Is Your WordPress Site A Target For Hackers?

Online security is a priority website owners should take seriously. How many of us use the same password not only for multiple sites but for other personal information like bank accounts, billings, credit cards, etc.? General website information is available via Whois.com and displays information such as your email address. To the determined hacker, this single piece of information could lead to a chain of personal information tracking and could lead to more devastating consequences aside from identity theft. The epic hacking of Wired’s Senior Writer, Mat Honan, that dissolved his digital life is a reality check that whatever goes online (and even offline) can disappear in a matter of seconds.

Another security challenge is having multiple authors and contributors to your WordPress website. Granting access to users should be managed with a built-in authentication system to filter out unauthorized or unregistered users from accessing not only your resources but also premium information not open to the public. Installing necessary precautions and different levels of security checks can be helpful in creating deterrents to possible security hacks.

Here are some useful tools you can use to protect your site from being compromised.

LastPass – PassWord Manager

LastPass is an award-winning password manager that saves your passwords and gives you secure access from every computer and mobile device. Download and setup is easy and can be done in minutes. Once you’ve created your account, LastPass prompts you to save new sites as you browse – so you’ll never lose another password. After saving a website’s username and password, LastPass will autofill the login when you return to that site. No thought, no typing, no work required – LastPass does it for you. LastPass allows you to share access to multiple users securely. This security tool also helps you address other password management concerns and security threats like keylogging, etc.

UpDraftPlus – WordPress Backup

UpdraftPlus simplifies backups and restoration. Backup into the cloud (Amazon S3 (or compatible), Dropbox, Google Drive, Rackspace Cloud, DreamObjects, FTP, SFTP, SCP, WebDAV and email) and restore with a single click. Key features include: Site duplicator/migrator: can copy sites, and (with add-on) move them to new locations; backups of files and database can have separate schedules; large sites can be split into multiple archives; database backups can be encrypted for security; and download backup archives direct from your WordPress dashboard, among many.

Clef – 2 Step Authentication Mobile App

Clef is a free replacement for usernames and passwords that makes logging into your WordPress site easier and more secure. It is a mobile app that replaces usernames and passwords using your smartphone. This security tool lets any site recognize their users based on their phones, instead of anything they have to remember or type. Clef puts secure cryptography in the hands of every user and frees you from having to remember any passwords. Once you sign in to one WordPress site using Clef, you can sign into all of your Clef-enabled sites with a single click. And once you sign out of the app on your phone, you are automatically signed out of all your WordPress sites.

Google Authenticator – WordPress Plugin

The Google Authenticator plugin for WordPress gives you two-factor authentication using the Google Authenticator app for Android/iPhone/Blackberry. You may already have the Google Authenticator app installed on your smartphone, using it for two-factor authentication on Gmail, Dropbox, Lastpass, Amazon etc. The two-factor authentication requirement can be enabled on a per-user basis. You could enable it for your administrator account, but log in as usual with less privileged accounts. It also works on WordPress installations that have several users aseach user has his own Google Authenticator settings.

All In One WP Security & Firewall

The All In One WordPress Security plugin is a comprehensive, user-friendly, all in one WordPress security and firewall plugin for your site. It reduces security risk by checking for vulnerabilities, and by implementing and enforcing the latest recommended WordPress security practices and techniques. This plugin uses an unprecedented security points grading system to measure how well you are protecting your site based on the security features you have activated. Protect against “Brute Force Login Attack” with the Login Lockdown feature. Users with a certain IP address or range will be locked out of the system for a predetermined amount of time based on the configuration settings and you can also choose to be notified via email whenever somebody gets locked out due to too many login attempts. Monitor/View the account activity of all user accounts on your system by keeping track of the username, IP address, login date/time, and logout date/time.

As always, check for compatibility before installing any plugin or tool. And don’t forget to backup your site as well.

WordPress Design For A Global Market

Design is subjective. There are generally accepted design principles that govern the design community and serve as guides to evaluating “correct” design. However, not all of them are totally applicable to specific clients especially when Western taste buds meet Eastern culture. But when and where shall the ‘twain ever meet if beauty and design aesthetics are wrapped deeply in mores and culture?

This is the cross cultural challenge that web designers need to face in order to remain competitive in today’s global market place.

West, Meet East

Before the West was, the East was. Two of the world’s oldest civilizations, China and India, are also two of the fastest and most robust economies today. According to Census.gov, as of 2014, China and India ranked as the top two countries with the highest population in the world. China ranked first with 1.3B (population) with an approximate 42.3% Internet penetration, followed by India with 1.2B (population) with an approximate 81% Internet penetration. Approximately 1 billion internet users from these 2 (right to left, top-to-bottom reading) countries alone. And if theme developers do the math, even if at 1% of a billion internet users, that’s still a lot of WordPress themes right there. Too many to ignore.

Global Market Local User Design

We’ve talked about defining your target market and directing your business to reaching your specific demographic. Once you have that down pat, it’s probably time to think of expansion and consider widening your net a little further. To go a little more granular and target the local user.

With WordPress powering over 21% of the Internet and being one of the most user friendly and reliable CMS systems existing today, aside from the fact that it is free, more and more Internet users are looking to it as their platform of choice.

With that, the popularity of WordPress has crossed over into multi language markets despite having been around for only a decade and catering mainly to users of modern languages which are generally left to right in direction. Hence, the increase in demand for WordPress themes with RTL or WPML features or WP plugins that provide this functionality.

The diversity of WordPress users from all across the globe is becoming an important factor in developing themes that are relevant culturally and technically suited to these users local needs. As responsive once was a premium feature that has now become a standard feature in all WordPress themes, so shall the multi language and RTL feature become.

The Design Approach

The WordPress theme development marketplace has grown considerably with designers coming up with better and more user friendly designs that match the general needs of WordPress users. There is a huge pool of WordPress themes available for, generally, almost every type of website need out there. But there is still room to grow for more cross-cultural friendly options.

Below are some design elements that designers need to consider when creating themes that are responsive to culturally diverse user groups. (Notes culled from W3.org and Sitepoint.com)

  • Language
    – Languages don’t have a direction. Scripts have a writing direction, and so languages written in a particular script, will be written with the direction of that script. Languages can be written in more than one script.
  • Typography – fonts and characters
    – Typography can look “busier” to Western eyes than to Asian readers because many Asian scripts don’t have separate upper and lower cases. Some languages have scripts that are not alphabetic at all, but which express an idea rather than a sound. Occasionally, it’s necessary for an author to provide readers with pronunciation help for especially rare or awkward characters, usually with an alternative script in small writing above the ambiguous character.
  • Content presentation
  • Styling
  • Usability
  • Navigation
  • Mirror layout
  • Scripts (Left to Right, Right to Left, Top to Bottom)
    – Text direction is another thing that should not be confused with language. In some scripts, such as Arabic and Hebrew, displayed text is read predominantly from right to left, although within that flow, numbers and text from other scripts are displayed from left to right. Knowing the directionality of text, based on the script(s) to be used, is important to web designers and authors, because right-to-left text can be more complicated (for beginners) to work with and the organization and directionality of the page layout are affected. Therefore, knowing the writing direction can be relevant to estimating the work involved to create web pages in a new language.
  • Images and animations
  • Forms
    – Designing forms for an Asian market can have pitfalls for Western developers. For example, it’s common to require both given name and family name and give an error if both are not completed. Many Asian languages write names with family names first and given names afterwards while some have only one name. Also, do not limit the amount of characters in Address fields.
  • Mobile
  • Propriety
  • Color palettes
    – While choosing your colors for your design, keep in mind that certain colors have different connotations across cultures. For example, red is lucky for Chinese people. On the other hand, Thai people will be offended if you print their name in red — it’s the color that monks employ to write names on coffins, so to write someone’s name in red is to “wish them dead”.
  • Symbols and metaphors

For web designers, W3.org International’s tagline sums it up quite well: “Making the World Wide Web Worldwide.” Let’s!

Top WordPress Plugins February 2014

Dynamic Featured Image

Dynamic Featured Image gives you multiple featured image (post thumbnail) functionality that enables you to have multiple featured images within a post or page. This is especially helpful when you use other plugins, post thumbnails or sliders that use featured images. Why be limited to just one featured image alone when you have the option to add more.

Google Analytics Dashboard for WP

Google Analytics Dashboard for WP will display Google Analytics data and statistics inside your WordPress Blog. This plugin displays detailed analytics info and statistics about: number of visits, number of visitors, bounce rates, organic searches, pages per visit directly on your Admin Dashboard. Authorized users can also view statistics like Views, UniqueViews and top searches, on frontend, at the end of each article. The analytics data is collected in a fast and secure manner because Google Analytics Dashboard uses OAuth2 protocol and Google Analytics API. Its real-time feature displays real-time visitors, real-time sources and per page real-time traffic details

Shareaholic

Shareaholic is an extremely useful tool to get readers to actually discover and submit your articles to numerous social bookmarking sites. This plugin adds an attractive social bookmarking menu and related content widget to your posts, pages, index, or any combination of the three for easy sharing. You can increase pageviews and engagement by highlighting relevant content from across your site to your readers who would not otherwise encounter them. Shareaholic reports all of your important actionable social media metrics including popular pages on your website, referral channels, and who are making referrals and spreading your webpages on the internet on your behalf bringing you back more traffic and new visitors.

Google Drive WP Media

This plugin turns Google Drive into your upload files hosting storage where you can upload and get direct access to your Google Drive so you can manage, upload, and share your files remotely from your WordPress blog. You also have the option to auto insert your Google Drive files into your WordPress Media Library, attach your Google Drive files to your posts, upload your files from your WordPress Administration to Google Drive, or create folders to store your files.

Ebyline Payments

Ebyline Payments is a plugin that allows editors to pay blog contributors easily and safely, all within the WordPress Admin. This plugin is easy to install and setup. You can make payments via credit card to contributors directly in the WordPress interface. Contributors receive payments via PayPal. This plugin is totally tax compliant and the system generates 1099s for each freelancer you pay.

Thank Me Later

Thank Me Later sends ‘thank you’ emails to your commenters. Simply write a message saying thanks and it will be emailed after a time of your choice — 5 minutes, a day, a month, whenever. Thank Me Later attracts readers back to your blog and asks them to check for replies to their comments. Other uses of the plugin include: linking to your RSS feed to get more readers; linking to your Twitter or Facebook pages to get more followers or likes; or giving a discount for purchases.

Google Pagespeed Insights for WordPress

Google Pagespeed Insights is a tool that empowers you to make decisions that increase the performance of your website. Use Google Pagespeed Insights to increase your site’s performance, your search engine ranking, and your visitors browsing experience. This plugin features advanced data visualization, tagging, filtering, and snapshot technology. Report Summaries are a powerful and exclusive feature of Google Pagespeed Insights for WordPress. Summaries display your average Page Score, largest areas for improvement across ALL reports, as well as best and lowest performing pages. You can also configure Google Pagespeed Insights for WordPress to generate Desktop reports, Mobile reports, or both.

Membership Plugins For WordPress January 2014

WordPress is a proven powerful tool you can use to create your own website any way you want it. What’s also great about it is that you can take it even further and enhance its functionality to suit your needs with the help of plugins. From personal blogs to eCommerce sites to BuddyPress to so many other types of websites – a plethora of options is available out there for WordPress users.

One of the many ways you can use WordPress for is to make it function as a membership site where you can allow users to register, access or deny specific functions and sections, or create a social hub where fellow users can interact with each other.

Here are some popular WordPress plugins that can turn your website into a fully featured membership site:

Member Mouse

MemberMouse is an easy to use WordPress membership plugin that allows you to sell products, subscriptions and memberships, setup a password protected member’s area, offer 1-click upsells and downsells, manage customers, automate customer service, track critical retention metrics and more. No matter where you’re starting from, MemberMouse has the power you need to maximize revenue and get your business running like a well-oiled machine.

MemberMouse gives you everything you need to easily manage a successful online business. No matter if you sell digital products, subscription content, software as a service, or ship physical goods, MemberMouse provides a flexible platform that you can quickly shape to your business, with absolutely no programming required. This powerful plugin gets you up and running quickly, and handles many of the common tasks in your business, freeing you to focus on your value proposition.

Membership by WPMU Dev

Membership is a flexible, powerful, easy-to-use WordPress plugin for dividing your website into free and premium content. It’s a plugin built by WPMU Dev with WP Multisite in mind that can transform your entire network into a fully featured, multi-tiered membership and subscription site s o you can host a variety of membership sites, for yourself or for clients. Features include: a drag and drop interface to customize according to your exact specifications, control how access to any content or functionality is given, works with BuddyPress, add payment gateways easily (Authorize.NET AIM, 2Checkout, PayPal Express, etc.), built with WP Multisite in mind.

Restrict Content Pro

Restrict Content Pro is a complete membership and premium content manager plugin for WordPress developed by Pippin Williamson. This plugin can help you create an unlimited number of memberships levels, including free, trial and premium. Manage members and their subscriptions, track payments, offer discounts with a complete discount code system, and provide premium, members-only content to your subscribers.

Restrict Content Pro includes a complete member management system that lets you easily view all active, pending, expired, cancelled, and free users. Member’s subscriptions can be added or modified at anytime. This premium plugin is integrated with PayPal payments where all subscription payments are made via PayPal, allowing extremely fast and secure transactions.

Paid Memberships Pro

Paid Memberships Pro is a customizable WordPress Plugin and support community for membership site curators. PMPro’s rich feature set allows you to add a new revenue source to your new or current blog or website and is flexible enough to fit the needs of almost all online and offline businesses. Integrated with Stripe, Authorize.net, or PayPal® for recurring payments, flexible content control, themed registration, checkout, and more to help you process all your business transactions. You can: name and control access for unlimited membership levels. Members are added as a WordPress User at the subscriber level in addition to their selected membership level during registration, create your Payment Gateway with any of the built in payment options and then paste your API information into the plugin’s setup page, control access for each membership level offered, and so much more.

WP eMember

WordPress eMember is a powerful WordPress Membership Plugin that can help you build a secure and reliable fully featured WordPress membership site easily. This easy to install plugin lets you selectively protect articles by creating various membership levels (example: Free, Basic, Premium, Ultimate etc.) and protect the content (posts, pages, comments etc) of your site. The plugin manages all the membership management side of things. Key features include: content protection where you can create different membership levels and select what content (posts, pages, categories, comments) can be viewed by each membership level., unlimited membership levels where you can create “Basic”, “Premium”, “Ultimate”, or any other levels you want, Multi Site License – you can use it on as many sites as you own, Autoresponder Integration – can be integrated with Autoresponders (AWeber, MailChimp, GetResponse) so that members automatically get signed up to your list/campaign for email marketing purpose, and so much more.

Discover the many benefits of creating a membership site with these plugins and build your network faster than ever.

WordPress News Roundup 2013 – The Year That Was

Here are some of the top WordPress stories that made 2013 one of the most exciting years in WordPress history:

  • The release of the Twenty Thirteen default WordPress theme. The 2013 theme for WordPress takes us back to the blog, featuring a full range of post formats, each displayed beautifully in their own unique way.
  • The release of the Twenty Fourteen WordPress theme. This default theme lets you create a responsive magazine website with a sleek, modern design, feature your favorite homepage content in either a grid or a slider, use the three widget areas to customize your website, and change your content’s layout with a full-width page template and a contributor page to show off your authors.
  • Automattic acquires Cloudup, a company founded to easily share videos, photos, music, links, and docs.

The release of the last few WordPress versions, particularly 3.8, marks the beginning of a new era using the plugin-first development process. The ongoing commitment of the WordPress community to come up with better and more responsive software raises the bar and expectations for a more exciting new year ahead.

Hello world. Hello 2014!

Tools to Help You Manage Multiple WordPress Sites

Owning more than one website is not uncommon. But how do you keep track of which ones to update and which ones to archive? What about plugin updates, backups, multi language sites, multiple locations, multiple passwords, platform or software updates? Managing multiple websites can be challenging especially if you are a WordPress professional handling several clients. Below are some of the tools you can use to manage multiple WordPress sites:

ManageWP – Manage multiple WordPress sites from a single dashboard.

  • run updates
  • backups
  • update plugins
  • optimize databases
  • run security tests
  • manage analytics
  • manage comments
  • manage SEO
  • update themes

WP Remote – Manage multiple WP sites (free and Premium versions)

  • Monitor unlimited sites for free (free)
  • Easily update WordPress Core, plugins & themes with one click (free)
  • Download a snapshot of your site (free)
  • Automatic backups to our servers, your own S3 or Dropbox (premium)
  • Automatic Plugin, Theme and Core updates (premium)
  • Daily notification emails of all available updates (premium)
  • Keep a record of site activity (premium)
  • Manage and install Plugins and Themes right from within WP Remote (premium)

WP Site Stack – create Multiple WordPress Sites from one Installation of WordPress. For people that have more than one WordPress site or for consultants that host WordPress sites for their clients. (multi sites)

  • Use one installation of WordPress to install as many sites as you’d like
  • Use the same Plugin and Theme installation on all sites
  • Allows multiple multi sites.
  • Quick & easy backups | Quick & easy updates (updating one/updates all)
  • One database (never worry about database limits)
  • Installs on virtually any hosting account (no VPS required)

qTranslate – For multilingual sites. This plugin makes creation of multilingual content as easy as working with a single language.

  • qTranslate Services – Professional human translation with two clicks
  • One-Click-Switching between the languages
  • Language customizations without changing the .mo files – Use Quick-Tags instead for easy localization
  • Multilingual dates out of the box – Translates dates and time for you
  • Comes several languages – English, German, Simplified Chinese etc.
  • qTranslate will download .mo files automatically for you
  • One language for each URL – No mixing of multilingual content (user and SEO friendly)

LastPass – Password management tool to help you create secure logins for your accounts. Supports multiple operating systems and browsers.

xMarkPro – contains full WordPress management, allowing you to easily manage all aspects of your blogs from the one centralized administration panel. This includes mass posting to multiple blogs, drip feeds, theme & plugin installation, auto-upgrading, categories, blogroll links, widgets, users, and much more.

  • Mass Post to Blogs
  • Post Repository
  • Plugin & Theme Repository
  • Manage blogrolls, categories, users, widgets, posts, pages
  • SpinTax Integration & Thesaurus
  • Drip Feeds
  • Media Manager
  • Link Tracker
  • Authority Links

Weekly WordPress News Roundup

Want to know what’s going on in your friendly neighborhood? Here’s the latest rundown of interesting and newsworthy reads in and around the WordPress community and the web industry:

WordPress Plugins and Widgets To Help You Manage Your Content Efficiently

Managing large volumes of content can be quite a task if not managed well especially if you are handling multiple contributors, authors, and guest authors. Here are some useful WordPress plugins to help you streamline and monitor your content activities:

Postrunner

Postrunner is a guest posting system connecting authors with site owners. This plugin facilitates the process of hooking a WordPress site into Postrunner to receive guest posts. PostRunner streamlines the guest posting process for authors and publishers who want to share content, but don’t want to deal with the normal prospecting, pitching, and negotiating traditional guest posting requires. Authors get abundant guest posting opportunities; publishers get quality content for their blog or website while maintaining total editorial control.

Really Simple Guest Post Plugin

Really Simple Guest Post Plugin allows your visitors to submit posts even without registration (as a guest author). Anyone will be able to submit post and it will be added automatically as a pending post for review, approval or rejection. Posts will be directly saved into WordPress database and will show up in Admin Dashboard as pending post with given Title, Description, Category and Tags.Moderator will be able to review and approve them as needed. Authors Name, Author url and email will be added as custom field.

Frontend Publishing

Frontend Publishing is a lightweight plugin that allows you to accept guest posts/articles without giving your members access to the sensitive WordPress control panel. It will automatically filter out all the posts that don’t meet the submission guidelines of your website. It can be a huge time saver if you have a very popular blog or article directory. You can allow members with a certain user level to publish posts instantly. All other posts are added to the ‘pending’ queue.

Custom Content Type Manager

The Custom Content Type Manager (CCTM) is a WordPress plugin that allows users to create custom content types (a.k.a. post_types) with virtually any type of custom field. This plugin allows users to create custom content types (also known as post types) and standardized custom fields for each, including dropdowns, checkboxes, and images and more. You can select multiple images, posts, or media items and store them in a single field making it easy for you to store a gallery of images or long lists of values. This plugin also lets you export and import your content definitions, making it easy to ensure a similar structure between multiple sites.

Ajax Content Filter

Ajax Post Content Filter allows you to filter your content with a drop down box. Just install the plugin, activate and open the ACF Posts located in the left side menu bar. You will need to add new ACF posts by filling up the post title and placing your content in the editor then publish it. Simply put the shortcode [ACF] in a page or post in admin. You can also put the shortcode ajax_content_filter() in your template file and you will get the simple dropdown box on your page at front side.

Fancier Author Box

Give identity to your single or multi-author WordPress website with Fancier Author Box – a WordPress plugin that allows you or your authors to connect with your audience on all levels and encourages people to read the author’s bio and engage on major social networks. You can modify display settings and color settings according to your preferences.

Editorial Calendar Plugin

The Editorial Calendar Plugin gives you an overview of your blog and when each post will be published. You can drag and drop to move posts, edit posts right in the calendar, and manage your entire blog. See all of your posts and when they’ll be posted. You can drag and drop to change your post dates, manage your drafts with our new drafts drawer, quick edit post titles, contents, and times, publish posts or manage drafts, easily see the status of your posts, manage posts from multiple authors.

Custom About Author

This plugin acknowledges authors for their post by displaying a brief biography about them at the end of their post. It is perfect if you have multiple guest bloggers on your website and they do not each have a user account. It also gives an added incentive for bloggers to write guest posts on your site. Multiple custom profiles can be created and they take preference over website user profiles. You also have the option to specify a specific profile to display for each post. Custom profiles are completely configurable, it can include links to social media (such as Twitter, Facebook, LinkedIn & Google+) or you can specify any HTML/text you want to display. This plugin displays the author profile at the end of the post. It gives you have the option to display the author’s website user profile or a custom profile.

WP Biographia

This plugin allows you to add a customisable biography to posts, RSS feeds, pages, archives and to each post on your blog’s landing page as well as via a widget in your sidebar. It integrates out of the box with the information that can be provided in each user’s profile and supports custom post types. Display of the Biography Box can be hidden on a global or per user basis for posts, pages and custom post types as well as on a per category basis.

Running Out of Content? Content Curation Might Be Your Answer

Have you ever gone down a supermarket aisle and just labored at the thought of choosing which cereal box to choose from the dozens and dozens of flavors right before you? Or what about a candy store? A bag shop? A book store? Having so many choices can be pretty overwhelming.

Imagine the Internet is as wide and as deep as the Pacific Ocean – filled with letters, words, images, music, videos, games, information, spam, bacon, and everything else you can think of. All this content begging for you attention and yet you don’t know where to start, which to choose. So many choices. In the end, you end up with nothing. What if someone filtered out all the stuff irrelevant to you and presented you with the best of the content you are interested in and then served it to you on a silver platter? Convenient, don’t you think? This process of sorting through the vast majority of content on the web and presenting it in a meaningful way is called Content Curation. (Neil Patel, Kiss Metrics)

What is Content Curation?

Content curation is hand selecting content created by other sources and sharing them with your community. Best done when whoever is curating adds their own explanation for sharing, reaction or opinions.
– C.C. Chapman author of Amazing Things Will Happen and co-author of Content Rules.

According to Michael Kolowich of KnowledgeVision,

Content curation is a way to view the world through an expert’s eyes. A great curator selects from a great many sources, is clear on mission and scope, is consistent on selection criteria (“most thoughtful”, “most original”, “funniest”, “latest”), adds value with indexing and/or commentary, gives credit where credit is due, and shares generously with his/her sources.

“… Content curation also pulls from many sources. However, instead of automatically posting every piece of content pulled in there is a manual filtering and sorting process that takes place in order to select only the most valuable pieces of content for a given audience. Curation also involves adding helpful annotation that frames the information already provided from the original source in such a way as to add additional value and/or understanding.” – (source: Nathan Weller, ManageWP)

We know that the name of the game today is delivering high quality relevant content on a regular basis. Google demands this. Google rewards this. Unfortunately, the reality is, your content creativity well can sometimes run dry. And when that happens what do you do? Many websites turn to content curation. Is it a valid option?

At SXSW 2013, WordPress CEO Matt Mullenweg stated that content curation along with long form content would be one of the key areas of focus for his company in the future.

Of course there will always be detractors and those who will argue against it in favor of original content creation and this is normal. However, websites will benefit when content curation is layered with content creation – adding a different dimension and variety to the usual fare being dished out.

Curation tools, websites, and plugins are readily available and have made it simple and easy for anyone to curate content and distribute it within seconds. If you are interested in integrating content curation into your WordPress site, check out one of the more popular ones, Primal for WordPress to help you get started in the right direction in no time.