For many years now Facebook has had a very popular login feature and also offered the ability to easily integrate blog comments using your Facebook account. These options have proven to be very popular with all types of webmasters as they provide several convenient features and also help to discourage spammy or anonymous comments.

It always surprised me that Google wasn’t in this game, but the introduction of Google+ seems to offer Google the ability to offer these features to webmasters and be the ones collecting this information.  According to reports, apps that support Google’s login are now getting favorable search treatment and Google is starting to really push this feature.  Then last month, Google announced that Google+ comment integration is now available for Blogger users. So, what about WordPress users?

Not long after the Blogger integration was announced, the necessary code was discovered to do this manually using the following code:

HTML:

<script src="https://apis.google.com/js/plusone.js">
</script>
<g:comments
    href="[URL]"
    width="642"
    first_party_property="BLOGGER"
    view_type="FILTERED_POSTMOD">
</g:comments>

Valid HTML5 version:

<script src="https://apis.google.com/js/plusone.js">
</script>
<div
    data-href="[URL]"
    data-width="642"
    data-first_party_property="BLOGGER"
    data-view_type="FILTERED_POSTMOD">
</div>

Comments counter HTML (replaces < g:comments >):

<g:commentcount href="[URL]"></g:commentcount>

Valid HTML5 version (replaces < div >):

<div data-href="[URL]"></div>

Replace ’[URL]‘ with the URL of your web page and fit the ’width’.

Link your web page to your Google+ profile to verify authorship.

Dynamic Google+ Comments HTML:

<div id="comments"></div>
<script>
gapi.comments.render('comments', {
    href: window.location,
    width: '624',
    first_party_property: 'BLOGGER',
    view_type: 'FILTERED_POSTMOD'
});
</script>

Google+ Comments Counter:

<div id="commentscounter"></div>
<script>
gapi.commentcount.render('commentscounter', {
    href: window.location
});
</script>

Google+ Comments for WordPress Plugin

Fortunately, the WordPress community has already come through with an easier solution, the Google+ Comments for WordPress plugin. This plugin makes the comment section tabbed by seamlessly adding tabs for Google+ Comments, Facebook, Disqus, WordPress Comments, and Trackbacks. Early reviews are promising and I manage this plugin will continue to evolve over time.

If you decide to give this plugin on your website leave us a comment and let us know how the setup went.

Over the past 24 hours it has come to our attention that a large network of over 90,000 IP addresses have ramped up their use of a brute force attack to target WordPress blog installations. According to several published reports, the botnet is attempting to gain access to WordPress installations by using the default Admin user name and trying multiple passwords. By default, WordPress allows unlimited login attempts either through the login page or by sending special cookies. This allows passwords (or hashes) to be brute-force cracked with relative ease.

Popular hosting providers CloudFlare and HostGator are reporting that the scale of the current attack is much larger than what they typically experience, with some reports claiming that they are blocking 60 million requests per hour during peak times. After reviewing our logs we’ve already noticed several failed login attempts using the username Admin.

What can I do to protect my WordPress installation(s)?

1. If your username is currently set as Admin, change it to something custom. The easiest way is probably by using something like the Better WP Security WordPress plugin.
2. Change/strengthen your password. Your password should include capital letters and symbols (%+!#)
3. Install a plugin to limit login requests.  We use the appropriately titled Limit Login Attempts WordPress plugin, but there are several other plugins with similar functionality.

Once that is done, sit back and hope for the best!

Update: HostGator has provided additional tips.

There are many thousands of WordPress plugins you can use for free, and there are also more you can buy for different purposes. According to WP Beginner, as of September 2012 there were more than 21,000 free plugins in the WordPress plugins repository! The question is; do you have to use all of them? You have probably seen a sidebar of a blog with a mile long list of awards and a multitude of links to other pages. Some people go as far as including hundreds of flashy widgets. If you are thinking of using several plugins, you should first learn why using too many of them will impact negatively on your readership.

They May Slow Down Your Website

This is, perhaps, the most annoying feature of using too many WordPress plugins. This slow down occurs because every plugin you use sends a server request when each of your readers loads the site. Imagine the effect of having fifty plugins when ten users are on your site. What about a hundred plugins with a thousand users? Do you really want your site to be that slow?

Some WordPress Plugins are not Secure

Just because a plugin works well does not mean that it is secure. Some plugins, especially the free ones, can be exploited by hackers who can then hack into your site. For example, users of some plugins such as WP Total Cache and WPTouch have been asked in the past to update their passwords after it was realized they were not secure. Since it is not always easy to know upfront which plugin is safe and which one is not, you will be doing a great deal of service to your site by installing only the minimum number necessary.

[Continue Reading...]

The viability of WordPress (WP) as a blogging tool is non-existent without the existence of WordPress plugins. These are part of the features that enable bloggers to extend the abilities of their blogs beyond their base installs. Plugins are integral in the addition of widgets. They are also useful in undertaking SEO activities. Currently, WordPress boasts of 18,000 plugins in its database. The following are ten of the most popular WordPress plugins:

1) Contact Form 7

Contact Form 7 allows web developers and bloggers alike to manage numerous contact forms. They can also undertake a customization of WP’s mail contents and form. This is usually a flexible process that involves the use of simple markups. Contact Form 7 supports CAPTCHA, Akismet-based spam filtering and Ajax-oriented submitting.

2) Jetpack

This plugin uses the cloud power from WordPress.com to supercharge self-hosted WordPress sites. It boasts of numerous features that comprise email subscriptions for comments and blog posts. It also allows users to submit comments via social networks. Jetpack comes embedded with widgets that display the most current tweets while commenters can benefit from Hovercard popups via Gravatar.

3) WordPress SEO

The Yoast-made plugin allows bloggers to preview the appearance of their posts in search results. As such, they can adjust certain features of their posts to their liking. These include the title and meta descriptions. WordPress SEO also analyzes the post to check for availability of images, subheadings, meta descriptions and alt tags among others. This enables bloggers to add anything that they may have forgotten.

Its packages do not end there; WordPress SEO also creates XML sitemaps automatically before sending a notification to various search engines. Bloggers can also increase their SEO rankings. This is usually possible through the addition of links to RSS feeds.

4) WordPress Importer

Thanks to WordPress Importer, bloggers or web developers can transfer content from WP export files. Examples of such content include comments, authors, post metas and custom fields. It is also possible to import pages, custom posts, tags and categories.

[Continue Reading...]

Related Posts Plugins are an amazing way to keep a visitor engaged on your site. By doing some magic on the backend of a site, they can make tailored post suggestions according to the content on-page. Tailored recommendations will boost average time on site, average page views, and the like. Related posts are also awesome ways to add advertisements to a site.

Unfortunately, related posts plugins can also destroy a site’s performance, or bring it down entirely.

Many related posts plugins work by creating a “FULLTEXT index” on the “posts” table in MySQL. This is a mechanism to make complex queries against the content of posts.  For example, “posts which contain A and B but not C or D.” Usually, this means indexing categories, tags, specific keywords, and a number of other data points and querying them later.

It’s a cool way to search, but MySQL wasn’t built to make queries like this.

In MySQL, FULLTEXT indexes consume high loads of resources at run-time, particularly for larger sites with proportionally large databases.  Under heavy traffic loads, this will slow the entire site down, or crash it entirely.

To make matters worse, when changes are made to (large) tables with FULLTEXT indexes, rebuilding that index can take hours and hours. Sometimes rebuilding will even fail, producing a corrupted MySQL table. This can happen when you do something like upgrade to the latest version of WordPress.

Now, I don’t want to be too hard on related posts plugins. They will work if your site isn’t getting a ton of traffic. However, many aren’t good practice if you’re building a site to scale. We’ve actually disallowed them at WP Engine because we don’t want to unnecessarily slow sites down.

That was a lot of bad news. Here’s the good news!

There are TWO PLUGINS that achieve “related posts” functionality, but do it off-server, so that you don’t bog down MySQL.

Take a look at nrelate’s and LinkWithin’s “related posts” plugins. These do their calculations on their own servers and don’t cause the same issues with the databases.

Nrelate has 3 different plugins based on whether you want your most popular content or related content to display, as well as if you want the related post to “fly out” at the reader.  All three are available in the WordPress plugin repository.  LinkWithin will make recommendations to related posts based on several factors, including title, tags, and content.

How they work

Nrelate creates its own, secure, RSS feed, and feeds your content directly their servers. This means their pinghost is added to your Update Services. So each time you update your blog with new content, nrelate gets the feed and can analyze it for related posts. Then, they use Natural Language Processing inside a database designed for search to analyze your content and make related recommendations.

LinkWithin similarly analyzes your content off-server. They have a context engine that looks at categories, tags, keywords, and a few other aspects of your content in order to make recommendations. LinkWithin used to redirect traffic through their site, but no longer. You get all the SEO juice from the links.

Both plugins accomplish the related posts functionality off-server. I’m personally a big fan of nrelate’s strategy of using the RSS feed to get the content and then processing it with NLP.  I was also able to speak on the phone with both developers from nrelate in the writing of the article, which indicates the support they’re providing their plugin.

Security

LinkWithin has secure processes to pull your content, and there are zero known security issues with their plugin.

When I spoke with nReleate, they talked about how their RSS feed can only be accessed with a random key that is generated when you install the plugin.  They hired Mark Jaquith to build this part of the plugin with airtight security.

Image options

With nRelate, you can either show your content as one of six sizes of thumbnails, or as very simple bullets. The plugin automatically creates a thumbnail from the featured image, but you can also specify which image to use.  If you don’t have any images on your post, nrelate will actually pull one from their image library.  You can see examples of their ads on Huffington Post and Endgadget.

LinkWithin relies heavily on featured images from your page in order to provide thumbnails.  If you don’t set featured images, the plugin won’t show any.  It also provides very customized sizing of images that are optimized for your site.

Advertising

You can add your advertising networks to nRelate (they have their own ad network) and serve your ads along with the recommended content. Linkwithin does not currently support advertising.

Styling

Your css is automatically adopted by nRelate, so the thumbnails and font styling will automatically look like your design, but you can still customize things as you like.

International Languages

Nrelate is also in the following languages: Dutch, English, French, German, Indonesian, Italian, Polish, Portuguese, Russian, Spanish, Swedish and Turkish.

Check out both of those plugins to see which one works for your needs. Both of them offer significant speed and scalability benefits to your site.

Are you using a related post plugin for your site?  How has it affected your traffic?  Have you noticed any performance issues?