90 percent of respondents believe Google’s focus on proximity “frequently or sometimes” harms search results quality.
Please visit Search Engine Land for the full article.
Posted by evolvingSEO
For B2B or ecommerce, people often
discover your brand with commercial queries like “dining room lamps” or an informational search like “how to fix a dishwasher”.
Then they look around your site, your social profiles, get retargeted—before ever making a purchase—but in many cases that journey started with an non-branded organic search. Search is certainly not the
only discovery channel. But important enough that investment in non-branded keywords is essential.
A (very simplified) illustration of this discovery path might look something like this:
The above is NOT the case for musicians and bands though.
When’s the last time you discovered a band with a search engine? Probably never.
For bands and musicians, the discovery path is
flipped around. THIS is probably more realistic:
The search engine is
more about reducing friction on the path to becoming a die-hard fan. I don’t think many people are discovering their new favorite band like this:
But you HAVE probably tried to learn more about bands and musicians
after the initial discovery with searches like this:
(No, I am not a Lumineers fan—just so there’s no confusion 😉 )
I don’t think many musicians, bands, record labels or managers are looking at this aspect of search. Sure, you can hope that users and Google “just figure it out.” Or you can be proactive and create the best fan experience possible.
So the REAL opportunity in keywords for bands and musicians is the fan experience here:
It’s their “branded” terms (or what I like to call “PropWords“—proprietary keywords):
For example, there’s a TON of volume around Lupe Fiasco’s branded terms—and this is only the tip of the iceberg:
Just because no one’s discovering Lupe Fiasco in organic search, doesn’t mean there’s no opportunity. It’s just not in the normal places you’d look for B2B or eCommerce opportunity.
So that’s the lens through which the rest of this post should be seen through. SEO for bands is primarily about the
fan experience searching their branded terms.
As a band, it’s important to keep fans and potential fans in your ecosystem. You should keep fans on your properties (website, social etc) as much as possible—so as not to give up extra traffic to third party sites. Being visible for your own event searches is a critical way to keep them there.
Let’s use on of my new favorite bands,
Sylvan Esso. Here’s an example of what Google typically shows for a tour search—for the query “sylvan esso tour dates”:
I imagine for this query,
fans are trying to get a list of all tour dates. So what is Google doing now? They are providing the list front and center.
You notice that Sylvan Esso only has one result—everything else goes to a third party site. This is already a lost opportunity to drive more fans to
optimize for clicks by aligning the likely user intent with their appearance in the SERP. Using the SEO Mofo SERP tool, I came up with:
This listing may perform better because:
This is the start to funneling fans through your website instead of a third party.
Some fans may opt to click a tour date Google has provided. What does Google do next?
Google then returns a page like this—with a TON of stuff:
This SERP is packed! It includes:
Here’s the kicker. There’s only
one tiny little link to sylvanesso.com—in the map card. And it goes to their homepage. They have a pretty poor shot at driving users to their website here.
Let’s look at a result for a specific Dave Matthews Band tour date:
They’re doing it a little better. Few observations with this one:
Finally, the biggest change in Google is the addition of official ticketing agents. To use one of their examples, let’s look at
Google’s example of “ariana grande tour” (and no, definitely not a secret Ariana Grande fan—although some of the production is decent):
Not only do the tour dates show up at the top, but check out this
preferred ticketing link showing prominently in the Map Card:
first announced this capability about a year ago. And they have recently expanded this for comedians and concert venues as well. Here is Google’s official developer documentation on event markup for performers: https://developers.google.com/structured-data/events/performers I want to note, they are giving preferential treatment to official artist websites:
You have three options to specify event info:
For those not aware,
App Indexing is getting pretty real. I think this is a major opportunity for bands and musicians. Let’s look at mobile search volume for a few albums that have come out recently:
According to my small sample, at least 44% of album name searches are on a mobile device (not even including tablets). Recent claims are that Android has
almost 50% of the smartphone market share. For Alicia Keys, that would mean about 18,500 searches a month for “girl on fire” on an Android.
Are you seeing the opportunity? No? Well, Bjork did:
She had an app developed just for her new album, Biophillia. Now, Android users searching Google for this album will be able to purchase and experience the “multimedia exploration” in this app.
If I was a label, I’d be experimenting with making apps for all albums by artists—filling them with an exclusive experience—and seeing what happens.
Google put together their
4-steps to appiness—and easy to follow guide to get your Android app indexed in Google search.
I know we’ve look at musicians who have already reached a threshold of popularity. They are likely to have a Knowledge Graph result already.
But what if you’re an up and coming musician? You may not have a Knowledge Graph result—but perhaps with a little nudge you can get one. For example, a friend of mine (and old bandmate)
Lost Midas is now a solo electrofusion producer and songwriter. He is signed to an independent label and even just performed at SXSW—but unfortunately Google does not show a Knowledge Graph result:
What could someone like him do to get in the Knowledge Graph?
One thing I found interesting was Google’s suggestions for how performers specifically can get in the Knowledge Graph. It’s
buried at the bottom of the event listings page:
This is easier said than done. Be sure to read their
inclusion criteria for music.
If you feel the band or musician is notable enough to get into Wikipedia, you can then
start the process here. That is the official page to add an article request for bands and musicians. Please note, Wikipedia does not want you to list yourself.
As Google states above—
be sure the official homepage is recorded correctly. I take this to mean—list the exact (“canonical”) version of your homepage URL. The one you would verify in Webmaster Tools.
You may also find this article on how someone claimed to
sneak through Wiki’s notability test interesting (although I can’t officially say how good that method is).
Note, this is
just my hunch. But if Google is using Wikipedia and MusicBrainz to inform their Knowledge Graph results—perhaps they use Archive.org. Why not? It’s one of the most authoritative sources on the web.
With Archive.org you can
upload entire concerts to their site:
Right, I know. “No one uses Google Plus.” “Google Plus is dying.” Perhaps there are elements of truth there. But I’d be surprised if having a Google Plus page verified with your website doesn’t somehow impact Knowledge Graph listings.
My friend does not have a Google Plus listing currently:
For those needing to create and verify a Google Plus page:
have a Knowledge Graph listing—that’s just the beginning! Google recently added ways to control what appears there.
For bands (and all organizations really) branding is an essential element of success. Google now gives you the opportunity to
directly control the logo users see in your Knowledge Graph result:
As you can see above, the jazz group
The Bad Plus has a random picture from an article showing—when perhaps there is a better photo they would prefer. This may be especially important from a consistency of branding standpoint.
In addition, you can also
directly control what social media links show in the knowledge graph. As I’ve mentioned, getting users to follow you on social is a key goal for bands in terms of audience development. Your audience is everything. And for bands, most search activity is going to come from their brand name. Why not make it easier for them to discover your social profiles?
For example, the amazing “Livetronica” Band (live electronica music)
The New Deal could get all of their social links to show in their Knowledge Box:
As you can see they are missing a huge opportunity to get more fans to their Instagram, Twitter and Soundcloud profiles. There’s at least 1,700 searches a month for “the new deal music” and “the new deal band”.
For some reason, I have noticed sites in the music industry tend to be pretty inferior. This could be due to labels using poor frameworks, or the band/artist needing to just get a website up the quickest, cheapest and easiest way possible. This can cause some issues though.
Let’s check out my friend’s site again. He’s currently on the Flavors.me platform. It looks like there’s several “pages” to the user, but to Google his website is just all one page:
As mentioned, this is a common yet often overlooked issue with music websites I see. In fact, despite Bjork getting it right by having an app—her website has the same issue:
website (which actually does looks like an impressive creative endeavor) is built with hashes # in the URLs. Which makes the individual pages uncrawlable.
This shows up as an issue if I try to find her mailing list in Google:
The first result goes to her record label’s page. That’s fine right? Well, not really because she has her own mailing list:
Because of how the website is built though, that page is basically invisible to Google—and users can not easily find it from a search.
The absence of Bjork’s mailing list in search results is a
critical oversight. For an artist, your mailing list is one of your strongest assets.
As it’s often said, YouTube is the second largest search engine. And there’s no doubt music queries make up a huge percentage of their overall search volume.
I’m sad to have to say this, but many bands don’t seem to even have a YouTube page of their own. Again, they are missing a massive opportunity to funnel fans searching for their content to their YouTube account—where they can grow subscribers, promote music and cross-promote other channels.
For example, that band The New Deal does not have their own YouTube channel:
Their live performances are a core selling point. This drives a ton of activity around their band in YouTube (people looking for concert footage). If they added some of their own on their own channel, they could capture a lot of this activity and engage with the fans.
Having a channel is great, but fans are often looking for specific pieces of content. It’s really nice to have lots of fans that upload this content for you for fun, but capturing some of this activity is important.
For example, another new band I have been liking a lot –
Made In Heights—could be doing this:
Fans are looking for live performances, and the only ones there now are all fan uploads.
You can use YouTube search suggest to find other things fans are searching for. I don’t see it mentioned often, but KeywordTool.io allows you to get
YouTube search suggestions:
This can quickly give you ideas of what content to add to your band page in YouTube:
The above screenshot shows the most common searches around “Made In Heights”. They mostly look like song names. If I were that band, I’d make sure they have video or content for every one of those songs.
You can use YouTube directly of course to find search suggestions off of the band name. For example, there are a lot of lyric searches. This makes sense. People want to listen to the song while reading the lyrics:
Wow! Yet, what happens when we look in YouTube for “made in heights lyrics”?
Never mind the band not having any lyric results—NO one has any lyric results. This is definitely an opportunity to provide content that doesn’t exist within YouTube.
Playlists are also overlooked in YouTube. They have many benefits:
I started using playlists on my YouTube
music channel (where I mainly post covers and tutorials of hip-hop songs on piano)—and at least anecdotally—have seen my view count rise faster than usual:
(I sure did use the word “content” a lot in that screenshot!)
Many popular artists in YouTube don’t have any playlists though—for example
You can also
curate playlists of videos about your band no matter who uploaded it. For example, let’s say you’re Drake (OK, maybe Drake’s record label or social media manager). You could curate playlists of the best Drake interviews, no matter who uploaded them:
Then when fans search, they may discover the playlist on Drake’s channel which could earn subscriptions and also get them watching their chosen interviews.
Speaking of Drake—remember when I mentioned you could rank in Google search with YouTube playlists? Take a look at this:
That’s a random
fan playlist ranking #1 for “drake playlist”—which gets 1,600 searches a month. That’s not an outlying case though. I barely had to look further for another example:
“john legend playlist” gets 720 searches a month—and two fan playlists rank at the top.
While the idea of “guest posting” is saturated in many industries, I don’t see this being done a whole lot in the music industry. That’s why I was impressed when I noticed a DJ named
A-Trak posted this compelling article about rap in 2014:
A few months later, this article has earned:
It even ranks #2 for [rap in 2014]:
Although not super high volume, it potentially ranks for a lot of long tail—and will bring in consistent brand discovery from a relevant audience.
The SEO world is no stranger to lyric searches. Just last year, Rap Genius (now just “Genius”) was
caught up in a Google penalty. And back on December 19, Glenn Gabe was the first to notice Google displaying full lyrics in search results:
Glenn Gabe’s screenshot from December 19, 2014 of Google displaying lyrics in search.
Glenn also recently published a pretty
in depth study about lyrics in the SERPs I highly recommend you check out.
In his article, Glenn astutely points out that when you add the word “meaning” to your lyrics search—the lyrics box goes away—which I found to be true looking at Sylvan Esso “Coffee” lyrics:
As a band you could release exclusive content about your lyrics such as:
Fans and music publications could also create exclusive content about the lyrics. They could interview the band about their meaning—or publish their own in-depth interpretation of the meaning.
I also want to point out—there can be a
lot of search volume for a single line of a song lyric, if the song and artist are popular enough. Check out the volume for this one line by Drake:
That’s 1,000 searches a month (certainly skewed all towards February, when the album came out) for “runnin’ through the 6 with my woes”.
And I want to point out, 65% of those searches are being done on
Check out search volume for Adele lyrics from years ago now:
“But I set fire to the rain” and “watched it pour as I touched your face” both get decent volume and have a good share of mobile share.
Yet there is only one result in this SERP explaining the meaning to this line:
There’s definitely value to be found by:
Both the artists AND third party publishers have an opportunity here. Genius.com is really the only true player in this space right now!
Remember my friend “Lost Midas”? This is obviously not his real name. It’s Jason Trikakis. Not a hugely common name. So a search for it should return his website #1 right?
Wrong. You can’t always rely on Google to “figure it out.” The problem here stems back to the fact his website is not very search-friendly. His name is on the website but very hard for Google to find.
Solution in this case would be:
Also—remember Sylvan Esso? What if one were to be searching around for “Nick Sanborn” who makes up 1/2 of the Sylvan Esso duo?
Now, I’d never argue something from sylvanesso.com should appear at the top. But there’s nothing from their domain on the first page. As a fan, I’d probably enjoy at least one result from one of their own domains.
Here’s a few ideas for them:
There’s SO much more I could have mentioned in terms of marketing music these days. When I
played in bands it was the days of MySpace 🙂 I don’t even think YouTube was out yet.
There are so many opportunities out there now with social media, platforms like Soundcloud and Bandcamp. I left a LOT out of this post.
If you have any questions at all, please ask in the comments below! And I also love to chat about music!
Sign up for The Moz Top 10, a semimonthly mailer updating you on the top ten hottest pieces of SEO news, tips, and rad links uncovered by the Moz team. Think of it as your exclusive digest of stuff you don’t have time to hunt down but want to read!
Avoid confusion about SEO and SMO. http://www.hrimsolutions.com/ is a SEO and SMO marketing firm, who passionately believes in helping people with their onli…
Posted by randfish
Facebook sends a remarkable amount of traffic, but there’s a lot of confusion around both just how much and (perhaps more importantly for our work) how we can optimize our work to take advantage of it. In today’s Whiteboard Friday, Rand clears up some of the statistical noise and offers 10 tips for optimizing your Facebook traffic.
For reference, here’s a still of this week’s whiteboard!
Howdy, Moz fans, and welcome to another edition of Whiteboard Friday. Today we’re going to talk a little bit about Facebook. Facebook has been growing massively. It sends out a tremendous amount of traffic, and as a result, more and more of us in the field of web marketing as a whole, and because it’s so interesting as a correlated factor with things that tend to perform well in Google, are interested in the traffic that Facebook can drive and in potentially growing that.
So I’m going to start out with a few stats. I think it is actually very important that marketers like us understand how statistics work, especially as they’re represented. I hear from folks all the time like, “Oh, my boss emailed me the new Shareaholic report, and it says that 25% of all traffic comes from Facebook, and we only get 10% of our traffic from Facebook. So we must be doing Facebook badly.” That’s not actually the case.
Then I’m going to talk a little about some rough estimates, just for theoretical fun purposes, around traffic that Facebook might send versus Google, and then I actually have a bunch of tips for Facebook optimization. None of this is going to be dramatically brand new, but I’ve tried to distill down and aggregate some of the best ones, throw out some of the ones that no longer apply as Facebook has been maturing and getting more sophisticated and those kinds of things. All right, let’s start with these stats.
So let’s say your boss does send you this Shareaholic report, and Facebook sends 24% of all referral traffic. Wow. Shareaholic is on 300,000 websites. That’s a pretty big group. Like how can we ignore that data? It’s not that you should ignore it, but you should also be aware of why is Shareaholic installed and who uses it.
So these 300,000 sites are almost certainly massively over-representative across the several hundred million websites that exist on the Internet of those that receive and are optimizing for social media traffic. I think this is an excellent stat, and if you are a social media heavy site and you are getting less than say 20%, less than 15% of your traffic from social, well, you probably have some work to do there and some opportunity to gain there.
I also like this one from Define Media Group. Define of course is a Marshall Simmonds’ company, and they measure across major publishers. So one of the things that you might hear is Buzzfeed, for example, last year put out their big article about how they get 70% plus of their traffic from social, and they don’t even care about search, and search is dead. No one does SEO anymore and blah, blah, blah. It turns out actually, I think Buzzfeed does a tremendous amount of caring about SEO despite what they say, but they don’t want to be perceived as doing that. Define said across all of their 87 major publishers — so these are big news sorts of publishers and entertainment content publishers and that kind of stuff — social sent about 16% of all traffic, search 41%, and direct 43%. That’s a very big difference from the social sharing site. So again, you’re seeing that granularity and disparity as we look across different segments of the web world.
Worldwide by the way, according to StatCounter, whose stats I like very much because they’re across such a wide range of distributed websites, many hundreds of thousands, I think even millions of websites in the U.S. and abroad, so that’s really nice and they share their global statistics at gs.statcounter.com, which is one of my favorite resources for this type of stuff. According to them, worldwide Facebook, in January of 2015, driving around 80% of all social referrals in the U.S. Interestingly enough, people like Pinterest and Twitter and LinkedIn and Google+ have more of a share than they do in the rest of the world, and so Facebook is responsible for only about 68% of all social referrals in the U.S. as a conglomerate.
It is the case for anyone measuring Facebook traffic, the average pages per visit tends to be around one. Now, you compare that to Google, where it’s around 2, 2.2, or 2.5, you compare that to Direct and Direct is usually closer to the 3, 4, or 5 visits per session. So Facebook’s traffic is kind of at the low end of the performance and engagement scale. It tends to be the case that when you’re in that Facebook feed, you’re just trying to consume content, and you might see something, but you’re unlikely to browse around the rest of the website from which it came, and that’s just fine. Although, interestingly enough, Facebook does perform better, slightly better than Twitter does by this metric. So Twitter’s traffic is even more ephemeral.
I tried to do some rough statistics and think about like, okay Rand, I really need a comparison between how much traffic does Google send and how much traffic does Facebook send. This is something that people ask about all the time. There are no terrific sources of data out there, so we sort of have to back into it. I think you can do that by saying, “Well, we know that Google’s getting around 6 billion searches a day currently, and we know that those send on average . . . well, we don’t know for sure. We know that years ago an average Google search resulted in 2.1 or 2.2 clicks.” I think that was 2009, so this was many years ago. So it could have gone down, or it could have gone up from there. I’m going to say between 1.5 and 3 visits on average, somewhere in there.
Facebook has 890 million daily active users, and we don’t know the statistics again perfectly there. But again, several years ago, I want to say maybe 4 years ago, 2011, they had a stat that around 2 external clicks per day per Facebook user. So let’s say it’s probably gone up maybe 2 to 4, somewhere between there. So given that, Google is in the 9 to 18 billion referrals per day stage and Facebook 1.8 to 3.6 billion.
So if you think Facebook has grown just absolutely huge, it could be as big as a third of the smallest growth maybe that Google has experienced in terms of referral traffic. I think that’s possible. I think the numbers are probably closer to the 9 and 3.6 than they are to the 18 and 1.8. That would be my guess. I think Facebook is somewhere between 15% and 30% of the traffic that Google’s driving. So pretty massive. Definitely bigger than any of the secondary search engines. Probably driving more traffic than YouTube, driving more traffic than Yahoo!, driving more traffic than Bing. Probably driving more traffic than all three of those combined even. That’s quite impressive, just not as impressive as the enormous amounts of traffic that Google does set.
Still, one of the reasons that we care about Facebook even if we don’t love the traffic that Facebook sends us because we don’t feel that it performs well, Facebook’s likes and shares are very indicative of the kinds of content that tend to perform well in search. So if we can nail that, if we understand what kind of content gets spread socially on the web and engages people on the social web, we tend to also perform well in the kind of content we create for search engines.
So some tips. First off, make sure that the Facebook audience and whoever your . . . well, that pen is going to work beautifully for someone never. Let’s see if I can make it from here. You guys can’t see this, but we’ll just pretend I make it. Oh yeah, nailed it. Oh, it almost went in. It like bounced off the shelf and then almost went in.
All right. First off, make sure that your Facebook audience usage matches your content goals and targets. If you’re saying, “Hey, we’re trying to convert people to a B2B software product in an industry that really targets technical folks on the engineering side,” Facebook might be really, really tough. If, on the other hand, you are selling posters of adorable cats and dogs, woo, that’s a Facebook audience right there. You should nail that. So I think you do have to have that concept. You can’t just disassociate those two. If you’re working for a patent attorney, trying to get likes and shares is going to be really hard for their content versus maybe trying to get some tweets or some shares on LinkedIn or those kinds of things.
Second, learn what does work in your topics in Facebook. There’s a great tool for this. It’s called BuzzSumo. You can plug in keywords and see the pieces of content that over the past six months or a year have performed the best across social networks, and you can actually filter directly by Facebook to see what’s done best on Facebook in my niche, with my topics, around my subjects. That’s a great way to get at what might work in the future, what doesn’t work, what will resonate, and what won’t.
Number 3, you should set up your analytics to be able to track future visits from an initial social referral. There’s a great blog post from Chris Mikulin. Chris basically shows us how in Google Analytics you can set up a custom system to track referrals that come from social and then what that traffic does after it’s come to you from social and left, oftentimes coming back through search, very, very common.
Number 4, headlines often matter more than content in earning that first initial click. I’m not going to say they matter more than content overall, but headlines are huge on Facebook right now, and that’s why you see things like the listicles and click bait all of those types of problems and issues. Facebook says they’re working to update that. But for right now there’s a ton of sharing going on that’s merely around the text of that 5 to 15 word headline, and those tend to be extremely important in determining virality and ability to make their way across Facebook.
Number 5, it is still the case — this has been true for many years now across all the social media platforms — that visuals tend to outperform non-visual content. When you have great visuals, the spread and share of those tends to be greater.
Number 6, timing still matters a little bit, but actually, interestingly not as much as it used to. I think a lot of folks in the social media sphere have been looking at this and saying, “Gosh, you know what? We’re running the correlations and we’re trying these experiments, and what we’re seeing actually is that it seems like Facebook has gotten much smarter about timing.” So they’re not saying, “Oh, you posted in the middle of the night and you didn’t get very many likes, so we’re not going to show your post to as many people.” They’re now saying, “Well, as a percentage of the engagement on average that’s received by this group in these geographies, in these time zones, at these particular times, how did you do?” I think that relativism has made their algorithm much more intelligent, and as a result we’re seeing that posting at a certain time of the day, when more people are on Facebook or less are, isn’t quite as powerful as it used to be. That said, if you want to try some timing experiments, watch your Facebook Insights page, and figure those things out. There’s still some optimization opportunity to be gleaned there.
Number 7, the really big driver of Facebook spread and of the ability to be seen by more and more people, have a post seen by more and more people on Facebook, appears to be — at least from all the social media experts, and I would validate this myself from my experiences there — the percentage of the audience that’s seeing the post, interacting with that post — and by interacting I mean they like, they comment, they share, they click on the link, or even, I’m fairly certain that Facebook is also using a dwell time metric, meaning that if they’re looking at that post for a considerable amount of time, even if they’re not clicking Like or Share or Comment or clicking, if they’re observing it, if that’s staying active on their Facebook feed in the visual portion of the panel, that seems to be a metric that Facebook is also using. I would be fairly sure it is. I think they’re pretty smart about that kind of stuff. Because this is a big driver, what you’re trying to do is grow engagement. You want more people to interact more heavily with your content. I think that’s one of the reasons that unfortunately things like click bait work so well and great headlines do too.
Number 8, brand page reach is limited. We know this. There have been many sort of Facebook algorithmic updates that talk about what’s the organic reach if you post, but you don’t pay at all, those kinds of things. However, the flip side of this is that in order for Facebook to not be overwhelmed by content, because the amount of content that’s posted there is simply enormous, they’ve reduced some of those things. But that means a little bit more room for individual people. So individual accounts, like your Facebook account, my Facebook account, not my public page, but my personal Facebook account, your personal Facebook account, those have a little bit more opportunity to get reach versus brands, which for a while were more dominating than they are. Now it’s pretty small.
Number 9, if your traffic from Facebook has good ROI — and this is one of those big reasons why you need to be measuring the second order effects and when that traffic comes back and those kinds of things — go ahead and pay to amplify. This is just like Google. If you see that a key word is performing well and you can turn on AdWords and you can get more of those visitors and they’re going to convert, hey, the same thing is true on Facebook, and Facebook’s traffic, generally speaking, is much cheaper on a per-click basis than Google’s is. It’s also much less targeted. It tends not to perform as well, but much less expensive. So I would urge you to pay to amplify. When you see sites that are performing gangbusters — Buzzfeed being a very fair example of that — they’re paying a lot of money to drive all that traffic to their site and to amplify their organic reach. They’re getting organic and paid reach.
And the last one, number 10, Facebook is really hard to game anymore — it didn’t used to be this case — with direct signals. It used to be the case that if you posted something on Facebook, you could have a bunch of your friends like, “Hey, everyone go check their Facebook feed now. Make sure you’re subscribed to me. If you don’t see it in your feed, go over to my specific feed, click it, Like it, Share it, comment it.” Then we can sort of amplify its organic reach, because Facebook cares a ton about those first 5 or 10 minutes and what the engagement is like there. That doesn’t work very well anymore. Facebook is very, very careful, I think, nowadays to look at: Who did we organically show this to in the news feed? How many of them interacted and engaged with it? What’s their history of interacting and engaging with stuff on this particular site? Are they somehow connected? Is there gaming going on here? Have they consistently liked everything that’s come from this site in the first five minutes of it being published? All those kinds of things that you would expect them to eventually get to, they’ve really gotten to, and so gaming it is much more hard.
But gaming people is not much harder, because unfortunately our software has not been considerably upgraded in the last few hundred years of evolution. So as a result, gaming human psychology is really how to, I don’t want to say manipulate, but certainly to get much more reach on Facebook. If you can find the angles that people care about, that they’re vocal about, that they get engaged, excited, angry, passionate, of any emotional variety about those things, that’s how you tend to trigger a lot of activity on Facebook. This is a little different than how it works on other social networks, certainly LinkedIn, parts of Twitter, Instagram different. Facebook very much this kind of controversy, passion, excitement, tribalism tends to rule the day on this platform. I think that’s part of why you see some of these click bait and headline heavy sites performing so well. But if you want to find ways to make Facebook work for you, you might want to marry the things that are on brand, on topic, helpful to you, actually will earn you good visits, but do take into account some of that human psychology that exists on Facebook.
All right everyone, what I would love, and I don’t always ask for this, but I would love if you have great tips or things that you’ve seen work really well on Facebook, please share them in the comments below. I would love to read through them. I’m guessing there are some folks in the Moz community who have extensive, wonderful experience here. We’d love to hear from you.
All right everyone, take care. We’ll see you again next week for another edition of Whiteboard Friday.
Sign up for The Moz Top 10, a semimonthly mailer updating you on the top ten hottest pieces of SEO news, tips, and rad links uncovered by the Moz team. Think of it as your exclusive digest of stuff you don’t have time to hunt down but want to read!
Posted by ronell smith
“Man, I’m sorry. You guys weren’t ready to adopt the brands as publisher mindset. I suspected you’d never be ready to do it successfully. I knew it; I could sense you knew it. I wish I’d spoken up when I saw the intra-departmental debates waging. That’s on me. My bad.”
Those were my words to the executive of a midsize lifestyle brand I worked with in 2014. It took me months to get up the nerve to reach out and make it right, even though I’d done nothing wrong.
He seemed to understand. But he did have a question that stopped me in tracks and continues to haunt me.
we couldn’t get it right, with all of our resources, what does it say about the feasibility of becoming a brand publisher?” he inquired. “Does that make content marketing [in and of itself] a bad idea?”
A fair question, to be sure, and one I did not have a sufficient answer for. But in looking back, I realized this exec, like so many others before him, made the mistake of thinking he could do quickly what he had not yet learned to do well. Content marketing wasn’t the missile that sank his boat. The decision to do content marketing at warp speed and with little direction was his brands’ albatross.
Any one of these could have led to failure. Facing them all at once is akin to content marketing suicide. I see these same four elements dooming content marketers so frequently that I’ve resorted to naming them the four horsemen of content marketing failure.
For the purposes of this post, I want to illuminate how attempting to be a brand publisher is a lofty, needless goal for all but a handful of brands. Then I will highlight how to make steps 2, 3, and 4 work for your brand, not against it.
Before I begin, however, I want to make one thing abundantly clear: The ideas shared in this post have been formed through working with hundreds of brands over more than a decade, either as a writer, business strategist, content strategist, product marketing consultant or in a PR/media relations capacity.
I’m under no illusion that each (or any of them) will apply to everyone, but experience has shown me that these elements play an invaluable role in the success (or failure) of most brands embarking on the content marketing journey.
The web is rife with examples of marketers sharing the “wisdom” of brands becoming publishers, and no less common are the examples of brands who’ve done just that, adding content publisher to the laundry list of services they already provide. Here’s the problem with that logic: You’re not a publisher, and attempting to become one is fraught with risks that more often than not lead to failure.
Brand publishing refers to brands attempting to behave as media companies, specifically with regard to content breadth and frequency. Also, and most important, it requires a mindset wholly different from that of a typical content marketer: These brands view publishing as part of their business model.
That’s where the confusion comes in. A lot of very
knowledgeable people say any brand that publishes blog posts or adds updates on social media is a brand publisher. But that’s akin to saying anyone who runs is a marathoner. It’s about scale. While content marketing’s goal is to attract and retain customers through the creation and distribution of content, being a brand publisher means you have layers of staff, strategic insight, vision, resources to build platforms for sharing new content and, most important, the ability to produce content at a rate that rivals, well, publishers.
If content marketing is a single-family dwelling, brand publishing is a city of one-million-plus.
It’s not that being a brand publisher is a bad idea all by itself. It’s that too many companies, who are barely ready to do content well, now think being a publisher is a sound idea.
As brands continue to bite off more than they can chew, the realities are tough to stomach, and have led to some interesting conclusions:
After months spent developing content strategies for clients looking for content marketing help, I decided that, in good conscience, I would never again insist that brands become publishers.
Instead, I adopted a strategy that’s as far away from one-size-fits-all as possible.
First, I refrained from using the term brand publisher. Next, I became a vocal proponent of the good-for-business-doesn’t-mean-good-for-your-business philosophy, which meant that in meetings with managers, directors and C-Suite execs, I had the courage of my convictions in sharing that while content marketing is a sound practice, becoming a full-fledged publisher is something that requires a minimum of three things to be successful:
If your company is ready to shoulder such a commitment, then by all means dive right in. If not, there’s a better way to do content marketing, one that is no less effective but does not require you to mortgage your future in the process.
Instead of attempting to become a publisher, or even a content marketer, focus your efforts on becoming a brand that consistently creates content that puts the needs of prospects and customers first, while simultaneously providing meaningful solutions to their problems.
I’ve been a very vocal haranguer of content marketing, though not because of its inefficacy.
I’m simply not a proponent of brands thinking of themselves as anything other than
what they are in the minds of their prospects and clients.
Hopefully, at the core of your business is a product or service customers clamor for, not a content engine.
That’s why becoming a customer-first brand that has meaningful content as part of its DNA is the safest, surest, easiest-to-adopt model for brands with the desire to do content marketing right but who aren’t willing to re-org the business to get it underway.
In this way, you keep the
main thing the main thing. That main thing in this case is serving your core audience.
At this point, I’m hoping you see the light, realizing that becoming a brand publisher isn’t necessary for your company to be successful at content marketing.
If you’re ready to chart a solid, more reliable path to success, it begins with turning away the four horsemen of content marketing failure.
We’ve banished the first horsemen. Let’s do the same with the other three.
Whenever I sit down with a prospect to discuss their business, I open up my notebook and write down the following three phrases, including a checkbox next to each, on a sheet of paper:
Then I ask “What are your goals for the business?” all the while knowing full well the answer will be one of the three things I’ve written down.
The followup question, too, is canned: “What are you doing to get there?” That answer, too, is typically never a surprise: “That’s what you’re here for, right?”
After I’ve apprised them that the shortest path to failure is not
having a clear view of their goals, I have their attention and they are ready to begin the goal-setting process.
Here’s the catch: Only you and your team can decide what those goals are/should be. It’s important that the goals take into account the entirety of the business, not just SEO, content, social media, etc.
Also, I’ve found it helps if the metrics assigned to measure a business’s success toward their goals are meaningful (e.g., a sincere help to the overall business) and clearly communicated (e.g., everyone involved is aware of what they’re working for and being judged against).
No matter what specific goals you decide on, applying the principle of “HAS,” as in holistic, adherable (er, sticky) and sustainable, can be a huge help:
I’ve found that keeping these principles top of mind helps to order a brand’s steps, ensuring that everyone is aware of the goals and of their role in working toward them.
As an example, let’s say you’re a small business ready to jump into the murky waters of content marketing, but you don’t yet have a website.
The right goal would be to launch a new website. To make the goal as HAS-friendly as possible, you could assign a timeframe—say, 90 days—then break out the associated tasks by order of importance (see image below).
I’d even suggest keeping a checklist in a Google Doc where team members can stay abreast of what’s going on, in addition to seeing who’s responsible for what and having a better understanding of where the team is in terms of completing each task related to their goals.
If I had to single out the No. 1 reason content marketers I’ve worked with have failed it would be that they based their goals on what the competition was doing instead of what’s best for their own business.
Seeing a competitor rank higher for their main keywords; having thousands of web pages indexed by Google; spending mad cash on paid media; and having brand pages on Google Plus, Facebook, Twitter, Instagram and Pinterest, these businesses attempt to do the same.
Sounds comical, right, until you realize it happens all the time and to businesses of all sizes.
So we just had a new client shut down our social strategy to instead “copy anything and everything their competitors are doing” #brilliant
— Greg Gifford (@GregGifford) January 26, 2015
Problem is, no two businesses are entirely alike and, well, “You aren’t them,” as the saying goes.
Aside from having little idea of how much real success the competition is enjoying from their search, social and content efforts, these brands are taking their eyes off the main prize: their own business.
An approach that works well and is easy to carry out entails taking an inventory or where you are in relation to where you want to be while keeping a keen eye on the competition.
With your goals solidly in hand, begin by sketching out a plan based not on where you are, or on what the competition is doing, but on those actions that would likely lead to success for you.
(image created by author)
In the graph above, created in Google Docs, you can see that I mainly focused on the content-related activities that would have the biggest impact over the next 90 days. (Caveat: This is simply a high-level overview of one area of the business, but it’s plenty thorough enough for a team to begin working from.)
The key is to take the time to get to know (a) what success looks like for your business, then (b) focus on specific, actionable elements that can be done in the allotted timeframe.
“Why do you hate content marketing?” I get asked these words at least once a month. The answer is always the same. I don’t hate content marketing. I hate most brands’ approach to content marketing.
There is so much more to making it a success than we’re typically led to believe there is.
The focus is always on produce, produce, produce. Outreach, outreach, outreach. Produce more. Outreach evan more. Rinse and repeat.
As marketers, we’ve seemingly trained a generation of brands that the focus should be on doing fast (and often) what they barely know how to do at all. We never learn to do well.
Yeah, I know it works…for some. But is it scalable over the long-term? Better yet, will it remain scalable into the future?
If you want to position your brand for success in content marketing, make sweating the small but oh-so-important steps a priority.
This process starts with clarity.
Simple. Brilliant. What I loved about this slide and the line of thinking is it helps brands (and the staff who work for those brands) stay the course, focused on their already-defined objectives. For example, once you know who you are and who you are in the minds of your core prospects and customers, any actions you take should be done with this information in mind.
Therefore, if the team begins to get distracted by shiny-things syndrome, anyone has the right to ask “Why are we doing this?” or “Why does this…make sense?”
Nothing like forcing someone to defend a bad idea to provoke clarity.
I can’t say for certain that, if you refrain from attempting to be a brand publisher, you’ll be a successful content marketer. I also cannot promise that going all-in with the three points outlined above ensures your success.
What, however, I can say is the vast majority of brands would do better if they banished “I want to be a brand publisher” from their lexicon and decided to focus on the right goals, executed a sensible plan and made the small things part of the main things.
What about you? Are you ready to do content marketing wisely? Dive into the discussion in the comments below.
(main image: licensed by the author )
Sign up for The Moz Top 10, a semimonthly mailer updating you on the top ten hottest pieces of SEO news, tips, and rad links uncovered by the Moz team. Think of it as your exclusive digest of stuff you don’t have time to hunt down but want to read!
Posted by AlanBleiweiss
My site has been up since 2004. I had good traffic growth up to 2012 (doubling each year to around a million page views a month), then suffered a 40% drop in mid Feb 2012. I’ve been working on everything that I can think of since, but the traffic has never recovered.
Since my primary business is performing strategic site audits, this is something I hear often. Site appears to be doing quite well, then gets slammed. Site owner struggles for years to fix it, but repeatedly comes up empty.
It can be devastating when that happens. And now more than ever, site owners need real solutions to serious problems.
As this chart shows, when separating out the “expected” roller coaster effect, Google organic traffic took a nose-dive in early February of 2012.
When this happens, the first thing I do is jump to Moz’s
Google Algorithm Change History charts to see if I can pinpoint a known Google update that correlates to a drop.
Except in this case, there was no direct “same day” update listed.
A week before, there’s an entry listed that references integrating Panda into the main index more, however discussion around that is this change happened sometime in January. So maybe it’s Panda, maybe it’s not.
At this point, I expanded the timeline view to see if I could spot other specific drops and possibly associate them to known updates. I did this because some sites that get hit once, get hit again and again.
Well now we have a complete mess.
At this point, if you’re up for the challenge, you can take the time to carefully review all the ups and downs manually, comparing drops to Moz’s change history.
Personally, when I see something this ugly, I prefer to use
the Panguin Tool. It allows you to see this timeline with a “known update” overlay for various Google updates. Saves a lot of time. So that’s what I did.
Well okay this is an ugly mess as well. If you think you can pin enough of the drops on specific factors, that’s great.
What I like about the Panguin Tool is you can “turn off” or “hide” different update types to try and look for a consistent issue type. Alternately, you can zoom in to look at individual updates and see if they align with a specific, clear drop in traffic.
Looking at this chart, it’s pretty clear the site saw a second dropoff beginning with Panda 3.3. The next dropoff aligned with updates appears to be Panda 3.4, however it was already in a slide after Panda 3.3 so we can’t be certain of this one.
Multiple other updates took place after that where there may or may not have been some impact, followed by further cascading downward.
Then, in the midst of THAT dropoff, we see a Penguin update that also MAY or MAY NOT have played into the problem.
This is a great time to bring up the fact that one of the biggest challenges we face in dealing with SEO is the ambiguous nature of what takes place. We can’t always, with true certainty, know whether a site has been hit by any single algorithm change.
In between all the known updates, Google is constantly making adjustments.
The other factor here is that when a given update takes place, it doesn’t always roll out instantly, nor is every site reprocessed against that latest change right away.
Here’s where evaluating things becomes even more of a mess.
When an algorithm update takes place, it may be days or even weeks before a site sees the impact of that, if at all. And once it does, whatever changes to the overall status of a site come along due to any single algorithm shift, other algorithms are sometimes going to then base formulaic decisions on that new status of a site.
So if a site becomes weaker due to a given algorithm change, even if the drop is minimal or non-observant, it can still suffer further losses due to that weakened state.
I refer to this as the “cascading impact” effect.
Okay so lets say you’re dealing with a site that appears to have been hit by multiple algorithm updates. Maybe some of them are Panda, maybe others aren’t Panda.
The only correct approach in this scenario is to step back and understand that for maximum sustainable improvement, you need to consider every aspect of SEO. Heck, even if a site was ONLY hit by Panda, or Penguin, or the “Above the Fold” algorithm, I always approach my audits with this mindset. It’s the only way to ensure that a site becomes more resilient to future updates of any type.
And when you approach it this way, because you’re looking at the “across-the-board” considerations, you’re much more likely to address the actual issues that you can associate with any single algorithm.
It was at this point where I began to do my work.
A couple years ago, I coined the acronym QUART—what I call the five super-signals of SEO:
With every single factor across the full spectrum of signals in SEO, I apply the QUART* test. Any single signal needs to score high in at least three of the five super-signals.
Whether it’s a speed issue, a crawl efficiency issue, topical focus, supporting signals on-site or off-site, whatever it is, if that signal does not score well with quality, uniqueness or relevance, it leaves that page, that section of a site, or that site as a whole vulnerable to algorithmic hits.
If you get those three strong enough, that signal will, over time, earn authority and trust score value as well.
If you are really strong with relevance with any single page or section of the site, but weak in quality or uniqueness, you can still do well in SEO if the overall site is over-the-top with authority and trust.
*When I first came up with this acronym, I had the sequence of letters as QURTA, since quality, uniqueness, and relevance are, in my opinion, the true ideal target above all else. New sites don’t have authority or trust, yet they can be perfectly good, valuable sites if they hit those three. Except Jen Lopez suggested that if I shift the letters for the acronym, it would make it a much easier concept for people to remember. Thanks Jen!
Lets say you have one single page of content. It’s only “okay” or may even be “dismal” in regard to quality and uniqueness. Even if you do, and if the site’s overall authority and trust are strong enough, you can outrank an entire site devoted to that specific topic.
This happens all the time with sites like Wikipedia, or Yahoo Answers.
Don’t you hate that? Yeah, I know—Yahoo Answers? Trust? Ha!
Sadly, some sites have, over time, built so much visibility, brand recognition, and trust for enough of their content, that they can seemingly get away with SEO murder.
It’s frustrating to see. Yet the foundational concept as to WHY that happens is understandable if you apply the QUART test.
One challenge this site has is that there’s also a separate mobile subdomain. Looking at the Google traffic for that shows similar problems, beginning back in February of 2012.
Note that for the most part, the mobile site suffered from that same major initial hit and subsequent downslide. The one big exception was a technical issue unique to the mobile site at the end of 2012 / beginning of 2013.
Understanding the QUART concept, and having been doing this work for years, I dove head-first into the audit.
NOTE: This is an educational site – so all “educational page” labels refer to
different primary pages on the site.
For my audits, I rely upon
Google Analytics Page Timings data, URIValet.com 1.5 mbps data, and also WebPageTest.org (testing from different server locations and at different speeds including DSL, Cable and Mobile).
Whenever I present audit findings to a client, I explain “Here’s the ideal goal for this issue, yet I don’t expect you to hit the ideal goal, only that you do your best to make improvements without becoming bogged down in this one issue.”
For this site, since not every single page had crisis speed problems, I was looking to have the site owner at least get to a point of better, more consistent stability. So while there’s still room for vast improvement, the work performed went quite far in the right direction.
The first issue tackled was the fact that at the template level, the various pages on the site were calling several different processes across several different domains.
A great resource to use for generating lists of what third party processes individual pages use that I rely upon is a report in the WebPageTest.org results. It lists every domain called for the page tested, along with total processes called from those, and gives separate data on the total file sizes across each.
Reducing the number of times a page has to call a third party domain, and the number of times an individual process needs to be run is often a way to help speed up functionality.
In the case of this site, several processes were eliminated:
By eliminating functionality that was dependent upon third party servers meant less DNS lookups, and less dependance upon connections to other servers somewhere else on the web.
Typical service drains can often come from ad blocks (serving too many ads from too many different ad networks is a frequent speed drain culprit), social sharing widgets, third party font generation, and countless other shiny object services.
Yeah, I know—you don’t have to have 100% validated code for SEO. Except what I’ve found through years of this work, is that the more errors you have in your markup, the more likely there will be potential for processing delays, and beyond that, the more likely search algorithms will become confused.
And even if you can’t prove in a given site that cleaner code is a significant speed improvement point, it’s still a best practice, which is what I live for. So it’s always included in my audit evaluation process.
Next up on the list was the range of issues all too many sites have these days regarding efficiency within a site’s own content. Tools to help here include
Google Webmaster Tools, Google Page Speed Insights, and again WebPageTest.org among others.
NOTE: This is an educational site – so all “educational page” labels refer to
different primary pages on the site.
Note: Google Page Speed Insights recommendations and WebPageTest.org’s grade reports only offer partial insight. What they do offer however, can help you go a long way to making speed improvements.
Also, other speed reporting tools abound, to differing degrees of value, accuracy and help. The most important factor to me is to not rely on any single resource, and do your own extensive testing. Ultimately, enough effort in research and testing needs to be performed with followup checking to ensure you address the real issues on a big enough scale to make a difference. Just glossing over things or only hitting the most obvious problems is not always going to get you real long-term sustainable results…
Another common problem I find is where a site evolves over time, many of the URLs change. When this happens, site owners don’t properly clean up their own internal links to those pages. The end result is a weakening of crawl efficiency and then user experience quality and trust signals.
Remember that Google and Bing are, in fact, users of your site. Whether you want to admit it or not. So if they’re crawling the site and run into too many internal redirects (or heaven forbid redirect loops), or dead ends, that’s going to make their systems wary to want to bother continuing the crawl. And abandoning the crawl because of that is not helpful by any stretch of the imagination.
It also confuses algorithms.
To that end, I like to crawl a sampling of a site’s total internal links using
Screaming Frog. That tool gives me many different insights, only one of which happens to be internal link problems. Yet it’s invaluable to know. And if I find enough of a percentage of that sample crawl URLs are redirecting or dead ends, that needs to get fixed.
Note: for reference sake, the total number of pages on the entire site is less than 5,000. So that’s a lot of internal inefficiency for that size site…
While having link redirects and dead ends pointing to outside sources isn’t ideal, it’s less harmful most of the time than internal redirects and dead ends. Except when it’s not.
In this case, the site had previously been under a different domain name prior to a rebranding effort. And after the migration, it resulted in some ugly redirect loops involving the old domain!
At this point, the audit moved from the truly technical issues to the truly content related issues. Of course, since it’s algorithms that do the work to “figure it all out,” even content issues are “technical” in nature. Yet that’s a completely different rant. So let’s just move on to the list of issues identified that we can associate with content evaluation.
Yeah, I know—some of you think these are irrelevant. They’re really not. They are one more contributing factor when search engines look to multiple signals for understanding the unique topic of a given page.
Typical scenario here: a lot of pages that have very little to no actual “unique” content—at least not enough crawlable content to justify their earning high rankings for their unique focus. Be aware—this doesn’t just include the content within the main “content” area of a page. If it’s surrounded (as was the case on this site) by blocks of content common to other pages, or if the main navigation or footer navigation are bloated with too many links (and surrounding words in the code), and if you offer too many shiny object widgets (as this site had), that “unique” content evaluation is going to become strained (as it did for this site).
You can have the greatest videos on the planet on your site. And yet, if you’re not a CNN, or some other truly well established high authority site, you are almost always going to need to add high quality, truly relevant content to pages that have those videos. So that was done here.
And I’m not just talking about “filler” content. In this case (as it always should be) the new content was well written and supportive of the content in the videos.
On pages that were worth salvaging but where there was thin content, I never recommend throwing those out. Instead, take the time to add more value content, yes. But also, consider eliminating some of those shiny objects. For this site, the reduction of those vastly improved the uniqueness of those pages.
Flat architecture is an SEO myth. Want to know how I know this? I read it on the Internet, that’s how!
Oh wait. That was ME who said it.
Seriously, though. If all your content looks like this:
That’s flat architecture.
It claims “every one of these pages is as important as every other page on my site.
And that’s a fantasy.
It also severely harms your need to communicate “here’s all the content specific to this category, or this sub-category”. And THAT harms your need to say “hey, this site is robust with content about this broad topic”.
So please. Stop with the flat architecture.
And no, this is NOT just for search engines. Users who see proper URL funnels can rapidly get a cue as to where they are on the site (or as they look at that in the search results, more confidence about trust factors).
So for this site, reorganization of content was called for and implemented.
Yes—breadcrumbs are helpful. because they reinforce topical focus, content organization, and improvements to user experience.
So these were added.
Pop-up windows. They’re great for sharing additional information to site visitors. Except when you allow those to become indexable by search engines. Then all of asudden, you’ve got countless random pages that, on their own, have no meaning, no usability, and no way to communicate “this is how this page relates to all these other pages over there”. They’re an SEO signal killer. So we lopped them out of the mix with a machete.
Sometimes you may want to keep them indexable. If you do, they need full site navigation and branding, and proper URL hierarchical designations. So pay attention to whether it’s worth it to do that or not.
One particular widget on the site was confusing from a UX perspective. This particular issue had as much to do with site trust and overall usability as anything, and less to do with pure SEO. Except it caused some speed delays, needless site-jumping, repetition of effort and a serious weakening of brand trust. And those definitely impact SEO, so it was eliminated.
Duplicate content. Eliminated. ’nuff said?
More duplicate content issues. Sometimes you can keep these, however if multiple category assignments get out of hand, it really IS a duplicate content problem. So in this case, we resolved that.
Old brand, new brand—both were intermingled after the site migration I previously described. Some of it was a direct SEO issue (old brand name in many page titles, in various on-site links and content) and some was purely a UX trust factor.
Again, this was a migration issue gone wrong. Half the site had consistent top navigation based on the new design, and half had imported the old main navigation. An ugly UX, crawl and topical understanding nightmare.
Some of the bizarre auto-generated meta descriptions Google had been presenting on various searches was downright ugly. Killed that click-block dead by adding meta descriptions to over 1,000 pages.
Not a problem you say? Ask Duane Forrester. He’ll confirm—it’s one of many signal points they use to seek out potential over-optimization. So why risk leaving them there?
While I found some toxic inbound links in the profile, there weren’t many on this site. Most of those actually disappeared on their own thanks to all the other wars that continue to rage in the penguin arena. So for this site, no major effort has yet gone into cleaning up the small number that remain.
Okay so what did all of this do in regard to the recovery I mention in the title? You tell me.
And here’s just a small fraction of the top phrase ranking changes:
While the above charts show quite serious improvements since the implementation was started, there’s more work that remains.
Google Ad Scripts continue to be a big problem. Errors at the code level and processing delays abound. It’s an ongoing issue many site owners struggle with. Heck—just eliminating Google’s own ad server tracking code has given some of my clients as much as one to three seconds overall page processing improvement depending on the number of ad blocks as well as intermittent problems on Googles ad server network.
Except at a certain point, ads are the life-blood of site owners. So that’s a pain-point we may not be able to resolve.
Other third party processes come with similar problems. Sometimes third party “solution” providers are helpful to want to improve their offerings, however the typical answer to “your widget is killing my site” is “blah blah blah not our fault blah blah blah” when I know for a fact from countless tests, that it is.
So in this case, the client is doing what they can elsewhere for now. And ultimately, if need be, will abandon at least some of those third parties entirely if they can get a quality replacement.
And content improvements—there’s always more to do on that issue.
This is just one site, in one niche market. The work has been and continues to be extensive. It is, however, quite typical of many sites that suffer from a range of issues, not all of which can be pinned to Panda. Yet where ignoring issues you THINK might not be Panda specific is a dangerous game, especially now in 2015, where it’s only going to get uglier out there…
So do the right thing for the site owner / your employer / your client / your affiliate site revenue…
Posted by Zoompf
A fast website is a
crucial component of a great user experience. So much so that a few years ago Google announced that they were using page load time as a factor in search engine rankings. More recently, Google also announced that they would be favoring websites that use Transport Layer Security (TLS) in its search rankings. TLS encrypts a website’s traffic preventing other entities from monitoring its communications. However, adding this protection introduces more complexity to your website and how it communicates with your visitors, potentially slowing things down and negatively affecting the user experience. In this blog post, I will show you how to implement TLS on your website while keeping it fast and responsive.
Before we start, a quick note on naming. Beside TLS, you may have also heard the term SSL.
SSL was the original encrypted connection protocol created by Netscape in the mid ’90s. TLS is the industry standard protocol that grew out of SSL and has continued to evolve and improve while development of SSL has ceased. In the past, SSL and TLS have been largely interchangeable terms. However, the final version of SSL, SSLv3, was recently found to be not secure. All versions of SSL now have known security problems and no one should be using any version of SSL. To avoid confusion, we will not mention SSL again, and will talk exclusively about TLS.
Additionally, while TLS does help protect your websites’s visitors from eavesdroppers, it does not magically make your site
“secure” from security flaws like cross-site scripting or SQL injection. If you store personal data or conduct commerce through your website, you should explore more rigorous web application security options.
Finally, any type of guide, tutorial, or how-to post on security is highly time sensitive. Attackers are constantly evolving and new attacks are always discovered. Advice about optimizing TLS performance from even 2 years ago, such as
using RC4, would today leave your site unsecured. You should always maintain vigilance and make sure you trust your sources.
There are 2 areas of TLS that can harbor performance problems:
We need to give each of these areas some Tender Loving Care (TLC) to optimize for performance. Let’s discuss each in detail.
When you use TLS, you are adding another 2 steps to the process of how a browser and web server communicate. The sender has to work to encrypt the data before transmitting it, and the receiver has to decrypt the data before it can process it. Since these operations are occurring on all of your web traffic all of the time, you want this exchange to be as efficient as possible.
There are a
large number of ciphers that can be used to perform this encryption/decryption. Some, such as 3DES, were originally designed to be implemented in hardware and can perform slowly when implemented in software on your computer or phone’s browser. Others, such as AES, are so popular that CPU makers like Intel have added dedicated instructions to their chips to make them run faster.
A decade ago, TLS data encryption added significant overhead. Today,
Moore’s law and dedicated support for certain ciphers in CPUs has essentially eliminated this overhead, provided you select the right cipher. The consensus from both security engineers and administrators that run large TLS websites is to use AES, with 128 bit keys. We can see from the chart below that AES running on a CPU that supports built-in AES instructions (denoted by the label AES-NI) is by far the fastest cipher you can use.
Specifying which cipher and options to use can be quite challenging and intimidating. Luckily, Mozilla
maintains an excellent page with example cipher configurations to ensure fast and secure connections. These example configurations work with all browsers, and they default to using the faster algorithms like AES. These are constantly updated when new security threats come out, and I highly suggest following their guidance.
As mentioned, to get the most out of AES, your web server will need to use a CPU that supports the dedicated AES instructions known as
AES-NI. Most server-grade CPUs made in the last 5 years, such as Intel’s Xeon line, support AES-NI. However, older virtualized servers and cloud servers often don’t support these instructions. Amazon’s M1 class of EC2 instances does not support AES-NI, whereas Amazon’s current class of M3 instances do. If you are using a hosted service, check with your hosting provider about what TLS options they support and whether your hosting computer supports AES-NI.
In short, by configuring your web server to use AES ciphers and terminating your TLS connections on a machine with CPU with support for AES-NI instructions, you can effectively mitigate the performance penalty of data encryption.
The TLS handshake is the process that the browser and server follow to decide how to communicate and create the secured connection. Some of the things that happen during the handshake are:
The TLS handshake is shown in this rather technical-looking diagram:
Don’t worry. While there are a lot of details in the diagram, the takeaway is that a full TLS handshake involves 2 round trips between the client and the server. Because of the
difference between latency and bandwidth, a faster internet connection doesn’t make these round trips any faster. This handshake will typically take between 250 milliseconds to half a second, but it can take longer.
At first, a half-second might not sound like a lot of time. The primary performance problem with the TLS handshake is not how long it takes, it is when the handshake happens. Since TLS handshakes are part of creating the secure connection, they have to happen before any data can be exchanged. Look at the waterfall diagram below: (if you need help, check out
how to read a webpage waterfall chart.)
The TLS handshake, shown in purple for each step here, is adding 750 ms of delay to the time it takes to get the initial HTML page. In this example, getting the HTML page over TLS takes twice as long as getting the same page over an unencrypted connection! Worse, the browser can’t do anything else until it gets this initial HTML page. It cannot be downloading other resources in parallel, like CSS files or images, because it hasn’t gotten that initial HTML page telling them about the other resources. This is true with every secured webpage you visit: The browser is blocked from getting that first HTML response. Unfortunately, the TLS handshake increases the amount of time where the browser can’t do anything, slowing down your site performance.
Also, remember the TLS handshakes happen at the start of every new HTTP connection. Since browsers download resources in parallel, this means that a visiting browser will create multiple TLS connections and have to wait for multiple handshakes to complete, even with visiting a single page!
Unfortunately, there is not a lot of extra or unnecessary data that we can optimize during the TLS handshake. The primary aspect we can optimize is the
“confirming the identity of the server” step. To do this, the browser looks at something called the certificate chain.
When you visit
https://www.example.com, how do you know you are really talking to www.example.com? TLS certificates solve this problem. You receive a certificate telling your browser “yes, this is www.example.com. trust me.” But how do you know you can trust the certificate the server sent?
This is where the certificate chain comes in. Your certificate will be digitally signed by some other entity’s certificate, which essentially says
“example.com is cool, I vouch for it, here is my certificate.” This is called an intermediate certificate. Browsers come with a built in a list of a thousand or so certificates that they trust. If the browser happens to trust this intermediate certificate, we are done. However, it’s possible the browser doesn’t trust your website’s certificate, or the intermediate certificate.
What happens then? Simple! The browser will then look to see who signed the intermediate certificate, and who signed that one, and so on… Basically the browser will “walk” up this chain of certificates, seeing who is vouching for who, until it finds a certificate of someone it trusts from that built-in list mentioned above.
The certificate chain looks something like this:
Here we see a certificate for my website
app.zoompf.com. My certificate was signed by the certificate by “DigiCert Secure Server CA.” The browser does not trust this certificate since it’s not in its pre-built list. However, the “DigiCert Secure Server CA” certificate was in turn signed by the “DigiCert Global Root CA” certificate, which is in that list and is thus trusted. So in this case, my certificate chain length is 3.
You can optimize your site performance by making this certificate chain as short as possible, since validating each certificate in the chain takes extra time. Additional certificates also means more data that has to be exchanged while establishing the secured connection. The browser might even need to make additional requests to download other immediate certificates, or to check that each certificate in the chain is still valid and hasn’t been revoked.
When shopping for an TLS certificate, ask the vendor:
I recommend purchasing your certificate from a large, well known vendor. These tend to offer better support and features like OCSP. They are also more likely to have their root certificates trusted by the browser and thus have a shorter certificate chain length. You can learn more about
how to test your certificate chain here.
At its heart, the TLS handshake is about the client and the server verifying each other, agreeing on a common set of ciphers and security options, and then continuing the conversation using those options. It seems silly that a client and a server that have recently communicated before need to go through this full process over and over again. Imagine this scenario: You are visiting a blog like this one over TLS. Multiple TLS connections with multiple handshakes were made to download all the content. In a few minutes, you click a link to read a different page on this site, which causes your browser to do multiple TLS handshakes all over again.
This is where TLS session resumption comes in. Basically, TLS session resumption allows a client to say,
“Hey server, we communicated a little while ago and did so using the following TLS options… Is it OK to start talking again using those same options?” This is a huge improvement on performance. A full TLS handshake requires 2 round trips to create the secure connection. TLS session resumptions allows us to do it with 1 round trip.
The great thing about session resumption is that it is basically a free short-cut. When the client asks the server,
“can we use these previously agreed upon settings?”, it does so as part of the first round trip in setting up a full TLS handshake. If the server agrees, great, the short cut is followed and no further handshaking is necessary. If, for whatever reason, the server doesn’t agree to the session resumption request, the TLS handshake continues as normal and completes in 2 round trips. There’s no reason not to use session resumption.
There are 2 different mechanisms to implement TLS resumption. The first is
Session Identifiers and the second is Session Tickets. They both do the same thing. The difference between them is primarily which side has to keep track of the previously agreed upon options. All web browsers support both, but some web servers, like Microsoft’s IIS, only support session identifiers. Session identifiers are a slightly older mechanism, and can potentially expose your site to Denial of Service attacks. Enabling either session identifiers or sessions tickets is done via your web server configuration, and is quite easy. Consult with your administrator about getting these options enabled.
There are several other TLS options and nuances we are glossing over: What asymmetric algorithm should you use? What key exchange protocol should you use? What key size should you use for your symmetric cipher? Should you be using
perfect forward secrecy? These are important decisions from a security perspective, and everyone’s needs are different. From a performance perspective, these are largely moot. It is best to leave these choices to whomever manages your server, or to follow advice from Mozilla on the page linked above.
As we have seen, the TLS handshakes, while necessary, can have an impact on your performance:
While session resumption can cut the delay of a TLS handshake in half, it is still best to avoid TLS handshakes altogether. You can do this by minimizing how many HTTP connections a browser makes when visiting your website. Luckily, many traditional front-end performance optimizations that you should be doing anyway can help. This makes front-end performance optimizations even more important on sites secured with TLS. Let’s focus on 4 optimizations that are particularly relevant for sites using TLS.
Persistent connections allow HTTP to make multiple requests over a single HTTP connection. Persistent connections allow the browser to load the page faster because it can make requests more quickly. But it can also cut down on the number of TLS handshakes. Consider this waterfall, which we looked at before:
See how virtually every HTTP request has a purple section? This purple section is the TLS handshake. Why does it keep happening? Because the web server is explicitly closing the HTTP connection, and thus the underlying TLS connection, with every response. We can see this with the
Connection: close response header, as shown below:
This is terrible for performance in general, but especially bad for a site using TLS. Your website should be using persistent connections.
Domain sharding is a technique to trick a visiting browser into downloading resources from your website more quickly. It works by having a single web server with different hostnames. For example, your site might be named
example.com, but configured to resolve the names
static2.example.com to the same server. Since browsers allow only a limited number of HTTP connections to a single hostname at the same time, using multiple hostnames trick the browser into downloading more content in parallel.
The problem with domain sharding is that the browser doesn’t know that
static2.example.com are all the same server. It will make new HTTP connections to each hostname, and have to do a full TLS handshake each time. In our example, we are potentially doing 3 times the number of TLS handshakes because of our sharded hostnames. Additionally, session resumption information for connections on one hostname cannot be used by connections to another hostname, even though under the covers all these names refer to the same server.
The net result is that increased number of TLS handshakes caused by domain sharding may offset any advantage gained from downloading more content in parallel. In fact, sharding a TLS-protected website might actually make it slower. This is especially true if you follow the next two pieces of advice, which will reduce the number of items that need to be requested at all.
The fastest request is one the browser doesn’t have to make. Caching might be the best front-end performance optimization you can make. If I just visited your site, and I’m looking at a second page, there is no reason to download your logo a second time. If you don’t use caching, the browser must check with your website if it is OK to use logo image it has previously downloaded. This is called a conditional request, and it’s
bad for performance. Because of the difference between bandwidth and latency, even if you don’t actually download anything from the server, simple sending a request to ask if it is OK to use a logo takes almost as long as just downloading the logo again.
Google is now favoring websites that are secured using TLS in search engine rankings. TLS can have an impact on performance and this article has shown you the steps you can take to minimize the impact.
The data encryption overhead for secure connections is largely a problem of the past, thanks to faster CPUs with built-in support for AES cipher operations. The TLS handshake can be optimized by keeping your certificate chain short by purchasing your certificate from a large, well known vendor whose signing certificates on the trusted list instead of web browser. You can speed up subsequent TLS handshakes by enabling session resumption on your server. You can avoid many TLS handshakes all together by implementing common front-end performance optimizations like persistent connections and caching, and avoiding tricks like domain sharding. You can also use
Zoompf’s free performance report to ensure your website is using AES and is properly implementing the suggested front-end performance optimizations.
In our next blog post we will discuss with intersection of security and performance that Google is creating with its new SPDY protocol.
If you’d like to stay on top of your website performance, consider joining the free Zoompf Alerts beta to automatically scan your website every day for the common causes of slow website performance.