Wordpress Dozen: Tips, Tools and Plugins by Sue Polinsky
-
Upload
convergesouth -
Category
Technology
-
view
506 -
download
1
description
Transcript of Wordpress Dozen: Tips, Tools and Plugins by Sue Polinsky
WordPress Dozen: Tips, Tools and Plugins
Sue Polinsky, ConvergeSouth 2013
2013
Disclaimer
04/11/2023www.TechTriad.com
This presentation contains graphics, text and trademarks that are the property of their respective owners. No rights in this presentation are transferred.
Some of us are married to lawyers.
Get the PDF at techtriad.com/convergesouth/
Today’s Tips, Tricks & Tools
04/11/2023www.TechTriad.com
1. Install WP Securely
2. Use Custom Logins
3. Kill “admin”
4. Free themes
5. Child Themes
6. Remote Security
7. Frameworks
8. Plugins Rock
9. Plugin heaven
10. Plugin hell
11. Sell Safely
12. Backup
Code is poetry.
SECURITY OVERVIEW
04/11/2023www.TechTriad.comBrad Williams, WebDevStudios
BE SCARED!
04/11/2023www.TechTriad.com
BE VERY SCARED!
04/11/2023www.TechTriad.com
Guess where most malware sites originate!
LET’S GET TO IT
04/11/2023www.TechTriad.com
Items marked with a red star mean that if you are not an uber-geek, server geek, WordPress developer, or Unix-smart, hire someone who is.
Or lean on a friend.
Not all site owners can perform all the tips, tricks, and tools shown today.
1 - INSTALL WORDPRESS SECURELY
04/11/2023www.TechTriad.com
DO NOT… use one-click
WordPress installs use the 5-minute WP
install use the cheapest web
host you can find update from public wifi
(if you do, change your pass)
DO… update plugins &
themes update WordPress core ask a geek if you’re not
sure BACKUP first BACKUP routinely
2 - USE CUSTOM LOGIN LINKS
04/11/2023www.TechTriad.com
Custom login linkUsing http://yoursite.com/wp-login.php?So are the hackers.
Ask a geek to program a more secure URL for your login.
Also consider Better WP Security plugin (with several security options).
2 – USE STRONG PASSWORDS
04/11/2023www.TechTriad.com
Use a strong password.Mix letters, characters, and numbers.
BAD: “suerocks”BETTER: “$u3-r0ck$!”
(see how that looks like “suerocks”?)
Get three strong passwords and rotate them through all your logins!
3 – KILL “admin”
04/11/2023www.TechTriad.com
Demoting the admin user is good.
Deleting the admin user is much better.
1. Create a new account with a unique name.
2. Set it to administrator.3. Log out, log in with the
new account.4. Go to All Users and
delete the admin account.
How to delete admin
3 - TWO-FACTOR AUTHENTICATION
04/11/2023www.TechTriad.com
When logging in from an unfamiliar device, force a txt verification to your phone to authenticate your login.
Plugin: Consider Google Authenticator
Consider this security for Google & FB logins.
3 - USE A GOOD GREAT WEB HOST
04/11/2023www.TechTriad.com
You get what you pay for. Do you know?
1. How much you pay for hosting versus how much angst you’d be in if the site were lost or your server blacklisted?
2. How many of the host’s sites are blacklisted for malware?
3. What version of server software they use or how often they update it?
4. Who has access to account credentials?
4 – BEWARE FREE WORDPRESS THEMES
04/11/2023www.TechTriad.com
The Internet used to be free & we trusted downloads For-pay themes are called “Premium” If you have a business or important personal site:
BUY A THEME from a trusted source & update it DESIGN YOUR THEME in Photoshop and… HIRE A GOOD FRONT-END DEVELOPER to build it Make sure it’s RESPONSIVE (phones, tablets)
You get what you pay for.
4 - FREE THEMES CAN BE EVIL
04/11/2023www.TechTriad.com
Use trusted theme developers
Of the 10 sites reviewed:
1. Safe = 12. Iffy = 13. Avoid = 8
http://wpmu.org/why-you-should-never-search-for-free-wordpress-themes-in-google-or-anywhere-else/
4 –TRUSTED THEME DEVELOPERS
04/11/2023www.TechTriad.com
New WP themes have more features than most people can/will use.
New themes have complex features and example data
Buy a theme, install properly, and update.
Be wary of custom frameworks
ThemeForest.net
5 - USE A CHILD THEME
04/11/2023www.TechTriad.com
1. Buy a theme. Install it. Customize it.
2. Update the theme and lose all your customization.
THE SOLUTION IS A CHILD THEME Buy themes that work with child themes. Install the theme as a child theme. Update the parent when the theme is updated
(OBTW, are you checking for updates?) Customizing happens in the child theme. Better premium themes support child
themes.
6 – USE REMOTE SECURITY
04/11/2023www.TechTriad.com
There are services that monitor your WordPress site and check for link injections & other bad things.
Consider Sucuri.net Free or Pro Version of SUCURI.net Be alerted to malware/hacks Pro version = $90/year (1 site) Free version = checks WP core install,
find out where the last login came from, if site is hacked can change passes, keys.
6 – SECURITY AND FILE PERMISSIONS
04/11/2023www.TechTriad.com
*Set the file and folder permissions (or at least know what it means)
7 – FRAMEWORKS & FEATURES
04/11/2023www.TechTriad.com
New themes contain new standard features. Menu styles and shapes Fancy sliders (Revolution, Viewport) Shortcodes (learn or die!) Page snippets Custom post types New page templates Integration with online services Woocommerce or other ecommerce integration
Frameworks manage these features.
7 – CUSTOM FRAMEWORKS
04/11/2023www.TechTriad.com
Most custom frameworks are, well, custom.
Major WP updates mean you need to update your theme first (use a child theme!).
Some framework updates break older features.
Frameworks prevent you from switching to other themes easily.
Frameworks are core systems that make it easy to do fancy things.
7 – TWITTER BOOTSTRAP FRAMEWORK
04/11/2023www.TechTriad.com
7 – BOOTSTRAP CSS FRAMEWORK
04/11/2023www.TechTriad.com
Bootstrap is a free collection of tools for creating websites and web applications. A goal is to standardize some popular online tools.
Bootstrap is a popular mobile front-end framework Used by NASA and MSNBC sites
Bootstrap is Open Source (@GitHub.com) Encourages consistency across Internet tools You can buy Bootstrap-built premium themes but the
purpose is to build on its core framework Bootstrap also had a major upgrade recently that
cannot be applied to older Bootstrap sites
7 – FRAMEWORK FEATURES: SHORTCODES
04/11/2023www.TechTriad.com
Shortcodes are buttons you click to format on-screen cool tools.
The most common example is buttons. WordPress has built-in shortcodes
codex.wordpress.org/Shortcode Built-in WordPress shortcodes
[audio] [caption] [embed] [gallery] [video]
7 –EXAMPLE YOUTUBE SHORTCODES
04/11/2023www.TechTriad.com
http://en.support.wordpress.com/shortcodes/
7 – COMMON SHORTCODES
04/11/2023www.TechTriad.com
8 – PLUGINS ROCK WHEN THEY WORK
04/11/2023www.TechTriad.com
1. When was the plugin written?
2. When was the plugin last updated?
3. Does it work with the latest version of WP?
Jetpack by Automatic
9 – COOL KIDS PLUGINS
04/11/2023www.TechTriad.com
Wordpress.org/plugins
9 – PLUGIN “HEAVEN” RULES
04/11/2023www.TechTriad.com
Use Trusted Plugins
Use Few Plugins
Update Plugins
Delete Plugins
Buy Plugins
10 – PLUGIN HELL
04/11/2023www.TechTriad.com
Free plugins eventually break your site.
Trusted
• How long have they been around?
Updates
• Last time plugin was updated?
Examples
• iThemes• Woo• Others
Sally builds a plugin you like & install. Sally goes on to other things. You update WordPress and can’t log into your site.
Welcome to Plugin Hell!
11 – SELL MORE SAFELY ONLINE
04/11/2023www.TechTriad.com
WooCommerce is becoming a popular WP ecommerce plugin and is integrated with many premium themes.
WooCommerce is audited by Sucuri. It’s free.
Pretty full ecommerce features & dozens of extras.
11 – ECOMMERCE OPTIONS
04/11/2023www.TechTriad.com
For a few items, consider Jotform + PayPaljotform.com (lots of new integrations)
iThemes - big splash with “Exchange” Simple Ecommerce using PayPal or Stripe (free or pro)ithemes.com/exchange/
Do you want to host ecommerce ON your site? A full-service WP store? Try Shopify. There are lots of ecommerce plugins. Choose wisely.
12 - BACKUP. PERIOD.
04/11/2023www.TechTriad.com
Backup on a schedule. Send a copy of your backup to your cloud server.
Backup before making changes. Know what your hosting company backs up.
WordPress has parts & pieces. Know if they guarantee their backups.
If the server melts down, can they reinstall your site?
Cloud backup works with Dropbox, iCloud, Skydrive, Box.net and others.
12 – BACKUP PREMIUM TOOLS
04/11/2023www.TechTriad.com
Backup Buddy is a plugin for scheduled backups including backup to cloud. Not cheap, but what’s your site worth?
VaultPress High quality, trusted backup solution.
Find Me Online
04/11/2023www.TechTriad.com
Dr. Sue PolinskyPresident, TechTriad, Inc.Phone: 336-852-4321Email: [email protected]
Twitter: @suepolinsky, techtriad Facebook: facebook.com/suepolinsky Facebook: facebook.com/techtriad Google+: [email protected] LinkedIn: suepolinsky