Best way to create a website?

[Callie Beller Diesel]

Ok. I don’t think anyone is ill meaning here, and I for one would love to expand my knowledge in this area.

I think that having a website that one can securely collect emails for a list and make sales on is becoming increasingly important as more and more things are now easily obtained online, and many product sellers are finding it to be a reality. While shows and in person sales are a primary income source for many, online sales are a preference for others who wish to cultivate that particular income stream. Businesses need to be mindful of market trends, and I think online sales are a tool in the box that should be available to potters. We all structure our businesses to suit ourselves.  

. @Stephen, @liambesaw @GEP @LeeU do any of you have some favourite resources (free or for a reasonable fee) you can point us at so that those who are beginning, or have little programming background can be better informed? I’ll be the first to admit that the information on website building that I have is from courses aimed at entrepreneurs, so I don’t  have the level of deeper technical detail that I’d like, and I’m not in a position to have someone develop something for me. It seems to be like learning glaze chemistry: a little knowledge can be dangerous.

Honestly, when I chose Weebly, it was because the user interface is so user friendly and because it was free. After I’d made my choice, there’s a lot of confirmation bias to be found here. There really wasn’t a learning curve, and you can figure that sucker out in an afternoon of just poking at it to see what happens. 

A solid beginners guide would be welcomed by many. 

 

[liambesaw]

You can let Weebly or wix handle it.  It would mean forwarding your domain to your weebly address like GEPs second domain, or you can purchase the security certificate.  Those are probably your only options if you're using their platform.  If you switched to something like WordPress and hosted it yourself (please don't, that comes with a whole other set of security issues), you could do it yourself for cheaper.

As far as learning about it, check out professor messer on YouTube, he has some videos on TLS (transport layer security, which is basically replacing SSL) and SSL (secure sockets layer), which are the protocols that are used to establish and encrypt the connection between the user and the web server.  I'm sure there are plenty of other videos out there explaining it as well.

[Stephen]

I would just surf around and absorb as much as you think you need to. Lots of good articles and articles with bad info as well. If you read a number of them though you will start to get it. If you don't care about the 'not secure' notation on your website in google (for now) then don't worry about it. If any of your users do then they will leave and if one of the other bad things that can happen does then you or they can deal with it then. The only reason I chimed in further than just pointing it out originally is that some explanations were given that were wrong and it seemed weird to just let it go. If anyone has a question feel free to PM me. I've been at this a long time (degree and everything :-) and happy to try and untangle something that is not making sense if I can.

[Callie Beller Diesel]

44 minutes ago, Stephen said:

I would just surf around and absorb as much as you think you need to. Lots of good articles and articles with bad info as well. If you read a number of them though you will start to get it. 

That's just it: having done exactly this for the past 3-4 years, I've found a lot of contradictory information, and it can be frustrating weeding through it all.  Just like in clay, in the computer world there seems to be more than one approach to any given objective, lots of schools of thought, and a number of common practices that may or may not be based on fact: think Internet versions of the old air-bubbles-cause-explosions "rule" that everyone seems to get taught in the beginning, usually by people who don't know any better themselves.

So. If folks with a more intermediate or advanced level of website building knowledge have any helpful resources that they know would help beginners do things in a more streamlined fashion from the start, or any Simon Leaches of website building that they'd recommend, that's what I'm encouraging.

[liambesaw]

If you're serious about website building, freecodecamp.org has a great zero-to-hero program that is entirely free.  I think most potters probably don't have that kind of time (talking hundreds and hundreds of hours), so a third party that handles all of the server-side stuff is probably a great idea.  Weebly or wix are great for that, just buy the secure package if you're wanting to get rid of the "not secure" tag in chrome, you'll have to eventually when browsers stop supporting unsecure connections anyway.

 

[LogicalHue]

I used to use weebly and it made me mad all the time. The stupidest details weren't customizable when everything else was, so some element of my site would stand out and clash. I'm sure there were other reasons as well but I haven't really thought about it in a while. I use wix now and it is fully customizable. But if you just want to use a template, either is probably fine for your purposes. You can go on either website for free and look around at the options and even start to make a website that you just, obviously, can't publish until you get a domain. Domains aren't expensive.

[GEP]

2 hours ago, Stephen said:

some explanations were given that were wrong and it seemed weird to just let it go. If anyone has a question feel free to PM me.

Stephen, why don’t you just correct what you think was wrong out here in the public forum? You wanting to take your explanations private seems to go against the reason to have this forum. Also, telling everyone to google around, rather than providing specific resources to explain your position, is also not a helpful for the discussion. 

[liambesaw]

By the way, this website (community.ceramicartsdaily.org) is also unsecured in my browser.  Looks like it's part of some forum software service that is providing an untrusted certificate

Whoopsie doodle!

[GEP]

That’s right, this forum is not hosted on a secure server. Yet here we all are. 

Here is a sensible reference on the subject, written by someone who doesn’t seem to have a stake in the game. (A lot of information out there is from companies trying to sell you SSL products.)

https://www.markbrinker.com/secure-https-website

This person recommends adding SSL certs to your domains, but only for reasons of perception and Google search rankings, not security. The question is, do these things matter for a business like a pottery studio? Is the worth the money? At GoDaddy, the SSL certs start at $80/year. 

There are lots of subjects out there with a broad base of “true” facts, where not all of them are relevant or applicable to the context of this forum, which is pottery and pottery businesses. (Like how it makes no sense to recommend to a potter to buy a bulk mail permit. A potter never sends enough mail to make use of that. Doesn’t mean a bulk mail permit is a wrong concept, it’s just not applicable here.) 

[Stephen]

 

1 hour ago, GEP said:

Stephen, why don’t you just correct what you think was wrong out here in the public forum? You wanting to take your explanations private seems to go against the reason to have this forum. Also, telling everyone to google around, rather than providing specific resources to explain your position, is also not a helpful for the discussion. 

Hi Mea, I really beat it all up already in my post and at some point I'm just arguing and I don't want to that here. I'm just some unnamed, self proclaimed expert so ignore me if ya want. Besides if your not running a server it will get taken care of for ya at some point. This board is about a different world for me but like I said I'm happy to give anyone an opinion for what its worth if your struggling with a particular point. As far as the community contribution I have already written several long detailed post and it's all in there, that's my take on it.

Callie, I hear ya. but have no idea where to point you. I've been doing this for thirty years, started out writing desktop apps in the 80's and worked through about 60 hours of IT courses for the degree and with the exception of the year I tried to make it as a potter, have just spent 8-10 hours 5-6 days a week doing all of this. For 10 years I was the managing partner for a small communications company in Redmond WA and opened an ISP when I shifted to the net in 96-97 and I was working with version 1.0 for much of our software and we had to write a bunch of our stuff because  so much of this didn't even exist . These days I just try to keep pace as things have changed and try to stay relevant and make a living. I would just study the subject and maybe take a few basic community college entry level courses. Maybe get a basic hosting package with a cpanel and set the whole thing up yourself using that. 

For whats its worth to secure your site all you have to do is go get a free cert or buy a cheap one and ask you host to install it and presto all your pages will have a nice lock and no crappy insecure message greeting all your users. Your host might have some deal or even do it for free if you ask them.

 

 

 

[Stephen]

Ha! While I was writing that my injection attack stopped. I've been banning IPs from halfway around the globe all afternoon. Sometimes it feels like you have come to a gun fight with a pocket knife. Good luck everyone and don't take it all too seriously.  

[Mark C.]

I think in many web based sites like Weebly or wix you can build a shopping cart site-It will cost some $$$ to host .

I have avoided that like the plaque myself on the net-I ship tons of orders with the credit card info over the phone and everything else based through e-mail. 

I have NEVER had any issues in all the years  with Weebly with my simple info site that Gep turned me on long ago.Never paid a dime, never had a bot take it over. Once I dreamed Godzilla broke some pottery if that counts.

I never want a shopping cart-I pack and send  enough without one.

Just having a phone line is enough stupidy with calls like do you sell clay, do you teach kids ,do you buy natural clay I dug up,Do you fire clay,when are you quiting pottery-all these have been  in recent phone calls. An active web sales seems frought with issues and security is lower on the list- than sheeer stupidity. Lets see. Opps I pushed the buy a huge mug but wanted a small mug. My cat hit the key to buy the vase- The color was blue and what I got is green (colorblindness-seen my share)well you get it kitties-issues

I find it getting worse out there not better.

 

[LeeU]

28 minutes ago, Stephen said:

I've been doing this for thirty years

Well good golly miz molly....I do believe, Stephen, it was your long-ago explanation of https vs http and SSL cert need vs not need  that I have probably mangled with my poor  understanding of the whole thing. I am fairly sure tho that  an SSL cert with  WIX  pro and a Pay Pal cart is not necessary--they do the protection, as far as anything can really be protected in cyberworld.  The big issue, though, as noted, is customer perception--and if visitors think their info is not safe on a site, even if it is,  they will just leave. I just don't like feeling manipulated into buying something because the seller has everyone scared and that will negatively affect my sales. I guess paying up is probably unavoidable now that "not secure" and "do you want to contune" are out there like a highway billboards in neon. (Assuming that the good website generators are not going to let someone put in a $9 cert instead of their $80 one. ) 

[Stephen]

9 minutes ago, LeeU said:

Well good golly miz molly....I do believe, Stephen, it was your long-ago explanation of https vs http and SSL cert need vs not need  that I have probably mangled with my poor  understanding of the whole thing. I am fairly sure tho that  an SSL cert with  WIX  pro and a Pay Pal cart is not necessary--they do the protection, as far as anything can really be protected in cyberworld.  The big issue, though, as noted, is customer perception--and if visitors think their info is not safe on a site, even if it is,  they will just leave. I just don't like feeling manipulated into buying something because the seller has everyone scared and that will negatively affect my sales. I guess paying up is probably unavoidable now that "not secure" and "do you want to contune" are out there like a highway billboards in neon. (Assuming that the good website generators are not going to let someone put in a $9 cert instead of their $80 one. ) 

Hi Lee, I just surfed on WIx and they have enabled it for everyone for free. I'm sure they use the group behind that link I sent, most of the host do. You do have to go over and turn it on though.

I found this and the link below.

At Wix we are committed to protecting your and your user's data. Therefore, we are making it easy and free for your site to become HTTPS.

https://support.wix.com/en/article/enabling-https-for-your-wix-site

[Stephen]

 i think weeebly also offers for free, apparently it used to be an upgrade but now you just need to configure.

https://community.weebly.com/t5/Domains/Unable-to-enable-SSL-on-my-site/m-p/89126#M8958

[DirtRoads]

Stephen thanks for pointing this out.   I've been looking at this issue.   I may be the only one here that has 2 websites.  One secure (one with shopify that has ecommerce is fine) and the other one with Network Solutions that is not secure.  One thing you said and I know this to be true from all the online gaming nerds I hang around with is that some people will leave your site immediately if they see that not secure emblem.   Looked at a traffic report and it showed I had 7500 unique visitors last year to the Dirt Roads site so for me it is worth correcting.   I can add a fix to this from Network solutions that will cost $11/month.   Looking for a cheaper one following your suggestion.

"secure your site all you have to do is go get a free cert or buy a cheap one and ask you host to install it"

The changes I see in online buying are down right staggering.   As I've mentioned, I make most of my sales from my free standing location,  a significant amount from my two shows  that also feed customers to the store.    A very  small amount from online jewelry sales.     But I'm looking for the day when people come in and say "OMG it's a store".       I can see the shows I do as a little stagnant.  I have my clientele that return and that ensures my sales don't drop.  But the new vendors there are having a harder time.   I see a lot of vendor turn over.    If you have an established show schedule, it seems most people here are doing just fine.  But I hear from my Junior League circuit shows, that attendance is not what it used to be.  Nor sales.  Still decent but not like the old days.  So anything I can learn about online ... I'm up for it.

 

 

[Stephen]

3 minutes ago, DirtRoads said:

Stephen thanks for pointing this out.   I've been looking at this issue.   I may be the only one here that has 2 websites.  One secure (one with shopify that has ecommerce is fine) and the other one with Network Solutions that is not secure.  One thing you said and I know this to be true from all the online gaming nerds I hang around with is that some people will leave your site immediately if they see that not secure emblem.   Looked at a traffic report and it showed I had 7500 unique visitors last year to the Dirt Roads site.    I can add a fix to this from Network solutions that will cost $11/month.   Looking for a cheaper one following your suggestion.

"secure your site all you have to do is go get a free cert or buy a cheap one and ask you host to install it"

The changes I see in online buying are down right staggering.   As I've mentioned, I make most of my sales from my free standing location,  a significant amount from my two shows  that also feed customers to the store.    A very  small amount from online jewelry sales.     But I'm looking for the day when people come in and say "OMG it's a store".       I can see the shows I do as a little stagnant.  I have my clientele that return and that ensures my sales don't drop.  But the new vendors there are having a harder time.   I see a lot of vendor turn over.    If you have an established show schedule, it seems most people here are doing just fine.  But I hear from my Junior League circuit shows, that attendance is not what it used to be.  Nor sales.  Still decent but not like the old days.

 

 

Hi Sharon, they do let you use a third party but you might have to call support to get a CSR (thats a cert signing request that the server generates for the key)
http://www.networksolutions.com/support/which-ssl-certificate-does-your-web-based-business-need/

I buy some through ssl2buy, check out the Commodo essential for $9 a year.

https://www.ssl2buy.com/comodo-ssl-certificates

You could do the free one but you have to renew it every 90 days so the $9 one is less hassle. Also if a cert expires you end up with that really bad message that scares people off.

[DirtRoads]

Yeah I've seen that expired message when I've been buying online.   And I quickly click away from those sites and hit virus scan ... just in case. 

And thanks, checking those out.

[Callie Beller Diesel]

Thanks @Stephen for checking that for us. Sometimes as beginners, you don’t even know what you don’t know. 

[Stephen]

Hey happy to help, should have just found and posted those two links earlier and skipped the other post because I think in the end this discussion probably confused more than helped. My best advice is to research multiple sources and put in the time to truly understand how the internet works from a site and user point of view and then use it to your advantage. Online direct sales is just one aspect of leveraging a website to help you grow and manage your business. Be doubtful of paragraphs like the one I wrote below and try to find several trusted sources saying the same thing. Also try not to think that your spouse, friend or cousin's son, that has a couple of WordPress sites or even a hand coded one, as knowing everything about tech, he/she might but they might not. Try to learn it yourself. Lots of books, tutorials and articles that cover it all in detail and nothing bad can come from knowledge even if you use it sparingly.     

I will say to anyone reading this thread that without a lock on your website page it is not completely secure for your users to use and anyone that that tells you different is wrong. It is that simple. It does not matter if your site is sitting on a secure server in the pentagon with a team of the best security guys in the world taking care of it and it doesn't matter if your site does not have any data entry. There are degrees of risk of course but stealing credit card numbers is not by a long shot the only risk to your users anymore and this is why Google has essentially disrupted the entire world with this new policy and I am positive that decision was not made lightly. They are tired of the argument and tired of trying to convince people that run websites to do the right thing and secure all the sites properly and I think they concluded running off your users would make it happen. 

[LeeU]

22 hours ago, Stephen said:

You do have to go over and turn it on though.

Well dang!! That'll teach me to check my Dashboard Settings more often than "never"!! THANKS--it took all of 5 seconds and  my site is now https and it was indeed at no charge.    I also just updated my URL on my profile, that is displayed at the bottom of our posts, here, so that should come up correctly the next time I have anything to say.  

[GEP]

@Stephen, thank you for pointing out that Weebly will now upgrade an older site to a secure server for free. It wasn’t as easy as flipping a switch like @LeeUexperienced with Wix, but it wasn’t hard either. Weebly provided clear instructions for how to edit my DNS settings, then it took about a day for the changes to take hold. 

Kudos to Weebly for making it free. Like I’ve been saying all along, FOR A WEBSITE LIKE MINE*, free is exactly what it’s worth. But as long as it’s free, I’m happy to do it.

*i.e. a website that does not make sales, collect sensitive info, or serve a serious role in customer lead generation. Stephen this is the point I’ve been trying to make. Your information isn’t wrong, but it’s out of context to how art festival potters operate. With a business like mine, most of the customers that matter work with me in person, and I earn their trust that way. People who learn about me online, through my website or social media, rarely turn into serious customers. I would argue that anyone who wants to succeed at art festivals should assign their online presence a minor role. There are so many other, more important, competencies that a potter needs to do well, both craft-wise and business-wise. My website has sported the “Not Secure” label for about a year (?) and it has not affected my business at all. This is a forum for potters, and the practical context matters. 

And now that platforms like Weebly are providing this service for free, does it make sense for GoDaddy to want $80/year? 

I agree with @liambesaw that someday soon we will all be forced to use secure servers, rather than just being nudged like now. When that happens, yes the entire internet will be a safer place. But websites like mine are not causing any safety problems, or marketing problems for me. 

Finally, having your website on a secure server does not guarantee it is safe. Companies like Equifax and Marriott are still getting hacked, and it’s not for lack of encryption. And if you are surfing on a site that looks secure, it can still be malicious. Look how easy it was (and free) for me to get an SSL site. The internet has always been a “use at your own risk” place and will always be. Using it has always involved a tolerance for risk, and a self-protective mind set. Being smart about HOW you use the internet will always be your best defense. 

[Stephen]

On 4/12/2019 at 9:42 AM, GEP said:

Finally, having your website on a secure server does not guarantee it is safe. Companies like Equifax and Marriott are still getting hacked, and it’s not for lack of encryption. And if you are surfing on a site that looks secure, it can still be malicious. Look how easy it was (and free) for me to get an SSL site. The internet has always been a “use at your own risk” place and will always be. Using it has always involved a tolerance for risk, and a self-protective mind set. Being smart about HOW you use the internet will always be your best defense. 

Hi Mea, Glad I could help. I absolutely get your point that you think all of this is overkill for a potters site and I guess I am really trying to make sure that folks reading this know its not that kind of debate and the above quote is just mixed up. Having a lock by using a cert (free or paid) and 'https' access to your site has nothing to do with the underlying computer server being secure or not secure. Weebly and other providers may have you point to a particular server IP that they are putting certs on but they are installing a free (to everyone) certificate for your website (by Let's Encrypt). When this is not done,  regardless of if you have any data entry or not, there are risk to your users and the fact that your website is a low key info only art site means nothing, absolutely nothing because the bad guys in this case are not targeting specific websites but any site they can compromise.

The free certs that Weebly and most providers use are  from a project called 'Let's Encrypt' and is a free service to make it easy and free for everyone to get a lock on their site (I linked to them earlier). The more expensive ones like Godaddy sells for $80 usually  signify more than this and they do much more verification and offer some monetary insurance options etc. Although you have no use for the $80 one some companies do and there are some that sell for thousands but again the free certs are fine for encrypting the communications and the browsers are accepting these, for now anyway, so no reason to pay unless there's a reason. Congratulations on the lock, your users will appreciate it. More and more people do care as this topic is getting better known.

   

[Ult1mat3X]

From my personal experience trends and upcoming future, I advice you to learn basics with WORDPRESS and build your site on it. It's really quite easy (if you're not a total damb - then I advice to buy a site), no specific knowledge required, no coding or programming skills needed. Easy UX and admin site is not so hard as it may seems at first glance. You may find many courses online educating to build your own websites.

The fees you need only for registering and maintaining your own domain and for hosting, they are quite low.

Good luck!