How I scored 100 on HubSpot's Website Grader

Source: website.grader.com

 

It was never really my intention to get a perfect score for rebel-ist.com on HubSpot's WebSite Grader.  Sure, I have an obsession for performance and secretly wanted to get it there, but I didn't exactly sit down with the intention of doing it.  In fact, scoring 100 on website.grader.com is a result of testing, investigating, and implementing suggested solutions from every possible SEO tool I could find out there.  So many of these SEO report tools focus on different aspects of a site in determining the "grade" including performance, security, social media, structured data and more.  I'll save all of my findings and thoughts on the other SEO tools out there for another post.  As for now, I will focus on how I achieved this score on website.grader.com.

 

Website Grader gives you all the information needed to identify the areas for improvement, but I found that their links to "learn more" didn't always provide me with a proper solution.  What wound up happening is I would spend hours at a time researching these items and the numerous proposed solutions floating around out there on the web. 

 

 

PAGE SIZE

 

Pretty straightforward here; mind your code.  At one point I thought it would be a good idea to inline all of my SVGs (scalable vector graphics) to reduce requests, but in fact, I bloated my html with extra code that didn't need to be there.  We'll tie it in with compression here in a minute, but bottom line is cut out the bloat and call those below the fold.

Beyond page size,  there's some SEO weight behind code to text ratio to keep in mind as well.  If your code significantly outweighs your content, it can have a negative impact.

 

PAGE REQUESTS

 

Here, its all about keeping things together. Combine your files into as few as possible to avoid any unnecessary trips back to the server.   Google likes to see a page render the 'above the fold' content as fast as possible, with 'above the fold' being the content that is visible when the page first loads (like your nav bar, banner, logo, etc.).  If you have a lot of scripts / style sheets in the <head>, then those are all downloaded in full prior to loading the page.  You can work around third party scripts with the async tag:

<script async src="https://use.fontawesome.com/fa########.js"></script>

 

PAGE SPEED

 

Your page speed will reflect your efforts in the 2 previous items.  If your page size is small and your requests are low, then the page will load quickly.

 

BROWSER CACHING

 

To enable browser caching for a website hosted in IIS, you'll need to modify the Web.config file.  Note that I have set cacheControlMaxAge="7.00:00:00", this is where you specify in days:hours:minutes the amount of time to allow the browser to cache.  Since I am still modifying things throughout the weeks, I only allow static content to be cached for 7 days right now.  

<!-- add to <system.webServer> section -->
<staticContent>
      <clientCache cacheControlMode="UseMaxAge" cacheControlMaxAge="7.00:00:00" />
</staticContent>

 

PAGE REDIRECTS

 

Likely not an issue.  If you're redirecting from an old domain to a new one, you should be reviewing the new domain name anyway. 

 

 

COMPRESSION

 

Compression was a fun one.  This will assist in page speed and overall performance because the content is being compressed before its delivered to the browser.  We already had compression turned on.  However, in the case of rebel-ist.com, I used SVG graphics almost exclusively.  One thing I didnt know...IIS doesn't compress SVG graphics by default. So, we had to modify the applicationHost.config to include the image/svg+xml mimeType.

<!-- ADD TO -->
<httpCompression directory="%SystemDrive%\inetpub\temp\IIS Temporary Compressed Files">
    <scheme name="gzip" dll="%Windir%\system32\inetsrv\gzip.dll" />
<!-- ######## -->
        <staticTypes>
            <!-- other mimeTypes -->
            <add mimeType="image/svg+xml" enabled="true" />
        </staticTypes>
        <dynamicTypes>
            <!-- other mimeTypes -->
            <add mimeType="image/svg+xml" enabled="true" />
        </dynamicTypes>
</httpCompression>

 

 

RENDER BLOCKING

 

There are a lot of opinions and suggested best practices on how to do this.  The way I accomplished this was to inline some critical above the fold CSS in the <head> and then place the <link> to CSS at the bottom of the page.  When you first visit rebel-ist.com, the text loads as a default font for less than a second before the css is downloaded and overrides the default. 

 

RESPONSIVE

 

Use percentages for padding, margin, width, and height where possible.  Not only does this allow the content to scale fluidly with the screen size, but also enables you to keep your CSS smaller with fewer class adjustments under @media rules.

 

VIEWPORT

 

Because high DPI screens are becoming more common, it's now more important than ever to declare the viewport in the <head> of your document.  It wont compensate for display scaling set by the OS, but it will compensate for high DPI displays wanting to render as a standard display.  If you want users to be able to pinch-zoom on mobile devices, ditch maximum-scale=1.

<meta name="viewport" content="width=device-width, initial-scale=1, minimum-scale=1, maximum-scale=1" />

 

PAGE TITLES

 

First, make sure every page has a title.  Then, make sure your titles are optimized for search engine results. Google typically displays the first 50-60 characters of your title.  If the title is longer than that, you wind up with the title cut off by ellipses... 

 

META DESCRIPTION

 

 

Similar to Page Titles, the meta description is the block of text that shows under your title in search engine results.  For it to be relevant and captivating, you want to write it yourself and keep it under 160 characters.  If you don't have a meta description in your head, google will just pull the first 160 characters of text it encounters. 

 

HEADINGS

 

H tags provide a hierarchy for search engines as well as readers.  However, there is a lot of conflicting info out there about what is the best way to use your H tags.  Some places say no more than 5 <h1> tags, others say only 1 <h1> tag.  I think it's debatable, but I ultimately went with 1 <h1> and then multiple <h2>, <h3>, and <h4> tags.  

 

SITEMAP

 

Another straightforward item.  Mainly, use them to submit your site to google and bing via search console and webmaster tools.

 

SSL CERTIFICATE

 

In the interest of security, everyone should be using an SSL certificate these days.  I read something the other day about a website not using HTTPS that was transmitting credentials in plain-text.  Now, the accounts had no real function other than turning on visibility to some general content, but these users are more than likely using the same email addresses and passwords for other sites.  So any ill-willed individual wise to that knowledge could theoretically watch the traffic and nab all login credentials.  From there, those accounts could be tested to login to social media accounts, financial institutions, etc.

The moral of the story being: get an SSL certificate. You may be unintentionally putting your users at risk.

If you're already hosting with Rebel IST,  we make this easy and affordable with SSL certificates starting at just $14.95. 

Cybersecurity Tip - How to Secure a Wireless Router

INTRODUCTION

 

Securing a wireless router that is attached to a home or business network is the first and most important thing anyone can do to protect data traveling through the internet. This data can range from proprietary information to financial accounts and even personal data. This tutorial will highlight the seven steps that are necessary to secure a wireless router.

By 2011, the estimated total cost of cybercrimes was approximately $63.7 billion (n.a., 2013). By the end of this year, that number is expected to grow exponentially to $120.1 billion. Although government agencies and big business may seem like the likely targets, consider the fact that every person has an identity and financial interests. Exploitation of trade secrets and intellectual property are other likely targets for cyber crimes. A cyber criminal would be willing to infiltrate any network looking for valuable information. That is why this tutorial is vital to protecting a personal identity or business entity.

 

 

HISTORY OF DATA BREACHES

 

Bar graph depicting data breaches between 2005 and 2014

 

Looking at this bar graph, in the span of ten years from 2005 to 2014, data breaches have grown five-fold from 157 million known breaches to almost a staggering 800 million (Lord, 2017). Considering this increase, the need to protect data is at an all time high. As a society, we have become more and more dependent on the internet than ever before. Significant time, effort and money it would be lost as a result of information was compromised. Many of these breaches can be avoided by proper setup and configuration of a wireless router.

 

 

WHERE BREACHES OCCUR

 

Bar graph depicting data breaches by industry 

 

This graph that was compiled by data taken from Go-Gulf.com, shows that most major industries that hold onto personal data and records have some of the highest number of breaches. Although financial institutions are lowest on this list, the number of breaches is relevant to the total amount of money stolen over the internet. Medical records are the largest breach of privacy according to the graph and not only results in information being compromised, but it can be altered in a way that could lead to incorrect diagnoses or even the incorrect medications. Having a secure wireless router will minimize the likelihood such breaches and keep personal information safe and out of the hands of cyber criminals.

 

 

PROCESS OUTLINE

 

  • Step 1 – Router hardware setup

  • Step 2 – Creating a unique router name

  • Step 3 – Creating a password

  • Step 4 – Disable remote administration

  • Step 5 – Enable the firewall

  • Step 6 – Media Access Control (MAC) address filtering

  • Step 7 – Save Configuration and Test

 

These steps are not only an advantage to businesses, but anyone who has a small Local Area Network (LAN) within a home. With as much personal and financial and data available on the internet, any breach could be devastating and in some cases irreversible.

 

 

ITEMS USED IN THIS TUTORIAL

 

  • Wireless router (in this case a Linksys E2500 router was used)

  • Two cat-5 cables

  • Internet Service Provider (ISP) modem

  • Computer/Laptop

 
 

In order to successfully fulfill the steps in this tutorial, the items needed are a wireless router, two cat-5 cables, the modem from an Internet Service Provider (ISP) and a laptop or desktop computer that will be primarily used. Upon purchasing the wireless router, the cat-5 cables come in the box. If only one is included, a second one can be purchased and only needs to be approximately 5 feet in length.

 

 

STEP 1 - ROUTER HARDWARE SETUP

 

Once all of the items are obtained, the first step is to attach all the components together in the necessary order. Plug the cat-5 cable into the internet port on the back of the router and plug the other end into the modem provided by the ISP. Take the second cat-5 cable and plug one end into the first port of the router and the other end into the Ethernet port (which looks like a telephone jack) of the laptop or desktop. Give the cables a slight pull to make sure they are locked in place. Plug the power adapter into the wireless router and then power on the computer. The first step is completed.

 

 

STEP 2 – CREATING A UNIQUE ROUTER NAME

 

 

*For the following steps, you'll want to consult the User Manual or Manufacturer webpage to obtain the default IP and admin credentials for your router. 

The second step to securing a wireless router involves logging in to the router itself and changing the SSID, or Service Set Identifier. This gives the wireless router a unique name so it is easily identifiable by the owner or anyone else that is permitted to log in.

To log into the router, open up a web browser (in this case, Google Chrome) and type the router’s IP address into the address bar and hit enter (the default address for our Linksys E2500 Router is 192.168.1.1).  Next, the login screen will open up and allow for login credentials. The default username and password are set as admin. Once logged in, navigate to the wireless tab and the basic wireless settings to change the router’s name, or SSID. This can be any name.

Once the SSID is created, save the configured settings by clicking the save button. Proceed to the next step.

 

 

 

STEP 3 - CREATING A UNIQUE PASSPHRASE

 

 

Having created a unique SSID, step 3 is to create a password. Most routers, including this one, have both 5GHz and 2.4 GHz wireless signal strength. For this tutorial, focus on setting the 2.4 GHz frequency as that is the more stable of the two wireless signals. A 5GHz signal is stronger and can travel a further distance, however, it has far less capability to travel through walls and metallic surfaces such as heating ducts (Mitchell, 2016). This greatly impacts network speeds and performance, therefore, it is best to disable this frequency unless you plan to use the wireless internet in the room that the router is located.

To create a passphrase (password), go to the Wireless tab and then the Wireless Security sub tab. The most secure mode for in home and small business wireless routing is Wi-Fi Protected Access 2 / Wi-Fi Protected Access mixed mode. Select this mode and enter a passphrase. We recommend at your password be at least 8 characters long, have at least 1 uppercase letter, 1 number and 1 special character. However, it has also been recommended to use a password that is a phrase, easy to remember, and is 10 characters or longer (Hansen, 2017)

 

 

STEP 4 - DISABLE REMOTE MANAGEMENT

 

 

Step 4 is to disable remote management. Remote administration means that anyone that connects to the router wirelessly can access these configuration settings and potentially change them. To change this, navigate to the management sub-tab and click on disable remote management. Save the settings and move to the next step.

 

 

STEP 5 - ENABLE THE FIREWALL

 

 

A firewall is a barrier that is designed to keep outside forces from accessing the data with the intention to destroy it (Tyson, 2000). Click on the Security tab and then the Firewall sub-tab. Make sure both IPv4 and IPv6 firewalls are enabled. IPv6 is the newest protocol as each device connected to the net requires an address. Since IPv4 addresses are becoming scarce, service providers are assigning IPv6 addresses. This will cover both cases. Make sure that the filter anonymous requests and IDENT buttons are checked. These prevent third parties from creating requests to your computer in order to release information.

 

 

STEP 6 - MEDIA ACCESS CONTROL (MAC) ADDRESS FILTERING

 

 

MAC addresses are those that give a computer component a unique ID (Rouse, 2005). The IP address that is used to connect to the internet is directly tied to the MAC address. It is also known as a physical address.

In this step, enable MAC filtering and then choose the tab that states “permit the PC to allow access to the router.” Underneath, enter in the MAC address and save the settings.

In simple terms, this setting will only allow the MAC address entered to access the router and internet. Additional MAC addresses can be added that need to be connected to the network.

If there is an issue finding the MAC address to the Ethernet card, navigate to the troubleshooting slide of this tutorial and follow instructions on how to locate it.

Save the settings and go to the final step.

 

 

STEP 7 - SAVE THE CONFIGURATION AND TESTING

 

The final step is to save the overall configuration. Navigate back to the main screen. This is located under the setup tab. Once there, click the save settings button one last time and that completes the configuration. The router should automatically reset with the new settings. Close the web browser.

The best way to test the configuration is to log in to the wireless router with the laptop computer. Remember to click on the name that was created for the router and insert the password that was created in step 3.

 

 

TROUBLESHOOTING

 

Some issues that could arise include not knowing how to find a MAC address or accidentally configuring the wrong setting. To check your MAC address, open up the command prompt line in Windows using cmd in the search bar. Type in ipconfig /all and scroll down to Physical Address. This is the same as the MAC address. The same steps can be taken to identify other devices that are requesting permission to access the network.  This is a good way to ensure that only devices that you authorize are allowed to connect to your router.

If an incorrect configuration is made in the router, it is simple to go back to the appropriate tab(s) and enter in the correct information. If the correction can’t be done, simply locate the reset button on your wireless router. Press this with a pen tip and hold it until all the green lights on the back begin to blink off and on continuously. Let it sit for a minute while the default settings are re-written and then return to step 2.

 

 

CONCLUSION

 

This tutorial discussed setting up a wireless router as well as some statistical data to show which information is most vulnerable. As society continues to become more and more dependent on the internet, so too does the amount of proprietary data. The costs of a breach in data continue to increase and will grow exponentially in the near future.

These breaches can be reduced significantly by following the 7 steps outlined in this tutorial. These steps are simple to perform and anyone, including a novice user, can follow them to secure a network.

Make sure to complete these steps immediately. The longer the wait, the longer that your data will be unsecured with the opportunity for cyber criminals to steal it. This will save anyone a great deal of time and money in the long run.

 

 

REFERENCES

 

 
 

Rebel IST is live!

Greetings!

I am happy to announce that we have officially transitioned the brand from IHOST to that of our parent company, Rebel Internet Systems & Technologies.  We are all very excited and look forward to providing you with the highest level of service under our new leadership.  

At Rebel IST, we strive to be a different kind of hosting company.  It is our intention to improve upon the products and services previously offered under IHOST, while not disrupting the competitive pricing and level of service already in place.  We welcome any feedback regarding our current offerings and will work diligently to meet the expectations of a modern web hosting provider.