Tips Tuesday – Social Follow Plugin, Higher Click Throughs, Prevent Database Hacks

Hello Happy Site Owners and Webmasters!

Tips this week include:

• What I’m uploading in the new Google Search Console course
• How you pay a hefty price down the road using theme builders
• New designer help for Gutenberg in Genesis
• Cool updates to the Simple Social Icons plugin
• Why we need to be concerned about the upcoming release of PHP 7.3
• How and why to better vet your plugins before installing on your site
• An update on staging sites at both A2 Hosting and SiteGround
• How your database gets hacked and ways to prevent it
• Why I won’t be using the new Cloudflare Firewall Rules
• How to get more clicks from Search and social media like Pinterest

Listen to the Podcast

Podcast: Play in new window | Download

Subscribe: RSS

Join me Live to Discuss Tips Tuesday

I hope you’ll join me live tonight at 9pm ET / 6pm PT for the party and an interactive Tips Tuesday recap and breaking news discussion on the BlogAid Facebook Page. You can also catch the quick recap later that evening on the BlogAid YouTube Channel.

Replay

BlogAid Happenings

Google Search Console Course Being Uploaded

I’m delighted to say that I’m in the process of uploading the new Google Search Console tutorials to the DIY SEO course!!!

I also met with one of my site audit clients last week to get all kinds of example screenshots of the types of data you’ll see in the new Search Console interface that will make you think something is wrong, when indeed it is okay.

That should really help folks sort through the emails they get from Search Console, plus all of the graphs.

I hope to be meeting with 2 more of my site audit clients this week to check those same issues on their accounts, plus any new ones, and put them to the tutorials as well.

So, I believe I will be on target for releasing the new course by the end of the month.

I’ll also be putting it on sale as soon as it’s ready to go. That will be ahead of raising the price.

And then I’ll announce the schedule for the Flash Challenges we’ll be doing to help everyone get up to speed with the new Search Console interface.

I think that’s the best way to help you get through the new tutorials, and get you in the habit of checking your stats ahead of the Technical SEO Workshop we’ll be doing in January, when we kick off the full Workshop series again for 2019.

You Pay the Price for Builder Themes

This past week I did audits for 2 clients who are using theme builders.

The audits clearly showed the bloat those things add, and there is almost no way to speed up the site without breaking the theme.

I understand why folks want to use theme builders, but building your own site is an amateur’s dream.

Not a single one of my money-making clients, including me, would consider wasting time building our themes.

I’m an old coder, and there is a reason why I hire a designer. It’s a specialty service now. And a good designer will know all of the tricks for speed and ADA compliance for those who are visually challenged.

They will also know how to help you meet your money goals by helping you choose a structure that maximizes your CTAs, or Calls to Action.

In the last couple of Tips Tuesdays I’ve mentioned that it looks like Genesis will eventually turn into more of a theme builder.

I’m cautiously excited about that, as I want to ensure they adhere to what has made them so great, which is skinny code and no bloat.

So, if you’re thinking about revamping your site, let’s do an audit and see if your theme is putting a big drag on it that can’t be overcome, and consider switching to a new theme. You can even keep the same look.

That’s all the news from around here. Let’s jump into this week’s tips.

Theme Tips

Genesis Designer Help for Gutenberg

Speaking of Genesis, I’m thrilled that they are constantly helping designers get ready for Gutenberg.

They have been releasing lots of tips so designers can learn how to style for blocks and more, and do it in little chunks, as they build their knowledge.

They published a helpful post this past week with a roundup of the tips they’ve released so far, and more are on the way.

So, designers, if you’re not already following the StudioPress blog, this is a great resource for you.

Plugin Tips

Simple Social Icons 3.0 Released with Cool Updates

And speaking of Genesis, during my theme revamp this summer, we switched to the Simple Social Icons plugin for my social follow buttons.

One of the reasons was because we needed to lighten up the icon set and use the same one everywhere else too.

They just released version 3.0 and it has some cool updates, like:

• Setting a custom icon style for each widget
• Transparent icon backgrounds
• Obscuring links from spammers
• Improved markup for links to open in a new window

WordPress and PHP 7.3

The WordPress core devs have published a post about the release cycle of PHP 7.3, which is slated for Dec 13.

They are urging plugin and theme devs to make necessary updates to be compatible.

While I appreciate them informing devs, the WP folks need to start putting some penalties on plugin and theme devs who don’t get on the ball with this.

There are 40k+ plugins in the free WordPress plugins repository.

The only warning we have right now is for plugins that have not been updated in more than 2 years.

What we really need are specific warnings for plugins that are not even PHP 7.0 compliant.

And then we need a notation for any plugins that are Gutenberg compliant, including those that make no use of what will roll out in the Gutenberg 5.0 release. You know, plugins like Login Lockdown that protect your from a brute force attack on your login page.

Lack of PHP compatibility is going to be a nightmare all through 2019 if WP itself doesn’t do a better job of lighting a fire under devs to get this done, or remove their plugin from the repository if it’s not compliant.

I would guess that about half of the plugins would disappear and we’d have a much cleaner repository to sort through to choose new plugins.

Vet Your Plugins Better

And on that note, the days are over where you can just throw a plugin on your site to check it out.

I clean all the junk up that deleted plugins leave behind during site audit fixes if you should you chose not to use it.

So, to avoid the orphans, and the conflicts they can leave behind, do a better job of vetting the plugins prior to install.

Take these steps first:

• Check my recommended plugins list
• Visit the plugin’s support forum and see what issues folks are having
• Ask in our Site Audit Client Plus group
• Ask in other groups

Now, be careful with that last one. Non-techie groups can be one of THE worst places to get site advice. All those folks care about is fashion, not function, and you could end up with a resource hog on your site.

READ: The Worst Website Advice You’ll Ever Get for more on how un-educated group advice could do you more harm than good.

Hosting Tips

Staging Site at A2 a Bust

You may recall last week that I reported on A2 promoting their staging site area. And you may recall me saying that one of my webmasters had checked into this earlier in the year and ran into bugs and issues.

Well, she checked into the latest version and guess what? Same bugs and issues.

So, we’re giving up on this for now and I’ll keep you posted as to when it works.

For now, you may want to try UpdraftPlus’ new Clone feature that I reported on a few weeks ago, that lets you clone your site to the cloud and do tests there. You can get a sandbox site for a day, a week, or a month. And it’s only $12/mo, which is less than what I charge to set up a sandbox.

FYI, SiteGround has had staging sites for a while too, and they don’t work any better, or so I’ve heard from clients who have tried it.

Security Tips

How Your Database Gets Hacked

Most hosts use mySQL, which is a lighter version of the SQL database brand.

One of the most common site vulnerabilities is an SQL-injection hack attack, where malicious code is inserted to snoop the info in the database and take control of the site.

Your database holds all of your user login info. So, once a hacker is in there, it’s super easy for them to get that info, log into your site, and then change the info so that you are locked out.

And then they can take full control of your site and do all kinds of nasty things.

However, they may not go that far.

They may just hack in enough to input ways to use your hosting resources for their own needs, like sending out spammy links and such, or attacking other sites and host servers.

You may be surprised at all the entry points for a hacker to do this.

This post on ManageWP covers them, including:

• Generic contact forms
• Login portals
• Blog comment forms
• Subscription pop-ups
• eCommerce checkout pages
• Search bars

Another common way into your database is through coding holes in plugins, themes, and even WordPress.

This is why it’s so super important to:

• get your site secured from the root up
• keep your plugins up to date
• kick bad bots to the curb before they ever reach your site

Cloudflare is a super way to help you with that last one, as it bounces bots before they ever hit your hosting, much less your site.

READ: What Celebrity Homes and Secure Sites Have in Common for more on how to kick bots with a gate that is far away from the house.

The Pro plan on Cloudflare also has a WAF (Web Application Firewall) that can protect you from SQL injections as well as XSS (Cross Site Scripting) issues, which are the two most common plugin vulnerabilities. It makes me sleep a lot better at night knowing I have some protection until plugin devs can find those bugs and patch them.

You’ll also find these precautions listed later down in that article too, as good ways to protect your site.

New Cloudflare Firewall Rules

This past weekend I was helping a site audit client set up her site on Cloudflare and noticed a new Firewall Rules features.

It seems like every week I’m seeing new features at Cloudflare and most of them are super for us.

But, I think this one may be overkill for most of us, including me.

It lets you finely tweak a stack of firewall filters so that you can be specific about blocks beyond IP address or country or such.

I have a couple of webmasters that might need this type of granular control, but thinking I won’t be doing a tutorial on it, as most of us don’t need it at this point.

I will be keeping my eye out for ways to make use of it in the future, though, and it’s a nice thing to have.

Blogging Tips

How to Get More Clicks from Search and Social Media

You work hard on your content. And the purpose of it is to get more folks to click through to your site, no matter where you share the link.

This post on Blogging Wizard is all about how to raise your organic CTR, or Click Through Rate from Search.

But, I think these principles will also apply well to Pinterest and other social media, and even in your RSS to email feed or newsletter too.

The first tip they share is to Know Your Audience.

You may think you know them, but you might be as super surprised as I was the last time I sent out a survey. I got all kinds of responses I either didn’t expect or didn’t even think of.

In fact, the last time I ran a Facebook ad on what I thought was my prime audience demographic, I decided to open it up to folks outside that age range. And BOOM! I instantly doubled sales on that course.

So, sending out a survey or such is a really good idea, and this post gives you tips on how to do that.

You’ll also find tips for improving your headlines and meta descriptions, but from what I’ve seen, most of you are already doing that pretty well.

They also have some tips for ranking in Featured Snippets. That’s one of the things I teach in the DIY SEO course too.

And the really big tips are toward the bottom, in the #4 section labeled Don’t Disappoint Your Readers.

It’s all about writing stellar content, and different ways to do that.

I suggest that you try to focus on each one of those bullet points in every post you write.

The last one is about breaking up paragraphs into to shorter chunks. Look how I did that in this post.

I didn’t dumb down the content.

I just made it easier to scan because, the fact is, that’s how folks read posts.

Wrap Up

That’s a wrap for this week’s Tips Tuesday.

Show me some love!!

Share this post with all your blogger buddies to support all the free info and help you get on BlogAid – and help your buddies too!!

Get the BlogAid Tips Tuesday Podcast on iTunes or Stitcher

Subscribe to all BlogAid Posts via email so you never miss anything!

Be sure to visit BlogAid.net for more tips and resources and I’ll see you online.