SEO Articles

15 Essential Steps to Secure WordPress Against Malware Attacks

15 Essential Steps to Secure WordPress Against Malware Attacks

Secure WordPress Against Malware Attacks is an essential part of a webmaster’s role. It’s your virtual property that you need to secure to ensure that it’s not vulnerable to attacks and exploitation. That said, there are many individuals who disregard security as a secondary concern. For businesses, regardless of whether they’re big or small, security is the exact opposite of that. You might be less inclined to focus on security because you don’t have time, or aren’t skillful enough to touch on a topic as complicated as security. It’s justified if you feel that way. If there’s one thing non-technical webmasters dread the most, it’s the “under-the-hood” settings of their website.

Let’s make one thing clear: WordPress security is very easy. In this short article, we aim to show you just that! By the end of this, you will have gained significant insights on security and will be ready to implement those insights on your own site.

WordPress Security: Why Does it Matter – Let’s look at some statistics so you can get a factual picture of why security matters.

According to Wp-WhiteSecurity, 73.2% of all WordPress installations are vulnerable to security breaches. Fortunately, with free tools, you can detect them.

Panda Security states that 81% of web attacks are due to insecure passwords, poor login and password combinations.
Smashing Magazine says that the four most commonly used WordPress exploits are Pharma Hacks, Malware redirects, password access, and backdoors.
WordFence states that 70% of your WordPress security can be accounted for if you’ve taken measures against securing your site against brute force attacks, and plugin vulnerabilities.

Also states that security matters because WordPress websites face approximately 91,000 attacks per minute with a 100,000 sites being hacked every day. Hackers don’t discriminate and are ready to pounce on the opportunity if they feel your site is vulnerable. To ensure its security, you need to be proactive in your steps in countering these hacks.

But what are the possible attacks you will encounter? Let’s take a look at the most common forms of attacks.

How Hackers Work Their Way into Your Website

The following are nine of the most common WordPress hacks that can damage your website.

Brute force attacks – Exploiting weak passwords, this attack aims to take full control of your site through automated scripts that try to guess the admin and password of your site.
Backdoors – Backdoors aim to gain access to your site at the server level. This attack can even damage other sites running on the server as well.
Cross-Site Scripting (XSS) – Injecting malicious code on your website, hackers attempt to break it by ruining the codebase (HTML, PHP, and CSS).
Malicious Redirects – A form of link spamming, this exploit redirects your website users to dodgy websites through changing the links within your site content.
Phishing – This one exploits your site to gain access to your personal information like credit cards, bank accounts, and other identities.
Malware Attacks – This is an umbrella term used to signify all the hacks that fall under the category of viruses, rootkits, spamming, and other intrusions.
DDoS Attacks – A well-coordinated attack that injects hack bots into a website. The quantity of the bots is so much that it overwhelms your site’s server, reduces performance, or brings it down entirely.
Defacement – Hackers gain access to your site to ruin the layout of your site by changing the HTML or CSS content of your site. Similar to XSS, but political in nature.
PHP Mailers – This one uses PHP (WordPress’ programming language) commands to take control of the mailing server to send phishing emails.

From all of this, it should be clear why WordPress security is important. While these attacks can harm any site, WordPress is a major target for the hackers since statistics show that 90% of all infected sites are running on WordPress.

Protecting Your Site from Hacks

The attacks we’ve mentioned above are the worst-case scenario of what can happen to your site. Fortunately, the ever-active WordPress community has made sure that you can deal with these hacks. Here are some of the steps you can take to protect your site from hacks.

1. Install a Powerful Security Plugin

The following are some of the plugins you can install on your WordPress to ensure security.

iThemes
All in One WP Security & Firewall
Shield Security
Wordfence

All of these plugins come equipped with a variety of different features that take your site’s security to the next level. Here is a short list of such features:

Firewall for WordPress
IP blacklisting and blocking
Malware scans
2FA (Two Factor Authentication)
Security alerts for emails
Security recommendations
…and more.

All of these plugins are easy to install and easy to set up. Even if you don’t have time or the skill, the configuration wizards of these plugins will ease you through the entire process.

2. Perform Malware Scans

If you’re seeing quick drops in traffic or some performance issues, then its recommended that you perform a quick site scan.

You can use online health check tools like Virustotal to check your site for any discrepancies.

If you see some problems take the necessary precautions to prevent it. Even if you don’t, it’s always beneficial to run a site check once in a while.

3. Invest in Secure Hosting

You should also protect yourself at the server level by choosing a host that promises the following features:

Regular backups
Malware scanners
Security against DDoS attacks
Latest OS, server software, and hardware
…and more.

If you want to take things further, then we would recommend you to select a managed WordPress host that takes care of your site at the server level. All in all, investing in a good hosting service can pay dividends in the future.

4. Set an Uncommon Login and a Strong Password

CLU, also known as Complex, Long, and Unique is the way to go with both your login credentials and passwords. Using symbols, capital letters, numbers, and more in your passwords will ensure safety from Brute Force attacks and others malicious hacks.

With usernames, don’t just rely on the regular old “admin”. It’s common and provides an easy gateway for hackers to access your site.

You can use a site like Passwords generator to help you come up with a good password.

5. Keep Your WordPress and Plugins Updated

Constant updates on your phone’s apps and software are a common occurrence. It’s there to help protect your apps and phone from security vulnerabilities.

Similar with WordPress, you need to constantly update your plugins and the WordPress versions (as soon as it comes out) to ensure top notch security.

6. Disable XML-RPC

XML-RPC itself isn’t harmful since it allows you to connect to web and mobile applications. However, it opens serious doors for hackers to penetrate your site.

In simple terms, hackers can exploit XML-RPC by using a call function that lets them fly under the radar without knowing the hacker has tried thousands of passwords and login combinations on your site.

iThemes security does a good job of protecting you against these brute force attacks. If you’re not using XML-RPC, then the security plugin can even remove its functionality entirely.

7. Use latest PHP version

The PHP version you’re using on your site is detrimental to your WordPress security. Similar to WordPress, PHP also regularly releases new versions that promise better WordPress security.

As of this writing, the latest PHP version being used is 7.4.5. If you haven’t already updated your PHP, do so right now.

Besides the obvious benefit of getting more security, you are also gaining significant benefits in terms of performance boosts.

We have a special PHP Upgrade service.  See details of this service at https://www.wpfixit.com/product/wordpress-php-7-compatibility-service

8.  Limit Access Control

The most vulnerable parts of your website are the index.php, functions.php, and wp-config.php files.

The wp-config file in particular is very vulnerable since it can facilitate a multitude of attacks on your site. To protect your files, you should ideally hide them, remove any controls for file-editing, change the database prefix (wp_), and restrict user access to PHP files.

The WordPress Codex has a detailed list of how you can keep your files secure, so be sure to check that out.

9. Eliminate Spam and Its Various Types

Spamming is a curse upon the internet. Spam comments, splogs (entire blogs of spam filled with questionable links), trackbacks, and pingbacks, are some of the varieties of spam on the internet.

Fortunately, preventing spam is easy with the help of built-in plugins like Akismet and WordFence.

10. Activate Two Factor Authentication

Two-factor authentication (2FA) is a great way to ensure the log-in security of your website. While it is a time-consuming process (access factor code from email), it is well worth the risk if you’re not sure about your site’s security.

WordFence is perhaps the best plugin for creating a two-factor authentication process on your site.

11. Hide your WordPress version

This is a rather small consideration, but if hackers know your WordPress version and find out that’s it’s not the latest one, they can perform a hack on it.

If it’s an older version and somehow you forgot to update it, then it gives hackers serious ground to hack your site.

12. Manage your WordPress user permissions

If you have multiple users on your sites like editors or developers, then it is recommended that you manage their user-roles correctly. Giving them full permissions will only increase your chances of a hack.

So, try to manage your user roles and their permissions correctly. Additionally, keep a check on the users to ensure that they are people you know. You can use a plugin like User Role Editor for that purpose.

13.Log Out Idle WordPress Users

Users who are logged in but aren’t active pose a crucial security risk. The site becomes prone to hijacking. Their session can be hacked, their passwords changed, and other account changes can be made.

To ensure that a user is locked out when he/she is inactive, you can use a plugin like Inactive Logout and configure the plugin to logout any users who are idle.

14. Limit Login Attempts

With the default WordPress installation, users can login to a site as many times as they want. This makes your site vulnerable to hacks since hackers can try an infinite number of login password combinations without the fear of being locked out or their IP blocked.

To limit login attempts, you can use a plugin like Login Lockdown to restrict the number of attempts a person can log in to your site.

15. Monitor your site security

Once you’ve finished with making your site secure, all you have to do is constantly monitor and keep active in blocking any threats that come your way. Plugins like WordFence can go a long way if you are proactive about your security.

The plugins can prove useful in blocking plenty of different attacks which include, but are not limited to, the following:

Brute Force Attacks
Lockouts
User roles, logins, and permissions
Version management (update alerts)

Additionally, you can view the Google Search Console for more information on your security and site performance.

Conclusion:

Even if you don’t have the skill or time, we hope that this article proved a good gateway to you in the world of WordPress security. If you’re a newbie looking to get your site developed with the latest security standards, then try hiring a competent WordPress developer to complete your project.

The post 15 Essential Steps to Secure WordPress Against Malware Attacks appeared first on WP Fix It.

Read More

Introducing WordPress Take Action Today – WP TAT™

Introducing WordPress Take Action Today – WP TAT™

We just made taking action on your site easy as pie!

The web is jam packed with WordPress information and there is so much to filter through and implement on your site.  We decided to create an easy and simple way for you to TAKE ACTION each day on your WordPress site.

With great excitement, we would like to introduce a new segment of our blog called WP TAT or WordPress Take Action Today.  This will consist of us publishing very simple tasks that you can execute in a matter of minutes making your WordPress site better in many different areas.  These tasks will not require you to be a developer or have any advanced knowledge of WordPress.  They will be easy to do and powerful for the overall experience of your website.  New WP TAT™s will be published Mondays – Fridays.

Check out an example below of what a WP TAT™ might tell you what to take action on.

Audit Installed Themes – WP TAT™

Having installed themes on your site that you are not using can open your site up for security issues and take up server space. If you don’t need it, don’t keep it. Follow the steps below to audit and remove un-used themes installed on your site.

Login to your site
Visit Appearance>Themes
Click on any inactive theme thumbnail to enlarge details
Click delete link in lower right hand corner
Repeat for each inactive theme

*If you are using a child theme, be sure you do not delete the parent theme.

So if you would like to get these delivered to your inbox as they are released, simply fill in the form below and you can start Taking Action Today on your site with WP TAT™.

Current Subscribers

Simply fill out the form below with your name and your email address and this will instantly subscribe you to our WP TAT™ campaign.

This way you will never miss a new post and never miss out on these valuable FREE tips to make your WordPress life better!

#mc_embed_signup{background:#fff; clear:left; font:14px Helvetica,Arial,sans-serif; }
/* Add your own Mailchimp form style overrides in your site stylesheet or in this style block.
We recommend moving this block and the preceding CSS link to the HEAD of your HTML file. */

* indicates required

First Name *

Email Address *

(function($) {window.fnames = new Array(); window.ftypes = new Array();fnames[1]=’FNAME’;ftypes[1]=’text’;fnames[0]=’EMAIL’;ftypes[0]=’email’;}(jQuery));var $mcj = jQuery.noConflict(true);

The post Introducing WordPress Take Action Today – WP TAT™ appeared first on WP Fix It.

Read More

Mobile SEO: The ultimate guide

Mobile SEO: The ultimate guide

We are addicted to our smartphones. For many people, the smartphone is the first thing they check when they get out of bed in the morning and the last thing they look at before they go to sleep. People use them for everything – it’s become huge! Mobile phones have dramatically changed our lives, the way we use the web and, consequently, it has changed SEO. Mobile SEO helps you to reach customers and satisfy their needs while enjoying the experience. This guide to mobile SEO tells you everything you need to know to deliver the perfect mobile experience.

Table of contents

What is mobile SEO?Why is mobile SEO so important?Mobile SEO vs. desktop SEOGoogle’s mobile-first index is liveHow to improve mobile SEOMobile SEO toolsMobile SEO is designing for performanceResponsive design vs. dynamic serving vs. separate domainImprove site speed of your mobile siteThink about implementing AMPProgressive Web Apps (PWA)Focus on user experienceOptimize for localFinetune your mobile contentWrite for the small screenWrite better meta descriptions and titlesPrepare for voice searchAdd Schema structured data to a mobile siteA mobile SEO guide full of tips

What is mobile SEO?

Mobile SEO is all about offering an exceptional experience to visitors of your mobile site. It’s about making your mobile site load quickly and without issues, and presenting stellar content that matches the users search intent. In today’s mobile-first world, it’s incredibly important to have flawless mobile site.

Why is mobile SEO so important?

Mobile SEO is crucial because it helps you reach your your customers in the right place at the right time and and give them the very best experience. Mobile traffic has now eclipsed desktop traffic. Billions of people have discovered the enormous advantages of the smartphone. Our whole lives are in these devices – it’s almost scary to see how attached we’ve become to our smartphones. Many people call it an extension of themselves and something they can’t live without. To reach these people you need a mobile SEO strategy.

Mobile does not necessarily mean on-the-go. Studies have found that people often grab the nearest device to look something up quickly and more often than not, that’s their smartphone. They use it to inform themselves about products before making the decision to buy something, any time, any place. According to research by Google, smartphone users have a higher buyer intent than desktop users. They’re focused and ready to buy. It’s your job to be there when they are looking for your products or services.

It is easy to see mobile SEO in terms of solving technical problems or content issues, but it is also very much a user experience and branding thing. Getting a bad experience from a brand on a mobile phone might scare away a potential customer forever. Offering a great experience increases the chance of consumers recommending your brand.

According to Google research, negative mobile experiences can really hurt your brand

Mobile SEO vs. desktop SEO

There’s quite a difference between desktop SEO and mobile SEO, but the goals are often comparable. You want to reach your audience and convert them into paying customers. In some ways, desktop SEO tactics also work for mobile SEO, but in a slightly different form. Three major themes still apply: focus on performance, user experience and content. In desktop SEO, you’ll often focus more on the general public, while mobile SEO can also have more of a local focus.

What is different, though, is the results you get on mobile versus desktop. For the same search query, different results may pop up depending on what device you are using. Plus, there are other factors that influence the mobile search results, like the location you’re at. This means that getting a good ranking for your product or content on desktop doesn’t guarantee the same result on mobile. When evaluating your performance on mobile, alway keep an eye on the mobile search results.

In addition, it is always a good idea to regularly check what Google is doing on mobile, in general, but especially in your niche. Google is continuing its push for so-called rich results — often powered by structured data — and these are more prominent on mobile. Think about it: searching for flights, events, jobs, movies, music, products and even simple facts will trigger a Google-owned rich result. We’re going to see a lot more of this going forward.

Google’s mobile-first index is live

The importance of mobile SEO is made even clearer by Google’s 2016 announcement of the mobile-first index. In July 2019, Google switched to the mobile-first index and by March 2021 all sites should be indexed mobile-first. What does this mean? For the first time, Google will determine rankings based on the quality of the mobile version of the site instead of the desktop version.

A smartphone version of Googlebot will crawl your mobile site and determine if its performance, content and user experience are up to scratch. If so, you might get a better ranking. If it is lacking, other sites might rank higher and you could lose out. Even if you’re not focusing on mobile you will still be judged by your mobile site, so now’s the time to take action.

What’s more, in January 2018, Google announced that page speed will be a ranking factor for mobile searches from July of that same year:

“The “Speed Update” applies the same standard to all pages, regardless of the technology used to build the page. The intent of the search query is still a very strong signal, so a slow page may still rank highly if it has great, relevant content.”

Check Search Console to see what Google used to crawl your pages

Things have changed

Right now, Google uses mobile-first indexing when evaluating sites. To get Google to discover and understand it properly you must keep your mobile site crawlable by taking down all possible barriers such as poorly loading scripts and not blocking stuff in your robots.txt. It also has to load lightning fast if you want to be indexed well.

Google’s Gary Illyes wrote a blog post detailing some of the things you should take care of for the mobile-first index. These include offering the same awesome content on both the mobile and desktop site, investing in structured data, offering the correct meta data, checking your hreflang set up and making sure that your servers can handle the increased crawl rate. In July 2020, added another post with even more possible improvements like making sure that you serve images and video in the proper format.

You can no longer present less information on your mobile site than on your desktop site. Your content has to be identical on both, because you will only rank based on the information on your mobile page. Don’t hide stuff! Michiel wrote a post about the so-called mobile parity. Or, like former Googler Maile Ohye told us in an interview:

“To “optimize” for the mobile-first index, make sure that what you serve to mobile users is the version of the content you’d want Google to index, not a pared down version, or a version that gets updated later than desktop, or a version that redirects to the mobile homepage.”

Maile Ohye

Don’t forget to tell Google your site is mobile-friendly. You can add a viewport declaration – if you’re using responsive design – or a Vary header when using dynamic serving. More on this later – or in Google’s developer documentation.

Read more: 5 things you need to know about mobile-first indexing »

A new Google ranking factor: Page Experience

In May 2020, Google announced a ranking factor called Page Experience. While Google has been advocating site speed for years, the page experience update adds something new: user experience. For the first time, Google takes into account how users experience a site. Does the site load quickly? Are there images or slow-loading ads blocking the rendering of a mobile site harming the user experience? The new Core Web Vitals metrics help you make sense of the perceived page experience and prioritize improvements. Somewhere in 2021, the new page experience algorithm will see the daylight.

How to improve mobile SEO

Mobile SEO is – just like regular SEO – all about making sure your site is crawlable and findable. Also, you need stellar performance, great content and a flawless UX. To get it right, you need to know how your site is currently performing and what your visitors are doing right now. For example, will people use the same keywords on mobile to find you? People often change how they search while using a mobile device. And what do you want people to do? Offering to navigate to the nearest Whole Foods is less than ideal when you’re on a desktop machine. It makes total sense on your smartphone, though.

Mobile SEO tools

You need to become best friends with Google Search Console. Its search tools are legendary and a big help if you want to find out how your site is doing in the search results. For instance, by using the Search Analytics feature, you can see how mobile and desktop users use words to find what they need. Are you targeting the right words? Should you focus on something else?

Googlebot needs to be able to crawl your JavaScript, CSS and image files to index it properly. There is a handy tool for this inside Search Console: URL Inspection. This tool lets you see exactly how Googlebot sees and renders your content. When the screen doesn’t align and the tool lists errors, you’ve got work to do.

Search Console lets you check how Google sees your mobile site

Mobile Usability tool

Another Google Search Console feature that makes your life easier is the Mobile Usability tool. This tool checks your site and presents an overview of posts and pages that don’t follow Google’s mobile-friendly rules. This is an excellent way to start improving your mobile SEO.

Other tools

Some other great tools to up your mobile SEO game are Google’s Mobile-Friendly Test, Rich Results Test, Lighthouse, Analytics, SEMrush, Ahrefs, Ryte, ScreamingFrog, and SimilarWeb.

Read more: Google Search Console: Search appearance
Read more: DIY: Test your mobile site

Mobile SEO is designing for performance

The number one thing you should be focusing on when you’re trying to improve mobile SEO is performance. Performance almost entirely boils down to site speed. It’s a no-brainer: the faster your site is, the happier your users will be. It’s well known that a site has to load within a couple of seconds or your visitors will give up and go elsewhere. If you combine this with the fact that sites are only getting bigger, it’s clear you have your work cut out.

Better get to work on that page load time

Optimizing performance, however, is a continuous process. Your site will never be fast enough because there’s always more you can improve – and that’s ok. By keeping a close watch on how your mobile site is performing, you can immediately jump onto every opportunity to improve it. Google loves fast sites, and so do your customers.

Read more: How to improve your mobile site
Read more: Page speed as a ranking factor, what you need to know

Responsive design vs. dynamic serving vs. separate domain

While developing your mobile site, you’ll have three options: responsive design, dynamic serving, or a separate site on a subdomain. Google prefers responsive design because you only have one site that adapts to the device it’s used on. There’s only one code base, so maintenance is easy. According to Google, using responsive design will make your site eligible for addition in the new mobile-first index. Always let Google know that your site is mobile-friendly by adding the meta name=“viewport” declaration in the head of your documents.

<meta name=”viewport” content=”width=device-width, initial-scale=1.0″>

Dynamic serving takes a different approach. It uses server-side technology to serve a different version of your site to mobile users, depending on the way they access your site. The URL stays the same, but the files sent are completely different. You need to add the Vary header to get Google to crawl your site. This way, Google immediately knows that it will receive mobile-optimized files from somewhere else. A Vary header appears like this when a browser makes a request:

Vary: User-Agent

The third option is a separate mobile site on a different URL – usually an m. domain – and with different content. Google supports this method, but only if you make the correct connections between your regular desktop domain and the mobile domain. Use rel=”alternate” and rel=”canonical” to tell Google how these pages are connected. More on these different types and how Google uses them on this Developers page. Or you can read our rel=”canonical” ultimate guide.

Improve site speed of your mobile site

One of the most importants aspects of mobile SEO is improving site speed. PageSpeed Insights shows you exactly how fast your site loads on both mobile and desktop. It also suggests performance improving enhancements. Use this alongside the Developer Tools in browsers and the Core Web Vitals Report in Search Console to see how your site is rendering its contents.

Among other things, PageSpeed Insights looks at the three current Core Web Vitals metrics:

CLP (largest contentful paint): The largest contentful paint happens when the largest element of a requested page appears on the screen. A good grade gives users the feeling that the site loads fast. A slow site can lead to frustration.FID (first input delay): The first input delay is the time between the first interaction of a user with an element on the requested page and the reaction of the browser to that input. How quickly your page reacts to input is of utmost importance for it to appear fast and responsive.CLS (cumulative layout shift): The cumulative layout shift measures the total time of movement on screen that happens during loading. This gives you an idea if stuff is jumping around which could make your site appear jerky.

Type in your URL and Insights will give you two scores: one for mobile and one for desktop. These will be different. If your score is red, you have much work to do. Orange means an average performance and green is good. It’ll give you suggestions on enhancing the performance of your site. Follow these suggestions, and you’ll be on the right track.

I hear you thinking:

“Nobody has a score of 0/100, right?”

Well, think again. A combination of factors can do your mobile site a lot of harm. Find a bad hosting provider, install WordPress on a crappy shared hosting platform, activate thirty plugins and upload a hundred non-optimized images to your blog and you are going to score badly. Even huge sites with big budgets score badly. But these things can be fixed. Run PageSpeed Insights and other speed analyses tools and follow their advice.

What can you do to improve your site speed?

Optimize images and use fewer imagesInvest in quality hostingUpdate PHP version to PHP7Keep your redirects in checkFix render-blocking content above the foldPrioritize visible contentOptimize and minify CSS, HTML and JavaScriptCache your assetsUse a CDNMake the transition to HTTP/2Upgrade to HTTPSLoad fewer assets like JavaScript librariesLoad fewer ad serversImprove server response time

To help you, we’ve listed five things you can do to boost your Core Web Vitals. When improving your page speed, you should always ask yourself if you need all these assets, libraries, images, plugins, theme features and so on. The famous saying “less is more” is still as valuable as ever.

Read more: Site speed tools and suggestions »

Think about implementing AMP

The Google-led open source project AMP, or Accelerated Mobile Pages, has one goal: loading your pages as fast as possible. It’s been around for some time now. In the beginning, AMP was used on static posts, like blogs or news articles, that didn’t need interaction from the user. For e-commerce purposes and other dynamic types of pages, AMP fell short – until a year or so, that is. Today, AMP is capable of powering canonical sites, with more to come. Look into what AMP could do for your site and how you might implement it. Not every site needs it, but the ones that do could gain a lot from it.

Read more about implementing AMP with WordPress »

Progressive Web Apps (PWA)

PWAs offers another way of targeting mobile users. A progressive web app (PWA) is an all-in-one solution that works on all devices, for all users. It’s the perfect crossover between the app world and the web world. The web app works like an app, without the need to publish it in an app store. PWAs combine the load speeds of mobile sites with the best functionality of a native app. When done correctly, a good PWA might fool users into thinking they are using a native app. Google has a must-read blog post if you want to know how to create indexable PWAs.

Thanks to technologies like service workers, the browser can do a lot more in the background, while keeping the front end updated in real-time. This makes it a good option if you need an app, but can’t justify the cost. There will be a lot happening with progressive web apps in the next couple of years. Every major browser — both mobile and desktop — now supports service workers, even Apple’s Safari on MacOS and iOS. There are, however, still some kinks to be ironed out before Apple’s implementation is solid.

Focus on user experience

Besides being easily found and lightning fast, your mobile site should offer an enjoyable user experience — especially now Google will factor it into their algorithm. Find out which common tasks your customers have on your site. What is their search intent? Try to remove any obstacles and make sure users can achieve their goals quickly. There’s a lot you need to consider when optimizing user experience. Here are a couple of things you need to think about:

First and foremost: don’t forget your customer!Make your site mobile site useful and enjoyableFix your font size: your typography needs to be top notch.Keep enough room between the clickable elements.Make your sub-menu clickable, so users don’t automatically go back to home instead of the submenu.Put your phone number on the homepage and make it clickable. This way, people can call you if they want to do business.Don’t make users pinch and zoom to see – and use – your interface.Make your buttons large enough for fingers.Fix your forms: bad forms are unusable on mobile.Cut the clutter.Test, adjust and test again!

Read more: 10 ways to improve mobile UX »

Optimize for local

While we use our smartphones a lot in our homes, these devices become even more useful when we’re out and about. Google found that 76% of people who searched for something nearby visited a related business within a day. 28% of those visits led to a sale.

To cope with that local demand, or so-called near me searches, you need to work on your local SEO. Local search results can look very different from regular desktop searches, so you have to know what to target and how to target it. Here are some ways you can improve your local SEO for mobile:

Write locally oriented content: It’s one of the best things you can do to improve local rankings.Build local links: Ask, and ye shall receive.Google My Business: Sign up and fill in your details. Here, you can keep your NAP data up to date, respond to reviews and upload photos, among other things.Reviews: Ask your customers for reviews, mark them up with structured data and present them on a particular page on your site. This does wonders.Photos: Take beautiful pictures of your business and add them to Google My Business.Schema.org: Add structured data for NAP details, products, reviews, etc. and you get mobile rich search results like rich cards or carousels.Contact details: Make sure your contact information is always correct and up to date. If not, fix it.Yoast Local SEO for WordPress plugin: This plugin can do a lot of the hard local SEO work for you.

Read more: Ultimate guide to small business SEO
Read more: Local ranking factors that help your business’ SEO

Finetune your mobile content

Smartphone screens are small. On that screen, text gets truncated and wrapped in a seemingly never-ending stream of paragraphs. Users have to scroll endlessly. Text on a mobile screen has the potential to give any web designer a headache. But the design – and use – of text is of crucial importance to the success of your site. If your site is unreadable or just plain ugly, people will not read your 1,000-word article. Hell, maybe not even your 100-word summary. Fix your typography.

People read a lot on their smartphones, but you have to make it as easy as possible for them to do so. You also need to make sure that your content is up to scratch.

Read more: Optimize your mobile content

Write for the small screen

Always keep the restrictions of the small screen in mind when creating or editing content. Don’t use too many long sentences, keep your paragraphs to around four sentences and break up text using bullet points, lists and headings. Nothing is more daunting to your visitor than a massive block of unformatted text. Check your content on a smartphone to see how it looks and find ways to improve it. The Yoast SEO Premium analysis can help you improve your content.

Read more: Copywriting for mobile

Write better meta descriptions and titles

Google shows less information in the search results on mobile than on a desktop. Your meta descriptions and your titles will be truncated if you make them too long. Think about that when you optimize your posts and pages. You lose several characters when optimizing your meta descriptions and titles for mobile. In Yoast SEO’s snippet editor, you can switch between a mobile and desktop preview. This way, you can compare the differences between the two and find the perfect middle ground. Yoast SEO also uses the titles and meta descriptions to fill your structured data, so make it clear to search engines what your page is about.

Read more: The Google preview in Yoast SEO

Prepare for voice search

When working on your content, you should account for voice search. Yes, it’s been around for a while, but with the advent of Apple’s Siri, Amazon’s Alexa and Google’s Home assistant, things are moving faster. More and more people are using their voice to perform actions on the web, and your content has to provide the answers. If done correctly, you might kill two birds with one stone: you’ll not only respond to questions mobile users have, but it might also lead to so-called featured snippets or answer boxes on desktop searches. Getting a featured snippet almost guarantees your content to be a top answer for assistants. Curious what’s powering conversational search?

To prepare for voice search, you need to take a good look at your current content. Ask yourself, does it answer any question a user might have? If not, change it. Find out which questions people use to find your content and optimize for that. Use Google’s autofill or tools like Answer the Public or AlsoAsked.com to find ideas for questions to answer.

Read more: How to prepare for voice search

Add Schema structured data to a mobile site

Structured data is incredibly important. By using structured data in the form of Schema.org to describe elements on your site, you can open a line of communication with search engines. Structured data makes it clear to search engines what all the different elements on your site mean. If done correctly, search engines can use this data to give you highlighted search results, known as rich results or rich snippets. This way, your site immediately stands out from the crowd, which could lead to a higher click-through rate.

Structured data allows for many new ways of presenting search results. The rich results we see in the carrousel, for instance, uses data you can add to your mobile site. The result is a snippet that is mobile-optimized and very attractive to click. Since Google is heavily investing in improving and expanding the types of rich results these might turn out to be your ticket to enhanced visibility. Try to get those featured snippets!

Structured data is one of the most important topics to get your head around. See our structured data course for an easy way to learn how to add structured data to your mobile site. This course is part of our Yoast SEO academy training subscription

Yoast SEO takes care of your Schema needs

A mobile how-to rich result

Adding Schema to your site has always been a struggle — but not any more! Yoast SEO is making it easy for you. The popular SEO plugin automatically adds an extensive list of Schema structured data properties to your site. Not only that, Yoast SEO also ties everything together in a neat graph. This graph makes it incredibly easy for a search engine to understand the true meaning of your site. That’s not all, because the free Yoast SEO structured data content blocks turn the WordPress block editor into a helpful tool to craft FAQ pages and how-to articles — with more block types to come. Both of these Schema types have a relatively easy to get rich result on mobile attached to it as well.

Read more: Structured data with Schema.org: the ultimate guide

A mobile SEO guide full of tips

This ultimate guide to mobile SEO gives you a lot of pointers to improve the performance of your mobile site. Mobile SEO should always be a work in progress because there are always new developments, but also technologies arrive and are superseded. The world is always changing, and you need to keep up. If you do, the rewards can be great.

So, what are you waiting for? Get your smartphone, check your site on a mobile browser and find and fix those issues. Use this mobile SEO guide well, because this is an important time! This is the time to take action because if you don’t, you might get left behind.

Keep reading: WordPress SEO: The definitive guide to higher rankings for WordPress sites »

The post Mobile SEO: The ultimate guide appeared first on Yoast.

Read More

6 Ways To Make Your Email Campaigns More Engaging

6 Ways To Make Your Email Campaigns More Engaging

Email marketing is all about engagement and engagement is all about relevance. The more customers find your message to be relevant, the better you can engage a customer.

Acquiring an email is half the battle won. The next challenge for marketers like you is to reach the customers’ inbox. Make customers open the email – take action.

If your customers are not engaging with the email, it’s unlikely they will feel inspired to act. Like a domino effect, you’ll notice a gap in the email conversion rate curve.

Sounds like your problem?

If that’s the case, its time to build a robust email engagement strategy that helps you increase conversions.

In this guide, you’ll learn the best ways to improve email engagement.

Let’s get started.

What is email engagement?

Email engagement measures how your subscribers interact with your email campaigns. How many open your emails, how many people click on a link within the email, and how many people converted because of an email are the most common email engagement metrics.

How to measure email engagement?

Measuring email engagement is important because without having a clear idea of how your email campaigns are performing, you won’t know what to improve.

The best way to accurately measure the effectiveness of your email campaigns is to combine the data provided by your email marketing software with a couple of Google Analytics reports.

Email Engagement Metrics

Your email software will tell you key metrics like:

Email open rate: What percentage of your subscribers opened your emails.
Click-through rate: What percentage of your subscribers clicked a link in your email.

Google Analytics will tell you what specific actions on your website (such as purchasing a product), your subscribers performed after visiting your website by following a link in your emails.

Resources to Learn More

How to get more email subscribers – 10 proven ways to get more people to subscribe to your list.
How to improve your email open rate – 15 easy tweaks to get more people to open your emails.

How to increase email engagement?

These are the six most effective ways to make your email campaigns more engaging:

Know your customers
Segment your email lists
Personalize your approach
Create dynamic content
Keep it interactive
Test, Test, Test

1. Know your customers

Every customer journey is unique. Not every customer will have the same expectation and intent to subscribe. To craft relevant emails, you need to gather as much information about your customer.

Your ultimate aim should be to build comprehensive buyer personas – a composite look of your ideal prospects and customers. It includes information such as customer contact data, descriptive data, and behavioral data.

You can also add their preferences and intent. Based on what action they take and how they behave, you can craft content to propel them through all the stages.

Email Sales Funnel

Below are the types of emails you can send at each of the five stages of the customer lifecycle.

The Awareness Stage: It’s the first stage of the customer lifecycle. In this stage, potential customers begin to explore your product or service. They browse through your website or App.

It’s not yet about email. They may start to follow your brand on social channels or make direct visits to your website.

The Interest Stage: At this point, you can get on board the new customers with a welcome email. Impress them sharing exciting content—for example, articles, blogs, newsletters.

The Consideration Stage: The consideration stage is where your customers’ begin to research to ensure that they will make the best possible selection.

Before making a purchase decision, they start comparing your product and service with competitors.

Sending them case studies, product comparison reports are great email candidates for this stage.

The Intent Stage: At this stage, you can email them some of your best customer reviews, testimonials, and reviews.

Send emails, including relevant offers and discounts. It is at this stage they will make a decision to purchase your products or not.

The Purchase Stage: Once customers make a purchase, you can send thank you emailers, customer support, and follow-up emails.

Additionally, eCommerce businesses may also send order notifications, delivery updates, and product recommendations.

Retention: Now, when you’ve successfully converted a prospect into a customer. Your next aim should be to nurture them further. Build long term relationships to turn them into brand loyalists and advocates.

At this stage, you can send them emailers wishing them on their birthday or anniversary. Consider sharing exclusive and valuable content. Send industry-related updates, latest product, and service-related information upgrades, latest offers, and reviews.

2. Segment your email lists

The secret behind some of the most successful email campaigns is email list segmentation. When done right, email segmentation can improve all the email campaign KPIs and increase revenue.

Email segmentation is one of the best techniques to make your email campaigns targeted and relevant.

What is email segmentation?

It merely means dividing email list into groups and subgroups based on customer demographics, demographics, psychographics, and behavior.

Traditionally, marketers used basic demographics like age, gender, location, etc. to segment email lists but today, email list segmentation can go beyond demographics.

Email List Segmentation Options

For example, you can group emails of customers who haven’t opened your email in the last 60 days.

Or let’s say you want to target some of your best customers who purchased above $10,000 previous Black Friday. In short, the options to segment email lists are endless.

Here are few out of the box techniques you can consider to segment your email lists:

Buyer Persona – Buyer Personas are a composite look of your ideal customers. It includes customer contact data, descriptive data, and behavioral data.

For example, you may want to list customers who faced a similar kind of challenge in the past or want to list customers who share the same birthday, anniversary date, etc.

Engagement – Based on how your customers engage with your email campaigns, you can consider segmenting email lists based on open rate and conversion rate.

For example, you can list customers who’ve been inactive for the last six months and drive a re-engagement campaign.

Stages of the customer journey – We’ve already discussed how important it is to align your email marketing strategy with the buyer’s journey.  Based on what stage your customer is, you can draft relevant emails and dynamic content.

For example, you can group emails of customers who downloaded a new eBook and are ready to move to the next stage.

Order Value – Every customer has their way of interacting with your product and service. Not all customers spend the same on your product.

You can consider targeting customers with lower order value by running a targeted email campaign offering them relevant discounts and offers.

Visa Vi, you can also list customers’ emails with higher-order value to drop a “thank you” note for being a loyal customer.

3. Personalize your approach

The next step is to personalize your emails. Personalization, in terms of email marketing, is all about exercising timely one-on-one communication using relevant content.

Email Personalization Benefits

Some of the basic email personalization includes tactics like using a customer’s name in the subject line, creating dynamic content – Copy, design, and images – based on a customer’s gender, location, or other things you know about them.

Some of the advanced tactics include integrating a customer’s recent purchase history, browsing history, and tracking their website behavior to drive relevant campaigns.

Here’s what you can think of personalizing while sending your next email campaign.

Content – Every customer journey is no less than a story. Besides using the customer’s name in the subject line, you can create a personalized message referring to the buyer persona.

Copy – Use unique customer information to compliment your content with personalized Copy. For example, use details like customer name, last product purchased, birth, etc. to create action-driven text.

Images – Based on the type of customer you’re interacting with, you can personalize the image as well.

For example, if you’re targeting companies through an email campaign, you can use their logo in the image.

Also, if you’ve permission to store pictures of customers, you add their photos as well.

4. Create relevant content

In successful email campaigns, the content serves as a muse encouraging consumers to share their thoughts, ideas, opinions, and experiences.

Connect with your customers in a personal and human way, ensuring two-way communication. Refer to the buyer persona to craft personalized and relevant content.

Example of Good Email Content (Source: Optinmonster)

For example, you can share newsletters with links to your best blogs, how-to articles, case studies, webinars, etc.

Below are three ways to make your email content more engaging:

Start from the subject line – Use personalized subject lines that appeal to your customers. Keep the headline crisp, short, and to the point. Use relevant words to strike a chord at an emotional level. Adding emojis is another excellent way to grab attention.

Create Dynamic Content – Keep changing your content as per your customer’s behavior, preferences, and intent. Maintain a conversational tone to connect in a personal way, ensuring two-way communication.

Don’t take design for granted – Design can help enhance the customer experience (CX) further. A well-designed email with the right combination of creative layouts, imagery, and call to actions (CTAs), is responsive.

Here are best practices to ensure an appealing design:

Use grids to guide your customers: Use an Inverted Pyramid design to help customers focus on what’s most important.

Include imagery, graphics, and colors: Grab your customer’s attention by adding colors and graphics as per your brand’s visual guidelines.

Make it easy to read: Use borders, geometric shapes, layouts to showcase what is important. If you’re sending newsletters or any other format which demands lengthy content divide each section effectively.

Make the CTAs stand out: Get your best copywriters on the job to write effective CTAs. Use a box to highlight your CTA rather than a hyperlink. 

5. Keep it interactive

Interactive elements are not only fun but also an effective way to increase conversions and click-through rates.

Think outside the box. Find creative ways to utilize these interactive elements in different ways.

For example:

QR Codes: Use QR codes to make your emails look more attractive and engaging. You can use them to reveal special offers, discounts and as invitation passes to an event, etc. Try to create a QR code now for one of your upcoming campaigns.

Increase email engagement with QR Codes.

Polls and Surveys: Embed surveys, polls, and reviews in your email instead of sending just a survey link. These are effective ways to gain valuable customer feedback and information and a great way to express that you care!

Videos: Share your content using videos. Distribute content of all sorts creating videos of different genres.

For example, send your customers videos of live events, webinars, product demos, and training programs. You can also do podcasts and video interviews, and so on.

Scratch cards: Take advantage of the curiosity gap using scratch cards in emails to treat your customers with a unique experience. Instead of sending discounts, rewards, or any offer directly, use scratch cards to help customers reveal themselves.

Hamburger Menu: Ever noticed an icon with three lines piled on another? Mostly used as an icon to website menus, these are also known as hamburger menu. Add these to your email layout to increase click-through rates.

6. Test, Test, Test
Importance of Email Testing (source: SendGrid)

Review your email to prevent embarrassing errors such as typos, repeated, and spam words. Alongside, send a test email to check how each email client displays your email.

There are more than a thousand email clients across the globe. Each supports different features and requires different coding your HTML. Below are six things to test before sending an email

Subject Line: Ensure your subject line stands out and is error-free.

Images: Send a test email and preview your email in all relevant email clients. Often, the images you use can be blocked by email clients. Check for broken images.

CTAs: Check if CTA buttons are working correctly.

ALT text: Text below images help customers understand the content even if the image is blocked. So don’t miss out on the ALT text.

Devices: Given that you’re using a responsive email design, preview your email on mobile, desktop, and tablets.

Interactivity elements: If you’re using GIFs, surveys, polls, or any other interactivity elements in your email design, ensure they’re working correctly.

Key Learnings

Customer engagement is pivotal to marketing. It’s the same in the case of email marketing. The more customers engage, the better you can convert and build relationships.

Only when your customers open an email, click on the calls to action (CTA), a conversion takes place. Hence it’s vital to ensure a higher open rate and click-through rate to increase email conversion rate.

Not only that, but engaged customers also allow you an opportunity to build better relationships. The more relevant your email is, the better you can engage a customer.

The best way to stay relevant to your customers is to know and listen to them. Understand their needs, interests, and expectations at each stage. Only then can you make your email campaigns more engaging.

Here’s what you need to keep in mind:

Gather as much data about your customers as possible via digital as well as physical channels.
To create winning email campaigns, use personalization to make your email more effective and engaging.
Segment your list based on your campaign goals to enhance conversions from your email campaigns.

The post 6 Ways To Make Your Email Campaigns More Engaging appeared first on reliablesoft.net.

Read More

Adjusting Paid Campaigns During a Recession

Adjusting Paid Campaigns During a Recession

Posted by ryanmoothart

Our world changed dramatically in March of 2020 as a new viral threat to our livelihoods took hold in the United States and around the world. Here in the US (at the time of writing this post), COVID-19 has not relented

Some industries have been more heavily affected than others. For example, travel and tourism businesses have been hurting far more than many other industries due to social distancing guidelines and stay-at-home orders.

However, all businesses should re-evaluate their planned budgets for paid search and other paid digital campaigns for the next 12 to 24 months. Hopefully, this pandemic cedes faster than that and the economy comes out of our pending depression more rapidly at some point next year. But since nobody can know for sure when that will happen, it’s better to be safe and plan accordingly. Ask yourself the following questions:

What assumptions did you make about your priorities heading into 2020?How has the global pandemic and economic recession affected those priorities thus far?How have your trends changed and what shift(s) have you already had to make?

You’ll be on your way to creating a more stable plan for your paid digital advertising campaigns once you’re able to answer those questions.

Now comes the most difficult part: how do you take these changes into account and plan ahead for the next year, or even two years?

To do this effectively, you need to make a choice about which overarching business goal is more important to you:

1. Drive sufficient sales volume even at the expense of profitability.

OR

2. Maintain a profitability margin even if it means losing out on sales volume.

Don’t pick both. Obviously, you want to drive more sales and maintain or increase profitability — everyone wants to do that. But if your business has struggled since the breakout of this recession, you don’t have the luxury right now of picking both. If you pursue both goals, you’re more likely to implement competing tactics in your campaigns that may result in hitting neither. So, pick one. If you can hit it consistently going forward in this new environment, then you can start striving to hit the other in addition.

Focusing on sales volume

If your primary goal is sales volume, reference the year-over-year trends you’ve witnessed since the COVID-19 outbreak and the onset of the recession. Pay close attention to the last month or two since things have started returning to a “more normal” outlook with regards to businesses reopening (albeit with strong rules around social distancing). For instance:

Have you seen website traffic bounce back a bit since May, but not sales or conversions?Have these things increased in certain channels but not in others?How has your ad spend volume correlated with these shifts in conversions?Have you seen increases in cost per conversion levels that look more stable now?How do all of these things compare year over year?

Whatever you’re witnessing after answering these questions, plan on those year-over-year trends continuing for the foreseeable future. Take into account seasonality and plan out how many conversions, sales, and/or how much revenue you want to acquire each month or each week going forward. Once you have those hard numbers planned out, do some quick math by accounting for your cost per conversion and return on ad spend (ROAS) levels, and correlate how much money you’re going to need to spend to meet those sales targets.



Do these new budgets and targets allow you to meet your overall sales goals? You may find you’re able to hit targets for a certain channel directly (paid search, for example), but will still be behind overall. If that’s the case, reference your impression share or share of voice metrics, competitive insights, and tools like Moz or Google Trends to see if it’s realistic to push for even more sales volume if your existing forecasts don’t meet your goals.

If these things indicate little room for potential growth, revise your sales volume targets and expectations down to account for this new post-COVID normal. In this instance, your opportunity for potential growth will lie in high-funnel channels (e.g. programmatic advertising, digital video ads, traditional media buying) to reach more potential new customers. Just be sure to account for how many conversions or sales these high-funnel channels actually assist with to make sure you’re putting your advertising budgets to good use.

Focusing on profitability

If your primary goal is profitability, reference the same trends and answer the same set of questions as above. Again, pay close attention to the last month or two as the economic recession has begun settling itself in for the long haul. Whatever you’re witnessing, plan on those year-over-year trends continuing. Then, taking into account seasonality, forecast what your campaign budgets should be by month or by week given your desired ROAS or ROI levels.

Instead of having to adjust your budgets up in order to hit a desired sales volume threshold, you may find that your forecasted budget is lower than you originally anticipated coming into 2020. You’re likely going to have to cut budgets down or pause certain campaigns entirely that just aren’t profitable right now as changes in conversion costs and/or demand have negatively impacted your trends. If this is happening to you, plan on taking that budget you’re now cutting out of your certain paid campaigns and reinvest any potential remaining funds into other channels or savings (assuming such funds aren’t wiped out by lower sales volume).

This opportunity to maintain a certain profit margin will likely result in less overall revenue and return for your business as a whole. The goal here is to stay profitable enough where you don’t have to make significant cuts to your overall business. Sacrifice what you need to in paid digital advertising to stay afloat and maintain viability throughout the duration of this economic recession.

One more thing to keep in mind

As we’re still in the early stages of vast uncertainty, be nimble and reactive as economic circumstances change. You may find yourself doing a lot more re-forecasting on a consistent basis this year and next year due to fluctuation in economic climate and outlook. Just remember everyone else is in the same boat as you — nobody knows what’s coming in the next year or two, let alone the next few months.

To help us serve you better, please consider taking the 2020 Moz Blog Reader Survey, which asks about who you are, what challenges you face, and what you’d like to see more of on the Moz Blog.

Take the Survey

Sign up for The Moz Top 10, a semimonthly mailer updating you on the top ten hottest pieces of SEO news, tips, and rad links uncovered by the Moz team. Think of it as your exclusive digest of stuff you don’t have time to hunt down but want to read!

Read More

The Easiest Way to Update WordPress Premium Themes and Plugins

The Easiest Way to Update WordPress Premium Themes and Plugins

WordPress has a built-in feature to install themes and plugins by supplying a zip file. Unfortunately, you cannot upgrade a theme or plugin using the same process. Instead, WordPress will say “destination already exists” when trying to upgrade using a zip file and will fail to upgrade the theme or plugin.

Easy Theme and Plugin Upgrades fixes this limitation in WordPress by automatically upgrading the theme or plugin if it already exists.

While upgrading, a backup copy of the old theme or plugin is first created. This allows you to install the old version in case of problems with the new version.

Updates are surely a massive part of WordPress and if you want to maintain functionality and keep things running smoothly, you must complete your updates. With that said updates can be a pain in the butt some times. We would like to share the easiest and most efficient way you can update your WordPress premium themes and plugins. Never again will you have to deactivate, delete and re-install. Follow the steps below and enjoy.

Log into your site and visit Plugins > Add New
Search for Easy Theme and Plugin Upgrades
Install and activate

Now when you need to update a premium plugin or theme, simple upload it and this plugin will give you an option to upgrade and override the already installed theme or plugin.  See screenshot below.

Current Subscribers

Simply fill out the form below with your name and your email address and this will instantly subscribe you to our WP TAT™ campaign.

This way you will never miss a new post and never miss out on these valuable FREE tips to make your WordPress life better!

#mc_embed_signup{background:#fff; clear:left; font:14px Helvetica,Arial,sans-serif; }
/* Add your own Mailchimp form style overrides in your site stylesheet or in this style block.
We recommend moving this block and the preceding CSS link to the HEAD of your HTML file. */

* indicates required

First Name *

Email Address *

(function($) {window.fnames = new Array(); window.ftypes = new Array();fnames[1]=’FNAME’;ftypes[1]=’text’;fnames[0]=’EMAIL’;ftypes[0]=’email’;}(jQuery));var $mcj = jQuery.noConflict(true);

The post The Easiest Way to Update WordPress Premium Themes and Plugins appeared first on WP Fix It.

Read More