Two severe vulnerabilities in the NextGEN Gallery WordPress plugin could have exposed more than 800,000 websites to complete takeover, WordPress security company Defiant reported on Monday.
Available for more than a decade, the plugin provides users with a broad range of gallery management capabilities, such as batch upload of photos, metadata import, thumbnail editing, photo and gallery management, and more.
In December 2020, security researchers with Defiant’s Wordfence team discovered two cross-site request forgery (CSRF) vulnerabilities in the popular plugin, the most severe of which could lead to remote code execution (RCE) and stored cross-site scripting (XSS).
“Exploitation of these vulnerabilities could lead to a site takeover, malicious redirects, spam injection, phishing, and much more,” the security researchers say.
Tracked as CVE-2020-35942, the first of these issues features a CVSS score of 9.6 and affects one of the plugin’s security functions, is_authorized_request.
Because NextGEN Gallery supports the upload of custom CSS files, the vulnerability allows for the upload of arbitrary code with double extensions, such as .php.css, and have code in them executed on certain configurations, remotely. Code execution was also possible on configurations not vulnerable to double extensions, because of a “Legacy Templates” feature.
An attacker able to execute code remotely on a vulnerable website would be able to essentially take over the site. A similar result can be achieved via XSS, if a logged-in administrator visits a malicious page (which would likely require social engineering tactics).
Tracked as CVE-2020-35943, the second vulnerability is considered high severity (CVSS score of 8.8) and resides in the validate_ajax_request security function that was implemented for various AJAX actions. A logic flaw in the function would result in requests being processed if a specific parameter was missing.
“This made it possible to trick an administrator into submitting a request crafted to upload an arbitrary image file. While the uploaded file had to be a valid image file, it is possible to hide a webshell or other executable PHP code within such an image file,” Wordfence explains.
By setting the image file as Legacy Template, an attacker could combine the flaw with the previously described vulnerability and abuse it for code execution. However, the attacker would have to convince an administrator to click on a link resulting in these requests being sent.
Wordfence reported these vulnerabilities to the plugin’s publisher, Imagely, on December 14, 2020, and a patched version of the plugin was published three days later. Site admins should make sure they are running NextGEN Gallery version 3.5.0 or later, to be protected.
eCommerce websites need to be fast, easy to use, and great at conquering search engine results on sites like Google. But how can you achieve this without any web development experience?
Finding good eCommerce development companies is one of the best ways to solve this problem, but this creates the challenge of finding the right provider for your project. To make this easier, we’ve broken down 10 of the best web development companies across the US.
1. eFlair Webtech
Building a successful eCommerce website takes experience and expertise; two things eFlair Webtech offers in abundance. This company makes the first entry on this list thanks to its sterling reputation, an impressive portfolio, and affordable pricing, but it doesn’t stop here.
eFlair’s engineers and developers work with some of the most popular eCommerce platforms in the world. This includes WordPress (WooCommerce), Opencart, Magento, and Shopify, but it isn’t limited to these platforms. You can build just about any type of eCommerce website you need with the help of eFlair.
Alongside the company’s skills, eFlair Webtech also offers comprehensive support and aftercare for each of its projects. This means that you can get help with your eCommerce site whenever you need it, including out-of-hours thanks to eFlair’s international team.
Price is one of the most crucial factors when embarking on an eCommerce development project, and this is one area where eFlair stands out amongst its competitors. You can build your website for as little as $25 per hour with eFlair Webtech, making this the most affordable option on our list.
As well as offering excellent eCommerce development services and unparalleled customer service, eFlair can also help with app development, UI/UX design, and much more. You can book a consultation to get your development project off the ground using the contact form on eFlair’s website. This eCommerce development company boasts an impressive 4.9-star average review rating on Google.
Locations
Atlanta (USA), Vijayawada (India), and Bangalore (India)
Key Services
eCommerce web development, app development, UX/UI design
Pricing
$25 to $40 per hour
2. Bachoo
Founded back in 2015, Bachoo is a great example of a modern website development company. While this company’s website is a little busy and complicated, it serves as a great showcase of the broad skillset found at Bachoo.
While Bachoo offers eCommerce website development services, this company specializes in launching new products online. This means that they can handle market research, marketing, and every other stage of your product’s launch.
Unlike other eCommerce development companies, Bachoo projects are usually built from the ground up, rather than using an existing CMS system. This makes projects more expensive, but the results are backed up by a 5-star Facebook review rating.
Locations
Los Angeles (USA)
Key Services
Product development, eCommerce development, Data analysis
Pricing
$50 to $100 per hour
3. Elogic Commerce
Elogic Commerce, as its name suggests, specializes in online commerce platforms. This company works with platforms like Adobe Commerce, Shopify, and BigCommerce to offer rapid development services at a relatively low price point.
This company has been in the market for 13 years and has launched more than five hundred projects. While Elogic works fast, the quality of your website will not be compromised, with each step of the development process being carefully managed to ensure the best results. Elogic Commerce has an average Google Review score of 4.8 stars.
With page after page of eCommerce websites in its portfolio and 23 years of work behind it, Absolute Web is truly a veteran of the industry. This company works with Magento, Shopify, and BigCommerce to create eCommerce websites that promise to convert.
Working from the USA and Europe, this company can provide flexible support at times that suit its customers. This is great for eCommerce website owners, as it ensures that you never risk losing sales thanks to website outages. Absolute Web has an average 5-star rating on Google Reviews.
Locations
USA, Portugal, and Ukraine
Key Services
eCommerce website development, Web development
Pricing
$100 to $150 per hour
5. Magneto IT Solutions
Having worked with the likes of HP, Hyundai, and ESPN, Magneto IT Solutions creates high-quality eCommerce websites that are made to scale. This eCommerce development company uses Magento to build its websites, alongside a range of other useful tools that make it easier to get a steady stream of sales moving.
Locations
USA, Saudi Arabia, UK, Australia, Bahrain, and India
Key Services
eCommerce website development, Marketing
Pricing
$50 to $100 per hour
6. ITGeeks
ITGeeks specializes in working with Shopify. While this can be limiting for certain eCommerce projects, it is great for those looking to use this platform. ITGeeks can make unique Shopify themes, develop add-ons for your website, and work to maintain the store you build.
This company is pricier than many of the other options on this list, but this cost comes with an average 4.8-star Google Review rating. Many eCommerce development agencies struggle to reach a review score like this.
Locations
USA and India
Key Services
Shopify website development, Shopify management
Pricing
$100 to $150 per hour
7. PurpleFire
Alongside providing eCommerce web development services, PurpleFire also works to optimize the conversion rate of the sites it builds. This means that you can get a beautiful online store on Shopify, WooCommerce, or Magento, all while enjoying rapid sales growth. Like other eCommerce development agencies, PurpleFire has offices in a range of different countries.
Locations
USA, UK, Denmark, Canada, and Singapore
Key Services
Shopify website development, Marketing
Pricing
$50 to $100 per hour
8. Dedicated Developers
Dedicated Developers is one of the USA’s top eCommerce development companies. Alongside making online stores, this company can help with app and software development, as well as offering full-stack web development.
Dedicated Developers boasts an impressive 5-star average review rating on Google Reviews. Alongside the wide range of successful projects under this company’s belt, this shows that it is a good choice for anyone looking for an eCommerce website that is developed from the ground up.
Locations
USA, UK, and Australia
Key Services
Full-stack web development, app development, software development
Pricing
$50 to $100 per hour
9. GoMage
GoMage has an impressive website that serves as a showcase for the company’s attention to detail and design standards. Like many top eCommerce development agencies, GoMage specializes in a single CMS platform; Magento.
As well as securing a 4.9-star average review rating on Google, GoMage is also an Adobe Solution Partner. GoMage can also work on web design, consulting, website optimization, and PWA development. This company operates from Austin and Amsterdam.
Locations
USA and Netherlands
Key Services
Magento eCommerce Development
Pricing
$50 to $100 per hour
10. Caveni Digital Solutions
Caveni Digital Solutions is the most expensive option on this list, but it also covers an extremely wide scope. This company can design and build your eCommerce website, develop a brand to go with it, and help with all of the marketing work it takes to make it popular. This is great for projects that require a full-service approach.
Based in Philadelphia, Caveni leaves a trail of positive reviews in its wake, and the company has a dense portfolio filled with great websites. This company has an average 5-star review rating on Google, making the price tag well worth it for many businesses.
Locations
USA
Key Services
Full-service eCommerce design, development, and launches
Pricing
$200 to $300 per hour
Exploring Top eCommerce Development Companies in the USA
Choosing any service provider takes research, but that doesn’t mean that you have to do it for yourself. All of the companies on this list have a 4-star or higher average on Google Reviews, while also providing excellent value for the services they provide. This makes them great choices for any company looking for eCommerce development services.
You need a website. Every web hosting (opens in new tab) provider in the world tells you it’s so easy to make that happen. But then you look down their product and feature lists, and they’re crammed with cryptic jargon, obscure technologies and services that you don’t fully understand.
Do you need WordPress or WooCommerce (opens in new tab), for instance? Is it worth paying extra for NVMe? Is an Uptime Guarantee a feature worth having? And what is a vCore, anyway?
This matters, because you can’t make sensible buying decisions until you know exactly what each hosting plan offers. Fortunately, you’ve come to the right place. In this article you’ll find explanations of all the most common web hosting jargon, and details on why they could be really important for you.
Web hosting glossary
Apache
Apache HTTP Server is a hugely popular open-source web server application used to serve websites across the internet.
Although Apache is most web host’s server of choice, it’s not the only option. Windows servers typically use IIS, for instance, while some hosts offer specially tuned NGINX or LiteSpeed servers which they say deliver better performance.
Caching
When a visitor views a page on your website, the server may have to load text, images, scripts and other database content, then convert all that data into a page ready for your browser. There’s a lot to do, and the real problem is that when the next visitor arrives, the server has to do it all over again.
Caching is a feature where the server saves some or all of the page (often into a CDN) for reuse later. Then, when a browser accesses the same content, the server can retrieve it from the speedy cache, reducing server load and (potentially) drastically cutting download times.
All web servers come with basic caching, but some web hosts boast about having their own hand-tuned performance-optimized caching setups. That’s good news, but don’t take claims like ‘pages load up to 300% faster!’ as a guarantee. Caching benefits vary hugely depending on your website, and the only way to find out for sure is to try that host.
Even if your web host doesn’t have a special caching scheme, you can add some yourself. If you’re using WordPress, for instance, then there are a bunch of excellent caching plugins ready to accelerate your site. Check out WP Rocket, WP Super Cache and W3 Total Cache to get started.
(Image credit: Akamai)
CDN
A Content Delivery Network (CDN (opens in new tab)) is a collection of servers spread around the world which is used to help speed up the delivery of web content.
If your website is hosted in the US, for instance, then a visitor from Asia sees slower loads times as your content must travel around the world. But use a CDN and copies of your content are hosted in countries around the world, allowing your Asian visitors to download files from a speedy server far closer to them.
Some web hosting plans list a free CDN as a feature, and if your website has a global audience, this could be an advantage. Keep in mind that some CDNs (including Cloudflare (opens in new tab)) already offer free plans, though, and even if a host doesn’t explicitly support CDNs, experienced users can set one up themselves.
Cloud hosting
Buy standard hosting, and your website is usually hosted on a single server. But with cloud hosting (opens in new tab), your site uses the resources of multiple servers.
Advantages of cloud hosting include improved reliability (if one server fails, the others take over), and the ability to easily cope with increased demand. If your site goes viral and suddenly you’ve ten times more visitors, for instance, you can add extra cloud resources to help you cope.
This extra power means cloud hosting is more expensive than the shared hosting competition, but it’s still very affordable. For example, Hostinger (opens in new tab) has plans from around $10 a month, and DreamHost’s basic DreamCompute plan starts at a monthly $4.50.
(Image credit: Shutterstock/Panchenko Vladimir)
CMS
A Content Management System (CMS (opens in new tab)) is an application which makes it easier to design, build and manage a website. You don’t have to know about HTML, CSS, scripts or any of the other usual low-level web technology, because the CMS has all the tools you need.
WordPress is the most commonly-used CMS by a very long way, but other popular platforms include Drupal (opens in new tab), Shopify (opens in new tab) and Wix (opens in new tab).
cPanel
Many web hosting plans give you access to cPanel, a powerful but easy-to-use web dashboard which gives you everything you need to manage your website. Upload or browse files, create email accounts, set up domains, manage databases, there’s a tool for every big task you can imagine (and most of the small ones.)
CPanel (opens in new tab) is our preferred hosting control panel, not only for its features, but also because it’s supported by so many hosts. GoDaddy, Bluehost, A2 Hosting and SiteGround (opens in new tab) all use cPanel, for instance, so if you sign up with one host, but later move to another, you won’t have to learn a new control panel from scratch.
If your hosting needs are simple, though, you might spend 15 minutes in a control panel when you set up your site, then barely look at it again. We would still prefer a web host to offer cPanel, but it doesn’t make much difference, and it’s likely that any control panel will deliver what you need.
Dedicated IP
Sign up for a simple shared hosting (opens in new tab) plan and you’ll share a web server, and that server’s IP address, with perhaps hundreds of other websites. If some of those are engaged in dubious activities, such as sending spam, that IP address could be blacklisted, and that could impact on your own (your emails may be more likely to be flagged as spam, say).
Buy a plan with a dedicated IP and it’ll only be used by you, ensuring other websites can’t hurt your reputation. And there are plenty of other benefits, too, like the ability to access your website by IP address alone, or to run your own FTP or gaming servers.
Dedicated IPs don’t have to be expensive, either. HostGator’s Business Plan throws one in for free, and is priced from $5.25 a month.
Dedicated server
The premium product in the web hosting world, buying a dedicated server (opens in new tab) gets you an entire physical server allocated just to your website. There’s no resources shared with anyone else, no other accounts or websites to get in your way, ensuring you get full control and the maximum possible speeds from your hardware.
The main downside is the price. Shared hosting can cost less than $5 a month; dedicated servers (opens in new tab) can cost hundreds.
Running a web server can involve handling more complex tasks, too, such as setting up a firewall or installing software updates. If you don’t want to do this, look for a ‘managed’ hosting option, where the web host looks after these details for you.
(Image credit: Shutterstock)
Domain name
The name used to access a website, such as techradar.com, is a domain name.
Sign up for web hosting and many plans give you a domain name (opens in new tab) free for the first year. If you’ve had an idea for a great business name but don’t need web hosting yet, you can also buy a domain name alone from a hosting provider or a domain registrar (opens in new tab).
Expect to pay somewhere around $10 to $20 a year for the most common top-level domains (.com, .org), although some of the more recent TLDs can cost $40-$80 a year, or even more.
Domain privacy
Buy a domain and your name and contact details are normally added to a public register. Sounds like a good idea, as it allows everyone to see who’s behind a website, but there’s a problem. Scammers harvest email addresses from the register, and then send domain owners endless spam about their app and web design services, SEO and other ‘offers.’
Pay for a domain privacy service when you buy a domain and the privacy service details appear in the register, instead of yours, keeping the flood of spam at bay. We think it’s a feature well worth having, but look out for the price. Providers including IONOS, DreamHost and Namecheap (opens in new tab) offer the service for free, but others might charge $10-$15 a year.
FTP/ SFTP
File Transfer Protocol (FTP (opens in new tab)) is a standard method used to transfer computer files between a server and a remote computer.
If a host supports FTP, the chances are it’ll also support SFTP (Secure File Transfer Protocol), an extended version which adds more security features.
Most users don’t have to learn about FTP or any of the other low-level technical file transfer details. If your web hosting plan includes cPanel, for instance, you can use its File Manager to upload or download files in a couple of clicks.
Businesses, though, might use FTP to allow employees to securely access or share potentially huge files from their own web space. It’s very old technology, with minimal security and few features, but it’s simple and you can have an FTP server up and running in minutes.
HTTP, HTTP/2, HTTP/3
HTTP (HyperText Transfer Protocol) is a standard set of rules for transmitting data across networks and the internet. The most commonly used version is HTTP/1.1, but some hosting plans go further.
HTTP/2 and HTTP/3 are the latest versions of HTTP/3. They’re optimized for speed, and choosing a hosting plan with HTTP/2 or HTTP/3 support can make a real difference to your website performance (HTTP/3 can be three times faster than HTTP/1.1 in some situations).
Web hosts don’t all support HTTP/2 and HTTP/3 yet, but there are good value deals around if you’d like to try the technology out. A2 Hosting’s Turbo plans support HTTP/3, NVMe SSD and other high-performance technologies from under $10 a month.
Jetpack
A hugely popular WordPress plugin (opens in new tab) which comes in many versions, each absolutely stuffed with features: backups, malware scanning, a free CDN, anti-spam, website stats, site search, even cloud-hosted video streaming.
Jetpack is often bundled with WordPress hosting (opens in new tab) platforms, but the exact features you’ll get depends on the version your provider supplies. Check its feature list for the details.
Linux
Most web servers are powered by Linux, a popular family of open-source operating systems renowned for its reliability, configurability and performance. Your web server operating system doesn’t make any real difference to simple websites, but if you’re signing up for a VPS, dedicated or other high-end plan, most hosts will offer you a choice of Linux flavors, or even Windows (see ‘Windows hosting’).
Managed hosting
Buy a dedicated server (and sometimes other products) from a web host and you’ll typically have two support options.
Unmanaged hosting (opens in new tab) is cheaper, but gets you support for the hardware only. Your host will replace a faulty server component, but it won’t configure the operating system, install patches, or monitor it to confirm everything is running smoothly.
Managed web hosting (opens in new tab) is relatively expensive, but your provider supports the hardware and core software. It might configure a firewall or tweak server settings to provide the best security, then install server updates as necessary, and watch key server processes for problems, detecting and fixing issues as soon as they appear.
Migration
In hosting terms, ‘migration’ generally refers to moving your website from one web hosting provider to another – providers may also call this a ‘site transfer’.
Some web hosts offer free migrations, and these usually make your life much easier. Sign up with your new host, and they’ll give you an easy way to move your site from the old provider to your new web space.
Beware, though. Providers may not migrate sites from all hosts, and there are usually all kinds of complications and issues (you might not be able to migrate from sites which don’t use cPanel, for instance, or move a site from one domain to another). Check the small print carefully before you sign up.
MySQL
An open-source database management system, commonly used to create and manage the databases used by WordPress and other top apps.
There are plenty of MySQL alternatives which might work better in some situations – MariaDB, MongoDB, PostgresQL, more – but unless you’ve very specific website needs, this isn’t an issue to worry about: MySQL will deliver everything you need.
NVMe
Non-Volatile Memory Express (NVMe) is an ultra-fast standard for accessing solid-state drives. A hosting plan which offers NVMe SSD storage should allow a server to read and write your website content at very high speeds. That may not help much with small or simple sites (if there’s little content to load, storage speeds are unlikely to be a bottleneck), but it could make a real difference with more heavy-duty, high-traffic projects.
SFTP
See FTP.
Shared hosting
Shared hosting (opens in new tab) is a type of hosting where multiple websites are stored on the same physical server.
The main advantage of shared hosting is you’re spreading the cost of the server across many accounts, which can make for rock bottom prices.
The big issue is you’re sharing the server’s hard drive, CPU and network connection with all these other sites, too, potentially cutting your website speeds to a crawl. If you need more power, consider upgrading to VPS (opens in new tab) or dedicated hosting for the best results.
SiteLock
SiteLock (opens in new tab) is a security platform which uses multiple technologies to protect your website from harm.
The basic SiteLock plan offered by some web hosts usually includes automated backups and malware scanning, where the service checks for malicious content and raises an alert if anything crops up.
The high-end SiteLock plans add the ability to automatically remove malware, an option to detect missing website security patches, a content delivery network to accelerate website speeds, and even a Web Application Firewall to block malicious traffic before it can cause any harm.
There’s a lot of power here and the backup feature alone may be worth having. Web hosts vary in the features they support, though, so check carefully before you add SiteLock as an option.
Site transfer
See Migration.
SLA
A service-level agreement (opens in new tab) (SLA) defines the service you can expect from a web host, and what you might get if that level of service isn’t delivered.
Budget shared hosting plans typically don’t have any significant SLA. Check the small print and you’ll probably see something like ‘we promise to do our best to keep your site up and running, but if it goes down, that’s not our fault and we’re not liable.’
Dedicated hosting plans from high-end providers can be very different. Liquid Web’s SLA promises a live chat or phone response time of under one minute; a ticket reply within 59 minutes; faulty hardware to be replaced within 30 minutes, and its network to be up 100% of the time. If this doesn’t happen, the company pays: if your ticket reply takes three hours instead of one, your account is credited with 20 hours hosting time (that’s 10x the overrun).
Although an SLA is a good indicator that a host is serious and knows what it’s doing, there’s no way to guarantee your site will always stay up. If the web server needs maintenance, for instance, then it might be down for a while, and that probably won’t be covered by an SLA.
Softaculous
A clever tool which many web hosts provide to help you install popular web applications on your site. In a click or two you can have Softaculous (opens in new tab) install WordPress, Joomla, Drupal, ecommerce apps, image galleries, calendars and more, with no special technical required.
Some web hosts specifically list ‘Softaculous’ in their hosting plan feature lists, but if you don’t see it, look for something like ‘1-click installer.’ That typically refers to Softaculous or a competing product which does much the same thing.
SSD
Web hosts sometimes give you a choice of the type of storage device used to store your website.
An SSD (Solid State Drive) is fast, but a little more expensive; an HDD (opens in new tab) (Hard Disk Drive) is slower, but cheaper, and usually allows you to use higher capacity drives.
Most shared hosting users won’t get this choice, but you might see ‘SSD’ included in the hosting plan feature list somewhere.
If you’re buying a dedicated or other high-end hosting product, though, it could be relevant. For instance, at the time of writing Hostwinds (opens in new tab)‘ starter dedicated server plan is priced at $152 a month with a 1TB SSD, but $122 a month with a 1TB HDD, and even switching to a huge 3TB HDD only lifts the price to $137.
SSL certificate
A data file which allows website visitors to make secure encrypted HTTPS connections to a website, giving them that reassuring padlock in their address bar.
If your website doesn’t have an SSL certificate (opens in new tab) (sometimes called a digital certificate), visitors will see ‘Not secure’ messages on every page, which won’t give them a good impression. Fortunately, many web hosts offer free SSL, and they’ll automatically set up and manage the SSL certificate (opens in new tab) for you.
Staging
A feature commonly used in WordPress hosting (opens in new tab) which allows you to test changes on a copy of your site before making them visible to everyone.
When you update WordPress and your site’s various extensions, for instance, there’s always a chance of problems. You might find a WordPress change breaks your site search tool, say. If you apply the updates to a staging site, first, you can confirm everything works properly before you make the changes live.
(Image credit: Shutterstock/Tero Vesalainen)
Subdomains
A subdomain is an additional part of a domain which comes before the main domain name. Subdomains are often used to help organize your website. For example, if your domain is mysite.com, you might use the subdomains blog.mysite.com, account.mysite.com or support.mysite.com.
Most web hosting plans allow you to use as many subdomains as you like, but this isn’t always the case. If you’re planning some heavy-duty subdomain usage, make sure your plan gives you as many as you need.
Top-level domain (TLD)
The part of a domain name which follows the full stop. The top-level domain (TLD) for techradar.com is .com; the TLD for archive.org is .org. and so on.
(See Domain.)
Unlimited
Web hosts often advertise plans as supporting ‘unlimited’ storage or data transfers, but this generally doesn’t mean what you think. We checked the small print of one host and found its ‘unlimited’ plans didn’t allow ‘very large’ photo galleries’ or ‘large audio or video content’, for instance.
As a general rule, ‘unlimited’ means ‘there is a limit, but we’re not going to tell you what it is’. If you need to know more about what a particular host offers, scroll to the bottom of its home page, click the ‘Terms and Services’ link and scan the small print for clues.
Unmanaged hosting
See Managed hosting.
Uptime guarantee
A web host ‘uptime guarantee (opens in new tab)‘ is a measure of the minimum amount of time your website should be available to visitors.
Uptime guarantees are usually expressed as a percentage. A 99.9% uptime averaged over a month means your site could still be down for 44 minutes, for instance, while 99.99% of uptime over a year still allows for more than 52 minutes of unavailability.
Check the small print, and you’ll find most hosts include a bunch of exclusions. Server maintenance typically isn’t included, for instance, and many hosts exclude circumstances outside their control.
While you’re digging into the details, look for information on any compensation you’ll get if the host misses its target. Some providers don’t offer this, which makes the whole ‘guarantee’ effectively worthless.
vCore, vCPU
VCore and vCPU are measures of CPU resources, typically used by hosting providers in descriptions of their Virtual Provider Server (see VPS) plans. The more vCore or vCPUs a plan gives you, the more CPU time your website will get.
(Don’t assume that more CPU resources always means greater speeds, though. If your site is small, simple, maybe low traffic, and it only needs 4 vCPUs, then you could buy 8, 16 or more, and it won’t get any faster.)
VPS
Virtual Private Server (VPS (opens in new tab)) is a type of hosting where a provider splits a physical server into multiple virtual servers and allocates specific server resources to each.
This is a little like shared hosting, in the sense that several accounts are sharing the same server. But there are far fewer accounts on a VPS server, than a shared equivalent. Each gets their own CPU, RAM and storage space, so they’re not competing with other sites for resources. And a VPS is completely isolated from the other accounts, so everyone gets full control of how their server works, without affecting anyone else.
WAF
A Web Application Firewall (WAF (opens in new tab)) is a powerful security tool which can protect your website from hackers, bots, and a whole bunch of common exploits and attacks.
Although WAFs are mostly focused on business needs, some are affordable enough for home users. Cloudflare’s Pro plan gives access to the same rules engine used to protect millions of websites, for instance, but it’s reasonably priced at $20 billed monthly.
(Image credit: Shutterstock/TierneyMJ)
Website builder
A website builder (opens in new tab) is an easy-to-use tool which provides the simplest possible route to creating a website.
Most builders come with a library of template sites. At a minimum, all you have to do is choose a design you like, then customize it with your own text, images and other content.
Website builders aren’t just for small or simple sites, though. Quality builders such as Wix have comprehensive business tools, website analytics, social media integration, you can even create and run a busy ecommerce website (opens in new tab) to match the best of the competition.
Windows hosting
Most hosting providers use Linux servers, but a few support Windows hosting (opens in new tab). This could be vital if you’re looking to run a site using Windows technology, such as ASP.NET. If you’re aiming to buy a dedicated server, and you’re unfamiliar with Linux, then using Windows could make it easier to maintain.
For most users, though, the Windows down sides outweigh any positives. Prices are higher, because you’re paying for the Windows license, while Linux is free. And you’ll miss out on Linux tools such as cPanel, which aren’t available on Windows.
WooCommerce
A free and open-source system which allows you to add an online store to any WordPress site.
You could use WooCommerce (opens in new tab) to sell one or two items or services from a personal blog. But it’s also powerful enough to build a full-scale global e-commerce site to match the best of the competition.
Bluehost, Hostinger, SiteGround and many other providers offer custom WooCommerce plans. These typically come with WooCommerce pre-installed, specialist WooCommerce support, and sometimes include other business tools and features.
If your hosting plan supports installing WordPress, though, you can install and try out WooCommerce yourself, at any time. Just go to Plugins, Add New from the WordPress dashboard, search for WooCommerce, click Install Now and activate it.
You won’t get the same level of support if you take the manual route, but it will save you a little cash. And if WooCommerce isn’t for you, there’s no need to change accounts: just uninstall it and try something else.
WordPress
A hugely popular free tool for building and managing websites, and suitable for everything from tiny personal projects to huge international corporations.
You can create a decent WordPress site in minutes using the standard tools, but the app really wins out for its configurability. In a click or two you can add support for social media, image galleries, video streaming, newsletters, contact forms, customer management, even create a top-quality web store.
WordPress (opens in new tab) comes for free in most hosting plans. Typically, these include a 1-click installer such as Softaculous, which automatically sets it up for you, and even newbies can have a very basic site up and running in minutes.
If you’re building a business-critical or other more demanding site, though, you might get better results from managed WordPress hosting (opens in new tab). Typically these plans come optimized for WordPress, deliver extra speed, have specialist WordPress support, and sometimes include other useful business tools.
We’re excited to announce that you can now add chapter breaks to VideoPress uploads.
Daniel
Today we’re excited to announce that you can now add chapter breaks to the videos you upload to your website with our VideoPress feature. Chapters offer a quick way to navigate longer videos and can be a great addition for your viewers.
Streamlined interface
We’ve built a streamlined and easy-to-use interface for your viewers to interact with video chapters. You can hover over the timeline to preview the next chapter and then simply click to navigate to it. The current chapter name is shown after the video timecode, and when you click it opens a menu to quickly jump to the start of any chapter:
How to add chapters to your videos
To add chapters to your video, all you need to do is edit its description in the block editor and add the timestamp for each chapter, followed by a title you’d like to display:
After saving, you’ll see the video block update and automatically display your chapters.
In the video below — which is a showcase for WordPress 6.1 — you can see how chapters work and look. Play around with the bottom toolbar to navigate to different chapters and bring up the chapter list.
We hope you enjoy this feature! Please share any feedback you have or an example of where you’ve used chapters for your videos. We love to see our features in action!