Category: Mobile

WP Shield Security PRO – Release 16.1

It’s been a few months in the making, but it’s finally here – our most exciting release (yet again!) of Shield Security for WordPress.

This release is absolutely packed with goodies and our headline feature – integration with CrowdSec – deserves an article all to itself.

Here you’ll discover all the exciting things we’ve packed into ShieldPRO v16 and why you should be upgrading as soon as it’s out.

Let’s dig into all the new goodies…

#1 Partnership with CrowdSec for Crowd-Sourced IP Intelligence

This is, to our mind, one of the most exciting developments for WordPress security for a very long time.

We’ve wanted to achieve this level of protection against bots for years, as we firmly believe that good WordPress security starts with intelligent blocking malicious IP addresses.

Shield does an effective job of this already with its automatic block list system, but we’ve now achieved group intelligence so all WordPress sites running on Shield will benefit from the experiences of all the other websites running Shield.

This is a big topic so we’ve dedicated a whole article to it – learn about the new partnership here.

#2 Brand New IP Rules and Blocking Engine

IP Blocking has been a part of ShieldPRO, practically from the outset. It’s core to our WordPress security philosophy.

With such a long-standing feature, you can imagine that the knowledge and experience used to create that original system isn’t as thorough as it is today. We’ve come a long way, I can promise you.

This release, spurred on by the new CrowdSec integration, sees the much-needed overhaul of our IP management system. It’s smarter and more versatile, and altogether much faster!

Shield must lookup a visitor’s IP address on every single request to a WordPress site. If we can improve the speed of that lookup, we improve Shield performance overall.

#3 Improved UI

Shield has a number of different subsystems, many of which are related. The scan results page is linked to the scanner configuration page, for example.

To-date when you wanted to view any section of the plugin, it would reload the entire page. We’ve done some work to reduce full page reloads so that you can stay “where you are” while viewing the contents of another page.

In particular we’re referring to “Configuration” pages. Links to such areas will now open in an overlay, letting you keep your current page active while you review and adjust settings.

Another UI enhancement is a new title bar across every page of the plugin, letting you see more clearly where you are, along with important links to help resources.

This title bar also includes our brand new “super search box”…

#4 Shield’s Super Search Box

We mentioned UI improvements already, but this deserves a section all to itself.

To say Shield is a large plugin is understating it. There are many options pages, as well tools, tables, data, and charts etc.

Finding your way around can be a bit tricky. Since we built it, we know it inside out. But for everyone that uses it as a tool to protect their sites, it’s not always obvious where to go to find the “thing” you need.

No longer!

With Shield’s “Super Search Box”, you can find almost anything you need, and jump directly to it. Currently you can search for:

  • Specific configuration options
  • Tools such as Import/Export, Admin Notes, Debug
  • Logs such as Activity Logs and Traffic Logs
  • IP Rules
  • IP addresses – it’ll open a popup to review the data Shield holds on any particular IP
  • External links such as Shield’s homepage, Facebook page, helpdesk, crowdsec etc.

We’ll develop this a bit more over time as we get feedback from you on what you’d like to see in there.

#5 Lighter, Faster Scan Results Display

Shield’s scans can turn up a lot of results and some customers have reported trouble on some servers with limited resources.

We’ve redesigned how the scan results are built, so it’s faster and lighter on both your browser and the WordPress server.

#6 Improved Human SPAM Detection

After working with a customer on some issues she faced with Human SPAM, we’ve developed enhancements to how Shield will detect repeated human spam comments.

For example, a SPAMer may post a comment and trigger our human SPAM scanner. But then they’ll fire off more comments which might bypass the same scanner. We’ll now use previous SPAM detections by Shield to inform future comments, too.

We also squashed a bug where Shield wasn’t properly honouring the “disallowed keywords” option built into WordPress itself.

#7 Custom Activity Logs and Events

Shield covers a lot of areas when it comes to monitoring events that happen on a WordPress site. But we typically don’t cover 3rd party plugins.

So, based on the feedback from a number of interested customers, we’ve added the ability for any PHP developer to add custom events to Shield’s Activity Logs.

When might you find that useful?

You could, for example, track WooCommerce orders, or you could be facing a particularly menacing visitor that repeats an undesireable action on your site that’s not covered by Shield, and decide to block their IP.

You can do whatever you want with this, though you should always take care when allocating offenses to actions as you may inadvertently block legitimate users.

#8 All-New Guided Setup Wizard

When first installing a platform like Shield Security for WordPress, it can be a little overwhelming. Shield is a large plugin, with many features, tools and options.

We’ve had a “Welcome Wizard” in Shield for a while, but it was a little rough around the edges. For this release we decided to revamp it and provide a new guided setup wizard, helping newcomers get up-to-speed more quickly.

Anyone can access the Guided Setup from the Super Search Box (search: “Wizard”), or from the Shield > Tools menu.

A Change To Minimum Supported WordPress Version

We try to make Shield Security as backward-compatible as possible, while it makes sense to do so.

However, this means that our code development and testing must reflect this and means that the burden of support increases the farther back we support older versions.

Our Telemetry data suggests that there are no WordPress sites below version 4.7 running the Shield plugin. Of course, we can only go on what data has been sent to us. But we have to draw the line somewhere, and with Shield v16, we’re drawing the line at WordPress 4.7.

As more data comes through and time marches on, we’ll gradually increase our minimum requirements so we strongly suggest you keep your WordPress sites, and hosting platforms as up-to-date as possible.

Comments, Feedback and Suggestions

A lot of work has gone into this release that will, we hope, improve security for all users by making it much easier to see what’s going on and what areas need improved. The Security Rules Engine is one of our most exciting developments to-date and we can hardly wait to get the first iteration into your hands and start further development on it.

As always, we welcome your thoughts and feedback so please do feel free to leave your comments and suggestions below.

Source :
https://getshieldsecurity.com/blog/wp-shield-security-pro-release-16-1/

ShieldPRO 16.1.0 Upgrade Guide

ShieldPRO 16.1.0 for WordPress is a major release packed with many changes and improvements, including UI enhancement, adding integration with CrowdSec and the ability to permanently block IP any much more.

This guide outlines what have been added/removed, changed, or improved and what fixes we’ve made.

Firstly, we’re going to explain what major changes are made and which options you’d need to review.

New Added Features

For 16.1.0 release we added

With the CrowdSec integration, your WordPress sites will have access to intelligence about malicious IP addresses before they’ve ever accessed your website. (This intelligence will have already been gathered for you by other websites.)

This reduces that “window” available to malicious bots to zero.

The settings can be found under the IP Blocking section:

There are 2 options available

  1. CrowdSec IP Blocking – how Shield should block requests from IP addresses found on CrowdSec’s list of malicious IP addresses.
  2. CrowdSec Enroll ID – link site to your CrowdSec console by providing your Enroll ID.

There is now the option to log custom events to Shield’s Activity Log. It’s impossible that Shield can log every possibly event for every plugin and scenario, so you can now add logging for all your desired site events. This is an advanced option and will require professional software development experience to implement. 

  • Logging: App Password Creation

Shield now captures creation of new Application Passwords in the Activity Log.

  • Shield’s Super Search Box

This search box will look for almost anything you need and provide you with links directly to the item in question. 

Currently you can search for:

  • Specific configuration options
  • Tools such as Import/Export, Admin Notes, Debug
  • Logs such as Activity Logs and Traffic Logs
  • IP Rules
  • IP addresses – it’ll open a popup in-situ to review the data Shield holds on any particular IP
  • External links such as Shield’s homepage, Facebook page, helpdesk, CrowdSec etc.

The Super Search Box is accessible and visible from every page inside the plugin.

Enabling the Shield Beta Access option allows you to gain access to beta versions of the Shield Security plugin.

  • All-New Guided Setup Wizard

For this release we revamped it and provide a new guided setup wizard, helping newcomers get up-to-speed more quickly.

You can access the Guided Setup from the Super Search Box (search: “Wizard”), or from the Shield > Tools menu.

For whitelisted IP addresses, there are no restrictions for the user related with that IP whatsoever –  none of the setting will apply to that IP, including the hiding login URL. 

We added a special notice for a user with a whitelisted IP:

Changes

Change 1: Improved UI

We’ve done some work to reduce full page reloads so that you can stay “where you are” while viewing the contents of another page.

In particular we’re referring to “Options/Configuration” pages. Links to such areas will now open in an overlay, letting you keep your current page active while you review and adjust settings.

Example

Also, IP analysis dialog now opens in an overlay, for example:

Another UI enhancement is a new top title bar across every page of the plugin, letting you see more clearly where you are and with some important links to help and other resources.

Example

Change 2: Completely New IP Rules and Blocking Engine

This release, spurred on by our CrowdSec integration, sees the much-needed overhaul of our IP management system. It’s smarter and more versatile and altogether much faster.

We also made some UI enhancements on the Management & Analysis section:

  • “Manage IP” section is renamed to “IP Rules”
  • IP blocking and bypass list are merged and a new table is used now
  • IP Analysis dialog is now separated and can be loaded for each IP directly from within IP Rules, Activity Log, and Traffic Log. Example, loading from within IP Rules:

  • “Reset” option added into the IP analysis dialog

  • Manual adding IP to the block or bypass list is merged now and can be accessed from within “Add New IP” option:
  • Manually or auto blocked IP can be now permanently blocked

    You can do this by manually adding IP to the block list or directly from within IP analysis dialog

Change 3: Improved Build Custom Charts option

The Shield event(s) are now displayed in a form of list. Selecting desired events is much easier now.



Improvements

For 16.1.0 release we’ve made the following improvements

  • Improved and Faster Scan Results Display

    We’ve redesigned how the scan results are built so it’s faster and lighter on your browser and on the server itself.

    Eliminated errors and slow processing when displaying scan results pages for large datasets. Shield now uses highly optimised queries to request only the records required to display the current table page.
  • Improved Human SPAM Detection
    We’ve added some enhancements on how Shield will detect repeated human spam comments.

    We also squashed a bug where Shield wasn’t properly honouring the “disallowed keywords” option built into WordPress itself.
  • A change to minimum supported WordPress version: 4.7
    Based on Shield telemetry data, we’re pushing our minimum supported WordPress version up to 4.7. We’ll continue to push this upwards as usage data suggests it make sense to do so.
  • Protection Against Unauthorised Deactivation
    The Security Admin feature that protects against unauthorised deactivation has been further strengthened with offenses.
  • Shield Navigation Bar
    Shield offer a much better navbar on the dashboard with built-in search, helpdesk links and updates.

Removed Options

For 16.1.0 release we removed the following options

  • Auto Block Expiration (under Config > IP Blocking section) we removed “1 minute” option.
  • Leading Schema Firewall Rule
    This rules flags too many false positives for members.

Fixes

For 16.1.0 release we’ve made various fixes

  • Mitigate a fatal error caused by the latest wpForo plugin passing NULL to locale filters.
  • Bug when specifying a particular list when adding/removing an IP address using WP-CLI.
  • Shield no longer attempts to solve the issue of invalid ‘from’ email addresses on a WordPress site.

For more information on Shield 16.1.0 release, read this blog article here.

Source :
https://help.getshieldsecurity.com/article/476-shieldpro-1610-upgrade-guide

How to set up the Surveillance Station of QNAP NAS?

Introduction

To satisfy the increasing demand for embedded network surveillance solutions on NAS, QNAP unveiled a value-added application ‘Surveillance Station’ on its All-in-One Turbo NAS Series. The Surveillance Station enables users to configure and connect many IP cameras at the same time and manage functions including live audio & video monitoring, recording, and playback. Installation and configuration can be easily carried out remotely in a web browser in a few steps. Various recording modes are provided: continuous recording, motion-detection recording, and scheduled recording. Users can flexibly define the recording settings according their security plans.
The Surveillance Station supports a large number of IP camera brands. You can find a list of supported cameras at: https://www.qnap.com/compatibility.

Contents

  • Plan your home/office network topology
  • Set up the IP Cameras
  • Configure the Surveillance Station on the QNAP NAS
  • Configure Alarm Recording on the QNAP NAS
  • Play Video Files from the Surveillance Station

Plan Your Home/Office Network Topology

Write down your plan of the home/office network before starting to set up the surveillance system. Consider the following when doing so:

  • The IP address of the NAS
  • The IP address of the cameras
  • The IP address of your router and the wireless SSID

Your computer, the NAS, and the IP cameras should be installed to the same router in LAN. Assign fixed IP addresses for the NAS and the IP cameras.
For example:

  • The LAN IP of the router: 192.168.1.100
  • Camera 1 IP: 192.168.1.10 (fixed IP)
  • Camera 2 IP: 192.168.1.20 (fixed IP)
  • NAS IP: 192.168.1.60 (fixed IP)

Set up the IP Cameras

Configure the IP address for both IP cameras using the following steps.
You can download a camera IP Finder from official website of your camera’s vendor.
The name of the IP finder may differ between vendors. IP Finder is a utility that helps you search for the IP address of the camera.
CONNECT the IP camera to your home/office network with a network cable and run the IP Finder. Set the IP address of the cameras so that they are on the same LAN as the computer. You will then be able to login to the configuration page of the camera with a web browser. Enter the IP address of the first camera as 192.168.1.10. The default gateway should be set as the LAN IP of the router (192.168.1.100 in our example).

Note: The default IP and ID of administrator may differ based on what camera model is used.

ENTER the web configuration page of the IP camera.
You will then be able to view the monitoring image.

GO to ‘Network/ Network’ and check the IP settings of the camera.

NEXT, if you are using a Wireless IP CAM, please go to “Network/Wireless” and configure the wireless setting of your camera. Please ensure the camera’s settings are completed.

Repeat the above steps to set up the second camera.
To summarize, so far you have finished the following settings:

  • Camera 1 IP: 192.168.1.10
  • Camera 2 IP: 192.168.1.20

Note:
If you forget the camera settings, please press the reset button at the back of the camera for 5-10 seconds. The camera will be restored to default settings. You can then set the IP address and login to the camera’s configuration page with using the default login name and password. The reset function may differ by the brand of the camera. Please refer to the camera’s user manual in advance.

Configure the Surveillance Station on the QNAP NAS

Go to “Control Panel” > “System Settings” >”Network” > “TCP/IP” and press the “Edit” button to specify a fixed IP to the NAS: 192.168.1.60. The default gateway should be the same as the LAN IP of your router, which is 192.168.1.100 in our example.

Install Surveillance Station

  • Auto installation: Go to “App Center” > “Surveillance” > “Surveillance Station” and click “Add to QTS” to start installation.
  • Manual installation: Download the Surveillance Station QPKG from the App Center on the QNAP website. Then you can install it by clicking the “Install Manually” button and by selecting the location of the Surveillance Station QPKG to start installing.

Please note: To ensure proper operations of Surveillance Station, we recommend rebooting the Turbo NAS after its installation is completed.

In the Surveillance Station, please go to “Settings” and select “Camera 1” then click “” to add the camera configuration, e.g. name, model, IP address, recording setting and recording schedule.

In our demonstration we will assign the following IPs to each camera:
Camera 1 IP: 192.168.1.10
Camera 2 IP: 192.168.1.20

Note:
Before applying the settings, you may click “Test” on the right to ensure the connection to the IP camera is successful.

You can enable or change the recording option of the camera in next page. Click “next” to move to the next page.

On this page, you will see the “Schedule Settings.” In the table, 0~23 represents the time period. For example, 0 means 00:00~01:00, 1 means 01:00~02:00. You can set a continuous recording in any period that you want.

Then you will see the “Confirm Settings” on the next page.

After you have added the network cameras to the NAS, go to the “Monitor” page. The first time you access this page by browser, you have to install the ActiveX control (QMon.cab) in order to view the images of Camera 1 and Camera 2.

Note:
You can use the Surveillance Station in Chrome, Firefox or IE. The browser will prompt you to install the “ActiveX control” (QMon.cab) before using Monitor or Playback functions. Please follow the on-screen instructions to complete the installation.

Note:
When you click on the monitoring screen of a camera, the frame will become orange. You can use the s configuration page.
In Surveillance Station 5, there is a new feature called “Instant Playback”. You can click the floating button to play recording and find recent event.

Configure Alarm Recording on the QNAP NAS

The Surveillance Station supports alarm recording by schedule. To use this function, go to “Camera Settings” > “Alarm Settings” in the Surveillance Station. You could select ‘Traditional Mode’ to do basic configurations or ‘Advanced Mode’ to define advanced alarm events.

  • Traditional Mode :
    You may define criteria enabling alarm recording then click ‘Apply’ to save the changes.
  • Advanced Mode :
    You may select the event on the left side and add an action on the right side by clicking “Add”.

Then you may choose the action type you need for this event.

The event “Motion Detection” has a corresponding action “Recording”.

Play Video Files from the Surveillance Station

You have to click or to enter the playback page and follow the steps below to play the video files on the remote Surveillance Station.

1. Drag and drop camera(s) from the server/camera tree to the respective playback window(s) to select the channel(s) for playback.

2. Select playback date from.You can examine each channel to know the time range when the files were recorded for each IP camera. The blue cells indicate regular recording files and the red cells indicate alarm recording files. If it is blank, it means no files are recorded at that time.

3. Clickto start the playback. You can control the speed and playback direction by dragging the button to right or left on the shuttle bar.

4. Specify the time to play back the recording files at that moment. You can view the preview image on the timeline bar to search the moment you want to play.

5. Clickto control all the playback windows to play back the recording files. When this function is enabled, the playback options (play, pause, stop, previous/next frame, previous/next file, speed adjustment) will be applied to all the playback windows.

Source :
https://www.qnap.com/en/how-to/tutorial/article/how-to-set-up-the-surveillance-station-of-qnap-nas

How to set up myQNAPcloud to remotely access a QNAP NAS

Requirements

Register your NAS with myQNAPcloud

  1. Log in to your QNAP NAS.
  2. Open myQNAPcloud.
  3. Click Get Started.

    The Welcome to myQNAPcloud! window appears.
  4. Follow the steps to register your NAS. Click Next to move to the next step.
    1. Enter your QNAP ID and Password.
    2. Enter a Device name for your NAS.
      Note: This name is used to identify your NAS on myQNAPcloud and must be unique across all users.
    3. Choose what NAS services will be enabled and the Access Control setting.

      Your device is registered on myQNAPcloud.

      A summary page displays all the registration details and services guidelines of your NAS.

Remotely access your QNAP NAS with myQNAPcloud

  1. Go to https://www.myqnapcloud.com/.
  2. Sign in using your QNAP Account.
    Note: If you are already signed in you are automatically redirected to My Devices .
  3. Go to My Devices.
    The devices registered to your QNAP Account are displayed.
  4. Click the ”  ” button next to the device to display the device IP and SmartURL.
  5. Click SmartURL.

    A login page for your NAS appears.

Source :
https://www.qnap.com/en/how-to/tutorial/article/how-to-set-up-myqnapcloud-to-remotely-access-a-qnap-nas

Moving the Mission Forward: Mandiant Joins Google Cloud

Google’s acquisition of Mandiant is now complete, marking a great moment for our team and for the security community we serve.

As part of Google Cloud, Mandiant now has a far greater capability to close the security gap created by a growing number of adversaries. In my 29 years on the front lines of securing networks, I have seen criminals, nation states, and plain bad actors bring harm to good people. By combining our expertise and intelligence with the scale and resources of Google Cloud, we can make a far greater difference in preventing and countering cyber attacks, while pinpointing new ways to hold adversaries accountable.  

When I founded Mandiant Corporation in 2004, we set out to change how businesses protected themselves from cyber threats. We felt the technologies people depended on to defend ultimately failed to innovate at the pace of the attackers. In order to deliver cyber defenses as dynamic as the threats, we believed you had to have your finger on the pulse of adversaries around the world. To address this need, we set out to respond to as many cyber security breaches as possible. We wanted to learn first-hand how adversaries were circumventing common safeguards with new and novel attacks; monitor the development and deployment of attacker tools, their infrastructure, and their underground economies; and study the attacker’s targeting trends.

Armed with this knowledge and experience, we felt we were best positioned to close the gap between the offense and the defense in the security arms race.  

As we investigated thousands of security incidents over the years, we honed the deep expertise required to find the proverbial needle in the haystack: the trace evidence that something unlawful, unauthorized, or simply unacceptable had occurred. We believed this skill was the foundation to automating security operations through software, so that organizations and governments around the world could easily implement effective security capabilities. 

By joining forces with Google Cloud, we can accelerate this vision. I am very excited that Mandiant and Google Cloud can now work together to leverage our frontline intelligence and security expertise to address a common goal: to relentlessly protect organizations against cyber attacks and provide solutions that allow defenders to operate with confidence in their cyber security posture. More specifically, we can leverage our intelligence differentiator to automate security operations and validate security effectiveness.

Mandiant Remains Relentless

While we are now part of Google Cloud, Mandiant is not going away—in fact, it’s getting stronger. We will maintain our focus on knowing the most about threat actors and extend our reputation for delivering world-class threat intelligence, consulting services, and security solutions. 

Automating Security Operations

Today’s announcement should be welcome news to organizations facing cyber security challenges that have accelerated in frequency, severity, and diversity. I have always believed that organizations can remain resilient in the fight against cyber threats if they have the right combination of expertise, intelligence, and adaptive technology. 

This is why I am a proponent of Google Cloud’s shared fate model. By taking an active stake in the security posture of customers, we can help organizations find and validate potential security issues before they become an incident. Google Cloud and Mandiant have the knowledge and skills to provide an incredibly efficient and effective security operations platform. We are building a “security brain” that scales our team to address the expertise shortage.

Validating Security Effectiveness

Google Cloud’s reach, resources, and focus will accelerate another Mandiant imperative: validating security effectiveness. Organizations today lack the tools needed to validate the effectiveness of security, quantify risk, and exhibit operational competency. Mandiant is working to provide visibility and evidence on the status of how effective security controls are against adversary threats. With this data, organizations have a clear line of sight into optimizing their individual environment against relevant threats.

Advancing Our Mission

Google Cloud has made security the cornerstone of its commitment to users around the world, and the Mandiant acquisition underscores that focus.

We are thrilled to continue moving our mission forward alongside the Google Cloud team. Together, I believe Mandiant and Google Cloud will help reinvent how organizations protect, detect, and respond to threats. This will benefit not only a growing base of customers and partners, but the security community at large.

You can learn more about this milestone moment and the exciting opportunities ahead in this blog post by Google Cloud CEO Thomas Kurian, “Google + Mandiant: Transforming Security Operations and Incident Response.”

Source :
https://www.mandiant.com/resources/blog/mandiant-joins-google-cloud

Top 5 Content Optimization Tools for SEO

It is necessary to use content optimization tools to rank higher on SERPs. Optimizing your blog content and web pages using the SEO content optimizer is vital to the success of your content SEO strategy because you need to keep an eye on your competitors. In this post, let’s learn with seobase what content optimization is and what the best content optimization tools are.

What Is Content Optimization?

Understanding and improving content performance to interact with audience intentions is crucial to getting the number of clicks and traffic you aim for. Getting a higher ranking in search engine results pages (SERPs) and improving the readability of the content is not a simple process but is also not impossible. Now, many content optimization tools facilitate the content optimization process.

Here are some things that you need to optimize your content to address them:

  • Customer Needs: your content needs to adapt to the customer’s changed needs. 
  • Search Intent: your content should be optimized to meet user intent 
  • Competitors: it’s a risk of falling behind if your content is not optimized. 
  • Search Engine Updates: static content will lose relevance as search engine updates make a piece of content irrelevant.
  • Market Trends: your content needs to stay current if you want to rank above your competitors.

Top 10 Content Optimization Tools For SEO

Searching for specific content may take a long time to arrive at valuable and helpful content. Here comes your role; you have to work to benefit your audience and not make them spend a lot of time getting some information. Dozens of content optimization tools are available on the market to help you write quality content on your blog or landing pages. seobase listed the 5 best content optimization tools you can use to research, identify, and optimize content for your blog or web pages right now.

content optimization solutions

Sign up to our blog to stay tuned about the latest industry news.Subscribe

Google Search Console

Google Search Console (GSC) is a great free tool to analyze SERPs performance of your site and content. Moreover, it contains cutting-edge features helping you know page speed, and structured data could impact your online performance. Furthermore, you can define the user intent and be aware of the organic traffic with impression and click data of specific queries. 

However, you can’t filter multiple search query terms to determine keyword cannibalization or misspellings quickly. In addition, it doesn’t display a complete SEO backlink profile. Here are a few says GSC to optimize your content marketing strategy: 

  • Keyword For Each Page.
  • Content Popularity.
  • Find Content Gaps.
  • Customer Search Intent.

seobase SEO Tools

seobase serves 15,000+ satisfied customers globally. Leaders of many industries rely on seobase for rank tracking and SERPs analysis. You can create your search tracking in seconds and get daily updates on how your website performs across search engines. 

Furthermore, you can track desktop and mobile platforms to get a full picture of your site’s performance. All of seobase SEO tools will allow you to create a quality piece of content. You can explore your target keywords and use them to optimize your content to meet the audience’s needs. Here are some of the seobase SEO content tools and features: 

  • Keyword explorer tool
  • SERP checker tool
  • Rank Tracker tool
  • Site profiler tool
  • Backlink checker tool

content optimization solutions

Grammarly

Content marketers need to create a quality piece of content to drive organic traffic and rank high on SERPs. However, that content must be readable to engage with the target audience, Grammarly offers this. 

Grammarly is one of the most critical content optimization solutions. Grammarly makes content optimization much more manageable by offering detailed, real-time suggestions for improving content quality. The content optimizer doesn’t miss any spelling or grammar errors unless it fixes them immediately.

It offers you edits and suggestions using AI support to improve your choice of words and the context and tone of the content. As a content optimizer for search engine algorithms, Grammarly uses contextual cues and typing tone as ranking factors.

Hemingway Editor

Hemingway Editor helps you write better content and drive traffic and more website visitors. It is a free online tool to see if it has everything you need to make high-quality content. 

The tool allows you to find the common grammatical issues and sentence structure that can distract your readers. In addition, it enhances the readability level. 

The Hemingway Editor is such an efficient content optimization tool. However, it lacks a widget for Chrome and Safari. As a result, you must copy/paste your content manually to the online or desktop program to check it. 

The Editor tool is AI-powered, but it only uses a handful of grammar choices when grading your content, so you could be missing other mistakes if you depend only on this tool. The tool doesn’t offer suggestions on how to fix the problem for the errors highlighted by the tool. This can be disturbing when you need to resolve issues quickly.

Google Docs

Google Docs is not the first content optimization tool that comes to your mind when you think about content optimization solutions. However, it offers features like a word processor, spreadsheets, and forms so you can communicate with your team and keep your projects on track.

Content marketers always seek the easiest way to manage multiple projects at once. Sometimes the content creators need to keep a list of dozens of topics to expand or manage writers. Google Docs gives content writers what they need exactly to help them and their teams to produce optimized content.

Conclusion

Choosing the best content optimization tools suitable for growing your business and making the most of your marketing budget is not impossible, but it is challenging. You can always stay informed of previously published content by using Google Search Console and other tools to get actual performance metrics. seobase provides you with the necessary SEO content optimization solutions to improve the content that you publish on your website.

Related Articles

How To Optimize Your Content In SEO?

What Are Search Engines, and How Do They Work?

6 Ways to use Rank Tracker for SEO

On-page SEO for Beginners

Website SEO Optimization for alternative search engines

Source :
https://seobase.com/top-5-content-optimization-tools-for-seo/

How to Do Niche Keyword Research?

SEO Niche keywords research is your way to attract your audience. The niche keywords are the particular long-tail keywords related to a specific industry. You can find your best niche keywords list using the best online SEO niche search tool. Do you know how valuable for your SEO plan to tailor your pay-per-click campaigns to niche keywords list and not just general and trending terms? It is challenging for general or short tail keywords to rank on the first page on search engines such as Google, especially on a new site.

When starting to manage a new venture, it can be challenging to predict the impact of a new research campaign on your industry niche. As a result, searching niche keywords is the perfect solution to avoid any risks that may occur and affect your growth.

In this post, seobase presents how to research keywords for a niche using the niche research tools and how to find a niche keywords list. 

Use a seobase Keyword Research Tool to Find Niche Keywords

Choosing an adequate and effective niche search tool is just as important and valuable as determining and choosing your SEO niche. Let’s say you decided to create a site that provides SEO services like seobase. In this case, you may have already decided that your website targets the SEO niche.

It may not matter much how much you know about the SEO industry, whether with a high level of experience or a lack of knowledge. This means that understanding which keywords will be profitable for you early on can be quite a challenge.

Since your website is a rookie site, you don’t have much historical data to use as an indicator of future performance. The seobase Keyword Explorer Tool is the ideal and most effective niche search tool for the initial niche keywords research and creating a niche keywords list.

Take advantage of the seobase Keyword Explorer Tool features, learn how to find niche keywords, and try to create an extensive niche keywords list. It may include forms of SEO niche keywords that you may not be able to come up with on your own, but the tool does.

how to research keywords for a niche

Refine Your Niche Keyword List

You need to realize that the niche keywords list you take from niche research tools is just suggestions. So it’s critical to find a compelling way to refine your niche keyword research list. There are several ways to refine your SEO niche keywords list when adding a keyword or URL: 

  • Your keyword list should be as specific to your website’s SEO niche.
  • Choose the relevant niche keywords for your industry. 
  • Don’t include keywords to use on your content randomly.
  • It would help you find the lowest difficulty keywords on a rookie website. 

The niche keywords list is a vital SEO factor that you need to use carefully to not target the wrong audience. See How to Find Best SEO Keywords: The Complete Guide

niche keywords

Sign up to our blog to stay tuned about the latest industry news.Subscribe

Determine How Competitive Your Keywords Are

As we mentioned in the previous step, you have to know how difficult it is for niche keywords to SEO. Analyze how competitive each keyword you have in the niche keywords list. 

Your key to ranking on search engines always starts with using the least difficult keywords.

Don’t choose the most difficult niche keywords because they have a high volume. If you think about it this way, it can be difficult if not impossible to arrange.

If you choose less difficult niche keywords, even if they are only at volume 10, the ten visits you will get per month and counting all the keywords you will use over the month, the total clicks and visits will ultimately be rewarding.

how to research keywords for a niche

Niche Keyword Research: Conclusion

Successful keyword targeting requires constant monitoring and modification, especially niche keyword research. It is essential to know that niche research tools return a keyword does not mean that you will be able to rank on search engines necessarily.

The traffic you send from search engines will not end up converting just because you used the niche keywords list. However, SEO checkpoints are well implemented to get optimum results. Moreover, you can use the SEO services of the seobase platform.

Source :
https://seobase.com/how-to-do-niche-keyword-research/

How to Promote Your Blog Without Social Media?

How to promote your blog without social media? The best way to boost your blog traffic is by using SEO (search engine optimization) techniques. This includes writing great content that people will want to read, creating high-quality images for your posts, and making sure your site loads quickly. However, you need to prompt your blog to attract more visitors and increase the traffic and clicks. Most webmasters ask themselves, how do I get people to read my blog? The answer is straightforward: you can follow the next few tips and get a boosted blog. In this post, seobase will explain how to promote your blog without social media, how to get your blog noticed, and how to get traffic to your website without social media.

Comment and Engage With Other Blogs.

There are compelling methods to get boosted blogs without using social media. Commenting and engaging with other blogs is key to getting your blog noticed. Some web admins create their website blogs and overlook that community is essential to achieve their goals from this post. 

One of the most effective ways to promote your blog without social media you can do is to visit and read other bloggers’ content, and to boost your blog’s traffic is to comment and engage with other blogs. In this step all you need to do in this step is to visit other blogs and comment. As a result, your fellow bloggers might also return the favor to your blog website. You can do this through commenting on other blogs, sharing links to them on social media, or even asking questions on forums.

how to get traffic to your website without social media

Write Authentic Blog Content.

To promote your blog posts without social media, you need to know some more creative ideas; one of them is unique content. Writing unique and authentic content will attract the readers. Catchy headlines and optimized blogging content will attract the most readers to your blog. Attracting more readers increases traffic, clicks, and converts to customers. Also, do not overlook including the right keywords. Learn how to set a successful SEO keyword strategy.

If you want to write authentic blog content, you need to think about what you would say to a friend who was writing a similar post. This will help you avoid sounding too much like everyone else. When you start writing, build the content structure so that readers can find answers to their queries and do not have to leave your site quickly or look for another blog that answers their queries and questions. To learn how to promote your blog without social media with unique content, check the new content ideas

Sign up to our blog to stay tuned about the latest industry news.Subscribe

Share Your Blog Posts on Pinterest.

Suppose you don’t use the social media platforms or even if you don’t have social media yet to support your content promotion. Here’s a vital and valuable tip to follow regarding how to get traffic to your website without social media; you can share your posts on Pinterest to get boosted blog. 

Just make sure you use the right hashtags and keywords so people can find your content easily. On Pinterest, users engage in niche topics; this will help you to get your blog noticed to increase your website position and rank #1 on Google SERPs. No worries, there are plenty of places to promote your blog without social media. 

get your blog noticed

Write Guest Posts.

If you write guest posts to get boosted blog, you will not only gain exposure for your own website, but you will also help others by sharing their work. This is one of the easiest ways to generate new business leads and get people to read my blog. As a result, you will get traffic to your website without social media. 

If you’re following the guest post way to get your blog noticed and promote your blog without social media, you may face only one problem; getting people from your guest post to your website is a bit challenging. According to Backlinko, one industry study found that the average guest post brings in only 50 visitors. To solve this problem, you need to use the Guest Post Bonuses. With a Guest Post Bonus, you give the readers and webmasters motivation to make them visit your website. Read Why Everyone Ignores Your Guest Post Outreach Email.

Start a Podcast.

A podcast is an audio show that usually records interviews with experts in various fields. You can record these yourself or use services such as Blubrry.com. Once your episodes are ready, you need to find a platform to host them. Several options are available, including iTunesSoundCloudStitcherGoogle Play Music, and more.

The podcast may be one of the best places to promote your blog. The podcast bonus strategy is similar to the Guest Post Bonus strategy discussed above. Instead of creating a reward for each guest post, you can create a set of bonuses for each podcast you go to as a guest. 

Furthermore, you can inform about these rewards through email campaigns. But how does this strategy start? Follow these steps to implement a successful podcast strategy:

  • First, create content that your podcast listeners will care about.
  • Then, assign podcast rewards to what you’ll talk about in the podcast.
  • After that, play it by the podcast host.
  • Finally, host your rewards section landing page at a URL that’s easy to remember and write.

boosted blog

How to Promote Your Blog Without Social Media: Conclusion.

Blogging without social media is not very popular, and not many bloggers follow it. However, it is a very successful strategy by which you can get a boosted blog. There are a lot of places to promote your blog that no one has visited yet. The competition in blogging social media marketing is tough and fierce. Despite its outstanding results, it takes a lot of time and effort to get a high ranking on Google.

So, at some point, you have to find alternative ways and know how to get traffic to your website without social media and how to promote an article or blog without social media. seobase always offers solutions to make it easier to rank on Google for websites. However, always remember to make your blog SEO optimized. You can use the best online SEO tools from seobase to constantly improve your blogs, measure your SEO strategy‘s success and effectiveness, and make your blog posts Google Algerismths friendly.

Source :
https://seobase.com/how-to-promote-your-blog-without-social-media/

#StopRansomware: Vice Society

Summary

Actions to take today to mitigate cyber threats from ransomware:

• Prioritize and remediate known exploited vulnerabilities.
• Train users to recognize and report phishing attempts.
• Enable and enforce multifactor authentication.

Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations protect against ransomware. Visit stopransomware.gov to see all #StopRansomware advisories and to learn more about other ransomware threats and no-cost resources.

The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) are releasing this joint CSA to disseminate IOCs and TTPs associated with Vice Society actors identified through FBI investigations as recently as September 2022. The FBI, CISA, and the MS-ISAC have recently observed Vice Society actors disproportionately targeting the education sector with ransomware attacks.

Over the past several years, the education sector, especially kindergarten through twelfth grade (K-12) institutions, have been a frequent target of ransomware attacks. Impacts from these attacks have ranged from restricted access to networks and data, delayed exams, canceled school days, and unauthorized access to and theft of personal information regarding students and staff. The FBI, CISA, and the MS-ISAC anticipate attacks may increase as the 2022/2023 school year begins and criminal ransomware groups perceive opportunities for successful attacks. School districts with limited cybersecurity capabilities and constrained resources are often the most vulnerable; however, the opportunistic targeting often seen with cyber criminals can still put school districts with robust cybersecurity programs at risk. K-12 institutions may be seen as particularly lucrative targets due to the amount of sensitive student data accessible through school systems or their managed service providers.

The FBI, CISA, and the MS-ISAC encourage organizations to implement the recommendations in the Mitigations section of this CSA to reduce the likelihood and impact of ransomware incidents.

Download the PDF version of this report: pdf, 521 KB

Technical Details

Note: This advisory uses the MITRE ATT&CK® for Enterprise framework, version 11. See MITRE ATT&CK for Enterprise for all referenced tactics and techniques.

Vice Society is an intrusion, exfiltration, and extortion hacking group that first appeared in summer 2021. Vice Society actors do not use a ransomware variant of unique origin. Instead, the actors have deployed versions of Hello Kitty/Five Hands and Zeppelin ransomware, but may deploy other variants in the future.

Vice Society actors likely obtain initial network access through compromised credentials by exploiting internet-facing applications [T1190]. Prior to deploying ransomware, the actors spend time exploring the network, identifying opportunities to increase accesses, and exfiltrating data [TA0010] for double extortion–a tactic whereby actors threaten to publicly release sensitive data unless a victim pays a ransom. Vice Society actors have been observed using a variety of tools, including SystemBC, PowerShell Empire, and Cobalt Strike to move laterally. They have also used “living off the land” techniques targeting the legitimate Windows Management Instrumentation (WMI) service [T1047] and tainting shared content [T1080].

Vice Society actors have been observed exploiting the PrintNightmare vulnerability (CVE-2021-1675 and CVE-2021-34527 ) to escalate privileges [T1068]. To maintain persistence, the criminal actors have been observed leveraging scheduled tasks [T1053], creating undocumented autostart Registry keys [T1547.001], and pointing legitimate services to their custom malicious dynamic link libraries (DLLs) through a tactic known as DLL side-loading [T1574.002]. Vice Society actors attempt to evade detection through masquerading their malware and tools as legitimate files [T1036], using process injection [T1055], and likely use evasion techniques to defeat automated dynamic analysis [T1497]. Vice Society actors have been observed escalating privileges, then gaining access to domain administrator accounts, and running scripts to change the passwords of victims’ network accounts to prevent the victim from remediating. 

Indicators of Compromise (IOCs)

Email Addresses
v-society.official@onionmail[.]org
ViceSociety@onionmail[.]org
OnionMail email accounts in the format of [First Name][Last Name]@onionmail[.]org
TOR Address
http://vsociethok6sbprvevl4dlwbqrzyhxcxaqpvcqt5belwvsuxaxsutyad[.]onion
IP Addresses for C2Confidence Level
5.255.99[.]59High Confidence
5.161.136[.]176Medium Confidence
198.252.98[.]184Medium Confidence
194.34.246[.]90Low Confidence

See Table 1 for file hashes obtained from FBI incident response investigations in September 2022.

Table 1: File Hashes as of September 2022

MD5SHA1
fb91e471cfa246beb9618e1689f1ae1da0ee0761602470e24bcea5f403e8d1e8bfa29832
 3122ea585623531df2e860e7d0df0f25cce39b21
 41dc0ba220f30c70aea019de214eccd650bc6f37
 c9c2b6a5b930392b98f132f5395d54947391cb79

MITRE ATT&CK TECHNIQUES

Vice Society actors have used ATT&CK techniques, similar to Zeppelin techniques, listed in Table 2.

Table 2: Vice Society Actors ATT&CK Techniques for Enterprise

Initial Access
Technique TitleIDUse
Exploit Public-Facing ApplicationT1190Vice Society actors exploit vulnerabilities in an internet-facing systems to gain access to victims’ networks.
Valid AccountsT1078Vice Society actors obtain initial network access through compromised valid accounts.
Execution
Technique TitleIDUse
Windows Management Instrumentation (WMI)T1047Vice Society actors leverage WMI as a means of “living off the land” to execute malicious commands. WMI is a native Windows administration feature.
Scheduled Task/JobT1053Vice Society have used malicious files that create component task schedule objects, which are often mean to register a specific task to autostart on system boot. This facilitates recurring execution of their code.
Persistence
Technique TitleIDUse
Modify System ProcessT1543.003Vice Society actors encrypt Windows Operating functions to preserve compromised system functions.
Registry Run Keys/Startup FolderT1547.001Vice Society actors have employed malicious files that create an undocumented autostart Registry key to maintain persistence after boot/reboot.
DLL Side-LoadingT1574.002Vice Society actors may directly side-load their payloads by planting their own DLL then invoking a legitimate application that executes the payload within that DLL. This serves as both a persistence mechanism and a means to masquerade actions under legitimate programs.
Privilege Escalation
Technique TitleIDUse
Exploitation for Privilege EscalationT1068Vice Society actors have been observed exploiting PrintNightmare vulnerability (CVE-2021-1675 and CVE-2021-34527) to escalate privileges.
Defense Evasion
Technique TitleIDUse
MasqueradingT1036Vice Society actors may attempt to manipulate features of the files they drop in a victim’s environment to mask the files or make the files appear legitimate.
Process InjectionT1055Vice Society artifacts have been analyzed to reveal the ability to inject code into legitimate processes for evading process-based defenses. This tactic has other potential impacts, including the ability to escalate privileges or gain additional accesses.
Sandbox EvasionT1497Vice Society actors may have included sleep techniques in their files to hinder common reverse engineering or dynamic analysis.
Lateral Movement
Technique TitleIDUse
Taint Shared ContentT1080Vice Society actors may deliver payloads to remote systems by adding content to shared storage locations such as network drives.
Exfiltration
Technique TitleIDUse
ExfiltrationTA0010Vice Society actors are known for double extortion, which is a second attempt to force a victim to pay by threatening to expose sensitive information if the victim does not pay a ransom.
Impact
Technique TitleIDUse
Data Encrypted for ImpactT1486Vice Society actors have encrypted data on target systems or on large numbers of systems in a network to interrupt availability to system and network resources.
Account Access RemovalT1531Vice Society actors run a script to change passwords of victims’ email accounts.

Mitigations

The FBI and CISA recommend organizations, particularly the education sector, establish and maintain strong liaison relationships with the FBI Field Office in their region and their regional CISA Cybersecurity Advisor. The location and contact information for FBI Field Offices and CISA Regional Offices can be located at www.fbi.gov/contact-us/field-offices and www.cisa.gov/cisa-regions, respectively. Through these partnerships, the FBI and CISA can assist with identifying vulnerabilities to academia and mitigating potential threat activity. The FBI and CISA further recommend that academic entities review and, if needed, update incident response and communication plans that list actions an organization will take if impacted by a cyber incident.

The FBI, CISA, and the MS-ISAC recommend network defenders apply the following mitigations to limit potential adversarial use of common system and network discovery techniques and to reduce the risk of compromise by Vice Society actors:

Preparing for Cyber Incidents

  • Maintain offline backups of data, and regularly maintain backup and restoration.  By instituting this practice, the organization ensures they will not be severely interrupted, and/or only have irretrievable data.
  • Ensure all backup data is encrypted, immutable (i.e., cannot be altered or deleted), and covers the entire organization’s data infrastructure. Ensure your backup data is not already infected.
  • Review the security posture of third-party vendors and those interconnected with your organization. Ensure all connections between third-party vendors and outside software or hardware are monitored and reviewed for suspicious activity.
  • Implement listing policies for applications and remote access that only allow systems to execute known and permitted programs under an established security policy.
  • Document and monitor external remote connections. Organizations should document approved solutions for remote management and maintenance, and immediately investigate if an unapproved solution is installed on a workstation.
  • Implement a recovery plan to maintain and retain multiple copies of sensitive or proprietary data and servers in a physically separate, segmented, and secure location (i.e., hard drive, storage device, the cloud).

Identity and Access Management

  • Require all accounts with password logins (e.g., service account, admin accounts, and domain admin accounts) to comply with National Institute of Standards and Technology (NIST) standards for developing and managing password policies.
    • Use longer passwords consisting of at least 8 characters and no more than 64 characters in length;
    • Store passwords in hashed format using industry-recognized password managers;
    • Add password user “salts” to shared login credentials;
    • Avoid reusing passwords;
    • Implement multiple failed login attempt account lockouts;
    • Disable password “hints”;
    • Refrain from requiring password changes more frequently than once per year unless a password is known or suspected to be compromised.
      Note: NIST guidance suggests favoring longer passwords instead of requiring regular and frequent password resets. Frequent password resets are more likely to result in users developing password “patterns” cyber criminals can easily decipher.
    • Require administrator credentials to install software.
  • Require phishing-resistant multifactor authentication for all services to the extent possible, particularly for webmail, virtual private networks, and accounts that access critical systems.
  • Review domain controllers, servers, workstations, and active directories for new and/or unrecognized accounts.
  • Audit user accounts with administrative privileges and configure access controls according to the principle of least privilege. 
  • Implement time-based access for accounts set at the admin level and higher. For example, the Just-in-Time (JIT) access method provisions privileged access when needed and can support enforcement of the principle of least privilege (as well as the Zero Trust model). This is a process where a network-wide policy is set in place to automatically disable admin accounts at the Active Directory level when the account is not in direct need. Individual users may submit their requests through an automated process that grants them access to a specified system for a set timeframe when they need to support the completion of a certain task.

Protective Controls and Architecture

  • Segment networks to prevent the spread of ransomware. Network segmentation can help prevent the spread of ransomware by controlling traffic flows between—and access to—various subnetworks and by restricting adversary lateral movement.
  • Identify, detect, and investigate abnormal activity and potential traversal of the indicated ransomware with a networking monitoring tool. To aid in detecting the ransomware, implement a tool that logs and reports all network traffic, including lateral movement activity on a network. Endpoint detection and response (EDR) tools are particularly useful for detecting lateral connections as they have insight into common and uncommon network connections for each host.
  • Install, regularly update, and enable real time detection for antivirus software on all hosts.
  • Secure and closely monitor remote desktop protocol (RDP) use.
    • Limit access to resources over internal networks, especially by restricting RDP and using virtual desktop infrastructure. If RDP is deemed operationally necessary, restrict the originating sources and require MFA to mitigate credential theft and reuse. If RDP must be available externally, use a VPN, virtual desktop infrastructure, or other means to authenticate and secure the connection before allowing RDP to connect to internal devices. Monitor remote access/RDP logs, enforce account lockouts after a specified number of attempts to block brute force campaigns, log RDP login attempts, and disable unused remote access/RDP ports.

Vulnerability and Configuration Management

  • Keep all operating systems, software, and firmware up to date. Timely patching is one of the most efficient and cost-effective steps an organization can take to minimize its exposure to cybersecurity threats. Organizations should prioritize patching of vulnerabilities on CISA’s Known Exploited Vulnerabilities catalog.
  • Disable unused ports.
  • Consider adding an email banner to emails received from outside your organization.
  • Disable hyperlinks in received emails.
  • Disable command-line and scripting activities and permissions. Privilege escalation and lateral movement often depend on software utilities running from the command line. If threat actors are not able to run these tools, they will have difficulty escalating privileges and/or moving laterally.
  • Ensure devices are properly configured and that security features are enabled.
  • Disable ports and protocols that are not being used for a business purpose (e.g., RDP Transmission Control Protocol Port 3389).
  • Restrict Server Message Block (SMB) Protocol within the network to only access servers that are necessary, and remove or disable outdated versions of SMB (i.e., SMB version 1). Threat actors use SMB to propagate malware across organizations.

REFERENCES

REPORTING

The FBI is seeking any information that can be shared, to include boundary logs showing communication to and from foreign IP addresses, a sample ransom note, communications with Vice Society actors, Bitcoin wallet information, decryptor files, and/or a benign sample of an encrypted file.

The FBI, CISA, and the MS-ISAC strongly discourage paying ransom as payment does not guarantee victim files will be recovered. Furthermore, payment may also embolden adversaries to target additional organizations, encourage other criminal actors to engage in the distribution of ransomware, and/or fund illicit activities. Regardless of whether you or your organization have decided to pay the ransom, the FBI and CISA urge you to promptly report ransomware incidents to a local FBI Field Office, or to CISA at report@cisa.gov or (888) 282-0870. SLTT government entities can also report to the MS-ISAC (SOC@cisecurity.org or 866-787-4722).

DISCLAIMER

The information in this report is being provided “as is” for informational purposes only. The FBI, CISA, and the MS-ISAC do not endorse any commercial product or service, including any subjects of analysis. Any reference to specific commercial products, processes, or services by service mark, trademark, manufacturer, or otherwise, does not constitute or imply endorsement, recommendation, or favoring by the FBI, CISA, or the MS-ISAC.

Revisions

September 6, 2022: Initial Version

Source :
https://www.cisa.gov/uscert/ncas/alerts/aa22-249a

How To Improve Cumulative Layout Shift (CLS) on WordPress

Table of Contents

What is Cumulative Layout Shift (CLS) and Why it Matters?

The Cumulative Layout Shift is a Core Web Vital metric and measures how visually stable the page is. The visual stability is calculated by how many unexpected layout shifts occur without interacting with the page. Every time the content shifts — not because you clicked on a link and so on — counts as a layout shift.

The sum of all these shifts determines the Cumulative Layout Shift score.

How many times have you been reading an article, and the content moved down because of some new ads? Or, have you ever tried to click on a button and ended up clicking on another link because a new big image suddenly pushed the content down?

All these examples are layout shifts — they’re caused by some elements on the page being unstable and changing their position on the page.
Elements change their position due to different reasons. For instance, a new image or an ad loading above-the-fold (at the top of the page) forces some content to go down and occupy another section of the page.

You can imagine how annoying this experience is for users.

That’s why Cumulative Layout Shift is one of the three Core Web Vitals metrics assessing a page’s user experience. Alongside Largest Contentful Paint and First Input Delay, CLS will roll out as part of the Page Experience ranking factor in June 2021.

The Cumulative Layout Shift accounts for 15% of the PageSpeed score and it’s a highly relevant metric for user experience and the new ranking factor. Therefore, it could also affect your SEO performance.

What’s a Good CLS Score

Cumulative Layout Shift

As we explained, the CLS is the sum of all the unexpected content shifts occurring on the page. According to the sum of all the shifts, your CLS grade could pass Google’s assessment or not.

good CLS score should be equal to or less than 0.1.

A CLS score between 0.1 and 0.25 means that the performance “needs improvements”.

The grade is “poor” if  CLS is more than 0.25.

How to Find and Measure the Cumulative Layout Shift (CLS)

There are several ways to measure the CLS score, both from Lab and Data tools. Here are the most popular tools you can use:

You can better understand the difference between Lab and Field Data in our dedicated post on PageSpeed Insights.

Let’s see how PageSpeed Insights and Search Console can help you find and measure Cumulative Layout Shift.

Measuring and Finding CLS with PageSpeed Insights

PageSpeed Insights is one the best tools to measure and find Cumulative Layout Shift.

The tool provides you with the CLS score from the Lab and Field data so that you can measure both controlled and user data.

PageSpeed Insights also shows you the potential elements causing a layout shift.

The example below shows a bad score for CLS, both for the Field and Lab Data:

PageSpeed score - Bad CLS grade

Jumping to the Diagnostics area, you can find what is causing the issue under the  “Avoid large layout shift” section.

In this case, there’s only one element affecting CLS. It’s a preformatted text included on the page to explain how to measure CLS in JavaScript:

Avoid large layout shifts - PageSpeed Insights

As you can see, PSI gives you the score related to each element so that you can understand how much every element contributes to the overall CLS score.

If you have more than one element listed in this section, you should start fixing the ones that contribute the most to the bad grade. It’s likely that by fixing the most relevant issues, you’ll get a score good enough to pass Google’s assessment.

Note: Let’s say that you get a bad Field grade and a good Lab one — yes, it could happen! In that case, you should make sure you get a good score for CLS in the Field Data, too. Keep in mind that Field Data is related to the real user experience.
As for CLS, Lab Data only considers layout shifts during page load. On the other hand, Field Data counts all the layout shifts during the whole visit, from entry until the page is closed. Therefore, it’s more representative of your site than the Lab Data. It’s no coincidence that Google uses field Data for search rankings.

Measuring and Finding LCP on Search Console

In addition to measuring the CLS score and finding the elements causing layout shifts, you should analyze the sitewide performance.

The Core Web Vitals report in Search Console is the best way to find all the URLs affected by the same issue. For instance, in the Mobile or Desktop report’s Details tab, you may read “CLS issue: more than 0.1 (mobile)”.

By clicking on the specific row, you’ll find a list of URLs that need to be fixed for the same reason.

Search Console Report - CLS issues

Once you solve the issue, it will be easy to validate the fix for all the pages affected by the same problem.

Let’s now understand what causes a bad CLS score and how you can solve it.

What Factors Affect CLS and Cause a Slow Score

The most common factors of a poor Cumulative Layout Shift grade on WordPress are:

  • Images and videos without dimensions
  • Ads, embeds, and iframes without dimensions
  • Web Fonts causing Flash of Unstyled Text (FOUT) or Flash of invisible text (FOIT)
  • Actions waiting for a network response before updating DOM (especially for ads)
  • Dynamically injected content (e.g., animations).

Keep in mind that CLS has the most significant impact on mobile — the most critical and challenging device for optimizing performance. There are several reasons, from a smaller viewport to a challenging mobile network and a weaker Central Processing unit (CPU).

Images and Videos Without Dimensions

Images and videos without dimensions are a common cause for a layout shift.

If you don’t specify the width and height size attributes, the browser doesn’t know how much space has to allocate while loading these elements. Likely, the space reserved won’t be enough. As a result, once these elements are fully loaded, they will take more space than expected — the content already displayed will shift.

You can solve this issue by including image dimensions on images and video elements in different ways. We’ve got you covered in the dedicated section!

Ads, Embeds, and Iframes Without Dimensions

The same “dimension” issue goes for ads, embeds, and iframes. Once again, not reserving enough space makes these dynamic elements push down the content already displayed. Therefore, new layout shifts will occur on the page.

You’ll manage this problem by assigning fixed dimensions to the ads and managing the size reserved for such elements through specific tactics.

Web Fonts Causing Flash of Unstyled Text (FOUT) or Flash of Invisible Text (FOIT)

Web fonts can cause layout shifts, plus a pretty unpleasant user experience while rendering the page. It’s about how slow the fonts load. You might face two different issues: Flash of Unstyled Text (FOUT) or Flash of invisible text (FOIT).

On the one hand, you could see the text on the page with a “not-so-good” style (FOUT). It’s because the custom font takes a bit to load. In the meantime, you’ll see the fallback font. Once the custom font is ready, it will replace the fallback one. You’ll then see the font changing on the page — and the content will inevitably shift.

On the other hand, you could wait a bit before seeing any text displayed. It’s because the custom font is still being loaded (FOIT). You’ll see the content on the page only after the custom fonts have been rendered. Once fully loaded, that content might cause a layout shift.

The main way to solve this issue is to preload fonts, as you’ll read in a minute.

Actions Waiting for a Network Response Before Updating DOM & Content Injected on the Page

Animations and dynamic content injected on the page — such as banners, ads, or Instagram feeds —  can also cause a layout shift. Once again, it’s because there’s not enough space reserved for such elements.

At this point, you know how essential it is to allocate space for the elements that engage users and shouldn’t ruin the user experience.

Let’s see how to fix these problems.

You can read our in-depth and detailed guide, or you can jump to the video that shows how to improve CLS with WP Rocket!

How to Fix a Cumulative Layout Shift More Than 0.25 s or 0.1 s on Mobile and Desktop

If you want to avoid large layout shifts on your WordPress site, here’s how you can reduce a bad CLS score (with and without plugins):

1. Include Width and Height Size Attributes on Images and Video Elements

2. Preload Fonts (And Optimize Them)

3. Manage Space and Size for Ad Slots

4. Manage Space for Embeds and Iframes

5. Manage Dynamic Content

6. Prefer the CSS Transform Property for Animations

By going over each point, you’ll understand how to fix the Search Console status: CLS issue: more than 0.25s or CLS issue: more than 0.1s, both from mobile and/or desktop.

🚀 For each of our recommendations, you’ll find a piece of information about its performance impact — from low to high. The higher the impact is, the higher chance that the Cumulative Layout Shift grade will improve after following that specific recommendation.

Some best practices to avoid large layout shifts don’t include a specific solution — they’re more about managing well space for ads and other crucial elements.

1. Include Width and Height Size Attributes on Images and Video Elements

Performance impact: high 🚀🚀🚀

One of the simplest ways to fix CLS is to include the width and height attributes on your images and video elements in your WordPress CMS:

Setting image dimensions fixes CLS

WordPress adds image dimensions by default. So, this action should be automatically solved.

In case you’re facing any issue, keep in mind that WP Rocket automatically includes any missing “width” and “height” values to images.

You only have to select the “Add missing image dimensions” option in the Media tab. Fast and straightforward as that!

You can easily add missing image dimensions.

Another way to solve this issue is to take advantage of the CSS aspect ratio boxes and let the browsers set the default ratio of images.

Simply put, you should include the width or the height attribute and set the aspect ratio using CSS. The browser will figure out the missing attribute and get the image dimensions before rendering the page. By doing so, it will allocate the space needed while the image is loading. As a result, the content won’t move around, and layout shifts will be avoided.

It’s helpful information to keep in mind because many plugins, such as YouTube video embed ones, use aspect-ratio on their output.

Don’t forget about responsive images! You can use the srcset attribute:

<img
width="1000"
height="1000"
src="puppy-1000.jpg"
srcset="puppy-1000.jpg 1000w, puppy-2000.jpg 2000w, puppy-3000.jpg 3000w"
alt="Puppy with balloons"
/>

SourceGoogle

Thanks to srcset, the browser can choose between a set of images and related sizes. Keep in mind that images should use the same aspect ratio to set image size.

By including size images, you’ll serve images with correct dimensions and address the PageSpeed Insights opportunity.

2. Preload Fonts (And Optimize Them)

Performance impact: low (high only if the site had large text) 🚀

As we explained, if web fonts don’t load fast, they cause a terrible user experience and affect the CLS grade.

As a best practice for avoiding layout shifts, you should preload fonts.

By preloading fonts, you’ll tell the browser to load the fonts as one of the top-priority resources. When rendering the page, the browser will load the fonts as fast as possible. As a result, the browser will likely include the fonts in the first meaningful paint — that’s when the page’s primary content is fully loaded and displayed. In that case, no layout shift will occur.

You can add  the rel=preload to the key web fonts:

<link rel="preload" href="font.woff2" as="font" type="font/woff2" crossorigin>

Did you know that you can easily preload fonts with WP Rocket? In the dedicated tab, you only have to include the URLs of the font files to be preloaded:

Preload tab - Preload fonts feature

Please note that it’s useful to enable this WP Rocket option only if you have not activated the Remove Unused CSS feature (File optimization tab). If RUCSS is activated, you don’t need to activate the Preload fonts option.

By preloading fonts, you’ll address the “Ensure text remains visible during Webfont load” PageSpeed Insight recommendation.

There’s more to this point. To prevent any FOIT and FOUT issues, you should combine the rel=preload (or the WP Rocket feature enabled) with the CSS line font-display: optional.

The CSS font-display descriptor determines how font files are downloaded and displayed by the browser.
With font-display: optional, the browser will download and cache the font files to make them immediately available for rendering. So, even though font-display has several values, optional is the one you should use.

Another useful tip to reduce the FOUT issue is to add the display:swap;missing on font-display properties. WP Rocket can help you do it if you minify/combine CSS files.

There are other ways to load fonts faster:

Convert the icon fonts to SVG. Font icons take a while to load and don’t help accessibility. There’s no reason to use them. Using SVGs, the font will render faster, and you will load the exact fonts you need.

Make multiple font formats available. By doing so, the browsers will pick the compatible format and only load its font. Here is some information about font formats that you may find helpful:

  1. Avoid TTF. It’s usually 10 – 20% more heavy than WOFF.
  2. Use SVG for Safari. It’s usually a bit smaller than WOFF.
  3. Use WOFF2 for modern browsers. It’s the smallest size – around 30% smaller than WOFF and SVG.
  4. Implement WOFF as a fallback when SVG or WOFF2 can’t be used.

Host your fonts locally or use a CDN to cache them. You’ll avoid any delay and deliver fonts faster.

Optimize your fonts to make them as small and fast as possible. As for Google Fonts, did you know that WP Rocket automatically takes care of them?

By applying these recommendations, you’ll optimize your fonts and avoid several layout shifts. You’ll address the PSI recommendation: “Ensure text remains visible during webfont load” on your WordPress site.

3. Manage Space and Size for Ad Slots

Performance impact: high 🚀🚀🚀

There are several best practices to avoid any layout shift for ads:

  • Assign fixed dimensions to the ads so that you’ll reserve enough space for the ads to be loaded.
  • Reserve the biggest possible space for ads. Historical data come in handy to assess what’s the best dimension for each ad slot.
  • Keep every space reserved for ads that have not been displayed. In other words, you shouldn’t collapse any area on the viewport. You could rather include a placeholder or a fallback element.
  • Place non-sticky ads in the middle of the page — anyway, far from the top of the viewport.

The Delay JavaScript Execution feature provided by WP Rocket can help you control dynamic content above the fold like Google Ads. The feature can be used to stop dynamic interaction, content injection (ads), and dynamic class changes until there is an interaction on the page.

Once again, you’ll address the “Serve images with correct dimensions” PSI recommendation. The same goes for the next section.

4. Manage Space for Embeds and Iframes

Performance impact: high 🚀🚀🚀

The recommendations for managing embeds and iframes are similar to the ones for ads.

In particular, you should precompute enough space for such elements. Once again, historical data can be useful to understand how much space you should reserve.

Placeholder or fallback is an excellent solution to manage the unknown embed size.

5. Manage Dynamic Content

Performance impact: high 🚀🚀🚀

Dynamic content such as banners can also affect Cumulative Layout Shift. That’s why you should avoid displaying new content unless it’s triggered by user interaction. As you know, CLS counts only the layout shifts that occurred when users are not interacting with the page.

As explained in the “Manage Space and Size for Ad Slots” section, you can take advantage of the Delay JavaScript Execution option provided by WP Rocket to control dynamic content above the fold.

By managing dynamic content, you’ll take care of the following PageSpeed recommendations:

  • Avoid large layout shifts
  • Avoids enormous network payloads.

6. Prefer the CSS Transform Property for Animations

Performance impact: low 🚀

The last best practice to ensure visual stability is to take care of animations. You can use the CSS property: transform, which doesn’t trigger any layout changes.

You’ll address the “Avoid non-composited animations” PageSpeed recommendation.

Source :
https://wp-rocket.me/google-core-web-vitals-wordpress/improve-cumulative-layout-shift/