Security Flaw in Major WordPress Plugin, + More in This Week’s Latest SEO News

This week we learned about some potential issues Google is having with crawling HTTPS sites, an important update has been made to Webmaster Tools, and a security flaw was found (and quickly patched) in an industry leading WordPress plugin.

More details on each of these top stories in this week’s SEO news roundup.

Latest SEO News – Week Ending 3/13/2015

WordPress Plugin Scare

This past week a critical security flaw was found in popular WordPress plugin SEO by Yoast. This could have been quite troublesome, if not for the fact that it was immediately resolved thanks to the quick reaction time by Yoast.

The only reason we’re even mentioning it is to clear the air about any confusions that may have been caused if you read any part of the story this past week. When the news initially broke, it was up to each individual site owner to ensure the plugin was updated in order to fix the problem.

However, the issue was found to be so widespread (in the tens of millions of users), that WordPress pushed out a forced automatic update of the SEO by Yoast plugin to all sites that have it installed.

What that means is, you no longer have to do anything because everything has been fixed for you. But this does draw attention to just how important it is to keep WordPress plugins updated for the sake of your site’s security.

If you’d like to ensure that all plugin updates are performed automatically, you can specify that in your settings. Just go to the following menus on the left sidebar: Manage > Plugins & Themes > Auto Updates — then make sure auto updates are turned on.

You’ll also want to make sure that you have an automatic backup solution in place, as that is equally as important! There are many popular backup plugins for WordPress to choose from. Just make sure you use a popular, well-reviewed one.

Tell Google About Your HTTPS URLs

If at any point during your site’s history you migrated from a regular connection (HTTP) to a secure connection (HTTPS), you’re going to have to tell Google where to find all your new HTTPS URLs in order for them to be crawled.

According to Google, over 80% of HTTPS URLs that are eligible for indexing are not being indexed because the search giant isn’t aware of them.

To illustrate how large a problem this is becoming, Google Webmaster Trends Analyst, Garry Illyes, posted on Google+ this past week saying: “please tell search engines about your HTTPS URLs!”

What’s the big deal with HTTPS anyway? In August of last year, Google announced it would grant a slight ranking boost to HTTPS URLs, and since then site owners have been migrating their sites to more secure connections.

The problem is that your HTTP URLs will not redirect to HTTPS until Google is notified about them. Instead, what most site owners are doing is migrating to HTTPS and still using the HTTP URLs in sitemap files, and in the rel=canonical elements. HTTPS URLS have to be used everywhere your HTTP URLs are present so Google knows how to find and index them.

Google Webmaster Tools Shows Blocked Site Resources

Do you know what your site looks like through Googlebot’s eyes? You may think it looks just like it does to anyone else, but Google may be getting an entirely different picture of your site that you didn’t intend.

Sometimes things like images, CSS, and JavaScript are being blocked, which means they display perfectly fine on your site but Googlebot can’t crawl them. Blocked resources can become problematic if not resolved, because ideally you want Googlebot to get a picture perfect view of your site as it’s seen by other human visitors.

Google Webmaster Tools will now notify you when it detects blocked resources on your site, and provide you when the necessary steps to fix the problem. If you wanted to manually check when your site looks like to Google, you can always run it through the Fetch and Render tool.

Wrapping It Up

A WordPress security scare reminded us all about the importance of keeping our plugins updated, we were emphatically reminded that HTTPS URLs need to be pointed out to Google, and Webmaster Tools has become even more useful to site owners.

If you had any questions or concerns about this past week’s developments, please let me know in the comments section and I’ll be sure to respond.

• Author
• Recent Posts

Pam Aungst Cronin

President & Chief Web Traffic Controller at Pam Ann Marketing

Recently named one of the “Top 10 Best Women in SEO,” Pam Aungst Cronin, M.B.A. is widely recognized as an expert in SEO, PPC, Google Analytics, and WordPress. A self-proclaimed “geek”, Pam began studying computer programming at 6 years old, started creating websites in 1997 and has been working professionally in the field of e-commerce since 2005. Referred to by Sprout Social as a “Twitter Success Story,” she harnessed the power of social media to launch her own agency in 2011. Pam travels all over the country speaking at conferences and guest lecturing at universities. Click here to read her full bio.

Latest posts by Pam Aungst Cronin (see all)

• WordPress Version 5.8 Tatum: New Features and Facets - November 2, 2021
• The Importance of Developing an SEO Friendly Website Design - October 5, 2021
• Create the Right Digital Marketing Strategies for Your Small Business - August 11, 2021