Hello Happy Site Owners! Tips this week include:
- re-launch of a hacked site
- what’s behind sites acting goofy and rash of attacks
- 5 things to check on your site right now
- new visual editor in the WordPress App and why not to use it
- a clearer view of term splitting coming in WordPress 4.2
- site and internet tech trends over the last year
- demystifying the sales and purchase funnels
- converting on every page of your site
- mobile friendly officially becomes a ranking factor
- how to test your site for mobile and performance
So let’s dive in. Listen to the podcast.
Well, so much for getting into a rhythm with a steady work flow. A family emergency popped up last week and I got pretty backlogged. Just now getting all caught up. I’m grateful to my clients who have been so understanding and patient with me, as well as their kind words and well wishes.
And this reminds me of something I heard +Darren Rowse talk about years ago when ProBlogger started getting big and became the real breadwinner in the family. You need to have a contingency plan for when you’re not available, and if you drop off the face of the earth.
I have an emergency contact for all of my site management clients so if something catastrophic happens even when I take a day off, they are not without help. And, I have secure files set up that can be accessed by someone I trust that can take over in my permanent absence if need be. Plus, I have a Power of Attorney so that person can legally do whatever is needed for all of my accounts and such too.
I’m not trying to be morbid or anything. Y’all know I’m all about prevention. And this is how I take care of myself and my clients. Just something for you to think about.
And I have some happy news about things that got done even in the midst of a disrupted schedule.
I’m delighted to announce the relaunch of We Are 1 In Spirit. This is the total site rebuild I’ve been telling you about for a couple of weeks. The original site was hacked and the owner, +Yvonne Perry, worked her tail off to get the new site built. It was cheaper and easier than fixing the old site, which did not have adequate security, backups, or SEO.
The new site is on a much better foundation for all of those things now and I’m positive that she will fare much better with it. Not to mention her confidence with all she is doing to help her get even more views and such too.
We still have a bit of tweaking to do on performance, but that’s mainly with optimizing old images and such that were used on the other site. She has a brand new theme on the Genesis platform and is still optimizing all that it offers, and all of the new things she can do with it.
So big kudos to Yvonne for all of her hard work and taking the new training and such so fast and furious too. She did a great job to the point of her head popping from information overload a couple of times. I’m betting she would like to take a break at this point, but she’s just so darn excited about the site!
My colleague and peer, +Kim Castleberry was kind enough to contact me privately to let me know that she ran in circles on my BlogAid site to try to find the link for the Webmaster Training and anything resembling all the levels and webinars that I talk about on the podcast so much. That’s mainly where she follows me.
She gave me some well-deserved constructive criticism about how hard the link was to find. And she’s right.
I’ve got no excuse, really. Cobbler’s children thing and I was waiting for my site revamp to redo the whole home page with better links to all the things that are being actively promoted.
I appreciate Kim giving me the kick in the butt incentive to make some intermediate changes to the site. And that’s going on the to do list for this week.
Sites Acting Goofy
One of the other reasons I’m a bit backlogged was not only my personal delay, but also sites acting goofy that were scheduled for a site audit last week.
There’s been a rash of hacked sites in the last two weeks and even more sites and hosting accounts acting odd.
Some of the attacks look like they’re from the inside with hackers having cPanel access. If they can get into your database, then it’s pretty easy to get your WordPress log in credentials, no matter how many times you change them. But getting your cPanel log in is different. That could be a server exploit. Many hosts run the cPanel software and other softwares for Linux.
And I’ve seen one site get hacked 3 times in a row, no matter what security measures were put in place.
This is happening across multiple hosts too. So, y’all be super careful about your security right now by keeping your plugins updated frequently. I’ve also set backup frequencies to daily at this point. You might want to do the same.
Right now whatever is causing the goofiness and hacks is flying under the radar in such a way that they are nearly impossible to detect and are not setting off any alarms or server errors.
Just know that there is nothing that can prevent them at this point, and I do mean nothing. One person informed me that she got a notice from her security plugin that someone had used her own log in credentials to enter the site. Good that she got notified, but that didn’t prevent it from happening. Some folks are also saying that moving the login page is helping, but for a little while, and that’s not even working for others.
I’m currently look into ways to set up 2-step authentication through Google via email instead of phone so that both me and my site clients can access things when we need to.
If you’re the only one logging into your site, then the phone thing shouldn’t be an issue and I suggest you consider doing it.
I’ll have more for you as we narrow down the point of entry for these attacks, as well as what to do to protect yourselves.
That’s about all from around here.
Let’s jump into this week’s tips from around the ‘net.
How do you know when something’s wrong with your site? Too many times we don’t visit or check some of the critical elements on our site to know if they’re working or not. And unfortunately, folks have to want what you’ve got to take the time to tell you it’s broken. Most of the time they just move on.
+Michelle Martello has a super checklist of the 5 things you need to test right now. It will only take you a couple of minutes to do, so click the link in the podcast show notes and read that post for the 5 things to check.
Some of you may still be using the WordPress App for mobile to log into your site from your phone or tablet. Well, it has a new text editor that’s like working in the Visual view mode instead of the Text view mode with code.
That’s a lot more convenient, but I strongly suggest that you don’t use this thing unless you absolutely have to. It requires leaving half of the XML-RPC function turned on.
In a previous post I told you why and how to turn XML-RPC fully off. Among other things, it opens your site for being used in a DDoS attack.
That shut off works, but it doesn’t keep bots from knocking on the door to try to use it. So, I’ve been testing new code in the .htaccess to turn them away immediately. All of those attempts chew up system resources. So, we want to put a stop to that as well.
This is the kind of code that I make available in the Webmaster Training too, and the kind of things we talk about in our webinars.
And, I’ve been testing other code to block those spammy SEMalt and buttons-for-website links too. I’m starting to see them show up in all site audits now. They are not a security risk, but they will hurt your SEO over time.
The core WordPress devs have given us more details on how the new term splitting will work in the upcoming release of version 4.2.
You may recall me reporting on it last week. And you can read my post on Big Changes to Categories and Tags Coming in WordPress 4.2 for details on the plugins that could be affected.
What they’re clarifying here is that this is an old bug and it hasn’t been a big problem for most site owners. Basically if you have a category and a tag with the same name, when you changed one, the other got changed too. That’s not something that a lot of us do much.
But, they want to be sure to get more info out for plugin developers so they can change how the terms they use work with the database. That’s where the problems will be.
They use Jetpack as an example of how disruptive this could be to a site, in that it would no longer properly pull in related/popular posts or such. I’m sure they will be updating Jetpack to fix that issue. But, it’s worth noting that the disruption is real.
We’ll likely see a bunch of plugins being updated for this change in the coming weeks. Just be sure to backup your site first, in case it affects anything in a negative way.
A few of the things that caught my attention were:
- There are 2 million more domains using WordPress. That dwarfs how many new ones there are on WIX and Weebly. I found it odd that they didn’t specifically mention Drupal and Joomla. All total, there are 75 million WordPress sites, half of which are on WordPress.com and the other half is self-hosted.
- There are 2 million more domains on Google Analytics too, which seems natural considering how easily it integrates with WordPress.
- There are nearly 282,000 new WooCommerce sites. So a lot of folks are getting into either the store business, or using it to sell their digital products. And before you go that route, give Easy Digital Downloads a look. Woo is great, but is overkill for selling an ebook or two.
- Google Fonts and Font Awesome have added 6 million domains between them.
- 4.5 million more sites support the viewport meta tags for mobile. That’s a pretty radical increase. And something we all need to pay attention to with Google’s latest announcement about mobile, which we’ll get to in a moment.
- 10 million more sites are now HTML5 compliant, and this was the biggest jump in the whole study. Folks, if your theme is not HTML5 compliant, you are losing out even more quickly now in search to sites that do output schema markup. If you don’t know what I’m talking about, you can get in the know quickly by having a look at my Microdata and Genesis series.
This trend post is definitely worth reading and seeing the details on all of the growth trends so you won’t get left behind from what you don’t know that you don’t know.
I want to give a shout out to +Randy Milanovic for sharing this post on what a sales funnel is.
Even if you don’t read the full post, jump over and see the pictures. And be sure to see the one with the funnel on its side.
As one of my author buddies said, he writes 1000x more marketing copy than he wrote in the book he’s trying to sell. Yep, that’s about right.
Most folks spend a lot of time writing blog posts and courseware and don’t spend any time marketing it. I spend some time marketing, but I’m in the process of setting up a system to radically increase visibility and exposure via social media.
I’ll sell more if I write less and promote better. That’s the truth of it.
Folks spend a lot of time choosing their theme based on how the home page looks and functions. But if you are a content marketer, the home page is not likely where folks land first, or even most often on your site.
In this most excellent post, +David Kutcher gives an honest assessment of how a site works when built well for conversion, as well as how conventional builds miss the mark.
I’m in the process of a total rethink of the BlogAid design and what David says about the metrics to back up his advice in this post is absolutely the case on my site too, and on most of my client sites. Definitely worth a read.
The really big news this week was the announcement from Google that Mobile Friendly will officially become a ranking factor on April 21st. I do believe that’s the first time Google has ever given a specific date for such a thing too. You can read more about it in this post from Search Engine Land.
But, if you want to hear it from the horse’s mouth, you’ll enjoy this timestamp post +Joshua Berg was kind enough to make for us of a recent HOA with Google’s own John Mueller. Lots of questions answered about it during the conversation.
Google is testing a new red slow label next to the description in SERPs for sites that don’t meet their speed criteria. The funniest part is, they are even flagging their own pages for YouTube videos and such. You’ll see an example of them in this post.
I don’t know if this label will stick or not. But I do know that real visitors have a low tolerance of slow loading sites. Do you even know what your site’s load time is?
Poke around in all the links at the top of that tester and get a better look at what’s happening on your site.
That’s a wrap for this week’s Tips Tuesday. Thanks for subscribing on iTunes, and for giving this show a rating and review. I really appreciate it. And do drop by and say hey over on my Google+ page too. That’s where I hang out. Be sure to visit BlogAid.net for more tips and resources and I’ll see you online.