical that it can lead to a privilege escalation, denial of service, or information leaks. And it's called Dirty COW! Why the name Dirty COW? It gets its name from the Linux sub-system, called Copy-On-Write or COW, in which it appears.

You may well have seen reports in national dailies about it, and now it's spread to Android Phones as well. Basically, if you've got a website then you are potentially at serious risk because it could take weeks before web hosts get round to patching the kernel on their servers. Then the server will need to be rebooted resulting in downtime.

Unless of course you're a WebSpain client! Because when we switched to Cloud Linux earlier this year we also purchased Kernel Care as part of the package. KernelCare keeps Linux servers secure with all the latest kernel patches available immediately, and they're automatically applied without needing to reboot the server. So no security issues and no downtime! 
It keeps running permanently and checks for any kernel security updates every 4 hours. If there's an update available, it just applies it without any human intervention or downtime. Our kernel was patched on 21st October......literally as the news broke.

If you're not a WebSpain client then you just have to cross your fingers that somebody is going to take action at some point to protect your business interests. Timescale is impossible to estimate......but I can guarantee that the less you paid for your hosting then the longer it will take. If it's even patched at all! But that's what happens when your main priority is cheap!

It just demonstrates, once again, how proactive we've always been in this area, and how not all web hosting is created equal.
If you're serious about your business then you need a serious provider. If you're not serious about your business, or perhaps you just don't care......then there's plenty of providers out there that would be a perfect fit for you. But we're not one of them!

Any queries just contact us at

Published in WebSpain
Thursday, 20 October 2016 11:29

Life on the Dark Side!

Business Web Hosting

We've always attempted to keep our clients safe from the undesirable elements and the grief that go along with doing business on the Internet. In effect we keep you within a protective shield so you don't see these things. Therefore you don't get grief. It just works! You don't even need to think about it!

I'm sure you're all familiar with the phrase "you get what you pay for", and this has never been more true than in the case of internet services. Particularly web hosting! Over a year ago, we published an article "Not all web hosting is created equal" where we detailed exactly what we bring to the table in terms of web hosting services. But things have changed since then......we've advanced even further with the addition of Cloud Linux on the servers.

We believe that no other web designer providing hosting services offers the allround quality of service that we deliver.....day after day.
And this is not just at server level......it's also at site level, which no other web host will manage for you. With a normal web host, your site is your responsibility.....not theirs. But in our case, we handle it all to give you total peace of mind.

Obviously I would say that....wouldn't I? But what about the experience of a former client who went elsewhere, and actually discovered for herself what life is like on the Dark Side?

"The saying "You do not know what you have until it's gone" has never been so true for my husband and I.
Having been with WebSpain for around 9 years, WebSpain not only built our two business websites we were a hosting client too. During this whole time we had no issues whatsoever with our sites or hosting.

However as time went on our sites were considered "old " in the techno world and we didn't really have time to get round to upgrading them. This meant that as our sites were old, Webspain could not really support them any longer on their servers, as they are exceptionally up to the minute with hosting etc. Therefore we had to move. We changed to another hosting company and have had nothing but problems since. These varied from no e-mails, lost emails, and site down time, all of which is a nightmare when running a web based business. In the end we could not even get our e-mails.

So in desperation, we went to Pete for help and he ended up logging onto their server and rectifying the issue that the other hosting company were unable to do. The standard of service and professionalism of WebSpain can really not be compared to the many other companies out there. Believe me, we know and it has cost us dearly".

And that is the reality of the situation! I know the hosting company that she's with, and overall they have a good reputation. But we deliver a total allround package that far exceeds what any pure web host offers......and once you get accustomed to that as being the norm then anything else is going to fall short.

We haven't published this to blow our own trumpet, we've published this to make you aware of the reality here. And the reality is that you cannot compare the service that a basic web host provides against the totally rounded and all encompassing range of services that we deliver. They are totally different things.

In some cases you could save yourself a few Euros by switching to someone who just provides web hosting.....or you could even pay more. But in both cases you are still not going to get the allround level of service that we deliver.
All you will do is introduce a different element into the equation. And that element is grief! And going from my experience, the less you pay, the more the grief is going to increase! Just remember that not all web hosting is created equal, and Life on the Dark Side may not be what you expect.

Any queries, email us at

Published in WebSpain
Tuesday, 27 September 2016 10:18

Have you been Compromised?

Internet Security

Have you been Compromised? I would be pretty sure that you already have been.....but you don't know it!
Would you like to find out for sure? Then read on......because we have a simple online check for you.

You may not know, but over the last few years, millions of email addresses have been leaked, stolen and sold in hacking attacks on thousands of websites!
This is big business, because your information and data is worth money! The results of this test may well be a shock to those people who are concerned about the security of their personal information. For those who are not remotely concerned about security, and there are a percentage who fall into this category, it still won't register. Nothing ever does until they get totally blitzed.

So here is the test.....just enter any e-mail address that you use then see the results: https://haveibeenpwned.com/
If your data has been compromised (and my guess is it will have been), then the screen will turn red and you will be told where the data breach has happened. 

Your next course of action is to visit the sites that are listed and change your passwords to something very secure. You should do this now......not later!

What can you do to protect yourself in the future?
1. Your website should be running on the latest software.....not on an application that has been outdated for years.
2. Your website should have SSL Security in place.
3. Your website should be protected by a security firewall.
4. Stop using high risk webmail accounts like Yahoo, Hotmail etc. GMail is by far the best option.
5. If you have accounts on other sites under your e-mail account, then keep changing the password regularly.
6. Any passwords you use should be complex using a combination of low and upper case letters, and symbols.
7. Use professional security programs on your computers such as Kaspersky or Eset.
8. Backup the data on your computer to an external drive on a weekly basis.
9. If you're not using your computer.....then turn it off! Don't leave it permanently connected to the internet.

That's my advice.....given in good faith, and in your best interests! I can't do anything about the points from number 4 onwards. Points 1 to 3 fall into our area, but unless you're prepared to take those points seriously we've very limited in what we can do to protect your interests.

Was I compromised? Yes.....on Linkedin and DropBox, but I dealt with those issues immediately, so the risk was eradicated. But I keep on top of security issues and take it very seriously.....do YOU?

If you need any advice just contact us on

Published in WebSpain
Friday, 02 September 2016 12:25

Is your Business worth a Coffee?

SSL Site Security

Is your Business worth a cup of Coffee a week? Because it seems that many site owners out there don't seem to think so!
And unfortunately for those people, Google are now telling their site visitors exactly how much value they actually place on it.

I'm talking about SSL encryption! Because for the past few years Google has been telling people how important it is to have SSL security encryption on their websites. We first brought it to your attention over two years ago in SSL for SEO

Since that time we've updated you on the increased importance that Google (and other search engines) have been applying to it. In fact Google has even gone as far as to confirm they are interpreting the presence of an SSL certificate as a criteria in search engine positioning.....as we announced back in July 2015 in GOOGLE AND SSL SECURITY.

Now things have moved on again! In the past Google were giving incentives for site owners to put this in place. Now they're potentially penalising insecure sites by warning users that it could be a risk to their personal security. Effectively they're saying "We've given you two years to put this in place.....you haven't bothered, so now you're going to be penalised".

They're doing this by showing a warning icon in the browser address bar if SSL security is not in place. Prior to this, it was just a fairly innocuous blank icon of a page.....but now it's a large "I" denoting important information. Here you can see the difference between safe and unsafe sites:

 SSL Warning

As you see, WebSpain is in green with the padlock displayed, while the insecure site has the "I" icon. And when the user clicks that icon they are told "This page is not secure".

We didn't even notice that this system had been put in place! It was only when a client contacted us about one of their customers being reluctant to fill in an online form due to the risk of data theft, that we became aware of it.

As we've covered before, SSL encryption protects you and your clients from the risk of data theft and phishing. It also gives you potentially improved search engine positioning, while enhancing professionalism and client confidence. Additionally, you are protected from anybody else on the server getting the shared IP address blacklisted.

Ultimately it's your choice on whether you choose to implement it......we are just making you aware of the direction that things are headed. Taking this further, if they decide to redirect straight to their full page insecure message then users will see this:

Site Warning

Personally, I wouldn't bet against them putting an "Unsafe Site" warning in the search listings as well. Be aware that this isn't going to go away! If anything, they'll up the ante even further! So I would suggest that you address this issue now.....before your business starts getting disrupted.

Look at the benefits of SSL encryption......and balance that against the cost! It isn't even 2 Euros a week, which basically equates to a cup of coffee! Our businesss is most definitely worth a cup of coffee a week......is yours?

For more information contact us at

Published in WebSpain
Sunday, 21 August 2016 07:35

Brute Force Attacks

Brute Force Attacks

There's been a marked escalation of Brute Force Attacks aimed at popular web applications recently! 

First let's establish what is a Brute Force Attack?
Essentially it's a number of remote computers who control thousands of other infected computers that bombard your site with hits from thousands of IP addresses. Their target is the Administrator login area in an attempt to get access.
Besides the risk of them getting access, there's also the knock-on effect of this extreme volume of traffic on the server itself. This sort of scenario can bring a server to a complete halt with all sites going offline as a result. But in the case of recent attacks nobody else was affected.....only the actual site that was under attack. And we can thank Cloud Linux for that!

So what can you do about this very real threat?
The only solution is the installation of a commercial firewall on your site BEFORE an attack happens! I'm not going to openly divulge what it is and what it does for obvious reasons....but it works! 
Be aware that if you do come under Brute Force attack without the firewall then Cloud Linux will just take your site offline till the attack subsides. That way no other clients are affected.....just YOU! How long until it comes back online again? That depends on how long the attack is sustained for......the last one was hitting the server from 8500 IP addresses, so it's not as if we can blacklist 1 IP and be done with it. If only it was that simple!

When the attack subsides we will then be able to access the site and install the firewall to prevent any further disruption. But until that point we're limited in what we can do because the attacks are coming in thick and fast from thousands of locations throughout the world. So if you're the next target be prepared for some downtime if you don't have this firewall in place ready.

One thing I can confirm though.....no sites were compromised in any way and nobody got access. We're proud of that because it's a testament to what we already have in place! But with the site firewall as an additional security layer we'll then be in a position to pick them off en-route.....well before the stage where the site goes offline. If you want business continuity, then this is the way forward.

Effectively, the bar has now been raised in terms of security threats. So to counteract this we've got to offer additional commercial security applications installed into the sites (not the server) to protect our clients' interests. We're certainly not burying our heads in the sand! If you choose to bury your head in the sand then that's your choice....but be aware it's only a matter of time before somebody else becomes the next victim. Really, the only question on my mind is "Who's Next?"

Contact us at  to get protected!

Published in WebSpain
Friday, 05 August 2016 13:23

The CloudLinux Era!

Cloud Linux

We've now entered the CloudLinux era, as our main UK server is now running on this commercial operating system. CloudLinux is purely designed for shared hosting environments, and delivers numerous benefits to you as a user, and to us as a web host.

1. Each account is contained within a “Lightweight Virtualized Environment” (LVE), that totally isolates each user. This means that tenants cannot jeopardize the stability of anybody else's site, or the server, because each one will be allocated a specific amount of memory, CPU etc that they can use.

2. CloudLinux OS also “cages” tenants from one another using a component called CageFS to minimise the risk of security breaches. This way, unstable scripts or malware are unable to spread across other sites causing defacement. This short video is a bit simplistic but it shows how individual users are caged to prevent them causing harm to anybody else's site.

{lightyoutube}B4NMEUioUXI{/lightyoutube}

3. LVE Manager will limit all CPU, IO, memory resources, numbers of processes, and concurrent connections per each user to maintain stability right across the platform.

4. CloudLinux comes with a PHP Selector which will allow users to define the version of PHP that they use. But unlike others, we will not be using this component to continue to run outdated and vulnerable versions of PHP. 
If PHP have discontinued security updates for a particular version then it will be removed, because we won't abuse this feature by turning it into a "workaround" for potentially vulnerable software. That's just asking for trouble.

5. We have also implemented the additional security initiative known as Kernel Care! This automatically updates the linux Kernel of the operating system as soon as vulnerabilities are discovered. There's no waiting weeks for patches to be released while you remain at risk......it happens instantly!

The implementation of CloudLinux was something that we have been working towards for many months. Earlier this year we doubled the server memory to 32GB, and changed the PHP handler to FPM-FCGI, in order to take full advantage of CloudLinux and recent advances in server processes. 

And when the time came to implement it, we didn't just get the datacentre support staff to handle the process, we took the unprecedented step of paying for the services of an external CloudLinux specialist to carry it out. Simply because we wanted to ensure that all aspects of this operating system were deployed in the most effective way possible.
It's a very specialised system, and a generic "one size fits all" installation is not what we wanted. We wanted it fine-tuned and optimised just for our sites!

As I've stated before, not all web hosting is the same. We know for a fact that we were already offering a far superior hosting platform to our competitors anyway.....the majority of which only operate on reseller accounts on other companies' shared servers. I'm not knocking that......we all have to start somewhere, and that's where we were 15 years ago.
But the reality is that you can't compare that environment to the type of infrastructure that we deliver via our own private dedicated servers. Now with the addition of CloudLinux, we've taken a big step forward once again!
We're determined to offer our clients the very best in all areas......and we'll make whatever investments that need to be made in order to achieve that, at no additional cost to yourselves!

Bottom line is that nobody else does what we do.....in the way that we do it. That is absolute fact, and for those of you who've been with us for many years......I'm not telling you anything you don't already know.

Any queries, just contact us at

Published in WebSpain
Wednesday, 06 July 2016 17:47

Do you need HTTPS/SSL?

SSL Certificates

If you think you don't need HTTPS/SSL security on your site, then you may need to re-evaluate this opinion as things are changing.

Back in August 2014 we published an article called SSL for SEO. This related to the announcement that Google had made at the time informing webmasters that HTTPS/SSL security was now a ranking factor in search engine positioning. So what's changed since then? At first not much......but stats now demonstrate that having SSL security in place is getting very important.

Let's first look back to July 2014 prior to Google's announcement! This chart shows that only 7% of the results delivered on the first page of Google were sites with SSL encryption.

Importance of SSL

Fast forward two years.....and now the chart shows that the percentage of sites with SSL on the first page of Google is 35%.

Benefits of SSL

At the current rate of increase we're going to hit 50% earlier next year. And industry analysts consider that 50% could well be the balance point where Google really turn up the algorithmic volume on SSL. In the initial stages they couldn't downgrade sites for not having SSL because it would diminish the quality of their search results. But now the bigger players like Wikipedia, Amazon, Facebook, YouTube, eBay, Twitter etc are all on board with SSL.....things are likely to change.

So what is SSL? Basically it's a a 2048bit data encryption method, and these days it comes with multiple benefits:

1. 2048 bit encrypted connection between the user and the site giving a higher level of security for data transmission.
2. An SSL certificate also provides authentication. This means that users can be sure that they are sending information to YOU, and not to a criminal’s server.
3. Protection from Phishing, where a criminal tries to impersonate you or your website.
4. Dedicated IP address that gives you protection from any IP blacklisting of your site and e-mail caused by other users on the shared server IP address.
5. Enhanced professionalism giving clients confidence in doing business with you.
6. Trust! Browsers give visual cues, such as the lock icon in the address bar, which tells visitors that their connection is secure.
7. SSL is a criteria for search engine ranking, so potentially higher placement in searches.

If those benefits are not important to you, then there is no need for you to consider SSL. However, if that's the case, I would advise you not to make statements in your terms and conditions like "We take your security and data protection seriously".....because in reality you don't. So probably best if you omit that part because you're leaving yourself wide open.

To summarise, HTTPS/SSL encryption delivers numerous benefits to both site users and site owners alike, and it's importance is going to continue to rise.
At some point it may well be that those websites without HTTPS/SSL will be viewed as inactive or dormant businesses. Or even worse, as some analysts have suggested, Google may show a message to users warning them that it's an insecure site, or actually force HTTPS through the browser. If that happens, it could have catastrophic effects on businesses without SSL security.

We've used HTTPS/SSL on our site for almost 10 years now.....simply because it was the professional way to do things. For those of you considering making the switch now, there's many more incentives to do so as I've indicated above. Because you never know, in the future it could come down to Google viewing unsecured sites as.....NOT ENCRYPTED? Then you're NOT RELEVANT!

If you have any queries contact us at

Published in WebSpain

Been let down by other Companies? It's time to speak to WebSpain!   Contact Us