Hello Happy Site Owners! Tips this week include new pricing, new videos, and the first webinar for the Webmaster Training member site, Google Analytics dropping real time data, how to fix the SoakSoak Malware security issue, GoDaddy domains hacked, InfiniteWP and W3 Total Cache plugin security updates, the new code of ethics for hackers, me getting called out online by two WordPress developers, super threads on whether you want to use related posts on your site anymore, how bloggers gain authority, why you need to repeatedly share on social media, how images get you more clicks, a super primer on how to make graphics that don’t suck, the real dope on 14 top stock image websites, the power of testimonials and ways to use them, the how and why of rethinking your site for success in 2015, and for dessert, a little twisted humor holiday video. So let’s dive in. Listen to the podcast.
I’ve been busy this past week making new tutorials for the Webmaster Training site. They include:
- Site Migration with BackupBuddy – which makes it so easy
- How to Delete a Site Fully – and it covers a variety of deletion types for migration, restoring from backup, and removing a sandbox development site
- How to Restore from a Backup with BackupBuddy
And, I’ve added a few more to this first wave of videos too, which include more coming to Level 4:
- Redirect Plugins
- Redirects in .htaccess
- Change Permalink Structure
I also made one of the member videos live to the public on YouTube, which is how to acquire and configure an Amazon S3 account for storing your backups. I recommend it so often in help groups, that is be even more helpful to have a link to a tutorial. So that’s why I made it public.
First Webmaster Webinar
And I’m delighted to announce that we’re going to sneak in a bonus webinar on the 30th of this month. We’ll start the regular quarterly webinars in January. I’m really excited to be doing these because they are an open format where webmasters can hang out together, ask questions, and pool resources.
And, while you’re on the site to see the full video list, you may also notice the new pricing structure. I’ve adjusted it slightly for a reason, and why is a secret I’ll tell you about in the next month or so.
But, it did make the Grand Opening Discount bigger, so you can still get in on some awesome savings through the end of the year.
Write it Off Your Taxes
Webmaster Training is a business investment, so you can write it off your taxes. That’s another good reason to consider getting in while the discount is running too.
Watch Videos on iPad
Because these videos, and the ones in the WordPress/SEO/Genesis library show so much text on the screen, I have to be very careful to ensure they render at the highest quality so they’re not fuzzy.
That really limits how much I can compress the file too. And that can cause a delivery issue for some folks who like to watch the videos on their iPads while working on their computer.
I’m delighted to tell you that I’ve finally found a compression technique that retains the quality but makes a smaller file. That’s super news for folks on slower wifi too, which is usually the case when using a tablet.
But that also means that I now have about 90 videos between the two member sites to convert. So all of the new videos will be in the new format, but it will take me a while to convert the rest. I’ll be doing them in little chunks at a time.
That’s all the news from around here.
Let’s jump into this week’s tips from around the ‘net.
4.1 Release Candidate
The core WordPress devs are honing in on what will be in WordPress 4.1. The first Release Candidate is available for testing. I would imagine the final release to the public will be before January is out if not sooner. There are no big changes in this one that should disrupt much, thankfully. It’s mainly feature tweaks.
Google Analytics by Yoast Drops Real-time Data
I was pretty excited that the Yoast analytics plug recently decided to incorporate a dashboard module so you could see your analytics without having to log into your Google Analytics account. That’s one of the reasons that I preferred the Google Analyticator plugin.
But, looks like GA is unhappy with how many calls the Yoast plugin was making. The GA profile was being fetched every time there was an admin request. So now the plugin will only make one call a day and advises that you log into GA for real time stats. That’s a good call.
Sucuri is reporting 100s of 1000s of WordPress sites may be at risk of a malware injection affecting the RevSlider. They say Google has blacklisted over 11,000 domains already. Thanks for the warning, but isn’t there a big difference in 11,000 and 100s of 1000s? We’ll see how this turns out. But if you use that slider, you definitely want to get in front of this.
Word is to replace the directory completely and not rely solely on the update.
Thanks to +Jim Walker for that tip.
Sites are not the only things that get hacked. Domains can be too. And that’s why I advocate using different companies for each. If one gets hacked the other doesn’t.
Do you get constantly spammed for Ugg Boots and such? Well, Denis at WP Security Bloggers wanted to know where all of those spam notifications were coming from. Turns out lots of them were from domains that had been compromised.
The post is quite technical, but do scan it because there is some valuable info and stats in there that you’ll want to know about to help keep your domain safe.
If you use InfiniteWP to manage multiple sites you need to update it immediately if you haven’t already. This hack was reported about a week ago.
Get Hack Reports Quickly
There’s no need to wait until Tuesday to get these kinds of updates.
Follow me on G+ to get the skinny the moment it happens because I try to be good about announcing such things there when it’s critical.
There has been a security patch applied to the W3TC plugin and more are on the way as soon as the developer’s find out what else there is to fix.
Code of Ethics for Hackers
You’ve heard of a code of ethics among criminals. Well, the developer and white hat hacker community is trying to enforce such a thing through public peer pressure.
Some security hacker folks build their reputation by being the first to discover code vulnerabilities. Being the first to publish is as powerful as getting the scoop in mainstream media industry.
Some were releasing the info to the public without first notifying the developer of the plugin or software. You can see the peer pressure backlash of that in this post about the W3TC update from Planet Zuda.
Basically, they’re saying that if you’re going to shoot a developer in the back, at least give him a running start by telling him privately first. That’s because black hat hackers read these reports too and the devs who make their living by creating WordPress related things want to keep things as safe as possible and not cause a panic or an outbreak of hacked sites.
Getting Called Out
Hacker reporters are not the only ones under public peer pressure. I got called out by two well-respected WordPress devs for my report last week on what’s behind the flurry of plugin updates.
The thing they took the most issue with was that I linked the current XSS vulnerabilities to the emergency update of WP 4.0.1. The post made it seem that WordPress is not safe to use.
I’m happy for you to go read the full comments and my reply. But the gist of it is that WordPress itself is safe to use. In a world without databases, plugins, PHP and other code, and end users who don’t take security seriously, that would be enough. But, that’s not the real world.
So, if you want the whole story about why I feel the way I do, and why I’ll continue to report what’s happening, then go read that post.
With the demise of nRelate, some folks are looking around for a good substitute. There isn’t one. All such plugins and services have performance and/or security caveats.
You know I mentioned last week that maybe it was time for me to do head-to-head tests on these things.
I’ve changed my mind.
Jump on over and read my post about why I decided to go a different route and why it’s time to start rethinking rehashed, me-too ideas about our sites.
Content Marketing Tips
You’ve heard the advice. Repurpose your content. Be everywhere. This post by +Donna Merrill is not just a rehash of why you should do that. It’s also about what your readers think of you when you do. And, what they think of you when you present different types of content. It will definitely help you stand in the shoes of your readers and get in touch with what you present to your audience in a whole new way.
It’s not just about sharing everywhere. It’s about sharing more than once. In this post, +Mark Traphagen uses Twitter as his example for the Power of Sharing and Sharing Again.
I’m taking all of the best tips in this post and making a poster that I’m going to tape to the wall where I can see it every day because higher visibility is my #1 goal for 2015.
I’d invite you to do the same.
And that post also includes data on how much more a post gets clicked when there is a great image attached – like 5-12 times more.
I think +Dustin W. Stout is on a crusade to help us graphic-creator-challenged folks make stellar images for our blogs and social media. If you’re in that group with me, this is a stellar primer just for us. I see what he’s saying, literally. And I’m working on it. Now if I can just figure out how he gets his title to float over his image.
So we know that images get you noticed on social media. I don’t know about you, but finding good images is a real time sucking chore for me. Finding good places to find good images has been too. Well, not any more.
Here’s the big list of image sites with the good, bad, and bottom line on each from a post by Joe Warnimont on Kevin Muldoon’s site.
Testimonials convert. In this excellent post by +Mary Iannotti she gives us multiple ways on how to use client testimonials for social proof and to help influence reader’s decisions.
I scoured this post because this is one of the main changes I’ll be making on my own site soon.
The online environment has changed dramatically in the last two years. But most sites haven’t.
And most site owners are still following the conventional, rehashed wisdom of a gazillion shiny new and me too posts telling them what they need to have on their site to be successful.
It’s time to rethink all that.
It’s time to re-evaluate your site using real data from real tests in the real world.
It’s time to revamp your site for success using current standards, not advice from two years ago.
See my post for the full list of what your site needs to be successful in 2015. And I’m betting a lot of it is not what you think.
It just wouldn’t be Christmas for me without a little twisted humor song from Fred
That’s a wrap for this week’s Tips Tuesday. If you’re listening on the podcast, be sure to jump over to the post with full show notes and links, and any news that may have broken after the podcast was recorded on Monday.
And thanks so much for giving this podcast a big star rating on iTunes, and please leave a review and let me know what you think of the show. I really appreciate it. And do drop by and say hey over on my Google+ page too. That’s where I hang out. Be sure to visit BlogAid.net for more tips and resources and I’ll see you online.