2014-04-15



Hello Happy Site Owners! This week’s tips include what all happened in one of the worst security weeks in history, WordPress updates, how to create and sell products on your blog, tools for creating killer headlines, a new theme from Yoast, and fashion vs. function, boosting your G+ strategy, plus how to create videos that folks want to share. So, let’s dive in. Listen to the podcast.

Howdy

I’ve decided to put a couple of new sections in Tips Tuesday. One is to say hey and touch base with what’s hot and happening. And the other is to let you know what’s going on behind the scenes at BlogAid.

It’s pay your taxes day in the U.S. And it’s a full moon. I hope some of you got to see the Blood Moon eclipse last night. It was cloudy here in Nashville. And April 15th is also our frost line and we’re celebrating with Dogwood Winter. Sunday it was 81 degrees and tomorrow it will likely snow. Goofy weather for a goofy week. But last week was even goofier. I was up pretty late a few nights working on a couple of site migrations that went sideways. That doesn’t happen much, but when it does, you definitely want a good tech person in your camp to smooth it all out.

BlogAid News

This week I’m continuing to work with several training clients as we build their sites.

One is a rather complex member site that is a revamp of an existing site where the owner was losing members after a short time, hence losing a lot of money with all the bonuses folks walked away with. We’re setting it up now with incentives for retention, and ways to do directed promotions all throughout the year. Plus, we can easily track metrics to see what folks are responding well to and do more of that.

Another client has an ecommerce store that is in addition to her in-person services. And both of these clients will also be doing live webinars soon too.

My other training clients right now are creating sites that complement their in-person service businesses. Beyond building their site, I’m helping them create a posting system so they can build authority and authorship credentials quickly.

All this to let you know that the classes and consulting I do go way past basic WordPress and SEO. If you’re looking to get on the fast track to success, save yourself a year of try-this-try-that and invest in your success with the kind of education and directed sweat equity that hits the ground running at launch.

I’m also about to start a video making binge to bring all 60+ videos in the BlogAid Video Tutorial Library up to the current release of WordPress 3.9, plus update some of the info, as things have changed in the way most themes work now, including the free themes in the WordPress repository. I’ll also be updating the Genesis section as well as the MailChimp section. I’m delighted I found a little trick that will explode the SEO on this library, as I also intend to do more promotion for it as a standalone product to create more passive income.

And, there are a couple of designers making use of my Geek Behind the Curtain services to learn how to do things like setup a site securely and make all of the Google connections after launch. Their clients never know I’m there. They support their clients. I support them.

I’m telling you all of this because I want to let you know how I diversify my income while staying on target with the main services I want to provide. Each of these things is a natural extension of where BlogAid started and then grew.

I’d like to hear from you about how you’re successfully doing this already, or how you intend to diversify and grow this year. Leave a comment for us here on the blog or on the post on G+. You’ll see sections below the post to comment in either place. Cool, huh?

WordPress Tips

WordPress 3.8.2 and 3.8.3 Updates

This past week WordPress had two updates. Version 3.8.2 was to patch a security hole. And version 3.8.3 was to fix a bug found in the 3.8.2 release.

- – - – - – - -

WordPress 3.9 Due to Release April 16

As far as I can tell, version 3.9 is still due to be released tomorrow, the 16th.

To see what’s new in this release, watch my video with a short tour of the new features.

I don’t think I’ve ever used the word caveat in 5 minutes as much as I did in that video.

And I don’t think I’ve ever been so disappointed in a release. You’ll remember that I was pretty excited that they were going to finally do some work on the TinyMCE text editor. Well, they made it worse, in my opinion.

For that reason, I’m actually going to suggest that you seriously consider not upgrading until you at least see my video on this because the changes negatively impact the TinyMCE Advanced plugin too. I imagine that the Ultimate TinyMCE plugin is adversely affected as well, but I haven’t had time to test it. If you use that plugin, I hope you’ll leave a comment and let us know how it’s doing.

I’m watching the developer’s page of the TinyMCE Advanced plugin, but don’t see that he has any incentive to update and fix the issues. But I think the outcry is going to be big from WordPress users, so we’ll see what developer listens and responds to that with fixes and workarounds. I’ll keep you posted. And if you here of things, please let me know. It takes a village to keep up with all of the changes.

Security Tips

Heatbleed Vulnerability

The other big news this past week has been the exposure of the HeartBleed vulnerability. It’s actually been around since 2011.

It’s not just one thing being leaked from your accounts. It’s four. They are:

the encryption keys themselves

user credentials (user names and passwords)

protected content (encrypted during delivery)

technical details such as memory addresses and security measures such as canaries

Here’s more info on each, and more on what to do to protect yourself and your accounts.

And there are a lot of posts and infographics with ways to test sites that you use to see if they are still vulnerable and which ones may have leaked what. Here’s what I have to say to that. Forget it all. Simply treat all accounts on all sites as a security risk. Rotate your passwords regularly. Protect your password list, if you keep one. I have a list and it’s not in a cloud service, and it doesn’t have the whole password written out plainly either. So, even if the list gets stolen, it’s useless to anyone.

- – - – - – - -

Heartbleed bug spreads to routers and other gear

And this is not just about sites. Your network router and other smart devices connected to the Internet may be at risk too. You may recall me mentioning those devices in previous posts on securing against botnet attacks. The bottom line is that you need to take cyber security very seriously with all devices these days.

Thanks to +Sherryl Perry for bringing this post to my attention.

- – - – - – - -

Update JetPack immediately

There’s a serious security issue that lets a hacker post to your site. You can find details on the JetPack blog.

- – - – - – - -

Removing the ability to disable XML-RPC in emergency release 5.0.3

Okay, this falls into the knee jerk category twice. Mark Maunder, the founder of Wordfence, issued a letter of apology on their blog to say they were sorry for so hastily getting an update out the door that included turning XML-RPC completely off.

You may remember in a previous Tips Tuesday the mention of this security issue with trackbacks and pingbacks, and then a full post on what to do about it.

Well, the WordFence team got an earful from users about not being able to post to their sites remotely anymore. So now they have issued an update to the plugin that doesn’t allow you to turn any part of XML-RPC off. So basically, they’ve traded security for remote publishing convenience.

Now, in that full post I wrote on this issue, you’ll find links to a plugin that lets you have the best of both worlds. It only turns off the security risk part of XML-RPC. I don’t know if using it and the WordFence plugin will conflict. So, try it at your own risk.

What I do know is that I don’t use complex security plugins to make up for a lack of hard coded security at the core file level, and then specialized, light-weight plugins or external protection from DDoS attacks before they hit my server. But that’s me, and my top clients that I do site management for. You’ll have to decide what’s best for your own site’s security. There are LOTs of opinions about what’s best.

Content Marketing Tips

Creating Product Week: How to Create and Sell Products On Your Blog

Creating Products for your blog. +Darren Rowse aka ProBlogger, is running a super series this week on how to create your own products to sell. And this post gives you a peek inside his revenue stream too. Both are well worth the read.

– - – - – - – -

7 Tools to Create Killer Headlines

You could spend a lot of money and time learning to create effective headlines and get 100% ROI on that investment. And publicity expert +Joan Stewart is giving you 7 Tools to Create Killer Headlines to get you started. This super post is full of examples on every type of headline you need to master.

Thank you to +Denise Wakeman for bringing this post to my attention.

Themes

A new Yoast theme: Strategy

Team Yoast has unveiled another of their new Genesis powered themes. This one is called Strategy and it’s product and services centric. It features three widget boxes at the top followed by a content-sidebar split below for your blog posts. And it has four built in color schemes.

- – - – - – - -

Beautiful or Usable: What’s important while designing your website?

And if you have the time, you might want to see another post on his blog that attempts to make the case for function over fashion in theme design. This, after a backlash of folks saying how plain, or even ugly, his new themes are. I’m all about usability and conversion too, but that has more to do with structure, not style. The structure is why one theme will outperform another to meet a specific goal. It’s either going to be product or blog centric. And any structure can be styled to look nice.

So, his argument falls flat with me. And if you want to see proof, check out the portfolio of my lead designer, +Cyndi Papia owner of OfficeTo-Go.com She totally understands structure, usability, goals, and marketing, and yes, fashion too.

G+ Tips

Seriously Boost your Google Plus Strategy

Y’all know that I’ve been focusing on making the most of G+ lately. And this post from +Peg Fitzpatrick is resource rich in tips to help you do just that. I was particularly fond of the +1 tips from +Martin Shervington that will give your content “longer legs” as he puts it.

YouTube Tips

How to Create Videos That People Will Love and Share

The YouTube Creator Playbook for Brands is an awesome and hefty guide. Video expert +Tim Schmoyer has a series that breaks it down and helps you get the good out of it. And you can bet I’m following this series while I’m on that video making binge to update both the BlogAid Video Tutorial Library as well as my presence on YouTube.

Wrap Up

Alright y’all, that’s a wrap for this week’s Tips Tuesday. If you’ve got tips you think will help folks, send them on over to me. And please do leave a comment here on the blog, on iTunes, or on G+. I love hearing from you. Be sure to visit BlogAid.net for more tips and resources and I’ll see you online.

You're reading Tips Tuesday – Internet Security, WordPress Updates, originally posted on BlogAid - WordPress for Non-Geeks and copyrighted by MaAnna Stephenson.

Chat with MaAnna on Google+ | LinkedIn | Facebook

Show more