Tag - Ultimate

How to Properly Change a WordPress Theme (Ultimate Guide)


Are you planning to change the WordPress theme of your website? WordPress makes it super easy for users to change and manage themes on their site.

However, you must remember that changing the appearance of your live website is a major event. You need to keep certain things in mind before and after you change a theme, so you don’t lose any data and website traffic.

In this article, we’ll show you the step by step process on how to properly change a WordPress theme with a step by step checklist.

How to Properly Change a WordPress Theme (Ultimate Guide)

Here’s a quick overview of what you’ll learn in this article:

Things to Do Before Changing a WordPress Theme

While changing a theme is literally a few clicks away, you must take some precautionary steps before starting the process.

We recommend that you to go through the following checklist to ensure that the process of changing your WordPress theme goes smoothly, and you don’t end up losing important data.

1. Copy Snippets from Your Current Theme

Some intermediate WordPress users like to customize their website by adding code snippets directly to the functions.php file of their theme.

Since these changes were made once, people usually forget about them.

If you or your web developer made these changes, then make sure to go through the files of your current theme and note down all the additional code that you’ve added previously. This will allow you to add them later into your new theme’s functions.php file or a site-specific WordPress plugin.

2. Test Load Time

Before changing your theme, you should check the load time of your website, so you can easily compare the differences in the page load time after you made changes to your website.

Remember, WordPress speed is an important factor in user experience and SEO, so you need to make sure that the new theme is faster than your previous one.

You can check your website speed by using a tool like Pingdom.

Make sure that you test the load time of the homepage and also some of your inner pages.

3. Don’t Lose Any Tracking Code

Some users add their analytics tracking code directly to their theme files. Also, there are WordPress themes that allow you to add Adsense or Analytics code in their settings panel.

One of the most common mistakes beginners make is to overlook these codes.

You need to make sure that you copy all the tracking codes, so you can add them to your new site after changing the theme.

To future proof this, we always recommend users to install Google analytics using a plugin like MonsterInsights, and for other tracking code we recommend using the header and footer plugin.

4. Make a Full Backup

It’s always recommended to back up your posts, images, plugins, and the database before changing your theme.

You can use a WordPress backup plugin to create the backup of your entire site. Make sure that you download this backup to your computer before moving forward.

This step will ensure that you can recover your website easily if anything goes wrong.

5. Sidebar Content

Sidebars are used for adding different widgets including social links, advertisements, subscription forms, or a contact form.

Make a note of these changes. If there is any custom code added into a widget, then make sure you copy and paste this code on your computer, so you can reuse it in your new theme.

6. Keep Your Site on Maintenance Mode

It’s a good practice to put your website on maintenance mode when you’re making changes to it. You don’t want your visitors to see an under construction site, right?

We recommend using the SeedProd plugin for this purpose.

SeedProd plugin

It’s a popular WordPress plugin that allows you to easily create beautiful coming soon and maintenance mode pages for your site.

To keep your site on maintenance mode, you need to install and active the SeedProd plugin.

Next, head over to SeedProd » Settings page to configure plugin settings. Here you need to select the Enable Maintenance mode radio button and click on the Save All Changes button.

SeedProd enable maintenance mode

How to Install a WordPress Theme

After following the above precautions, the next step is to install a theme that you want to use on your site.

There are thousands of free and paid WordPress themes available for you to pick from. The fact that you’re reading this article means you’ve likely found a good theme for your needs.

If you haven’t already selected a theme, then we can highly recommend the following WordPress themes to you:

1. Divi

Divi WordPress theme

Divi is one of the most popular WordPress theme in the market. It’s powered by the drag and drop Divi Builder which allows you to easily build any kind of website.

It comes with 20+ pre-built layouts and 46 different content elements. You can easily customize each element of your site and see the changes in real time.

2. Astra

Astra WordPress theme

Astra is a lightweight and speed-optimized WordPress theme. It’s compatible with various page builder plugins like Beaver Builder, Divi, and Visual Composer.

It’s a translation and RTL-ready theme. This allows you to start your website in any language and even create a multilingual website.

Astra can be easily integrated with the WooCommerce plugin, so you can easily create an online store without much hassle. You can also customize the header, footer, layout, and more using the WordPress Theme Customizer.

Our favorite part about Astra is all the starter website templates it comes with.

3. StudioPress

StudioPress WordPress themes

Genesis is the most popular WordPress theme framework and has been built by the StudioPress team. You can create amazing websites using the Genesis framework and other StudioPress themes.

In case you don’t know, StudioPress is now a part of WP Engine, the most popular managed WordPress hosting company.

The best part is you’ll get 35+ StudioPress themes for free if you sign up for any WP Engine hosting plan.

4. OceanWP

OceanWP WordPress theme

OceanWP is a responsive and multi-purpose WordPress theme. It offers multiple demo templates that have been built with different professions and businesses in mind.

It is compatible with the major page builder plugins. You can also use different extensions to take your site to the next level.

5. Beaver Builder

Beaver Builder plugin

Beaver Builder is one of the best drag and drop page builder plugins that allow you to build stunning pages for your site without any coding skills.

Beaver Builder is compatible with almost every WordPress theme, and you can even use it to create a custom WordPress theme without writing any code.

Anyways, we hope the above recommendations will help you to choose a WordPress theme for your site.

Once you’ve selected a theme, you need to install it on your WordPress site. Y

ou can use any of the following 3 methods to install a WordPress theme:

  • Using the WordPress theme search option
  • Uploading a theme from your WordPress Dashboard
  • Installing a theme using FTP

You can check out our beginner’s guide on how to install a WordPress theme for help.

How to Change WordPress Theme Without Going Live

Once you’ve installed your new theme, you are ready to switch themes.

However, it’s always recommended to test a theme before switching to it on your live website.

This way you’ll be able to check the compatibility of the new theme with your existing plugins and make sure that everything is working properly as desired.

There are two ways that you can use to change your WordPress theme without going live:

1. Live Preview Option

By default, WordPress allows you to preview a theme on your website without changing it.

To do that, head over to Appearance » Themes from the left sidebar of your admin panel.

On this page, you’ll see all the installed themes on your site. You need to hover your mouse over the theme you want to preview and click on the Live Preview button.

WordPress Theme Live Preview Option

This will open your new theme in the WordPress Theme Customizer. You can now test your new theme and make sure that everything is working properly.

2. Theme Switcha Plugin

Another option is to use the Theme Switcha plugin. It allows you to preview your new theme without activating it.

First, you need to install and activate this free plugin. Next, go to Settings » Theme Switcha from the left sidebar of your admin panel.

Theme Switcha plugin settings page

On the Settings page, you need to select the “Enable theme switching” option and then, scroll to the bottom of the page to click on Save Changes.

This plugin will now display all your installed themes at the bottom of this page. Go ahead and click on your new theme to preview it on a new tab of your web browser.

Theme Switcha available themes section

How to Change WordPress Theme on Live Site

After you have tested your new theme, it’s time to start the process of switching the theme on your WordPress site.

To do that, go to Appearance » Themes from the left sidebar of the WordPress admin panel.

Change WordPress theme on live website

On this page, you need to hover the mouse cursor over the theme you want to use and then click on the Activate button to change the WordPress theme.

Now you can visit the homepage of your website to see the new theme in action.

How to Change WordPress Theme Manually

Sometimes an error can make your WordPress admin area inaccessible. In that case, you won’t be able to change the theme using the above method.

To recover your website, you need to restore it from backup, or you may troubleshoot the WordPress error causing the problem.

However, if you don’t have a backup, then you can change the theme manually with the help of phpMyAdmin.

This method allows you to inform WordPress which theme to use by changing the information in the database.

First, you need to connect to your website using an FTP client and go to the /wp-content/themes/ folder.

FTP WordPress themes folder

Here you’ll be able to see all the themes that are currently installed on your website. You can also install a WordPress theme via FTP if you don’t see it.

Next, you want to write down the folder name of the theme you want to use because you’ll need it later.

After that, you need to go to the cPanel of your WordPress hosting account. On this page, you will have to scroll down to the Databases section and then click on phpMyAdmin.

cPanel open phpMyAdmin

Once you are in phpMyAdmin, you’ll see a list of databases on the left side of the screen. Simply click on the database that you are using for your WordPress site.

phpMyAdmin open database and table

Next, it’ll show you the list of tables in this database. You need to click on the “wp_options” table to open it.

Note: By default, WordPress use wp_ as the prefix for the table names. However, it’s possible to have a different database prefix, as shown in the above image.

Now you need to locate the template and stylesheet rows on the right panel.

Template and stylesheet rows

Next, click on the Edit link present in the “template” row to open the editor.

Here you need to change the value in the option_value field to the theme name that you want to use. It’s usually the same as the folder name in /wp-content/themes/ folder that you copied earlier.

Change template value

Once you’re done, click on the Go button to save the changes. Next, go ahead and repeat the same process for the “stylesheet” row.

After making changes to both the rows, you can go to your website to see the new theme in action.

Things to Do After Changing Your Theme

Once you’ve changed the theme on your website, you need to take care of certain things before turning off the maintenance mode.

You can check out the following checklist of things to do after changing your WordPress theme:

1. Test Your Website

First, you need to make sure that all the functionalities, plugins, and widgets are working properly.

You should invest some time to test your website and check out different things including the posts, comment section, images, and the contact form.

2. Cross Browser Compatibility

Browsers have a tendency of showing certain things differently.

To make sure that your website looks good in every major browser, you should test your site in different web browsers including Google Chrome, Firefox, Safari, and Internet Explorer.

3. Add Tracking Code

After you’ve tested the features and the cross-browser compatibility, you should add your analytics and Adsense tracking code to your site.

You can use the MonsterInsights plugin to add the Google Analytics tracking code. This will allow you to properly setup analytics and view detailed website stats right inside your WordPress dashboard.

4. Turn Off Maintenance Mode

You can disable the maintenance mode on your site to make it go live.

If you’re using the SeedProd plugin, simply go to SeedProd » Settings from the left sidebar. On the settings page, select “Disabled” and click on Save All Changes to turn off the maintenance mode.

SeedProd disable maintenance mode

5. Test Loading Time

You need to go to the Pingdom website again to test the loading time of your homepage after changing the theme.

Next, compare it to the load time when your old theme was installed. If you see any major differences, you can follow our guide to improve WordPress speed.

6. Monitor Bounce Rate

After switching themes, you should monitor the bounce rate of your site.

If your new theme is not user-friendly and difficult to navigate, it may increase the bounce rate of your site.

You can add related posts, popular posts widget, and breadcrumbs to reduce the bounce rate and increase page views.

7. Ask for Feedback

You can also ask your users for feedback and suggestions on how to improve your site design. You can use survey forms or online poll to gather user input.

You can share the new design with your subscribers using an email marketing service and ask them for their suggestions. This will help you to get ideas on what they would like to see improved.

We hope this step by step guide helped you easily change your WordPress theme. You may want to see our list of the must-have WordPress plugins for business websites.

If you liked this article, then please subscribe to our YouTube Channel for more WordPress video tutorials. You can also follow us on Twitter and Facebook.



Source link

How to Use WordPress Theme Customizer (Ultimate Guide)


Did you know that WordPress comes with a built-in theme customizer that allows you to easily make changes to your website design in real time.

While every theme has some level of support for the default customizer options, many themes include additional tabs and options to the WordPress theme customizer, so you can easily customize your theme without any coding knowledge.

In this article, we’ll walk you through the default panels and show you how to use the WordPress theme customizer like a pro.

How to Use WordPress Theme Customizer Ultimate Guide

How to Access the WordPress Theme Customizer

Theme customizer is a default WordPress feature, and it is part of every WordPress website.

You can access it by logging into your WordPress admin area, and then going to Appearance » Customize from the left sidebar of your WordPress admin panel. This will open the Customizer interface with your current theme.

How to access WordPress Customizer

You can also use the WordPress theme customizer page for any of the installed themes on your website even when they are not active.

This allows you to see a live preview of that theme and make changes before you activate it.

To do that, you need to head over to Appearance » Themes page.

Next, hover your mouse cursor over on any installed theme and click on the Live Preview button to open the WordPress theme customizer page.

WordPress Theme Live Preview Option

How to Use the WordPress Theme Customizer

After opening the WordPress theme customizer, you’ll see all customization settings on the left side of your screen, and the live preview of your website on the right side.

WordPress Theme Customizer

WordPress theme customizer comes with a set of default panels regardless of the theme you’re using.

You need to click on the individual panels to make changes to it. You can also click on any of the blue pencil icons on the right side of your screen to open the settings for that particular item.

Note: advanced WordPress themes will add additional setting panels for extra customization options (more on this later).

Let’s take a look at the default options available in the WordPress theme customizer.

Site Identity Panel: Add Title, Logo, and Favicon

The Site Identity panel in the WordPress theme customizer allows you to add or change the title and tagline of your website.

By default, WordPress adds “Just Another WordPress Site” as the site tagline.

It’s recommended to change it after installing WordPress on your site. You can also keep it as blank if you want.

Site Identity Settings to change Site title, tagline, logo, and favicon

Site Identity panel in the WordPress theme customizer also allows you to add your site logo. Simply, click on the Select logo option to upload the logo of your website.

Want to add a favicon to your site? You can do that by clicking on the Select site icon option. For detailed instructions, you can follow our guide on how to create and add a favicon to your site.

WordPress Theme Customizer: Change Colors on Your Website

The controls on the Colors panel will mostly vary depending on the WordPress theme you’re using.

For example, the Twenty Seventeen theme allows you to choose the header text color and select a color scheme for your entire website.

Change Colors on Your Website

Other WordPress themes may offer different color options for site elements like: headings, links, body text, background of your website, etc.

Adding Navigation Menus in Theme Customizer

The Menus panel allows you to create navigation menus and control their location on your website.

On this tabl, you’ll find all existing WordPress menus that you’ve created previously. You can click on the “View All Locations” button to check the available menu locations that your theme supports.

Menus Panel in Theme Customizer

To create a new menu, you need to click on the Create New Menu button.

After that, you will need to give a name to your menu, so you can easily manage it later. You can also select the menu location and then click on Next to proceed.

Create a new navigation menu

To add items to this menu, you need to click on the Add Items button to open a new panel. You can now add custom links, pages, posts, categories, and tags as menu items.

Add items to navigation menu

To reorder the items, you can click on the Reorder link and then use the arrow icons to adjust the menu items.

Control Widgets on Your Website in Theme Customizer

The Widgets panel allows you to add and manage the widgets on your site.

Clicking on it will show you the different locations where you can add widgets. This will vary depending on the theme you’re using.

For example, the Twenty Seventeen theme offers 3 widget locations, whereas the Twenty Nineteen theme comes with just one location.

Widgets panel

When you click on any one of them, you’ll see the widgets that you’ve previously added to that location.

To add a new widget, you need to click on the “Add a Widget” button. This will open a new panel where you’ll see a list of all available widgets.

Add Widgets to your site

You need to click on the one that want to add. You can also make changes to the newly added widgets and adjust its position by dragging them up or down.

Homepage Settings Panel in Theme Customizer

By default, WordPress displays the latest blog posts on your homepage.

However for business websites users prefer to use a custom homepage. It allows you to have a proper landing page that displays your products and services.

To use a custom home page, you need to select “A static page” radio button on the Homepage Settings panel.

Homepage Settings in theme customizer

This will open up two new dropdown menus that you can use to select a page for your homepage and another for displaying your blog posts.

In case you don’t have the pages on your site, you can create a new one by clicking on the “+ Add New Page” link present below the dropdown menu. This will create a blank page with the name of your choice.

Additional CSS Panel for Adding Custom CSS

Do you want to add custom CSS code to style your website? You can do that in the Additional CSS panel.

Intermediate and advanced WordPress users often customize their site by adding CSS code directly to the style.css file of their theme. This adds additional steps like having FTP access to your WordPress hosting, modifying theme files, etc.

An easier solution for beginners is to add your custom CSS code to the Additional CSS panel in the WordPress theme customizer. This will allow you to make changes to your site and see them live on the right side of your screen.

Add Custom CSS code to Additional CSS pane;

When you start writing some CSS code, WordPress will automatically suggest attributes to you based on the letters you type. It will also display error messages if you have not written a proper CSS statement.

Note: If you want to customize your website without writing any code, keep reading. We will share two beginner friendly options that will allow you to easily customize your theme and even create a custom WordPress theme.

Other Theme Customizer Options

Some free and premium themes offer more theme customizer options.

Depending on the theme you’re using, you may be able to change the font style, add a background image, change the layout, modify colors, add random header images, and much more.

You can also add specific features to your theme customizer with the help of plugins. For example, you can add custom fonts in WordPress using the Easy Google Fonts plugin.

Preview Your Website on Different Screen Resolutions

It’s important for every website owner to make sure that their website is mobile responsive and looks good on all screen sizes.

Thanks to the WordPress theme customizer, you can easily check how your website looks on different screen sizes.

At the bottom of the Theme Customizer panel, you’ll find three icons and the “Hide Controls” link.

Preview website on different screen resolutions

These icons allow you to test your site on different screen resolutions like desktop, tablet, and mobile devices.

The Hide Controls link is useful for hiding the WordPress Customizer panel so that you can view your site properly on the desktop mode.

Publish, Save, or Schedule Your Customizer Settings

Once you have made the necessary changes, you need to apply them to your site. Otherwise, all your hard work will be lost.

Go ahead and click on the Publish button to apply the changes. Once done, you can click on the close button, present at the top-left corner of your screen, to exit the theme customizer.

Publish WordPress Customizer settings

What if you need more time to finalize your new design? In that case, you can save it as a draft and even share your new design with someone without giving them access to your admin area.

To do that, you need to click on the gear icon right next to the Publish button. This will open up the Action panel.

WordPress Customizer Save Draft option

Here you’ll find three options: Publish, Save Draft, and Schedule.

You need to select the Save Draft radio button on the Action panel and then click on the Save Draft button to store your changes.

You can now copy the preview link and share it with others to get feedback.

On the other hand, the Schedule option allows you to publish your changes on a specific date and time. You can use this option for scheduling your theme changes to go live at the time when you receive the least traffic.

Schedule Customizer settings on a specific date

Lastly, if you want to reset the unpublished changes, then you can click on the Discard changes link on the Action panel.

Preview Different Themes Without Going Live

There are times when you want to check how a new theme would look on your site. However, you don’t want to activate them on your live website.

In that case, you can open the WordPress Customizer to test new themes without going live.

On the Customizer panel, you’ll find the name of your active theme and the Change button.

Change WordPress Theme from Customizer

If you click on that button, then WordPress will display all your installed themes on the right side of the page.

To check a particular theme, you need to click on the Live Preview button.

Preview Installed themes on Theme Customizer

You can also preview themes from the WordPress Themes Repository. To do that, you need to select “WordPress.org themes” checkbox on the left panel.

This will show themes from the WordPress.org directory. You can click on the “Install & Preview” button to check the theme you like.

WordPress themes directory

You can also filter the themes by clicking on the Filter Themes button present at the top-right corner of your screen.

Note: we recommend using a WordPress staging website to test out new themes instead of using the customizer on a live site.

Import or Export Theme Customizer Settings

Did you know that you can import and export your theme customizer settings?

This is extremely helpful when you are making changes to your theme on your local server or a staging site. Instead of copying the settings manually to your live website, you can simply export the theme customizer settings to save your time.

For detailed instructions, you can follow our guide on how to import and export theme customizer settings in WordPress.

WordPress Theme Customizer Alternatives

Although WordPress Customizer allows you to make changes to your site, the number of controls will vary depending on the theme you’re using.

What if you like your theme, but wish that it had extra customization options?

In that case, the best solution is to use one of the two customization plugins that works alongside the WordPress theme customizer.

CSS Hero

CSS Hero plugin

CSS Hero is a WordPress plugin that allows you to customize your site without writing a single line of code. You have the freedom to style every element of your site without any hassle.

Do you want to customize the login page of your WordPress site? CSS Hero allows you to do that within a few minutes.

You can also edit and preview the changes in the frontend to make sure that your design looks perfect on every device.

Beaver Builder

Beaver Builder plugin

Beaver Builder is one of the best WordPress page builder plugins in the market. It allows you to build stunning pages for your site using a drag and drop interface.

The best part is that Beaver Builder works with almost every WordPress theme. This allows you to use it with your current theme.

Beaver Builder supports the use of shortcodes and widgets. It also offers different types of modules that you can use to easily style your website. See our guide on how to create custom layouts in WordPress for detailed instructions.

You can also use Beaver Builder to create a completely custom WordPress theme without writing any code.

We hope this guide helped you to learn how to use the WordPress Theme Customizer like a pro. You may also want to see our guide on the best WordPress plugins and tools for your website.

If you liked this article, then please subscribe to our YouTube Channel for more WordPress video tutorials. You can also follow us on Twitter and Facebook.



Source link

How to Completely Disable Comments in WordPress (Ultimate Guide)


Are you wondering how to turn off WordPress comments? While comments are a great way to interact with your site visitors, some website owners don’t want to allow comments on their site.

Thanks to WordPress, you have the ability to either disable comments on specific posts, pages, custom post types, or even completely remove comments from your entire website.

In this article, we’ll show you the step by step process on how to disable comments in WordPress.

How to Completely Disable Comments in WordPress

Why Disable Comments in WordPress?

Many small business owners use WordPress to create their website. These business websites often doesn’t have a blog section and mostly has static pages like services, about us, contact, etc. In such cases, it doesn’t make sense to allow comments at all.

In other cases, bloggers may publish certain posts like announcements that they don’t want to allow comments to trolls. In these cases, you can easily disable comments on those specific posts or pages.

The other scenario is some business blogs choose to disable comments entirely to prevent spam. Although you can always use spam protection techniques (which we’ll share later in this article), disabling the comment section will definitely solve the problem.

Whatever your reason may be, you can certainly disable comments and even remove the comment section from your WordPress site.

Here’s a quick overview of what you’ll learn in this article:

  • Disable Comments on Future Posts
  • Disable Comments on a Specific Page or Post
  • Disable Comments on Pages and Posts in Bulk
  • Delete All WordPress Comments
  • Disable Comments on Media
  • Disable WordPress Comments Sitewide using a Plugin
  • Remove “Comments are closed” in WordPress
  • Spam Protection Techniques

The first few methods will explain how you can disable comments on pages, posts, or media without using a plugin. We’ll later explain how to remove the comment section from your WordPress site with the help of a plugin.

With that said, let’s take a look at various ways to disable comments in WordPress.

Disable Comments on Future Posts

If you’ve just started your WordPress site, you can easily stop comments on your future posts.

To do that, go to Settings » Discussion from the left sidebar of your WordPress admin panel.

On this page, you need to uncheck the option that says “Allow people to post comments on new articles” and then click on the Save Changes button to store your settings.

Disable comments on future posts

This will disable comments on all your future posts. However, if you want to allow or disallow comments on a specific post, then you can still do it without changing this setting.

We’ll cover that in the next section.

Disable Comments on a Specific Page or Post

By default, comments are turned off on all your pages.

However, WordPress gives you the freedom to enable or disable comments on individual pages and posts.

Simply head over to Pages » All Pages from the left sidebar. On the next page, you need to hover your mouse cursor over the title of a page that you want enable or disable comments and click the Edit link.

WordPress Page edit option

On the top-right corner of your page, you’ll see the 3 vertical dots icon. You need to click on it to open a dropdown menu and then click on Options.

This will open a popup box, and you need to make sure the Discussion box is enabled here.

Page document options

Once you close this modal box, you’ll see the Discussion meta box on the right side of your editor. If you don’t see it, then please make sure that you click on the Document tab to view it.

Discussion meta box

Now, you can uncheck the Allow Comments box to disable comments on this page and click on Update to save the changes.

On the other hand, if you want to selectively enable comments, then you can just check the box to enable it for certain pages.

You can follow the same process for turning off comments on individual posts or other custom post types.

Disable Comments on Pages and Posts in Bulk

Want to disable comments on all your published posts and pages without doing it individually? You can do that without the use of a plugin.

First of all, go to Posts » All Posts to see all your articles.

Next, select all the posts, choose Edit from the Bulk Actions dropdown box, and click on Apply.

Edit Posts in bulk

You’ll now be able to perform bulk actions including changing the author name and turning off comments for all the selected posts.

Select Do not allow from the comments dropdown box and click on Update. This will disable comments on all your selected posts.

Disable comments on posts in bulk

You can follow the same process to turn off comments on your pages.

Delete All WordPress Comments

While the above methods will disable comments on your posts and pages, it will not remove the existing comments from your WordPress site.

To delete all the comments from your site, click on Comments from the left sidebar of your admin panel.

Delete all WordPress comments

Next select all the comments, choose Move to Trash option from the Bulk Actions dropdown box, and click on Apply. This will delete all the existing comments from your site.

If your website has a lot of comments, then you will have to repeat this step multiple times.

Disable Comments on Media

If you are looking to disable comments on media pages, then there are two ways to go about it.

You can either manually disable comments on individual media attachment files by following the methods we discussed above but that can be really time consuming.

The easier way to bulk disable comments on all media attachments is by using a code snippet. Simply paste the following code in your theme’s functions.php file or a site-specific plugin.

function filter_media_comment_status( $open, $post_id ) 
    $post = get_post( $post_id );
    if( $post->post_type == 'attachment' ) 
        return false;
    
    return $open;

add_filter( 'comments_open', 'filter_media_comment_status', 10 , 2 );

In case you’re not comfortable with the above solution, you can check out the next section where we’ll show you how to use a plugin to disable comments on Media attachments.

Disable WordPress Comments the Easy Way Using a Plugin

If you don’t want to disable comments manually, then you can use the Disable Comments plugin to do it with just a click.

It allows you to completely disable comments everywhere on your WordPress site. You can also disable them on specific post types like posts, pages, media, and others. It also removes the comment form and stops displaying existing comments.

Disable Comments Plugin

First thing you need to do is install and activate the Disable Comments plugin. You can follow our step by step guide on how to install a WordPress plugin for detailed instructions.

After activating the plugin, head over to Settings » Disable Comments from the left sidebar of your admin panel.

Selecting the first option allows you to disable comments on your WordPress site. The plugin will also remove the comments menu item from your WordPress admin area.

Disable Comments Plugin Settings

Using the second option, you can selectively disable comments on your posts, pages, or media.

If you want to remove comments only from the media attachments, then you can select On certain post types radio button and then check the Media checkbox.

You can do the same if you only want to turn off comments on WordPress pages. Using the plugin is the easiest way to disable comments on WordPress pages.

When you’re done, simply click on the Save Changes to complete the process.

Remove “Comments Are Closed” in WordPress

If your WordPress theme is not checking the comment status properly, then it may still display the comment form, existing comments, or even show the “Comments are closed” message.

You can ask your theme developer to fix this because this is not a standard compliant approach.

Alternatively, you can also try fixing it yourself by following the instructions below.

First, connect to your WordPress site using FTP Client or the File Manager in your WordPress hosting control panel. Now navigate to your current theme folder which will be located in /wp-content/themes/ folder.

In your theme folder, you need to locate the file comments.php, right-click on that file, and rename it to comments_old.php.

Rename comments php file

Next, you need to right-click in the right panel of your FTP client and select Create new file option. And then, name your new file as comments.php and click the OK button.

Create a new comments file

This trick simply serves an empty comments template to your WordPress theme, so no comments or comment related messages will be shown.

If your WordPress theme does not have the comments.php file, then you need to ask your theme developer which file you need to edit.

Spam Protection Techniques

If you’re planning to disable WordPress comments just for the sake of protecting your site from spammers and link builders, then we would rather recommend you to use some of the following techniques to combat spam.

Akismet

Akismet WordPress Plugin

Akismet is one of the best plugins for dealing with spam comments. And the best part is it has been built by the team behind WordPress.

This plugin checks each comment on your site and verifies whether it’s spam or not. For more details, you can check out our guide on the Akismet plugin.

Closing Comments

Did you know that you can close comments after a certain period of time?

Close comments after a specific period

Head over to Settings » Discussion and check the field that says “Automatically close comments on articles older than 14 days”.

This will close the comments form after 14 days automatically. You can also change the number of days based on your needs.

Typically spammers target older posts, so several users change this setting to 180 days which significantly reduces spam.

Honeypot with Antispam Bee

On WPBeginner, we have found it helpful to add a second plugin called Antispam Bee which works alongside with Akismet to significantly reduce comment spam on your site.

It adds an invisible honeypot that blocks 99% of spam bot comments.

Comment Captcha

Though adding a captcha to your comment form is not user-friendly, it still helps you to protect your site from spammers.

You can use the Advanced noCaptcha and Invisible Captcha plugin to add Google reCaptcha just before the submit button of your comment form.

Remove Website URL Form Field

Another way to deal with link builders and spammers is to remove the website URL field from the comment form. Here’s an example from the WPForms website:

Remove Website URL field from comment form

And you can use the Comment Link Remove and Comments Tool plugin for this purpose. It allows you to remove the website URL field from your comment form without touching a single line of code. Isn’t that great?

Blocking Bad IPs

You can also block bad IP addresses from accessing your WordPress site. This will help you to block spammers and hacking attacks.

To do that, you can check our guide on how to block IP addresses in WordPress.

Anyways, we hope this detailed guide helped you to understand how to completely disable comments in WordPress with and without using a plugin.

If you liked this article, then please subscribe to our YouTube Channel for WordPress video tutorials. You can also find us on Twitter and Facebook.

The post How to Completely Disable Comments in WordPress (Ultimate Guide) appeared first on WPBeginner.



Source link

The Ultimate WordPress Security Guide (Step by Step)


WordPress security is a topic of huge importance for every website owner. Google blacklists around 10,000+ websites every day for malware and around 50,000 for phishing every week.

If you are serious about your website, then you need to pay attention to the WordPress security best practices. In this guide, we will share all the top WordPress security tips to help you protect your website against hackers and malware.

Complete WordPress security guide

While WordPress core software is very secure, and it’s audited regularly by hundreds of developers, there is a lot that can be done to keep your site secure.

At WPBeginner, we believe that security is not just about risk elimination. It’s also about risk reduction. As a website owner, there’s a lot that you can do to improve your WordPress security (even if you’re not tech savvy).

We have a number of actionable steps that you can take to protect your website against security vulnerabilities.

To make it easy, we have created a table of content to help you easily navigate through our ultimate WordPress security guide.

Table of Contents

Basics of WordPress Security

WordPress Security in Easy Steps (No Coding)

WordPress Security for DIY Users

Ready? Let’s get started.

Why Website Security is Important?

A hacked WordPress site can cause serious damage to your business revenue and reputation. Hackers can steal user information, passwords, install malicious software, and can even distribute malware to your users.

Worst, you may find yourself paying ransomware to hackers just to regain access to your website.

Why WordPress security is important

In March 2016, Google reported that more than 50 million website users have been warned about a website they’re visiting may contain malware or steal information.

Furthermore, Google blacklists around 20,000 websites for malware and around 50,000 for phishing each week.

If your website is a business, then you need to pay extra attention to your WordPress security.

Similar to how it’s the business owners responsibility to protect their physical store building, as an online business owner it is your responsibility to protect your business website.

[Back to Top ↑]

Keeping WordPress Updated

Keeping WordPress updated

WordPress is an open source software which is regularly maintained and updated. By default, WordPress automatically installs minor updates. For major releases, you need to manually initiate the update.

WordPress also comes with thousands of plugins and themes that you can install on your website. These plugins and themes are maintained by third-party developers which regularly release updates as well.

These WordPress updates are crucial for the security and stability of your WordPress site. You need to make sure that your WordPress core, plugins, and theme are up to date.

[Back to Top ↑]

Strong Passwords and User Permissions

Manage strong passwords

The most common WordPress hacking attempts use stolen passwords. You can make that difficult by using stronger passwords that are unique for your website. Not just for WordPress admin area, but also for FTP accounts, database, WordPress hosting account, and your custom email addresses which use your site’s domain name.

Many beginners don’t like using strong passwords because they’re hard to remember. The good thing is that you don’t need to remember passwords anymore. You can use a password manager. See our guide on how to manage WordPress passwords.

Another way to reduce the risk is to not give anyone access to your WordPress admin account unless you absolutely have to. If you have a large team or guest authors, then make sure that you understand user roles and capabilities in WordPress before you add new user accounts and authors to your WordPress site.

[Back to Top ↑]

The Role of WordPress Hosting

Your WordPress hosting service plays the most important role in the security of your WordPress site. A good shared hosting provider like Bluehost or Siteground take the extra measures to protect their servers against common threats.

Here is how a good web hosting company works in the background to protect your websites and data.

  • They continuously monitor their network for suspicious activity.
  • All good hosting companies have tools in place to prevent large scale DDOS attacks
  • They keep their server software and hardware up to date to prevent hackers from exploiting a known security vulnerability in an old version.
  • They have ready to deploy disaster recovery and accidents plans which allows them to protect your data in case of major accident.

On a shared hosting plan, you share the server resources with many other customers. This opens the risk of cross-site contamination where a hacker can use a neighboring site to attack your website.

Using a managed WordPress hosting service provides a more secure platform for your website. Managed WordPress hosting companies offer automatic backups, automatic WordPress updates, and more advanced security configurations to protect your website

We recommend WPEngine as our preferred managed WordPress hosting provider. They’re also the most popular one in the industry. (See our special WPEngine coupon).

[Back to Top ↑]

WordPress Security in Easy Steps (No Coding)

We know that improving WordPress security can be a terrifying thought for beginners. Especially if you’re not techy. Guess what – you’re not alone.

We have helped thousands of WordPress users in hardening their WordPress security.

We will show you how you can improve your WordPress security with just a few clicks (no coding required).

If you can point-and-click, you can do this!

Install a WordPress Backup Solution

Install a WordPress backup solution

Backups are your first defense against any WordPress attack. Remember, nothing is 100% secure. If government websites can be hacked, then so can yours.

Backups allow you to quickly restore your WordPress site in case something bad was to happen.

There are many free and paid WordPress backup plugins that you can use. The most important thing you need to know when it comes to backups is that you must regularly save full-site backups to a remote location (not your hosting account).

We recommend storing it on a cloud service like Amazon, Dropbox, or private clouds like Stash.

Based on how frequently you update your website, the ideal setting might be either once a day or real-time backups.

Thankfully this can be easily done by using plugins like VaultPress or UpdraftPlus. They are both reliable and most importantly easy to use (no coding needed).

[Back to Top ↑]

Best WordPress Security Plugin

After backups, the next thing we need to do is setup an auditing and monitoring system that keeps track of everything that happens on your website.

This includes file integrity monitoring, failed login attempts, malware scanning, etc.

Thankfully, this can be all taken care by the best free WordPress security plugin, Sucuri Scanner.

You need to install and activate the free Sucuri Security plugin. For more details, please see our step by step guide on how to install a WordPress plugin.

Upon activation, you need to go to the Sucuri menu in your WordPress admin. The first thing you will be asked to do is Generate a free API key. This enables audit logging, integrity checking, email alerts, and other important features.

Generate Sucuri API Key

The next thing, you need to do is click on the ‘Hardening’ tab from the settings menu. Go through every option and click on the “Apply Hardening” button.

Sucuri security hardening

These options help you lock down the key areas that hackers often use in their attacks. The only hardening option that’s a paid upgrade is the Web Application Firewall which we will explain in the next step, so skip it for now.

We have also covered a lot of these “Hardening” options later in this article for those who want to do it without using a plugin or the ones that require additional steps such as “Database Prefix change” or “Changing the Admin Username”.

After the hardening part, the default plugin settings are good enough for most websites and don’t need any changes. The only thing we recommend customizing is ‘Email Alerts’.

The default alert settings can clutter your inbox with emails. We recommend receiving alerts for key actions like changes in plugins, new user registration, etc. You can configure the alerts by going to Sucuri Settings » Alerts.

Set up security email alerts

This WordPress security plugin is very powerful, so browse through all the tabs and settings to see all that it does such as Malware scanning, Audit logs, Failed Login Attempt tracking, etc.

Enable Web Application Firewall (WAF)

The easiest way to protect your site and be confident about your WordPress security is by using a web application firewall (WAF).

A website firewall blocks all malicious traffic before it even reaches your website.

DNS Level Website Firewall – These firewall route your website traffic through their cloud proxy servers. This allows them to only send genuine traffic to your web server.

Application Level Firewall – These firewall plugins examine the traffic once it reaches your server but before loading most WordPress scripts. This method is not as efficient as the DNS level firewall in reducing the server load.

To learn more, see our list of the best WordPress firewall plugins.

Sucuri WAF

We use and recommend Sucuri as the best web-application firewall for WordPress. You can read about how Sucuri helped us block 450,000 WordPress attacks in a month.

Attacks blocked by Sucuri

The best part about Sucuri’s firewall is that it also comes with a malware cleanup and blacklist removal guarantee. Basically if you were to be hacked under their watch, they guarantee that they will fix your website (no matter how many pages you have).

This is a pretty strong warranty because repairing hacked websites is expensive. Security experts normally charge $250 per hour. Whereas you can get the entire Sucuri security stack for $199 per year.

Improve your WordPress Security with the Sucuri Firewall »

Sucuri is not the only DNS level firewall provider out there. The other popular competitor is Cloudflare. See our comparison of Sucuri vs Cloudflare (Pros and Cons).

[Back to Top ↑]

Move Your WordPress Site to SSL/HTTPS

SSL (Secure Sockets Layer) is a protocol which encrypts data transfer between your website and users browser. This encryption makes it harder for someone to sniff around and steal information.

How SSL works

Once you enable SSL, your website will use HTTPS instead of HTTP, you will also see a padlock sign next to your website address in the browser.

SSL certificates were typically issued by certificate authorities and their prices start from $80 to hundreds of dollars each year. Due to added cost, most website owners opted to keep using the insecure protocol.

To fix this, a non-profit organization called Let’s Encrypt decided to offer free SSL Certificates to website owners. Their project is supported by Google Chrome, Facebook, Mozilla, and many more companies.

Due to this, it is now easier than ever to start using SSL for all your WordPress websites. For step by step instructions, see our article on how to get a free SSL certificate for your WordPress website.

WordPress Security for DIY Users

If you do everything that we have mentioned thus far, then you’re in a pretty good shape.

But as always, there’s more that you can do to harden your WordPress security.

Some of these steps may require coding knowledge.

Change the Default “admin” username

In the old days, the default WordPress admin username was “admin”. Since usernames make up half of login credentials, this made it easier for hackers to do brute-force attacks.

Thankfully, WordPress has since changed this and now requires you to select a custom username at the time of installing WordPress.

However, some 1-click WordPress installers, still set the default admin username to “admin”. If you notice that to be the case, then it’s probably a good idea to switch your web hosting.

Since WordPress doesn’t allow you to change usernames by default, there are three methods you can use to change the username.

  1. Create a new admin username and delete the old one.
  2. Use the Username Changer plugin
  3. Update username from phpMyAdmin

We have covered all three of these in our detailed guide on how to properly change your WordPress username (step by step).

Note: We’re talking about the username called “admin”, not the administrator role.

[Back to Top ↑]

Disable File Editing

WordPress comes with a built-in code editor which allows you to edit your theme and plugin files right from your WordPress admin area. In the wrong hands, this feature can be a security risk which is why we recommend turning it off.

Disable file editing in WordPress

You can easily do this by adding the following code in your wp-config.php file.

// Disallow file edit
define( 'DISALLOW_FILE_EDIT', true );

Alternatively, you can do this with 1-click using the Hardening feature in the free Sucuri plugin that we mentioned above.

[Back to Top ↑]

Disable PHP File Execution in Certain WordPress Directories

Another way to harden your WordPress security is by disabling PHP file execution in directories where it’s not needed such as /wp-content/uploads/.

You can do this by opening a text editor like Notepad and paste this code:

<Files *.php>
deny from all
</Files>

Next, you need to save this file as .htaccess and upload it to /wp-content/uploads/ folders on your website using an FTP client.

For more detailed explanation, see our guide on how to disable PHP execution in certain WordPress directories

Alternatively, you can do this with 1-click using the Hardening feature in the free Sucuri plugin that we mentioned above.

[Back to Top ↑]

Limit Login Attempts

By default, WordPress allows users to try to login as many time as they want. This leaves your WordPress site vulnerable to brute force attacks. Hackers try to crack passwords by trying to login with different combinations.

This can be easily fixed by limiting the failed login attempts a user can make. If you’re using the web application firewall mentioned earlier, then this is automatically taken care of.

However, if you don’t have the firewall setup, then proceed with the steps below.

First, you need to install and activate the Login LockDown plugin. For more details, see our step by step guide on how to install a WordPress plugin.

Upon activation, visit Settings » Login LockDown page to setup the plugin.

Login Lockdown options

For detailed instructions, take a look at our guide on how and why you should limit login attempts in WordPress.

[Back to Top ↑]

Add Two Factor Authentication

Two-factor authentication technique requires users to log in by using a two-step authentication method. The first one is the username and password, and the second step requires you to authenticate using a separate device or app.

Most top online websites like Google, Facebook, Twitter, allow you to enable it for your accounts. You can also add the same functionality to your WordPress site.

First, you need to install and activate the Two Factor Authentication plugin. Upon activation, you need to click on the ‘Two Factor Auth’ link in WordPress admin sidebar.

Two Factor Authenticator settings

Next, you need to install and open an authenticator app on your phone. There are several of them available like Google Authenticator, Authy, and LastPass Authenticator.

We recommend using LastPass Authenticator or Authy because they both allow you to back up your accounts to the cloud. This is very useful in case your phone is lost, reset, or you buy a new phone. All your account logins will be easily restored.

We will be using the LastPass Authenticator for the tutorial. However, instructions are similar for all auth apps. Open your authenticator app, and then click on the Add button.

Add website

You will be asked if you’d like to scan a site manually or scan the bar code. Select the scan bar code option and then point your phone’s camera on the QRcode shown on the plugin’s settings page.

That’s all, your authentication app will now save it. Next time you log in to your website, you will be asked for the two-factor auth code after you enter your password.

Enter your two-factor auth code

Simply open the authenticator app on your phone and enter the code you see on it.

[Back to Top ↑]

Change WordPress Database Prefix

By default, WordPress uses wp_ as the prefix for all tables in your WordPress database. If your WordPress site is using the default database prefix, then it makes it easier for hackers to guess what your table name is. This is why we recommend changing it.

You can change your database prefix by following our step by step tutorial on how to change WordPress database prefix to improve security.

Note: This can break your site if it’s not done properly. Only proceed, if you feel comfortable with your coding skills.

[Back to Top ↑]

Password Protect WordPress Admin and Login Page

Password protect WordPress admin area

Normally, hackers can request your wp-admin folder and login page without any restriction. This allows them to try their hacking tricks or run DDoS attacks.

You can add additional password protection on a server-side level, which will effectively block those requests.

Follow our step-by-step instructions on how to password protect your WordPress admin (wp-admin) directory.

[Back to Top ↑]

Disable Directory Indexing and Browsing

Disable directory browsing

Directory browsing can be used by hackers to find out if you have any files with known vulnerabilities, so they can take advantage of these files to gain access.

Directory browsing can also be used by other people to look into your files, copy images, find out your directory structure, and other information. This is why it is highly recommended that you turn off directory indexing and browsing.

You need to connect to your website using FTP or cPanel’s file manager. Next, locate the .htaccess file in your website’s root directory. If you cannot see it there, then refer to our guide on why you can’t see .htaccess file in WordPress.

After that, you need to add the following line at the end of the .htaccess file:

Options -Indexes

Don’t forget to save and upload .htaccess file back to your site. For more on this topic, see our article on how to disable directory browsing in WordPress.

[Back to Top ↑]

Disable XML-RPC in WordPress

XML-RPC was enabled by default in WordPress 3.5 because it helps connecting your WordPress site with web and mobile apps.

Because of its powerful nature, XML-RPC can significantly amplify the brute-force attacks.

For example, traditionally if a hacker wanted to try 500 different passwords on your website, they would have to make 500 separate login attempts which will be caught and blocked by the login lockdown plugin.

But with XML-RPC, a hacker can use the system.multicall function to try thousands of password with say 20 or 50 requests.

This is why if you’re not using XML-RPC, then we recommend that you disable it.

There are 3 ways to disable XML-RPC in WordPress, and we have covered all of them in our step by step tutorial on how to disable XML-RPC in WordPress.

Tip: The .htaccess method is the best one because it’s the least resource intensive.

If you’re using the web-application firewall mentioned earlier, then this can be taken care of by the firewall.

[Back to Top ↑]

Automatically log out Idle Users in WordPress

Logged in users can sometimes wander away from screen, and this poses a security risk. Someone can hijack their session, change passwords, or make changes to their account.

This is why many banking and financial sites automatically log out an inactive user. You can implement similar functionality on your WordPress site as well.

You will need to install and activate the Inactive Logout plugin. Upon activation, visit Settings » Inactive Logout page to configure plugin settings.

Logout idle users

Simply set the time duration and add a logout message. Don’t forget to click on the save changes button to store your settings.

[Back to Top ↑]

Add Security Questions to WordPress Login Screen

Add security question on login screen

Adding a security question to your WordPress login screen makes it even harder for someone to get unauthorized access.

You can add security questions by installing the WP Security Questions plugin. Upon activation, you need to visit Settings » Security Questions page to configure the plugin settings.

For more detailed instructions, see our tutorial on how to add security questions to WordPress login screen.

[Back to Top ↑]

Scanning WordPress for Malware and Vulnerabilies

Malware scanning

If you have a WordPress security plugin installed, then those plugins will routinely check for malware and signs of security breaches.

However, if you see a sudden drop in website traffic or search rankings, then you may want to manually run a scan. You can use your WordPress security plugin, or use one of these malware and security scanners.

Running these online scans is quite straight forward, you just enter your website URLs and their crawlers go through your website to look for known malware and malicious code.

Now keep in mind that most WordPress security scanners can just scan your website. They cannot remove the malware or clean a hacked WordPress site.

This brings us to the next section, cleaning up malware and hacked WordPress sites.

[Back to Top ↑]

Fixing a Hacked WordPress Site

Many WordPress users don’t realize the importance of backups and website security until their website is hacked.

Cleaning up a WordPress site can be very difficult and time consuming. Our first advice would be to let a professional take care of it.

Hackers install backdoors on affected sites, and if these backdoors are not fixed properly, then your website will likely get hacked again.

Allowing a professional security company like Sucuri to fix your website will ensure that your site is safe to use again. It will also protect you against any future attacks.

For the adventurous and DIY users, we have compiled a step by step guide on fixing a hacked WordPress site.

[Back to Top ↑]

That’s all, we hope this article helped you learn the top WordPress security best practices as well as discover the best WordPress security plugins for your website.

If you liked this article, then please subscribe to our YouTube Channel for WordPress video tutorials. You can also find us on Twitter and Facebook.

The post The Ultimate WordPress Security Guide (Step by Step) appeared first on WPBeginner.



Source link

Ultimate Guide to Creating a WordPress Membership Site


Do you want to build a membership website? For a long time, website owners relied solely on advertising and affiliate revenue to monetize their content.

A membership website allows you to make money online by allowing users to pay for premium content, features, and access to the community.

You will need a platform that has features for managing users, memberships, payments, etc. Luckily, there are some really great membership plugins for WordPress that make it super easy.

In this step by step guide, we will show you how to easily create a WordPress membership site without any coding knowledge.

Creating a WordPress membership website

What Do You Need to Start a WordPress Membership Website?

Unlike 10 years ago, it’s quite easy to make a website these days. Out of all the platforms and website builders, WordPress makes it the easiest for anyone to build their own membership website and start selling with little to no technical skills.

You’ll need the following three things to start:

  1. A domain name. This will be your website’s address (Example, wpbeginner.com).
  2. A web hosting account. This is where your website files are stored.
  3. A membership addon (It will convert your regular website into a membership platform).

You can set up a fully functional membership website with WordPress in less than 30 minutes, and we’ll walk you through every step of the process.

Below are the steps that we will cover to help you make a powerful membership website with WordPress.

  1. Getting started with a membership site
  2. Choosing a WordPress membership plugin
  3. Setting up your membership website
  4. Adding payment methods
  5. Adding membership levels
  6. Restricting access based on membership plans
  7. Creating members only content
  8. Creating a pricing page
  9. Adding sign up and login forms
  10. Customizing email templates
  11. Viewing reports to grow your website
  12. Extending your membership website

Ready? Let’s get started.

Step 1. Getting Started with a WordPress Membership Site

To create a membership site, you must make sure that you are using the right WordPress platform. Yes, there are two types of WordPress.

We recommend using the self-hosted WordPress.org version because it gives you unrestricted access to all features and tools that you need (see the full comparison of WordPress.com vs WordPress.org).

For a self hosted WordPress site, you’ll need a WordPress hosting account, domain name, and a SSL certificate.

Typically, a domain name costs around $14.99 / year, web hosting around $7.99 / month, and SSL certificate costs around $69.99 / year.

If you are just starting out, then these startup costs can add up quickly.

Thankfully, we have a way to fix that.

Bluehost, an official WordPress recommended hosting provider, has agreed to offer our users a free domain name, free SSL certificate, and a discount on web hosting.

Basically, you can get all of the above for $2.75 per month.

→ Click here to Claim this Exclusive Bluehost offer ←

Note: At WPBeginner we believe in full transparency. If you sign up with Bluehost using our referral link, then we will earn a small commission at no extra cost to you (in fact, you will save money and get a free domain + SSL certificate). We would get this commission for recommending just about any WordPress hosting service, but we only recommend products that we use personally and believe will add value to our readers.

Once you have signed up for hosting, the next step is to install WordPress. Follow the instructions in our step by step guide on how to start a WordPress blog, and you’ll be up and running in no time.

Since Bluehost already comes with WordPress pre-installed, you can move on to setting up your WordPress membership site.

Step 2. Choosing a WordPress Membership Plugin

There are plenty of free and paid WordPress membership plugins that you can use. However, each one of them has its own pros and cons. We have a full comparison of the best WordPress membership plugins.

To choose the right WordPress membership plugin, you need to decide what kind of membership website do you want to build and what features will you need?

If you just want to allow user registration on your WordPress site, then you can use WPForms. It is a WordPress form builder plugin that allows you to easily create user login and registration forms. You can even allow users to submit articles without accessing the WordPress admin area.

On the other hand, if you want to sell subscriptions, paid content, or digital downloads, then you’ll need a more robust WordPress membership plugin, like MemberPress.

MemberPress comes with advanced membership features that allow you to accept payments, create membership levels, restrict access based on levels, and more.

Selling online courses can be another possible scenario. In this case, you’ll need LearnDash, a complete WordPress LMS plugin with all the learning management features.

You can also integrate LearnDash into MemberPress to create a powerful website with online courses as well as membership subscriptions.

That being said, let’s start setting up your WordPress membership website.

Step 3. Setting up Your WordPress Membership Website

We are choosing MemberPress as our go-to plugin because it has all the features we mentioned above, and it works perfectly with third-party plugins necessary for the growth of your business.

First thing you need to do is install and activate the MemberPress plugin. For more details, see our step by step guide on how to install a WordPress plugin.

Upon activation, you need to visit the MemberPress » Options page to configure the plugin settings.

MemberPress options page

Step 4. Add a Payment Method

The options page is divided into different tabs. The first thing you need to set up is a payment gateway because it allows you to accept payments on your membership site.

You can do this by switching to the ‘Payments’ tab and then selecting your payment gateway.

MemberPress payments

MemberPress supports PayPal (Standard, Express, and Pro), Stripe, and Authorize.net out of the box. You need to select the payment method you want to setup and provide the required credentials.

You can also add multiple payment methods by clicking on the add button to add another payment method.

We typically use two options: Stripe for credit cards and PayPal as a secondary option because some users prefer PayPal over giving out credit card details.

Don’t forget to click on the ‘Update Options’ button at the bottom of the page to save your settings.

Step 5. Creating Membership Levels

The next step is to create membership levels that your users can purchase. Each membership level can have different pricing plans, perks, and access. You can even have a free membership plan.

To create a membership level, you need to go to MemberPress » Memberships page and click on the ‘Add New’ button at the top.

Add membership level

On the next page, enter a title for this particular membership plan and then provide the plan details in the post editor.

You will need to set the pricing and expiration for this plan under the membership terms section.

Membership plan

In the example above, we have created a yearly membership plan.

After that, you need to scroll down to the membership options meta box below the post editor. This is where you can customize permissions and membership options for this particular plan.

Membership options

Once you are satisfied with the membership plan, you can click on the publish button to make it available.

Go ahead and repeat this process to create as many membership plans that you need.

Step 6. Restrict Access for Membership Plans

The next step is to select which content would be available to different membership plans on your website. MemberPress makes it very easy to control access using ‘Rules’.

You can setup rules by visiting the MemberPress » Rules page and clicking on the Add New button at the top.

Add new rules

The rule edit page allows you to select different conditions and associate them to a membership plan.

For example, you can select all content that matches a particular tag or category to be available only to members with the silver subscription plan.

Add a rules set to MemberPress

You can also create more specific rules. For example, a single post or page, child pages, or a specific URL.

Below the rules editor, you’ll see the content drip and expiration options.

Drip content allows you to gradually release content to users instead of giving it all away at once. The expiration option makes the content unavailable after a defined period of time.

If you are not sure, then you should leave them unchecked.

Once you are satisfied, go ahead and click on the ‘Save Rule’ button to save your rule settings.

Repeat the process to create more rules as needed for your membership site.

Step 7. Adding Members Only Content

MemberPress makes it super easy to create members-only content using Rules.

In the above example, we created a rule that restricted all content tagged as paid to be restricted. Now all we need to do is to create our paid content and add the paid tag to it.

Adding members only content

MemberPress also adds ‘MemberPress Unauthorized Access’ metabox below the post editor. This allows you to select what logged out users (non-members) will see when they reach this content.

Restricted content options

You can use the global default settings, or you can show excerpts, login form, or a custom message.

Once you have added members-only content, you can go ahead and publish it. As the page reloads, you will see a success message that this content is protected.

Protected content

Step 8. Create a Pricing Page

This is the page your users will see when they want to sign up for a membership plan. On this page, users will be able to select a membership plan and then move to the payment page.

Users who try to access the restricted or paid areas of your website will also be redirected to this page.

You can configure this by going to MemberPress » Groups page and clicking on the Add New button at the top.

Creating a group

First, enter a title for the group plan page. This will also be the title for the plans page that users will see.

Next, go down to ‘Group options’ metabox and add memberships that you want to display on the page.

Pricing group options

You can also select a theme for the pricing table. MemberPress comes with few ready-made templates for that.

Once satisfied, click on the ‘Publish’ button to make your plan publicly visible.

To preview your pricing page, click on the ‘View Group’ link after publishing it.

Pricing page

Redirect users to pricing page

Now that we have the pricing page ready, the next step is to redirect unauthorized users to the pricing page.

To do that, first you need to visit MemberPress » Groups page and copy the URL next to the group you created in the previous step.

Pricing page URL

After that, go to MemberPress » Options page and scroll down to the ‘Unauthorized Access’ section.

You need to check the box next to ‘Redirect unauthorized visitors to a specific URL’ option and then paste the group URL you copied earlier.

Redirect unauthorized users to pricing page

Click on the ‘Update Options’ button to save your settings.

Now unauthorized users will be redirected to the pricing plans page when they try to access a members only area.

Step 9. Add Sign up and User Login Forms

Now that you have everything set up, it is time to allow your users to easily find their way around your website.

First, you need to add a user login form so that members can sign in to their accounts.

Go to Appearance » Widgets and add ‘MemberPress login’ widget to a sidebar.

MemberPress login widget

Next, we will be adding the pricing page link to the navigation menu, so that new users can select a plan and register.

You can do this by visiting the Appearance » Menus page in your WordPress admin. From the left column, you need to click on the Groups tab to expand it. It will show the pricing plan group you created earlier.

Add pricing plans to the menu

Check the box next to your pricing page and then click on the ‘Add to menu’ button.

The pricing plan page will now appear in the right column. You can drag and drop to rearrange its position in the menu. You can also edit it and change the link text.

Edit menu item

Don’t forget to click on the save menu button to store your changes.

You can now log out of the WordPress admin area and visit your website to see everything in action.

Membership website preview

Step 10. Customizing Membership Email Templates

Your WordPress membership plugin will send several email notifications to members. MemberPress allows you to easily edit those emails and make changes to include your own branding.

Simply go to MemberPress » Options page and click on the ‘Emails’ tab. From here you can manage email notifications sent by MemberPress.

Editing email notifications in MemberPress

You will see all the email notifications sent by MemberPress to members as well as Administrators. You can click on the edit button to customize any of these notices.

Edit email notices

You can use a simple text editor to edit the email message with basic formatting options and smart tags to insert dynamic items like names, username, membership level, and more.

Make sure that you click on ‘Send Test’ button to send yourself a couple of test notifications. This will ensure that MemberPress can send email notifications.

If you are having trouble receiving email notifications, then see our guide on how to fix WordPress not sending email issue.

Step 11. Viewing Reports to Grow your Membership Website

To grow any business, you need data to make informed decisions. MemberPress comes with built-in reports to see how your membership website is doing.

Simply go to the MemberPress » Reports page. From here, you can sort reports by monthly, yearly, or all time data.

MemberPress reports

It will show you number of active, inactive, free, paid, and total members. It will also show you average member lifetime value and other data. You can scroll below to see more charts and click on a date to view transactions.

However, the most important metric of judging a membership website’s success is user engagement.

This is where you’ll need Google Analytics. It allows you to see where your users are coming from and what they do when they are on your website.

MonsterInsights, the most popular Google Analytics plugin for WordPress, offers a complete MemberPress integration that makes it easy to enable Enhanced Ecommerce Tracking for MemberPress.

For detailed instructions, see our guide on how to track user engagement using Google Analytics in WordPress.

Taking Your Membership Website to The Next Level

MemberPress is a powerful WordPress membership plugin. It allows you to easily grow your membership website.

It works beautifully with LearnDash, which allows you to easily create courses and leave the selling part to MemberPress.

You can also use it alongside BuddyPress and bbPress.

Here are some other useful resources to help you grow your WordPress membership site.

That’s all, we hope this article helped you setup your WordPress membership website. You may also want to see our step by step WordPress SEO guide for beginners.

If you liked this article, then please subscribe to our YouTube Channel for WordPress video tutorials. You can also find us on Twitter and Facebook.

The post Ultimate Guide to Creating a WordPress Membership Site appeared first on WPBeginner.



Source link