Archive For: January, 2015

Getting Started with WordPress

 

Ok, WordPress is installed and running…What’s next? If you’re new to WordPress, this article will give you some all important tips on setting up and securing your new WordPress site

1) Set the Title, Tagline, Time zone and add your Favicon

We rolled these into one step as their easily made from the setting area of your WordPress Admin panel.

In your WordPress admin panel find Settings and choose General. Add your site Change both your site title and complete the tagline with something descriptive of your site.

Still in the General section, find Timezone and add a city in your same time zone. You can also use the UTC (Coordinated Universal Time). Sites like this will help you find the correct UTC setting.

As Always, Save Changes.

Adding your favicon.

Favicon is little icon in the browser tab next to your site title and helps identify your site. Many times it’s not changed and show the WordPress default icon.

Creating a Favicon

A favicon is a square image. 32×32 pixels or 16×16 pixel images are the right size. Using you image editor, create a square image large enough so that you can work on it. Keep in mind that greatly reducing an image also reduces detail, making it important to use a bold, simple image for your favicon. When the image is ready, use a tool like Favicon Generator to convert it to a 16×16 .ico file.

Adding a Favicon to your WordPress Site

To add your new favicon, simply upload it to your sites root directory and paste this code into your theme’s header.php file….making sure to change mysite.com to the name of your site. Save it and check your site. You should see your new favicon.

1 <link rel=”icon” href=”http://mysite.com/favicon.ico” type=”image/x-icon” />
2 <link rel=”shortcut icon” href=”http://mysite.com/favicon.ico” type=”image/x-icon” />

No header.php file? This plugin gives you a way around that and will also help with adding scripts like google analytics. Install the Insert Header and Footer plugin. After activating go to Settings » Insert Headers and Footers. Once there, past the above code, save and you’re good to go.

2) Setting Your Front Page Display

Also from the Settings area of your admin panel, go to Front Page Displays and set the page to show as desired.

Here you can set a custom home page that focus on a specific topic or product. You can also set additional pages to display your blog posts (we’ll cover that in future articles).

Decide what should be seen on the front page and go. Keep in mind that you can always change it later. You can also make some of these changes with the Customize option, from the front end of your site.

3) Setting Your Permalink Structure

WordPress’s default permalink structure (the link structure added to yours sites URL, mysite.com) can be made a bit more search friendly.

Still in your admin panels Settings area, select Permalink. You’ll find a few different choices for setting a new structure. I prefer either the Day and Name or Post Name options. Pick, Save and you’re done.

  1. Addressing WordPress Security

A little paranoia can be a good thing when dealing with your sites security.

First security step many take is to install a WordPress backup plugin. At URLJet, we’ve done that for you and automatically backup your site (You can remove backups on our VPS and dedicated options). The next is to secure your wp-admin area. This could be a topic in itself but two quick tips are to

  • Limit logins.  This plugin limits missed login from the same ip.
  • Use .htaccess to password protect your wp-admin folder. In cPanel find password protection and follow the instructions to add it to your wp-admin folder
  • Add a Web Application Firewall (waf) We like the Incapsula personal plan as it gives the additional bennifit of a cdn http://www.incapsula.com/pricing-and-plans.html
  1. Remove Unused Themes and Plugins

WordPress users tend to install and test a few themes or plugins before deciding on the final one. Don’t leave them behind; delete them as for security, they also need updating and maintenance.

It’s easy, find the menu item named Appearance and go to themes. To delete a theme, hover over it and select Theme Details. A window will open and give you the opportunity to delete the theme.

  1. Add an Anti-Spam Plugin

Spam is not a good thing and WordPress sites can be magnets for spam. Spam comments are irritating for users and bad for SEO. Adding an anti-spam plugin will help greatly in keeping your WordPress site from becoming a spam magnate. This is the best way we know of to knock down spam:

  1. Add Askimet
    If you use JetPack, you can active it through JetPack. If not, just follow the prompts to active it.
  2. Limit links in a post. Go to Settings>Discussion panel. Scroll to comment moderation and limit the number of links. It’s set to 2 by default, try 1 if spam becomes an issue
  3. Comment Blacklist. This is a list of word forbidden on your blog. Go to Setting> Discussion Panel, find comment blacklist and add problematic words.
  4. Add a WordPress SEO Plugin

Getting your site found is vital and good SEO is important for any website website. To ensure that your blog posts are getting maximum results, you need to optimize them for SEO and The Yoast WordPress SEO plugin https://wordpress.org/plugins/wordpress-seo/makes this part easier. SEO isn’t automatic but this will make your life easier.

https://yoast.com/articles/wordpress-seo/

A top choice for many is the WordPress SEO Plugin by Yoast. https://wordpress.org/plugins/wordpress-seo/It’s easy to use and  generates xml sitemaps at the click of the mouse.

  1. Add a Cache Plugin

User appreciate fast sites and so does Google. Caching helps take the load off your server and speed up your site.
Below are a couple of the more popular cache plugins for WordPress:

W3 Total Cache – Possibly the most powerful cache plugin available for WordPress. It’s loaded with options to help boost WordPress performance and is a popular plugin for CDN integration. This plugin has a lot of options and easily mess things up if not configured correctly. New users may have better luck starting a bit smaller. If you’re ready to jump on, make sure to follow the set instructions.
WP Super Cache – Much easier for a new user yet still good choice for caching plugins. Just Install, turn on caching and check your site speed. It does have some additional option and like with other cache plugins, make sure to read the set up info and test before hitting save and leaving.

  1. Optimize For Social Media Sharing via Sharing Plugins

Social Sharing can greatly accelerate the growth rate of your site and easiest way to optimize your site for social shares is to use a Social Sharing Plugin.

There’s a scad to choose from and as always some are better than others. These are 2 that we like…We’d like to hear from you, with your choices and experiences.

HootSuite
HootSuite is one of the original social management tool and we feel it’s still one of the best.

Bit.ly https://bitly.com/
A great link shortner. You can have your own branded short urls, easily organize your links, create custom keywords and it offers analytiucs for your shortened links.Last but certainly not the least, Bit.ly offers analytics for each shortened link.

Moving on

We’ve found the steps above to be a great help in running an maintain a WordPress site. We’d love to hear your comment, observations and favorite plugins.

 

Read More

Optimize WordPress for Performance

URLJet shows you how to speed-up your WordPress site

While we can’t cover everything involved in one tutorial, we’ll give you some starting tips on improving the speed of your WordPress site. A fast site will improve your users experience and rank better in search engines like Google and Bing as page speed has become part of their ranking algorithm.
Blazing WordPress Performance
Your URLJet hosting solution is pre-optimized at the server level and includes potent optimization features. Our WordPress hosting solutions include:
• Static Cache
• Dynamic Caching
• gZIP enabled by default.
• LiteSpeed Code Optimizer
• All SSD Drives
• Free Cloud Flare CDN
In this How-to we’ll cover the following topics: Using Cloud Flare, Optimize Images, Mimify CSS and JavaScript files. Utilize Browser Caching, Optimizing Your Word Press Database.
Our default configuration enables caching your WordPress site and adds to the the site speed. Different caching options are available under the Select PHP Version button in your account cPanel. Here you can switch between Xcache, Memcache or eAccelerator to find the one that best suits your site.
Enable gZIP compression
gZIP reduces size of data being transferred between your server and your site users. Its enabled by default but should you want to expand it to additional parts of your site placing the follow code will enable gZIP compression for images, CSS and JavaScript files. This will cause the web server to compress specific types of content before sending it to the sites users, where their browser decompresses the content before rendering it to the page. This can greatly reduce the size of the data transferred along with lowering your bandwidth and page load time.
To enable gZIP compression for a specific file type, add the line with the correct file type to your sites .htaccess file in the root WordPress folder:
## ENABLE GZIP COMPRESSION ##
AddOutputFilterByType DEFLATE text/xml
AddOutputFilterByType DEFLATE text/css
AddOutputFilterByType DEFLATE text/plain
AddOutputFilterByType DEFLATE text/html
AddOutputFilterByType DEFLATE text/plain
AddOutputFilterByType DEFLATE application/xml
AddOutputFilterByType DEFLATE application/rss+xml
AddOutputFilterByType DEFLATE application/xhtml+xml
AddOutputFilterByType DEFLATE application/javascript
AddOutputFilterByType DEFLATE application/x-javascript
## ENABLE GZIP COMPRESSION ##
Using Cloud Flare
Content delivery networks (CDN) are networks that cache parts of your site at their locations (pops) around the world. This means you’re more static data is served from the closest server location and not from the URLJet datacenters. The reduces the latency effects of data traveling long distances. Use the Cloud Flare button in your cPanel to enable. Please note that some CDN options may break your site we recommended testing before fully committing.
Optimize Images
Images are vital to every website, as is optimizing them for your sites performance. The points below are important to keep in mind when adding images to your WorPress site.
• Size images correctly. Don’t upload big images then force the server to scale them to the desired size. Images loaded to the server should not be larger than the size their displayed in.
• Remove unneeded data from the images. Photoshop has a setting for this and Yahoo has a great free program called Smushit. These tool use a technique call lossless compression that removes additional data from your photos – creation date, camera used for the photo, gps coordinates, and so on, without affecting image quality.
• Use image Sprites for your themes, if possible. Sprites use a CSS technique that lets a one large image represent many small images on a page. This loads several images as one and one lager file transfers faster than many small ones. However, use of sprites must be considered when the theme is designed. Always for themes that utilize sprites.
Minify JavaScript and CSS files
Minifying your CSS and JavaScript files removes unnecessary data like double spaces, empty new lines, comments and so on to reduce their size. You can use online tools like Minify, the option built into Cloud Flare or the W3 Total Cache plugin that gives you the option to minify your theme’s CSS and JS files.
Utilizing browser caching
Browser caching let you specify how long your visitors’ browsers should cache thing like images, CSS, JS and flash files. Be aware that this can cause issue with highly dynamic site with many changes. To test or use it on your site, add the lines below to your .htaccess file. Please Note: the change below sets cache to 1 month. You can shorten or lengthen as your site requires.
## LEVERAGE BROWSER CACHING ##
<IfModule mod_expires.c>
ExpiresActive On
ExpiresByType text/css “access 1 month”
ExpiresByType image/gif “access 1 month”
ExpiresByType image/png “access 1 month”
ExpiresByType image/jpg “access 1 month”
ExpiresByType image/jpeg “access 1 month”
ExpiresByType image/x-icon “access 1 month”
ExpiresByType application/pdf “access 1 month”
ExpiresByType application/x-javascript “access 1 month”
ExpiresByType application/x-shockwave-flash “access 1 month”
ExpiresDefault “access 2 days”
</IfModule>
## LEVERAGE BROWSER CACHING ##
Optimize your WordPress Database
Optimizing your WordPress database occasionally is also a good idea. It’s like running Disk Defragmenter on your local machine. To optimize you WordPress database, open PHPMyAdmin in cPanel and navigate to your WordPress database. Open it and scroll to the bottom of the page to locate a check box for tables having overhead. Click and open the drop down and choose Optimize Tables and let run till completion. It’s a good idea to run it a second time only choose Check All and Optimize Tables This is losing importance as MySQL moves more to the InooDB engine.

Read More

XenForo Adds Spam Filters

XenForo, with version 1.4 supports a number of CAPTCHA providers:

Text CAPTCHA — provides Q&A style CAPTCHAs like “Which of 47, sixty two, 18 or 59 is the smallest?”. Its really the same as Q&A, only it has a large number of questions built-in — over 180 million.
Solve Media — Solve Media offers standard image-based CAPTCHAs at varying difficult levels:
They also offers revenue generation options through your CAPTCHA if that’s something you’re interested in. KeyCAPTCHA — KeyCAPTCHA uses a puzzle-solving approach to implement a CAPTCHA. When I say a puzzle, I mean that literally: KeyCAPTCHA has a few different offerings and variations on this theme which you can enable on their site.
All of these new options require you to obtain API keys from the service, so they will need to be explicitly enabled.
IP Checks Against Banned Users —If a user registers with an IP address that was used by a banned user recently, you now have the option to manually approve that registration. Catch user re-registering banning. Spammers tend to use the same IP over and over.

Read More

Potential vBSEO vulnerability

This is just out from vBulletin:

It has come to our attention that there may be a potential security vulnerability in VBSEO affecting the latest version of the software (and potentially other versions as well). We’ve attempted to contact the vendor, but as they have been non-responsive we felt we should alert the community as many of our customers use this add-on software.

If you beleive your running a vulnerable version of the software, there is a simple fix: just comment out the following lines in the file vbseo/includes/functions_vbseo_hook.php:

if(isset($_REQUEST[‘ajax’]) && isset($_SERVER[‘HTTP_REFERER’]))
$permalinkurl = $_SERVER[‘HTTP_REFERER’].$permalinkurl;

should be changed to:

// if(isset($_REQUEST[‘ajax’]) && isset($_SERVER[‘HTTP_REFERER’]))
// $permalinkurl = $_SERVER[‘HTTP_REFERER’].$permalinkurl;

If you are running the “Suspect File Versions” diagnostics tool, you will additionally need to generate a new MD5 sum of the above file and edit upload/includes/md5_sums_crawlability_vbseo.php to use the new MD5 sum on the line:

Please be aware that you are making these changes at your own risk. We don’t know if making this change affects the terms of your VBSEO license and we can’t be responsible if making this change breaks your site.

CVE-2014-9463 has been assigned to this potential vulnerability by cve.mitre.org.

Read More

Fixing Basic WordPress Problems

WordPress is the web’s hand-down solution for both large and small jobs; However, it does have its problems. WordPress’s versatility can also complicate the task of locating the source(s) of failure when something breaks. We won’t even try to address every WordPress but this article will help you navigate the more common problems.

White Screen of Death

wordpresswhitescreenFor the few of you that have never encountered the white screen of death, this error is exactly that: A blank white screen loads when you access you’re site.

The two major causes are incompatibility problems between plugins and themes. If you can access the sites admin panel, first try deactivating your plugins one by one until the site loads. If the doesn’t work, change your theme to the default WordPress design.

 

Step One

If you can’t access wp-admin, you can manually deactivate the plugins and themes using File Manager or FTP. FTP into your account and locate the plugins folder (usually wp-content/plugins) or the themes folder (wp-content/themes) and append ‘_bak’ to the end of the folder name.

Now try to access your admin panel. Once in, activate your plugins or themes one by one until the issue reappears. When that happens, you’ve found the primary source of the conflict.

Advanced Steps

You can also the following line to the end of your wp-config file to active WP_DEBUG:

define( ‘WP_DEBUG’, true );

Once activated, navigate to the page showing the error and you should see the details of what’s causing the error. NOTE: be sure to disable when finished by setting the value to false:

define( ‘WP_DEBUG’, false );

Password Reset is not Working

The Easy Way

If you’re using the default admin user (i.e. your username is admin) you can reset your password by access the site files

  1. FTP to your site and download your active themes functions.php file
  2. Immediately after the opening <?php line, add: wp_set_password( ‘password’, 1 ); Change the 1 to your user ID, and password to the one of your choice.
  3. Upload this file to your site.
  4. After logging in to the site, remove the code from the functions.php file and remove the code or it will reset the password each time you logs in.

Advanced Reset

Ok, you’ve lost your admin password and the reset password link emailed to you isn’t working. To change the Password, login into your cPanel and click e phpMyAdmin. This will let you edit your WordPress database. From one of URLJet’s VPS’s or Dedicated servers you can also edit the database from the MySQL command line but on shared hosting phpMyAdmin is the ticket.

First, generate an MD5 hash for you desired password. You can do that using this link to our favorite Hash Generator
Next, follow these steps to change your password:

  1. Access your WordPress database
  2. Locate and open the wp_users table
  3. Find the row with your your username. For large boards, use the search feature
  4. Update the user_pass value in that row with the hash generated earlier.
  5. Save the changes.

Insufficient Memory

This is one you should not see much of at URLJet as our preset limits are set for larger sites. However should you find the default memory setting insufficient to handle an extensively modified WordPress site, increasing your WordPress memory limit is easly accomplished by adding the following line to your WordPress config file:

define( ‘WP_MEMORY_LIMIT’, ‘128’ );

The command sets your WordPress memory limit to 128M. If you need a higher or lower limit, replace that value with the desired amount.

Maintenance Message after an Upgrade

Updates are a must do process to keep your WordPress site secure and functional. Sometimes the system doesn’t clean up all of the upgrade files. If the message: Briefly unavailable for scheduled maintenance. Please check back in a minute., appears after and update, check and see if there still a maintenance file left in the site root folder. If so remove it and the problem will disappear.

Be Proactive in Protecting your WordPress Site.

Should you find yourself in a worst case situation and need to restore to a backup, URLJet maintains offsite backup for all shared accounts. Should you need to roll back, we can restore your site simply submit a ticket listing a restore point. If you choose to keep your own backups, in addition, a weekly or monthly backup is advised. .

 

Read More