BlogAid

Help for DIY Site Owners and Webmasters - WordPress, SEO, HTTPS, Security, and Performance

Tips Tuesday – Site Review Webinar, Drop Disqus, WP REST API Must Read

by

Google+PinterestLinkedinReddit

BlogAid Tips Tuesday 170221

Hello Happy Site Owners!

Tips this week include:

  • Free website performance and conversion review webinar
  • The BlogAid Learning Center grand opening as new home to the DIY SEO course
  • CloudFlare temporarily losing its mind
  • Why you need CloudFlare
  • Why you need HTTPS
  • My chat with Matt Mullenweg
  • My chat with an SEO services provider
  • My chat with a designer about partnering for HTTPS conversion services
  • The final straw with the Disqus comments plugin
  • WP Fastest Cache back in the repo
  • Matt Mullenweg under attack for not taking WP security seriously
  • A must read post on the REST API vulnerability for all site owners

Listen to the podcast

Podcast: Play in new window | Download

Subscribe: Android | RSS

BlogAid Happenings

Free Website Performance and Conversion Review Webinar

I’m delighted to announce a free upcoming webinar on March 9 hosted by me and copy and conversion specialist Mary Iannotti of Digital Marketing Deva.

If your content marketing is generating traffic, but they are not turning into buyers, you can’t afford to miss this free webinar.

We’ll be doing a performance test and funnel audit.

Guys, this is about $200 worth of pro eyes on your site that will help make you more money.

And it’s free.

Reserve your spot now because you definitely want to get your site on the review list.

Yoast SEO Tutorials on the BlogAid Learning Center

I’m also thrilled to announce that all of the Yoast SEO plugin tutorials have been updated.

You’ll find them in the DIY SEO course in their new home on the BlogAid Learning Center.

It is now open to the public too.

BlogAid News subscribers were the first to get a Grand Opening discount announcement.

And that discount is good only until March 1, so do get in on it because I’m going to have a new SEO Workshop later in the month that will be free to members.

CloudFlare lost its mind

Oh lordy, I did an HTTPS site conversion on the same day that CloudFlare decided to have a delay in issuing their free SSL certificates. That’s one leg of the HTTPS journey for your converted site.

Fortunately, I was able to revert back to deliver the site via HTTP without undoing the conversion until the issue was resolved.

Thanks to webmaster Michelle Phillips of Codefetti for finding the CloudFlare status update with the issue. It’s been resolved now, but what a mess it made of things for a few days.

This is just one example of how we help each other in the Webmaster Training private Facebook group for Level 6 members.

I swear, that group alone pays for the whole membership.

And multiple webmasters have said the course pays for itself on their very next job.

Read: Making Up HTTPS and SSL As We Go for more on all of the entities connected to SSL and HTTPS that are making changes right now.

Why You Need CloudFlare

I’ve also heard site owners, and even some webmasters say that they have sites too little to warrant using CloudFlare, as they really don’t have a lot of traffic or need the speed boosts.

Wrong!

Every site needs the protection of CloudFlare from bad bots!

It’s the only CDN that gives a modicum of bot protection on the free version.

And the day is coming that all of us will need to be on a paid firewall.

Read: How CloudFlare Makes Your Site Faster and Safer

And then also Read What Celebrity Homes and Secure Sites Have in Common

Why You Need HTTPS

If you’re still on the fence or just downright postponing getting your site flipped to HTTPS for as long as you can, I encourage you to read my post Why Do I Need HTTPS if I Don’t Sell Anything on My Site?

Site visitors are starting to pay attention to whether you have that little green padlock or not. And it could impact whether they sign up for your email list too.

My Chat with Matt Mullenweg

Last week I had an hour long chat with Matt Mullenweg, the co-founder of WordPress. You can see a quick debrief video of what we discussed.

And I listened to him with an open mind about JetPack, XML-RPC, and a host of other security related issues.

He also shared his vision of WordPress’ future and that was like standing in a whole other place for seeing what’s coming down the pike for site owners too.

Over the next few months I’ll be checking into the things he alerted me to and sharing my findings with you.

Y’all know I’m going to check things out before I recommend them. But, it may be a way to have a site without all of the headaches, and hassle, and expense for some folks.

I’ll keep you posted. But do watch that quick video wrap up of our conversation so you can start connecting the dots on all the things I can’t make public just yet too.

SEO Services Chat

This week I also had a chat with a new HTTPS site conversion client about offering white label conversion services to his clients.

He’s an SEO specialist and we also chatted about what he could offer to my clients.

There are 3 phases to SEO and I teach the first two.

Read: The 3 Phases of SEO for Non-Geeks

His team offers services for the 3rd phase, which requires special tools for analysis and tracking. It takes a month or two to do.

So, we’ll be exploring ways to work together and you know that I’ll be vetting him on my own site before recommending those services too.

HTTPS Conversion for Designers Chat

And, this week, I had a chat with one of my webmasters who has decided that HTTPS site conversion is just not a good fit for the services she wants to personally do for clients.

We chatted about how we could best partner together to offer them that.

The Webmaster Training courses teach how to set up sites securely and make them perform lightning fast, plus how to do site audits like I do too.

It’s not all about SSL and HTTPS conversions.

And all those other courses are a good fit for most designers.

In fact, if you don’t know how to set up sites securely and make them fast, then you’re running an irresponsible business these days.

So, if you want to stick to only design, that’s fine.

Or, if you only want to know how to set up sites securely, then just get Levels 1 and 2 of the Webmaster Training.

Or, find a way to partner up with someone who can offer the other services and let you stick to your specialty.

I do the same in reverse. I don’t design sites anymore. So, I have a team of designers and developers that I partner with.

It works both ways.

That’s all the news from around here. Let’s jump into this week’s tips.

Plugin Tips

Disqus Hits Sites with Unwanted Ads

Folks, if you’re still using the Disqus comment system after they started cooking tracking all of the folks who leave comments on your site, I hope this will be the last straw to get you to dump it.

They are now advertising on your site. And if you want those ads removed, be prepared to cough up monthly fees.

You can read all about it on this post from WPTavern.

WP Fastest Cache is Back in the Repo

The WP Fastest Cache plugin was pulled from the WP plugin repository without warning last week.

Speculation ran super high on the advanced dev group I’m in about why. Of course, most folks thought it might be a security issue.

But, it was just an infraction of the super strict policies WP has for freemium plugins in the repo. There are rules about how they can advertise the paid version of the plugin. And the dev took it down while he was making the changes to be in compliance.

You’ve likely seen an update notice on it this past week too, and it’s safe to upgrade.

WP Fastest Cache was a top performer in my head to head caching plugin tests too.

Read: Top WordPress Caching Plugin Tests

SEO Tips

Yoast goes Spanish and a few enhancements

The Yoast SEO plugin now has an option for the Spanish language. That’s very exciting as it is the 2nd most important language in the world. So, look for that option in the latest 4.3 release.

Security Tips

Matt Mullenweg Under Attack for WordPress Security

The folks at WordPress take security very seriously.

But one developer decided they didn’t take it seriously enough and made a public rant, attacking Matt directly.

And what it boiled down to is that dev’s pet project was not going to be included in the WP core as fast as he wanted it to be. Whiner.

We saw the same thing with another dev’s pet project that was included in core, but not without some overly dramatic pleading first. Good grief.

WordPress REST API Vulnerability Exploits Continue

I hope all of you will take the time to read this post on WPTavern about the continuing discussion about the new REST API being turned on by default in WP and the recent zero day vulnerability found in it.

I’ll have a post out about this in the coming weeks too, as I keep up with the ongoing discussions.

But it is most definitely a topic you need to stay on top of as well. I hope you are hearing me and taking me seriously about this.

I’m checking into solutions for us and will have more for you when I complete all of my research and tests. But this post will give you a good understanding of why I’ll be taking extra actions with my site soon, and why I’ll be making new recommendations for you too.

Wrap Up

That’s a wrap for this week’s Tips Tuesday.

Find these tips helpful? Share them with your peeps!!!!

Subscribe to all BlogAid Posts

Subscribe on iTunes

Be sure to visit BlogAid.net for more tips and resources and I’ll see you online.

Save

Google+PinterestLinkedinReddit

This book could save you hundreds of dollars and months of frustration. Get it free with your subscription to BlogAid News plus my blog posts.
Privacy Policy



Reader Interactions