Can you get better SEO with WordPress or Shopify?

Recent years have seen the rise of many hosted website and ecommerce solutions such as Wix, Square Space and Shopify.  These can be good solutions for many small businesses, but its important to know certain things about how SEO works within these platforms before making your decision about which platform is best for your website.

As an SEO Strategist and WordPress developer, one question I get often is, “Is SEO work as effective in a Shopify site as it is in a WordPress site?”

That’s a great question.  The answer starts with a “Yes, but…”

We can do very good SEO work on Shopify, Wix and Square Space sites, however we’ve seen that results typically take longer to come to fruition, and indexing is not as fluid or comprehensive with these sites as it is with WordPress.  WordPress will nearly always yield better results from SEO work, for a few reasons.

1. All hosted application sites are canned and therefore limit control of the website admin over the website environment.

When you sign up to host your site with Shopify, you are given a bit of website space under the domain, in what is called a subdomain.  For example, your site’s URL would technically be “”.  Domain masking can be applied so that “” gets forwarded to “”,  but really your site and its entire body of content is under the control of the parent domain.  Sites like Shopify and Wix are actually applications, whereas WordPress is a script.  That probably doesn’t sound like a big deal, but it’s actually a very important distinction.  Running your site through an application means that your control over many elements are very much limited, including your control over the SEO meta in your site.

2. WordPress performs better because it is more customizeable.

One of the hallmarks of WordPress and certainly one of the reasons it is the most widely-used web platform is that it is so customizable, not only in terms of how you can build a website, but also how much SEO meta can be implemented.  Shopify will only allow you to have 20 keyword phrases at any given time.  You might be able to enter more than that into the site pages via the admin, however the system will filter those keywords so that only 20 are readable by engines at any given time.  This limits you to 20 keyword phrases that can be indexed for you site.  Compare that to an unlimited number of keywords that WordPress will allow, and that makes a huge difference, especially for larger sites with lots of pages and posts.

3. Shopify limits your control and access

Shopify, Wix and SQuare Space (and others like it) limit direct access to robots.txt, and deny XML control.  Shopify will also limit the number of words allowed in each keyword phrase to 2.  This is a big deal – its the difference between ranking for “Car Wash Denver” and just “Car Wash”, which can make all the difference if you are trying to attract customers locally in Denver.  This specific example also means that instead of competing with only a small handful of other car wash sites in Denver, you are now competing with ALL care wash sites in the world.

While limiting control and access to parts of the site does prevent site owners from accidentally making a potentially wrong move in their own sites, it also means that an SEO expert cannot come in and customize settings in these areas to tailor how search engines view your site or how Google can index your content.  One of the biggest benefits of working in WordPress is that you are afforded access to every file and feed in your site.

So – if your site is already built on Shopify, Wix, Square Space, or another application site with a monthly fee, we definitely can do effective SEO campaigns in conjunction with the limitations of these platforms.  We just want you to be aware that results will most likely take longer to appear in your reporting.  SEO is a long game anyways, so what’s a few more weeks?

Learn about our SEO Products & Services!

If you’d like to discuss how BluErth can implement an effective SEO strategy in your site, please contact us!

Is WordPress a Safe Platform for my Website?

WordPress is the world’s most-used content management software for small and medium sized websites, powering more than 1 in every 4 websites total. Because it is such a heavily used software platform, when a vulnerability is discovered, it means that more site owners are put at risk.  As a result, many people believe that WordPress is an insecure platform, but this is just not true.

It may be true that WordPress is subject to more attacks simply because it is used far more than any other platform, but this doesn’t mean that WordPress is less secure. On the contrary, the WordPress development team collectively works day in and day out to find and patch any possible security vulnerabilities. No other website platform comes close to matching the enormous numbers behind WordPress, which means that almost as soon as a potential threat or vulnerability is identified, members of the development community create and disseminate a fix or a patch almost immediately.

The 2 Most Common Hacking Vulnerabilities

The overwhelming majority (almost 80%) of all WordPress hacking incidents are caused by only two things: (1) old or outdated software, and (2) weak username/password combos. It really comes down to poor maintenance or user error, not an inherent flaw in the software itself.

The Solution

Fortunately, WordPress makes it easy for users to address these issues with its built-in alerts, that let you know the moment an update or patch is available, and gives you the convenience of simply clicking a button within your dashboard to update.

We also strongly recommend using the plugin Wordfence, which has a free and a Pro version, and is well-maintained by its developers.

Maintaining the security of your site can seem endlessly complicated, but with dedicated IP, a secure username and password, and the most up-to-date plugin and core software, you can rest easy knowing that your site is actually very well protected.

Maintaining Your WordPress Website

A website is like an organism – it grows, it changes, and it evolves over time, a lot like your company.  As technology expands and improves throughout the internet, so must your website to accommodate those improvements and stay compatible.  Falling behind the technology curve can mean exponential losses in readership or site traffic.  With the current rate of tech evolution, falling behind even 1 year could mean the difference between 5,000 views per month and 5 views per month.

One good example of this is responsive layouts.  In 2014, Google began penalizing page ranks for any website that was not fully responsive on all devices.  For many websites that continued to keep their non-responsive layouts, traffic fell almost to zero.

At this point in time and in the near future, there are really only two major guidelines for ongoing maintenance to ensure that your site is staying up to date with technology and remains accessible to all readers.  Completing these updates a minimum of twice per year is the recommended best practice:

  1. Always complete a full site and database backup before updating the WordPress core software and any Ecommerce software plugins.  The core software update releases generally contain security updates and are always recommended.  Making a backup first guarantees that if something breaks during the update, you can restore the backup and won’t experience any down time.
  2. Keep your plugins and themes updated at all times to avoid a security breech. Over 90% of ALL instances of WordPress hacking is due to out-of-date plugins or old themes.  If you are not using a theme or plugin, it should be deleted entirely.

Choosing Plugins Wisely: Protect your WordPress site against hacking through plugins

1. Download plugins only from reputable sources. For free plugins, this means only! Since anyone can create a WordPress plugin, hackers can exploit this vulnerability to hide their own nefarious plugin. The plugin library will only offer plugins that are known to be safe.  Other software sources that offer paid plugins such as are generally safe.  Be sure that the plugin you are purchasing has reviews or ratings.
2. Ensure all your plugins are up to date. Any time you see the option to update your software, do it!  New version releases often contain security fixes that will protect you from malware, and old, outdated plugins can become gateways for hackers to gain access to your website.
3. Remove any unused plugins.  Unused plugins tend to take up space on your server, slow down your site, and become vulnerable to hacking if they become out of date.
4. Check plugin performance.  We recommend the plugin P3 (Plugin Performance Profiler) that scans your current plugins to determine if any of them are causing system-wide issues such as bandwidth hogging, slowing your site or clashing with system files.  Keeping your site running smoothly has a great impact on your site’s SEO.
Keep these basic rules of thumb in mind while maintaining your website and you should have a healthy site!

Keeping your WordPress site secure

WordPress has revolutionized the internet and provided easy-to-use access to millions of users with limited development capabilities.  While it is perhaps one of the most useful tools out there, it is also one of the most vulnerable.  WordPress works with a coding language called PHP (Hypertext Preprocessor which allows for scripts to be integrated into the site’s pages and executed on the server to generate HTML content.  This means the code is more concise and easier for developers to work with, and allows for that neat Dashboard Control Panel on which you can control every aspect of your site content.  There are so many pros to this type of site software, and one really big caveat: if your developer can manipulate the PHP to generate a beautiful site for you, a hacker can manipulate the PHP to redirect or even destroy your site.

Continue reading “Keeping your WordPress site secure”

Brute Force Attacks

We are currently monitoring the largest distributed brute force attack on WordPress installations that we’ve seen to date.

A brute force attack is when an attacker tries many times to guess your username password combination by repeatedly attempting to login to your admin panel. A distributed brute force attack is when an attacker uses a large number of machines spread around the internet to do this in order to circumvent any blocking mechanisms you have in place.

BluErth recommends that until this passes you monitor your WordPress websites closely for unusual activity including logins, account creation or changes to the website.  If you have not already done so, please install and configure the Better WP Security plugin to help prevent brute force attacks, and consider updating your admin password to something more secure if it is not already (we recommend at LEAST 10 characters, one uppercase letter, one number, and one symbol).

Link to: Better WP Security plugin