Tag - Guide

Beginner’s Guide to Image SEO – Optimize Images for Search Engines


Are you looking to improve image SEO on your website? When optimized properly, image search can bring many new visitors to your website.

To benefit from image SEO, you need to help search engines find your images and index them for the right keywords.

In this beginner’s guide, we will show you how to optimize image SEO by following top best practices.

Image SEO guide for beginners

Here is a brief overview of what you’ll learn in this article.

  • Optimizing your images for SEO and Speed
  • What is Alt text?
  • Difference between Alt text vs title
  • Difference between alt text and caption
  • How to add alt text, title, and caption to images in WordPress
  • When to use captions for images
  • Disable attachment pages in WordPress
  • Additional tips to improve image SEO

Optimizing Your Images for SEO and Speed

Speed plays an important role in SEO and user experience. Search engines consistently rank fast websites higher. This is also true for the image search.

Images increase your overall page load time. They take longer to download than text, which means your page loads slower if there are several large image files to download.

You need to make sure that images on your site are optimized for web. This can be a little tricky to get used to since many beginners are not experts in graphics and image editing.

We have a handy guide on how to properly optimize images before uploading them to your website.

The best way to optimize images is by editing them on your computer using a photo editing software like Adobe Photoshop. This allows you to choose the right file format to create a small file size.

You can also use an image compression plugin for WordPress. These image optimizer plugins allow you to automatically reduce file size while uploading an image to WordPress.

What is Alt Text?

Alt text or alternative text is an HTML attribute added to the img tag which is used to display images on a web page. It looks like this in plain HTML code:

<img src="http://www.wpbeginner.com/fruitbasket.jpeg" alt="A fruit basket" />

It allows website owners to describe the image in plain text. The main purpose of the alternate text is to improve accessibility by enabling screen readers to read out the alt text for visually impaired users.

Alt text is also crucial for image SEO. It helps search engines understand the context of the image.

Modern search engines can recognize an image and it’s content by using artificial intelligence. However, they still rely on website owners to describe the image in their own words.

Alt text also accompanies images in Google image search, which helps users understand the image and improves your chances of getting more visitors.

Alt text used in search results

Usually, alt text is not visible on your website. However if an image is broken or cannot be found, then your users will be able to see the alternate text with a broken image icon next to it.

Alternate text displayed next to a broken image

What is the Difference Between Alt Text vs Title

Alt text is used for accessibility and image SEO, while title field is used internally by WordPress for media search.

Search image by title

WordPress inserts the alt tag in the actual code used to display the image. The title tag is stored in the database to find and display images.

In the past, WordPress inserted the title tag in the HTML code as well. However, it was not an ideal situation from the accessibility point of view, which is why they removed it.

What is the Difference Between Alt Text vs Caption

The alt text is used to describe the image for search engines and screen readers. On the other hand, the caption is used to describe the image for all users.

Alt text is not visible on your website while captions are visible below your images.

Example of a caption displayed below an image

The alt text is crucial for better image SEO on your website. The caption is optional and can be used only when you need to provide additional information about the image to website visitors.

How to Add Alt Text, Title, and Caption to Images in WordPress

Alt text, title, and caption make up the image metadata that you can add to images when uploading them into WordPress.

When you add an image using the default image block, WordPress allows you to add caption and alt text for the image.

Adding alt text and caption to an image in WordPress

It automatically generates a title for the image from the file name. You can change the title by clicking on the edit button in the image block’s toolbar.

Editing an image in default WordPress editor

This will bring up the media uploader popup where you can enter your own custom title for the image.

Changing image title in WordPress

You can also edit the alt tag and title for the images that you have already uploaded to WordPress. To do that, you need to visit Media » Library page and locate the image you want to edit.

WordPress media library

Simply clicking on an image will bring up the attachment details popup where you can enter title, alt text, and caption.

Add alt tag and title via media library

Note: Changing an image’s alt tag or caption via Media Library will not change it in the posts and pages where the image is already used.

When to Use Captions for Images in WordPress

Captions allow you to provide additional details for an image to all your users. They are visible on the screen for all users including search engines and screen readers.

An image gallery with captions for each image

As you may have noticed that most websites don’t normally use captions with images in their blog posts or pages. That’s because captions are often not needed to explain an image.

Captions are more suitable in the following scenarios:

  • Family or event photos
  • Photos that need additional explanation describing the background story
  • Product image galleries

In most cases, you would be able to explain the image in the article content itself.

Disable Attachment Pages in WordPress

WordPress creates a page for all images you upload to your posts and pages. It is called the attachment page. This page just shows a larger version of the actual image and nothing else.

This can have a negative SEO impact on your search rankings. Search engines consider pages with little to no text as low quality or ‘thin content’.

This is why we recommend users to disable the attachment pages on your website.

The easiest way to do this is by installing and activating the Yoast SEO plugin. For more details, see our step by step guide on how to install a WordPress plugin.

Upon activation, it automatically turns off attachment URLs. You can also manually turn off attachment pages in WordPress by visiting SEO » Search Appearance page and clicking on the Media tab.

Disable attachment URLs in WordPress

From here, make sure that the ‘Media & attachment URLs’ option is set to ‘Yes’.

If you are not using Yoast SEO plugin, then you can install the Attachment Pages Redirect plugin. This plugin simply redirects people visiting the attachment page to the post where the image is displayed.

You can also do this manually, by adding the following code to your theme’s functions.php file or a site-specific plugin.

function wpb_redirect_attachment_to_post()  
if ( is_attachment() )  
global $post;
if( empty( $post ) ) $post = get_queried_object();	
if ($post->post_parent)	
	$link = get_permalink( $post->post_parent );
	wp_redirect( $link, '301' );
	exit(); 
	
else	
	// What to do if parent post is not available
	wp_redirect( home_url(), '301' );
	exit(); 
	


add_action( 'template_redirect', 'wpb_redirect_attachment_to_post' );

Additional Tips to Improve Image SEO

Adding alt tag is not the only thing you can do to improve image SEO. Following are a few additional tips that you should keep in mind when adding images to your blog posts.

1. Write descriptive alt text

Many beginners often just use one or two words as alt text for the image. This makes the image too generic and harder to rank.

For example, instead of just ‘kittens’ use ‘Kittens playing with a yellow rubber duck’.

2. Use descriptive file names for your images

Instead of saving your images as DSC00434.jpeg, you need to name them properly. Think of the keywords that users will type in the search to find that particular image.

Be more specific and descriptive in your image file names. For example, red-wooden-house.jpeg is better than just house.jpeg.

3. Provide context to your images

Search engines are getting smarter every day. They can recognize and categorize images quite well. However, they need you to provide context to the image.

Your images need to be relevant to the overall topic of the post or page. It is also helpful to place the image near the most relevant text in your article.

4. Follow the SEO best practices

You also need to follow the overall SEO guidelines for your website. This improves your overall search rankings including image search.

5. Use original photographs and images

There are many free stock photography websites that you can use to find free images for your blog posts. However, the problem with stock photos is that they are used by thousands of websites.

Try to use original photographs or create quality images that are unique to your blog.

We know that most bloggers are not photographers or graphic designers. Luckily, there are some great online tools that you can use to create graphics for your websites.

We hope this article helped you learn about Image SEO for your website. You may also want to see our guide on how to fix common image issues in WordPress.

If you liked this article, then please subscribe to our YouTube Channel for WordPress video tutorials. You can also find us on Twitter and Facebook.

The post Beginner’s Guide to Image SEO – Optimize Images for Search Engines appeared first on WPBeginner.



Source link

The Ultimate WordPress Security Guide (Step by Step)


WordPress security is a topic of huge importance for every website owner. Google blacklists around 10,000+ websites every day for malware and around 50,000 for phishing every week.

If you are serious about your website, then you need to pay attention to the WordPress security best practices. In this guide, we will share all the top WordPress security tips to help you protect your website against hackers and malware.

Complete WordPress security guide

While WordPress core software is very secure, and it’s audited regularly by hundreds of developers, there is a lot that can be done to keep your site secure.

At WPBeginner, we believe that security is not just about risk elimination. It’s also about risk reduction. As a website owner, there’s a lot that you can do to improve your WordPress security (even if you’re not tech savvy).

We have a number of actionable steps that you can take to protect your website against security vulnerabilities.

To make it easy, we have created a table of content to help you easily navigate through our ultimate WordPress security guide.

Table of Contents

Basics of WordPress Security

WordPress Security in Easy Steps (No Coding)

WordPress Security for DIY Users

Ready? Let’s get started.

Why Website Security is Important?

A hacked WordPress site can cause serious damage to your business revenue and reputation. Hackers can steal user information, passwords, install malicious software, and can even distribute malware to your users.

Worst, you may find yourself paying ransomware to hackers just to regain access to your website.

Why WordPress security is important

In March 2016, Google reported that more than 50 million website users have been warned about a website they’re visiting may contain malware or steal information.

Furthermore, Google blacklists around 20,000 websites for malware and around 50,000 for phishing each week.

If your website is a business, then you need to pay extra attention to your WordPress security.

Similar to how it’s the business owners responsibility to protect their physical store building, as an online business owner it is your responsibility to protect your business website.

[Back to Top ↑]

Keeping WordPress Updated

Keeping WordPress updated

WordPress is an open source software which is regularly maintained and updated. By default, WordPress automatically installs minor updates. For major releases, you need to manually initiate the update.

WordPress also comes with thousands of plugins and themes that you can install on your website. These plugins and themes are maintained by third-party developers which regularly release updates as well.

These WordPress updates are crucial for the security and stability of your WordPress site. You need to make sure that your WordPress core, plugins, and theme are up to date.

[Back to Top ↑]

Strong Passwords and User Permissions

Manage strong passwords

The most common WordPress hacking attempts use stolen passwords. You can make that difficult by using stronger passwords that are unique for your website. Not just for WordPress admin area, but also for FTP accounts, database, WordPress hosting account, and your custom email addresses which use your site’s domain name.

Many beginners don’t like using strong passwords because they’re hard to remember. The good thing is that you don’t need to remember passwords anymore. You can use a password manager. See our guide on how to manage WordPress passwords.

Another way to reduce the risk is to not give anyone access to your WordPress admin account unless you absolutely have to. If you have a large team or guest authors, then make sure that you understand user roles and capabilities in WordPress before you add new user accounts and authors to your WordPress site.

[Back to Top ↑]

The Role of WordPress Hosting

Your WordPress hosting service plays the most important role in the security of your WordPress site. A good shared hosting provider like Bluehost or Siteground take the extra measures to protect their servers against common threats.

Here is how a good web hosting company works in the background to protect your websites and data.

  • They continuously monitor their network for suspicious activity.
  • All good hosting companies have tools in place to prevent large scale DDOS attacks
  • They keep their server software and hardware up to date to prevent hackers from exploiting a known security vulnerability in an old version.
  • They have ready to deploy disaster recovery and accidents plans which allows them to protect your data in case of major accident.

On a shared hosting plan, you share the server resources with many other customers. This opens the risk of cross-site contamination where a hacker can use a neighboring site to attack your website.

Using a managed WordPress hosting service provides a more secure platform for your website. Managed WordPress hosting companies offer automatic backups, automatic WordPress updates, and more advanced security configurations to protect your website

We recommend WPEngine as our preferred managed WordPress hosting provider. They’re also the most popular one in the industry. (See our special WPEngine coupon).

[Back to Top ↑]

WordPress Security in Easy Steps (No Coding)

We know that improving WordPress security can be a terrifying thought for beginners. Especially if you’re not techy. Guess what – you’re not alone.

We have helped thousands of WordPress users in hardening their WordPress security.

We will show you how you can improve your WordPress security with just a few clicks (no coding required).

If you can point-and-click, you can do this!

Install a WordPress Backup Solution

Install a WordPress backup solution

Backups are your first defense against any WordPress attack. Remember, nothing is 100% secure. If government websites can be hacked, then so can yours.

Backups allow you to quickly restore your WordPress site in case something bad was to happen.

There are many free and paid WordPress backup plugins that you can use. The most important thing you need to know when it comes to backups is that you must regularly save full-site backups to a remote location (not your hosting account).

We recommend storing it on a cloud service like Amazon, Dropbox, or private clouds like Stash.

Based on how frequently you update your website, the ideal setting might be either once a day or real-time backups.

Thankfully this can be easily done by using plugins like VaultPress or UpdraftPlus. They are both reliable and most importantly easy to use (no coding needed).

[Back to Top ↑]

Best WordPress Security Plugin

After backups, the next thing we need to do is setup an auditing and monitoring system that keeps track of everything that happens on your website.

This includes file integrity monitoring, failed login attempts, malware scanning, etc.

Thankfully, this can be all taken care by the best free WordPress security plugin, Sucuri Scanner.

You need to install and activate the free Sucuri Security plugin. For more details, please see our step by step guide on how to install a WordPress plugin.

Upon activation, you need to go to the Sucuri menu in your WordPress admin. The first thing you will be asked to do is Generate a free API key. This enables audit logging, integrity checking, email alerts, and other important features.

Generate Sucuri API Key

The next thing, you need to do is click on the ‘Hardening’ tab from the settings menu. Go through every option and click on the “Apply Hardening” button.

Sucuri security hardening

These options help you lock down the key areas that hackers often use in their attacks. The only hardening option that’s a paid upgrade is the Web Application Firewall which we will explain in the next step, so skip it for now.

We have also covered a lot of these “Hardening” options later in this article for those who want to do it without using a plugin or the ones that require additional steps such as “Database Prefix change” or “Changing the Admin Username”.

After the hardening part, the default plugin settings are good enough for most websites and don’t need any changes. The only thing we recommend customizing is ‘Email Alerts’.

The default alert settings can clutter your inbox with emails. We recommend receiving alerts for key actions like changes in plugins, new user registration, etc. You can configure the alerts by going to Sucuri Settings » Alerts.

Set up security email alerts

This WordPress security plugin is very powerful, so browse through all the tabs and settings to see all that it does such as Malware scanning, Audit logs, Failed Login Attempt tracking, etc.

Enable Web Application Firewall (WAF)

The easiest way to protect your site and be confident about your WordPress security is by using a web application firewall (WAF).

A website firewall blocks all malicious traffic before it even reaches your website.

DNS Level Website Firewall – These firewall route your website traffic through their cloud proxy servers. This allows them to only send genuine traffic to your web server.

Application Level Firewall – These firewall plugins examine the traffic once it reaches your server but before loading most WordPress scripts. This method is not as efficient as the DNS level firewall in reducing the server load.

To learn more, see our list of the best WordPress firewall plugins.

Sucuri WAF

We use and recommend Sucuri as the best web-application firewall for WordPress. You can read about how Sucuri helped us block 450,000 WordPress attacks in a month.

Attacks blocked by Sucuri

The best part about Sucuri’s firewall is that it also comes with a malware cleanup and blacklist removal guarantee. Basically if you were to be hacked under their watch, they guarantee that they will fix your website (no matter how many pages you have).

This is a pretty strong warranty because repairing hacked websites is expensive. Security experts normally charge $250 per hour. Whereas you can get the entire Sucuri security stack for $199 per year.

Improve your WordPress Security with the Sucuri Firewall »

Sucuri is not the only DNS level firewall provider out there. The other popular competitor is Cloudflare. See our comparison of Sucuri vs Cloudflare (Pros and Cons).

[Back to Top ↑]

Move Your WordPress Site to SSL/HTTPS

SSL (Secure Sockets Layer) is a protocol which encrypts data transfer between your website and users browser. This encryption makes it harder for someone to sniff around and steal information.

How SSL works

Once you enable SSL, your website will use HTTPS instead of HTTP, you will also see a padlock sign next to your website address in the browser.

SSL certificates were typically issued by certificate authorities and their prices start from $80 to hundreds of dollars each year. Due to added cost, most website owners opted to keep using the insecure protocol.

To fix this, a non-profit organization called Let’s Encrypt decided to offer free SSL Certificates to website owners. Their project is supported by Google Chrome, Facebook, Mozilla, and many more companies.

Due to this, it is now easier than ever to start using SSL for all your WordPress websites. For step by step instructions, see our article on how to get a free SSL certificate for your WordPress website.

WordPress Security for DIY Users

If you do everything that we have mentioned thus far, then you’re in a pretty good shape.

But as always, there’s more that you can do to harden your WordPress security.

Some of these steps may require coding knowledge.

Change the Default “admin” username

In the old days, the default WordPress admin username was “admin”. Since usernames make up half of login credentials, this made it easier for hackers to do brute-force attacks.

Thankfully, WordPress has since changed this and now requires you to select a custom username at the time of installing WordPress.

However, some 1-click WordPress installers, still set the default admin username to “admin”. If you notice that to be the case, then it’s probably a good idea to switch your web hosting.

Since WordPress doesn’t allow you to change usernames by default, there are three methods you can use to change the username.

  1. Create a new admin username and delete the old one.
  2. Use the Username Changer plugin
  3. Update username from phpMyAdmin

We have covered all three of these in our detailed guide on how to properly change your WordPress username (step by step).

Note: We’re talking about the username called “admin”, not the administrator role.

[Back to Top ↑]

Disable File Editing

WordPress comes with a built-in code editor which allows you to edit your theme and plugin files right from your WordPress admin area. In the wrong hands, this feature can be a security risk which is why we recommend turning it off.

Disable file editing in WordPress

You can easily do this by adding the following code in your wp-config.php file.

// Disallow file edit
define( 'DISALLOW_FILE_EDIT', true );

Alternatively, you can do this with 1-click using the Hardening feature in the free Sucuri plugin that we mentioned above.

[Back to Top ↑]

Disable PHP File Execution in Certain WordPress Directories

Another way to harden your WordPress security is by disabling PHP file execution in directories where it’s not needed such as /wp-content/uploads/.

You can do this by opening a text editor like Notepad and paste this code:

<Files *.php>
deny from all
</Files>

Next, you need to save this file as .htaccess and upload it to /wp-content/uploads/ folders on your website using an FTP client.

For more detailed explanation, see our guide on how to disable PHP execution in certain WordPress directories

Alternatively, you can do this with 1-click using the Hardening feature in the free Sucuri plugin that we mentioned above.

[Back to Top ↑]

Limit Login Attempts

By default, WordPress allows users to try to login as many time as they want. This leaves your WordPress site vulnerable to brute force attacks. Hackers try to crack passwords by trying to login with different combinations.

This can be easily fixed by limiting the failed login attempts a user can make. If you’re using the web application firewall mentioned earlier, then this is automatically taken care of.

However, if you don’t have the firewall setup, then proceed with the steps below.

First, you need to install and activate the Login LockDown plugin. For more details, see our step by step guide on how to install a WordPress plugin.

Upon activation, visit Settings » Login LockDown page to setup the plugin.

Login Lockdown options

For detailed instructions, take a look at our guide on how and why you should limit login attempts in WordPress.

[Back to Top ↑]

Add Two Factor Authentication

Two-factor authentication technique requires users to log in by using a two-step authentication method. The first one is the username and password, and the second step requires you to authenticate using a separate device or app.

Most top online websites like Google, Facebook, Twitter, allow you to enable it for your accounts. You can also add the same functionality to your WordPress site.

First, you need to install and activate the Two Factor Authentication plugin. Upon activation, you need to click on the ‘Two Factor Auth’ link in WordPress admin sidebar.

Two Factor Authenticator settings

Next, you need to install and open an authenticator app on your phone. There are several of them available like Google Authenticator, Authy, and LastPass Authenticator.

We recommend using LastPass Authenticator or Authy because they both allow you to back up your accounts to the cloud. This is very useful in case your phone is lost, reset, or you buy a new phone. All your account logins will be easily restored.

We will be using the LastPass Authenticator for the tutorial. However, instructions are similar for all auth apps. Open your authenticator app, and then click on the Add button.

Add website

You will be asked if you’d like to scan a site manually or scan the bar code. Select the scan bar code option and then point your phone’s camera on the QRcode shown on the plugin’s settings page.

That’s all, your authentication app will now save it. Next time you log in to your website, you will be asked for the two-factor auth code after you enter your password.

Enter your two-factor auth code

Simply open the authenticator app on your phone and enter the code you see on it.

[Back to Top ↑]

Change WordPress Database Prefix

By default, WordPress uses wp_ as the prefix for all tables in your WordPress database. If your WordPress site is using the default database prefix, then it makes it easier for hackers to guess what your table name is. This is why we recommend changing it.

You can change your database prefix by following our step by step tutorial on how to change WordPress database prefix to improve security.

Note: This can break your site if it’s not done properly. Only proceed, if you feel comfortable with your coding skills.

[Back to Top ↑]

Password Protect WordPress Admin and Login Page

Password protect WordPress admin area

Normally, hackers can request your wp-admin folder and login page without any restriction. This allows them to try their hacking tricks or run DDoS attacks.

You can add additional password protection on a server-side level, which will effectively block those requests.

Follow our step-by-step instructions on how to password protect your WordPress admin (wp-admin) directory.

[Back to Top ↑]

Disable Directory Indexing and Browsing

Disable directory browsing

Directory browsing can be used by hackers to find out if you have any files with known vulnerabilities, so they can take advantage of these files to gain access.

Directory browsing can also be used by other people to look into your files, copy images, find out your directory structure, and other information. This is why it is highly recommended that you turn off directory indexing and browsing.

You need to connect to your website using FTP or cPanel’s file manager. Next, locate the .htaccess file in your website’s root directory. If you cannot see it there, then refer to our guide on why you can’t see .htaccess file in WordPress.

After that, you need to add the following line at the end of the .htaccess file:

Options -Indexes

Don’t forget to save and upload .htaccess file back to your site. For more on this topic, see our article on how to disable directory browsing in WordPress.

[Back to Top ↑]

Disable XML-RPC in WordPress

XML-RPC was enabled by default in WordPress 3.5 because it helps connecting your WordPress site with web and mobile apps.

Because of its powerful nature, XML-RPC can significantly amplify the brute-force attacks.

For example, traditionally if a hacker wanted to try 500 different passwords on your website, they would have to make 500 separate login attempts which will be caught and blocked by the login lockdown plugin.

But with XML-RPC, a hacker can use the system.multicall function to try thousands of password with say 20 or 50 requests.

This is why if you’re not using XML-RPC, then we recommend that you disable it.

There are 3 ways to disable XML-RPC in WordPress, and we have covered all of them in our step by step tutorial on how to disable XML-RPC in WordPress.

Tip: The .htaccess method is the best one because it’s the least resource intensive.

If you’re using the web-application firewall mentioned earlier, then this can be taken care of by the firewall.

[Back to Top ↑]

Automatically log out Idle Users in WordPress

Logged in users can sometimes wander away from screen, and this poses a security risk. Someone can hijack their session, change passwords, or make changes to their account.

This is why many banking and financial sites automatically log out an inactive user. You can implement similar functionality on your WordPress site as well.

You will need to install and activate the Inactive Logout plugin. Upon activation, visit Settings » Inactive Logout page to configure plugin settings.

Logout idle users

Simply set the time duration and add a logout message. Don’t forget to click on the save changes button to store your settings.

[Back to Top ↑]

Add Security Questions to WordPress Login Screen

Add security question on login screen

Adding a security question to your WordPress login screen makes it even harder for someone to get unauthorized access.

You can add security questions by installing the WP Security Questions plugin. Upon activation, you need to visit Settings » Security Questions page to configure the plugin settings.

For more detailed instructions, see our tutorial on how to add security questions to WordPress login screen.

[Back to Top ↑]

Scanning WordPress for Malware and Vulnerabilies

Malware scanning

If you have a WordPress security plugin installed, then those plugins will routinely check for malware and signs of security breaches.

However, if you see a sudden drop in website traffic or search rankings, then you may want to manually run a scan. You can use your WordPress security plugin, or use one of these malware and security scanners.

Running these online scans is quite straight forward, you just enter your website URLs and their crawlers go through your website to look for known malware and malicious code.

Now keep in mind that most WordPress security scanners can just scan your website. They cannot remove the malware or clean a hacked WordPress site.

This brings us to the next section, cleaning up malware and hacked WordPress sites.

[Back to Top ↑]

Fixing a Hacked WordPress Site

Many WordPress users don’t realize the importance of backups and website security until their website is hacked.

Cleaning up a WordPress site can be very difficult and time consuming. Our first advice would be to let a professional take care of it.

Hackers install backdoors on affected sites, and if these backdoors are not fixed properly, then your website will likely get hacked again.

Allowing a professional security company like Sucuri to fix your website will ensure that your site is safe to use again. It will also protect you against any future attacks.

For the adventurous and DIY users, we have compiled a step by step guide on fixing a hacked WordPress site.

[Back to Top ↑]

That’s all, we hope this article helped you learn the top WordPress security best practices as well as discover the best WordPress security plugins for your website.

If you liked this article, then please subscribe to our YouTube Channel for WordPress video tutorials. You can also find us on Twitter and Facebook.

The post The Ultimate WordPress Security Guide (Step by Step) appeared first on WPBeginner.



Source link

How to Choose the Best Products to Sell Online (Beginner’s Guide)


You want to make extra money on the side, so you looked into several online business ideas and decided that creating an online store is the way to go.

The next step is where beginners often struggle the most: choosing which products to sell on your online store.

In this ultimate guide, we will explain how to easily choose the best products to sell online by following our step by step process.

Choosing products to sell online

1. Basics of Choosing Products to Sell on Your Ecommerce Store

Before you start looking into products that you can sell, there are some basics that you need to keep in mind. Let’s look at some of the most important ones first.

1. Choosing Your Ecommerce Platform

First you need to choose a platform that you want to use to sell your products.

Choosing the right eCommerce platform is important because it would affect your choice of products and how you do business.

Choosing an eCommerce platform

WooCommerce is the most popular eCommerce platform in the world. It is easy to use, and you can use it to sell all kind of products while accepting payments using multiple payment gateways. See our guide on how to start an online store to get started with WooCommerce.

However, WooCommerce is not the only platform out there. There are some great WooCommerce alternatives that could be better for you depending on what you are trying to sell.

If you lack technical skills and want a quicker way to build an online store, then you may want to look into Shopify. It is a fully hosted solution that takes care of all the technical stuff. The catch here is that you will be paying a little more, and your costs will grow as you make more sales.

For a side by side comparison, see our article on Shopify vs WooCommerce with the pros and cons of both platforms.

2. Shipping

Shipping has a huge impact on the success of an eCommerce store. A study conducted by Business Insider discovered that higher shipping costs are the #1 cause of all abandoned shopping carts online.

Shipping costs more cart abandonment

You would obviously want to select products that you can ship at lower costs or for free. If you only plan to sell digital products (music, video, software, ebook, etc), then you don’t have to worry about shipping because the products will be downloaded by customers online.

3. Inventory

Do you want to manage inventory and keep products stocked? For that, you will need storage space and inventory management through your eCommerce software. Keeping products in stock will increase your cost of business.

On the other hand, drop-shipping solves this problem. You can select products that are shipped directly by the manufacturer or supplier.

4. Price

You’ll need to find products where you can offer a competitive price to your customers. If the product you are selling is more expensive than your competitors, then obviously that would discourage many first time buyers.

2. Types of Products That You Can Sell Easily

There are many different kinds of products that you can sell in your online store. Let’s narrow them down into two major sections.

1. Commoditized Products

These are products that everyone needs and are sold by many small and large stores without any difference in quality. For example, everyday products like soap, detergent, cereal, and more.

These products are made by some of the largest brands in the retail industry and are available widely with little to no difference in price.

This makes it harder for you to compete with giants like Amazon, Walmart, Target, etc. They can offer those products at lower costs, free shipping, and other perks.

This rules out a large number of products for you.

2. Niche Products

These are products that are unique or hand-made, available in limited stocks, and from specific suppliers. Think of home-made soaps, novelty t-shirts, ceramics, gift items, software, and countless other products.

Since these products are not widely available, they give you a competitive advantage.

There are even unique platforms like Etsy stores where you can find small vendors who make beautiful products and would love to partner up with other stores.

Etsy stores

You can also find suppliers abroad using websites like AliExpress or Alibaba.com. These suppliers can make those niche products to your specifications and deliver them to you.

Niche products are available in almost any product category imaginable. You’ll find tons of unique ideas as you do your product research.

This brings us to our next tip.

3. Doing Product Research On Your Own

Don’t use your best guess to select products you sell online. Back it up with data so that you know there is a demand for these products and customers are looking for them.

The first tool you are going to use for your research is Amazon.

It is the world’s largest eCommerce store with thousands of products. Luckily, it is also a treasure trove of free data that you can scrap and make your decisions.

Go through different product categories to find out top performing products in each category. Keep narrowing down your search to sub-categories to find targeted sub-niches of products.

Let’s suppose you wanted to sell kid’s toys, narrow down your search to very specific toy categories. This excludes popular products, and you get a very focused set of products as you filter through.

Narrow down categories to find product data

Switch to the ‘Bestsellers’ view to find the top performing products on Amazon under each category.

Sort products by Bestsellers

SEMRush is another great tool that you can use to gather data from competitors or any eCommerce store you want.

SEMRush

It shows you where those eCommerce stores are getting most of their traffic, which products they are promoting through paid advertisements, what are their most viewed products, and more.

It also shows your competitor’s product listing ads from Google. You can see their best performing product listing ads, keywords, and other data.

Here are some other tools you can use to gather product data from other websites.

  • Ahrefs – A powerful competitor research tool that will show what’s popular on the websites of your competitors.
  • AdPlexity – A popular eCommerce research tool that helps you collect eCommerce data from across the web, from competitors, or any other website.
  • AmazeOwl – It is an Amazon product reseach tool available as a free desktop application.

4. Use Customer Personas to Find Product Ideas

Using customer personas to find products

A customer persona is a fictional profile of an ideal customer that you want to target. You create this profile by answering simple questions about an ideal buyer.

This is your target audience and personifying them helps you understand them better when you are doing product research.

If you have an existing store, then you can use eCommerce tracking in Google Analytics to build an ideal buyer persona.

If you are just starting out, then use your best guess to build a customer persona. This exercise helps you understand your customer’s needs, questions they may have, and what kind of products they would like to buy.

To learn more about buyer persona, see this guide on creating a concrete buyer persona with ready-made templates and examples.

5. Find Products You are Passionate About

As career advisors say, ‘Choose a job you love, and you’ll never have to work a day in your life’.

Similarly, choosing products that you are passionate about helps you sell them more effectively.

These could be products that you personally love and passionately recommend to your family and friends. These could be products related to a hobby or activity that you are passionate about.

Nothing drives more passion when you build something useful and want others to use it.

Following your passion allows you to look deeply into products and find ideas that offer real value to your customers.

We hope this article helped you learn how to choose the best products to sell online. You may also want to see our article on tips to grow your business online without spending a lot of money.

If you liked this article, then please subscribe to our YouTube Channel for WordPress video tutorials. You can also find us on Twitter and Facebook.

The post How to Choose the Best Products to Sell Online (Beginner’s Guide) appeared first on WPBeginner.



Source link

How to Add Social Share Buttons in WordPress (Beginner’s Guide)


Do you want to add social share buttons in WordPress? Social media websites are where people spend a lot of their time on internet.

You can use social media to build user engagement and bring new users to your website. The simplest way to do this is by adding social sharing buttons to WordPress posts and pages.

In this article, we’ll show you how to easily add social share buttons and display share counts in WordPress. We will cover couple of different ways to do this, so you can add social buttons above and below post content or make a floating share bar..

How to Add Social Share Buttons in WordPress - Easy Way

Why You Should Add Social Share Buttons in WordPress?

Social networking is one of the most popular online activities today. It is estimated that by the end of 2019, there will be around 2.77 billion social media users around the globe. (Source)

That’s why social media marketing is now a crucial part of any businesses’ growth strategy. If you want to reach more potential customers, then social media platforms are highly effective channels to communicate with them.

The problem is that when you share your content on your own social media profiles, tit only reaches a limited number of your own followers.

The best way to reach people who don’t follow your business on social media is by adding social sharing buttons to your WordPress site.

Social share buttons prompt your website visitors to share your content on their social media timeline. This allows your content to be seen by their friends and followers who can then add comments, like, and re-share it.

Adding social sharing buttons to your website can help you:

  • Get more traffic to your website
  • Increase your social media following
  • Generate more leads and sales
  • Build social proof and brand recognition

Having said that, let’s see how to easily add social share buttons in WordPress.

Adding Social Share Buttons in WordPress

For this tutorial, we’ll be using the Shared Counts plugin. It is the best WordPress social media plugin available on the market.

Using this plugin, you can easily add social share buttons in your WordPress posts and also display the share counts. The best part is that it is optimized for performance and doesn’t slow down your website.

Unlike other social sharing plugins, Shared Counts uses a unique caching method to have minimal impact on your website’s speed and performance.

The first thing you need to do is to install and activate the Shared Counts plugin. For detailed instructions, see our step by step guide on how to install a WordPress plugin.

After you’ve installed the plugin, you need to go to Settings » SharedCounts menu to configure plugin settings.

Shared Counts WordPress menu

Next, you need to scroll down to the ‘Display’ section and choose the share buttons you want to display. By default, three buttons are selected (Facebook, Twitter, and Pinterest).

Shared Counts Plugin - select social share buttons

You can click on the white area in the field to add additional share buttons that you want.

Add social share buttons in Shared Counts

Next, you can choose the share button style from the dropdown menu labeled “Share Button Style”. Shared Counts plugin comes with 8 beautiful button styles.

Shared Counts share button styles

After that, you’ll need to select the theme location where you want to display the social share buttons. You can choose from 3 options: Before Content, After Content, and Before and After Content.

Theme Locations for Social Share Buttons

Lastly, you need to select the supported post types. It has ‘post’ selected by default.

If you want to display share buttons on your pages and other post types, then you can check the box next to page option.

Supported Post types Shared Counts

Don’t forget to click on the Save Changes button to store your settings.

Once done, you can visit any post on your website to see the social sharing buttons in action. Here’s how our demo website looks with the ‘Classic’ button style on default Twenty Nineteen theme.

Social Share Buttons by Shared Counts

How to Display Social Share Counts in WordPress?

As the name suggests, Shared Counts plugin can also show your social share counts without slowing down your website.

To enable social share counts, you’ll need to go to the Shared Counts settings and set up the share count source.

On the Shared Counts settings window, you’ll see the ‘Share Counts’ settings at the top.

By default, you’ll see the None option selected for ‘Count Source’ which means that share counts are not being retrieved and displayed.

Share Counts Source none Shared Counts

To show the social share counts, you can choose from two sources.

Share Counts Source Options

The SharedCount.com is the recommended option for the plugin. If you choose this option, the counts are retrieved from the SharedCount service API. It allows fetching all counts with only 2 API calls which is the best for performance.

If you choose the ‘Native’ option, share counts are retrieved from the respective social service, like Facebook API for Facebook counts, Pinterest API for Pin counts. This method can slow down your site because it will require multiple API calls.

We recommend choosing SharedCount.com as your count source. Next, you’ll see a field for SharedCount API key.

Shared Counts API field

You can get the SharedCount API by signing up to for a free account on SharedCount.com website.

Register for SharedCounts com

Enter your email address and a password. Then click Create Account.

Create SharedCounts.com account

The website will now send a confirmation link to your email address. You need to click the link to verify.

SharedCounts.com account verified

Once your email is verified, you need to log into your SharedCount account and navigate to your account at the top right side of the screen. There, you’ll see your email address and a dropdown icon next to it.

SharedCounts.com account

Next, you need to click the drop-down menu and select ‘Settings’. From here you’ll find your SharedCount API key.

SharedCounts.com API key

You need to copy the API key and go back to your plugin’s settings page on your WordPress site. Now, go ahead and paste the API key in the ‘SharedCount API Key’ field.

Insert SharedCounts API key

Below that, you’ll see some other settings related to social share counts. You can review and change them if you like.

If you want to show the total counts, then you can check the box next to ‘Count Total Only’ option.

We also recommend checking the box to hide empty counts instead of displaying a zero (0).

Share count options

Next, you will see a new ‘Total Counts’ field in the Display section. This allows you to show total share counts alongside your share buttons.

Add Total Counts button Shared Counts Plugin

Don’t forget to click on the ‘Save changes’ button to store your settings.

You can now visit your website to see the social sharing buttons with share count for each blog post.

Adding Social Share Buttons on Selected Pages

Typpically social share buttons aren’t usually added to WordPress pages however sometimes you may want to enable them on some specific pages.

If so then, you can use the Shared Counts shortcode: [[shared_counts]].

You can add this shortcode anywhere on your website to display the share buttons.

To add shortcodes in WordPress, there is a shortcode block in the WordPress block editor.

Shortcode Block in Gutenberg Editor

You can simply add the block to your content area and then paste the Shared Counts shortcode.

Insert Shared Counts Shortcode

Using the shortcode, you can add social share buttons really anywhere on your site.

Adding Floating Social Share Bar in WordPress

The Shared Counts plugin allows you to add social share buttons above content, below content, or both above and below content. These share buttons are static and not visible all the time.

Another popular way to display social sharing buttons is by adding a floating social sharing bar. It is a social sharing menu that sticks on users’ screens as they scroll down.

Unlike the standard sharing buttons, the floating social share bar will be seen the whole time a user reads your article. Making them more noticeable and helping you boost social sharing.

Some user experience experts argue that it makes your website look bad as it fills out the white space. However, if you can keep it clean, then it can be quite useful.

For the floating social share buttons, you need to install and activate the Sassy Social Share plugin.

Upon activation, the plugin will add a new menu item labeled ‘Sassy Social Share’ to your WordPress admin sidebar. Clicking on it will take you to the plugin’s settings page.

Select your button style

First, you need to choose an icon style. The plugin comes with square, rounded, and rectangle buttons. You can choose styles for both the floating social share bar and the standard share bar.

Next, you need to switch to the ‘Standard Interface’ tab. From here you can enable or disable the standard static social sharing buttons.

Standard sharing buttons

We recommend using either floating or static social buttons. Using both of them will be an overkill and may create a bad user experience.

Next, you need to switch to the ‘Floating Interface’ tab and check the box next to ‘Enable Floating sharing interface’ option.

Floating social share plugin settings

After that, you need to choose the social media websites you want to display. You can add or remove buttons and rearrange them by simple drag and drop.

Once you are finished, click on the ‘Save Changes’ button to store your settings.

You can now visit your website to see floating social share buttons in action. Here’s how it looked on our demo website.

Floating social share buttons

We hope this article helped you learn how to add social share buttons in WordPress. You may also want to learn how to add social media icons to WordPress menus and how to add the social icons to the sidebar.

If you liked this article, then please subscribe to our YouTube Channel for WordPress video tutorials. You can also find us on Twitter and Facebook.



Source link

Ultimate Guide to Creating a WordPress Membership Site


Do you want to build a membership website? For a long time, website owners relied solely on advertising and affiliate revenue to monetize their content.

A membership website allows you to make money online by allowing users to pay for premium content, features, and access to the community.

You will need a platform that has features for managing users, memberships, payments, etc. Luckily, there are some really great membership plugins for WordPress that make it super easy.

In this step by step guide, we will show you how to easily create a WordPress membership site without any coding knowledge.

Creating a WordPress membership website

What Do You Need to Start a WordPress Membership Website?

Unlike 10 years ago, it’s quite easy to make a website these days. Out of all the platforms and website builders, WordPress makes it the easiest for anyone to build their own membership website and start selling with little to no technical skills.

You’ll need the following three things to start:

  1. A domain name. This will be your website’s address (Example, wpbeginner.com).
  2. A web hosting account. This is where your website files are stored.
  3. A membership addon (It will convert your regular website into a membership platform).

You can set up a fully functional membership website with WordPress in less than 30 minutes, and we’ll walk you through every step of the process.

Below are the steps that we will cover to help you make a powerful membership website with WordPress.

  1. Getting started with a membership site
  2. Choosing a WordPress membership plugin
  3. Setting up your membership website
  4. Adding payment methods
  5. Adding membership levels
  6. Restricting access based on membership plans
  7. Creating members only content
  8. Creating a pricing page
  9. Adding sign up and login forms
  10. Customizing email templates
  11. Viewing reports to grow your website
  12. Extending your membership website

Ready? Let’s get started.

Step 1. Getting Started with a WordPress Membership Site

To create a membership site, you must make sure that you are using the right WordPress platform. Yes, there are two types of WordPress.

We recommend using the self-hosted WordPress.org version because it gives you unrestricted access to all features and tools that you need (see the full comparison of WordPress.com vs WordPress.org).

For a self hosted WordPress site, you’ll need a WordPress hosting account, domain name, and a SSL certificate.

Typically, a domain name costs around $14.99 / year, web hosting around $7.99 / month, and SSL certificate costs around $69.99 / year.

If you are just starting out, then these startup costs can add up quickly.

Thankfully, we have a way to fix that.

Bluehost, an official WordPress recommended hosting provider, has agreed to offer our users a free domain name, free SSL certificate, and a discount on web hosting.

Basically, you can get all of the above for $2.75 per month.

→ Click here to Claim this Exclusive Bluehost offer ←

Note: At WPBeginner we believe in full transparency. If you sign up with Bluehost using our referral link, then we will earn a small commission at no extra cost to you (in fact, you will save money and get a free domain + SSL certificate). We would get this commission for recommending just about any WordPress hosting service, but we only recommend products that we use personally and believe will add value to our readers.

Once you have signed up for hosting, the next step is to install WordPress. Follow the instructions in our step by step guide on how to start a WordPress blog, and you’ll be up and running in no time.

Since Bluehost already comes with WordPress pre-installed, you can move on to setting up your WordPress membership site.

Step 2. Choosing a WordPress Membership Plugin

There are plenty of free and paid WordPress membership plugins that you can use. However, each one of them has its own pros and cons. We have a full comparison of the best WordPress membership plugins.

To choose the right WordPress membership plugin, you need to decide what kind of membership website do you want to build and what features will you need?

If you just want to allow user registration on your WordPress site, then you can use WPForms. It is a WordPress form builder plugin that allows you to easily create user login and registration forms. You can even allow users to submit articles without accessing the WordPress admin area.

On the other hand, if you want to sell subscriptions, paid content, or digital downloads, then you’ll need a more robust WordPress membership plugin, like MemberPress.

MemberPress comes with advanced membership features that allow you to accept payments, create membership levels, restrict access based on levels, and more.

Selling online courses can be another possible scenario. In this case, you’ll need LearnDash, a complete WordPress LMS plugin with all the learning management features.

You can also integrate LearnDash into MemberPress to create a powerful website with online courses as well as membership subscriptions.

That being said, let’s start setting up your WordPress membership website.

Step 3. Setting up Your WordPress Membership Website

We are choosing MemberPress as our go-to plugin because it has all the features we mentioned above, and it works perfectly with third-party plugins necessary for the growth of your business.

First thing you need to do is install and activate the MemberPress plugin. For more details, see our step by step guide on how to install a WordPress plugin.

Upon activation, you need to visit the MemberPress » Options page to configure the plugin settings.

MemberPress options page

Step 4. Add a Payment Method

The options page is divided into different tabs. The first thing you need to set up is a payment gateway because it allows you to accept payments on your membership site.

You can do this by switching to the ‘Payments’ tab and then selecting your payment gateway.

MemberPress payments

MemberPress supports PayPal (Standard, Express, and Pro), Stripe, and Authorize.net out of the box. You need to select the payment method you want to setup and provide the required credentials.

You can also add multiple payment methods by clicking on the add button to add another payment method.

We typically use two options: Stripe for credit cards and PayPal as a secondary option because some users prefer PayPal over giving out credit card details.

Don’t forget to click on the ‘Update Options’ button at the bottom of the page to save your settings.

Step 5. Creating Membership Levels

The next step is to create membership levels that your users can purchase. Each membership level can have different pricing plans, perks, and access. You can even have a free membership plan.

To create a membership level, you need to go to MemberPress » Memberships page and click on the ‘Add New’ button at the top.

Add membership level

On the next page, enter a title for this particular membership plan and then provide the plan details in the post editor.

You will need to set the pricing and expiration for this plan under the membership terms section.

Membership plan

In the example above, we have created a yearly membership plan.

After that, you need to scroll down to the membership options meta box below the post editor. This is where you can customize permissions and membership options for this particular plan.

Membership options

Once you are satisfied with the membership plan, you can click on the publish button to make it available.

Go ahead and repeat this process to create as many membership plans that you need.

Step 6. Restrict Access for Membership Plans

The next step is to select which content would be available to different membership plans on your website. MemberPress makes it very easy to control access using ‘Rules’.

You can setup rules by visiting the MemberPress » Rules page and clicking on the Add New button at the top.

Add new rules

The rule edit page allows you to select different conditions and associate them to a membership plan.

For example, you can select all content that matches a particular tag or category to be available only to members with the silver subscription plan.

Add a rules set to MemberPress

You can also create more specific rules. For example, a single post or page, child pages, or a specific URL.

Below the rules editor, you’ll see the content drip and expiration options.

Drip content allows you to gradually release content to users instead of giving it all away at once. The expiration option makes the content unavailable after a defined period of time.

If you are not sure, then you should leave them unchecked.

Once you are satisfied, go ahead and click on the ‘Save Rule’ button to save your rule settings.

Repeat the process to create more rules as needed for your membership site.

Step 7. Adding Members Only Content

MemberPress makes it super easy to create members-only content using Rules.

In the above example, we created a rule that restricted all content tagged as paid to be restricted. Now all we need to do is to create our paid content and add the paid tag to it.

Adding members only content

MemberPress also adds ‘MemberPress Unauthorized Access’ metabox below the post editor. This allows you to select what logged out users (non-members) will see when they reach this content.

Restricted content options

You can use the global default settings, or you can show excerpts, login form, or a custom message.

Once you have added members-only content, you can go ahead and publish it. As the page reloads, you will see a success message that this content is protected.

Protected content

Step 8. Create a Pricing Page

This is the page your users will see when they want to sign up for a membership plan. On this page, users will be able to select a membership plan and then move to the payment page.

Users who try to access the restricted or paid areas of your website will also be redirected to this page.

You can configure this by going to MemberPress » Groups page and clicking on the Add New button at the top.

Creating a group

First, enter a title for the group plan page. This will also be the title for the plans page that users will see.

Next, go down to ‘Group options’ metabox and add memberships that you want to display on the page.

Pricing group options

You can also select a theme for the pricing table. MemberPress comes with few ready-made templates for that.

Once satisfied, click on the ‘Publish’ button to make your plan publicly visible.

To preview your pricing page, click on the ‘View Group’ link after publishing it.

Pricing page

Redirect users to pricing page

Now that we have the pricing page ready, the next step is to redirect unauthorized users to the pricing page.

To do that, first you need to visit MemberPress » Groups page and copy the URL next to the group you created in the previous step.

Pricing page URL

After that, go to MemberPress » Options page and scroll down to the ‘Unauthorized Access’ section.

You need to check the box next to ‘Redirect unauthorized visitors to a specific URL’ option and then paste the group URL you copied earlier.

Redirect unauthorized users to pricing page

Click on the ‘Update Options’ button to save your settings.

Now unauthorized users will be redirected to the pricing plans page when they try to access a members only area.

Step 9. Add Sign up and User Login Forms

Now that you have everything set up, it is time to allow your users to easily find their way around your website.

First, you need to add a user login form so that members can sign in to their accounts.

Go to Appearance » Widgets and add ‘MemberPress login’ widget to a sidebar.

MemberPress login widget

Next, we will be adding the pricing page link to the navigation menu, so that new users can select a plan and register.

You can do this by visiting the Appearance » Menus page in your WordPress admin. From the left column, you need to click on the Groups tab to expand it. It will show the pricing plan group you created earlier.

Add pricing plans to the menu

Check the box next to your pricing page and then click on the ‘Add to menu’ button.

The pricing plan page will now appear in the right column. You can drag and drop to rearrange its position in the menu. You can also edit it and change the link text.

Edit menu item

Don’t forget to click on the save menu button to store your changes.

You can now log out of the WordPress admin area and visit your website to see everything in action.

Membership website preview

Step 10. Customizing Membership Email Templates

Your WordPress membership plugin will send several email notifications to members. MemberPress allows you to easily edit those emails and make changes to include your own branding.

Simply go to MemberPress » Options page and click on the ‘Emails’ tab. From here you can manage email notifications sent by MemberPress.

Editing email notifications in MemberPress

You will see all the email notifications sent by MemberPress to members as well as Administrators. You can click on the edit button to customize any of these notices.

Edit email notices

You can use a simple text editor to edit the email message with basic formatting options and smart tags to insert dynamic items like names, username, membership level, and more.

Make sure that you click on ‘Send Test’ button to send yourself a couple of test notifications. This will ensure that MemberPress can send email notifications.

If you are having trouble receiving email notifications, then see our guide on how to fix WordPress not sending email issue.

Step 11. Viewing Reports to Grow your Membership Website

To grow any business, you need data to make informed decisions. MemberPress comes with built-in reports to see how your membership website is doing.

Simply go to the MemberPress » Reports page. From here, you can sort reports by monthly, yearly, or all time data.

MemberPress reports

It will show you number of active, inactive, free, paid, and total members. It will also show you average member lifetime value and other data. You can scroll below to see more charts and click on a date to view transactions.

However, the most important metric of judging a membership website’s success is user engagement.

This is where you’ll need Google Analytics. It allows you to see where your users are coming from and what they do when they are on your website.

MonsterInsights, the most popular Google Analytics plugin for WordPress, offers a complete MemberPress integration that makes it easy to enable Enhanced Ecommerce Tracking for MemberPress.

For detailed instructions, see our guide on how to track user engagement using Google Analytics in WordPress.

Taking Your Membership Website to The Next Level

MemberPress is a powerful WordPress membership plugin. It allows you to easily grow your membership website.

It works beautifully with LearnDash, which allows you to easily create courses and leave the selling part to MemberPress.

You can also use it alongside BuddyPress and bbPress.

Here are some other useful resources to help you grow your WordPress membership site.

That’s all, we hope this article helped you setup your WordPress membership website. You may also want to see our step by step WordPress SEO guide for beginners.

If you liked this article, then please subscribe to our YouTube Channel for WordPress video tutorials. You can also find us on Twitter and Facebook.

The post Ultimate Guide to Creating a WordPress Membership Site appeared first on WPBeginner.



Source link

How to Get a Free SSL Certificate for Your WordPress Website (Beginner’s Guide)


Did you know that Google shows all non-SSL websites as “Not Secure”. This means that if you are not using a SSL certificate on your website, then you’ll lose customers trust.

Because SSL certificate helps protect your website data, it’s actually a requirement for accepting payments online.

Normally, paid SSL certificates are quite expensive. If you are just starting a blog or making a DIY business website, then you likely want to keep costs low.

Luckily, there are multiple ways to get a free SSL certificate to reduce your website cost. In this article, we will show you how to easily get a free SSL certificate for your WordPress website and set it up all by yourself.

Getting a free SSL certificate for your WordPress site

We will also cover the following topics:

  • What is an SSL Certificate?
  • Why You need an SSL certificate for Your WordPress Site
  • How does SSL certificate work to keep information secure
  • How much SSL certificates cost
  • How you can get a free SSL certificate
  • How to Install a free SSL certificate in WordPress

Ready? Let’s get started.

What is SSL?

SSL stands for Secure Sockets Layer. It is an internet protocol for securing data transfer between a user’s browser and the website they are visiting.

Every internet user transfers information when they visit websites. This information can often be sensitive like payment details, credit card information, or login credentials.

Using the normal HTTP protocol means this information can be hijacked by hackers. This is where SSL or HTTPS comes in.

Websites need an SSL certificate issued by one of the recognized certificate issuing authority. This certificate is verified and highlighted in the user’s browser address bar with a padlock sign and HTTPS instead of HTTP.

Address bar showing SSL secure padlock icon with HTTPs

Do I Need an SSL Certificate for My WordPress Website?

SSL / HTTPS is recommended for all websites on the internet. However, it is absolutely required for all websites that collect user information like login details, payment information, credit cards, and more.

If you are running an e-commerce store, a membership website, or require users to login, then you need to get an SSL certificate right away.

Most online payment services require your website to use SSL/HTTPs before you can receive payments.

Apart from security, SSL certificate also creates a positive impression of your brand among your users. Google also recommends using SSL, and research shows that SSL-enabled websites rank slightly higher in search results.

Last but not least, if your website is not using an SSL certificate, then Google Chrome will show your users that your website is not secure.

Not secure label shown in Google Chrome web browser

This icon affects your brand image and user’s trust on your website.

How Does SSL Certificate Work?

Now that we have explained what is SSL and why is it important, you might be wondering how does an SSL certificate actually works?

SSL protects information by encrypting the data transfer between a user’s browser and the website.

When a user visits an SSL/HTTPs website, their browser first verifies if the website’s SSL certificate is valid.

If everything checks out, then the browser uses the website’s public key to encrypt the data. This data is then sent back to the intended server (website) where it is decrypted using the public key and a secret private key.

How SSL works to protect data transfer

How Much Do SSL Certificates Cost?

Cost of SSL Certificates differs from one certificate authority to another. Their pricing could be anywhere between $50-200 / year. Some providers offer add-on services with their certificates which may also affect the cost of your SSL certificate.

If you are going to purchase an SSL certificate, then we recommend GoDaddy. They are the largest domain name registration service in the world, managing more than 77 million domains.

They offer simple SSL certificate plans starting from $74.99 / year. After you have purchased an SSL certificate, you can ask your hosting provider to install it for you.

But before you do that, you should check to see if you can get the SSL certificate for free.

How Can I Get an SSL Certificate for Free?

A lot of website owners are reluctant to use SSL due to the additional cost. This left many small websites vulnerable to data and information theft.

A non-profit project called Let’s Encrypt decided to fix this by establishing a free certificate authority.

The purpose of this certificate authority is to make it easier for website owners to get a free SSL certificate. Internet becomes a safer place if more and more websites start using SSL.

Due to the significance of the project, it quickly earned the support of major companies like Google, Facebook, Shopify, WordPress.com and many others.

The challenge is that installing the free SSL certificate by Let’s Encrypt for a beginner user is quite difficult because it requires coding knowledge and server systems knowledge.

Thankfully, all of the best WordPress hosting companies are now offering free SSL certificate with all their hosting plans (some are using Let’s Encrypt).

Choosing one of these providers will save you from the hassle of installing the free SSL certificate on your own.

Here are the top WordPress hosting companies that offer free SSL certificate with their hosting plans.

If you are already using one of these companies, then you can turn on your free SSL certificate from your hosting dashboard. Simply login to your hosting account’s cPanel dashboard and scroll down to the ‘Security’ section.

Enable free SSL certificate from cPanel

Bluehost users will find the free SSL option by visiting My Sites » Manage Site page. From here, you can switch to the security tab and turn on free SSL certificate for your website.

Bluehost free SSL

Depending on your hosting company, your web hosting control panel may look different than the screenshot above. If you are having trouble locating the free SSL option, then you can ask your hosting provider to enable it for you.

If your web hosting company does not offer free SSL, then you can easily follow our guide to switch your hosting and move your sites to one of the companies above.

Installing Free SSL Certificate and Setting up WordPress

Once you have enabled your free SSL Certificate, you will need to set up WordPress to start using HTTPS instead of HTTP in all your URLs.

The easiest way to do this is by installing and activating the Really Simple SSL plugin on your website. For more details, see our step by step guide on how to install a WordPress plugin.

Upon activation, the plugin will check to see if your SSL certificate is enabled. After that, it will turn on HTTP to HTTPS redirect and change your website settings to start using SSL/HTTPs.

SSL enabled in WordPress

To make your website completely secure, you need to make sure that URLs of your website are loading using the HTTPS protocol. Really Simple SSL plugin does that automatically by fixing the URLs when the page loads.

Even if a single URL still loads using the insecure HTTP protocol, then browsers will treat your entire website as not fully secure.

Connection not fully secure

To fix these URLs, you will need to use your browser’s inspect tool to find them and then replace them with the correct HTTPs URLs. For more on this, see our tutorial on how to fix mixed content error in WordPress.

Really Simple SSL Plugin makes it super easy to set up free SSL certificate in WordPress. That’s why we recommend it for all beginners.

However, it catches insecure URLs when the page loads, which increases your page load time a little bit. This is why advanced users who are concerned about WordPress speed uses the manual method to setup their free SSL certificate.

We have created detailed step by step instructions to help you properly switch WordPress from HTTP to HTTPS (which shows both the manual method and the plugin method).

We hope this article helped you learn how to get a free SSL certificate for your WordPress site. You may also want to see our step by step guide on how to create free business email address for your WordPress site.

If you liked this article, then please subscribe to our YouTube Channel for WordPress video tutorials. You can also find us on Twitter and Facebook.

The post How to Get a Free SSL Certificate for Your WordPress Website (Beginner’s Guide) appeared first on WPBeginner.



Source link

How to Optimize Your Robots.txt for SEO in WordPress (Beginner’s Guide)


Recently one of our readers asked us for tips on how to optimize the robots.txt file to improve SEO. Robots.txt file tells search engines how to crawl your website which makes it an incredibly powerful SEO tool. In this article, we will show you how to create a perfect robots.txt file for SEO.

Using WordPress robots.txt file to improve SEO

What is robots.txt file?

Robots.txt is a text file that website owners can create to tell search engine bots how to crawl and index pages on their site.

It is typically stored in the root directory also known as the main folder of your website. The basic format for a robots.txt file looks like this:


User-agent: [user-agent name]
Disallow: [URL string not to be crawled]

User-agent: [user-agent name]
Allow: [URL string to be crawled]


Sitemap: [URL of your XML Sitemap]

You can have multiple lines of instructions to allow or disallow specific URLs and add multiple sitemaps. If you do not disallow a URL, then search engine bots assume that they are allowed to crawl it.

Here is what a robots.txt example file can look like:


User-Agent: *
Allow: /wp-content/uploads/
Disallow: /wp-content/plugins/
Disallow: /wp-admin/

Sitemap: https://example.com/sitemap_index.xml


In the above robots.txt example, we have allowed search engines to crawl and index files in our WordPress uploads folder.

After that, we have disallowed search bots from crawling and indexing plugins and WordPress admin folders.

Lastly, we have provided the URL of our XML sitemap.

Do You Need a Robots.txt File for Your WordPress Site?

If you don’t have a robots.txt file, then search engines will still crawl and index your website. However, you will not be able to tell search engines which pages or folders they should not crawl.

This will not have much of an impact when you’re first starting a blog and do not have a lot of content.

However as your website grows and you have a lot of content, then you would likely want to have better control over how your website is crawled and indexed.

Here is why.

Search bots have a crawl quota for each website.

This means that they crawl a certain number of pages during a crawl session. If they don’t finish crawling all pages on your site, then they will come back and resume crawl in the next session.

This can slow down your website indexing rate.

You can fix this by disallowing search bots from attempting to crawl unnecessary pages like your WordPress admin pages, plugin files, and themes folder.

By disallowing unnecessary pages, you save your crawl quota. This helps search engines crawl even more pages on your site and index them as quickly as possible.

Another good reason to use robots.txt file is when you want to stop search engines from indexing a post or page on your website.

It is not the safest way to hide content from the general public, but it will help you prevent them from appearing in search results.

What Does an Ideal Robots.txt File Should Look Like?

Many popular blogs use a very simple robots.txt file. Their content may vary, depending on the needs of the specific site:


User-agent: *
Disallow:
 
Sitemap: http://www.example.com/post-sitemap.xml
Sitemap: http://www.example.com/page-sitemap.xml

This robots.txt file allows all bots to index all content and provides them a link to the website’s XML sitemaps.

For WordPress sites, we recommend the following rules in the robots.txt file:


User-Agent: *
Allow: /wp-content/uploads/
Disallow: /wp-content/plugins/
Disallow: /wp-admin/
Disallow: /readme.html
Disallow: /refer/

Sitemap: http://www.example.com/post-sitemap.xml
Sitemap: http://www.example.com/page-sitemap.xml

This tell search bots to index all WordPress images and files. It disallows search bots from indexing WordPress plugin files, WordPress admin area, the WordPress readme file, and affiliate links.

By adding sitemaps to robots.txt file, you make it easy for Google bots to find all the pages on your site.

Now that you know what an ideal robots.txt file look like, let’s take a look at how you can create a robots.txt file in WordPress.

How to Create a Robots.txt File in WordPress?

There are two ways to create a robots.txt file in WordPress. You can choose the method that works best for you.

Method 1: Editing Robots.txt File Using Yoast SEO

If you are using the Yoast SEO plugin, then it comes with a robots.txt file generator.

You can use it to create and edit a robots.txt file directly from your WordPress admin area.

Simply go to SEO » Tools page in your WordPress admin and click on the File Editor link.

File editor tool in Yoast SEO

On the next page, Yoast SEO page will show your existing robots.txt file.

If you don’t have a robots.txt file, then Yoast SEO will generate a robots.txt file for you.

Create robots.txt file using Yoast SEO

By default, Yoast SEO’s robots.txt file generator will add the following rules to your robots.txt file:


User-agent: *
Disallow: /

It is important that you delete this text because it blocks all search engines from crawling your website.

After deleting the default text, you can go ahead and add your own robots.txt rules. We recommend using the ideal robots.txt format we shared above.

Once you’re done, don’t forget to click on the ‘Save robots.txt file’ button to store your changes.

Method 2. Edit Robots.txt file Manually Using FTP

For this method, you will need to use an FTP client to edit robots.txt file.

Simply connect to your WordPress hosting account using an FTP client.

Once inside, you will be able to see the robots.txt file in your website’s root folder.

Editing WordPress robots.txt file using FTP

If you don’t see one, then you likely don’t have a robots.txt file. In that case, you can just go ahead and create one.

Create robots.txt file using FTP

Robots.txt is a plain text file, which means you can download it to your computer and edit it using any plain text editor like Notepad or TextEdit.

After saving your changes, you can upload it back to your website’s root folder.

How to Test Your Robots.txt File?

Once you have created your robots.txt file, it’s always a good idea to test it using a robots.txt tester tool.

There are many robots.txt tester tools out there, but we recommend using the one inside Google Search Console.

Simply login to your Google Search Console account, and then switch to the old Google search console website.

Switch to old Google Search Console

This will take you to the old Google Search Console interface. From here you need to launch the robots.txt tester tool located under ‘Crawl’ menu.

Robots.txt tester tool

The tool will automatically fetch your website’s robots.txt file and highlight the errors and warnings if it found any.

Final Thoughts

The goal of optimizing your robots.txt file is to prevent search engines from crawling pages that are not publicly available. For example, pages in your wp-plugins folder or pages in your WordPress admin folder.

A common myth among SEO experts is that blocking WordPress category, tags, and archive pages will improve crawl rate and result in faster indexing and higher rankings.

This is not true. It’s also against Google’s webmaster guidelines.

We recommend that you follow the above robots.txt format to create a robots.txt file for your website.

We hope this article helped you learn how to optimize your WordPress robots.txt file for SEO. You may also want to see our ultimate WordPress SEO guide and the best WordPress SEO tools to grow your website.

If you liked this article, then please subscribe to our YouTube Channel for WordPress video tutorials. You can also find us on Twitter and Facebook.



Source link