For my first few months of blogging I actually went with TypePad, but quickly found that it was very limited and wasn’t a good fit for my needs. I went back to the drawing board at that point and knew I needed something that was flexible and was also going to be around for the long haul. At that time open source was really starting to take off in the mainstream and WordPress.org was leading that charge in the blogging niche, so I decided to align myself with the WordPress community and re-launched my first blog.  Between the WordPress plugins and both the free and premium WordPress themes available, I knew I had made the right choice and was able to quickly make a custom design with little work on my end. The flexibility and the excellent open source community was the key to creating a great experience for me, and many I talked to felt the same way. 

Fast forward 7 years and WordPress continues to meet my needs and validate my early decision. One report I use to determine this is released annually by Royal Pingdom, which has done a study of the Top 100 blogs each year since 2009 and recently published their 2013 report. This report shows WordPress continues to grow as the top choice among the most prominent blogs.  Initially back in 2009, WordPress was on 32% of the Top 100 blogs.  Last year it was up to 48%.  For 2013, WordPress is now on 52% of the Top 100 blogs, and I expect that percentage to continue to grow over the coming years thanks to its flexibility and the fact that it is very user friendly.

According to Wikipedia, WordPress is used by over 14.7% of the top 1 million websites and manages over 22% of all new websites created as of August 2011, boasting a total of over 60 million websites.  Its hard to imagine what these numbers will look like next year or several years from now.

It always surprised me that Google wasn’t in this game, but the introduction of Google+ seems to offer Google the ability to offer these features to webmasters and be the ones collecting this information.  According to reports, apps that support Google’s login are now getting favorable search treatment and Google is starting to really push this feature.  Then last month, Google announced that Google+ comment integration is now available for Blogger users. So, what about WordPress users?

Not long after the Blogger integration was announced, the necessary code was discovered to do this manually using the following code:

HTML:

<script src="https://apis.google.com/js/plusone.js">
</script>
<g:comments
    href="[URL]"
    width="642"
    first_party_property="BLOGGER"
    view_type="FILTERED_POSTMOD">
</g:comments>

Valid HTML5 version:

<script src="https://apis.google.com/js/plusone.js">
</script>
<div
    data-href="[URL]"
    data-width="642"
    data-first_party_property="BLOGGER"
    data-view_type="FILTERED_POSTMOD">
</div>

Comments counter HTML (replaces < g:comments >):

<g:commentcount href="[URL]"></g:commentcount>

Valid HTML5 version (replaces < div >):

<div data-href="[URL]"></div>

Replace ’[URL]‘ with the URL of your web page and fit the ’width’.

Link your web page to your Google+ profile to verify authorship.

Dynamic Google+ Comments HTML:

<div id="comments"></div>
<script>
gapi.comments.render('comments', {
    href: window.location,
    width: '624',
    first_party_property: 'BLOGGER',
    view_type: 'FILTERED_POSTMOD'
});
</script>

Google+ Comments Counter:

<div id="commentscounter"></div>
<script>
gapi.commentcount.render('commentscounter', {
    href: window.location
});
</script>

Google+ Comments for WordPress Plugin

Fortunately, the WordPress community has already come through with an easier solution, the Google+ Comments for WordPress plugin. This plugin makes the comment section tabbed by seamlessly adding tabs for Google+ Comments, Facebook, Disqus, WordPress Comments, and Trackbacks. Early reviews are promising and I manage this plugin will continue to evolve over time.

If you decide to give this plugin on your website leave us a comment and let us know how the setup went.

Popular hosting providers CloudFlare and HostGator are reporting that the scale of the current attack is much larger than what they typically experience, with some reports claiming that they are blocking 60 million requests per hour during peak times. After reviewing our logs we’ve already noticed several failed login attempts using the username Admin.

What can I do to protect my WordPress installation(s)?

1. If your username is currently set as Admin, change it to something custom. The easiest way is probably by using something like the Better WP Security WordPress plugin.
2. Change/strengthen your password. Your password should include capital letters and symbols (%+!#)
3. Install a plugin to limit login requests.  We use the appropriately titled Limit Login Attempts WordPress plugin, but there are several other plugins with similar functionality.

Once that is done, sit back and hope for the best!

Update: HostGator has provided additional tips.

Only Backing up Your Posts

Your website has a lot more going on than just the posts on your blog. While losing your posts would be catastrophic, don’t forget that a true back up will include your pages, theme modifications, and WordPress plugins. These elements of your website make it functional, and losing them will be a major setback for your time.

A tool like Backup Buddy is designed to store all of your site’s information and to restore it all at once should any kind of loss occur. This means you won’t lose page views, advertising revenue, or potential customers when your site goes down. It will be up and running in no time.

Not Backing Up Frequently

If you only backup your website on a weekly basis, but you average about one post per day, you could cause yourself some major headaches if your blog goes down and you lose several blog posts. That means any inbound links, comments, or social media shares to those posts will land on your 404 page. While this may be a temporary setback, you will plant a seed of doubt in the minds of potential visitors about the quality and reliability of your website.

Relying on Manual Backups

There are plenty of online storage options from Amazon’s Cloud Drive to Dropbox, but managing the website backup process on your own is difficult to maintain for the long haul and can take up valuable time. Even if you’ve figured out a quick way to back up your website, it’s one more thing on your to do list that could be easily automated.

Backing Up Your Blog on Your Computer

If a hacker can access your website, there’s a good chance he may have already gotten into your computer and other files as well (For more about further protection from hackers, look at the services Passbook hast to offer). In addition, there’s no telling if the files on your computer have been corrupted with a virus when it’s time to restore your site. You could very well be uploading files with the same problems that took your site down in the first place. While you can use a service like Filezilla to back up your site on your own computer, it’s far safer to rely on an online backup site.

Never Testing Your Backups

A backup of your website is a safety net that will catch you when the worst case scenario happens on your website. However, what good is a safety net if it has a hole in it? By testing your backed up files, you’ll learn whether your website backup plan is adequate to meet your needs in a website emergency situation. Make sure you have the files you need in a format that you can easily access and restore to your site.

Your website has information that is far too valuable to leave your back up files in a state of uncertainty. If you don’t know about the security, scope, and viability of your website backups, it’s time to look into a reliable, automated WordPress back up option or to carefully test which back up plugin is right for you.

They May Slow Down Your Website

This is, perhaps, the most annoying feature of using too many WordPress plugins. This slow down occurs because every plugin you use sends a server request when each of your readers loads the site. Imagine the effect of having fifty plugins when ten users are on your site. What about a hundred plugins with a thousand users? Do you really want your site to be that slow?

Some WordPress Plugins are not Secure

Just because a plugin works well does not mean that it is secure. Some plugins, especially the free ones, can be exploited by hackers who can then hack into your site. For example, users of some plugins such as WP Total Cache and WPTouch have been asked in the past to update their passwords after it was realized they were not secure. Since it is not always easy to know upfront which plugin is safe and which one is not, you will be doing a great deal of service to your site by installing only the minimum number necessary.

Free WordPress Plugins may not be Available Forever

If most of the plugins you are using are free, then you should be prepared for the day they will close down. Free things rarely last forever, and when the project shuts down, you may be stuck with something that doesn’t work. This is the time when the developers of the plugins will not be responding to your queries, the plugins may not be compatible with some of your tools and they may not even be responding. The more WordPress plugins you use, the higher the chances that this may happen to your site.

Conflicts Amongst Different Plugins

If a plugin is not compatible with another one and you install both of them, you are introducing a problem to your site. It is not unheard of for the contents of a site to wash out after installing a plugin incompatible with another one already installed. This is one of the reasons why users are often asked to backup their site’s contents on a regular basis.

In conclusion, you should only use the WordPress plugins that you are really going to need, rather than installing them just because they are flashy. Always make sure that all your plugins are updated and protect your site by using the necessary security features, such a WP Firewall2. Additionally, you can have a backup version on your local computer for testing plugins before using them on your live site.

For WordPress plugin ideas, you can refer to our popular WordPress plugins page.

Charles Dearing has extensive experience working with WordPress for his clients. He enjoys sharing information on various tech websites. Click here to find out how the host you choose for your site can affect your search engine rankings.

This is a very hot topic in SEO and Marketing circles at the moment but a lot of people are only looking at the short-term win of using this tag to increase click-throughs to your posts from search results. The author tag is going to be way more important than that.

What is it anyway?

rel=author is actually an HTML attribute that can be used on link tags to signify that the person referenced in the link is the author of the webpage. It’s not a Google invention, they are just using it in a very smart and useful way. This means that if, for example, you are blogging and you have “By Joe Snow” above all of your articles you can modify that line slightly to make the ”Joe Snow” part a link to your Google+ page and Google will then know that everything on that blog with “By Joe Snow” and the link on it was written by you. Not just written by a person called Joe Snow, but specifically by you.

Why Google and why Google+?

Identifying authors has always been a problem and the web has made it a much bigger one. Do a search for your name and it’s likely you will come up with thousands of different people; many of those results will be articles about people and many will be articles written by those people but which of those articles are written by Bob Duncan from Michigan, which are by Bob from Oxford and which are yours? You might be able to
tell by looking but how’s a machine supposed to know? Wouldn’t it be nice if you read a great article by Bob from Oxford and you wanted to see what else he’d written on the entire Web? If everything he had written was marked with his unique rel=authorattribute then that would be easy.

Google are in a unique place to make this happen. They basically are the Web for many people, they are already indexing most of pages on it and they hold a power over most site owners: if they say “jump” then we say ”how high?”. If anyone is going to pull off a global author identification scheme then it’s Google.

But why Google+ for the author information when we could just point all our articles to our own site’s About Me page? Well, obviously Google has a strong interest in making sure Google+ succeeds so locking us into that is a smart move for them.

The short-term win

As I said above, SEO and marketing blogs are raving at the moment about the Google author tag. Many of them are focusing on the fact that Google adds your Google+ profile picture to search results that contain your rel=author link and the boost this can give to your performance in SERPs. A search result with a author tag looks like this:

The idea is that the picture attracts the eye (even if it’s my ugly mug) and more people will click your link. There’s also some suggestions that Google will favour results with author tagging and favour even more those authors with large circles and more authority on Google+. Which
may or may not be true but it’s the short-term view and misses the wider impact of tagging authors.

The bigger picture

Google is always looking for ways to improve search results, to get the best to the top and to weed out the spam. Up till now that has been based on the ranking of websites and pages but the smart-money is on it soon also being about the authority of the author. AuthorRank will become just as important as all the current SEO factors, if not more so. Google will be able to get a good idea of the quality of an article by looking at the ranking of the the author’s previous work, regardless of which site it is published on.

AuthorRank could also shine a lit back onto the website and affect its ranking: if a blog is attracting articles from a lot of authors with an established authority in relevant circles then the blog must be worth writing for and thus worth reading.

Your personal footprint on the web will become more visible, indexable and searchable.

But hang on a minute…

Is it OK for Google to be the central store for our identities on the Web? What would happen if Google shut down Google+, or worse, Google went out of business? How do we then know who authored what as the links back to our Google+ profiles don’t work any more? If you only add author tags to you own site then it’s a simple case of pointing to your bio somewhere else, but what if you’ve written hundreds, even thousands, of articles all over the Web? How do you reclaim them?

Spam

Of course spam is going to rear it’s ugly head here too. There is going to be the usual hordes looking for the quick win. What’s to say that someone can’t start a blog, write a bunch of posts, and attribute them to authors with high authorities? I can see there being a “verify your work” option added somewhere down the line where you’d have to log-in to Google+ and confirm you are the author of a page. Which would work as long as Google is the central authority, but again, what would happen if they dropped out? How would you own your own work?

It’s anyones guess right now as to how far Google will go with author tagging but it is looking like the next big thing, it makes a lot of sense from Google’s point of view and it’s a big opportunity for authors. As WordPress users you should get in early and start building your AuthorRank before everyone else does.

—————————————————————

This article was contributed by Steve Claridge, an experienced WordPress developer who specializes in creating bespoke plugins, WordPress performance and scalability, and theme creation. He loves building stuff for the web and likes to keep it simple.

After a couple of posts here I decided to create my own “WordPress tutorials” site, which I called WPShout. Since founding the site in March 2009, I’ve nurtured the site into a 3000 strong community for WordPress enthusiasts. And in that time, whilst building that community, I’ve learned a thing or two about blogging. I’ve been on a journey, if you will, and that journey started right here.

So I thought it’d be fitting to come back here once more just to let you know that I’ve recently published a 45 page free eBook on WPShout and you should totally download it right now.

Those forty five pages of The WordPress Blogging Guide contain six thousand words of content, which are broken down into three sections:

1. Blogging essentials
2. Monetization
3. Social & Analytics

The book’s release post tells you more, should you wish for a more detailed synopsis.

That’s all from me. I just want to thank Kyle again for starting me off on my blogging journey and graciously allowing me to return to publish this short piece. And of course don’t forget to download the eBook. It’s free!

How to Tell if Your Site’s been Hacked

Sometimes it is obvious that your site has been hacked. Occasionally hackers will simply redirect the site to a different server, so that visitors to your domain end up at a site infected by malware, a site displaying advertising the hacker can profit from, or a porn site. But often hackers add malware or spam links to a site which they want to remain undetected for as long as possible. Having a hacked site can infect your visitors with malware, and it will almost certainly result in a huge hit to your SERP rankings, or even blocking by search engines, so it’s important to be vigilant. There are a number of tools available to webmasters to determine whether a site is vulnerable and whether it has been hacked.

WP  Security Scan

The WP Security Scan extension won’t tell you whether your site has been hacked, but it will check for possible attack vectors and vulnerabilities, and offer suggestions for fixes. Of course, often the vulnerabilities will not be in WordPress itself, but in some other part of the software stack. The best way to ensure that there are no known exploits that hackers can use is to keep your software as up-to-date as possible.

Google’s Safe Browsing Diagnostic

Google has a service that enables webmasters to see whether they consider a site to be dangerous to visit. Copy the following URL into your browser address bar and replace the part following ‘?site=’ with your site’s URL.

http://www.google.com/safebrowsing/diagnostic?site=google.com/

Sucuri

Sucuri offers a free site scanning service that will catch major problems, and a paid for monitoring and cleanup service that can help if you are hacked.

Using these tools together can help you ensure that your site remains safe.

What Should You do If You’ve Been Hacked

Unless you are an experienced and expert developer or website administrator, cleaning a site with any level of confidence by yourself is almost impossible. Even if you think you have found all the malicious files and removed all the spam links, the files that make up WordPress itself may have been altered so that they reinfect a site after an attempted cleanup.

Contact your hosting provider and let them know you’ve been hacked. You might not be the only victim and the host provider’s sysadmins may already be taking action.

Securi, as mentioned above is an excellent tool, and it will attempt to auto-clean your WordPress installation. Should you choose not to use Securi, or hire a professional to clean your site, then the next best option is to delete the site and restore it from backups.

Hopefully, your site is hosted with a provider that offers a comprehensive backup service, in which case restoring the site to a previous version should be very simple. If not, we are going to assume that you have been making regular backups of your WordPress database.

Download a fresh install file from WordPress.org, to replace any files that may have been altered during the attack. Do not use the same passwords on the new install as you used on the hacked site.

After you have installed a fresh version of WordPress you can restore the WordPress database from a backup that you know to be clean.

Since you know that your site has been hacked once, and that there were vulnerabilities that malicious parties were able to exploit, if possible, it may be best to completely reinstall the server and restore from backups. At the least very scan the server with an anti-malware tool. If you are reasonably sure that the infection was limited to WordPress, then you should update all of your software to the most recent versions, to close vulnerabilities. If you’re using shared hosting your provider should take care of this for you.

If you haven’t been taking database backups, it may be possible that the WordPress database has not been breached, and that a fresh install of WordPress using the existing database is enough, but in that case be extra vigilant of alterations, follow the rest of the above advice, and start taking regular backups!

About Daniel Page — Daniel is the Director of Business Developement for ASEOhosting, a leading provider in SEO hosting and multiple IP hosting. Follow ASEOhosting on Twitter at @aseohosting.

Update Your WordPress — And Keep It Updated

The downside to using a well-known content management system for your site is that more people will be looking for security flaws to exploit. On the other hand, there are also more people working to resolve any security issues. Provided you keep your WordPress installation current, adding each new update as soon as it rolls out, there’s significantly less risk of something happening to your site. Considering that it only takes one malware issue to destroy any trust you’ve built with potential buyers — no one wants to run the risk of putting their payment information into a compromised site — keeping your site up to date and preventing potential security issues has to be a priority.

You can also prevent security issues by carefully vetting any plugins or themes you add to your site. Even if you aren’t able to evaluate the code on a line-by-line basis, do some research into the problems others may have encountered with anything you’re considering adding to your site. Personally, I have a preference for using premium themes and plugins that are well-known for the simple reason that I’m more likely to have support available.

Set Up Clear Permalinks

Built into the core WordPress settings are options to manage your permalinks. Make sure that you’re using links that aren’t just a bunch of numbers or dates, especially if you’re going to be sharing direct links to your sales page online anywhere. Direct links look more trustworthy to buyers, and they also help eliminate problems when people retype a link into their browser. During a longer sales process, you may be surprised by how many times exactly that will happen. In fact, it can be a good idea to have an individual domain that goes directly to your sales page, particularly if you have a lot of other content on your site.

Make Your Shopping Cart, Payment Processor and Everything Else Match

Depending on the themes and plugins you might use to set up different ecommerce elements on your site, you can wind up with a site that sends people off to far-flung parts of the internet to complete the sale. Even if they stay on your site, pages can wind up looking very different.

With only a few exceptions, though, you can make sure that each step of the purchasing process looks identical. Most payment processors will, at least, allow you to add your own logo to the page, if not add CSS styles or other elements to make offsite pages look the same as those that are actually on your site. The more times you ask a buyer to trust an entirely different website (particularly in terms of visual cues) the more likely that buyer is to stop the purchase process and close the window. You need to prevent that as much as possible.

This article was provided by Thursday Bram, the editor of 21times.org, a daily newsletter for developers.

1. Search Engine College

Search Engine College’s SEO courses will prepare you to aggressively market your WordPress site in Google’s SERPs. The SEO Starter Course offered by this online education program is an excellent resource for beginners, particularly those who want to learn everything there is to know about important things like keyword research. If you really want to become an SEO guru, however, you should check out the SEO Advanced Course, which will help you figure out how to get the most ROI from your SEO efforts. Each of these courses will cost you $395, and you have options to pay a bit more for SEO certification as well.

2. SEO Book

If you’re truly dedicated to monetizing your WordPress site, SEO Book is a solid option. For $300 a month, you get access to 100 training modules, numerous training videos, and personalized advice from SEO gurus. Since SEO Books is one of the priciest and most comprehensive options out there, it’s ideal for business owners who want to start making profits from their sites and blogs. Everyday WordPress users may not need all the frills that SEO Book has to offer or may benefit from using it for just a few months.

3. Yoast’s WordPress SEO

Yoast’s WordPress SEO tutorials are a free option you should consider if you just want to learn the basics of search engine marketing and optimization. Since Yoast’s educational materials are WordPress-specific, you may prefer this option, especially because it focuses on how you can use WordPress tools to increase your rankings. Yoast is fairly comprehensive, considering it’s free, and it’s definitely a great starting point.

4. SEO Gold Tutorials

This is another free educational resource. It only covers the essentials of what you need to know about keywords and link building. It will take you less than an hour to read everything SEO Gold has to offer. So, if you don’t have much time to learn about SEO before you dive right in, this may be one of your best options. On the other hand, if you want to truly learn all the tricks of the trade, you’ll most likely need to explore more thorough and detailed resources, such as the ones listed above.

Ultimately, your success online as a WordPress user depends on the quality of your content and whether or not you’re using effective SEO strategies. So, keep perfecting your content, and use the classes, trainings, and tutorials listed above to learn how to attract more search engine traffic.

Barbara Jolie is a freelance writer and WordPress enthusiast. When she’s not writing content for OnlineClasses.org and other online education sites, she blogs about things like SEO, parenting, and interior design.