Passive Marketing

Blog

  • How to Improve WordPress Security

    How to Improve WordPress Security

     

    wordpress-securityPlease note: This information was taken from my old site: hostingtavern.com. This is why some images may show that title.

    If you have not taken any steps to improve the security of your WordPress site, then you have not had to learn your lesson the hard way.

    It has only happened once to me. However, that single time when I had a WordPress site hacked and spammed, it meant thousands of dollars in loss revenue by the time I realized what had happened. If I had spent ten to fifteen minutes improving the WordPress security of my site, I could have avoided the entire ordeal.

    The best part is I regularly have read articles such as this one and ignored them. Do not make this mistake!

    In the following article you will learn the following:

    • How to protect your site from malicious people
    • How to automate all your backups
    • Improve your WordPress security
    • How to scan your entire site for malware
    • How to monitor your site

    Back Up Your Site Automatically

    The first step is to make a backup of your site. Do not do it tomorrow, do it right this minute!

    Having a backup of your site that is up to date is the best way to recover a hacked site. You will be able to restore your site to its previous non malicious form with a single click.

    It is furthermore a smart idea to make backups before making any large changes to your site such as upgrading your database or trying out a new plugin.

    HostGator hosts my site and does not automatically make a backup of my site. Some sites will, but most will not.

    To make the process easy, you do not need any paid plugins to get the job done. I have found using BackWPup is all you need.

     

    BackWPup

    This plugin will back up your entire site which will include the database and all your files in one zip file.

    After it has made the backup, the plugin will upload the zip file via FTP to services such as Dropbox automatically.

    If you do not have any such services, setting up a Gmail account to store your backups is a smart choice since they provide you with so much space.

    Make sure to install the plugin and do daily backups of your site! This can save you a huge headache down the road.

    Remove the WordPress Version

    In the source code of your WordPress installation, it will tell you which version of WordPress it is currently running.

    If malicious people such as hackers discover a vulnerability, then it is very simple for them to get together a list of sites that run the vulnerable installtion of WordPress.

    In order to remove the version, log into your admin control panel. Go to Appearance > Editor > Functions.php. Add the following code right before the ?> tag:

    remove_action('wp_head', 'wp_generator');

    Block Directory Browsing

    Some sites will allow you to view all the files in the folder if you navigate yourself to a specific directory. This is much like the process of viewing files on your personal computer.

    To block this from happening, you must add a single line to your .htaccess.

    Locate your .htaccess file, open it up, and add this line of code:

    Options -Indexes

    Update Your WordPress and Plugins

    Vulnerabilities are being found out all the time. This is why you must make sure to keep your WordPress installation and all plugins up to date to combat new vulnerabilities being found out.

    Keep everything up to date whenever a new update rolls out. It is the best practice to make a backup before updating anything in case your plugins decide to break or something does not work properly.

    Delete Unused Plugins and Themes

    If there are themes or plugins that are not used, then they are not going to affect your blog directly. However, if that plugin or theme has been hacked, any malicious hacker will have access.

    Get rid of all unused plugins you may have and themes too! It will give you a nice boost in speed to your site as well as improve your WordPress security.

    TimThumb Vulnerability Scanner

    This is a script that has become popular for its use to re-size images for different themes.

    The biggest problem? The script had a large bug that could be taken advantage of by hackers.

    To check out your theme and see if it is at risk or having a backdoor, you can go ahead and check out the TimThumb Vulnerability Scanner.

    What this will do is scan your site and if there are older versions of Timthumb, it will let you updated them all with a single click. Once you have done this, you may uninstall the plugin.

    Using CloudFlare

    Using CloudFlare is a great way to protect your site as well as help speed it up.

    What this does is stop hackers from even reaching your site in the first place. It will work at the DNs level.

    Setting up your account will only take a couple of minutes and will offer some protection. Paid options are available but you do not really need those.

    Security Plugins

    By installing a plugin, you can take some further steps to protect your site. I have chosen to use the Better WP Security plugin. The following are what this plugin can do:

    • WordPress version removed
    • Changes login and dashboard URLs
    • Default admin account renamed
    • Changes WordPress database table prefix
    • Will remove messages related to login errors
    • Scan for vulnerabilities
    • Bans hackers and bots
    • Improve the security of your server
    • Help protect your site from malicious activity

    It also does so much more! The one thing it seems to be missing is an automatic backup, but there are other tools to do that with.

    Make Sure to Install a Firewall

    After you have taken the step to install a plugin for your security, you will want to install a good firewall. This will help protect your site from injections of SQL or Java.

    A good option is the OSE Firewall. This will give you great WordPress security.

    Monitor the Security of Your Site

    I like to make use of free services to check how my site is doing.

    Pingdom

    If you get an account from Pingdom, it will be free and will make sure to check your site every minute of the day from different locations.

    You will get a notification if there is downtime to your email.

    Sucuri Sitecheck

    One of my favorite options is Sucuri Sitecheck. It will check and scan your site to check URLs for different threats. It will see if your site is blacklist and will make sure to check for malware.

    sucuri-sitecheck-hostingtavern

     

    Change Detection

    A simple service I also like to use is Change Detection. This tool monitors your pages for different changes. If it sees a change, you will get a notification through your email.

    hostingtavern-sitecheck

     

    Have you Taken the Steps Above?

    It is very important that you take the few minutes to improve your blog security. Do not ignore the information I have laid out for you, it is for your own good!

    If you choose to ignore this post, sooner or later, you are going to have a problem. You may even lose money! Take action, improve your site, and happy blogging.

  • How to Do Keyword Research

    How to Do Keyword Research

    If you have already taken the steps to starting a blog then you should know that keyword research is critical to your success. The goal of the following article is to make keyword research both accessible and easy. There are many articles that will teach you advanced techniques for keyword research but this is not such an article.

    In this article we will cover the very basics of keyword research will include 6 main areas. These areas are as follows:

    • Brainstorming a list
    • Knowing you need a keyword tool and which to use
    • Refining your list to the best keyword phrases found from your keyword analysis tool
    • Keyword phrase relevance
    • Find consumer demand by looking at search volume of keywords
    • Taking a look at the competition

    In simple terms, you are looking to get together a group of keywords which are very targeted and have high search volumes with low competition. You will want to find a keyword phrase which many people are searching for that does not have many competitors with authority competing for that same phrase.

    Brainstorming The List

    Many times the keyword research for a site will begin with an optimizer who comes up with a list of keywords or phrases that they think people are searching for or that they think describes their website content.

    There are times when this list of words is based on research but the majority of the time they are pulled out of nowhere and are keywords that the company wishes people used to describe their content or services. Often is the case that these words are not the keywords the actual public is using.

    Call to Action

    You should start off the process of keyword research with a brainstormed list like previously mentioned. You will want to think about how people that use your services or read your content would describe them if they were searching for such things. Think of different stems such as “How to” that people would use to find your site. Are local modifiers important to your service? If they are, add locations to the list followed by keywords that describe the service. Basically, come up with a list of keywords that you think best describes your content and services.

    Selecting and Using a Keyword Research Tool

    During the process of keyword research you will take your list of brainstormed keywords or phrases and find out which of them have the best chances of earning you top SERP results and are also attainable and have high searches.

    This post is not about the tools you can use but you must understand that you must have a keyword research tool at your disposal to go through your keyword data.

    All that is covered in this article can be done with the most basic keyword research tools such as the Google Adwords Keyword Tool (now the Google Keyword Planner). However, there are much better paid tools such as WordTracker that will give you an advantage in keyword research by giving insights for Bing and Yahoo! and Google as well as giving you a nice laid out in-depth analysis.

    Call to Action

    You can enter in all the words that you have brainstormed into the keyword tool of your choice one at a time but I would recommend that you use batches of 10 keywords or phrases at a time. This will make the entire process faster and easier.

    Whenever I help someone with using the AdWords Keyword Tool there is always one mistake that I see over and over again. You must select the “Exact” keyword matches in the left sidebar. When you select “Exact” the tool will show you how many people searched for that exact phrase in Google alone. The tool will then give you a list of results that are closely related to the phrase you have just entered.

     exact-in-google-keyword-tool

    You will want to take the phrases that are suggested for you and add the good ones to your list that you are brainstorming. This will help you find related phrases that might also be highly searched.

    Refine Your List with Keyword Suggestions

    In every keyword research tool that you will use, they will give you keyword phrases that are very close to your original query as suggested keywords. In the free AdWords keyword tool, they call them keyword ideas.

    Taking careful notice of suggested keywords in this area is very important. This can give you an insight of how customers are searching for specific products. With this information you can refine as well as continue to build your keyword list.

    keyword-ideas-adword-tool

    Do Your Keywords Accurately Describe Your Content?

    During the time that you are looking at the suggestions for keywords, many people fall into the trap of focusing on the high volume keywords even if they do not accurately describe your content or product. You want to make sure that the keywords you select are both high volume AND relevant. The relevance to your product or content is the most important thing here.

    If you stumble across a keyword phrase that does not really describe the content on one of your pages but it is related to your topic, the best thing to do is to create a new page on your site with the keyword phrase. Keyword research should help with your content strategy, not the other way around!

    Always write for people, not search engines. You should always be thinking about what the user is searching for when they type in a specific query.

    Check the Volume — Is it popular?

    If you check out the search volume of a particular keyword term, it will tell you how many times in the month that keyword phrase was searched for in Google. Other tools will display this information for other search engines but when you use the AdWords Keyword Tool, that is what you will get.

    If you find an exact phrase that has a high volume, it tells us that there is a high demand for that product of that information. It also shows us the language that is being used to look for that product or information.

    To find these high volume terms, you need to find out what is in demand and what language is being used to find things. Make sure to optimize your pages on your site to include terms that users are searching for. This will give search engines such as Google the chance to see that your site is a relevant source for users looking for that information.

    Call to Action

    Make sure to look at the Local Monthly Searches in the Google AdWords Keyword Tool. There is no secret formula for what the best search volume for keywords is. The best search volume is going to be subjective to different websites and products.

    Some search terms are going to be long tail keywords. These are going to be searched for much less than a one or two word phrase but the visitor is going to be much more targeted if they come from long tail keywords. I do not know about you, but I would rather have 100 targeted visitors come to my site instead of 1000 targeted that will leave right away. Remember, you want traffic that will convert.

    The best of both is going to be keywords in the keyword idea section that are going to show high search volume and be long tail keywords. These types of keywords are the ones you should be focusing on as they will be the most targeted and will convert the best.

    local-search-volume

    Competitive Analysis

    The very last step is looking at competitors and analyzing the competition for specific keywords. This is done by looking at what the SERP is turning out.

    If you want to get an idea of how competitive the keyword you are trying to rank for is, open up a new page and enter your phrase into Google.

    Do you see sites that offer similar products to yours? Perhaps you see big brands on the first two pages. Maybe you even see results on the front page that have nothing to do with your product.

    Do you see results similar to your product or content?

    Awesome, this means you are on track. Look at other sites that are ranking on the first page for this phrase. Take note of who is competing with you in the top ten and then take a look at the top three. Look at what they are doing with their pages and what kind of language they are using to convert visitors. The best chance to beat your competition is to do things that they are doing wrong, right! Do these sites have the keyword phrase in their body, description and title? If not, add it to yours and you are one step closer to being first.

    If you want to get a better detailed view of the top ten, go to Google and enter the search “Allintitle:keyword”. The keyword is going to be the keyword phrase that you are targeting. This will show you the web pages that have that keyword in their title tag. What this means is that these are the websites that are taking the time to optimize for that specific phrase.

    Authoritative brands in the top ten?

    Every spot you are away from number 1, the more click throughs to your site you are never going to see. I want to be very honest to you when I say that you have a slim and usually no chance at all at beating huge brands such as Microsoft or Adobe for the first few spots. I would spend my time on other keyword phrases if I saw huge brands in the top three.

    No results with similar services or products in the top ten?

    It may be possible that the keyword phrase you are trying to search for can mean two completely different things. If you search your keyword phrase and see nothing related in the top ten, you have found one of these keywords. If your webpage makes it to number one for this term, it might not be as targeted as you want it to be. Non targeted traffic is not very useful so I would find another keyword to target.

    Choose the Best Keywords

    If you want to compete with other sites and become number one in the SERPs you will need to have keyword rich content, descriptions and meta titles. If you are going to take the time to target specific phrases, you should also take the time to figure out if that is the right language being used to find your information or product.

    Make sure that you are optimizing on the data you have available to you. If you are optimizing based on your hunch, you are doing it wrong.

  • How to Create a Page for Blog Posts in WordPress

    How to Create a Page for Blog Posts in WordPress

    WordPress by default likes to show all your content in the format of a blog on the homepage. Some people like to create a custom home page in WordPress. If you want to use WordPress to run your entire site but also use it as a blog then this article has some tips for you on how to do that.

    There are two different main methods where you can create a separate page just for blog posts. These methods depend on how you set up your home page. If you set up your home page by creating home.php then the method below is what you will need to follow.

    Method One

    • Copy index.php and save it as blog.php
    • Make blog.php a custom page template.
    • Create a new page in your admin panel. Give the page a title, usually blog and select its custom page template like in the second step.
    • Publish your page.

    You will then need to edit the blog.php file by finding the loop. It should look similar to this.

    <?php if (have_posts()) : while (have_posts()) : the_post(); ?>

    Go ahead and replace this code with the following:

    <?php
    $temp $wp_query;
    $wp_query= null;
    $wp_query new WP_Query();
    $wp_query->query('posts_per_page=5'.'&paged='.$paged);
    while ($wp_query->have_posts()) : $wp_query->the_post();
    ?>

    The posts per page is going to tell WordPress how many posts it should display on each page. You can change this number to whatever you think will work best with your site.

    Find the following line:

    <?php else : ?>

    Remove this as well as the 404 content. Your WordPress should already have a 404 php file for that.

    Next you will need to find:

    <?php endif; ?>

    Replace this code with:

    <?php $wp_query = null; $wp_query $temp;?>

    Tada! You now have a page that will display just your blog posts.

    Method Two

    This method does not really use much code at all and is much simpler. However, it will not allow you as much customization as you may like.

    You will want to create two pages, one should be your home page and the other should be your blog page.

    Once you have your two pages set up, go to settings and then reading.

     

    wordpress-reading-settings

    You then need to choose the static page option and select the front page as your home page and the posts page as your blog page.