Credit: https://www.todhost.com/blog/digital-marketing-seo/249-an-seo-guide-for-multi-regional-and-multilingual-sites


It can be challenging to make sure that Google and other search engines index your web pages correctly if your website serves multiple languages. There are several ways to handle international content.

What Are Multilingual SEO, Multiregional SEO?

Multilingual SEO is the practice of offering optimized website content in a variety of languages. Multiregional SEO is the practice of creating optimized website content that is tailored specifically to multiple geographic regions.

These two strategies often have overlap, which is why we are covering them both in this post. They also tie in with other aspects of online marketing, such as conversion rate optimization, pay per click and content strategy.

The first thing you need to do is determine what regions you are targeting. Next, you need to decide which languages you are going to make available to those regions. This is critical, because it allows you to lay out the entire project.

Here is a guide on how to deal with international Search Engine Optimization (SEO) for your website.

Also read: A Guide to Manage Google Algorithm Changes


1. Use local domains for each language

After you determine the language and regions, you need to choose your domain and/or URL structure strategy.

Google's Official Webmaster Central blog states, It's difficult to determine geotargeting on a page by page basis, so it makes sense to consider using a URL structure that makes it easy to segment parts of the website for geotargeting.

A very good way to serve international content is to use country specific domains. For example, use yourcompany.com.ng for Nigeria, yourcompany.de for Germany, yourcompany.fr for France, etc.

If you have a .ng domain, it will be much easier to get high rankings on Nigerian search engines. In addition, a Nigerian website with English content is very easy to understand for website visitors and search engines.

It is much less confusing than a website that contains English, German, Spanish and other content.

Also read: A Simple Guide to Website Performance Evaluation


2. Important Information About Top Level Domains

Some domains are generic and others are location-specific. According to Google, these are the generic top-level domains (gTLDs) which do not specific a country. Google treats the following as gTLDs that can be geotargeted in Webmaster Tools.

Generic Top Level Domains (gTLDs)

.aero

.biz

.cat

.com

.coop

.edu

.gov

.info

.int

.jobs

.net

.mil

.mobi

.museum

.name

.org

.pro

.tel

.travel

Regional Top-Level Domains (rTLDs)

According to Google, these domains are associated with a region, but they treat them as top level as well (much like .com or .org).

.eu

.asia

Generic Country Code Top Level Domains (gccTLDs)

Here is a list of the ccTLDs. Keep in mind that Google is always changing this list. Also, this list is specific to the Google search engine

.as

.bz

.cc

.cd

.co

.dj

.fm

.la

.me

.ms

.nu

.sc

.sr

.tv

.tk

.ws

.ng

Also read: Boost Your Website SEO with Google Analytics


2. Let your visitors choose which language they want to see

Another way to present international content is to let your website visitors choose the appropriate version. Your homepage contains a country and language selector to let users choose their favorite version.

After the selection, the user should be redirected to a web page that has a unique URL, i.e. each language version should use unique URLs.

If you use this method, it is important that your web pages use the x-default rel-alternate-hreflang annotation for the country selector page, which was specifically created for these kinds of pages.

In general, this method is more confusing than the first method. It's easier to make mistakes that can lead to problems with search engines.

Also read: A Guide to Website Optimization for Mobile Devices

How Search Engines Determine the Language

As Google has declared, it uses only the visible content on the webpage to determine its language. Not any source code information such as attributes would help Google determine the language. When considering the language issue, search engines won't take a whole site as an assessment unit. What they care about is that what is a specific webpage's language is, that is, search engines determine language only at the page level.

To avoid making search engines confused and to help them determine the language correctly, only one language should be used on each page, both in content and navigation. The website can include web pages in several languages, but every page should include only one language.

Also read: OnPage SEO Guide for Top Search Engine Ranking

3. Redirect visitors automatically

Instead of letting your website visitors choose, you can also redirect them based on their location and their language settings. You can do this with 302 redirects or by dynamically serving the right HTML content.

This method also requires the x-default rel-alternate-hreflang annotation and you must also make sure that the language pages have individual URLs.

Automatic redirects can be annoying. For example, if a person from the US is on vacation in Europe, it is not good if the US version cannot be accessed. It's also easy to make mistakes that can lead to indexing problems if you use this method.

Regardless of the method that you use to present your international content, you should make sure that all pages have rel-alternate-hreflang annotations.

In addition, all pages must be accessible for Googlebot (you can test this with a website audit tool. Visitors should also be able to visit different language versions of your website.

Getting high rankings for international websites is even more difficult than getting high rankings for regular websites.

Also read: SEO - What Search Engines Love and Hate About Websites


Conclusions

From the perspective of search engines, pages that provide the same content in different languages would not be considered as duplicate content, and are actually quite user-friendly to provide content in different languages to visitors from different countries or regions.

From another perspective, by creating several language versions of the webpage and helping search engines to index them all, would provide the website a better chance to get traffic from regions using different languages.

One common problem involving multi-lingual sites is the automatic redirection based on the user's perceived language (based on the IP address/cookie/browser language, etc.), which could prevent users and search engines from viewing all versions of the website, especially when there is not a cross-link between each language version of the site.

Also read: How To Manage the Sudden Disappearance of a Website from Google SERPs


Another more serious problem is that the website server can return different versions of the web pages in the same URL according to different user perceived languages. This may confuse search engines and visitors as well as to what is the exact language and content of the page (only one specific URL). To make the site search engine friendly, different content must be used for each different URL.

Since we know that there is no problem for search engines to determine the pages language if there isn't more than one language within each webpage, we can organize different language parts of the multi-regional and multi-lingual site well to help search engines understand each part and thereby help the sites pages get better rankings.

Also read: How to Fix Website Bounce Rate Problems


Recommendations to follow when planning or optimizing your multi-regional and multilingual sites:

Decide to use country-code top-level domain names or sub domains or subdirectories to organize different parts of the site. Choose ccTLDs, subdirectories or sub domains depending on your company's specific situation, such as your company's budget, site scale and so on.

Create different versions of web pages on the site in different languages to suit different visitors. Each page should be created in only one language and each language version of the pages should have their own URLs.

Organize pages in same language together and put them into different country-level domains or sub directories or sub domains.

Set up Cross-links between different language parts of the site and link each language version together.

Add the site to Google Webmaster Tool and set geotargeting for each part to indicate their targeted countries.

Hello,
What really happened to your blog? Was it an exploitation or you were affected by an upgrade from your hosting company?

akintayo1:


You said right, I feel very sad for WhoGohost too. In the past, I have recommended more than 20 clients to host with WhoGohost, but base on my "personal experience" with their hosting services at the moment, I have no choice than move to a better host and stop recommending WhoGoHost as one good idea web hosting company.

At the moment, I'm just praying to God and hoping WhoGoHost can get my blog back on track working 100% with all the files intact. Just to migrate a site from one host to another, WhoGohost engineers just destroy my blog to the extent that I even lost the control of the blog.

The funny thing is, it has taking 2 consecutive months now working on resolving these problems, yet no solution has been reached.

It is a very sad experience I can't just forget in a hurry.

The way things are going with the way their engineers are handling my blog issues, I can see myself starting all over from scratch with a blog I have invested 4 years of work in.

I like patronizing our own (Naija made), but like everyone else, this is my business and WhoGohost are into business too. No one opens up his business to run at loss.

WhoGoHost is making me running at a very high rate of loss at the moment so I have run away from them.

Source: https://www.todhost.com/announcements/43/Free-Certificate-Course-in-Web-Designing.html


Todhost is commencing a free training in joomla website designing beginning from Monday, December 11, 2017 to Januuary 31, 2018.

This training is to help website owners understand how to manage their websites by themselves and take full control of their own websites. The training was designed for Todhost clients as it is free but has now been extended for non-Todhost clients who are registered and can receive direct emails and tutorials sent to their inbox.

Register for this training online at: https://www.todhost.com/register.php

Our Facebook and LinkedIn pages will be open to take responses to the tutorials and will answer necessary questions.

Requirements

1. You will require an active web hosting account. It does not necessarily have to be registered with Todhost.

2. Training Duration

December 11, 2017 to January 31, 2018

3. Training Time: 8.00PPM - 9PM Daily

4. Exercises

Exercises will be conducted, submitted and marked using Google Docs. Some tests may sometimes be conducted using Skype.

5. Certificates.

Certificates will be issued at the end of the programme. Certificates attract a fee of NGN3,500.00 This will be delivered only to those who meet our minimal performance expectations.

Registration:
Register for this training online at:https://www.todhost.com/register.php

Note: Existing Todhost clients need not register.

Complaints: If you have any issues, please use the support ticket to send your message or use the uic contact form on www.todhost.com

Credit: https://www.todhost.com/blog/digital-marketing-seo/248-search-engine-optimization-a-functional-strategy-to-gain-rankings

Search Engine Optimization is a rather very complex task. Generally, it is the tweaks that help web pages gain higher ranking in search engine result pages (SERP). In this article, we provide a very practical approach to SEO and the steps that had been used to gain good ranking for various websites as we know and have adopted in the optimization of some of the websites we have designed, managed and optimized for ranking.

There are two broad elements of SEO. The first is on-page optimization and the second is off-page optimization.

on-page optimization refers to the things you do directly on your website while off-page optimization refers to the measures taken outside your direct website which ultimately lead to higher rankings.

Some SEO experts have argued that on-page efforts are far more important and will yield better results than off-page strategies. On the contrary, they both contribute to the success of the web page and have different weights which determine ranking success. Recently, off-page factors like backlink gains have proved to be more relevant in helping ranking than on-page methods lie webpage title, description and keyword selection.

On-Page Optimization - The First Step

If you are creating a brand new website on a new domain then a website audit will not be necessary. But if you re-designing an existing website or seeking to improve optimization for a website, then you will need to consider conducting some kind of audit. This article details how to conduct a website audit.

The audit will give detailed insight into what needs to be done to bring the website to the standard required for it to be seen as a quality website according to Google's recommendations. A few elements will be considered in the website audit.

Website Speed: Website speed has become a factor, though minor, in website ranking. Speed plays a key role in the experience of users who visit your website. When a website is too slow, it also leads to high bounce rate.

You will need to check the speed of your website with GTMetrix , Pingdom or any other tool. These tools will suffice to testing the speed of your website.

Google PageSpeed Insights

PageSpeed Insights is a brainchild of Google. This app measures your site's performance across multiple devices, including desktop and mobile browsers. This is useful if your visitors are accessing your site from a variety of screen sizes and devices.

2. Pingdom

This is a free tool that gives you full-site performance information including load time, page size and an analysis of each page on your website.

3. GTMetrix

GTmetrix gives you a complete history of the website's loading speeds and a report that suggests ways to improve the performance of your website.

4. WebPagetest

WebPagetest gives insights into the load speed of your website and a breakdown of your site's performance. It's unique in that it allows you to select a country to view your report from, so you can see how your site performs across different countries.

5. YSlow

YSlow is a browser plugin that lets you track the performance of any site you're currently visiting. It doesn't give you the actual load time, but it does break down over 20 different performance criteria. This helps performance comparison.

Responsiveness: By being responsive, a website can be viewed on all devices including mobile devices like Android phones. iPhone and tablets. Google now ranks responsive websites higher than non-responsive sites and this means your site has to be mobile friendly. Besides, mobile devices not attract as much 50percent of total website traffic and even more than that in some environment. Not having a mobile friendly website is a disadvantage as it affects user experience, increase bounce rate and reduces the confidence of users in your site especially if you run an e-commerce website.

Other checks: Other relevant op-page factors you will need to check are branding, colours, images, coding, themes, website architecture, content just about anything on the site itself. Content is very critical especially when considered along the lines of freshness, text ratio, and originality. Google pays much attention to content originality s well as the word count. Most web pages that rank on the top 10 for searches have high text volume/word count. This is not to say you have to copy and paste to increase your word count. No! You have to plan and write your content to gain the attention of users and impress the search engines on the quality of your posts.

On-page Optimisation - The Next Steps

Keywords

Keywords have become one of the most misunderstood elements of SEO. While some authors have played down the importance of keywords, it is our view that keywords still play an important role for as long as search outcome are still dependent on keywords.

Having the right mix of keywords can make much difference. The starting point is to begin with keyword research to understand the right keywords that are currently being used in searches. These will be implemented in building your content, writing page titles and page description.

You may want to read more on the Role of Keywords in SEO

Implementing On-page Optimisation

Having the right keywords, you can now proceed to execute your strategy of using them to develop your content.

Off-Page Optimisation

Backlink Generation - Backlinks are hyperlinks from other websites pointing back to your website. The importance of backlinks have compelled webmasters to buy links and get involved in link exchange programs. These are not recommended for good SEO. In fact, Google frowns at it and will penalize your site if you get to buy links just to manipulate and give a wrong impression about your website popularity.

Backlinks come naturally and when that happens, it can be very rewarding. All you need to do is focus on quality and useful content and expect users to share and make reference to your content.

Google has also made clear that the quality of backlinks matter. If you get backlinks from very poor quality sites or sites that are currently under some kind of Google penalty. Then that would not work in your best interest. In fact, Google will use that to associate your site to be of poor quality and could also downgrade your rankings. So, the key to having a beneficial backlink is to have it from high quality websites. The best way to do this is to focus on building quality content that gets natural backlinks.

How to Create Backlinks

Press Releases - Getting backlinks through press releases is easy. But in certain industry, press releases is not a normal practice to generate links. Notwithstanding, if you can develop a credible and reputable mailing list of high quality websites, sending out press releases to them could just be one great way to gain backlinks.

Citations - A citation is a place on another website where your business's name, address and phone number is listed. You should aim to have as many of these as possible.

Social Signals& - Social signals are currently not a ranking factor to reckon with. They are Instead trust factors. Having a good social signal tells Google that your brand is popular and so should be trusted. Since Google uses historical factors and user experience into consideration in ranking, it follows that having a website that is perceived to be trusted will tell Google that such website can gain a higher rank. Google wants to have quality websites dominate its top pages in SERPs.

Contextual Links - These are links that are placed in the middle of surrounding content for example any link surrounded by relevant text would be classed as a contextual link.

Competition Analysis - This guides on where competitors are getting their baclinks from and the amount and quality of such links. Using tools such as ahrefs and SEMrush we can see where competitors are getting their backlinks.

Guest Posts- Google has not endorsed this strategy as a good link building strategy. The rule will be to ensure that your posts appear in high quality websites. It will certainly be rewarding.

Broken Link Building - We use the analytics to determine broken links and fix them or redirect them to other relevant pages where we are unable to get a fix. Assume that one of our posts have been deleted, you have re-designed your website completely and the link to a particular content has changed. If another website owner has used such link, it should be returning a 404 error which is not good for users, The recommended practice is to contact the website owner to update the link or you use 301 redirect to the relevant page.

Conclusion

SEO is versed and critically important. It will not be possible to exhaust all that should be done in one post. We recommend that you use other posts on our SEO section to learn more.

Thanks for reading and let us have your comments and inputs on what you thing are so important that we have missed.

https://www.todhost.com/blog/small-business/247-common-errors-bloggers-should-avoid


Blogging is serious business and there are thousands of people whose living strictly depends on income earned from blogging. Some would think blogging is such a simple job anyone can do, but when you get down to the real business, you'll find how things get messed up because it is actually more difficult with some technicalities than thought. Every blogger. especially beginners, without a good coach and experience encounters some hitches. That is normal. This post takes you through some common mistakes most bloggers make and some basic advice on how to avoid or overcome them.

Mistake #1: You think of ideas in a vacuum.

Once you start blogging, you will get ideas come to you at random. Do not be attracted to all ideas and consider them good for your blog. Filter your ideas to bring them in line with your blogging goals.

Also read: 7 Steps to Reduce the Disc Space Used by Your WordPress Website

Because the reason why you are blogging is to grow your business, you will ensure that your blogging all support this larger business goal. Your blog posts should have some natural connections to issues in your industry and address specific questions and concerns your prospects could have or raise.

Also read: 13 Recommended Steps to Protect Your WordPress Admin Area

Mistake #2: You are too stiff in writing

Writing a blog post requires a natural flow of thoughts. Just write the way you talk. Don't try to be too stiff, struggling to impress your readers. Allow a natural flexibility in writing.

Writing a blog post is much different from writing an academic work or a term paper. Blogging requires presenting the key message from the beginning because most of the people who read your post will not be able to read to the end.

So be real, throw up controversies, avoid the jargons and be real.

Also read: 6 steps to clean and harden your Wordpress website Security with the Free Sucuri plugin

Mistake #3: Prove your capacity, don't tell it

A lot of bloggers want to exert their influence on their readers and get readers to stick to reading their post by telling them who they are and what they can do. That is not necessary and instead can be counter-productive. A right approach to it is to write and earn people's interest from the quality of your writing rather than trying to talk them into believing in you.

Mistake #4: You write on broad topics

Beginning bloggers are advised to refrain from writing on topics that are too broad. When people start blogging, they generally want to write on really big topics like:

How Social Media Marketing Work
Business Best Practices for sales people
How to Make Money on the Internet through affiliate marketing

Topics like these are far too broad. Because there are so many details in these topics, it's really hard to do a good job answering these questions. More specific topics tend to attract smaller, more targeted audiences and will help you do better. When you focus on specifics, your writing will have better quality and more likely to convert into leads and customers.

Also read: 9 Common Problems of a WordPress Website

Mistake #5: You write without an outline

People are likely going to scan your blog posts, not read them thoroughly. So you need to organize them so that they can capture the key points you want to make within the short time they spend going through your posts.

Always remember that following an outline will make a lot of difference. Once your post is properly organized, flowing along with it as you write is pretty much easier.

Mistake #6: You don't use data evidence.

Citing some statistics and human evidence will make your post stand out. Let us assume a post is been written on mobile use on the internet and mobile-friendly designs. Stating something lie: In 2015, 60 percent of internet users accessed with mobile devices when compared to laptop and desk top computers. Out of this number, 25percent used tablets.

That sounds authoritative and people will go with you especially when you quote the source of your information.

You are simply more convincing when you use data based on research to buttress your point.

Also read: A Guide on How to Reduce the Downtime on a WordPress Website

Mistake #7: Your content borders on plagiarism.

Plagiarism brings you a Google penalty and that will drastically reduce the amount of natural flow of traffic to your website or blog. Before now, Google did not care about plagiarism. But recent updates downgrades websites and posts that copy other people's content.

Learn ho to cite other sources instead of just copying their content. One of the things that has forced people to copy content is to be able to produce voluminous posts. That is no longer something to worry about as Google has clearly defined thin content to mean content with little or no value and not necessarily fewer words.

Also read: A step-by-step guide on how to create a WordPress blog

Mistake #8: You bother about making every post perfect

It is erroneous to think that every of your posts can be perfect and attract heavy readership. There is no perfect human an so not outcome of human endeavor can be expected to be perfect.

When writing, give your best to it and do not strive to be perfect. Just be natural in your writing.

Also read: Best Plugins for Faster Loading WordPress Websites

Mistake #10: You don't blog consistently.

The more new content you add to your website, the more traffic you will get, the more subscribers you will also get for your blog and ultimately, search engines will like your blog for freshness.

Not adding new content consistently is like denying the search engines their food and making them less interested in your website.

Publishing consistently will help the search engines on how often to visit your blog. If you publish five posts in one week and then only one or two in the next few weeks, it'll be hard to form a consistent habit on how you publish and even the search engine crawlers may not be able to determine how often you publish. It is for this reason that it is recommended that you choose specific days to publish your posts. The recommend pattern here is for you to work a calendar for publishing new posts on your blog.

Also read: Best Rated Anti-Spam Plugins for WordPress Websites

Mistake #11: Getting too concerned about immediate traffic.

Don't measure your success based on immediate traffic. While you can record good traffic from social networks, email lists and RSS feeds, you will not have to measure your overall success along these lines.

The best and most reliable source of steady traffic is the search engines. Your post could mae it to the top 10 on search engines and drive incredible traffic. So ensure you focus on delivering quality and allow a natural flow of traffic overtime.

What mistakes do you think we have missed? Share your thoughts in the comments below.

Credit: https://www.todhost.com/blog/digital-marketing-seo/245-how-website-errors-affect-search-engine-rankings


Website ranking is for many, one of the most critically important aspects of their online business. Apart from the information websites provide, staying in business actually depend on how much traffic and conversion a website can get.There are several errors a website can generate. The most common of them is the 404 error. And we will dwell a little more on the 404 error and other errors. We will discuss how these errors can be fixed and how they affect search engine rankings.

According to Google 404 errors are normal errors and they do not affect rankings on their SERPs. Google specifically in a response to a question on this said:

404s are a perfectly normal part of the web; the Internet is always changing, new content is born, old content dies, and when it dies it (ideally) returns a 404 HTTP response code. Search engines are aware of this; we have 404 errors on our own sites, as you can see above, and we find them all over the web. In fact, we actually prefer that, when you get rid of a page on your site, you make sure that it returns a proper 404 or 410 response code (rather than a soft 404). Keep in mind that in order for our crawler to see the HTTP response code of a URL, it has to be able to crawl that URL - if the URL is blocked by your robots.txt file we won't be able to crawl it and see its response code. The fact that some URLs on your site no longer exist / return 404s does not affect how your site's other URLs (the ones that return 200 (Successful)) perform in our search results.

When Google makes a comment, you take it and work with it without bothering anymore what anyone could want to say. Google's opinion is the alpha and omega of search engines. This statement was made in 2011 and Google has not made a new comment o warrant a change in opinion.

However, following recent changes to the Google Algorithm and with greater emphasis on user experience, one is persuaded to think that 404 errors can affect user experience and this could have some impact on bounce rate and ranking as well.

Consider this scenario, someone makes a search for fast and reliable web hosting in Nigeria and finds your post made some two tears ago. Let's assume you have moved the content to another category without properly redirecting to the new page. The result gives the user a 404 error and he leaves your page. If this happens to other pages you have moved in a similar way, your bounce rate will likely increase and Google will spot this trend. Google will definitely not want to reward you with higher rank given your high bounce rate.

So, it is doubtful that if your website returns a lot of 404 errors, these comments will still hold true in your case. So, you need to worry about lots of error pages on your website. Though it is not a factor that Google uses to reward or rank a website, it could indirectly have some effect on your website.

Remember that no one actually knows how Google or any other search engine ranks. Our guesses are only based on the information released to us. There are several reasons to believe that website errors can affect search engine ranking. The bottom line is that Google is increasingly focusing on user experience and will rank a website favourably for its user-friendliness. User experience will including mobile friendliness, un-broken links, navigational elements and friendly urls.

It has also been well established that Google does not like broken links - which is one of the reason for errors.

The idea here is that if your website contains lots of broken links, it will also report poor user experience. What that means is that with Google's increasing focus on user experience, your website will get poor ranking as a result.

Our recommendation is that despite all the assurances not to so much bother about website errors, it will be wise to be properly guided to avoid errors as they affect your users and can actually lead to high bounce rate and a blacklist by users.

Now we will need to look at some of the most common errors and how to cope with them.

500 Internal Server Error

The 500 Internal Server Error is a very general HTTP status code that means something has gone wrong on the web site's server, but the server could not be more specific on what the exact problem is. Most of the time, "Opss" means an issue with the page, .htaccess file or extension code quality.

Resolution

Wait at least 30-60 seconds and reload the web page. You can do that by clicking the refresh/reload button, pressing F5, or trying the URL again from the address bar. The issue may only be temporary. Trying the page again will often be successful.
Clear your browser cache and stored cookies. If there's a problem with the cached version of the page you're viewing, it could be causing HTTP 500 issues.
If your script uses a .htaccess file, rename .htaccess back to htaccess.txt - maybe one of rule inside is not acceptable by your server settings.
Remember what extension you lastly installed or published, if you have access to back-end, just turn it off (disable) and remove link from Menu.
If all those tips won't help, contacting the server support directly is your last option.

504 Gateway Timeout Error

The 504 Gateway Timeout error is an HTTP status code that means that one server did not receive a timely response from another server that it was accessing while attempting to load the page or request by the browser. Most of the time, this means that the other server is down or not working properly. Relax and check website later. Unfortunately, at this point, that this error is no doubt a problem outside your control that will eventually get fixed by server admin only.

404 Not Found Error

A 404 error is an HTTP status code that means that the page you were trying to reach on a website couldn't be found in the database or on their server. Technically, an Error 404 is a client-side error, implying that the error is your mistake, either because you used wrong URL alias (a spelling error or typo). Another possibility is if the page (menu item link) has been renamed or trashed/disabled from the website and in theory you should have known. Check in Menu Module if menu item link is still there and published, also if link (the URL) used in Custom HTML module or article was typed wrong or the link that was clicked on points to the wrong target URL. It's good habit to check and fix those errors regularly.

If your website is built on a script or content management system, after installation of some extensions you might have experienced an error that occurs when PHP on their server is set to strict error reporting - where they receive error messages starting with phrases: Strict Standards: Non-static method help on line XX. Essentially, Strict Standards warnings are not really errors; they're messages designed for developers, but I fully agree they do not like nice on working site.

create php.ini file and then inside put following code:

error_reporting = E_ALL ~E_NOTICE ~E_WARNING ~E_STRICT ~E_DEPRECATED

Blank Page

The white screen may it be one of those extremely annoying problems like error establishing a database connection. It can be caused by everything from damaged extension or outdated installed and published plugin. But what is irritating is you do not see what is going on, because there wasn't any warning message at all you are left clueless to figure out what is the issue.

You will need to enable error reporting on your website. These may be able to help you determine the root cause. Note! Default error reporting is not good for each case because it's visible to everyone, including your users. That's why it is good to look for a plugin that can do this for you. A plugin changes the error reporting level depending on the selected user groups, so for example only only admins will see errors on their pages, but other users won't.

What is helpful in most cases the application displays a blank page due to a corrupted (not core) plugin that is currently active for the site, so check them all, disable - enable one by one to check which one is a problem. If you suspect the problem is other extension related, you can try uninstalling any component or module you recently installed. After the problematic plugin is found check whether it is compatible with your version of software. If you plan to use it contact the extension's developer and report the issue.

Missing image(s) or graphic icons

Technically, in most cases the error is your mistake, either because you typed the URL in wrong or the image has been moved to another folder or or maybe renamed or even removed from the website and you should have known. Check source URL using built-in browser detector or use Firebug.

My home page has changed

Extensions from suspicious websites can contain malicious code that hijacks your website and changes the appearance or settings. So your home page for example is changed to another website that you can't then change back. Or you may see annoying pop-up messages with advertisements for products you've never asked for are constantly displayed on every subpage. First step, please remember what it might have been, uninstall crappy software and then scan your site using Security Component or Online Anti-virus tools. If those steps won't help or your site was hacked, probably you have to recover site from back-up.

Hope this post helped. Lets have your comments on the comment box below.

Keep in touch, Follow us on Twitter, Facebook, Google Plus and LinkedIn

Credit: https://www.todhost.com/blog/website-security/244-best-rated-anti-spam-plugins-for-wordpress-websites

WordPress is the most popular Content Management System (CMS) used on the internet today. So also is the attack level against the WordPress software. One study by Sukuri clearly put WordPress to be the most attacked CMS. The implication is that if you have a WordPress website, you have to do your best to follow recommended steps to secure it from attacks

One of the common vulnerabilities of WordPress is that it can be exploited and used for spamming. This problem is not limited to WordPress users alone. If you have a website, chances are you will be faced with spam. It's one of the truths about online activity. Not only are these fake messages annoying, but spam can also be time consuming to get rid of. By implementing these tools, you can eliminate these pieces of virtual junk mail. Here are 10 top-rated WordPress anti spam plugins effective in removing these problems from your site.

1. Akismet

One of the most utilized spam protection systems on WordPress, Akismet offers superb features. Any time a comment appears on your site, Akismet will quickly analyze it for content before processing the message. You need an Akismet API key from the developer's website to operate this plugin. This service is free for personal websites, but paid subscriptions are available for business and commercial platforms.

2. Spam Protection by CleanTalk

CleanTalk develops a popular platform for eliminating spam. What makes this plugin special is the coverage it provides. Comments, registrations, contact emails, subscriptions and more are subject to scanning to verify the content. As a result, a large portion of your website is free of being a target by bots or spammers.

3. Anti-spam

Anti-spam has a high degree of rating among the 100,000+ installers of the plugin. It boasts no captcha formats or moderation queues. Although it's not as versatile as Spam Protection, it is an effective tool for keeping the comment section clean. It has no advanced settings to adjust and does its job automatically and without input from yourself.

4. WP-SpamShield Anti-Spam

SpamShield is another plugin that does not use the traditional captcha methods for verifying human comments. It's an all-in-one system that supports more than just the comment area of the website. For example, SpamShield works with many other community plugins. BuddyPress, Gravity Forms, Jetpack and more can all be free and clear of random spammy comments.

5. SI CAPTCHA Anti-Spam

For those who don't mind the captcha method, SI CAPTCHA Anti-Spam may be a good choice to consider. The plugin has been installed more than 300,000 times and rates well with users. It can protect areas such as comments, logins or even the lost password page. SI has a few customization options available including which areas to protect.

6. Antispam Bee

The Antispam Bee offers integration as well as protection for your website. For instance, the system can allow comments from specific Gravatar profiles. The plugin will match data against a public database for the most relevant and current information available. It can also prevent trackbacks and pingbacks through spam detection.

7. BulletProof Security

For those who like the idea of a general security measure, BulletProof Security may be ideal. This plugin protects a wide range of parts on the website ranging from spammy comments to database backups. From the WordPress dashboard, you'll have access to a variety of security information. However, you'll need to have the Pro account in order to take advantage of the JTC Anti-Spam function.

8. Captcha by BestWebSoft

BestWebSoft brings yet another captcha platform to protect the website. This plugin ranks high with site owners as it is an incredibly easy system to use. It protects the website from login, registration and comment spam while using white-listed IP addresses for auto acceptance. It has customization available so you can switch from letters, numbers or simple math to verify human visitors. The pro version even protects WooCommerce from spam for those who have online stores.

9. WPBruiser

Formerly known as GoodBye Captcha, WPBruiser offers a variety of protection without captcha images. This plugin prevents access to comments, logins and registrations from spammy humans and bots. It also includes the ability to block certain IP addresses. For those using CloudFlare and similar systems, WPBruiser properly detects the client IP address without accidentally blocking it.

10. Shield WordPress Security

For those who don't want to worry about restrictions from pro accounts, Shield WordPress Security delivers everything you need without a subscription. This keeps your site free of malicious URLs, spambot comments, brute force attacks and even hides the admin and login pages. While you can use the plugin out of the box, you can join an exclusive membership with more features.

WordPress anti spam plugins are a necessity if you want to save time sifting through the junk messages that can flood the comment section of your posts. Install one of these above and breath a sigh of relief as automated systems screen messages for links in inappropriate statements. It will improve the experience of legitimate visitors while saving you time from having to sift through the messages yourself. Read about other ways to reduce spam comments in WordPress.

How often does your site get hit with spammy comments? How often do you have to verify links posted by those who frequent your website?

Credit: https://www.todhost.com/blog/digital-marketing-seo/243-why-seo-keeps-changing-the-way-it-works


Taking people un-aware and leaving many handicapped? Why can't we just rank easily and start driving in lots of traffic + cash to our site? If you have ever wondered about any of these, keep reading.

The reason SEO (google) keeps changing and changing its algorithm is not far-fetched, Google is trying to create an artificial intelligent machine, that feels, reads and think like humans

If you've decided to learn search engine optimization and wonder what really works and what doesn't, then this guide is for you.

Many people including myself has used search engine optimization to grow small businesses, toy stores, large international and local fashion brands, and hotel chains.

One thing never ceases to amaze me - the power of SEO as an Internet marketing tool for growing any business. I have grown small businesses into giant companies in just one or two years - simply from working the client's site up to the top position in Google.

Unfortunately, learning how to use SEO is difficult, if not impossible, for most business owners, Internet marketers and even tech-heads. The reason is this, Browsing through the amount of information flooding the Internet about SEO is overwhelming.

In many cases, most of the advice published is either outdated or misleading. And the constant updates by Google makes it hard for SEO beginners and gurus alike to keep up with what works.

Anyways, I don't want to go in too much into SEO in this article, as the title explains already what this post is all about. SEO TRENDS THAT DOESN'T WORK ANYMORE 2016 AND BEYOND

In the early days of Google (over 15 years ago) Google started a smarter search engine and a better experience for navigating the World Wide Web. Google delivered on this promise by delivering relevant search engine results.

Internet users discovered they could simply type what they were looking for into Google and BINGO! users would find what they needed in the top results, instead of having to dig through hundreds of pages.

Google's user base grew really very fast.

It didn't take long for smart and entrepreneurial minded webmasters to catch on to sneaky little hacks for ranking high in Google.

Webmasters soon discovered that by cramming many keywords into the page, they could get their site ranking high for almost any word or phrase. It quickly spiraled into a competition of who could jam the most keywords into the page.

The page with the most repeated keywords won, and rose quickly to the top of the search results. More and more spammers caught on and Google's promise as the most relevant search engine was thus challenged.

Webmasters and spammers became more sophisticated and found tricky ways of repeating keywords on the page and then completely hiding them from human eyes. (By changing the background color to the same as text the color).

All of a sudden, parent looking for holidays in specific location would be left with the nasty surprise of arriving at a site about Health and Fitness! How could Google keep its status as the most relevant search engine, if people kept on spamming the results with tons of spammy pages, burying the relevant results to the bottom?

A closer look into the updates of google.

Google released a widespread update in November 2003 codenamed "Florida" effectively stopping spammers in their tracks. This update leveled the playing field by rendering keyword stuffing completely useless and effectively restored balance to the force.

And so began the long history of Google updates, making it hard for spammers to game the system and making ranking high a little more complicated for everyone.

Fast-forward 15 years and ranking in Google has become extremely competitive and considerably. more complex. In a simple sentence, everybody wants to be in Google. Google on the other hand is fighting to keep its search engine relevant and must constantly evolve to continue delivering relevant results to users. This hasn't been without its challenges though.

Just like keyword stuffing, webmasters eventually clued onto another way of gaming the system by having the most anchor text pointing to the page. If you are not familiar with this term, An anchor text is the text contained in external links pointing to a page.

This created another loophole exploited by spammers. In many cases, well-meaning marketers and business owners used this tactic to achieve high rankings in the search results.

Along came a new Google update in 2012, this time called Penguin. Google's Penguin update punished sites with suspicious exact match domains and amounts of links with exact-matched anchor text pointing to a page, by completely delisting or de-indexing sites from the search results.

Many businesses that relied on search engine traffic overnight lost all of their sales literally, just because Google believed sites with hundreds of links containing just one phrase didn't acquire those links naturally.

Google believed this was a solid indicator that the site owner could be gaming the system. If you find these changes alarming, don't do it.

Already, if you have read this post up to this point, then definitely, you have understood the point am coming from and already know what doesn't work in SEO anymore.

But for the purpose of making everything simple, i will just highlight the major lessons in this article.

1.) If you are just registering a domain or about hosting/starting a blog, then you should never use an Exact match Domain I.E. Dogtrainingtips[dot]com.. The reason is not far fetch, outside risking the chances of been hit by google, you are losing a huge amount of money.

2.) Do not do, or try to use keyword stuffing or hiding keywords using the background color trick in your post to rank for that particular keyword.

3.) Do not drive traffic to your site by pasting your sites URL just anywhere you see. Once google detects spam, that's all for you. Frustration is next.

4.) When using links or backlinks, do not use a particular anchor text all the time. I.E a post about Dog training can have diverse anchors as Dog breeding, Dog upbringing, Dog training, dog training tips, pet training, pet upbringing, pet training (dog) guide, dog watch.

In the short history of Google's major updates, we can discover two powerful lessons for achieving top rankings in Google and staying there.

1. If you want to stay at the top of Google, never rely on one particular tactic.

2. Always ensure your search engine strategies rely on SEO best practices.

If you have got anything more to add to this, feel free, just use the comment box below. And Don't Forget to share.

Author BIO

Confidence Ezemadu, is a DIY tech kind of guy. I have spent many of my life and resources acquiring and testing what works and what doesn't in the Online Space and currently share more insights about entrepreneurship + tech on a simple blogger platform. (other Money sites on WP though).. You can follow me on Google Plus if you like me.

Credit: https://www.todhost.com/blog/digital-marketing-seo/242-how-to-drive-massive-traffic-to-your-blog-and-website-2

Driving traffic to a blog has been an important issue for any blog or website. Traffic generation continues to feature prominently for any blogger and this will remain so as the better the traffic, the more relevant any website will become. In this post, we will take a look at some traffic generation methods that works, but some of them have not been widely acknowledged in many cases.

1. Drive traffic from SlideShare

SlideShare is a website that allows you to upload and share PowerPoint presentations online. However, did you know that SlideShare can also be one of the best sources to drive an insane amount of traffic to your blog?

Bloggers like Mauro D'Andrea and Ana Hoffman have been generating massive traffic to their blogs. By creating just 9 presentations in 30 days, Ana Hoffman has turned SlideShare as her second largest referral traffic source. If you can learn from her success, you can implement the lessons on your traffic acquisition strategy.

Before jumping in to create your first slide, below are a few things you'll need to know as a prerequisite.

In order to drive huge traffic from your slides, obviously, you will need to get more views for your presentation on SlideShare. According to Ana Hoffman, you'll need to get about 900-1100 views for your slides to be featured in the featured box and 1200-1500 views to be featured as the Top Presentation of the Day. It is recommended that the best time to upload your presentation is between 11 pm and 2 am EST.

Step by step guide to driving traffic from SlideShare

Step 1- Create a SlideShare presentation

Create a SlideShare presentation based on your blog posts. For example, if you're writing a blog post about 10 weight loss tips, you can create a Slideshare on the same topic.

There are many ways to create a presentation. Let's look at a few of them.

Create it by your own: Creating a presentation isn't a rocket science. If you're on PC use PowerPoint; if you're on Mac use Keynote to create a presentation. Alternatively, you may try using free software like OpenOffice.org to create it.

Download a PowerPoint template: Instead of creating a Powerpoint template from scratch, you may download a PowerPoint template online and start customizing it on your own. By this way, you can make sure that your presentation is good looking.

Hire an expert - Hire an expert designer from Fiverr.com to create a presentation for you.

Step 2- Choose the right images

Make sure you're using beautiful images in your presentation. If you're not sure how to find free images for your presentation, read my article on how to find and use a creative commons licensed image using Google.

Step 3- Embed links/call to actions and publish it

The best thing about SlideShare presentation is that you can embed links and even call-to-action buttons into your presentation. When all are set, you can move ahead and publish your first presentation. Once it is live, start promoting your presentation on social media and other channels.

2. Driving traffic from StumbleUpon

When I tell someone that StumbleUpon has the potential to drive massive traffic, I'll often get asked- do people still use StumbleUpon? Is StumbleUpon still capable of driving traffic to your blog as in the early days?

The answer is yes. Some of my recent posts have attracted hundreds of stumbles from SU.

In fact, various studies show that SU can provide 3 times more traffic than Reddit and is capable of driving more traffic than Google+ and LinkedIn combined.

Without taking a lot of efforts, how can you still drive traffic to your blogs using StumbleUpon?

By spending a few bucks on advertising. Now you might be asking- is it worth spending money for advertising on SU to drive traffic? Let'look at it this way- would you rather test the so-called recommended tricks on StumbleUpon, only to end up with disappointment down the track or spend a few bucks and multiple the traffic to your blog? When done right, advertising can open a steady stream of reliable traffic from StumbleUpon to your blog

What kind of content works on StumbleUpon?

People visit SU to discover all types of content. However, not all types of content can drive an enormous amount of traffic to your blog. Below are a few types of sure-fire content on SU.

Epic tutorials

Entertaining videos

List posts

Beautiful images and infographics


Driving traffic from SU- step by step guide


Step 1- Create the content to promote (blog posts, video, infographics)


Now you know what types of content works well on SU. Before jumping in to create content and promoting it by advertising, it is always better to conduct a demographic research on SU interest groups. Look at the stats, learn what the hot topics are and build content that is optimized for SU sharing.


You can also try creating a customized landing page specifically for StumbleUpon audience and start driving traffic to it. If you're on WordPress, simply install a landing page plugin and start creating a StumbleUpon optimized landing page on your website.


Step 2- Spend a few bucks to promote your content


Once the content is created, it is the time to promote it through advertising.


Step 3- Evaluate your advertising campaign


The goal of the campaign is to drive earned visits not the paid visit. If the campaign doesn't work well to drive traffic organically, you'll need to check why it doesn't produce the results that you were looking for. Rinse your strategy and repeat it.


3. Drive traffic from Facebook using Retargeted pixels


If you've been promoting your blog posts using a Facebook page for a while, you might have noticed the decline in the reach of Facebook posts. There can be many reasons for the fall. Whatever the reason maybe, undoubtedly, now it becomes harder to improve the reach for free because there's more competition in the News Feed than ever.


As a sure-fire method you can use advertising to improve the overall reach of your Facebook page. Again, it is always better to spend a few bucks to increase the reach than letting your Facebook traffic die by testing all sorts of tricks that won't help.


What kind of content works on Facebook?


When it comes to sharing posts on Facebook, a general rule of thumb is to make your posts stand out in News Feed, so it grabs the attention of the users easily. Like any other social network, rich media like photos and videos get more attention on Facebook than any other types of content.


However, if you're looking to build traffic to your blog posts, you'll need to focus on sharing links and constantly reviewing the performance using Page Insights.


Increasing the reach and driving traffic from Facebook


Facebook offers different types of advertising options. Since our goal is to drive more traffic to your blog and ultimately increase the reach, you can try boosting your posts, which is also the easiest way of advertising on Facebook. All you need to do is to click on the Boost Post option in the lower right corner of your post. You'll be asked to choose from advertising to people who liked your Page and their friends, people you choose through targeting


You can choose the second option and set up a retargeting pixel on your blog, which allows you to target the audience on Facebook who has previously visited your blog. Which one is your favorite traffic generation method? Share your thoughts with us in the comments section.

Full blog post at: https://www.todhost.com/blog/website-security/241-guard-your-website-reputation-stay-protected-with-ssl

SSL or Secure Sockets Layer is a standard technology for establishing an encrypted connection between a web server (host) and a web browser (client). Using an SSL secured connection between the two makes sure that all the data passed between them remain private and intrinsic. SSL is an industry standard and is used by websites to protect their online transactions with their customers. If you have ever visited a website using the https:// in the address bar you were creating a secure connection via SSL

Since the announcement by Google that it was including the https protocol as a ranking factor, webmasters have scrambled to get SSL for their sites in other to gain the anticipated Search Engine Result Pages (SERP) advantages.

Whatever you think about Google's approach and position on SSL, implementing HTTPS on a website do offer some benefits and we can take look at a few of them.

Credit: https://www.todhost.com/blog/website-security/240-6-steps-to-clean-and-harden-your-wordpress-website-security-with-the-free-sucuri-plugin


If your WordPress website has been hacked, or you need to strengthen your security to prevent a hack, then this tutorial will be a good guide. There are several ways to harden your WordPress website security and you never will be able to discuss all in one short post as this one.

Sometimes, implementing a combination of strategies can be a good option. In this post, we will look at steps that will help clean and strengthen the security of your website using the Sucuri security plugin.

This plugin will be useful to Identify, remove, and harden your site even after a hack.

Sucuri has devoted years to helping WordPress administrators identify and fix hacked websites. We have put together this guide to help website owners walk through the process of identifying and cleaning a WordPress hack. This is not meant to be all encompassing guide, but if followed should help address 70% of known infections common with WodPress websites. A lot of the guidance is built on the use of the free Sucuri WordPress security plugin.

1.1 Install the Sucuri Plugin

You will begin by installing the free Sucuri plugin. If your WordPress site has been hacked, the free security plugin can help you identify which areas need to be cleaned.
Sucuri actively maintains a free WordPress security plugin with features to enhance security and identify indicators of compromise. This tool will help you perform most of the steps in this guide.

How to install the free Sucuri security plugin:

Log into WordPress as an admin and go to Plugins

Type Sucuri Scanner into the field.

Click Install Now next to Sucuri Security - Auditing, Malware Scanner and Security Hardening.

Activate the plugin.

1.2 Scan Your Site

You can use the Sucuri plugin to scan your site to find malicious payloads and malware locations. Finish all three steps instantly with this affordable, industry-leading WordPress security plans.

Clean Your Site

To scan WordPress for hacks using the Sucuri plugin:

Log into WordPress as an admin and go to Sucuri Security Malware Scan.

Click Scan Website.

If the site is infected, you will see a warning.

If the remote scanner isn't able to find a payload, continue with other tests in the section. You can also manually review the iFrames / Links / Scripts tab of the Malware Scan to look for unfamiliar or suspicious elements.

If you have multiple websites on the same server we recommend scanning them all (you can also use SiteCheck to do this). Cross-site contamination is one of the leading causes of reinfections. We advise every website owner to isolate their hosting and web accounts.

The Malware Scan feature is a remote scanner that browses the site to identify potential security issues. Some issues do not show up in a browser, instead, they manifest on the server (i.e., backdoors, phishing, and server-based scripts). The most comprehensive approach to scanning includes remote and server-side scanners.

<p style="text-align: justify;"><strong>

1.3 Check Core File Integrity

Most core WordPress files should never be modified. The Sucuri plugin checks for integrity issues in the wp-admin, wp-includes, and root folders.

How to check core file integrity using the Sucuri plugin:

Log into WordPress as an admin and go to Sucuri Security > Dashboard.

Review the Core Integrity section for the current status.

Any modified, added, or removed files could be part of the hack.

If nothing has been modified, your core files are clean.

Note: You may want to use an FTP client to quickly check for malware in directories like wp-content. We recommend using FTPS/SFTP/SSH rather than unencrypted FTP.

1.4 Check Recently Modified Files

You can identify hacked files by seeing if they were recently modified using the audit logs from the Sucuri plugin.

How to check recently modified files using the Sucuri plugin:

Log into WordPress as an admin and go to Sucuri Security > Dashboard.

Review the Audit Logs section for recent changes.

Unfamiliar modifications in the last 7-30 days may be suspicious.

Also read; How A Plugin Installation Can Crash Your Wordpress Website

1.5 Confirm User Logins

You can review the list of recent user logins to check if passwords have been stolen or new malicious users have been created.

How to check recent logins using the Sucuri plugin:

Log into WordPress as an admin and go to Sucuri Security> Last Logins

Confirm the list of users and the time they logged on.

Unexpected login dates/times could indicate a user account has been hacked.

Also read: WordPress Maintenance Tasks You Need to Perform Regularly

General Guide to a Strong WordPress Website Security

Here are some 4 basic steps we have recommended as necessary to secure your WordPress website:

1. Use HTTPS Domains

A secure socket layer can make sure that the information traveling from your site goes directly to the person accessing it. These secured websites are often identified by the HTTPS in front of the domain name. This denotes the site is secured through encryption and is next to impossible to intercept. With SSL, you build customer confidence.

Encrypting the information sent to your visitors eliminates the risk of compromised data transfers. This keeps information safe from snooping while reducing the risks of stealing login credentials. In this environment, by using an SSL on your site, you are helping yourself as well as those who visit your website.

NOTE: Using the HTTPS solution for domains doesn't mean that you are hack-proofing your website. In fact, these focus more on encrypting data transfers from your pages to the visitor. However, it does prevent others from spying on that data transmission and accessing the visitor's login credentials. This information could be used to gain access to the site in order to find other exploits. It's like putting a curtain around an ATM machine. This would give privacy as well as stop someone from looking over a person's shoulder to see the pin code.

2. Index Pages In All Folders

Folders that do not have an index.html page will display contents such as other folders and file systems. This will show the average visitor what exactly is in your website's structure. If you're trying to hide an admin folder or other piece of information, these areas can give hackers a way to identify access points.

This is an easy hole to plug for the most part. A blank index.html will prevent browsers from stumbling across a folder without a page. You will want to check all of your folders to make sure there is a index available. If there isn't one, you can create this using text editor software such as Notepad. Save a blank document as index.html and upload it to the folder in question.

Most attacks are performed on those who are easy targets. Unless you operate a high-risk or very public website, most hackers will quickly give up on something that shows any kind of a resistance. Although this measure won't absolutely stop those who are determined to access your site, it does act as a deterrent. It's a bit like posting a sign in your lawn that says your home is being monitored. Most criminals will move on because the risk is too great for an unknown reward.

3. Routine Tests for Vulnerabilities

The more popular your website becomes, the greater the threat could be for security. By using a cyber-security organization or even security plugins to test your site's functionality, you can address exploits quickly. Usually, these companies and plugins have extensive tools and capabilities that are used to test the limits of your website. When considering the alternatives, having security measures such as these can be enlightening for finding its week points.

Penetration Attempts

An extremely useful procedure is that of penetration analytics. Essentially, you'll hire a cyber security company or use high-end software with the sole purpose of hacking your own site. Since youam're in control during this procedure, there is less of a threat when discovering the holes in security. The resulting reports will show you the weak spots in your site and how to seal them up.

Validate All Code

Preventing cross-site scripting can save your visitors a great deal of trouble. This is done when someone visits a page that has been injected with a JavaScript payload. This payload can contribute to a variety of problems such as impersonating a user through the use of cookies or play into remotely activating things such as webcams and microphones. Have security software routinely check your website can eliminate the threat of XSS attacks such as these. By making sure the coding is constantly legit, you can improve online privacy protection for your visitors.

4. Deny Access Through .htaccess

This had been one of the strongest approach to website security. The .htaccess file can be used to help eliminate access to your login page from any IP address other than your own. Although there are ways to circumvent this measure, it's still a very useful stopgap to prevent those looking for an easy target. This kind of a method is ideal for websites that use WordPress or other content management system. You can edit the .htaccess file with Notepad or use your online editing system such as that provided by cPanel. In the .htaccess file located in your admin folder, enter in the following:

order deny, allow

deny from all

allow from Bleep.Bleep.Bleep.Bleep

In place of the X, use the connection IP address that is assigned to you b your Internet service provider. In the event you have others working on the site with you, simply add another allow from line under the first with their IP addresses as well.

The downside to this method is that you must keep it updated should your IP address change. Not everyone pays for a static IP address, and many ISPs will change the number you use once every eight days or so. One way to get around this problem is to only input the first two series of the IP address. For example, 123.456. This will allow you to continue accessing those pages from that specific ISP. You can use this method to protect your folders/directories by adding the code above in all folders. Remember that you have to create the .htaccess file before adding the above restriction through the htaccess file.

WordPress is an extremely good platform for blogging well coded and light. However, to improve website functionality, a lot of plugins are used. Sometimes, these plugins are poorly coded and are not updated to match up with WordPress updates and so the have compatibility issues. Messing up with WordPress installations by installing tons of low-quality plugins can be a huge problem.

Now, let's re-focus our attention on the main issue. You need to understand that speeding your WordPress website is not just limited to having good plugin or running on a good web host, there are tweaks to performance plugins and the WordPress installation itself as well other practices that will enhance the performance of your WordPress website in terms of speed.

There are a few techniques you can always leverage on to optimize and speed up WordPress sites. We will have to look at a few of these techniques you can use to improve the performance of your WordPress website.

1: Consider A Good Web Host

Optimizing our WordPress website will be more useful to you only after you have checked and have been sure that the slow speed is not a problem with your web host. We have had the opportunity of optimizing websites for other people not necessarily hosted on our platform. In some cases, we found that some web hosts will load thousands of websites on a single shared server and the server becomes extremely slow

Before you choose a web host, it is always a good idea to check up popular reviews on Google and web hosting forums.

2: Choose a Fast Theme/Framework

Some WordPress themes are actually not so impressive when it comes to speed. Working with a WordPress theme that is not so well coded can be a problem. You need check up what other users of any theme or framework have to say about it before you decide to use or not to use. If you choose to use a theme that is packed with lots of additional features that you don't need, it'll negatively impact your site performance.

What is a Fast Themet

Generally speaking, if a theme loads in less that 2 seconds, then it can be taken as good speed. Below 3 seconds is not so good and anything above 5seconds should be considered problematic. Be mindful of theme coding - too much PHP, JavaScript, Iframe isn't good for your site's speed.

WordPress themes by default are incredibly well-coded, light-weight, very fast and easily customizable. If you can handle a little bit of code or hire a developer, choose one of those to build something great on top of them.

3: Install A Caching Plugin

One of the most effective ways, after having to run on a good web host, that will certainly improve the performance of your WordPress website in terms of load times is to install a caching plugin. As soon as you install a plugin like W3 Total Cache or WP Super Cache, you'll be able to tell that your site loads faster.

Having a plugin to handle your website cache helps speed up your website tremendously. The cache files are lie static pages served to users and visitors to your website. Instead of loading your entire website along with the functionalities loaded on the site every time a visitors comes by, the server will serve a cached copy speedily and that speeds up the load time. Caching greatly reduces MySQL database access, number of PHP requests, server access for static resources, and even HTTP requests (in case of combining multiple files into one).

4: Try a CDN to Speed Up WordPress

With a CDN. You actually offload the static resources of your site, like images, scripts, css files, can speed up your site. The benefit is that those resources will load faster for visitors, if you use a CDN, your primary server will have less load to handle and thus will deliver significantly better performance while serving the rest of your site.

A CDN is a content delivery network. There are quite a few Content Delivery Networks out there but MaxCDN is quite easy to setup with WordPress. It is also easy to set it up within 5 minutes using a caching plugin like W3 Total Cache.

5: Enable Gzip Compression

You need to enable this feature to take advantage of its benefits. Enabling GZIP will serve compressed versions of your site to your visitors, they are less in size and will generally load a lot faster.

Gzip Compression

The best option will be to enable Gzip compression straight from cPanel (if your host offers that) if you're on a shared server. You can enable Gzip compression using a plugin like W3 Total Cache.

There are also a few tweaks that allow you to enable it from your .htaccess file. You can simply add this line of code to the beginning of your .htaccess file to enable server-level Gzip compression for a few known file types:

AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript application/javascript application/x-javascript

6: Install Only Well-coded Plugins

There are tons of WordPress plugins available out there. Some of them are actually not so well coded and some are not compatible with current version of WordPress because they have not been updated for some time. We recommend that only plugins that are optimized for the latest version of WordPress which don't slow your site down should be installed.

You should perform some research before installing a plugin. Poorly coded plugins do not only slow down your website, they mess up with the functionalities of other plugins and your WordPress installation.

7: Always Perform Routine Maintenance on Your Plugins

You need to check up the status of your plugins from tome to time. The fact is that when new versions are released, they often address some bugs and compatibility issues. Just the same way you maintain your WordPress website, also give some time to maintain your plugins.

Plugin maintenance is of very serious importance because if you don't keep your plugins and WordPress itself updated, chances are that your site will get hacked.

Another good practice is to ensure that you disable or delete the plugins that you don't use.This has been recommended for security reasons. Having loads of unused plugins especially the ones that are un-updated is only to increase the security vulnerabilities for your website.

8: Keep Your Database Optimized

Keep your database clean. You cab do this on a WordPress website directly for MySQL database directly from PHPMyAdmin, or by using a plugin like WP-Optimize or WP-DBManager.

These plugins are capable of deleting all your pending spam comments, trashed posts, auto-saved drafts, post revisions to name a few. They can also perform general MySQL database optimization queries without requiring that you access PHPMyAdmin.

9: Optimize Uploaded Images

Images represent one of the heavier elements of your site. There are a few ways you can optimize your uploaded images.

The first thing you can do is to specify the maximum image dimensions for thumbnail, medium, and large sized images. That means, if you upload an image 1024px wide, and your content area is only 604px wide, normally the image will be scaled down using CSS. When you specify the maximum width of your large images as 604px, it'll then display the pre-resized, 604px wide image, which will be significantly smaller in size.

he second thing you can do is to reduce the sizes of your uploaded images without resizing them, or messing with their quality.

10: Replace PHP with HTML Wherever Possible in Your Code

This is for the great guys who understand coding. If you are not sure of your capacity to play with codes, do not try this option.

11: Delete Old Post Revisions

You really do not need lots of revisions. When you find them no longer useful, it isn't a bad practice to simply delete them.

Fortunate, in WordPress, there is a Revision Control plugin which allows you to remove old post revisions from your WordPress database, making it considerably smaller, and your site becomes faster.

12: Reduce Spam - Speed up WordPress

Spam comments can take up some significant space in your database. You should setup the pre-installed Akismet plugin properly to catch those comments and prevent them from going live on your site, and additionally to discourage spammers from posting them in your site in the first place.

13: Turn-off Trackbacks and Pingbacks

Trackbacks and Pingbacks aren't very good for your site speed. What happens is that whenever someone links to you, a trackback gets created, utilizing server and database resources.

So you can simply disable trackbacks and pingbacks from WordPress Discussion Settings.

Credit: https://www.todhost.com/blog/seo-basics-the-first-steps-to-higher-rankings-in-search-engines.html


Generating website traffic is such a crucial and important task for every webmaster. In some cases, not being able to generate traffic creates a problem and could lead to the failure of an online project. Generating natural, organic traffic is a sure way to remain in business and be very relevant. Quite often you will hear website managers asking the question: How do I get traffic to my website?

Being able to generate traffic for a website requires addressing and properly configuring certain key areas of your website. This is the basic aspects of search engine optimization outside improving the speed of your website. To best discuss this topic we should break this down into categories.

1. Title Tags

The title Should contain keywords and keyword phrases that are important to your site. Our recommended maximum number of characters for this tag is 60. Todhost tries not to go beyond 55 characters. When counting your characters remember that spaces are considered as well. Titles should appeal to the reader otherwise even a top position will lose a lot of clicks. For example, shoes, Nike shoes, best shoes, review shoes is unlikely to induce a click. What may induce a click would be like: Shoes - Find out the latest styles on branded shoes.

2. Description

The maximum number of characters SEO experts recommend for this Tag is 150. Any longer than this and it will only be cut off and may count against your site being listed high in the search engines. Try to repeat your keywords that you used in your title in a proper sentence and in 3rd party. Avoid words like I, Me, Myself etc.

3. Keywords

For keywords, it is simply not necessary because Google has said it is no longer used in ranking websites.. However, the use of keywords may still help the search engines understand your website's primary focus. When used, our recommended maximum number of characters for this tag is 250. Any more than that may be considered spamming. Keep your keywords focused upon what your site is about. Google has said the keyword metatag plays no role in determining how websites are ranked.

Don't think that if keywords should be used on an assortment of different keywords, your site will be a seller. Targeted marketing is associated with your keywords.

4. Keyword Nesting

Description: A term used in searching to indicate the sequence in which operations are to be performed. Enclosing words in parentheses identifies a group or nest. Groups can be within other groups. The operations will be performed from the innermost nest to the outmost, and then from left to right. keyword nesting is nesting your top 5 most important keywords in the html page that the public will see. I would recommend using the keywords that you've used in your title, description.

5. Head Tags not to be confused with (head) tags def.

HEAD or HEADER (of HTML document)

The top portion of the HTML source code behind Web pages, beginning with and ending with . It contains the Title, Description, Keywords fields and others that web page authors may use to describe the page. The title appears in the title bar of most browsers, but the other fields cannot be seen as part of the body of the page. To view the portion of web pages in your browser, click VIEW, Page Source. In Internet Explorer, click VIEW, Source. Some search engines will retrieve based on text in these fields.

Head Tags should be a repeat of your title tag. Most webmasters put their head tag right after the body tag. A head tag will look like this (h1) (/h1) with the ( and ) being replaced with &.

6. Anchor Links
Anchor Links is one of the most important html tags that your site needs to gain search engine page rank especially in Google and msn.

Credit: https://www.todhost.com/blog/web-hosting-tips/233-7-simple-steps-that-will-help-you-optimize-your-blog-posts


In today's competitive world of the internet coupled with the dynamics of search engine algorithms, Search engine optimization (SEO) is incredibly important and will likely be of increasing importance to marketers and website owners. When you optimize your web pages -- including your blog posts -- you're making your website more visible to people who are looking for keywords associated with your content and posts, brand, product, or service using popular search engines like Google.

But this is not an easy task and it can really be a huge and very technical task to master with Google's continuous and significant algorithm updates.

This post will attempt to provide a guide on what matters and what doesn't. What are today's blog SEO best practices, and what's considered old-school. In this post, we'll cover how to optimize your blog posts for the targets you care about, along with a few other optimization tactics you should keep in mind.

How to Search Engine Optimize Your Blog Content

1) Focus on 1-2 long-tail keywords.

Optimizing your blog posts for keywords is not about incorporating as many keywords into your posts as possible. Turns out that'll actually hurt your SEO because search engines will think you're stuffing your post with keywords (That is, including your keywords as much as possible with the sole purpose of gaining ranking in organic search).

But that's not cool with search engines, nor does it make for a very good reader experience. Instead, you should use keywords in your content in a way that doesn't feel unnatural or forced.

A good rule of thumb is to focus on one or two keywords in each blog post. This will help keep you focused on a goal for your post. While you can use more than one keyword in a single post, keep the focus of the post narrow enough to allow you to spend time actually optimizing for just one or two keywords.

Using long-tail keywords may be more efficient to this end, since website visitors searching long-tail terms will often be more qualified. In other words, you'll bring in the right type of traffic -- visitors who convert -- by using long-tail keywords.

2) Include these 1-2 keywords in specific parts of your post.

Now that you've got your one or two keywords, it's time to incorporate them into your blog post. Where are the best parts of your posts to include these terms so you rank high in search results?

There are four essential places where you should try to include your keywords: headline, headers and body, URL, and meta description.

a) Title

The title (i.e., headline) of your blog post will be a search engine's and reader's first step in determining the relevancy of your content, so including a keyword here is vital.

Be sure to include your keyword within the first 65 characters of your headline, which is just about where Google cuts it off on search engine results pages (SERPs). Technically, Google measures by pixel width, not character count, and it recently increased the pixel width for organic search results from approximately 500 pixels to approximately 600 pixels, which translates into around 65 characters.

Long title? When you have a lengthy headline, it's a good idea to get your keyword in the beginning since it might be cut off in SERPs towards the end, which can take a toll on your post's perceived relevancy. In the example below, we had a long title that went over 65 characters, so we front-loaded it with the keyword we were trying to rank for: on-page SEO.

b) Headers

Try to mention your keyword throughout the body of your post and in the headers. That means including your keywords in your copy, but only in a natural, reader-friendly way. Don't go overboard at the risk of being penalized for keyword stuffing. Before you start writing a new blog post, you'll probably think about how to incorporate your keywords into your post. That's a smart idea, but it shouldn't be your only focus, nor even your primary focus.

Whenever you create content, your primary focus should be on what matters to your audience, not how many times you can include a keyword or keyword phrase in that content. Focus on being helpful and answering whatever question your customer might have asked to arrive on your post. Do that, and you'll usually find you naturally optimize for important keywords, anyway.

c) URL

Search engines also look to your URL to figure out what your post is about, and it's one of the first things it'll crawl on a page. You have a huge opportunity to optimize your URLs on every post you publish, as every post lives on its own unique URL -- so make sure you include your one to two keywords in it.

Also read: An SEO Guide on the Top 3 Factors That Guarantee Success For Every Website

d) Meta Description

Your meta description is meant to give search engines and readers information about your blog post's content -- so be certain to use your long-tail term so Google and your audience are clear on your post's content. At the same time, keep in mind that the copy matters a great deal for click rates -- the more engaging, the better.

3) Make sure your blog is mobile-friendly.

It's been over a year since Google revealed that more people use the search engine on their mobile phones than on desktop. And for all those valuable search queries being done on mobile, Google displays the mobile-friendly results first. This is yet another example of Google heavily favoring mobile-friendly websites, which has been true ever since the algorithm updates of April 2015 and March 2016.

While responsive design and mobile-friendly websites have always been important for user experience, they're becoming more and more important for SEO as well. So if you haven't been focusing on improving your mobile experience, you'd better prioritize it now, or your search rankings could suffer.

If your website uses responsive design, your blog pages will only have one URL instead of two different ones -- for desktop and mobile, respectively. This helps your post's SEO because any inbound links that come back to your site won't be divided between the separate URLs. Any SEO power you gain from these links will be centralized, helping Google more easily recognize your post's value and rank it accordingly.

4) Optimize the meta description

To review, a meta description is the additional text that appears in SERPs that lets readers know what the link is about. The meta description gives searchers information they need to determine whether or not your content is what they're looking for, and ultimately helps them decide if they'll click or not to click.

In addition to being reader-friendly (compelling and relevant), your meta description should include the long-tail keyword you are trying to rank for, because if we're doing blogging right, that keyword is representative of the contents of your post.

Note, it's not guaranteed that your meta description is always pulled into SERPs as it once was. More and more, Google has been pulling in other parts of your blog post that includes the keywords searched, presumably to give searchers optimal context around how the result matches their specific query.

The second is a result of the query 'noindex, nofollow" and pulls in the first instance of these specific keywords coming up in the body of the blog post

While there's not much you can do to influence what text gets pulled in, you should continue to optimize your post for readability (see above). By creating reader-friendly content with natural keyword inclusion, you'll make it easier for Google to prove your post's relevancy in SERPs for you.

5) Optimize your images.

Blog posts shouldn't only contain text -- you should also include images that help explain your content. But search engines don't just look for images. Rather, they look for images with alt text.

Because search engines can't see images the same way humans can, an image's alt text tells them what an image is about -- which ultimately helps those images be found in search. Alt text also makes for a better user experience, as it'll display inside the image container when an image can't be found or displayed, and can also improve accessibility for people with poor vision who are using screen readers.

Technically, alt text is an attribute that can be added to an image tag in HTML

Adding keywords to your alt text may seem minor -- and it isn't going to impact your search rankings as much as other things on this list. But it is worth the extra minute it takes to change the name from IMG23940 to something accurate and descriptive, like puppies-playing-in-basket

6) Don't use too many similar topic tags.

Topic tags can help organize your blog content, but if you overuse them, they can actually be harmful. If you have too many similar tags, you may get penalized by search engines for having duplicate content.

Think of it this way: When you create a topic tag, you also create a new site page where the content from those topic tags will appear. If you use too many similar tags for the same content, it then appears to search engines as if you're showing the content multiple times throughout your website. For example, topic tags like blogging, blog and blog posts are too similar to one another to be used on the same post.

If you're worried that your current blog posts have too many similar tags, take some time in the near future to clear them up. Choose about 15-25 topic tags that you think are important to your blog and that aren't too similar to each other, and then only tag your posts with those keywords. That way, you won't have to worry about duplicate content.

7) Use URL structures that help your visitors.

The URL structure of your web pages (which are different from the specific URLs of your posts) should make it easy for your visitors to understand the structure of your website and the content they're about to see. Search engines favor web page URLs that make it easier for them and website visitors to understand the content on the page.

Note that this list doesn't cover every single SEO tactic under the sun. Rather, these tips are meant to get you started with improving SEO for your blog in particular.

Read full blog post at: https://www.todhost.com/blog/digital-marketing-seo/232-a-detailed-guide-and-strategy-for-digital-marketing


One study on consumers by ofcom indicates that People spend twice as much time online as they used to 10 years ago. With the introduction of tablets and growing use of mobile phones to surf the net, the face and strategies for digital marketing has changed significantly.

Digital marketing is all about providing value for consumers using an online medium. This also means the offering has to be communicated to the target users or consumers using the right channels. Marketing has always been about connecting with your audience in the right place and at the right time. Today, that means that you need to meet them where they are already spending time: on the internet.

Also read: Useful URL Structuring Tips That Will Help Higher Ranking

So, essentially, digital marketing is any form of marketing that exists online.

Digital Marketing Explained

Digital marketing is an umbrella term for all of your online marketing efforts to deliver value to your customers. The reward are satisfaction and profits for your organization and business. Businesses leverage digital channels such as Google search, social media, email, and websites to connect with current and prospective customers.

From your website itself to other online branding assets -- digital advertising provide a huge spectrum of tactics and assets for business growth and goal achievement.

Credit: https://www.todhost.com/knowledgebase/819/How-to-Install-and-Setup-Your-Premium-WordPress-Theme.html


WordPress is an excellent web development tool and still remains the most popular content management system. If you have chosen to build your website with WordPress, that is great. After your installation, you will definitely be concerned about the look and feel of your website. This may require you to install and setup a premium WordPress theme or do some configuration if you are good at that. The easy way will surely be to premium theme that suits your purpose and implement on your website. This post takes you through how you can install a premium theme and the basic configuration you need on your premium theme after installation.

WordPress isn’t only easy to use for blogging, it also offer tons of fantastic options for design. Most notably, thousands of awesome free and premium themes you can use to customize the look of your website, with just a few clicks of your mouse.

This article will show you how you can easily install a WordPress theme on your existing website. We’ll also be highlighting some of the most common errors folks run into when installing a theme for the first time.

Common errors with WordPress Theme Installation

Before we go further, let us note that it is not possible to install WordPress premium themes from third party developers on .. So if your WordPress installation is on , this guide will not be helpful to you. doesn’t allow you to upload your own themes, you have limit yourself to what is available for free or in their marketplace. So this guide will be useful to you if your WordPress is hosted on a different platform like Todhost Web Hosting.

Getting Started

So, to get started, you need an active web hosting account linked to your domain name. Todhost Web Hosting offers affordable hosting options with 1- click WordPress installation. Todhost offers a Managed WordPress hosting where we manage your server side settings for you.

Now, let's get down to WordPress theme installation on host WordPress website.

Option 1: Install your theme through WordPress

If you’ve purchased your premium theme from our preferred developer, you will need to download the theme file before you try and install it.

Common error: Downloading the wrong theme zip file.

There will be certainly a problem if you download all files instead of the theme only. If you download a quickstart or self installer file, what it means is that you will have to install it lie a full WordPress install..

Common error: Zip file won’t download

It’s possible that you have your computer setup to automatically unzip files when you download them. You cannot install a regular folder in WordPress. If this is the case remember to right click and “Compress” your theme before moving onto the next step and installing it.

Backup Your WordPress website

Before you actually get started with installing your premium theme, mae sure your website is backed up to keep it safe, just in-case anything goes wrong and you want to return to the functional state your website was before your installation..

Next: Log into your WordPress installation and before you do anything else make sure WordPress is up to date. Okay – this might not effect the installation of your WordPress theme but it’s an important security step.

Now that you’re sure you’re running the latest version of WordPress, navigate to Appearance > Themes and click the “Add New” button at the top of the window. Then click the “Upload Theme” button.

Click the “Browse…” button and select the zip file you previously downloaded. Click “Install Now” and then wait a minute while WordPress completes the installation. Once the theme files have been completely uploaded just click the “Activate” button.

Common error: Stylesheet is missing

If after clicking “Install Now” you see an error that “The package could not be installed. The theme is missing the style.css stylesheet,” this happens if you probably didn’t follow our instructions from step 1. You more than likely downloaded all the files or quickstart files instead of the the theme. Go back and double check that you’ve downloaded the correct file.

Common error: Are you sure you want to do this?

After browsing for your theme and clicking the “Install Now” button, it’s possible your WordPress installation will ask “Are you sure you want to do this?” This could be due to the fact that you are trying to install the wrong zip file (remember – you have to instal the theme file only”) or it’s possible the upload limit on your server isn’t large enough for the installation to go on successfully.

If it’s the latter, you’ll need to contact your hosting company to have them increase it, or do it yourself by accessing your PHP.INI file via FTP or using the cPPanel filemanager and increasing the upload_max_filesize value.

Common error: White screen

If you attempt to install your theme, and end up on a white screen of death (you know, the WordPress version of the Windows blue screen of death) you probably need to make a tweak to your server. The most common cause of this error is that your server’s memory limit to PHP is too low. To solve this either: Contact your hosting provider to have them increase your memory limit. Todhost customer suport will always do this for you or, access your hosting cPanel to increase your memory limit.

Increase your memory limit yourself via FTP or in cPanel filemanager by adding the following code to the bottom of your wp-config file (right before “That’s all, stop editing!”): define( ‘WP_MEMORY_LIMIT’, ‘256M’ );

Option 2: Install your theme via FTP/SFTP

You can also install your theme via FTP/SFTP.. It's pretty simple and you just follow these simple instructions.

First, you need to install a FTP (file transfer protocol) solution – we like WS-FtpPro by Ipswitch or FileZilla (they are both free). Once you’ve got it installed, open up your app to connect to your server. You will also need to be logged into your hosting account to gather the following information:

Name: Give your server a nickname that you’ll remember (especially if you plan on connecting to multiple sites)
Where: Choose a location for your server (favorites just happens to be my default FTP/SFTP folder).
Protocol: This will depend on which options your host provides for you to connect to your server. Go to your hosting account and locate your FTP/SFTP settings. This will vary based on your host. These information are contained in the information you received when your web hosting account was created. You can still retrieve them fromyour Todhost client area or contact customer support.
Server: Enter your domain name (the server url address) here.
Username & Password: This will either be provide by your host in the FTP/SFTP settings or you’ll have the option to create your own new ones. Copy and paste them over.
Port: Be sure you’re set to use the same port as specified by your host – you may not need to change this.

Once you’ve added all the required information, save your server, then click to open it and browse to your wp-content/themesfolder.

Next you’ll need to download your WordPress theme which we covered in detail up above in the “installing your WordPress theme via WordPress” section. Please make sure you’re downloading the “theme file only.”

With FTP/SFTP you’ll need to unzip the that file you just downloaded (it should look like an open folder icon). Then upload the extracted theme file.

Now log into your WordPress installation and navigate to Appearance > Themes and click to activate your theme.

Common error: Wrong theme file/folder

When installing via FTP, it’s very important to be sure you upload only the theme file onto your server. A zipped file won’t work this time! Check that you’ve remembered to unzip your download. And, also double check that you’re uploading the correct theme only folder. You may have accidentally downloaded the full WordPress installation package and anything else.

That’s all. You now know how to install a premium WordPress theme for your website. At this point, you ma proceed to customize and make some required security changes.

Read full blog post at: https://www.todhost.com/blog/digital-marketing-seo/231-27-free-wordpress-seo-plugins-that-will-improve-your-website-search-engine-rankings


The most critical success determinant of every website is its ranking in the search engines, particularly the Google Search Engine Result Pages (SERPs). High rankings come as a result of quality content that is highly sought after. Some website managers have also enhanced their rankings by using the best plugins for search engine optimization. Today, the importance of SEO for businesses has become more monumental.

Below are 27 of the best free WordPress SEO plugins you will find helpful to get your content kick-started on the search engines.

1. Google XML Sitemap

The first part to marketing a website and getting the attention of search engines is the sitemap. Google XML Sitemaps is a free plugin that is active on more than one million installations of WordPress.

A sitemap tells search engines where to look for content. This plugin will automatically create it for you. All you need to do is activate the plugin and modify which of your posts and pages to list in the file.

Making sure content is indexed in Google is important as one in every six people use it throughout the year.


Read full blog post at: https://www.todhost.com/blog/digital-marketing-seo/231-27-free-wordpress-seo-plugins-that-will-improve-your-website-search-engine-rankings

Credit: https://www.todhost.com/blog/digital-marketing-seo/230-does-domain-age-and-registration-period-affect-seo


Search Engines are never so generous about all the factors that come to play in determining and ranking websites. There had been a lot of research that give us a clue on what the ranking factors are but we have never gotten a comprehensive guide from Google on the specifics.

But this a very critical factor for every website owner who is serious about ranking well on serach engne result pages. There had been some agreement on the importance of certain factors like domain and link popularity but there still exist much debate over factors like age of domain name and registration perion. That will be the focus of this post: does age of domain name and the registration period affect website ranking?

What is meant by Age of Domain Name

By age of domain name, we are referring to how old is the domain name. A domain name that was registered in 2010 would be 6 years old in 2016. So the age of domain name represents the duration or period the domain has been in existence.

What is Registration Period?

This means the period, in years, it will take for the domain to expire. So, if in October 2016, you register a domain for 3 years, it means the domain will expire in October 2019 and the registration period will be 3 years.

The focus of this post is to determine how these two factors affect the ranking of websites.

The opinion of SEO experts on the effect of these two factors differ. Many SEO's advice support the position that both domain age and length of registration effect search engine rankings. While others do not. This debate has been going on for years.

Does Domain Age Affect Ranking?

Google's Matt Cutts says SEO practitioners should not worry about domain age and its effects on SEO. Matt Cutts is Google Engineer and spokesman. He dispels some myths and sets the record straight on the importance of domain age for good search engine rankings.

The popular belief has been that older domains do better in search results and are given extra favor due to their age. The idea is that an older domain that has been established has earned a greater level of trust with Google than a younger domain that is not as established. Matt admits that this is true to a point, but domain age is an insignificant factor that really carries very little weight in the Google algorithm.

Matt then goes on to list the ranking factors that are more important for a site to rank well in Google:

Unique, high quality content
The quantity of content
External back-links to your content

Important:Matt Cutts does not out rightly say domain age is irrelevant, he only said you need not worry about that and goes on to list factors that are more important for ranking purposes.

Matt Cutt's position clearly indicates that domain age is a minor signal and we completely agree with that. But we wouldn't agree that it does not matter at all. Infact, each time Matt Cutt says You need not worry about that; it is an indication that you may have touched on a ranking signal. Google appears to have a policy of keeping the ranking signals as confidential as possible.

It is also important to note that if you have a new domain for which you are building relevant links and you do that quite often, often you can outrank an older domain with more links that hasn't added any links or content recently. Google sees your site as being fresher which relates to being more relevant.

Consider for example a domain that is 2 months old and that is referenced by 10 back links. This domain may be scored higher by search engines the one that is as old as 10 years that is referenced by 100 back links because the rate of link growth for the former is relatively higher than the latter. The ration of backlinks for the new domain is definitely more impressive than the ratio of backlinks for the older domain.

However, if you have an older domain age and add frequent and relevant content along with gaining frequent but natural backlinks then it will be very hard the newer domain to overtake the older in rankings.

Domain Registration Length of Time.

This video by Matt Cutts admits that Google uses historical data in ranking. Historical data actually include the registration information.

One thing I have noticed with Matt Cutts is whenever he is asked about a potential ranking factor and his response is I wouldn't worry about that; then you can almost bet that you have nailed a ranking factor.

Danny Sullivan asked if the length of time a domain is registered for matters in search rankings to Matt Cutts directly and this is his response:

To the best of my knowledge, no search engine has ever confirmed that they use length-of-registration as a factor in scoring. If a company is asserting that as a fact, that would be troubling.

All Matt Cutts is saying is that they have never confirmed this to the best of his knowledge. Here is an excerpt from their patent involving the use of historical data in regards to this claim.

These clearly state that Google could use domain data if they wanted to. And in Matt Cutt's video, Google admits to the relevance of historical data.

How do you respond to that, you may ask. The sure thing to do is not to take things forgranted. We will recommend that domains should be registered for at least two years. That is not to say that if you register your domain for 10 years, you will enjoy greater preference. That's not the point made here but if you can do a ten year registration, there is no harm in doing that. A multiple year registration will just be sufficient.

One thing that is clear about Google's position is they will use all data points about your website (or as they say in their patent - document) to build a profile for your site. They will use Chrome browser data, Google Toolbar data, Analytics data, Adsense data, Adwords data and any other data points they can find about how people interact with your website.

What is your idea or experience on this issue? Do you think we have missed anything? Let's have your feedback in the comment box.

Credit: https://www.todhost.com/blog/digital-marketing-seo/227-a-guide-to-google-website-ranking


Search engine ranking is one single determinant of website success that webmasters should take very seriously. Due to frequent changes in ranking factors and algorithm updates, it is good to always keep up with what is and what isn[t a ranking factor in search engines. Here are the latest thoughts by industry experts on search ranking factors and particularly Google Ranking Factors.

Content, Links Building Are the Two Most Important Signals
Eric Enge noted in a post that he participated in a Hangout with Google's Andrey Lippatsev, Search Quality Senior Strategist, who was asked about the top 3 ranking signals, noting that RankBrain was announced as the third most important. I can tell you what they are. It's content and links going into your site, answered Lippatesev.


When you aren't facing page relevance or quality issues, links can, and do, continue to significantly impact rankings.

Backlinks remain an extremely important Google ranking factor, said Brian Dean founder of Backlinko in a recent blog post on Google Ranking Factors. We found the number of domains linking to a page correlated with rankings more than any other factor.


RankBrain - Third Most Important Factor

Danny Sullivan of SearchEngineLand wrote an interesting piece on how RankBrain has now become the third most important ranking factor behind content and links. According to a report onBackChannel RankBrain is being used on almost ALL search queries helping determine the most relevant results and their order:

Google is characteristically getting more difficult to perceive clearly or understand and explain precisely, indistinct or vague.on exactly how it improves search (something to do with the long tail? Better interpretation of ambiguous requests?) but Jeff Dean says that RankBrain is involved in every query, and affects the actual rankings probably not in every query but in a lot of queries. What's more, it's hugely effective. Of the hundreds of signals Google search uses when it calculates its rankings (a signal might be the user's geographical location, or whether the headline on a page matches the text in the query).

RankBrain is now rated as the third most useful.

Click-Through Rate (CTR) is Not a Ranking Factor

We can establish that CTR is not a direct ranking signal for Google. At the same time, it can have an indirect effect, said Eric Enge in a recent video they posted on their marketing website Stone Temple Consulting. Lots of people clicking on a certain result might indicate a real interest in it, and that might mean it's a better result than the result above it. Notice I said "might". That will be important later. Anyway, many people have assumed that search engines like Google would use such a signal, of course, bouncing it off against other signals that it uses in ranking.

So with that answer, one wonders why isn't then CTR a ranking signal? Primarily because Google has told us they don't, commented Enge. He noted that it's simply too easy to game and that it doesn't necessarily mean the user was satisfied with the result. Google uses it internally for studying search behavior but it is not a ranking signal. He provided this chart in a recent blog post. Enge wrote another article about CTR as a (non) ranking factor.

Google Confirms 301, 302, 3xx redirects Do Not Lose PageRank Value

30x redirects don't lose PageRank anymore, Google's Gary Illyes said in a tweet. Eric Enge asked Illyes in a Twitter reply if the redirects are not even a dampening factor? Illyes replied, @stonetemple for PageRank, no.

Local Business Ranking Factors

2016 Quantitative Local Search Ranking Factors Study: If you want your business to rank better in local search results, focus on building popularity for your business, as the results of the study indicate that business popularity seems to outweigh all other factors, most importantly in the form of reviews and quality backlinks to your site. Google Review and Profile View are by far the two most important local business ranking factors.

Dan Leibson, Vice President of Local Product at Local SEO Guide, made a presentation on this study at SMX Advanced 2016.

Mobile-Friendliness - a Ranking Signal on Mobile Searches

Last year, we started using mobile-friendliness as a ranking signal on mobile searches," said Klemen Kloboves, a software engineer at Google, in a Google Webmaster blog post. Today we're announcing that beginning in May, we'll start rolling out an update to mobile search results that increases the effect of the ranking signal to help our users find even more pages that are relevant and mobile-friendly.

Google Now Ranks Mobile Page Speed Separately

Jennifer Slegg of The SEM Post noted that Illyes mention of this at Search Marketing Summit Sydney was the first time that Google confirmed that it indeed plans to make page speed a factor in its next mobile friendly update. Illyes told Jennnifer that the update will be in a matter of months. Illyes has been hinting at mobile friendly sites ranking higher for months.

Google Updates Search Quality Guidelines

We recently completed a major revision of our rater guidelines to adapt to this mobile world, recognizing that people use search differently when they carry internet-connected devices with them all the time, said Mimi Underwood, Sr. Program Manager of Google Search Growth Analysis.

More Causes for Lower Ranking

Enge also says that there are other factors contributing to less appearance of a site on the first page of a Google search result, which is in effect a lower ranking:

More real estate allocated to paid search
More content from other sources, such as image search, YouTube, and the other factors I mentioned above
Some pages that have less than 10 web results
Portions of the web results that are clearly less driven by links, such as local web, query deserves diversity, and in-depth article results

Backlinko Study

The Backlinko Study is unbelievably helpful in understanding all ranking factors, not just the new ones that happened in 2016. Backlinko analyzed 1 million Google search results to answer the question: Which factors correlate with first page search engine rankings?

Backlinko identified 11 main ranking factors that we've summarized below:

Backlinks are still the number one factor in determining search ranking.
Site Authority correlates to ranking.
Tightly focused content ranks better.
Longer content ranks higher.
Sites using HTTPS do better than equal sites using HTTP.
Schema markup doesn't help.
An image in content raises ranking.
Small correlation with title tag keyword optimization and ranking.
Speed is now a huge ranking signal. It matters a lot.
Exact match anchor text has a strong influence.
Low bounce rate improves ranking.

Did we miss anything? Do let us know in the comments box below.

Credit: https://www.todhost.com/blog/digital-marketing-seo/226-a-checklist-against-cybercrime


The following checklist and advice against cyber crime had been created out of a collection of experiences and expert advice. It provides a good measure of what needs to be done to fight cyber crime and some proactive measures needed to stay protected. Our checklist is based on best practices from the 2016 Internet Security Threat Report (ISTR).

Types of Cyber Crimes

Every crime committed over the Internet it is referred to as a cyber crime. There are several forms these crime take. Below are a list of the most common:

Hacking: This is a type of crime wherein a person's computer is broken into so that his personal or sensitive information can be accessed. This is different from ethical hacking, which many organizations use to check their Internet security protection. In hacking, the criminal uses a variety of software to enter a person's computer and the person may not be aware that his computer is being accessed from a remote location.

Theft: This involves the violation of copyrights and downloading of music, movies, games and software. There are even peer sharing websites which encourage software piracy and many of these websites are now being targeted by the FBI. Today, the justice system is addressing this cyber crime and there are laws that prevent people from illegal downloading.

Cyber Stalking: This is a kind of online harassment wherein the victim is subjected to a barrage of online messages and emails. Typically, these stalkers know their victims and instead of resorting to offline stalking, they use the Internet to stalk. Sometimes, they combine offline stalking along with cyber stalking to make the victims; lives more miserable.

Identity Theft: In this cyber crime, a criminal accesses data about a person's bank account, credit cards, Social Security, debit card and other sensitive information to siphon money or to buy things online in the victim's name.

Also read How to secure your website from attacks using the .htaccess file

Malicious Software: These involve the use of Internet-based software or programs to gain access to a system to steal sensitive information or data or causing damage to software present in the system.

Child soliciting and Abuse: In this case, criminals solicit minors via chat rooms for the purpose of child pornography.

How to Check Cyber Crime

Ensure all devices allowed on company networks have adequate security protections.
Use active monitoring and configuration management to maintain an up-to-date inventory of devices connected to the enterprise network. This includes servers, workstations, laptops and remote devices.
Implement a removable media policy.
Where practical, restrict unauthorized devices such as external portable hard-drives and other removable media. Such devices can both introduce malware and facilitate intellectual property breaches, whether intentional or unintentional. If external media devices are permitted, automatically scan them for viruses upon connection to the network and use a data loss prevention (DLP) solution to monitor and restrict copying confidential data to unencrypted external storage devices.
Be aggressive in your updating and patching.
Update, patch, and migrate from outdated and insecure browsers, applications, and browser plug-ins. This also applies to operating systems, not just across computers, but mobile, ICS, and IoT devices as well. Keep virus and intrusion prevention definitions at the latest available versions using vendors automatic updates.
Most software vendors work diligently to patch exploited software vulnerabilities; however, such patches can only be effective if adopted in the field. Wherever possible, automate patch deployments to maintain protection against vulnerabilities across the organization.
Enforce an effective password policy.
Ensure passwords are strong and at least 8 -10 characters long with a mixture of letters and numbers. Encourage users to avoid re-using the same passwords on multiple websites, and sharing of passwords with others should be forbidden. Passwords should be changed regularly - at least every 90 days.
Ensure regular backups are available.
Create and maintain regular backups of critical systems, as well as endpoints. In the event of a security or data emergency, backups should be easily accessible to minimize downtime of services and employee productivity.
Restrict email attachments.
Configure mail servers to block or remove email that contains file attachments that are commonly used to spread viruses, such as .VBS, .BAT, .EXE, .PIF, and .SCR files. Enterprises should investigate policies for PDFs that are allowed to be included as email attachments. Ensure that mail servers are adequately protected by security software and that email is thoroughly scanned.
Ensure that you have infection and incident response procedures in place.
Keep your security vendor contact information handy, know who you will call, and what steps you will take if you have one or more infected systems.</li>
Ensure that a backup-and-restore solution is in place in order to restore lost or compromised data in the event of successful attack or catastrophic data loss.
Make use of post-infection detection capabilities from web gateway, endpoint security solutions and firewalls to identify infected systems.
Isolate infected computers to prevent the risk of further infection within the organization, and restore using trusted backup media.
If network services are exploited by malicious code or some other threat, disable or block access to those services until a patch is applied.
Safeguard Your Personal Information when using unsecured, public connection by avoiding apps or websites that require your password. These are the types of connections accessed in airports, hotels, coffee shops and libraries.
Manage Your Social Network Privacy by reviewing the latest changes to privacy settings and be sure you are using these settings properly. Hide your e-mail address from online profiles.
Disposal of Older Computers is another source for the theft of data. Remember when you delete files, the information is not actually erased. The hard drive should be overwritten or physically destroyed. Never dispose of a computer that hasn’t been secured. Your information could end up in the hands of a criminal

Additional Tips and Measures

Find out which kind of attacks hackers use most often in social media.

Users that spend a lot of time on social networks are very likely to click links posted by trusted friends, which hackers use to their advantage. Here are some of the most popular types of cyber attacks directed at social media platforms:

Like-jacking: occurs when criminals post fake Facebook like buttons to webpages. Users who click the button don't like the page, but instead download malware.
Link-jacking: this is a practice used to redirect one website's links to another which hackers use to redirect users from trusted websites to malware infected websites that hide drive-by downloads or other types of infections.
Phishing: the attempt to acquire sensitive information such as usernames, passwords, and credit card details by disguising itself as a trustworthy entity in a Facebook message or Tweet.
Social spam: is unwanted spam content appearing on social networks and any website with user-generated content. It can appear in many forms, including bulk messages, profanity, insults, hate speech, malicious links, fraudulent reviews, fake friends, and personally identifiable information.

How it affects you and what can you do to get protected:

Don't click any strange links.
Educate yourself about how cyber attacks look and work on social media platforms and learn how to protect your Facebook, LinkedIn, Twitter and Instagram accounts
Install a solution that can protect you against malware and dangerous web locations.

99% of computers are vulnerable to exploit kits

Cyber security fact: Oracle Java, Adobe Reader or Adobe Flash is present on 99% of computers. That means that 99% of computer users are vulnerable to exploit kits (software vulnerabilities).

This is because the vulnerabilities that these types of software often present are extremely critical: all it takes is one click on an infected advertising banner to give a hacker full access to your computer.

Adobe Flash has a huge number of vulnerabilities, so cyber criminals target it in the majority of their attacks. By using these security holes in Flash, attackers can infect your computer.

The rise of exploit kits-as-a-service and the increasing use of automation has led to more sophisticated and aggressive attacks. Without adequately protecting your browsers and your entire system, you'll leave yourself vulnerable to a huge range of cyber threats.

How to get protected:


Keep your software updated at all times or install a solution that does that automatically and silently.
Keep your operating system up to date.
Protect your system proactively from cyber threats by scanning incoming and outgoing Internet traffic.

Beware of Insider Threats.

You may be surprised to find out that a shocking 59% of employees steal proprietary corporate data when they quit or are fired. But there are more types of insider threats to get protection against:

Malicious insiders are the least frequent, but have the potential to cause significant damage due to their level of access. Administrators with privileged identities are especially risky.
Exploited insiders may be tricked by external parties into providing data or passwords they shouldn't
Careless insiders may simply press the wrong key and accidentally delete or modify critical information.

These types of security risks is being acknowledged by companies everywhere, and strategies are put together to mitigate them:

How to get protected:

If a soon-to-be-ex-colleague decides to do some damage before he/she leaves the company, make sure your work goes unaffected.
Be careful how you manage your passwords: use a password management application, use strong passwords and change them regularly.
Protect your shared documents and keep updated backups of all the information you're working on.

Cyber criminals favorite way to manipulate victims

People are the weakest link when it comes to cyber security, which is why psychological manipulation of cyber attack victims.


How to get protected:

Always check the recipient of an email and the source of a message.
Don't click any strange links and know what a phishing attack looks like.
Don't install software from untrusted sources.
Don't trust people blindly and don't give away confidential information to strangers.

While you check off these best practices, be sure to make sure that your security solutions are updated regularly.

Know how to respond in the event of a data breach.

It's important to constantly test not only your security technology but also the teams that manage the solutions to stay ahead of threats.

What else would you suggest to keep the cyber criminals at bay? Do give your contributions and comments?

You learn SEO by reading and experience. This thread will be very helpful: https://www.todhost.com/blog/digital-marketing-seo

Source https://www.todhost.com/knowledgebase/816/How-to-Keep-Your-WordPress-Website-Updated.html


Updating your WordPress website is good for its security, content and data integrity and also for good user experience. Each time your website goes down, is suspended, hacked, defaced, exploited and slowed down, it comes with an unpredictable but definitely unfavorable cost - users hate it. Sometimes, it makes your users frightened and they never want to visit again. This underscores the very essence of tight security for every website. Failing to keep your WordPress website updated exposes it a security loophole.

In this post, we focus on WordPress updates and strategies you need to adopt to keep your WordPress installation up-to-date.

1. How to identify an outdated WordPress plugin

You can manually scan your WordPress website to identify outdated plugins. The second way to identify an outdated plugin is to run the No Longer in Directory plugin.

2. How to Manually Scan WordPress for Outdated Plugin

WordPress has built-in plugins and also uses some third party plugins to add functionality to the site. To know when an update is available for a plugin, you need to monitor your website.

For WordPress core, if a new version of WordPress is available, you can't miss it, as you will see a message at the top of almost every page of your administration panel. You will even see another message at the bottom of these pages!.

For plugins and themes, it is different, but if they are available on WordPress.org, then the CMS can tell you if a new version is released. All you have to do is visit the Updates section of the WordPress dashboard.

You will see right next to this entry in the menu, how many updates are available. This number also appears in the bar at the top of your screen on all the pages of your website when you are logged in. If this number doesn't appear, good news: WordPress and all your plugins and themes are up to date!

3. Find Updates with No Longer in Directory Plugin

The No Longer in Directory plugin is an excellent tool for maintaining the plugins in your WordPress site. It performs two checks:

Has the plugin been removed from the WordPress.org plugin directory?
If the plugin is in the directory, is it outdated (not been updated in over two years)?

The plugin will check the plugins on your site and list those that match either of those criteria. It only scans plugins that are listed in the WordPress.org, so it won't scan premium (purchased) plugins. You should manually check to make sure those are still maintained by visiting the plugin author&'s site.

3.1 How to use the No Longer in Directory Plugin

Install and activate it.

In the WordPress admin menu, under Plugins, click No Longer in Directory. No Longer in Directory only runs when you manually run it; it doesn't automatically run in the background. So, as a site owner, you should manually run it every time you want to check for updates (unless you're covered by our WordPress Maintenance Service).

4. What to Do With Outdated Plugins

If you detect an outdated plugin, you can take the following action to address the problem:

If you don't need the functionality that the plugin provides, delete it.
If you need the functionality that the plugin provides, replace it with an actively maintained alternative.

Hopefully you can find an alternative in the directory. If not, you'll need to consider having a developer create and maintain one.

5. Why is Plugin Maintenance So Important?

We have in the introductory section tired to explain this point. Plugins that aren't actively maintained can cause security vulnerabilities and compatibility issues, which could break your site.

6. Updating WordPress with a Single Click

Since WordPress version 2.7, it is possible to update WordPress quickly and easily with one click method. This method is preferred, as WordPress will automatically download and replace the right files by itself. That way, you avoid errors and save a lot of time.

To update WordPress in one click, go in the Updates entry of the Dashboard menu. If you don't have the latest available version of WordPress, you will see the message An updated version of WordPress is available before two buttons.

By clicking on the second button, you will download a ZIP archive containing the latest version of WordPress. You will then be able to create a new installation of WordPress or manually update your current installation.

The first button is the one click method. If you click on the Update Now button, WordPress will lead you to another page which will inform you of the progress: automatically, it will download the latest version, deactivate your plugins, replace the right files and reactivate your plugins. All you have to do is wait just a few seconds or minutes.

7. WordPress Automatic Updates

Beginning with version 3.7, WordPress introduced automatic updates. With this feature, your WordPress installation checks everyday if a new minor version of WordPress is available. If that is the case, it will download and install it alone, without you having to do anything, not even a click.

By default, if the latest available version is a major version, you will still have to update by yourself, in one click or manually, but you can be sure to always have the latest stable subversion of WordPress.

For example, if you use WordPress 4.0 and a version 4.0.1 is available, WordPress will install it automatically. But if the new version is something like 4.1, it won't and you have to manually run the update.

Automatic updates are enabled by default. But if you want to disable them, it is still possible to by adding a new constant in your wp-config.php file at the root of your WordPress installation.

define(AUTOMATIC_UPDATER_DISABLED, true);

Defining another constant, you can even enable the automatic method for major updates. Still in the wp-config.php file, adding the following line:

define(WP_AUTO_UPDATE_CORE, true);

It will automatically update WordPress when a new release is available, whether minor or major. If you use a development version of WordPress, development updates will also be automatic with this constant.

This constant can take three different values: true, to enable automatic minor, major and development updates, false, to disable all of them, or to only enable automatic minor updates (which is the default behavior).

If you don't want to edit the wp-config.php file for some reason, you can also enable or disable automatic updates with filters.

For example, the AUTOMATIC_UPDATER_DISABLED constant seen above can be replaced by adding the following line in the functions.php file of your theme, or in a plugin:

add_filter(automatic_updater_disabled__return_true);

This will disable automatic updates.

Other filters can enable or disable specific automatic updates. For each filter, your function must return true if you want to enable the corresponding type of update, or false to keep it disabled.

Disable automatic minor updates

allow_minor_auto_core_updates__return_false



Enable automatic major updates

add_filter(allow_major_auto_core_updates__return_true)

Enable development updates

add_filter(allow_dev_auto_core_updates, __return_true);

Note: To be sure that a plugin won't cause a bug during the update, deactivate all the plugins you use. You can do this quickly thanks to the option; Deactivate in the drop down list that you can use after selecting all of your plugins.

Now you have to replace the right files. In your current installation, delete the wp-includes and wp-admin folders. Then upload the new ones.

Upload the content of the new wp-content folder into the old one. Overwriting the existing files, you will update the old official themes and plugins. Don't worry, the other plugins and themes will stay the same, and your media files won't be affected.

Do the same with the files in the root directory: replace them all with the new ones by uploading all of them. The only file you need to worry about is wp-config.php but it won't be overwritten as it does not exist in the new version: in the archives you download, wp-wonfig.php is named wp-config-sample.php. You now have to compare that file with your wp-config.php to be sure that a new line has not been added: if that is the case, copy and paste the new lines from wp-config-sample.php to your old wp-config.php.

Sometimes, an automatic update can fail and a .maintenance file gets added into your installation. If you manually update to fix the problem, you need to delete this maintenance file.

Your database may also need to be updated. Visit your administration panel to see if that is the case: if it is, a message will appear, containing a link. Click on it, and your database will be updated.

The update itself is finished. All you have to do now is reactivate the plugins you use

Also read: How to safely disable the WordPress automatic update feature

8. Updating Your Plugins and Themes

Updating core WordPress is important, but it is also important to update the themes and plugins you use, as a bug in one of these can affect your whole installation.

Updating in One Click

Like WordPress itself, you can update plugins and themes with a one click method. To do that, go to the Updates section of your administration panel.

If there are some plugins or themes that can be updated, they will show up here, right below the part which tells you if a new version of WordPress is available or not.

To update your plugins, select them and click on the Update Plugins button. The same can be done with themes: select them and click Update Themes..

Whether for plugins or for themes, you will be led to another page which will inform you about the progress of the update, just as it does with the WordPress update.

Note that for plugins, another section will also allow you to update in one click: the Installed Plugins section in the Dashboard. If a plugin can be updated, a message will appear right below it, with a link to update it automatically. You can even select all of your plugins and chose Update in the drop down list to bulk update the ones that need it.

9. Automatic Updates

We saw above that WordPress itself can be automatically updated, without you needing to do anything. It's very practical and if you are a fan of automatic updates, you will be happy to know that WordPress can also automatically update your plugins and themes.

Automatic updates for plugins and themes are disabled by default. To enable them, you can add a filter into the functions.php file of your theme or in a plugin, just like you can for WordPress core updates.

Enable automatic updates for plugins

auto_update_plugin__return_true



Enable automatic updates for themes

add_filter(auto_update_theme__return_true)


However, contrary to WordPress itself, you can't enable automatic updates for plugins and themes with a constant in the wp-config.php file: with plugins or themes, you have no choice and you must use filters.

10. How to Manually Updating Plugins and Themes

Like WordPress, updating plugins and themes with the one click method is preferred. But you can also manually update them. In some cases, you will have no choice: for example, if a plugin is not available on WordPress.org, WordPress can not give you access to the one click method.

To manually update a plugin, begin by downloading its new version on WordPress.org or on its official web page if there is one. In most of the cases, you will get an archive, so unpack it. Then, deactivate the plugin to prevent eventual bugs.

If the plugin is a single file, replace it by uploading the new one directly into the plugins subdirectory of wp-content. But most plugins are stored in a folder and, if that is the case, uploading the content of the new version into the old folder, overwriting the existing files. Then, reactivate the plugin.

Manually updating a theme is similar so, as we did with plugins, begin by downloading the new version and unpack the archive.

If you currently use the theme you want to update, you should now deactivate it by activating another one. Then upload the content of the new version into the old one, replacing the old files. Now, you can reactivate this theme.

11. What You Know About the One Click Method and Automatic Updates

WordPress cannot check if a new version is available for all the plugins and themes you use. Everyday, it checks if that is the case for the ones that are available on WordPress.org.

If a plugin or a theme is not on this platform, WordPress cannot suggest to you the one click method, and the automatic update won't work for such.

But even if you have access to the one click or automatic update, it may not work, especially if you try to update a local installation on your computer.

To be able to update WordPress, a plugin or a theme automatically, the CMS must have the right to write files. In other words, WordPress files must be owned by the web server user, or this same user must have the right to write this files.

Credit: https://www.todhost.com/blog/digital-marketing-seo/224-how-to-prevent-the-most-common-application-attacks-against-websites


The Web hosts a large set of applications all aimed at enhancing the productivity of users such as Google Docs, calculators, email, storage, maps, weather and news, everything that is needed daily by the users. Application attacks are usually the hardest to defend against. The vulnerabilities encountered within the application layer often rely on complex user input scenarios that are hard to define with an intrusion detection signature. This layer is also the most accessible and the most exposed to the outside world. For the application to function, it must be accessible over Port 80 (HTTP) or Port 443 (HTTPS).

In 2014, SQL injections, a type of application attack, were responsible for 8.1 percent of all data breaches. That makes it the third most used type of attack, behind malware and distributed denial-of-service attacks. There are also other common application attacks such as security misconfiguration, using components with known vulnerabilities and cross-site scripting. Attackers are able to manipulate application input and obtain confidential data without being detected by network defense systems.

Most vulnerabilities found in Web applications are unknown to security defense systems; these are called zero-day vulnerabilities. This is because these vulnerabilities are specific to each application and have never been known before. A skilled attacker can easily find these vulnerabilities and exploit the issue without being detected.

The best defense against these attacks is to develop secure applications. Developers must be aware of how application attacks work and build software defenses right into their applications.

Educating and informing developers about application vulnerabilities is the goal of the Open Web Application Security Project (OWASP). The organization has put together a list of the 10 most common application attacks. This list is renewed every three years, with the latest refresh in 2013.

The IBM Security Ethical Hacking Team shares this goal. With this in mind. So let's take some brief look at the 10 most common application attacks.

1. Injection

Injections let attackers modify a back-end statement of command through unsanitized user input. SQL injection is currently the most common form of attack you will find on the web, this kind of attack occurs when a website is not coded properly and the hacking tools used to find weaknesses and take advantage of them are commonly available online. This kind of exploit is easy enough to accomplish that even inexperienced hackers can accomplish mischief. However, in the hands of the very skilled hacker, a web code weakness can reveal root level access of web servers and from there attacks on other networked servers can be accomplished.

SQL injection is the use of these publicly available fields to gain entry to a database. This is done by entering SQL commands into form fields instead of the properly required data. Improperly coded forms allow a hacker to use them as an entry point to your database at which point the data in the database may become visible and access to other databases on the same server or other servers in the network may be possible.

Web site features such as contact forms, logon pages, support requests, search functions, feedback fields, shopping carts and even the functions that deliver dynamic web page content, are all susceptible to SQL injection attack because they contain fields that require input data and allow at least some SQL commands to pass through directly to the database.

Defense Against SQL Injection

Because web sites require constant access to the database, firewalls provide little or no defense against SQL injection attacks. Your website is public and firewalls must be set to allow every site visitor access to your database, usually over port 80/443.

Antivirus programs are equally ineffective at blocking SQL injection attacks. They are intended to spot and stop an entirely different kind of incoming data.

The most commonly used SQL injection defense is made up of two components. First there is routine updating and patching of all servers, services and applications which of course has many advantages and is common practice. Then there is producing and using well written and well tested website code that disallows unexpected SQL commands.

These two defenses are by definition enough to halt any SQL injection attack.

2. Broken Authentication and Session Management

Securely authenticating users, managing their sessions when connected, and ensuring proper logout when the sessions end are essential activities when delivering web applications. Each of these activities can provide a target for malicious attackers trying to compromise a web application.

3. Forms of Session Management Compromise and How to Mitigate the Risk

Password storage in plain text - Account passwords should not be held in plain text locally in storage within the web application infrastructure. Neither on physical storage or in memory. Passwords that need to be held should always be protected by a strong cryptographic hashing algorithm. Many commercial solutions are available to ensure that passwords stored locally can be encrypted.
Password transmission in in plain text - Plain text passwords can easily be intercepted on both wired and wireless networks. In order to fully protect passwords, it is good to secure the network session with Secure Sockets Layer (SSL), or Transport Layer Security (TLS) encryption. Sending the password over the network in a hashed format isn't good enough. An attacker could grab the hashed password in transit and send it back to the server without having to decrypt it. Adding SSL with certificates to protect transmission prevents this. SSL encryption is a resource intensive operation. It is ideally a process that should be handed off to a device that is optimised to perform it.
Using passwords that are easy to guess or brute force - Passwords should not be common words, simple and short that a brute force algorithm used by an attacker could stumble upon the password in a reasonable time. There should be a password policy in place that mandates a certain length of password, requires special characters, prevents password reuse, and forces periodic password changes.
Allowing unlimited logon attempts - Account security settings should be set to only allow a limited number of failed password attempts before an account is locked. This is to prevent brute force attacks.
Poorly implemented password change mechanism - Only the actual user of an account should be able to successfully request and execute a change in their password.
Insecure password recovery features - If a user forgets their password and requests a reset then they should be with a mechanism to confirm their identity that is used for allowing them to change their password.
Exposing account lists - Lists of accounts available for access to web applications should not be viewable. Attackers can use the accounts as a starting point for attacks.
Session IDs exposed in URLs - In order to make sure that multiple requests are associated with the users they are bundled into sessions. A session ID as an identifier to link http requests with certain clients. These session IDs should not be shown in the URLs that client devices are using to communicate with the web servers. If they are an attacker could copy the Session ID and potentially gain access to that clients authenticated session and compromise data.
Session ID creation is not controlled centrally - Creating Session IDs should not be under the control of users and clients. They should rather be generated, controlled, and secured centrally by the authentication and authorisation mechanism.
Session IDs don't expire after time period or on logout - It is vital that Session IDs have a built in time to live and that they are destroyed when a user logs out of a web application. This prevents an attacker using the Back button on a browser to establish a valid session.
Browsers caching Session IDs - Session IDs should not be stored between browser sessions. They should be destroyed when a browser is closed.
Session IDs not using SSL - Session IDs are vulnerable to hijacking when they are passed across the network with http requests. As with hashed passwords its essential that session ID tokens are protected with SSL to ensure they remain secure.
Trust relationships between components delivering a service - Many web applications are made up of component services that deliver data and functionality for users. It is not recommended to set up trusted relationships between these components. Interaction between different components should be based on authentication and authorisation requests that are initiated when required and destroyed when done.

4. Cross-Site Scripting

Cross-site scripting is a type of vulnerability that lets attackers insert Javascript in the pages of a trusted site. By doing so, they can completely alter the contents.

To protect against script injections and attempts to modify PHP's global and request variables, add the following code to your site's root .htaccess file

IfModule mod_rewrite.c
RewriteCond %{QUERY_STRING} (\|%3C).*script.*(\|%3E) [NC,OR]
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
RewriteRule .* index.php [F,L]
IfModule


5. Security Misconfiguration

Moving into the top five, we'e exploring another extremely dangerous category of flaws that deals with the incorrect misconfiguration of the server or of the application itself.

Running the application with debug enabled in production.
Having directory listing enabled on the server, which leaks valuable information.
Running outdated software (think WordPress plugins, old PhpMyAdmin).
Having unnecessary services running on the machine.
Not changing default keys and passwords. (Happens way more frequently than you'd believe!)
Revealing error handling information to the attackers, such as stack traces.

Prevention: Make sure to install the latest security updates. Remove any unnecessary features or plugins

6. Sensitive Data Exposure

This category deals with a lack of data encryption in transport and at rest. If your Web applications do not properly protect sensitive data, such as credit cards or authentication credentials, attackers can steal or modify the data to conduct credit card fraud, identity theft or other crimes.

Make sure to install the latest security updates

7. Missing Function Level Access Control

This category covers situations in which higher-privilege functionality is hidden from a lower-privilege or unauthenticated user rather than being enforced through access controls.

8. Cross-Site Request Forgery

This type of attack is used in conjunction with social engineering. It allows attackers to trick users into performing actions without their knowledge.

The most common method to prevent Cross-Site Request Forgery (CSRF) attacks is to append unpredictable challenge tokens to each request and associate them with the user's session. Such tokens should at a minimum be unique per user session, but can also be unique per request. By including a challenge token with each request, the developer can ensure that the request is valid and not coming from a source other than the user.

9. Using Components With Known Vulnerabilities

This category is about using unpatched third-party components. Attackers can easily exploit old third-party components because their vulnerabilities have been publicized, and tools and proof of concepts often allow cybercriminals to take advantage of these flaws with ease. Any script kiddie can conduct an exploit.

Prevention: Make sure to install the latest security updates

10. Unvalidated Redirects and Forwards

This category of vulnerabilities is used in phishing attacks in which the victim is tricked into navigating to a malicious site. Attackers can manipulate the URLs of a trusted site to redirect to an unwanted location.

Prevention: Make sure to install the latest security updates and run the latest version of software including plugins, components and modules.

Credit: https://www.todhost.com/blog/digital-marketing-seo/223-a-checklist-of-bad-seo-practices-to-avoid


For every website owner, discussing SEO is never enough and can never be too much. Search engine optimization, or SEO is something you learn continuously and built on experience. Moreover, the way the search engines behave is constantly changing and so experiments and changes continue on websites and the SEO world.

It is an often-discussed topic among website owners. Most owners engage in positive forms of SEO, such as improving their website's content, making it load quicker, and having quality link back to it. However, there are techniques that are known as negative SEO. These can work against an individual who uses them expecting them to bear fruit or can be used by unscrupulous individuals to tank a rival's search engine rankings.

It's rare that negative SEO attacks will be used against you by malicious actors, but it is important that you refrain from doing anything that will hurt your own rankings. Here are some common techniques that inexperienced website owners may try, only to harm themselves.

Keyword Stuffing

Don't shove keywords into your content just to get search algorithms to pick them up. Doing this usually makes your content difficult to read or appear spammy and unprofessional. Using this article, for instance, constantly repeating 'negative SEO every other paragraph would do more harm than good. Instead, use your keywords primarily in the titles and perhaps an introductory section, then let the content flow naturally.

Above the Fold Ads

If your website relies on advertisements, make sure to place them so they aren't the first thing your visitors see. Google wants visitors to instantly see the content they came for, so most of the screen space visitors view when the page loads should not be dedicated to ads. If they have to scroll to get to content, it's not good.

Spam Links

It may seem like a good idea to include a link to your website in your signature every time you post a comment on a blog, a forum, or other place which is crawled by Google. But while this can get a few people to click through to your site, particularly if your comments are high quality and relevant, posting everywhere may make your site appear to be spamming links.

Too Much Guest Blogging

While writing the occasional content for a well-regarded website and including a link to your site in the article is good, constantly guest blogging just for the links will likely not help. Instead, you'll be churning out content or even reusing content, which is frowned upon by Google.

Buying Links

It may be tempting to pay someone to provide you with numerous links to your site. However, these link farms often use many of these bad tactics listed here to generate a brief boost in your SEO that will quickly cause it to crash once the algorithm catches on to what they're doing. It may provide short term results, but will leave you with long term problems.

Anchor Text

When providing links to your site, don't include the keywords you want to rank for as part of the text (for instance, linking your baseball card blog with the words baseball card blog). Instead, use only the URL, the actual name of your site, or longer phrases.

Outgoing Link Overload

Many people like to provide links to the numerous websites they enjoy, particularly if those sites offer reciprocal links back. However, if you have too many outbound links, it may appear your site is just a link farm for other sites. Plus, link exchanges (where several sites all link to each other) are frowned on by Google. Be reasonable with the numbers you use and you should be fine.

Credit: https://www.todhost.com/blog/digital-marketing-seo/221-seo-effects-of-changing-a-wordpress-theme


Changing a WordPress theme is a common and usual thing. If you use a free WordPress theme, then changing your theme is something you will most likely do quite often.

Website managers are concerned about the effects of changing and will often ask two questions:

Will it affect my site SEO?
Will it affect my site traffic?

The answer will be dependent on the situation. But we will attempt an answer from a more general perspective with regards to WordPress, SEO, and traffic.

Before we proceed, you need to understand some fundamental underpinnings:

Many WordPress themes come with built-in SEO options, and if you are using the theme's SEO feature, chances are high that your blog's SEO will be affected.
If you are using an SEO WordPress plugin to handle your blog's SEO, you are more likely to retain your overall SEO, but only if your new WordPress theme is SEO optimized.

How do You Manage Your SEO - Using The WordPress Theme or SEO Plugin?

Some WordPress themes can effectively handle your search engine optimization requirements.

The benefit of this is that you are not running an additional plugin which reduces your security risks. However, if are in the habit of changing their WordPress themes very often, it will be a good idea to let a WordPress plugin handle your blog’s SEO.

Using the default WordPress SEO functionality is good, however, using a plugin is better. You will better appreciate the power of an SEO plugin only after you use one and experience how it enhances your site's visibility in search engines.

The Free WordPress SEO by Yoast plugin is highly recommended for this purpose. This plugin is one of the best free plugins for WordPress you will find. It will let you handle your complete blog's on-site and on-page SEO. Shifting your SEO settings from your theme to this plugin is not a technically difficult thing to do and requires only to follow the steps and save the new settings.

However, changing a WordPress theme could create some issues and we will have to look at them in some slight detail.

Heading tag changes: This change can affect the header tags such as H2 tags for post titles, or the hyperlinking of page titles.

This will have some effect on your overall search engine ranking. You must have heard that Genesis & Thesis are two of the top SEO optimized WordPress themes. This is because their codes are clean, they use proper heading tags, and they take care of all small requirements for an SEO optimized theme.

When you are making a shift from a good theme to another good theme, you have less to worry about. But, when you make the shift to a brand new WordPress theme, chances are high that they are not as SEO optimized as the previous one. It could affect your rankings.

Changing themes will lead to loss of theme custom settings. When you make a theme change, it certainly affect your old custom settings.

When you change your old WordPress theme for a new one, you might end up losing theme-specific features. Either your new theme should offer such features, or you need to hire a WordPress developer to do the customizations for you. Moreover, all the themes are coded in certain ways and you will loose the theme specifics and customizations of your old theme

More specifically:

Some themes will load the content part first and then the sidebar.
Some themes load everything at once (which increases loading time).

Today, we know that the loading time of you're a website impacts search engine ranking, you can clearly determine if your ranking will be better or worse based on how much faster or slower your blog is loading.

Change WordPress Theme Without Losing Search Engine Ranking

This is achievable when the site SEO is managed with the use of a plugin. Please note that if you are changing your theme framework (Thesis to Genesis or anywhere else), you should first take a complete backup of your blog database and theme.

This is important so that if anything goes wrong, you can roll back to the point when your site worked well without issues.
Remember to migrate all SEO data to a plugin. WordPress SEO by Yoast, offers this feature internally, and you can quickly import all SEO data to the Yoast plugin. After this step, you can change your theme to any other theme without any effect on SEO.

Chosing Your SEO Friendly Theme

There are amazingly beautiful WordPress Premium themes out there. While they may look great and aesthetically pleasant in design, many of them lack basic SEO features. Pick a theme which is SEO friendly and has codes that are bug free.

Once you have shifted your WordPress theme, you can use tools like SEMRUSH or SEO spider to crawl your blog and see if there are any errors these crawlers can detect. If yes, then proceed tp make the necessary changes to your new theme or change your theme again and choose a more SEO friendly theme.

It\s a fact that when you change your theme, the crawling of your site might be affected. So a little change in ranking and traffic is usually obvious in most cases, though you can always fix any SEO issues with a proper site SEO audit. You will notice a slight drop in ranking withing the first three days, that should not make you panic. But after that, you will begin to experience a gain in ranking if you have configured your SEO settings better than the way they were before.

It is better that you to stick to one theme for a long time, as changing your theme regularly will affect the overall branding of your site. Moreover, most of the time you will not be able to immediately spot SEO changes which happened due to the theme change, so it may take some time to see any difference.

Other Considerations

Ensure that your chosen theme is compatible with the most recent version of WordPress.

Check the mobile friendliness to be sure you will not have to adjust the screen of mobile devices to be able to view parts of your website.

Test the CSS to ensure there are no errors that will affect your ranking. This is usually a function of those who coded the theme.

Remember, there lots of plugins that can help the performance of your WordPress website but do not forget to check the plugin reviews before you choose them. It will help protect you from security breaches to check up reviews before you decide on any plugin.

Let us hear from you, other considerations that are good when changing your WordPress theme.

Source: https://www.todhost.com/blog/web-hosting-tips/219-a-guide-on-how-to-reduce-the-downtime-on-a-wordpress-website

Downtime can hurt a website's performance in several ways. It can affect the reputation of the website and turn visitors away. High downtime for your website has disastrous consequences. When people click through to your site they want to be able to use it, but if it is offline your audience will quickly loose patience. So what can you do to reduce your WordPress website's downtime?

In this article we are going to discuss how downtime can negatively affect your WordPress website and how you can monitor your downtime to see if it's a problem. Critically, we are going to look at how you can improve your uptime to help make your site successful.

Why Downtime is Bad for Your WordPress Website

Common sense puts it that you don't want your site to be offline. Downtime will frustrate, confuse, and upset your visitors. When people try to access your site, they will have a goal in mind, that could be to be entertained, learning something new, or making a purchase.

If your website is offline, it can cost you returning visitors, new leads, potential clients, and sales. Downtime can also mean that your site loses credibility with your audience and within your market or industry. A site that has problems with downtime portrays an image of unprofessionalism and would not be a first choice for paying clients. It definitely wouldn't be considered to be a leader and authority in its field.

The other major reason that you don't want a problem with downtime is that Google, and the other search engines frown at it. Regular downtime will very quickly start to affect your ranking in the search engine results pages, and as we all know, the lower you fall the less traffic you will receive. Therefore, it's vital you do all you can to reduce your WordPress website's downtime.

Monitoring Solutions That Will Track Downtime

The first thing you need to know when considering how to reduce your WordPress website's downtime is just how much your site is affected by this problem. It may well be far more than you think.

One way to do this is to use a monitoring solution to see if, and when, your site is going offline. Here are a few options for measuring your WordPress website's downtime.

Jetpack

Jetpack is a free WordPress plugin that has multiple uses and is worth installing on your site. One important part of Jetpack is its module Monitor, which can help track downtime for you.

Monitor will check you site every 5 minutes to see that it is online. If something goes wrong Jetpack will email you to let you know your site is down, and then again once it is back up and running. This will give you an accurate picture of when your site is offline and how long for each time.

Pingdom

Pingdom is a popular premium solution for those wanting a little bit more information about their sites performance. Pingdom provides uptime monitoring, using 60+ probe servers from all over the world to test your website up to every minute. If something breaks it immediately alerts you.

However, more impressively, Pingdom offers analytics to help you understand the root cause of each downtime issue. This means you can fix the problem and prevent it reoccurring, resulting in more uptime long term. Plus with the Pingdom Real User Monitoring plugin you can easily integrate Pingdom tools with your WordPress installation.

Choose a Web Host With a Good Reputation

Once you have an idea of how often your site is suffering from downtime then you need to start addressing the causes. Your web hosting could well be one of the problems so it is important that you entrust your site to a professional hosting company like Todhost that won't let you down.

Todhost Web Hosting Provides Reliable Uptime Guarantee

Todhost hosting plans that come with great technical support, powerful servers and an impressive 99.99% uptime guarantee. You might see that uptime and wonder why it's not 100% - that's because Todhost allows for up to 0.01% of your server time each month for maintenance.

Want to learn more about Todhost and all the features they offer with their managed WordPress hosting plans? Checkout our full hosting review.

Tips For Choosing The Right Hosting

When choosing a web hosting provider don't be swayed by the price or size of the outfit. It maybe a cheap deal, but if your web host can't guarantee uptime then your site will quickly be losing the money you saved on hosting.

Equally, just because a hosting solution is well known, it doesn't mean it is reliable. Even well-known hosts can have problems so do your research and check companies hosting reports before signing up.

Therefore, if you want to reduce your WordPress website's downtime investing in quality hosting is a great place to start.

Keep Your Site's Security Up to Date

One of the main ways your uptime can be effected is by security breaches. Issues with security can range from irritating viruses to your whole site being hacked, all which can increase your site's downtime rate dramatically.

There are many ways of improving the security on your WordPress site. At the most basic level, you should regularly change your passwords, update WordPress themes and plugins, and perform daily malware scans. However, investing in a WordPress security plugin is one of the best ways to keep your site safe and your downtime at a minimum.

Wordfence Security

The WordPress Wordfence Security plugin provides free protection for your site against hackers and malware. Its Web Application Firewall prevents problems before they happen and the Wordfence Scan will instantly alert you in the event your site is compromised.

There is also a premium version of this plugin, incorporating a range of extra high tech security technologies, like real-time threat defense. Free or premium, Wordfence Security is a great plugin to install if you want to keep your site safe and online.

VaultPress

VaultPress is a premium security and backup solution for WordPress sites. This powerful feature rich plugin will not only protect your site from all security issues big and small but it also offers protection if the worst was to happen.

Imagine waking up tomorrow morning and your whole website had disappeared due to a security breach. Now we are talking about severe downtime, as you have to slowly but surely rebuild your site.

VaultPress enables you to backup your site and lets you restore it quickly and easily. Not only will you always have a workable copy of your site, but your uptime should never be seriously impacted.

he right backup plugin can greatly help reduce your WordPress website's downtime in the unfortunate event of your site being hacked or corrupted in some other way.

Maintenance and Optimization

As well as implementing a robust backup and restore process, it's important to carry out regular optimization and maintenance of your WordPress website, including its database.

You can find out more about how to keep your website running smoothly in our guide to optimizing the WordPress database and our beginner's guide to WordPress website maintenance.

And if this all sounds like too much work then you could always enlist the services of a professional WordPress support service and let them take care of reducing your WordPress website's downtime.

Final Thoughts

The importance of putting in the work to reduce your WordPress website's downtime cannot be underestimated. By choosing a professional web hosting service, monitoring your downtime, and keeping on top of your site's security and maintenance tasks you should be able to maximize your site's uptime.

This should result in better rankings in the search engines, happier visitors, and ultimately a more successful and better-performing website.

Does your website suffer from downtime? What do you think is causing it? Please let us know how you now plan to reduce your WordPress website's downtime in the comments below.

Thank you for all your comments. This article was not intended to discourage the use of WordPress or to run down that very powerful CMS. The fact is that each of the points raised here indicate a vulnerability for WordPress. The article is to guide you on what to avoid and what not to take for granted. All CMSs have downsides and you need to take the right steps to secure and keep them safe from attackers.

Hope you can now better appreciate this article.

WordPress is the most popular Content Management System(CMS) used on the web today for creating powerful blogs and websites. It has lots of advantages and also have some disadvantages. The disadvantages often scare some persons who do not know how to cope with them and the run away from using WordPress to create blogs and for website development

Every content management system undergo some updates and upgrades released over time. The updates are usually designed to fix identified bugs and patch security issues. Some other bugs may take a long time to fix.

There are several WordPress bugs and which count as disadvantages which you will need to put into consideration when using WordPress for website development. You will need to understand how to address these bugs as you decide on the use of WordPress for your website development. Some of these issues include: translation, security, bad programming, support, bad default configuration, source code, customization, updates and resources.

Translation

One major problem with WordPress is the problem of translation. Most of the volunteers who are involved in WordPress do not have proper skills and expertise knowledge in the areas of translation. The volunteers involved in WordPress Anyone can be a volunteer, you only need a WordPress account and you can start translating from English into different languages without any restrictions.

Translators can do a very poor quality job and end up with very bad translations from English to foreign languages, turning the easy to use dashboard into non-sense admin area.

In some of the WordPress versions, especially the newest one, translations are incomplete. By updating the system, you might end up having your website in both English and the other languages you used before.

So if you need to build a website for a client who does not understand English, you rather do the translation and help the community out with your work, or you choose another method to build your website.

Security Problems

Security is a major concern in WordPress. One major concern is the brute force attack;. Btute Force Attacks occurs when someone tries to access the dashboard of your WordPress site or your FTP account by trying out different user names with different password combinations. If you choose a strong password and changed the default admin user name, you can reduce the chance of getting hacked, but there is no guarantee that you will always win.

Another big security hole is the quality and source of third-party themes and plugins which are made by both professional development companies and also by the hackers themselves. This underscores the need to carefully review the plugins before use and be sure that you confirm the credibility of the developer before implementing a plugin on your WordPress website.

These files are verified, but sometimes the developers can hide fishy code that will not catch the attention of the verifier. This has become a major security concern for WordPress.

These security problems cannot be resolved just with updates. They need to pay more attention on the themes and plugins that are being updated and verify the users who are doing it. Employing highly skilled programmers and WordPress expert to review the code could be a solution.

Bad Programming

The Core WordPress is developed by Automatic Inc, a professional web development company, who pay really close attention to details, most third-party plugins and themes are created by many other individuals and organizations who are, in some cases, really unskilled.

Not optimized code can not only slow down your site or cause errors, but can also be the back-door for a hacker to break into your site.

Lack of Support

Although there is an active and very large WordPress community providing support to users and developers and answering most of user questions, there are cases when you have to figure out things by yourself. The official WordPress support is represented by volunteer, plugin and theme developers, WP assistants or people from all around the world.

When buying a commercial theme or plugin, you will get a level of support from the company who sold it to you, but you might still have unanswered questions at the end of the day. You can also purchase WordPress support from different companies or buy guides to learn this system.

Default Configuration

To really be safe with WordPress, you need to tweak some default settings and secure your website, speed it up and make it really good for users. Basically when you install WordPress on your site, you will have to make some adjustments. For instance, you will have to activate SEF URLs for better SEO, so search engines such as Google can find your pages and content more easily. The visual editor might also cause problems for newbie users, because by default some important features are hidden, which the user have to figure out.

Source Code

WordPress gets regular updates but despite the frequent updates, there are still parts of the core where old PHP techniques are used for global variables, functions, and classes. WordPress produces bloated code with its WYSIWYG visual editor and you can easily see this when you write an article in the editor and then toggle to HTML editor where you can see the source code.

Some free themes and plugins have been found to have hidden codes and links to suspicious websites. When removing these codes, the theme and the whole website will stop working. In some cases the dashboard can also be affected, disabling the option to change the theme or modify your site as you wish.

Customization

For you to be able to implement some customization in WordPress, there is the need for some good knowledge of PHP, HTML, CSS and JavaScript. You also need to understand the WordPress framework itself to be able to modify the files and functions to archive the results you want. SQL queries are also hard to customize because you need knowledge of MySQL and PHP or you need to hire a web programmer to make your website in WordPress so it is better to make one from scratch without using any CMS.

Updates

WordPress core gets a monthly update. But some plugins can have daily updates. Updating your plugins or theme every day can in such cases be frustrating. You don't have to do it, but it is recommended. However if you have already modified your theme or the plugins you are using, watch out, because the update will overwrite all your modified files. Will not create a backup or a copy of the files you have edited, so you will lose your modifications. In this situation you will need to live with the constant update notification.

Server Resources

WordPress websites use a huge amount of server resources because the core WordPress and third-party extensions includes a high number of PHP functions and SQL queries. There are problems regarding CPU usage and nobody seems to know the solution or even to identify the source of the problem. If you buy managed WordPress hosting some plugins that are heavy resource consumer are banned. So you will not be able to install the necessary plugins to your site, because your hosting provider will not allow that. Caching your website is one way to reduce resource usage by your WordPress website.

Conclusion

You now know some of the major problems associated with the use of a WordPress website. What is important here is that you should be able to have solutions to address these problems. These problems do not suggest that the WordPress CMS is bad. No, it is not bad. The fact is, that it is the best CMS around, and it is powering over 75 million websites world-wide. Its key plus is that it is very simple to use and is free.

However there are still some cases when you should not use WordPress for your project: if you want to create a simple website, which does not need to be updated. In this case you can create the site in plain HTML and CSS. You should not use WordPress for sensitive projects that need high security. You should also avoid using WordPress if you can't afford a reliable web host that supports WordPress Hosting.

Credit: https://www.todhost.com/blog/website-security/216-how-to-backup-your-wordpress-website-automaticaly-using-backup-plugins

Keeping a healthy backup for your website is a golden rule. You cannot run a website, especially a content management system, CMS. without maintaining a healthy backup. The emphasis on backup is not necessarily because something bad is sure to happen. It is a safeguard, a preventive measure to ensure that if something happens and you are unable to get an effective repair, there should be a backup to fall back on. Even though it is a week old, at least, you are not made to start all over.

You will find a lot of WordPress plugins in the WordPress plugin directory but not all of them are so effective to do a complete backup for your website. If fact, you will discover that only very few can effectively deliver a complete backup for a website. A complete backup will involve taking backup of plugin, themes, backup wp-content folder. Moreover, it's always recommended to automatically backup WordPress to make sure; you have most recent version of backup available for your website or blog.

Why backing up your WordPress blog is important

If you rely on your web hosting company and fail to maintain a backup, then you will be making a mistake. We recommend that you always maintain a healthy backup and here are the reasons why:

Hackers can bring down your website

Hacking is not a new word for anyone who is knowledgeable about the internet. It is common to hear of hackers. Most hackers will target sensitive information like credit cards while most hackers simply want to prove their skill and ability to hack. The majority of hacker attacks on small, simple and small business websites are just to cause trouble. The only guarantee to be sure you can recover or fix your hacked WordPress website and to protect your website from further security hacks is if you have a healthy backup available. For as long as your website on online, there are chances that it can be attacked and compromised. The safe way to go is to maintain a backup.

Computer Related Problems

Having a copy of your website stored on your local machine is a good idea. But computers can crash and the data may not be recoverable. In that case and to be double sure of having a secured backup, backing up remotely is a safer option.

Issues with your updates

WordPress websites undergo regular updates. It has become a source of worry for most WordPress users to have issues with their websites after an update. This is why WordPress always tells you to perform a backup before updating. WordPress websites have multiple components, including plugins, themes, software, and back-end programming. An error during updating can take off the entire website from the internet, Only a backup can serve as an easy recovery measure for website owners who are not so good at understanding WordPress recovery techniques.

Malware and Viruses

Malware and viruses are a major concern and can lead to a serious penalty from your hosting company. They can find their way into your website even through third parties. You can download them unknowingly with a theme or plugin, Having backup files means that you'll be prepared just in case your site starts acting weird.

Employee Errors

This is commonplace and happen even with the most skillful website managers. A slight distraction can cause a code error and you may never be able to detect where the mistake was made. We all make mistakes. You can even erroneously click a button that deletes a file and cause a major damage. You can even empty a content into the wrong folder and cause a serious conflict. All these could just happen by accident and one way to recover fast is to have a healthy backup in place.

Important Files to backup in WordPress:

Though you can configure a full website back for your WordPress website. Technically, you require to backup just two elements of your WordPress website - the Database and the Files.

Database: This contains all your posts/pages, comments, categories, tags, theme settings, plugin settings, WordPress settings, user accounts and every URLs/links you have on your site.

Files: The WordPress files will need to be in the root of your domain, typically the public_html folder. It consist of three folders called wp-admin, wp-content and wp-includes plus a few other configuration files and a .htaccess file. The wp-content is a very important folder for your site which contains all your images/uploads, plugin files, theme files, and additional files created by plugins.

Generally speaking, the Database and the wp-content folder are the two most important part to be backed up on a regular basis. With your wp-content and database file, you can restore or migrate your site.

Trusted WordPress Backup Plugins

1) VaultPress

VaultPress is the backup solution by Automattic (theParent company behind WordPress). This solution is perfect to take backup of 1-2 blog, and will not be very good for a website with multiple blogs because of the cost of running it for multiple blogs.

2) UpdraftPlus Backup and Restoration

This backup solution works for multiple WordPress backup and is a very popular WordPress backup solution. This comes in two version: Lite (Free in WordPress plugin repo) and the Premium Version

Updraftplus is the most popular backup solution for WordPress. It offers all the features which you would need to backup your WordPress blog. It offers more than just backup, as using the cloning migration feature, you can easily migrate one WordPress site from one host to another.

What make this plugin stand out is the variety of options for backup. With UPdraftPremium, you will also be getting free 1GB of space for UPdraftPlus Vault, which is their cloud storage.

3) ManageWP Backup

Good for multiple WordPress site, ManageWP is also popular and it is easy to optimize, update & track all your blog from one dashboard.

ManageWP offers real-time protection as it offers incremental backup. That means, instead of taking complete backup every time which slows down our server, it takes backup of only those files which are changed & is uploaded to their cloud storage infrastructure.

One key and very exiting about ManageWP is that it can be used by even the least knowledgeable user as does not require any skill to configure configuration. You only need to enable or disable it. You have the option to take a backup using Amazon S3, Dropbox, Google Drive, One drive or ManageWP cloud infrastructure.

There are other free and premium WordPress backup solutions including:

1. BackUP WordPress (Free)

2. Dropbox backup & restore (Supports only Dropbox is free)

3. BackupBuddy (Pro)

However, the three(3) we have examined above are the best solutions for WordPress backup and will server every need.

Credit: https://www.todhost.com/knowledgebase/812/How-to-Revert-Back-to-a-Previous-Version-of-Joomla.html


Website upgrade is a common practice. Keeping up with the latest version of your content management system or website software is a good security measure as it ensures you are dealing with latest security bugs and keeping up with the latest features. But sometimes you decide to upgrade your version of Joomla, and then after the upgrade is done, your website becomes completely unusable or some of its features become broken.

Why does that happen, and how to revert back to a previous version of Joomla to undo the upgrade. That will be the focus of this post which essentially will take us the process of reverting back to a previous version of Joomla after you have had some issues with functionality following an upgrade

Why a Joomla upgrade might break your website

There are several reasons that are behind this, and they mainly are:

1.You have modified the core of your Joomla website: Many website owners modify the core of their Joomla website (or have it modified) in order to add some custom functionality. While this can be necessary, it should be avoided when possible. Only modify the core of your Joomla website when there is no other alternative. Note that in most cases there is an alternative! 99% of the very complicated work on a Joomla website can be done using extensions. You will rarely find any need to modify the core. And, in the very rare cases whereyou have to, it will be good to make changes compatible with future upgrades.

2. You have installed an extension that is not compatible with your current version of Joomla: When you do an upgrade, sometimes a 3rd party extensions can be incompatible with your current version of Joomla, and if this extension is a System plugin that runs on every page, then most likely your page will either show a blank page or will display a fatal error (at best your page will display a warning). There are also cases where an existing extension is not compatible with an upgraded version and it creates problems. So before an upgrade, it is a good idea to check the versions to be sure they are compatible with the version you are planning to upgrade to.

3. You have uploaded the files to the wrong place: A Joomla upgrade usually consists of uploading specific files to specific directories. Sometimes the upgrade can consist of just uploading a couple of files to a couple of directories. What if, for example, you need (as part of the upgrade) to upload index.php to the administrator directory, and instead of uploading that file to the administrator directory, you uploaded it to the root directory of your website. Not a single page on your website will work (the index.php file that is located directly in the root directory of your website is used on every page on the frontend of your Joomla website). You will, in such cases, simply locate the newly uploaded file and delete it or simply move it to the proper directory using your file manager.

4. You haven't finished uploading the files, but you thought you did: As stated above, a Joomla upgrade consists of uploading several files. What if the upgrade consisted of uploading 5 files and you uploaded only 4, and what if the file that you missed is used by those other files? At worst, all of your website will stop working and at best, some of your functionality on your website will be broken. This creates corrupt files on your server and will need a complete re-upload or you find a way to resume upload and complete it.

How do you revert back to a previous version of Joomla

Once you notice that the upgrade has broken your website, you realize it is big trouble and have to think of a way out. Chances are that you could think there is no way out and so your next step could be to delete the entire files and re-upload Joomla afresh.

No! You will have to try out some of our suggestions and see how you could fi things up. If every other efforts fail, then you can consider a new upload.

It is important that when this kind of error occurs, you don't panic. Please stay calm and carefully look at the options to fix the problem by reverting back to a functional state.

Well, the easiest way to revert back to a previous version of Joomla is to just go back to a previous filesystem backup. But even that can be tricky, especially if the upgrade has modified both your file system and your database. So, if you do have backups, then it's always better, when reverting to a previous filesystem backup, to revert back to a database backup that was generated the same day the filesystem backup (that you're using) was generated. It is for this reason that we emphasize the need for regular back. In fact, we will advice that you need not embark on any upgrade without having a safe backup. Having a backup is just in case something goes wrong.

Now, what if you don't have any backups?

This is when this can quickly become very challenging. When you uploaded the files, you have erased the previous versions of the files. So, the first thing that you should do is the download the previous Joomla version (the one that you had before the upgrade), and then replace the files that you have already uploaded with the files from this (previous) Joomla version. Once you do that, two things might happen:

Your website will return to its previous working state. If that happens, then you need to congratulate yourself. You have done things right and deserve some commendation.

The second thing that could happen is that your website will show different errors. In this case, it's because the database was updated using that upgrade. You will need to contact Joomla experts at this point because it'll be really hard to fix these errors without a backup (and you will need programming and MySQL skills to fix them).

What if it is a migration?

So far, we have been talking about reverting back to a previous version of Joomla if it's an upgrade. But if the error had occurred in the course of doing a migration, then it is a real big problem and in that case, there is no other way but to revert to a previous backup (a migration is a destructive process as it consists of recreating the site from scratch), and if you don’t have any previous backup, you will need to contact a Joomla expert or developer to help revert your Joomla website back to an earlier date. Handling migration issues requires a lot of experience and professional expertise to work on the databases and fi things up.

Best practices when upgrading your Joomla website or migrating your Joomla website to another version.

Here are some best practices when upgrading or migrating to another Joomla version:

Backup your database and your filesystem just before doing the upgrade or the migration.

Create a copy of your database (using phpMyAdmin) and create a copy of your actual website under an previous directory (so, in other words, you should upload all the files for your website to that previous directory, which should be located directly under the root directory). Change the configuration.php file in your directory to point to the copy of the database (not the original database).

Avoid using Akeeba backup. Akeeba backup is one extension that you will only know it's useless when it's too late. This is because in order for Akeeba Backup to work, your website must be functional (which defies the whole point). In many cases, people revert back to previous versions of their websites when their websites no longer work.

If you have problems with your upgrade/migration, then reverting back simply consists of doing a simple redirect in your .htaccess file to yourjoomlawebsite.com/previous, and that's it! So, in case you have problems, you need to add the following lines to your .htaccess file:

rewritecond %{http_host} ^yourjoomlawebsite.com [nc]
rewriterule ^(.*)$ http://www.yourjoomlawebsite.com/previous/$1 [r=307,nc]

Once you add the above lines to your .htaccess file, upload it to your website, and your website will now work!

Although the website is working, it's working out of the previous directory. We want to make it work out of the root directory, so here's why you need to do:

Delete the original database, and then re-create the original database from the backup.

Delete all the directories in your website's filesystem (with the exception of the previous directory, of course), and then re-upload them from the backup.

Roll back the changes you did on the .htaccess file and then upload it back.

Your website should now work well without issues.

You now have to delete the previous directory, you don't need it anymore.

Web Hosting in Abuja
https://www.todhost.com/knowledgebase/689/Web-Hosting-in-Abuja.html