The hack, or attempted hack, used a large botnet (a network of compromised computers doing the bidding of someone else) to repeatedly try and guess passwords on WordPress sites to gain administrative access to them. From there, the botnets would take over the sites and attempt to integrate them into a new bothnet, one made up of high-powered servers with better connections to the Web.

For most sites, the hacking attempt was pretty harmless. If you don’t use the original “admin” account and have a password that is easily guessed, you were most likely safe from the attack. Rather, the attack was an attempt to cast a broad net in hopes of finding the low-hanging fruit, sites that can be trivially broken into.

But while your site is probably fine as long as you took even the most basic precautions, there were still repercussions. The weight of thousands of attempts to login put a strain on many people’s servers, especially if the server had many different WordPress sites. This resulted in websites slowing to a crawl and even shutting down, including ones not directly affected.

But while the worst seems to have passed for now, there are still some lessons to be learned from it and it’s important to grasp them before the next wave hits.

Because if there’s one thing that’s for certain, there is another wave coming.

1. No More “Admin”

The first lesson to glean is that, if your WordPress installation still has a working administrator account with the name “admin”, it’s time to get rid of it.

Your username is, quite literally, your first line of defense. If it is easily guesses, then all someone has to do is figure out your password and they’re in. Don’t make it easier on hackers than it has to be.

With this attack, even if your password had been “12345″ (the kind of thing an idiot would have on his luggage), if your username were not “Admin” you’d still be safe.

Make your username something unique to you and something that can’t be easily guessed. Your site will be much more secure and it only takes a few seconds.

2. The Need for Good Hosting

Many WordPress users tend to “cheap out” on hosting, paying only a few dollars per month for a shared hosting account. This works great as long as traffic is low and the site is relatively simple. But if more than a few dozen people come knocking at once trouble can arise, especially if your site isn’t using good caching.

This attack shows that you never know when a traffic spike might strike. Though this hardly had the weight of a traditional DDOS attack, for many sites on low-quality hosts, it had much the same effect.

If your server folded under the weight of this botnet, how is it going to handle a traffic spike from Reddit or a viral post? It probably won’t be able to.

3. The Usefulness of CDNs

One of the first sources to talk about the botnet attack was Cloudflare, a content delivery network that also works to filter out bad bots.

Though many are skeptical of Cloudflare after its over-the-top warnings on the Spamhous DDOS attack, the point remains that services like Cloudflare and Distil, which filter out bad bots, can provide a useful service for mitigating such attacks.

If you aren’t using one of these services, it may be worth taking the time to see if they are right for you.

4. WordPress Itself is Secure

To be clear, WordPress can and from time to time does have security vulnerabilities. However, they are usually patched quickly after discovery. Plugins are much more common sources of traditional vulnerabilities.

However, this wasn’t an attack against WordPress itself. The attackers weren’t exploiting a vulnerability in WordPress’ core. Instead, they were simply knocking on doors hoping to find one unlocked.

If the hackers had found an exploit in WordPress, it’s reasonably safe to say that they would have done so and the attack would have been much worse. However, they didn’t have one and, as a result, they were forced to spend a lot of energy to try and pick of the low-hanging fruit of poorly-secured sites.

5. This Won’t Be the Last Attack

Though this attack was breathtaking in its size, it was not the first attack of its type and it will not be the last.

Inevitably, someone else is going to try and launch a similar offensive, possibly with a larger botnet, using more passwords and creating bigger headaches.

There’s an old samurai saying says, “When the battle is over, tighten your chin strap.” The battle may be over for now, but the next one is just on the horizon. Now is the time to plan.

Bottom Line

To be clear, the attack was bad. However, it could have been a great deal worse.

The attackers weren’t really interested in hacking every WordPress site and, instead, were just trying to find easy targets. It’s akin to having thousands of people fan out in a city to try to find unlocked cars with the keys still inside.

The attack only targeted WordPress because it is so common and used by so many people that are inexperienced with security. It had nothing to do with a vulnerability within WordPress itself or any particular plugin.

Since it has passed, now is a great time to be thinking about security of your site and how you’ll protect yourself against the next one, which will likely be bigger and better organized.

Fortunately, the precautions that are most important aren’t that difficult to take. Ditching your “admin” account, if you have one, and setting a good password only takes a few seconds and is probably the most important thing you can do.

If you can do that and keep your installation/plugins up to date, you’ll probably be head and shoulders over many who use WordPress and will be much more likely to get caught in the next wave of hacking attempts.

After relaxing for a bit with my wife, I checked my site only to find that it wasn’t there at all. Instead, I was greeted with an error message saying that WordPress could not connect to the database.

I logged into my server’s control panel and noticed that the server load was unfathomably high, much more than it could ever take. I’d been dealing with a weird CPU issue for a while so I restarted the server, expecting it to correct itself.

But when my server eventually restarted, the site came back but only for a second, it quickly went down again. Whatever was causing it wasn’t just a temporary issue.

I contacted my host, which told me that they were seeing very high levels of traffic to the server, more than it could handle. It turns out the article I had written about a recent plagiarism case on Reddit was getting some attention both via Reddit itself and Google searches. The volume just seemed too high.

But then I looked at the sample level of traffic that I managed to snag when the site came back up briefly. It was high, many times my normal level, but nothing the server shouldn’t be able to take easily. It had, in the past, handled spiked much bigger than this.

My host agreed and we worked together to keep the site offline but give me access. Once in, I realized that I had made a terrible mistake.

The week before, I had to, in an emergency, create a new theme for my site. As part of that I had disabled W3 Total Cache. While a great move at the time, when I was done I had forgotten to reenable it and the site was without any kind of caching.

I reenabled the plugin, checked that it was working and then opened the site back up to the rest of the world. Sure enough, though the load was high and the server was straining some, it was nowhere near buckling. The highly-elevated traffic remained for several days and, through it all, there wasn’t as much as a glitch or a hiccup.

If I had remembered to reenable W3 Total Cache, or any caching plugin, I probably wouldn’t have noticed the traffic spike until I checked the stats the next day and I certainly wouldn’t have people on Reddit commenting about how quickly my site went down.

It was an embarrassment that ended up being minor, but it serves as a reminder to every WordPress user: Make sure you are using a caching plugin.

Why Caching is Important

Most people don’t think about what happens behind the scenes every time someone visits a page, but your server does.

If you use WordPress, or any other similar content management system that doesn’t have caching, there are a series of steps that your server has to complete to go from page requested to page delivered.

Basically, without caching, when a visitor tried to load a page, the page itself doesn’t exist. Instead, the server receives the request, WordPress queries the database for the content that’s supposed to be in the page and builds the page on the fly before delivery. Once that visitor is gone or goes to another page, the page disappears and the process starts over again.

While this is an over-simplification, the main issue is that the server has to create the page every time someone looks at it. While this is great in that rapidly-changing pages are updated for each visitor, it’s a lot of work for a server and even a decent VPS, such as my own, can struggle under that if there are a lot of visitors coming at once.

A caching plugin, ont he other hand, keeps WordPress from having to create a new page every time. The page is created once and held onto (or cached) for a period of time, usually a few hours. Subsequent visitors to that page get the cached version, which prevents the server from having to check the database and assemble the page from scratch.

To the visitor, this is much faster and to the server, this is much easier.

To use a personal computer example. Imagine, if instead of using copy and paste, you had to retype a paragraph into a new document every time you wanted to repeat the text. Though retyping it lets you make changes to it as you go, copying and pasting is much easier and faster for you.

But as great as caching is, it’s something that’s frightfully easy to forget and the reason is very simple.

Why Caching is Easy to Forget

A lot of bloggers don’t see the need or importance of caching and it’s easy to see why. Caching is most useful when a lot of people are trying to load the same content. Most blogs don’t see the kind of traffic level where caching has a major impact one way or another.

For example, if a page your site only gets a visitor once or twice a day, then it probably is being loaded dynamically every visit, caching or no. The reason is that the cache, most likely, expires between visitors, forcing the creation of a new page.

On low-to-medium traffic sites, there are probably only a few pages that get enough traffic to regularly deliver cached content and, even then, it’s probably doesn’t adversely impact the server. A well-optimized server can serve a decent number of dynamic pages without a problem.

So while caching probably has at least some speed benefit, it’s usually one that’s difficult to notice, especially to the naked eye.

This prompts many bloggers to skip on caching or, in my case, forget to check if it’s working, because everything functions fine without it.

However, as my case showed, it can be a road to disaster.

When Caching Matters

One of the strange things about the Internet is that it has a way of quickly giving a lot of attention to something that had very little of it previously. Between social media such as Facebook and Twitter as well as social news sites like Reddit, a tidal wave of traffic can hit any site at any time.

These types of moments are what bloggers work for, an opportunity to reach a large audience and a chance to capitalize and maybe grow your reach long-term. However, you can’t do that if your site is down.

But it doesn’t make sense to buy and pay for hosting strong enough to survive those waves when 99% of the time you will only need a fraction of it. It’s like buying a huge bathtub to hold a glass of water, expensive and wasteful.

Instead, the best thing you can do is make sure your site is as efficient as possible so it can survive waves of traffic visiting the same page without trouble. Caching is the best way to do that.

So, if you don’t cache, you’re severely limiting the number of visitors your site can receive. While that may be fine most of the time, it basically shuts the door in the face of potential visitors who are coming to see you at your most popular.

Bottom Line

In the end, WordPress is a great CMS for many sites but its lack of caching means that it can easily overpower even decent servers quickly. Fortunately, a decent caching system is never more than a plugin away.

Truth be told, my reminder was not a particularly painful one, it could have been much worse. An hour or sporadic downtime could have turned into much longer since the site wasn’t “down” in a sense that my monitors would detect. It could have gone until the next morning before returning to normal.

However, I’m not going to let dumb luck be what helps me get my site back up. I’m going to make sure to always run a caching program and, though I’m certain I’ll have to disable it from time to time to do work, I’m going to make double sure to reenable it when done.

I don’t want to risk another Reddit wave shutting me down…

In June of 2011 I had switched my site to the Headway Theme Framework, version 2.X. The changeover, initially, went very well. The theme was wonderful on the test site and, despite a hiccup or two in transferring it to the new main site, things were up and running quickly.

But problems slowly began to arise. The theme would occasionally have errors where the settings would change or elements would be added, causing sections of my pages to be repeated many times over. Most of the time the problems were minor and easily fixed, but they were annoying. However, over time the problems began to escalate.

After setting up the theme, I was at a major plagiarism conference in the UK when my site broke completely and became unreadable. The smaller errors started to become more common and it began to feel as if I was doing patch jobs on the theme weekly or more regularly.

I tried addressing the issue with both my host and with Headway’s support but none of the changes, including increasing the memory in my VPS, seemed to help. The people at Headway encouraged me to upgrade to the 3.X branch, saying it was much more stable and resource-friendly. However, there’s no upgrade path to go from 2.X to 3.X, meaning that doing so would require starting from scratch. In my mind, I didn’t have the time to set up a new theme and the patches, while annoying, were not time-consuming.

But then things went from bad to worse. In one day the theme went down three times and, the last time, temporarily took the entire database with you. Though I have good backups of my database, nothing causes a moment of panic quite like realizing that 8 years of hard work may have just been erased.

Fortunately it wasn’t, but with errors now as frequent as coffee breaks, I knew something had to be done quickly. So, that evening, I set out on one of my most ambitious WordPress-related tasks, creating an entire new theme in one night.

Picking My Battles

Sensing that there might be a much more serious collapse on the horizon, the most important thing was to get my site stable. Unfortunately, that meant making some sacrifices.

Specifically, there were three points I had to surrender on before I started:

1. Using Headyway 3: Though my experience with Headway 2 was definitely not the best and I certainly wouldn’t be opposed to using a new theme, I knew the theme framework well and Headway is designed for speedy development above all else. If I was going to do it in one night, I couldn’t take the time to learn something new.
2. Duplication, Not Reinvention: While I could tweak my theme and change a few things around, I couldn’t reinvent the wheel either. By trying to copy what I had, I was sticking with a look that seems to be working for me and avoiding a lot of time-consuming testing.
3. Complexity: My original theme had many nuanced elements that could not be easily replicated with Headway 3. Rather than getting bogged down in minutia, it was better to find easier ways to get the features working and then add the polish later.

With the limitations in mind, I ended up with the very unambitious goal of recreating my existing site in Headway 3, but with the very ambitious time frame of that evening.

The Process

To start the process, I installed Theme Test Drive so that I could work on the new theme while visitors would still visit the old. With two computers side-by-side, I left myself logged out of one so that I could feed myself information from my existing site and plug it into the new theme.

From there, I knew I had to make three separate layouts for the theme to work:

1. Home Page Layout: The home page of my site.
2. Single Page Layout: The page for all posts and all pages.
3. Archive Layout: The page for tags, authors and all other layouts that list multiple posts.

Fortunately, Headway makes it very easy to get started with a new theme as you actually draw layout in a grid. I quickly sketched out the home page layout, mimicking closely my existing website but adding about 100px to the width. After setting up each of the sections of the layout, within about 30 minutes I had a pretty good replication of the home page of my site with a few problems.

First, the way Headway 3 handles excerpts is much more limited than Headway 2. I could not recreate the two-column look easily with Headway 3. Second, my slider would need adjustment to fit to the wider site. Everything else, however, translated pretty well other than styling tweaks.

I set about trying to fix the excerpt problem and realized that the only practical solution, short of coding it myself, was to pick up the paid Excerpts+ leaf. While it’s a great plugin and a nice addition, it seemed a bit like building a sandcastle with a bulldozer.

Though it started out as a reluctant purchase, it ended up working well as I was able to get the excerpts I wanted quickly.

From there, I set my sights on the other pages and followed a similar pattern. However, there I was able to start with the home page layout and just eliminate and add what was needed. Pretty quickly I had all three pages working, though almost none of the styling was done and there were many elements to add.

This was where the two computers came in handy. On the non-logged in machine I looked up the CSS elements I had and recreated them one by one in the new template. Piece by piece, the new template came together.

Now, after just a few hours, the new theme looked almost identical to the old but the devil was in the details.

Finishing Up

There were two problems still preventing me from going live. One was that my slider still did not look right and the second was that the search function wasn’t in the correct place.

Unfortunately, neither of these problems were going to be crackable that night. The slider I use would not let me adjust the width of the right hand side. Though there was an option for it, the highlight (which displays when the post is in the main window) would not update with it, making it look broken. Though I felt it would look best with the right-hand buttons extended at least some, I had to put all of the additional width into the main image.

The search box, previously, was a part of the navigation bar but the hooks feature that made that possible in Headway 2 is not available in Headway three and workarounds resulted in ugly results. I decided to just move the search bar to the top of the page and be done with it.

With the help of my wife, we began to test the site, loading up a variety of pages in the new theme and fixing any errors we saw. Fortunately, there wasn’t much to address but we did notice some minor CSS bugs, such as some links not showing up red and linked subheads displaying oddly.

When it was ready, about 5 hours later, I pushed the new theme live and asked others via Twitter to let me know if they saw any issues. No further problems crept up. Though I noticed and squashed a few other minor bugs over the next few days, for the most part, the theme has held up well.

The Epilogue So far

It’s now been about a month since I did that frantic bit of development. The new theme has held up well and few people even noticed the change (or noticed it enough to mention it). The new theme has also not had any problems and, bit by bit, I’ve been adding back in some of the spit and polish of the original theme.

I’m honestly not sure how long I’m going to keep it though. Given the problems I had with Headway 2 and the franticness that went into this more-or-less forced upgrade, I’d like to switch to a different framework when it comes time to do a full overhaul.

In the meantime though, Headway 3 seems to be working well enough. There have been no issues that have caused the theme to break, even when other server issues arose, and the theme even took a major traffic spike on the chin without an issue.

The main thing, right now, is that the danger has passed and I can now take my time deciding what my next move should be.

In the end, my only real regret is that I didn’t take this action sooner. I held out for an upgrade path between Headway 2.X and 3.X while I found myself patching my site regularly. It was a stupid decision.

If I had only done this a year ago, I would have saved myself a lot of headache and panic.

Neither version added what could be considered major user-facing features, especially to bloggers who are already working on the platform. Version 3.4 introduced greater theme controls and improved localization while 3.5 will introduce a new default theme and revamp the upload/insert workflow.

While all of these are great features and important to have, they don’t exactly set the world on fire with new functionality either. They’re incremental improvements and not sexy new features that get bloggers excited about new releases. However, cautious updates make sense given that it’s important for the WordPress core to be stable and consistent for the many corporate applications it sees these days

However, that doesn’t mean WordPress is being left to stagnate. Automattic, the company behind WordPress.com and primary driver behind developing the WordPress platform, has been dishing out a bevy of new features and tools, but they haven’t been baking it into the WordPress core. Instead, they’ve been taking advantage of WordPress’ plugin architecture and have built a plugin of plugins, named Jetpack, to incorporate new features they don’t want to code into WordPress itself.

While the reception of Jetpack was somewhat cool at first, it’s grown to incorporate a wide number of features, many of which have been widely requested by bloggers for some time.

So, keeping in mind that Jetpack is being rapidly updated, what are some of the best features it adds? Here are of the best to consider.

1. Jetpack Comments

If you’ve liked the comments that are on WordPress.com but have been disappointed that they haven’t been brought over for self-hosted users to use, wait no more. Jetpack Comments not only offers an attractive comment form, but allows your visitors to login using Facebook, Twitter and WordPress credentials.

It may not be a replacement for a more robust system like Disqus, Livefyre or even Automatic-owned Intense Debate, but it’s powerful, attractive and, for most sites, a big improvement over the default WordPress comment system.

2. Photon

This is one of the newer Jetpack offerings and one of the more important ones.

Caching and site acceleration are big issues for WordPress blogs. Though Jetpack doesn’t have a full caching system such as W3 Total Cache or WP Super Cache, it does have Photon, a service that will host and serve your images off the WordPress.com content delivery network.

The advantages of this are legion. Your images will load quicker, coming from WordPress.com’s global network of servers, it will reduce the bandwidth your spend on your server and, overall, your site will be faster. Best of all, it’s free and only takes a single click.

While it’s not a robust Content Delivery Network, such as Cloudflare or Distil, meaning that it won’t cache other static content such as your JavaScript, CSS or other files, it’s a good start and may be all that some sites, in particular image-heavy ones, need.

3. Notifications

If you run more than a couple of WordPress blogs, keeping track of all of them can be a chore, especially the comments. Notifications allows you to register all of your blogs with WordPress.com, through Jetpack, and get notifications of comments for all of your sites in your admin bar.

This means, even when you’re reading or working on Site A, you’ll get a notification of a comment on Site B in your admin bar and you can also quickly hit the drop down and see comments for all of your sites.

If you combine this with the new feature to get mobile notifications on your iOS device (iPhone, iPad, etc.) then you can always be aware of new comments when they are posted, without checking your email.

4. Publicize

While its controversial to automate your social media efforts, especially on Facebook where posting from connected apps can severely hurt the number of people who see your post, for many it’s a necessity and the Publicize feature makes it easy, directly connecting your WordPress installation with Twitter, Facebook, LinkedIn, Tumblr and more so that you can instantly promote anything you publish.

Best of all, you can make changes to your posts, adding @replies, hash tags and other information before sending them out.

All in all, it’s a simple but powerful tool for promoting your posts via social media.

5. WordPress.com Stats

This was one of the first features put into Jetpack and the plugin for this predates Jetpack by a good bit. However, there’s no doubt that the WordPress.com Stats feature remains one of Jetpack’s highlights.

While the stats aren’t as robust as Google Analytics or other statistics platforms, they are immediate, available in your WordPress admin area and can give you a critical overview as to what’s happening on your site today.

While you certainly don’t want it to be your only statistics package, but it’s the one that many WordPress users look at the most.

Bottom Line

Whether you agree or disagree with the approach Automattic is taking with WordPress development, the end result is that, if you want the latest and greatest WordPress features, you’re going to need to get Jetpack.

While many of the features in Jetpack aren’t particularly interesting or are aimed at a niche audience, such as the Beautiful Math feature and Gravator Hovercards, many of the features are very important and, most likely, major feature releases in the future will be done through Jetpack rather than the WordPress core.

So, while you will have to wait until at least December 5th for a new official version of WordPress, which even then will not have much in the way of new user-facing features, there’s plenty of new “official” features you can append to your WordPress right now with Jetpack.

Just be careful to disable the features you won’t be using. While it most likely won’t impact your site’s speed, as with any plugin, there are security risks and the less you have active, the better off you are.

However, of all of those tools, none is more important than your blogging platform as it’s the only one that can be useful for every single stage of the writing process. For more and more bloggers, that tool of choice is WordPress.

But while WordPress has earned its popularity by being a robust blogging platform that almost anyone can pick up and use, there are many features of the platform that many of its users either aren’t aware of or simply don’t take adequate advantage of.

While the total number of such features is too great too count, a few features stand out as being drastically underused. Here are five of those features and why they don’t get the love they deserve.

Post Slug

The post slug feature is one that doesn’t seem to get a great deal of love. Though it’s incredibly useful for SEO and was optimized in version 2.5 of WordPress to be easier to use, some thought it had been removed.

Basically, the post slug feature allows you to edit the URL for the post or page you are working on. WordPress automatically generates your slug based upon your title but if you want to make sure that it has the desired keywords for SEO, you can easily add them in or you can remove unnecessary words. Also, if you want to write your own, click on “Screen Options” and click the “Post Slug” box, which will give you a text box to write yours from scratch.

It’s a powerful tool, especially if you want a posts URL to be different than its title, but it’s a feature that many WordPress users are aware of or know how to use.

Featured Image

WordPress Featured Image tool, simply put, allows you to associate an image with a post.

What exactly this does depends on the theme though most default WordPress themes, including those on WordPress.com, use featured images in one way or another. Often it’s to change the header image of the site for that post/page though, other themes, especially magazine layouts, use it to choose what image is associated with the post on the front page.

But even on sites where the featured image isn’t built to use the featured image that way, it can still be used to select which image is displayed in the Facebook thumbnail.

In short, it can give you much greater control over how your image is displayed in social media and may be worth adding even if your theme doesn’t use it directly.

Scheduled Posting

Say that you’re going away for a week, finally taking that vacation you deserve, but what happens to your blog? Does it just idle for a week or do you log in every so often to post new things?

With schedules posts, you don’t have to do either.

Basically, every WordPress post lets you change the date and time of publication. You can easily set it into the past if you don’t want it to appear at the top or, more usefully, you can set it into the future so that it will appear online automatically.

This is much easier than the alternative of saving drafts and then posting them by hand later as its easy to forget to follow through when the time comes.

In short, this lets your WordPress site take care of itself while you’re gone and make it as if you never left at all.

Media Library

If you run a large blog and use images routinely in your posts, you probably upload the same image or the same type of image pretty regularly. Wouldn’t it be nice if you could simply find the old images you used rather than finding it on your computer and uploading a duplicate or a near-duplicate to your server?

With Media Library you can do just that.

When writing a post, click the “Add Media” button as you normally do and, rather than simply dropping in your files or hitting the “Select Files” button, click the “Media Library” button at the top and you’ll be presented with a searchable and date-filterable list of your previously uploaded images.

If you correctly set your image information as you went and/or set your file names well, you can easily find what you’re looking for and reuse your past work rather than starting over.

Custom (Static) Home Page

WordPress is best known as a blogging platform but, in truth, it’s actually a fairly robust CMS that can be used to manage a large variety of site types.

One of the most important features is the ability to set a custom or static front page for your site. Located in your reading settings, which in turn is under your settings menu, you can select a created page to be the home page of your site.

Though will have to designate a different page for your posts, usually a blank page called “Blog” or something to the like, this feature makes WordPress useful out of the box for managing non-blog websites.

Bottom Line

All in all, WordPress is an extremely powerful and robust blogging platform/CMS. But even though it’s well-known for being easy to pick up, install and use, much of the power is buried underneath the surface.

If all you use WordPress for is setting up a site and posting new content to it, you’re likely missing out on a great deal of it’s best features.

However, these are just a sampling of some of WordPress’ most underused features. There are many others out there and probably several that apply to your use of WordPress.

So take some time to explore your WordPress administration area and read through the Codex. You’ll likely find plenty of other things that you didn’t know WordPress can do that can help you in your day-to-day blogging.

There are some measures you can actually take to make your WordPress blogs more SEO friendly and as a result will be able to compete with the top guns in your niche. So here is the ultimate list of 5 killer tips that will help you make your blog a perfect paradise for search engines:

SEO Optimized URL Structure

Although WordPress is considered as a SEO friendly CMS, but still there are some extra steps you can take to get an edge over other bloggers in your industry. By default, WordPress URL structure does not seem to be SEO friendly. Default URL structure in WordPress at post level will look like http://www.bloggingpro.com/?p=140 type. This URL structure is not SEO friendly by any mean. It’s not only bad URL structure as far as ideal SEO practices for your blog are concerned, but it’s also not doing any good for your blog readers as these kind of URL’s structure will not make any sense to them. You cannot make decisions about the kind of content that will be delivered to you before opening them. To make your URL structure search engine friendly, you need to fix it from Permalinks section under Settings in your WordPress blog.  Permalink URL for a page or post should contain targeted keywords for that page.

SEO Friendly Titles and Meta Descriptions

Next thing you need to do is create SEO friendly Titles and meta descriptions for all targeted pages and posts on your blog including its home page. You need to make sure title and meta descriptions for each page should be unique and should restrict them to 65 and 160 characters respectively including spaces. Although meta keyword tag does not look effective on Google these days but still there are some search engines that are still giving weightage to meta keyword tag. So it you can add meta keywords as well with different kind of contents on your blog with the aim to drive some traffic from other search engines. Since you are blogging on WordPress, you can use All In One SEO Pack type of plugin to manage your blog contents title and meta data in a better way.

Optimizing Your Blog Post

Now let’s talk a bit about optimizing your blog posts. You are supposed to have SEO friendly titles, URL’s, Meta keywords and meta descriptions mentioned for your blog posts. Apart from this, you should aim at using your targeted keywords on few occasions in your blog posts naturally. You could think of adding your targeted keywords once in first and last paragraph of your blog post. It is advised to add an image at least with your blog posts mentioning targeted keyword in its name and its alternative text. You should use headings, sub-headings, bolds, italics and strong etc. to show headlines and important words and points in your blog posts. Managing all of these Onpage SEO activities manually can be a bit difficult for you especially if you are new to blogging things. You could use Easy WP SEO Plugin which is a premium plugin for WordPress blogs. This plugin will help you in taking care of all On-page SEO aspects for your blog posts and pages etc. You can know more in detail about Easy WP SEO plugin, its features and the kind of customization you can do after installing this premium plugin on your WordPress blog here.

Create XML Sitemaps and submit them to Search Engines

We need XML sitemaps for faster indexing of our blog contents in search engines. XML Sitemaps are must for fresh new websites and blogs especially as we are able to inform search engines about the existence of new pages on our blog through XML sitemaps. If you have a very popular blog, you would not much problem related to indexing and all as in that case Google bots used to visit your blog quite frequently. They will instantly index those pages from your blog that are not available in their databases. But in case of fresh new blogs, Google bots don’t visit them quite frequently. We need to request them about indexing of new contents on our blog through XML sitemap files. For standard websites, we can use xml-sitemaps.com kind of websites for creating XML sitemaps for free. But in that case we need to download it to our computer and then upload to our website server using a FTP client. But for WordPress blogs, there are much easier solutions available.  You can use Google XML Sitemaps type of plugins to get your XML sitemaps generated and uploaded on your blog server automatically.

Speed Up Your WordPress Blog

Page Speed was one of several factors that Google included in its search algorithm recently. And since then a race has started between the website owners and bloggers to optimize their websites and blogs speed to great extent. But since you are blogging on WordPress, there are lots of plugins you can actually use to improve the performance of your WordPress blogs. You can use the WP Smush.it plugin to reduce the size of images that are published on your blog. WP Super Cache is a must have plugin for page caching. You can use the Plugin Performance Profiler (P3) to keep track of load time for all of plugins that are installed into your WordPress plugin directory. You should use this plugin to delete those plugins that take too much time in loading or look at better alternatives for such plugins. You should also deactivate those plugins that you are no more using on your blog.

Apart from these Onpage SEO activities, you need to look at different ways to build some quality backlinks for your blog. Guest blogging and blog commenting kind of activities can help in generating some quick and trusted backlinks for your blog. You should look at building a strong presence for your blog on popular social media websites and start sharing some of interesting stories from your blog on popular social bookmarking websites.

With this, it’s come to the end of this special guest post sharing SEO Tips for WordPress blog owners. I hope you will have more SEO Optimized WordPress blog after implementing the techniques shared above. Do you have any other killer idea that can help us in making our blog SEO friendly, please share in the comments section?

Author Bio

Anil Agarwal is the man behind BloggersPassion blog, where be blogs on variety of topics related to blogging tips, seo tips, web hosting comparisons, social media networks and affiliate marketing.

A tag management system helps a company turn the managing of tags over to the marketing team. These systems allow for a managing interface which allows a marketing team to easily keep their obligations fulfilled. As the market grows, there are a number of different organizations offering varying styles of tagging systems. This growing market is allowing companies to choose the right systems for their organization, whether they are large scale or better for the small business approach.

There are some great features that marketing teams and companies want to take into account during the time when they are deciding on a type of tagging system to take on. They will want to review the customization, structure, architecture and the site hosting.

Looking at different forms of architecture within tag management systems, it’s important to analyze the build up and exactly how tags are loaded. A client side model means that the performance is sped up by using caches with the tag management server. On a server side model, every new page view will bring on a new server request, with much more dependency on the actual server. Both models have their own level of benefits, but for the most part, organizations tend to go with the performance that comes with a client side model.

When it comes to the structure of a TMS, it’s important to review types of tags that are going to be used; including web analytics, basic tags and complex tags. It’s also important for a company to look at the amount of possible customization with each TMS option. Because the method of using TMS is still relatively new, developers are continuing to come up with great new ideas and applications. Discussing the customization opportunities with each vendor will allow an organization to realize the possibilities of growth with each option on the table.

Finally, it’s important to review the site’s hosting within each TMS. There is likely to be a decision between on premise hosting and on demand hosting. On premise hosting is common with high volume sites and allows the process to be mostly internally run. An on demand hosting environment is overseen by the provider of the services, taking away the possibility

Even though these are just a few of the indicators to look for during the TMS process, taking them into account can be crucial. All four of these indicators may hold different values to different companies and what they’re looking for. At the end of the day, tag management system options continue to grow along with development.  In the end, it’s crucial that each organization look for what properly matches the needs and environment of the company and site.

After applying Justin’s tip, your editor will look like this:

WordPress 3.2 editor with different font

While everyone has their own preference as to how one should setup a live blog, here are a few tips (as well as a couple of tools) for those of you seeking a way to update your readers in real time without using external tools (like Twitter and Cover It Live).

Do It Live Upon Another Blog?

In order to avoid confusing your readers, it’s always wise to use a separate blog underneath a sub domain or upon a new domain.

This avoids flooding your current readers (subscribed via email, SMS or RSS) with short snippets which can potentially overwhelm them.

Using a separate blog can also help you break free from the art of writing formal posts, as the purpose of live blogging is to provide informal updates as quickly as possible.

Note: As a bonus, if your live blog becomes “too popular” and ends up crashing it will not take out your main site (the latter which you can use to post live updates following the tip below).

Do It Live Within A Post

For those of you loathing to establish a second blog (whether under a subdomain or a new domain), you can also live blog under your current post.

WordPress fans can use a plugin called Live Blogging which can turn a single post into a live blog, with the ability to push out updates towards Twitter (which you can easily setup within the plugin).

Bloggers choosing this route should make sure their post is prominently featured upon the home page (so your readers can see it) as well as provide an explanation near the top of the post to enlighten new readers on your blog.

Note: If you are live blogging upon a single post, make sure your site is able to sustain traffic spikes as well as higher percentage of commenters (the latter which can sink your blog).

Automatic Updates Are Key

Make sure the blog you are using can automatically display updates to your readers without auto refreshing the browser (which is annoying).

You should also make sure comments are automatically updated as well, something third party commenting systems like Disqus can easily provide.

One of the best ways to do this is by choosing a theme similar to P2 which can make it easier for your readers to see the latest update, as well as view new comments from readers in real time.

Why Not Use Cover It Live Or Twitter?

Although tools like Cover It Live and Twitter are also excellent tools to use for live blogging, the only problem with these platforms is they either lack permalinks or you lack control of the platform (especially if it goes down).

Have you ever launched a live blog? If so, what other advice would you give to bloggers seeking to launch their first live blog?

Visit the tutorial here.

At Splashpress Media we also made sure to pay extra attention to the attachment page in our redesigns and all our newly designed pages also include an ‘Attachment gallery’ as can be seen in this ForeverGeek post. Click any image in that post or just visit an attachment page:

Justin’s entry explains how to include links to every image size in your designs.

Read Justin’s tutorial here

Luckily not much is needed to make both editors compliant with the WordPress coding standards and in an entry over at Magp.ie Eoin Gallagher, Polldaddy developer, explains how to configure Coda – and TextWrangler – to meet the WordPress coding standards.

Discover how here.

Unfortunately its immense popularity makes the software a prime target for hackers, similar to how Facebook and Twitter are prime targets since “everyone” is using them.

While there are more advanced measures that users should take when securing your WordPress site, here are the 3 most common habits I see practiced by some WordPress users that may set ones blog up to be hacked.

WordPress Updates Are For Losers

If I had a dollar for every excuse I heard for NOT upgrading one’s WordPress blog to the latest update, I’d probably have enough money to retire from blogging (not that I’d ever consider doing that).

Most of the excuses I hear for not updating resolve around concerns that it will break ones theme, various plugins, or (the worst scenario) they don’t see the value in a 3.0.x update (despite the fact that some of them are critical).

Truth be told the vast majority of WordPress sites that I have seen hacked are because the owner declined to keep their blog updated to the latest version.

If clicking upon the “easy update” button is too difficult, then users should consider asking their host to ensure that their blog is always updated to the latest version.

Note: For those paranoid about a WP update breaking your blog’s theme or a specific plugin, you should consider creating a test site in order to resolve any issues before an update goes live.

Keep Passwords Simple

Just as it would be silly to have an easy password for one’s online bank account, so it is foolish to use simple passwords for your WordPress site.

WordPress users should always utilize complex passwords for their account, utilizing numbers, letters and symbols in order to make guessing the correct password nearly impossible for a hacker.

As an extra precaution, WordPress lovers should also consider installing a plugin called Login Lockdown which will block the IP of anyone trying to access your site after numerous failed attempts.

Note: There is also another plugin called Better WP Security that is similar to Login Lockdown and looks promising, although it’s currently in beta testing right now.

It Doesn’t Matter Who You Host With

When it comes to hosting ones blog, many WordPress users choose the cheapest host around without taking a hard look at the company’s security record.

Unfortunately keeping your blog updated and creating complex passwords is not enough nowadays, as hackers may still be able to access your blog due to your neighbor not remaining vigilant (i.e. not keeping their site secure).

WordPress bloggers should only host with companies taking the security of their server as well as your site seriously (the latter which is sadly neglected by many general hosts).

Users seeking more secure options should also check out WordPress specialized hosting, who from past experience are usually more vigilant when it comes to ensuring that your site avoids being hacked.

Any Other Tips?

If someone new to WordPress came up to you asking how they could secure their site, what tips would you recommend?

Feel free to share your wisdom in the comment section below!

While WP.com and Blog.com are great ways to experience WordPress without putting a hole in your wallet, they are also very restrictive on what features (think plugins) you can install upon your site.

For those of you seeking a more flexible solution to WordPress blogging, they may want to check out Blogetery who provides users with the conviences of WP.com without sacrificing too many freedoms.

Plugins Galore

Although Blogetery does restrict which plugins users can install, the company offers a much larger inventory than either Blog.com or WP.com combined.

Users can install plugins to enhance their sidebar or insert social buttons upon their posts. As a bonus users can also activate Twitter Tools which will allow them to backup their tweets upon their blog in order to have a hard copy in the even that Twitter is subdued by the fail whale.

A few plugins (like the advanced Facebook like button) do require a premium upgrade, although Blogetery’s prices are competitive (as shown below).

The Price Is Right?

Instead of charging users various fees based upon features like space upgrades, removing ads (or inserting your own) and the ability to create custom themes via CSS, Blogetery only charges users a basic rate in order to unlock all of these features.

Users can pay an annual rate of $42/year or $5/month, making the site affordable for the aspiring blogging pro who wants to test out WordPress without breaking the bank.

As an added bonus, Blogetery allows users to setup a custom domain upon their site for free, which means users can setup a professional looking blog without having to become a professional when it comes to hosting lingo.

CDN And Backups FTW

For those of you worried about your blog disappearing again (note: it’s a long story), Blogetery has taken steps to ensure that every blog is backed up upon Amazon’s servers in real time, giving users a VaultPress like backup experience without paying an extra dime.

On top of the free backup, Blogetery also provides users with a free Content Delivery Network (aka CDN) courtesy of Amazon, helping to speed up your blog’s loading time, enabling you to focus more on content than blog optimization.

No Room For Big Blogs (Plus: AdSense Only?)

Despite offering the same features as their rivals without charging enormous fees, Blogetery does have one major disadvantage and that has to deal with space.

Unlike WP.com and Blog.com who offer users 3 GB and 2 GB of free space, respectively, Blogetery only offers users a paltry 250 mb of space for free.

Although users can upgrade to a pro account in order to receive an additional 5 GB of space, there doesn’t seem to be any way to expand beyond the 5 GB limit which may deter heavy media bloggers (i.e. those who use video, audio and lots of images) from signing up.

Blogetery also only allows users to use AdSense for advertising, which is great for most people although if you want to utilize other advertising networks you could be out of luck.

CAPTCHA Logins?!!

Although Blogetery wisely allows users to install Akismet upon their blogs (something Blog.com does not allow), for some strange reason users logging in from their computers have type in CAPTCHA’s in order to access your admin page.

While Blogetery’s use of CAPTCHA’s is understandable (as they do not want any spammers on their servers), the companies good intentions are in vain due to the fact that spammers are hiring people in third world companies to bypass automated defense systems.

Hopefully the company will consider switching to Login Lockdown (or another less obstructive measure) instead, as it’s not only a wiser solution but it would allow those who are visually disabled to log in as well.

Should You Blog On Blogetery?

While I would easily recommend Blogetery over Blog.com (mainly because they provide anti-spam defenses via Akismet), those of you with blogs over 5 GB should probably consider WP.com or self hosting.

Have you tried using Blogetery? If so, what are your thoughts using the service?

While each category has its own advantages and disadvantages, users should careful to choose the host that best fits their needs (whether those be financial, security, freedom, etc.) before launching your blog to the world.

Although everyone has their own bias (including yours truly!) over which option is the best, here is a “brief” guide to help those of you new to the world of WordPress, as well as for the many considering adopting it as your preferred platform.

Urban Cities (Generic Hosting)

Often known for their generous offers of unlimited hosting, generic hosts can be an excellent way to test out WordPress without sacrificing a large sum of money.

Aside from price one major advantage of generic hosts is their size, as the hosting company’s embrace of other software platforms (like Joomla, Drupal, various forums, etc.) helps ensure that the company won’t disappear overnight due to lack of paying clients.

While generic hosts tend to have a longer record of existence when compared against the latter 3 types, they also tend to care more about keeping their server up than your blog’s performance.

Security can also be a major issue as hackers may upload corrupted software to the server in order to hijack their neighbors blog (which unfortunately could be you).

While many generic hosts have beefed up their security recently, users desiring more support may want to consider the latter alternatives.

Gated Communities (WordPress SaaS)

Although technically still considered “generic hosting,” WordPress SaaS (Software as a Service) companies use the resources of a generic host and then customize the servers in order to help make them WordPress friendly.

Companies like BlogOnCloud9 and Page.ly fall under this category as they depend upon resources of RackSpace and Fire Host, respectively, instead of running the entire hosting experience themselves.

While they tend to be much more expensive than generic hosts, the advantage of using WordPress SaaS is that you benefit from the stability of a large host coupled with the specialized service that every WordPress user needs.

The only disadvantage of using a WordPress SaaS is that your blog is potentially vulnerable to the same security problems of a generic host (note: so make sure you research the hosting company behind them!).

However if your blog is down via a hack or nefarious plugin, the WordPress Saas should be able to help you restore your blog very quickly.

WordPress Suburbia (WordPress Only Hosts)

Unlike generic hosts or WordPress SaaS companies, WordPress only hosting companies only allow WordPress sites to run upon their servers.

Companies like HostCo and PressHarbor are excellent examples of WordPress only hosting companies, with many more popping up later this year.

These companies tend to be much more expensive than either generic hosting or WordPress SaaS, although blogs hosted upon their servers tend to run much faster than their rivals (at least from my tests) making them perfect homes for high trafficked sites.

While security upon WP only companies is top notch, most WP only companies do not boast a long record in the hosting industry, potentially making them riskier bets than a decade old generic host.

Thus far many of these companies seem to be either profitable or backed by venture capital (so they shouldn’t disappear overnight), although you should consider researching their profitability before launching a blog upon their servers.

WordPress “Free Hosters”

Unlike the previous three types of WP hosts, WordPress “free hosters” allow users to host their blogs for free, but only if one is willing to surrender a large amount of control regarding their site.

WordPress free hosters are great for users who would rather not be bothered with upgrades, maintenance, backups, etc. and who just want to focus on creating content.

The best examples of a WordPress “free hosters,”  are Blog.com and WordPress.com (the latter which is run by Automattic) which like a land lord handle all the technical details behind the scenes as long as users are willing to abide by their rules.

Although WP free hosters offer users the ability to customize their sites appearance and even use a custom domain, most charge users a small fee for the privilege of customizing a theme (via CSS) or using in house media tools for video and audio.

Despite being much more restrictive on what features are allowed to be used by their users, WordPress free hosters are much more secure than the previous 3 types mentioned earlier, due to their strict control over what runs upon your site.

Which WordPress Host Do You Prefer?

Although I would personally recommend a WordPress SaaS or WordPress only host for your blog, it is always wise to do your own research before picking a host.

For those of you who blog upon WordPress, which hosting type did you select for your blogs and why?

Image Credits: Tokyo via Wikimedia foundation, Parihav, Suburb by David Shankbone and Apartment building by Deepak.

Granted some of these services didn’t exist in 2009 (as you’ll see below), however many of their alternatives did.

Although there were numerous other things I learned about WordPress ranging from security to various SEO tips, here are the top 3 things that stood out this year to me in 2010.

Offsite Backups Are Very Important

It wasn’t until the US government took down 73,000 blogs without notifying the company that I realized the importance of offsite backup systems.

While my previous host provided backups for the blog (via Mozy), it was not exactly catered towards the WordPress platform.

Fortunately I was able to sign up for a ticket for VaultPress (by Automattic, the company behind WP.com) which was able to backup 4 of my blogs without me having to delve into the world of WordPress backups and instead focus my attention elsewhere.

Regardless of whether one thinks highly of VaultPress’s service or prefers a less expensive alternative, backing up your blog is something I wished I utilized at the beginning of the year, especially when my previous host started experiencing “problems” (as explained below).

Hosting Matters

If you told me in January that I needed to ditch my current host I would have laughed at you since (at the time) the only things I cared about when it came to hosting was bandwidth/data transfer, how much space I had on the server and last (but not least), how much money I had to pay for it.

As some of you may have guessed, I ended up picking unlimited hosting with a reputable company whose service was okay until my blogs were placed in “throttling purgatory” for using too many system resources upon the server.

This led to a search for a better host, and after reviewing companies like HostCo, BlogOnCloud9, PressHarbor and Page.ly (the latter which I ended up using) I quickly realized that most general hosting companies are more concerned with keeping their servers online than how well your blog is doing.

While switching away from them was seamless thanks to VaultPress, it’s something that I wish I would have done in the beginning of the year.

Spammers Hate Advanced Commenting Systems

Believe it or not I almost decided to shut down my commenting system across all of my blogs due to the influx of human spam that was slipping past Akismet’s defenses.

It wasn’t until I installed IntenseDebate (a commenting service by Automattic) that I discovered the best defense against a community of spammers is a community of readers.

Services like IntenseDebate and Disqus allowed readers to flag spammy comments, allowing the community to hide or even send those comments to the moderation section for review.

This made fighting spam comments a lot easier, and while there have been some false positives, thanks to IntenseDebate I can spend more time on creating content rather than moderating comments.

Note: The only side effect of advanced commenting systems is that I’ve noticed that many human spammers are now reading the posts and responding with semi-intelligent comments.

What Did You Learn?

While there are numerous other things I learned in 2010 about WordPress, these 3 items top the list as far as 2010 goes.

What about you? What did you learn about WordPress this year that you didn’t know the previous one? Feel free to share your thoughts in the comment section below!

However one item often neglected by new bloggers is pages (or rather the creation of them).

Unlike blog posts which are frequently updated and more “newsy,” pages are for the most part edited infrequently and usually receive far more attention from readers than the authors themselves.

While bloggers are only limited by their imagination as far as what types of pages they should create as well as how many, here are 3 page types every blogger should consider have regardless how long one has been blogging.

Note: While these tips can be applied to blog platforms of all types, the second one is geared more towards WordPress users as you will read in the explanation below.

The About Page

Believe it or not the about page is one of the most visited items upon a blog regardless of how large or small the blog is.

Whether this is due towards human curiosity of the authors or SEO is a subject of much debate (as some search engines prominently link to the about page as well as to the main site).

Regardless of the reason creating an about page can help provide a basic summary of what your blog is about in a similar way a book summary explains a novel.

An About Page is also a great way to introduce your readers to information about you without having to resort to creating a specific blog post describing your hobbies (for personal blogs) or accomplishments (for more professional sites).

While content length and media (i.e. audio, video and images) will vary depending upon the blog niche, type, etc., you should always try to make it interesting for your readers as they may judge your entire site based upon that one page.

A Contact Page?

While simply linking to an email address or tweet account on your blog is okay, it would be wiser for bloggers to create a contact page instead.

Despite the fact that it throws up an extra step for your readers, a contact page can help reduce the amount of noise you receive in your inbox as it can hide your email address from not only spammers, but trolls as well.

A contact page can also be used to instruct your readers on what types of email, tweets and voicemails you will respond to, as well as when they should expect a response from you (if it’s more than 24 hours).

Since contact forms are unfortunately being used by human spammers as well, WordPress users should utilize a contact form that filters out these messages lest you find your inbox flooded with various “growth” products and SEO scams.

WordPress.com users can utilize a new contact form by Automattic (which is also available as a plugin for self hosted fans) while those who run WordPress on their own servers can use Contact Form 7 to help separate legitimate inquiries from spam.

Securing Your Assets (Legal Page)

This last one is something many bloggers have not utilized on their sites (this author included unfortunately), although in an era where people are quick to sue, a legal page should be something ever blogger should consider as a mean of protecting your assets.

A legal page should contain a disclaimer which should highlight that your opinions are that of your own and not of any employer, organization or religious/philosophy group lest your viewpoints be used against you legally offline.

You can also use a legal page to inform readers their rights when it comes to commenting upon your blog, as well as how people can use the content produced on your site upon their blog.

While you do not have to hire a lawyer to create a legal page, it can help save you hassle later on just in case someone attempts to connect your opinion to your day job.

Note: Many bloggers have brief disclaimers posted on their blog (most often near the footer). However it is recommend that you should create a page as well.

Any Other Pages?

Although blog pages can be created for just about anything imaginable, these 3 should be able to serve the basic needs of a blogger, regardless of whether they blog about technology, politics or what’s happening in their life.

Have you created pages for your blog? If so, what other pages would you recommend bloggers create for their sites?

Image Credits: My Nice Profile, Warner Bros.

Rather I am referring to using Blogger to host a replica of your site online (technically referred to as a mirror site by professional geeks) just in case your blog site goes under due to heavy traffic, hackers or (worse) a renegade plugin that is not up to date.

While the idea of using Blogger as an online backup may not suite everyone (as you will see from the reasons below), certain bloggers sporting WordPress users may need to consider creating a subdomain (or even leaving the “.blogspot” on) if your site falls underneath these criteria.

Unlimited Hosting?

If you purchased unlimited hosting for dozens of blogs for under $100 USD/year, you will probably need to consider using Blogger as a mirror site as (more often than not) your host may not be concerned if your blog starts generating “internal 500″ errors due to you using too many resources.

While your host may not cut off your blog completely from the web, they probably will not make the experience pleasurable for your readers either.

Since Blogger is already free to customize and monetize, users can simply design a mirror site and temporarily redirect users towards their blogspot clone until they can switch to a decent host or their site is viewable (minus the errors).

Traffic Czars

Some hosting companies have what is commonly referred to as “hard bandwidth limits” which means that if your blog receives a large number of users over a certain period they will temporarily shut off your blog until you upgrade to a more expensive plan.

This can be very inconvenient, especially if your blog depends upon advertisements in order to provide food on the table (not to mention buy gifts for your significant other).

Instead of wasting minutes frantically dialing your hosting company, you could instead temporarily redirect readers towards your backup site (say backup.example.com) which would allow you to cash in on the traffic while you haggle with your hosting provider.

When All Else Fails

Sometimes even the best hosting companies go down unexceptionably, for reasons beyond their own control (i.e. massive power failures or natural disasters).

Regardless of their size, hosting companies do rarely suffer outages although to their credit they usually do provide an explanation (usually on Twitter) as to why your site is down.

Instead of pulling your blog from the latest backup (and paying for a new host) or telling users to simply use a Google Cache to view your site, you could temporarily redirect them to your blogspot blog until your host is able to resurrect your site from the digital abyss.

Why Blogger Instead of _______?

While sites like Tumblr, Posterous, and OnSugar are excellent alternatives, Blogger is backed by the mighty Google which means that (financially speaking) the platform is more or less “recession proof,” reducing the chances that your mirror site will randomly disappear due to lack of funds.

Blogger is also free to use, which should help reduce your overall bill (especially if you are paying for premium WordPress hosting).

WordPress lovers can utilize a plugin called Network Publisher in order to automatically push your posts upon your backup (or mirrored) blogspot blog.

Do you use Blogger as a backup/mirror tool for your blog? Or do you use another service instead? (note: if you have another idea/suggestion, feel free to enlighten us in the comment section below).

Once you have added the code to your functions.php you can easily implement the number of Twitter followers anywhere in your theme or design.

Read the tutorial, completely with copiable code, at WPShout.

While I won’t dispute your blog or convince you to embrace Tumblr as your primary platform, refusing to create a complimentary Tumblr blog could cost you in the future (literally).

Despite the fact that WordPress will be embracing many Tumblr like features in the future, here are 3 reasons why you should seriously consider opening a Tumblr blog to compliment your WordPress wonder.

Location, Location, Location!

Whether you like it or not, many users are abandoning email as well as RSS feeds as their primary way for consuming information.

This trend is not limited to the geek realm, but also to the upcoming generation as well who are choosing sites like Twitter, Facebook and SMS as a way to subscribe to the information that they care about.

Tumblr ironically is no exception as many users are using the service as a way to not only consume news, but share their findings with friends through the art of reblogging (which is similar to Twitter’s retweet).

Just as it would be silly for a blogger to ignore Twitter and Facebook, it would be equally as foolish to ignore Tumblr (which is quickly gaining popularity among the masses).

A Deeper Connection

Unlike Twitter or Facebook, Tumblr doesn’t limit the amount of text one can type, send, etc., which means you could have a lengthier amount published to Tumblr so that your readers can receive a broader understanding on what you’re writing about.

While this fact may not appeal to every blogger, it could give your site another avenue to reach new users as well as help build brand loyalty among the youth (who have embraced Tumblr whole heartedly).

Tumblr would also make it easier to converse with readers whether in the comment section (via Disqus or Tumblr’s native system) or through a reblog.

Tumblr could also serve as a way to post shorter content that may not be worth a blog post but still be of interest to your readers.

Show Me The Money

Believe it or not Tumblr is one of the few social networks (albeit a “bloggy” one) that allows you to put your own ads and affiliate links upon the site for free.

Let me repeat that again: you can place your own ads upon your site without paying Tumblr any money, a feature lacking with both Facebook and Twitter.

Instead of sharing your content elsewhere and enriching Twitter and Facebook’s bank accounts, you could instead generate revenue off of the Tumblr traffic while at the same time boosting your blog’s SEO.

How Do I Share My Posts To Tumblr?

For those of you who self host, there are a couple WordPress plugins available that will allow you to auto post your WordPress articles upon Tumblr.

The first is Tumblrize which is a simple plugin that ports your posts to your Tumblr site. For those of you desiring an “all in one” solution there is Network Publisher which not only embraces Tumblr, but Facebook and Twitter as well.

While there are numerous WP plugins available, these are the two that I highly recommend WordPress fans using as the plugins are compatible with the latest version of WordPress.

Should I Use Tumblr?

While embracing Tumblr may not suit everyone (especially if one is running a blog about WordPress), bloggers in other niches (such as fashion, politics, food, etc.) should seriously take a hard look at using Tumblr as a serious option.

Does your WordPress blog have a Tumblr account? If so, how are you using it to help promote your blog?

A must read for anyone who want to develop themes for WordPress: Read Justin’s entry here.

Unfortunately it seems that in their excitement to configure a blog to their liking, many users forget that many of the changes they are making behind the scenes are appearing live upon the site, which can confuse many of their readers (especially if your blog breaks).

While one should always seek out for new ways to improve the appearance and functionality of your blog, users might want to consider establishing a sand box (aka beta site) where they can test out new features “live” without damaging the appearance or functionality of their site.

Avoiding Theme Headaches

Regardless of whether you purchase a theme or download one for free, you should always remember that launching a theme upon your blog will always be slightly different than the theme creators demo (or where ever you acquired it from).

Everything from post images (i.e. thumbnails, logos, etc.) to plugins to even specific browsers (like Firefox, Google Chrome and the dreaded IE6) can drastically alter your blog’s appearance and performance.

Instead of making live changes and spending the next few hours, days or weeks fixing various bugs and compatibility issues (at least with plugins and browsers), it would be wiser to demo your theme upon a beta site instead.

This not only will help you determine whether a specific theme is worth the hassle of customizing, but also reduce the amount of troubleshooting you will have to do later.

Not All Plugins Are Created Equal

Just because a plugin is listed in the WordPress directory doesn’t mean that it is safe for your blog to use.

Although the a large portion of WordPress plugins are frequently updated by their creators, many of them contain bugs that prevent them from working properly with your theme, with other plugins.

Speaking from experience I have personally encountered plugins that worked fine with one theme, only to cause my blog to implode when implementing it with different theme on the same blog (forcing me to delete the plugin folder via server side).

Troubleshooting a plugin on a beta site can help you avoid embarrassing yourself in front of your audiences, as well as give you time to find an alternative solution just in case installing your favorite plugin turns out to be a catastrophic mistake.

Prove Thy Hosting

Regardless of whether you choose WordPress specialized hosting or a company providing general hosting, you should always test the companies claims with a beta blog before migrating upon their servers.

Believe it or not most hosting companies are not created equal (especially those selling unlimited hosting and bandwidth for under $5/month).

Testing them with a beta blog first will give you a taste on how a host operates without having to hand over your data which could be used against you as “collateral” (especially if you have a personal blog with private entries that you would prefer to remain private).

Since most decent host companies provide a money back guarantee (within at least 15 days), you can test out their service with a beta site without risking your data and wasting precious time.

Any Other Reasons For A Beta Site?

Do you have a beta or demo site that you use to test out themes, plugins or hosting providers?

If so, what other reasons would you give WordPress users to start their own beta site, and would you advise using a subdomain or a secondary domain?

Feel free to enlighten us in the comment section below!

If you blog long enough, it is bound to happen to you, even if you aren’t aware. Someone will take your content and republish it on their site, sometimes with a link, sometimes without, sometimes the full work, sometimes just a snippet. There are a million ways your content can appear on other sites, some ways legitimately and other ways less so, but they are all interesting lessons in how your readers interact with your work and, in some cases, problems you have to address.

Because, while most content reuse is fairly harmless. Some uses, especially by plagiarists and spammers, can have a negative impact on your site. This makes it important to know both how to track your content, what your rights are regarding your work, when is a good idea to step in and, most importantly, what you can do if you find that you need to.

Unfortunately, the issues are far more complex than what we can discuss in a single column, but we can definitely give a good overview of the situation and what you can expect.

The Pitfall

The pitfall here is fairly simple, people are going to want to use your content on their sites. Some will have noble intentions, such as quoting your content in a response or linking to it to let their readers know about it. Others, however, will have less-than-pure motives, including spamming the search engines in an attempt to gain a higher ranking and to plagiarize your work to take credit for it.

Most of the time even the most nefarious use is fairly harmless and goes unnoticed. However, there are times that a site will either be successful in using another’s content to game the search engines or manage to convince a large number of people that they are the author of a work.

Smaller sites and newer sites are especially vulnerable to these issues. Since they don’t have the trust with Google or a large reader base, it is trivial for other sites to swoop in and replace the original. Spammers, who often have large link farm networks, can often times take the content from new sites and outrank them for unique terms and can be very difficult to unseat later.

This can be a major drag on the growth of a new site, especially one that is in a spam-friendly niche. However, too few bloggers are aware of these problems when they arise and when they are aware aren’t certain what they can or should do.

Fortunately, most of these cases can be easily prevented or resolved, if a blogger is willing to give some thought to how they want their content to be used and are willing to enforce their rules.

How to Avoid It

On my main site, Plagiarism Today, I talk at great length about content misuse issues and what bloggers/webmasters can do to prevent, reduce or stop it. However, much of the process comes down to seven steps that can to be repeated for every site:

1. License Your Work: Determine what conditions you want your work to be used under and mark it accordingly. If you are comfortable with some level of reuse, consider getting a Creative Commons license to clearly explain your terms. If you are not comfortable with any reuse, be sure to add a copyright footer that includes the year, the © symbol and “All Rights Reserved”. Though the latter is not needed under the law, it helps prevent confusion.
2. Track Your Content: For your blog’s main content, use FairShare to monitor where it is being used on the Web. For content that is outside of your RSS feed, consider using Google Alerts with several key phrases from your work. Both will notify you automatically when duplicates of your content appear online and both are free services.
3. Contact the Site Admins: If you find that your work is being misused, contact the site admin and ask that they stop. This is known as a “cease and desist” demand and can take a variety of forms and tones. These requests can be threatening and professional or friendly and polite, the choice is yours based on your approach and the case itself. Sometimes you are forced to skip this step, as with spam sites.
4. Notify the Host: If the site is within the U.S. or another nation with a notice and takedown system, contact the host of the site to have it removed. You can find who the host of a site is using WhoIsHostingThis or Domain Tools. When sending a notice to a U.S.-based host, you’ll need a to file a DMCA takedown notice.
5. Notify the Advertisers: If the site has advertisers, consider notifying them about the infringement if you believe it to be intentional. Most major ad networks will discontinue accounts of those who infringe copyright.
6. Notify the Search Engines: If contacting the host doesn’t get results or is not practical, consider filing a DMCA takedown notice with Google and the other search engines to have the content removed from there. At the very least, you will not be competing with your own work.
7. Consider a Lawsuit: Though in most cases of online content misuse, a lawsuit is neither a practical nor an adviseable step, if all else fails, it may be worth considering if the case you are dealing with may be the exception to the rule.

If you take these steps, you’ll likely find that the amount of content misuse you’re dealing with is kept to a minimum and you are able to handle any incidents that do arise. Though it is by no means a perfect system, it is one that is easy for bloggers to follow and doesn’t require any money to complete.

In short, it is meant to be a simple, effective and free way to protect, monitor and enforce your content on the Web.

Bottom Line

All in all, protecting your content from misuse is fairly straightforward and shouldn’t take a great deal of time and energy. If you’re doing everything correctly and focusing on the important cases, it won’t be a distraction from your regular blogging efforts.

However, this means being smart about how you enforce your work and realizing that, as a blogger, not all reuse of your content is bad, especially those that create an inbound link. If you license your work to encourage good use, you’ll likely find that very few people actually abuse your content and those who do can usually be stopped quickly.

This will let you protect your work while encouraging its spread and still not spending too much time thinking or worrying about these issues.

After all, if you spend all of your time thinking about copyright issues, you’re not blogging or growing your site and that could be the biggest disaster of all.

Imagine sitting down to your computer one morning and opening up your blog. However, instead of finding your homepage your admin panel staring back at you, you instead see a bright red warning screen telling you that malware has been detected on the site and you are advised not to enter.

The realization quickly sinks in that, if you are seeing that error, so is everyone else trying to visit your site. You begin to hurry and try to figure out what happened but quickly realize that your site has been compromised and, if you’re even able to log in, you have a very big mess to clean up. Worst of all, when you’re done, you have to apply for reconsideration with Google and other security companies and then wait 12 hours or more for the warning to clear off.

It’s a painful process and, in the best of circumstances it can ruin an entire day and, in the worst, it can destroy an otherwise healthy site.

Still, it is an all-too-common occurrence on the Web. Bloggers learn too late that their sites are vulnerable and are left to clean up the mess an attacker leaves behind. That mess could be as simple as adding malware to the site, inserting spam links into the theme or defacing the site but in some extreme cases, it can go as far as to delete everything the blogger has done.

To help keep you, your visitors and your site safe(r) from hackers, you need to make sure your server is secure. Fortunately, it isn’t very complicated but failure to spend the time and energy today can be very costly tomorrow.

The Pitfall

Sadly, security is one of those things that few bloggers seriously think about until after something goes wrong. However, at that point, it’s pretty much too late. Once a site has been compromised it is almost impossible to trust again, either from the perspective of a blogger trying to clean up their site or a visitor who may have been infected or attacked through it.

For all intents and purposes, every site on the Internet is vulnerable to some degree, there is no such thing as a perfectly secure site. However, there are definitely sites that are more secure and less secure and the easier it is for your site to be hacked, the more likely it will be.

Typically, hackers go after after blogs that have known exploits that haven’t been patched, sites that can be easily attacked through a simple script and/or sites that can be opened up through a very simple attack. In short, most website hacks are not done by elite hackers targeting a specific domain, but attackers running scripts to exploit a known vulnerability in as many domains as possible.

That does not mean, however, that these hacks are not dangerous. On the low end, they can deface a site as a joke, in extreme cases, it can result in a site being deleted or destroyed, something that may not be able to be recovered from without good backups.

Any attack will erode hard-earned trust with your visitors, creating a setback that will remain long after the hole has been closed and the hack cleared up, but a particularly nasty one may be a blow your site can’t recover from, bringing an abrupt end to a site you’ve worked very hard on growing.

How to Avoid It

As mentioned above, there is no way to be 100% secure with your site. If someone is motivated and skilled enough, there are always ways to attack your server. Rather than focusing on being hack-proof, the goal of security is being a tougher target. The more you raise the difficulty in attacking your site, the fewer people that will have the skill and interest in doing so.

On that note, much of the responsibility falls to your host. They, usually, have the duty of making sure your server software, including OS and various applications, are up-to-date and properly locked down. However, very few hacks actually attack a server from that angle, though at least some appear to, and most instead focus on what you put on your account, something that is your responsibility.

With that in mind, here are seven crucial steps to make your blog much more secure, regardless of where it is.

1. Choose Good Passwords: Regardless of where you host, your password is your first line of defense. Using a bad password is like buying an expensive safe and leaving it unlocked. Make sure all of your passwords are difficult to attack, including the one for your admin area, your database and your site’s control panel. Any password that can be easily attacked is an exploit waiting to happen. Also, avoid reusing passwords and consider using a login manager such as LastPass to help generate and remember all of your passwords.
2. Keep Your Software Up-To-Date: Though not relevant for bloggers on hosted solutions, for those who host their own sites make sure you keep your software up to date. This includes your blogging platform and any plugins you use. Likewise, be careful of any plugins that you choose and make sure they are maintained, current and follow the same coding/security practices as your main application.
3. Harden Your Installation: Also, if you run your own software, make sure to harden your installation. This means making sure folders don’t have unneeded permissions, blocking access to key folders, installing security-related plugins, etc. WordPress users can see our previous guide on WordPress security for more tips.
4. Be Mindful of 3rd Party Services: Any service you add to your site is a potential avenue of attack. Consider, for example, what would happen if an attacker found a way to insert code into every single Facebook widget. They would instantly have their code running on millions of sites. That type of access makes these services tempting targets for hackers and an easy way for your site to get attacked. Only run services with a good track record of security and reliability. According to security experts, this is the number one flaw that opens hosting accounts to hacking.
5. Be Wary of Social Engineering Tricks: Amazingly, the easiest and most common way for hackers to break into an account is not to take advantage of a computer exploit, but to trick its human owners into giving them access either through phishing or cross-site scripting (XSS) attacks. Be careful of who you give your password to, where you type it in and what you do while you are logged in to your site.
6. Seek Outside Help: Consider having your site monitored by a service such as Sucuri to help spot malware attacks or other alterations to your site before they impact your visitors or are noticed by Google. They won’t help you prevent an attack but they will help detect and clean up after one, thus minimizing the damage.
7. Create Off-Site Backups: Having backups is crucial but it is not enough to have them on your server, keep backups of your site in several locations including on your computer and, if possible, elsewhere on the Web. Consider using services such as Backupify, SiteAutoBackup or VaultPress to ensure that you can pick back up no matter what happens to your server.

Taking these steps will by no means make your site hack proof but it will go a long way to prevent your site from being attacked and to minimize the damage any successful attacks may cause.

In short, you’ll be ensuring that your data is protected and that your hard-earned trust with your readers remains intact.

Bottom Line

Blog security is not something you can treat lightly. Whether you run a small, personal blog or a major blog for your business, you are a target and you have visitors who are trusting you to keep them safe when they are on your site. Slacking in this area can and will cost you dearly.

So take a few moments if you haven’t and take a quick security audit. Take a look at the above tips read the past articles on the topic. See what you can do to improve your site’s security and take any steps necessary to ensure that you are up to code.

Though it may seem like a lot of work for very little reward, the next time a major blog hack is going around and it passes you by, the relief and security you feel will make the effort more than worthwhile.

After all, you can’t put a price on peace of mind nor can you put a price on having happy readers who get exactly what they expect from your site and nothing they don’t.

1. Yet Another Related Posts Plugin (YARPP)

The more great content people are exposed to on your blog, the higher the chances are that they’ll find something they like causing them to return to your blog again, share your content with their own online connections, and ultimately, drive additional traffic to your blog.  YAARP is a great plugin for automatically including a list of related posts at the end of each of your blog posts.  The Link Within widget is another alternative.