Helping You Rock Out Your Site Like A Rockstar!

So you have created a nice new WordPress blog. You have completed the famous 5 minute installation in 5 seconds. Picked out a sexy new template and haphazardly stripped out the creator’s attribution links from the footer (naughty, naughty)and started ferociously uploading every plugin you can find about twitter and Facebook. You publish you first couple of posts and feel on top of the world. That is, until one day, you are narcissistically  Googling your own website only to find this:

Image Source: http://www.pearsonified.com/

That’s right. The pharma hackers have cracked into your WordPress blog and you are now left looking like a pill pusher.

Bye Bye New traffic.

Fairwell Credability.

Bon Voyage Google Rankings.

So what can you do to increase the security on your WordPress site? Here are the top 10 plugins for your website to protect against spammers and black hat pharma SEOs.

Akismet

Yes, I know it comes as standard with a WordPress installation but how many of you are going to the trouble of activating the new API key and connecting it to the Akismet database?
The great thing about this plugin is that it actually accesses a database of black listed URLS and IP addresses and stops any bots or spammers from posting links on your blog. It also comes with an option to blacklist certain words and phrases to protect you from having any adult content posted.

Limit Login attempts

This plugin does exactly what it says on the tin. It limits the amount of times a particular IP address can attempt to login to your WordPress site. Although a word of caution, if you are the forgetful type you can find yourself being locked out of your own blog because you have entered the wrong password 3 times. But don’t worry it will let you try again after a couple of hours.

WordPress Firewall

This nifty little plugin stops all sorts of attacks on you r site by determining any unusual requests or parameters within the WordPress code. The plugin claims to stop
·         SQL Injections
·         Exe file uploads
·         Block known blacklist IPs
·         A list of parameters and queries that will make your eyes water.

WP security Scan

WP security scan scans the files on your WordPress site to check for any potential vulnerability in the file permissions. For example, if you have a writeable, readable and executable htaccess file, WP security scan will alert you to this fact and suggest the appropriate action in order to fix the security hole.

The great thing about the WP security scan is that it removes any footprints about the WordPress system you are using and also enhances the database security.

WordPress Database Backup

This is another self-explanatory plugin but an essential one, nonetheless. The WordPress Database backup allows for copies of the database to be created away from the main database location. This means that even if you website is hacked. You can create a fresh install and repopulate the site with the information on the site previous to the hack.

Login Encrypt

According to the dark coding wizards that created this one:
“An encryption plugin that ciphers the password using RSA and DES, securing login without SSL”
For the non-programmers out there, this plugin basically scrambles the password when you are typing it into your site. It then sends the scrabbled version to the database which is the unscrambled at the other end. This means that sensitive information is not transmitted; this limits the possibility of hackers gaining access to your credentials.

Displaying two columns for categories in your WordPress is not too hard. Just takes a little php, html, and css. You can put this in your posts, pages, or sidebar.

We are taking the usual category code for WordPress.


<?php wp_list_categories(); ?>


and replacing it with the following code. This php splits up each category and into columns, much like splitting odds and evens. This code would go in your template where you want it displayed.


<?php
$cats = explode("<br />",wp_list_categories('title_li=&echo=0&depth=1&style=none'));
$cat_n = count($cats) - 1;
for ($i=0;$i< $cat_n;$i++):
if ($i<$cat_n/2):
$cat_left = $cat_left.'<li>'.$cats[$i].'';
elseif ($i>=$cat_n/2):
$cat_right = $cat_right.'<li>'.$cats[$i].'</li>';
endif;
endfor;
?>


After you have put the above code you are ready to add your HTML right after it. Remember you need to make sure to remember your css class definition, because you will be adding it to your theme’s stylesheet. Remember you can use your own definitions, but remember to make sure you are not already using them for another part of your theme.


<ul class="alignleft">
<?php echo $cat_left;?>
</ul>
<ul class="alignright">
<?php echo $cat_right;?>
</ul>


Now that you have the php and html done, you need to add your css. In the case of this tutorial, I have used alignleft and alignright for the classes.


.alignleft {
float: left;
}
.alignright {
float: right;
}


Of course, if you want to play with the css and do other things, by all means go ahead.

I having been designing exclusively for WordPress for 5 years, before that, I designed both in WordPress, static sites, and with other content management systems. I am not the best in visual efforts, but I like to try to work with my clients and make sure they have a more than satisfactory product that they can use.

The problem is that I keep hearing from clients about past encounters with other WordPress designers and developers who will not go that extra step to make sure their client can efficiently use their website. In fact, they are turning to premium themes because they cannot find someone to make their project idea a reality.

Remember, WordPress is no longer a blog platform. It is a full fledged content management system that with coding and imagination, a site can become extraordinary!

Here are a few tips when stepping into designing WordPress themes:

1. Know the code. If you are not familiar with HTML or PHP, you should not be designing as frankly, it makes other designer’s job a pain when they have to step in a correct your errors.
2. Know WordPress. This goes for the coding, and how to use it.
3. Design with the client’s experience in mind. Be prepared to offer them ways to use their WordPress in the easiest and more understandable way. You may need to walk them through it. Not all of your clients will be as WordPress savvy – some may not be as Internet savvy.
4. Design logically. If you are designing for someone else and they have some coding experience, they might be a bit ticked off if your code looks terrible or you took the roundabout way to get to a solution. Streamline it. There will always be a better way to code a site. (Also, make hidden notations in the theme files case your client is familiar enough to make edits, but might not know where exactly to make them.)
5. Be knowledgeable on site tools that will enhance the website. Whether it be an actual design or for search engine optimization, it is important to keep up-to-date on this type of news.
6. If you do not know something, then ask around or do some research. The WordPress community is really friendly. You can either use the WordPress support forums or go to various WordPress related sites to find out.
7. Whether it be WordPress, another CMS or static HTML, check your site in most browsers before handing it off to the client. Not everyone browses the same way as you.

Even if you are not designing for a client, you can take a lot of these suggestions with you.

What other tips can you suggest?

I wrote Mastering Pretty Permalinks in WordPress with the intention to introduce the concept of the best permalink structure for WordPress powered websites. This was a call to try to encourage people to organize their website, but beware of how the permalink structure might be overrode if you have a file folder name the same as a post and you are using the post name permalink structure.

It is obvious that I am going to say that the post name (formerly known as pretty permalink) structure or the /%postname%/ option in your WordPress Permalink General settings is the best structure.

However, I am going to go a step further. Search Engine Optimization is fun to play with in regards to your domain’s URL structure. It can be a way to optimize what your article is, other than just organization.

What we know in basic WordPress use for structure purposes are as the following:

Permalink Structure for Posts

We can control how our permalink structure can look whether by post ID, month and date and more. We can even designate tags and categories to these posts and call them to pages using custom WordPress queries. For example you can call a category and show only tags and a certain number of many posts.

The reason why the post name structure (/%postname%/) works best for a post is because it shows the post title closest to the domain, showing how important it is to the site. The structure within the web page itself will also emphasize this using heading tags (h1, h2, h3, h4, and so on.) Now, if you listed by category (and I have seen people recommend that), depending on how your category is labeled, you are telling the search engine that the category is far more important to crawl than the actual title of the post.

WordPress naturally has the base “category” as a name and you can group posts under those categories. It is okay to display your posts on your site in a category. Most people believe including categories makes your posts duplicate content. NO! It is only if you are posting the same thing again on your site or the same exact thing on another site (like if you do guest blogging.) The search engines are not dumb.

Now, here is the fun part as well as the tricky part. What if you do use the category structure? How can you make it clever enough to draw more attention to your title. WPCandy actually exercises this clever way by naming the category’s slug an action. Yes, just the slug as you can designate a different name pointing to a different slug.

Just some examples:

News is reports
Opinion is thinks
Tutorials is teaches

Pretty cool, huh? As a note, the posts do group under the general “category/category-name”.

In this, we are telling (using the WPCandy example) that WPCandy.com reports such and such title, giving it an actual sentence. And you know, it nearly makes this former English major cry happy tears. (Oh I am such a geek!)

Permalink Structure for Pages

Pages are kind of fun and since WordPress 3.0′s menu addition, your control over pages has increased with several options. You can use the older hierarchy structure with parent and child pages. Remember, pages in WordPress are normally known for being used for static content.

The older hierarchy structure adds the slug of the parent page into the URL structure. SO, if you have like a parent page and then three deep into children and grandchildren, your URL structure might get a bit long. That might not be a good idea for search engine optimizing as it takes away the importance of that page.

However, the hierarchy structure is not the only way. You can use the WordPress menu option in your WordPress administration (Under Appearance>Menus) to organize your website and keep your URL structure for your pages simple. You can publish a page without using the hierarchy and use the WordPress 3.0 menu to organize your website without adding more length to your page’s URL structure.

Now, both methods can be used and Google will pick up and group areas of your site that have been optimized as a group. For example, if you have defined that your main sections of your website are your ‘About’, ‘Contact’, and maybe… as an example say ‘Resources’, like I have here in Blondish.net, Google will pick up that structure if you do have a set up pages that are relevant to that main area.

As a note, We can also apply these techniques to custom posts types since WordPress 3.0.

In Summary

Your permalink structure is both a way to organize and help search engines, but can also be great in helping your visitors navigate your website. The best permalink structure to use in WordPress is one that is the most coherent for search engines to deliver the best results to potential visitors. Play around with your site and see what is best for you.

Recently I had a run in with coding with a client who had a developer put together a sloppy custom WordPress query in place of a proper loop. In fact, it was amazing because it was put in replace of code on a great premium theme by StudioPress. By the way, no it was not StudioPress who did it, so let me get that out of the way. They are good at what they do.

Anyhow, the custom query was three different pieces of code: a section to show to first 5 most recent posts, and then two columns underneath to show two different categories that the site owner wanted to feature. The was done using a similar solution to the one At Weblog Tools Collection called Define Your Own WordPress WP-Query.

The problem was that this solution was not providing a good pagination. The “Next” and “Previous” did not work, and even if I wanted to use my favorite WP-PageNavi plugin, then I was pretty much – “sorry, out of luck.” This does not work well as a replacement for the regular loop, especially for what it was being used as.

So, I set out to put together a better solution. In the end, I displayed the most recent posts by normal Loop means. For the categories, I used the following:


<?php $recent = new WP_Query(); ?>
<?php $recent->query('cat=1&showposts=3'); ?>
<?php while($recent->have_posts()) : $recent->the_post(); ?>
<h3><a href="<?php the_permalink() ?>" rel="bookmark"><?php the_title(); ?></h3>
<div class="attachment-post-thumbnail">
<?php the_post_thumbnail(); ?>
</div><?php the_content_limit(130, ""); ?>
<?php endwhile; ?>


We are still using a custom WP_Query, but only using it for the categories. You can replace the 1 after cat=1 to whatever category you want to display, and you can change the number of posts displayed by changing the number in showposts=3.

You can customize the code further with CSS and adding other attributes.

I left some styling to include the thumbnail, title, and a short excerpt, even using the_content. However, you can change it to the_excerpt if you have set your excerpts through your functions.php or excerpt plugin. This code goes in your WordPress theme template where you want it, however I use this normally for the theme’s template file that is for the front page of the website. This is good for sites that are more magazine-like.

Sound easy?

So you have content, but you are not sure you want to go with pages or posts. Well, it really is not that difficult. A lot of people put together a site completely in posts without few pages. Or they make a page and enable comments, depending if their theme has that coded into the page template.

Even you can customize individual pages, since WordPress 3.0, you can customize individual posts. You also have the ability to adjust your menu from your WordPress admin panel to whatever you like if you have the wp_nav_menu php call into the theme itself.

Posts are normally considered an area of your website that will be updated frequently, while pages are more considered to be static. The difference- while both pages and posts are included in a sitemap (if you have a sitemap plugin installed… and you should), only posts are included in your RSS feeds (RSS- really simple syndication.) With the RSS, you can feed it into social network aggregation tools that will publish your posts to your social network handles.

However, you have to ask yourself – do you want comments on a page you will rarely update? What type of content are you putting up and how much of it? Remember for those internet marketers who like to use landing pages, enabling comments on a squeeze page might not be ideal.

If you like to put up mass quantities of items, for example, pixel images where you have a lot of images, you may want to use a page. Or you could release a few at a time in posts.

This is really something you have to decide on how you want to organize your site. If you make a page, you will have to announce the page somehow, especially if you want to drive attention to it.

Navigation is a big part to most sites. It is often the source of a visitor’s problem if your site is confusing to go from one area to the next, and back again with ease. Both posts and pages allow you to implement elements like breadcrumb navigation (a navigation you put at the top that tells you the path from that page you are on, and gives you a way to go back to the home page), links for next and previous post, navigation with numeral navigation (instead of older or newer post links), WP 3.0+ navigation menus, subpage navigation (you can have whole sections as a parent page and then children pages related to that section) and more.

It boils down how you want to organize your site. In fact, your sites organization has pull on your SEO. If search engines see that you have sections of your site that are grouped, they will list those under you
I usually put posts for what I am going to talk about and pages for things I may not update a lot.

Here is a good example of what I was talking about:

How have you organized your site by using pages and posts in WordPress?

Whether you just like to put up a personal greeting or have a site that has quite a few users, something a welcome message is nice. I have seen a few people put this together and have a centralized paged where users can log in, read the personal message, and then go on their merry way using the website.

The code is really simple. This code calls the current user. If you want to only let people like contributors or other roles see the message, you have to adjust the level_0 to any of the levels corresponding with the roles. (Example: administrator is 10).

Please note that you need to be careful on what you greet your visitors. If your normal readers expect you to be goofy, or a little on the strange side, that is fine. However, I have seen a couple sites that have creeped me out with some weird greetings.


< ?php global $user_ID; if( $user_ID ) : ?>
< ?php if( current_user_can('level_0') ) : ?>

Welcome < ?php global $current_user; get_currentuserinfo(); echo ($current_user->user_login); ?>
< ?php else : ?>
< ?php endif; ?>
< ?php endif; ?>


You can edit the little welcome message to whatever you like.

In fact, I have been exercising this on a few sites for clients that wanted their users to not even be lead to the WordPress backend, even to edit their user profile. Theme My Profile works well with the plugin Theme My Profile, and were both created by Jeff Farthing. Of course, you can use this plugin by itself as mentioned on Jeff’s page for the Theme My Profile plugin.

This plugin is a very nifty tool and eventually I will have it so profiles will be viewable too. Everything just takes time. The plugin works great and I have no found any bugs with it. You can even specify who has access to this feature and who does not.

My only issue is that I think there could be more added to this plugin to give the “theme my profile” that extra oomph. While it does let the user have a more uniformed experience with changing their profile, this plugin could also use options like adding social profiles, and the addition to work with a custom author page and author box for posts. (Please note that you can add extra social profiles through adding a few actions to your functions.php file, but I think it would be nice if bundled in this plugin.) I do not know what you would think, but for me, this would just be very enticing if these options were added.

Have you used this plugin? What are your thoughts?