Onpage SEO Guide - What Do You Do?

In this article, I will summarize the list of things that you need to do if you want SEO Onpage for the website. Onpage SEO, in general, it consists of many different small steps, easy steps, and difficult.

What is SEO Onpage?

Onpage SEO is a technique in SEO, this is a set of tasks that you have to do to increase the friendliness of your website to enhance the user experience.

If the user experience improves, then google will rank your site higher than your competitors don't do as well as you, and of course, your website ranking on the search results will be increased accordingly.

In this article, I will help you gain the most objective view of the techniques you must do to SEO Onpage, including:

• Focus on content.
• Layout of the site, the content is easy to see
• Set up friendly URLs
• Keyword distribution properly
• Use appropriate title
• Must have read mode for mobile
• Speed up the website
• Use link out and internal link
• Optimize images
• Use social sharing
• Extend the time users stay on the page
• Reduce the Bounce Rate

1. Focus on content.

Want SEO more than your competitors, you must at least equal or exceed them in terms of content." This is the first advice I usually ask you or ask myself about SEO methods.

In most areas, content is always king, if you do good content, you will be confident to deploy many other SEO techniques. If you make bad content, you will have many difficulties.

Readers go to your website for what? - To find the content they need of course. So please provide exactly what they are looking for for the corresponding keywords. You provide a little information, they will hit the back button and go find another page with more information.

Content is the place to build your brand and connect you with customers

2. The layout of the site, the content is easy to see.

An easy-to-view website layout, logical directory layout, neat layout and easy-to-read interface will always impress your readers. I believe with the development of technology, this will not be difficult for you, especially the blogs made with WordPress will have a lot of interfaces available, even if you do not know the code.

You shouldn't use a lot of colors for your website to your site unless you make a blog for children. Increase your professionalism as much as possible by the main colors associated with your brand.

And do not write content "like writing a novel". Learn how to go down the line, clear bibliography, use bold, underline, italic, checkpoint, etc. to help readers easily find what you want to express. They will want to know where the focus, the focus of the article.

If your article isn't clear, users will not want to read your 2nd post.

3. Set up friendly URLs

Long URLs for what? To cram the keyword into the URL, the article will be searched for with different keywords?

No, completely wrong, cramming skills only apply 4-5 years ago, the more time you cram, the more your site will go down. Be as simple as possible, just for a primary keyword to the URL

4. Keyword distribution properly

Remember to distribute properly rather than cramming. Properly include:

• Keywords are in the title (Should be heading is H1 tag)
• Keywords are in the URL
• 1-2 H1 tags, H2 containing the keyword
• Keywords appear in the first 100 words of the article (1-2 times)
• Keyword density appears regularly, but not too much (range 0.5 to 1.5% is reasonable).

If you use WordPress, the themes that support SEO they default to the H1 tag as the title. select tags H2, H3 for large items, and sometimes keywords in these tags:

5. Use logical headings.

The title is a key criterion for Google to know what your website is about, the title must not only have the exact keyword needing SEO but also be able to get more clicks on search results or when your website is shared on social networking.

Some of the skills that you need to optimize for title tags include:

• The length is reasonable, not too short or too long so that it is fully present in the search results
• The titles on the same website can't overlap
• The title content should be stimulated to click, but not fool the reader
• If you do branding, add a brand name to the end of the title so readers will remember your site

Use a number of reasonable methods that have been measured by professionals to outperform normal headings such as:

Read more about How to write headlines that both Google and users can't resist!HERE

• Title list: 5 ways to make acb ... 10 steps to make xyz ...
• Title question: How can I abc ...? How to xyz ....
• Title tutorial: Guide to making abc ..., tips do xyz, ...

6. Must have an interface for mobile.

Using mobile web surfing, information search, shopping is trending and the rate is increasing. Want to follow trends or stay the same?

Most popular WordPress themes that are launched (or upgraded) from 2015 to the present will be optimized for mobile, which means that it has responsive functionality.

However, depending on the interface, you have to review over the phone as appropriate, because after you've written the content when reviewing on the mobile it will display errors in some places, force you to look through the content with your phone, make sure the content displayed well.

In addition, if you do e-commerce sites, online sales should have good technical staff, simplify the ordering process on the phone to create the most convenient for customers.

7. Speed up your website.

More than 50% of US users said they would consider whether to buy or not or move to another site if the site loads slow.

If you can not afford to make a website run super fast then your website shouldn't be too slow (preferably less than 5 seconds)

Some tips aren't so sublime that you can apply when using WordPress, that are:

• Choose a good, stable hosting provider
• Use simple interfaces that are optimized for SEO
• Do not install too many plugins, for any plugin that slows down your page, consider removing it.
• Optimize images as lightly as possible and at the right size
• Use caching with W3 Total Cache or WP Rocket.

8. Use linkout and internal link.

The SEO experts all claim that if you put the link to the article related to content, google can better know what your website content is and rank you with higher ranking sites with the same content. But no linkout.

Linkouts are links pointing to other websites or citing relevant material that you want readers to find out about external sources.

The internal link is a link pointing to another article on your site, below this for example:

Internal link building techniques (internal link) in SEO

Here are some tips: Only place links and internal links at locations where readers are looking for more information or wanting to source them.

9. Optimize images.

In part 7, I mentioned the reduction of image size and reasonable image size to speed up the page load. In addition to this, you should also name the image corresponding to the content in question.

For example, this article is about the SEO Onpage guide, the featured image of this article I can set is guide-onpage.jpg and the alt attribute of the image is guide-seo-onpage.

The image or video it is also content, so you optimize the google to understand more about the content you are talking about. Additionally, you may occasionally find that your website has a visit coming from Google Image.

As for the content of the image, it is best to create your own images, do not download photos online. Many people find it difficult to do this because they don't produce photos. However, the more photos you make, the more self-generated your content is. Because google always appreciates the "UNIQUE" criteria in the content.

Self-shooting or creating images is difficult, but if you do, it will be very good. I'm trying to optimize this. In addition, infographics are considered to be capable of extending the user experience on the page quite well.

10. Use the share button on the page.

Everybody liked the quickness, users are looking to share your article to individual pages to save or share the others read that have to copy the link and paste it manually rather inconvenient.

The share button will optimize this, as you can see most news sites, blogs have share button

If you use AddThis will have a share button like this blog:

11. Extend the time users stay on the page.

Time on the page is a criterion Google SEO, the site has a high average page time, the page content is good (good content => stay long).

It's not a simple matter to extend the length of time that a user stays on the page. The three most important things are:

• The article must be long enough (1000 words or more recommended) and quality
• There are infographics as possible (users like to read content like this)
• There are videos as well (users like to watch rather than read)

There are also many other factors

• User-friendly interface, easy to read
• Put local links
• Giving gifts to readers

12. Decrease Bounce Rate

Bounce Rate is the rate of escape after readers read only one article on your site and exit without reading any other articles.

The higher the ratio, the worse the quality of your website, and you have to find a way for readers to click on other articles and continue reading. This skill is not easy, it depends on your ability is quite high, but there are simple ways that you can do is simple:

• Set the read article widget and related articles on the right and the bottom of the posts.
• Put internal links at the climax, readers are likely to want to learn more
• Create menu and footer clearly.
• Create tables/buttons that lead to the main article on your page.

Conclusion :

Onpage optimization is a long-term affair, you must always improve the quality of your website, from interface to content, to the other little things through each stage of development.

This Onpage SEO tutorial is like a checklist of the work you need to do to improve your Onpage SEO for the best website/blog, you can save/share and retrieve it when needed.

7 ways to Optimize Page Load Time on WordPress

Speeding up your website is one of the many topics that you are interested in, especially for newbies coming to the WordPress website. Because of this, apart from helping the user to have the best experience, it also affects SEO.

1. Select good hosting/server.

To make a professional website, without that much technical requirements, WordPress is an option almost absolute for everyone. You will need to prepare a fee to buy a domain and hosting to help make things more professional and kind.

So, from the beginning, you should determine that if you make a professional website then invest a bit for this. There are many discount coupons from the prestigious hosting providers such as LiquidWeb, Turnkey Internet, Hosting24, ...

Choose a shared host if you are new.

If you're new to web hosting, the shared host with Cpanel manager will be your choice, as it's easy to use and lots of tutorials on the net.

You should choose where the server is located near traffic source. For example, if you make a website for Chinese visitors, the server located in Hong Kong, Singapore or Tokyo will be better.

In addition, you should consider other configurations of hosting, such as server storage, RAM, CPU, etc.

Switch to VPS if needed

You make the site long time, know how to develop the site and have more and more traffic, the investment for a better server site with smooth speed, fast is essential.
You do good website traffic, every day several hundred to one thousand visitors don't worry that investing $10 - $20/month for the server smoothly for the site is expensive.

Currently, there are VPS Server vendors are very good and popular such as Vultr, DigitalOcean, Linode,...

2. Use optimized themes for WordPress

There are currently two themes vendors that you recommend that you use: Genesis (including the Genesis Framework and Child Theme), and Mythemeshop.

The 2 themes that I mentioned above are very easy to use for newbies. In particular, if to optimize speed for WordPress website, rank 1 still belongs to Genesis

3. Do not greedy install rampant plugins!

During the making of the website, you see what people install, then you also want install, with no consideration of whether the plugin is really necessary or not. Lead to the situation when a simple website that nearly 20-30 plugins slow server is inevitable.

4. Use excerpt/collapse.

If you do not customize anything then default WordPress will display the entire article content + images in the article to the home page and Archives Page. This will cause your Homepage, Page Tags, Page Categories, and other archives to load very slowly and significantly reduce the user experience on your site.

5. Don't upload music or video directly to the host.

In order for your post to have videos that you want readers to see, you can upload them directly to the website through Add Media and it will be displayed. But: Why do you upload to a host when there are so many other music and video storage, such as Youtube, Vimeo, ...?

6. Cache plugins.

Use caching to accelerate the page load speed for your website. It works by saving the cache to people who have visited your site, thus speeding up the page load for your subsequent visits more quickly.

The recommended Cache plugins are:

• W3 Total Cache
• WP Rocket.

7. Optimize the image properly.

If you are uploading large images directly to the article, it will be easy to downtime host, when users visit, the page load speed will be very long and affect the experience. This case is a lot of you encounter because almost new people are taking the image found on the Internet and inserted into the article without regard to the image is heavy

Is HTTPS Really Secure? (Part 2)

In the previous article, I presented some concepts about HTTPS. In this article, let's see if HTTPS is safe.

Is HTTPS Really Secure?

In many cases, HTTPS with the blue sign on the address bar is a sign that what we're doing will be secured. But is it secure enough? My personal opinion is not yet. HTTPS is just like you get out and lock your door. Actually, lock the door is not avoid the crooks. If someone has tried to break into your home to steal, then lock the door is useless. HTTPS is probably the same.

With server and Web app

HTTPS is a secure mechanism for transactions between users and servers. It can be said, for Web servers as well as Web applications, it has no effect in server and application security.

Application security requires a great deal of complexity, including DDoS attack, anti-XSS, CSRF, etc.

With the user

So what about the users? Does HTTPS help users encrypt data, authenticate the server or not? The answer is that there are still a lot of ways to circumvent HTTPS. There are still many different methods to break the certificate authentication system:

• Break into CA's system. As we all know, there are hundreds of CAs trusted by the browser. Attackers only need to find one of these CAs capable of intrusion is enough. And in fact, this has happened with terrible consequences.
• Breaks routers near CA or near the victim reads and falsifies incoming and outgoing DNS packets, attacks email exchanges between the victim and CA. Email encryption methods do not help in this case because STARTTLS can completely break down.
• Breaks the DNS servers are used with the CA or forged DNS packets with the victim domain. Sometimes it is quite easy.
• Attacks several other network protocols, such as TCP, to attack the victim's packets.
• Some CAs may be required by the local government to provide a malicious certificate as they have been accused. Because the CA is present in many different countries, many governments may seek to ask the CA to do so.

The above is the problem of external systems that our data can still be stolen, although HTTPS still works well. But even HTTPS itself has certain issues. For example the Heartbleed hole (heart bleeding). This vulnerability is likely to expose content contained in server memory, allowing an attacker to copy the keys. They easily decrypt the exchanged information.

And even the root certificate authentication mechanism is not completely secure. Take a look at the Man in the Middle attack:

For example, you need to go to https://www.gmail.com, but someone interferes with the exchange process between you and the server. And you are confident that, with certified certificates, you can rest assured that your secure

But you are wrong.

What really can happen is very different from your imagination:

What really can happen is very different from your imagination:

• You connect to https://www.gmail.com
• The attacker redirects your query to the server he has prepared.
• Because this server contains perfectly valid SSL certificate, your browser will not know you've connected the wrong server.
• You manipulate the fake server, all data will be read by the attacker, he can change it, and send it to the real Gmail server.
• You are completely unaware that your secure connection is completely insecure.

Why can an attacker obtain a valid SSL certificate? The attacker can take advantage of the root certificate (which is built into the browser) to generate SSL certificates for his website

In short, there are many different ways to crack HTTPS.

Web security protocols can be good enough to protect against attackers, without much time and energy. But it is still too small in a world where technology and methods of attack are growing.

Conclusion

HTTPS really only has acceptable security. If you want to be really safe on the Internet, we need more than that. HTTPS is like you are out of the house locking the door, most of us are still satisfied with the situation, but still many people are not sure and have to lock a few more layers, buy more safes to store important furniture.

Is HTTPS Really Secure? (Part 1)

HTTPS, or also known as Secure HTTP or HTTP over SSL, HTTP over TLS is a protocol that is considered more secure protocol than regular HTTP Web. It's called "security" but is it really enough security as we thought, or not? In this article, we will learn more about HTTPS and how its security is.


Why do we need HTTPS?

Currently, Google has added the criteria to evaluate HTTPS Web pages. However, it's not always we need HTTPS. We just need them when need secure information only.

Why do we secure information?

During the war, a lot of military information, intelligence information only for some people, others, especially the enemy mustn't know. However, for various reasons, the transmission of information isn't sent directly from the sender to the recipient, but through a certain number of intermediaries. So that the information is easily leaked. For example, the method of communication by telegraph easily captured and eavesdropping

So, people use many different methods to encode to send the information, to ensure that, except for people who need to receive, others hear but don't understand. If you ever see the movie Windtalkers, then you can understand the importance of encryption in war.

Similarly, on the Internet today there are many types of attacks such eavesdropping. One common form is called eavesdrop, in addition to a more powerful type of attack known as Man in the Middle (MITM). However, the contents of this article will not go into details of that attack, maybe I'll come back in the next article. What I want to say here is what we do on the Internet is never literally privacy at all.

 Big Brother is watching you

The Internet is a lot of computer connections, a packet from the sender before the recipient will have to go through a lot of different intermediate machine. No one can prevent those who seek to tamper with our packet along the way. Even the mechanism of the Internet allows eavesdropping takes place very easily. If you don't believe, you can install Wireshark try and see how the network you are using with the bustling activity like.

What we do on the Internet has a lot of things other people know it doesn't matter. But there are many things we do not want anyone to know. And a very justifiable needs of humans is hiding something could be called "secrets" that from the prying eyes of those around him. Because snooping packets is took place very ordinarily, so we need encryption methods to ensure that the packet that we sent just us and the recipients understand. All those who snooping on the road though read nor understand anything.

That's why we need HTTPS Web, HTTPS encryption will help us to process transactions on the Web server and browser. Additionally, HTTPS has some other effects, such as authenticate servers (avoid phishing), etc ...

How does HTTPS secure transaction?

When the browser access Web pages use HTTPS, the browser, and server to establish an SSL connection using SSL Handshake Protocol. The process of establishing a connection is completely seamlessly with users, ordinary users don't need to care about it.

To establish an SSL connection, there are 3 keys used: public key, private key and the session key. Public and private keys form a pair: everything needs to be encrypted using public key encryption and decryption with private key. Session key is the key used in the symmetric encryption method, it is used for both the encryption and decryption.

 If you don't fully understand the methods of public key encryption and symmetric code, maybe you should find out about them before we continue.

Using public key encryption is costly, it is only used at the time to establish a connection, after the connection is established, symmetric encryption is used (with the session key lock). The entire process takes place as follows:

• The browser connects to the server using HTTPS.
• The server returns an SSL certificate, which contains the public key used to encrypt.
• The browser checks the certificate (this process we will learn in the next section). If everything is OK, session key randomly generated and sent to the server (the data is encrypted using the public key).
• The server decrypts using private key obtained session key packet, send feedback received a key to the browser.
• From here onwards, the server and the browser to send and receive packets are encrypted with session key.

SSL certificate

SSL is certificate used to establish a connection between the browser and the server. Technically SSL certificate files are relatively small in size, including information about the public key stored along with other information on the organization's Web site owners.

Some information is stored in the SSL certificate:

• Domain name server, hostname
• Company name, organization, contact
• Expiry date
• Public key

However, this certification can be completely counterfeited. Like we wrote the resumé, how to know we've written the real information? We need to be certified by the local government. SSL also similarly, to ensure this certificate is not fake, we need to Certificate Authority.

Certificate Authority (CA) can confirm that the certificate is genuine, they will use electronic signatures with their own private key. CA will act as notaries have been granted a license, their signatures are trusted and certified their certificate can be considered valid.

Often, CA will sell certificate and they will confirm that they granted the paperwork. So often we have to buy SSL certificate with a very high price tag. In fact, the value of the SSL certificate itself not only in the certificate, which includes the small part of the seller price brands.

Actually, the signature of the CA will also need to be authenticated. Like we check the signature of the notary so. The CA certificate will be certified by the higher-level CA, and the process is a recursive process as follows:

Each certificate shall be certified by the higher certificate level, and the highest level is called Root CA certificate. Root CA certificate is an SSL certificate, but it is used for authentication and electronic signature attached to the certificates are sold to commercial users. The root certificate is usually pre-installed on the browser and the browser receives the certificate from certain websites, it will use root certificate to check the certificate received is valid or not.

Through the authentication process, when using HTTPS, we aren't simply encoding the information, but we also get the authentication and is working with the person that we want.
Because the process of authentication, encryption, and decryption are complex as above, so HTTPS is time-consuming to process than HTTP. In many cases, HTTPS isn't necessary, many large e-news such as CNN, the BBC don't use HTTPS for their web sites, simply because it is the news page, no sensitive information. So the quick response is more important.

It's quite a long article so I will separate it into 2 parts. In next article, we will figure out whether HTTPS is secure or not!