Looking for the Best WordPress Hosting Service? Read This First!

Are you excited to move your website to a new host? Or do you aspire to launch your brand-new website?

But you need to buy a web host and decide which web hosting service is the best option for you. And it is not as easy as you might think. Lest you end up buying a wrong hosting service, it can definitely affect your website ranking and the credibility.

However, fret not!

This post will tell you exactly what to keep in mind while buying a hosting plan.

Do not worry, even if you are a web hosting neophyte and struggle with web hosting jargons, it will be easy for you to grasp everything as I’m going to relay everything in the simplest way possible to make your web host buying experience extremely easy.

Here are some wonderful tips that you should read clearly before clicking the “buy” button.

1. Examine How Trustworthy the WordPress Hosting Provider Is

For starters, the trouble starts with searching for a provider. There are hordes of companies out there who are using unethical means to garner your attention and sell you their WordPress hosting. And it is easy to fall prey because they use the easiest way to lure you, that is by providing you with cheap hosting services. In the long run, these companies do not even provide the support when you need it the most.

Luckily, web hosting reviews are all over the web.

But wait… there’s a catch here. Most of the webpages online are inundated with either fake reviews or paid reviews. There is also a possibility that these reviews might be given by the employees of the company only.

In this case, you have to stay wary and should learn to distinguish which reviews to believe. To help you out we are going to give you an insightful, not to say critical analysis in the upcoming blogs. It should give you a pretty good idea about which company provides a considerable amount of support and how reliable they exactly are.

These hosting plans are suggested by the WordPress.org itself:

2. Free Web Hosting Providers Are Not Always Reliable

People have an automatic inclination towards anything that comes “free”. While there is nothing wrong with that, but in this case, you have to steer clear of web hosting services offering free services.

Let’s say, for example, you are running a business using some sort of a WordPress hosting platform. In the beginning, it’s all sunshine and rainbows, you’re putting in hours and hours building your business but ta-da one day you wake up to an email informing you that either your host has been blocked or you have lost every progress you made.

What are you gonna do now? All the time and resources have gone to drain and you are left with nothing.

Scary, right?

Don’t wait for something like this to happen. It’s better to invest a bit in the beginning. Simply steer clear of “free” or abnormally cheap WordPress hosting service provider. Rather, buy a host that is reliable, trustworthy and has an acclaimed name in the market.

3. What Type of Hosting Do You Need?

Every credible Web hosting company offers umpteen options to choose from. If you are a bit tight on the budget you can opt for shared hosting. However, if budget is not a problem you can go for more advanced Virtual Private Server.

Apart from the budget, examine what your needs are. If you are a novice blogger then shared hosting should be fine for you. However, if your website is likely to generate massive traffic (more than 25000-50000 visitors per month) or you prefer an isolated hosting environment or you will be hosting media content, then it would be a smart choice to buy a VPS hosting plan or a cloud hosting plan.

However, before you make the final buying decision, you should make yourself familiar with cloud hosting and other types of hosting options.

4. WordPress Hosting Features to Look Out For

Here comes the most important part. Before buying the hosting package make sure that your company offers some imperative features.

Especially look out for the following features:

  • Is the storage space sufficient?
  • What is the bandwidth?
  • Server uptime SLA
  • How many email accounts and domains will you get?
  • Do they offer a backup policy?
  • Do they have a dependable customer support?
  • How fast is the Customer Support response time?

Make sure that your web hosting service can vouch for the above features. If not, then don’t worry, you have a lot to choose from. Also, avoid getting bound by long-term contracts. If possible, try to avail the hosting services that allow you to pay on a monthly basis and leave whenever you want.

5. Customer Support

It is quite common for you to come across problems, especially if it’s your first experience with website hosting. In that case, it is extremely important for you to use a hosting service that comes with reliable customer support.

What if your site goes down unexpectedly? Would the customer care executives be available to sort out the problem? Thus, before settling for a service, check their track record when it comes to customer support. Your web hosting service should offer various means to get in touch with them, including customer care number, live chat option, email, and so forth.

Summing it all up

So, this is it!

These were some of the most recommended tips to make your WordPress hosting experience simple and reliable.

If you want to attain online success like so many other bloggers out there or want to scale up your online business, then choosing the right WordPress hosting is the first step towards that success.

Remember, an ideal WordPress hosting is not only cheap but also has all the features that you might require to kickstart your business, avoid web-hosting problems, and would also perform regular checks and backups.

Opinion August 9, 2019

10 Simple Marketing Tips and Tools to Boost Your WordPress Business

All businesses need a website to function. A website is a great way to generate business and show your online presence. Moreover, websites are a great way to create goodwill between a customer and a business. No matter what the size of your business is, a website is extremely important. The webpage helps to deliver a picture of your business to the customer 24 hours a day an 7 days a week.

Even if you are not present physically, your website serves the purpose of representing your business. If you choose to develop your website through WordPress, there is an entire range of possibilities that you can take advantage of. WordPress allows you to use a variety of plugins that will help you develop a better relationship with your customer and aids in marketing of your merchandise or services as well. We have compiled a few simple tips and tools for you that could help boost your WordPress business.

#1 Focus on a Niche

Being aware of marketing principles is of great importance when you are running a website. No matter what platform you are using to develop your website it is important to adhere to certain marketing principles that are important for WordPress business.

Most marketing strategies are focused on a fixed niche. It is highly impractical to try to focus on a big audience. Try to market your product only among a certain group of people, this is the right way to go about when you are trying to market your website.

#2 Develop Standards

Try to understand the ways in which you can set yourself apart from your competitors. Remember, when it comes to marketing there are small things that make a big difference. Maybe using the right theme or appealing graphics can help you make your name in the market or using the right WordPress theme. Your marketing campaign must be focused on generating leads. This is extremely important to gain recognition and make your place in the market.

#3 Content Optimization

Your content must be of value to the readers. Marketing is no longer about cheap publicity and mindless campaigns. Digital marketing service providers focus on content that is highly optimized and is regarded as a great value to the reader. Content plays a huge role in how your website is being perceived by visitors.

Gone are the days when people used their websites solely to promote their product only. There is an increasing trend of creating content that is appealing to users. This does not necessarily have to be in line with your product or service.

#4 Develop Shareable Content

Having diverse content on your website is a very useful strategy that could help do wonders for your WordPress business. Let’s look at a few ways you can make your content shareable for the viewers.

  • Appealing: Your content needs to be highly appealing and have catchy taglines.
  • Informative: You can either aim for your content to be entertaining or educational. This keeps both types of audience engaged.
  • Readability: Your content should be in a flow and should make sense to the reader. Content that is difficult to read is of no value to the reader. Moreover, it should be interesting enough so that people share it with their friends and family.

#5 Social Media Marketing

Social Media marketing has taken over marketing strategies. WordPress has plenty of plugins that you can use to boost your sales. The right plugin can help create much-needed buzz for your online business. These plugins offer various incentives to the users which increase your chances of getting a good feedback from the customers. Moreover, if your users are happy they will put in a good word for you and boost your WordPress business. There are many plugins available for your WordPress business such as Float-in and Social Marketing. These are extremely important to create brand awareness.

#6 SEO Plugins

WordPress is highly equipped with several SEO plugins such as Yoast, All-in-one, and SEMrush, etc. These plugins allow you to improve your on-page SEO with ease. Moreover, they even encourage you to mention the meta tags, keywords, and good readability of the content.

Including all these elements will rank your page higher on Google’s search engine. These plugins will also help you generate a sitemap from your website as well. There are two types of sitemaps i.e. HTML and XML. They are used to improve the customer’s abilities to navigate in a better way.

#7 Using SEO Optimized Themes

Most people choose a WordPress theme that just looks appealing to the user. It is important to understand that a theme has to be optimized for search engines as well. The two main characteristics of an SEO optimized theme are its speed and the code structure. A good theme has optimized code which helps your site rank higher on Google’s search engine.

#8 Adding Links

Linking is an important SEO tactic that is essential to build your website’s SEO. However, most website owners forget to link their posts with the other posts on their website. They fail to realize that linking can give their website the much-needed boost!

#9 Hosting

Uses the best SEO practices is essential for the health of your website. However, there is another important factor that will set you apart. That is getting a reliable hosting for your website. A good hosting helps your site in many ways such as maintaining a good speed of the website and keeping a low downtime, etc.  Security is also catered with a reliable hosting provider.

#10 Using Google Analytics

Google offers various tools to its users that help them keep track of their website’s analytics. Google Analytics is one of these tools, the tool is free to use and is highly reliable. The tools give you insights about the visitors, your webpages and overall site health. It also helps you examine the behavior of your visitors and about a potential spam on your WordPress website.

Conclusion

There are many other strategies that you can use to boost your WordPress business. However, they can be categorized under one of the topics above. Making the most of these tips can help you market your WordPress business in a better way and generate organic traffic to boost your website’s ranking.

Opinion July 29, 2019

7 Handpicked SEO-Friendly WordPress Themes for your E-Commerce Store

Let’s face it: starting an online store today is child’s play. Anyone with a laptop, internet connection, and a few hundred bucks can start an e-commerce business without needing a technical or business background.

Unfortunately, this lack of barrier to entry in the e-commerce industry has resulted in colossal competition, especially to rank high in Google search results. Of course, not to mention the competition with e-commerce giants like Amazon.

As shown above, organic traffic from Google search results is one of the biggest and most important sources of traffic and revenue (shown below) for e-commerce websites.

So one thing’s for certain: you simply cannot afford to turn a blind eye to search engine optimization (SEO) if you wish to succeed in your online venture.

Now, platforms like Shopify and Wix are great for beginners, but far from the best when it comes to SEO. As you’ve decided to opt for WordPress, you have an edge over the competition since overall, it is quite indisputably the finest content management system (CMS) in 2019, particularly for attaining top rankings in Google.

Anyway, once you have your web hosting set up and WordPress installed, the next obvious step is to install the free WooCommerce plugin. And when you realize this plugin is developed by Automattic, the company behind WordPress, Gravatar, Simplenote, and Longreads, among others, you know you’re in good hands.

Finally, you need a theme that’s not only beautiful and easy to customize but also SEO-friendly.

From first-hand experience, we know how tedious the activity of theme-hunting really is. So, we decided to compile a short list of meticulously handpicked themes to make the same exercise smoother for you.

While most of the themes discussed here are premium themes, we’ve managed to dig out a couple of free ones as well which are truly worthy of being in the list. So without further ado, let’s dive in!

Shoptimizer

Speed and conversions are the twin pillars of a successful website, and Shoptimizer was developed keeping precisely that in mind.

Did you know, a delay of just one second in page load leads to a 7% reduction in conversions. By automatically minifying its main CSS file and dynamically creating a “critical CSS” stylesheet, it delivers super fast loading times. All the key pages load almost instantly, which helps reduce bounce rate.

The developers have added various conversion-focused features too, including a distraction-free checkout option, trust badges alongside important call-to-action buttons, and a “Request a call back” option.

Plus, this theme has been designed with a ‘mobile-first’ approach which ensures smartphone users are able to shop with comfort. Moreover, Google’s latest updates give ever-increasing importance to mobile-friendliness and ranking preference to sites that are mobile friendly, which means your SEO is on track.

Furthermore, its codebase architecture follows SEO best practices, comes with Schema.org markup for rich snippets, and the theme itself is compatible with the best SEO plugin for WordPress, Yoast SEO.

Shoptimizer is priced at $99 which includes premium support and one year of updates.

Neto

As online shoppers can’t physically interact with your product, you need a stellar visual presentation if you are to keep them from bouncing away. Neto is just the theme for this purpose.

Its minimalistic design is spot on with today’s design standards. The flexible layout allows you to use shortcodes and widgets to customize the template into your unique e-commerce brand styling. It is compatible with WordPress page-builder plugins like Elementor and Brizy, so you can seamlessly edit your web pages as per your liking.

It also supports other useful plugins like WPForms, Popups by OptinMonster, and of course the aforementioned Yoast SEO plugin, among others.

As such, Neto is search engine optimized and with pricing starting at just $49 (with one year of premium support and updates), it is great value for money.

Crux

Crux is an elegantly designed theme meant to persuade customers on the edge to take the plunge.

Built on the top of StagFramework, Crux offers lightweight yet powerful functionality. It is fully responsive, retina ready, and foolproof from an SEO and speed perspective.

Like Shoptimizer, it is compatible with industry-leading WordPress SEO plugins like Yoast SEO and All in One SEO Pack and supports Schema.org integration as well.

Crux is reasonably priced at $44 which includes lifetime updates and six months support from Codestag.

Flatsome

For e-commerce businesses, nothing is more important than providing the best possible user experience. If website visitors find it difficult to navigate your store, they’ll likely go elsewhere. It’s as simple as that.

With Flatsome’s integrated drag-and-drop page builder, however, designing an intuitive user experience becomes a breeze.

What’s more, it is one of the fastest WooCommerce themes on the market thanks to its clean code and lazy loading images functionality. It even has built-in sliders so you won’t need to install a separate slider plugin. Besides, “Add to Wishlist” and “Quick View” features are quite impressive too.

This responsive theme is priced at $59 which includes lifetime free updates and six months of premium support.

June

Like Flatsome above, June is built with the principles of simplicity and speed in mind.

Its code is optimized to load only necessary files and with GPU accelerated animations, rest assured your website will load in a jiffy. June also boasts a powerful built-in live drag-and-drop page builder with more than 200 predesigned content blocks and 15+ premade unique store demos for stores of any niche.

Additionally, it comes packed with various useful plugins such as MailChimp, Apple Live Photo, W3 Total Cache, and more.

All in all, this fully responsive and SEO optimized theme is truly a bang for your buck at just $59, which again includes lifetime updates and six months of premium support.

Neve

Who says quality comes at a price? If you’re looking for premium like features without spending a dime, Neve has got you covered.

This theme enables you to build a clean and modern looking website that’s super fast and responsive. In fact, it is a multi-purpose theme which means it’s excellent not just for e-commerce, but also for personal portfolios, blogs, and small businesses.

It is optimized for mobile and AMP-friendly, thus delivering a great UX on mobile devices and helping you rank higher in Google. Further, it is compatible with popular page builder plugins like Elementor, Beaver Builder, Brizy, you name it.

The best part? Neve is totally free with an excellent support team dedicated to helping you every step of the way.

Tyche

Another free yet amazing theme worthy of your consideration is Tyche.

This fully responsive theme is particularly suitable for fashion shopping websites. Although it is free, it comes power-packed with features such as integration with Google Maps, Contact Form plugins, SEO plugins (Yoast and All in One SEO), social media plugins, and a lot more.

Additionally, it has a retina ready display, allows custom CSS, and is great for publishing blog posts (content marketing) that’ll help you rank higher in Google and keep your customers informed.

And again, it is completely free!

Final Thoughts

Hopefully, this quick list of high-grade themes has put an end to your theme hunting activity for good.

But if you still can’t find the theme of your dreams here, you should definitely check out this list of 10 free e-commerce WordPress themes or this list of WordPress WooCommerce themes.

And do let us know which them you picked and why in the comments below. Cheers!

Collections March 25, 2019

How to Install Google Analytics Tracking Code in WordPress

As we all know, Google Analytics is a great tool to track and report website traffic. It will give you a deeper understanding of your customers and everything you need to analyze data for your business.

If you’re looking to use Google Analytics to monitor your WordPress site, then you will need to install a Google Analytics tracking cookie.

This can be done with three different, but very simple methods: Using a plugin, inserting the tracking code into the header or footer of your site with a plugin, or by manually inserting the code into your header.php or footer.php files of your WordPress theme.

Regardless of your level of expertise with WordPress or coding, adding a Google Analytics tracking cookie is easier than you may think.

How to find your website’s tracking code

  1. Sign in to your Analytics account.
  2. Click Admin.
  3. Select an account from the menu in the ACCOUNT column.
  4. Select a property from the menu in the PROPERTY column.
  5. Under PROPERTY, click Tracking Info > Tracking Code. Your Google Analytics ID is displayed at the top of the page.

Google Analytics Tracking Code

The tracking code will be displayed in the middle of the page and look like this,

<!-- Global site tag (gtag.js) - Google Analytics -->
<script async src="https://www.googletagmanager.com/gtag/js?id=UA-12345678-1"></script>
<script>
window.dataLayer = window.dataLayer || [];
function gtag(){dataLayer.push(arguments);}
gtag('js', new Date());
gtag('config', 'UA-12345678-1');
</script>

 

1. Using a WordPress Plugin

If you’re not comfortable playing around with your theme or working with code, you can simply install your Google Analytics tracking cookie by using a WordPress plugin. A great plugin you can use to achieve this is Google Analytics for WordPress by MonsterInsights.

Google Analytics for WordPress by MonsterInsights

Google Analytics for WordPress by MonsterInsights is the most popular Google Analytics plugin for WordPress. It has over 2 million active installations! Using a plugin such as this one is the easiest way to install the Google Analytics tracking cookie—making it a perfect choice for beginners. Plus, it is free to install!

After installing the plugin, click on Insights in your WordPress Admin menu to bring up the MonsterInsights setup wizard. You will be asked to choose a category for your website before prompting you to connect the plugin to your Google Analytics account.

Then, you will be asked to allow MonsterInsights to access your Google Analytics account. After selecting the profile you want to track, you can finish the process by completing the authentication. Now you’re all ready to go!

Here’s a quick 1 minute video tutorial on how to setup and configure the plugin.

Remember, it can take up to 24 hours for the reports to populate. After that, you’ll be able to start monitoring and analyzing your website’s data.

2. Insert the Tracking Code in the Header or Footer with a Plugin

Another option to installing your Google Analytics tracking cookie is by using a plugin, such as Insert Headers and Footers, to embed it straight into your header or footer. This method is very similar to the last, but it has multiple purposes that can benefit you.

Insert Headers and Footers plugin by WPBeginner

The Insert Headers and Footers plugin allow you to insert codes such as Google Analytics, custom CSS, and Facebook Pixel to your WordPress site’s header and footer without editing your theme files. It makes inserting scripts simple without having to deal with dozens of different plugins.

After installation and activation, you will find the Inserts Headers and Footers plugin under Settings. Here, you will paste the Google Analytics tracking cookie code into the headers section.

Paste the Google Analytics tracking cookie code into the headers section

Click save and you’re done!

3. Manually insert the tracking code into header.php or footer.php

Finally, the last way to install your Google Analytics Tracking Cookie is by inserting the code into the header.php or footer.php files of your WordPress theme. We would only recommend this method to those that are comfortable working with coding. Please note that the code will disappear if you decide to switch or update the theme, which is why we usually recommend plugins.

To add the code in your header.php or footer.php file, in your Admin Dashboard go Appearance » Theme Editor. Then click on the header.php file to edit and paste the Google Analytics tracking cookie code right before the closing </head> tag. Click save and you’re ready to go!

Insert the tracking code before the closing head tag

If you want, you can also add the Google Analytics tracking cookie code to the WordPress functions file. This will automatically add the tracking code to every page on your WordPress site. To complete the process, you will need to add this code to your theme’s functions.php file:

<?php

add_action('wp_head', 'wpb_add_googleanalytics');

function wpb_add_googleanalytics() { ?>

// Paste your Google Analytics tracking cookie code here

<?php } ?>

Don’t forget to save your changes!

Which Method Should You Use?

This all really depends on your level of expertise and how comfortable you are working with code. For absolute beginners, we recommend using the first method and installing the Google Analytics tracking cookie with a plugin. If you’re looking to add other custom CSS and codes to your header and footer without having to touch your theme’s code, then the second option will be great. For the more advanced users, the third option is open; however, we don’t always recommend it if you’re looking to change or update your theme in the near future.

Regardless of which method you use, each one will get the job done. Now you’re done and ready to take full advantage of everything that Google Analytics has to offer. It’s a powerful tool that will allow you to track visitors to your WordPress website. You will now be able to effectively view the real-time view of your traffic, understand your users, explore where your users are coming from, and many more!

Tutorials March 22, 2019

Top 10 Image Slider Plugins for WordPress Compared

Adding visuals to a WordPress website can help to showcase your brand and add dimension to your pages. One way to achieve this is to add an image slider.

With so many image slider plugins available in the WordPress Plugins directory, we will be taking the top 10 free image slider plugins and comparing them. An overview and analysis of each plugin will give you a better idea of which image slider plugin to use for your WordPress website.

1. Slider by Soliloquy

Slider by Soliloquy – Responsive Image Slider for WordPress

Soliloquy is a drag and drop slider plugin that’s both easy and powerful. It has over 80,000 active installations and 685 five-star ratings! It’s a free plugin that prioritizes user experience, allowing users to create a beautiful responsive image and video sliders in minutes.

It has many pre-made templates with the ability to use CSS code to customize them any way you like. They’re great for creating slideshows for blog posts, products, photo galleries, testimonials, and more! The options are endless.

Another great benefit is that it also boasts of being the most SEO friendly plugin with proper HTML markup, fast speed, and Google friendly display. This is very important for websites that want to be optimized for the web.

2. Ultimate Responsive Image Slider Plugin

Ultimate Responsive Image Slider Plugin

This image slider plugin is another way to implement a photo gallery on your WordPress site. With over 40,000 active installations and a 4.5-star rating, it’s a great option for WordPress blog users that contain a lot of visual content.

The Ultimate Responsive Image Slider allows you to add infinite image sliders in a single slider using multiple image uploader. It also has various settings like customizable height and width, autoplay, navigation buttons, and many more. It even gives you the freedom to add the image slider gallery within a page or post with a generated shortcode.

3. Slider by Nivo

Slider by Nivo – Responsive WordPress Image Slider

The Nivo Slider is a popular jquery image slider plugin with over 40,000 active installations and a 4.5-star rating. It’s a fast, intuitive, and easy-to-use plugin that’s great for everyone.

With this plugin, you can create sliders from galleries, categories, and sticky posts. You can build carousels, use custom themes, and customize the slider to your liking. It’s not the most feature-rich plugin on the market, but it’s great if you just need a simple responsive content slider.

4. Slider by 10Web

Slider by 10Web – Responsive Image Slider

Slider by 10Web is a functional and easy-to-use plugin for creating elegant sliders. It has over 70,000 active installations and 195 five-star ratings.

It’s a drag and drop plugin that allows you to customize and create sliders with multi-manageable layers. You can add multiple text, images, video, media, social and hotspot layers, pick the transition effect you like, and effortlessly embed YouTube or Vimeo. This is a great option for organizing and displaying multimedia content.

5. Video Slider – Slider Carousel

Video Slider – Slider Carousel

If you’re looking for a way to showcase your videos through a slider without any programming skills, the Video Slider plugin is a great option. It has over 6,000 active installations and a five-star rating.

This plugin can create fully responsive video sliders that support YouTube, Vimeo, Vevo, and MP4 files. You can customize it by adding overlay color, changing the slideshow speed, adding animation, and many more.

6. Slider Carousel – Responsive Image Slider

Slider Carousel – Responsive Image Slider

Slider Carousel allows you to easily create sliders by adding unlimited photos, as well as posts, pages, in template files. It has over 10,000 active installations and a 4.5-star rating.

It’s fully responsive and comes with multiple layouts to help you create eye-catching slideshows. The only downside about this image slider plugin is that you would need to pay for the premium features to add video, change color, and modify slideshow effects.

7. Master Slider – Responsive Touch Slider

Master Slider – Responsive Touch Slider

Master Sliders is an SEO friendly, responsive image and video slider plugin that allows you to create slideshows within minutes. It has over 100,000 active installations and 164 five-star ratings.

With its easy-to-use interface, you can use any of the 8 starter templates and over 6 interactive slide transitions to create an image slider for your website. The free version is a bit limited, but the premium comes with a ton of pro features to accelerate your image sliders.

8. Slide Anything

Slide Anything – Responsive Content / HTML Slider and Carousel

Slide Anything allows you to create a carousel or slider with any kind of content you like–images, text, HTML, and even shortcodes. It has over 70,000 active installations and 74 five-star ratings.

This image slider plugin uses the Owl Carousel 2 jQuery plugin to create beautifully, touch-enabled, responsive carousels and sliders. It’s very versatile, making it another great option for those that want to showcase multimedia content.

9. MetaSlider

MetaSlider

MetaSlider is WordPress’ most popular image slider plugin, with over 900,000 active installations and 452 five-star ratings. It allows you to create powerful, SEO-optimized slideshows within minutes.

With this image slider plugin, simply drag and drop your images to instantly enhance your blog or website. The simple, user-friendly interface has unrestricted full-width support for image slides. Unfortunately, it doesn’t support video slides with the free version.

10. Smart Slider 3

Smart Slider 3

Smart Slider 3 is a powerful and intuitive WordPress plugin to create fully responsive, SEO optimized sliders to work with any theme. It has over 400,000 active installations and 585 five-star ratings.

It’s a very favored image slider plugin that allows you to use unique layouts with layers to build beautiful, dynamic sliders. It has a ton of customization options, making it a great plugin for those that want something different.

Reviews March 15, 2019

8 Free Live Chat Plugins for WordPress Compared

Making a user-friendly website is not an easy task. A website serves many purposes at once. Justifying every purpose demands a lot of smart tactics. The most important purpose is to inform visitors about your product/service.

A website should be informational rather than promotional. The old way was to involve customers by making them read page after page. But in today’s fast paced world, customers often don’t have the time to read all your content.

One of the best options is to add a live chat feature to your website. Live chat gives a personalized user experience and helps solve customers questions in real-time. Ultimately, it increases your conversion rate.

Here’s a list of 8 popular, and free, live chat plugin solutions for your WordPress site.

Acquire

Acquire Live chat software is fast, effective and a complete package of various customer support tools. It can be integrated with WordPress for free and you can also upgrade with a premium plan.

Acquire Live chat is very quick to interact with customers and ultimately it increases conversions. You just need to sign up on the Acquire website and link your account with the plugin and your agents can start chatting with customers.

Acquire chat box can be customized to meet your requirements, and is also optimized for Mobile (Android & iOS). You can also monitor traffic, analyze what your visitors are looking for, and set triggers accordingly.

You can also set up shortcuts, ban visitors, adjust settings, set triggers, send canned responses, add a chat-bot to save time and a sales bot to generate leads.

Acquire

Livechat

Livechat is a very user-friendly & popular solution because of its dedicated WordPress plugin. For users, it automatically greets with a nice chat box at the bottom of the page. The box always remains inside and can be accessed with just one click. Customers can leave feedback once the conversation is done so that you can evaluate how your customer support team is doing. Customization options are also available for the design of the chat box.

Users can also generate a support ticket directly from the chat box. One of the best features of Livechat is its speed. Livechat loads faster, works on all the devices and offers a better user experience. Also, all the conversations can be controlled from a single dashboard, even if you have Livechat set on more than one site.

Livechat’s WordPress plugin integrates easily with your site. It also shows a full history of previous chats with the same customer.

LiveChat – WP live chat plugin for WordPress

Olark

Olark is a full-featured live chat solution. We can’t say Olark as an ideal example of WordPress live chat plugin, but it can be easily integrated with your website with the help of a widget. All you need to do is copy and paste the code into your WordPress sidebar widget. Also, there is Olark live chat plugin that makes setup easier. A piece of code is given by Olark, which you can embed whenever you wish.

Olark provides chat reports. It helps you to track customer satisfaction, responsiveness of the operator. It also checks chat frequency. It provides integration with Salesforce, Nutshell, Highrise and many more CRM’s. You can also track your visitors activities during their visit to your website. Other than this Olark has many other things to offer like chat history, label feature, help-desk integration and more.

Olark Live Chat

Zendesk

Zendesk is one of the most popular customer support applications: it can be easily integrated with your website using their dedicated WordPress plugin.

Zendesk has beautifully designed templates and customized options available to create eye-catching chat widgets. It has one of the most wonderfully designed chat boxes, which can be easily customized.

The external zopim dashboard is there to respond to visitors, if you want to access on the go chats, you can install their mobile app for Android and iOS. If you were already using Zendesk, the best advantage is that it integrates with your current support software.

Zendesk Support for WordPress

Pure Chat

Pure chat provides beautiful chat boxes. Any part of the chat box can be personalized with different themes, colors, animations and custom images. Pure chat not only builds beautiful chat boxes but it also provides powerful live chat support, which includes multi-chat management, analytics and proactive chat triggers.

Your users can send email messages when you are offline so that you do not miss out any of your potential clients. Once you return online you can connect with those visitors via the user information collected from the pre-chat form.

You can also chat with your potential clients with the help of mobile apps or from within your Account Dashboard.

Pure Chat – 100% Free Live Chat Plugin & More!

WP Live Chat Support

The WP Live Chat Support plugin, is completely free and doesn’t require any third party integration. You can manage everything from inside your WordPress Admin Dashboard.

WP live chat plugin comes with six pre-defined chat box skins, which can be customized. Visitors can drag the chat box wherever they want on their screen for their convenience. All the chats are handled by an intuitive dashboard.

Most importantly you don’t need to spend a penny as the free version of WP live chat offers unlimited simultaneous chats.

You can also add surveys and polls to collect feedback from users and check chat history at any time. It has a compatible plugin with Google Analytics and a translation plugin. If you are looking for a WordPress-dedicated solution than WP Live Chat Support is the best option.

WP Live Chat Support

Intercom

Intercom is a comprehensive support application that helps you generate new leads, engage users, and boost conversion rates. It offers messaging services with live chat widgets. You can automate Intercom according to your needs, add chat-bots and increase engagement.

Intercom is a multi-tasking tool and not just a live chat software. It offers support assistant, marketing automation, lead generation, on-boarding and user engagement. To take full advantage of everything Intercom offers, you must take the time to explore all it’s features.

Intercom integrates with CRM software, Slack, Google Analytics, marketing services and more. If you’re looking for a complete solution where cost is not an issue, then Intercom is the best solution for most businesses.

Intercom

Drift

Drift combines live chat with a chat-bot to save time and increase conversion rates. Drift is a conversational marketing tool which helps you convert more visitors into sales leads. It also integrates with popular email marketing and CRM applications.

Drift includes powerful features like anonymous visitor intelligence, account-based marketing, drift bots, scheduled meetings and more. With drift, you can chat with customers through a cloud dashboard or dedicated Android and iOS mobile apps.

Drift also offers a dedicated WordPress plugin.

Drift

Opinion February 18, 2019

How to Install a Contact Form on Your Website with WPForms Drag & Drop WordPress Forms Plugin

Utilizing a contact form on your WordPress website is a great way for your visitors to connect with you. If coding isn’t one of your strengths, then you can take advantage of the WPForms Drag & Drop plugin to do the job for you. With WPForms, you can create beautiful contact forms within minutes!

Contact Form by WPForms – Drag & Drop Form Builder for WordPress

WPForms creates a user-friendly contact form that can be built without any coding knowledge required. It has over a million active installations, making it the next most popular WordPress contact form plugin. This is a great option for beginners!

1. Install and Activate

Before starting, you will need to install and activate the plugin. Go to Contact Form by WPForm in the WordPress plugin directory to download the plugin. After downloading it, be sure to click activate so that it’s ready to go. Or, from within your WordPress Admin Dashboard go to Plugins > Add New and search for keyword wpforms. Then, click on Install and Activate.

Install and activate WPForms plugin

2. Exploring Contact Form by WPForms

In the admin panel of your WordPress, click on WPForms. To create the form, click on “Add New”. It will take you to a clean, immersive interface to start creating your contact forms.

Click «Add New» to create a contact form

Choose between Blank, Simple or Suggestion form.

You will have a choice between using a blank form, simple contact form, or suggestion form.

  • Blank form: Allows you to create any type of form using the drag & drop builder.
  • Simple contact form: It’s exactly what it sounds like. It’s a simple form for users to contact you. You can add and remove fields as needed. Be aware that it has a lot of upgrades and upsell requests.
  • Suggestion form: Allows you to ask your users for a suggestion with the simple form template. You can add and remove fields as needed.

There are pre-made templates available, but only if you upgrade to the pro version. We find the simple contact form sufficient enough for what we’re looking for. Though the free version is a bit limited, it does the job.

3. Start Creating Your Contact Form

After selecting the form of your choice, you will see five panels to play around with on the left side.

Setup

This is where you will select a template to build your contact form from. You will have a choice between using a blank form, simple contact form, or suggestion form. If you upgrade to the pro version, you will have access to pre-made templates.

Fields

Within fields, you can start designing your contact form with various fields. With the free version of WPforms Drag & Drop WordPress form plugin, you will have access to:

  • Single line text
  • Paragraph text
  • Dropdown
  • Checkboxes
  • Multiple choices
  • Numbers
  • Name
  • Email

With the upgraded pro version, you will have access to fancy fields. Some of these include:

  • Website URL
  • Address
  • Phone
  • Password
  • Date/Time
  • File Upload

Unfortunately, the fancy fields are only for the upgraded pro version. However, WPForms Drag & Drop Forms plugin does the job for a simple contact form. The perfect thing about the WPForms contact form is the ability to drag and drop to move things around. You can click on the Field Options to edit the labels, description, and other advanced options.

Settings

Under the Settings panel, you will have access to change the general settings, notifications, and confirmations.

  • General settings: You will find the form title, form description, submit button text, and enabling anti-spam honeypot.
  • Notifications: Where do you want the email to go to? You can even utilize smart tags that pull information from the form itself to generate the email.
  • Confirmation: Here you can change the type of confirmation. It can be a confirmation message, show another page from your website or a redirect to another URL.

Marketing

The marketing panel is only available with the upgraded pro version. There isn’t much information on what’s included, but their website does state marketing and subscription. With the marketing features, you can create subscription forms and connect it with your email marketing service. Want to learn more about your users with geolocation data? They have that too.

Payments

Payments are also only available with the upgraded pro version. You can easily collect payments, donations, and online orders without having to hire a developer. They have an addon for PayPal and Stripe to make the job easier.

4. Save and Embed Your Contact Form

After creating the form, you’re finally ready to save and add it to your website. Be sure to click on “SAVE” before embedding your contact form. There are two ways to embed your contact form to your WordPress website.

Save and embed your contact form

Embed With A Shortcode

The first way is to embed the shortcode within your page or post. Simply click on “EMBED” and copy the shortcode given, then save it wherever you like.

Embed Within the Post/Page

The other way is to go directly to the backend of the post or page and click on “Add Form”. From there, you can select the form you want to add and that’s it!

5. Publish!

Don’t forget to click save and publish your web page with the new contact form. You will be able to see how it looks and even give it a test run. If there’s anything that you’d like to change, you can easily go back into WPForms Drag & Drop to edit without needing to re-embed the form.

Now you have a fully functional contact form that is ready to be used. This plugin is perfect if designing isn’t your forte. Best of all, it’s free to install! For additional support and features, you can upgrade to the pro version. However, I’d say that it already comes with a significant amount of features that are extremely customizable and versatile for any WordPress site.

Tutorials February 11, 2019

WordPress Performance: 10 Ways to Reduce Page Load Time

After putting hours into building a WordPress website, you’ll want to ensure that it’s pages are loading quickly. A slow-performing WordPress website can cost you visitors, reduce your ranking on search engines, and affect the overall user experience. Here’s 10 ways to reduce page load time that we’ll outline in this article.

1. Find an Optimal Hosting Service

To reduce your page load time, you have to double check the speed of your hosting server. If the server is slow, then your site is going to be slow as well. Many providers will overload their services, which can result in CPU starvation and IO issues. To quickly test the TTFB (Time to First Byte), you can use a tool such as Key CDN Web Performance Test.

Ideally, you want your speed to be around 200-400ms, though location does factor in. For example, the speed will probably in the 200-400ms range in North American countries but different elsewhere. When testing the TTFB, it’s a good idea to run multiple tests over the course of a day to find the overall average.

If the TFFB is consistently high and you notice access to your control panel is slow or suffers from downtime’s and errors, then it’s probably time to change your host.

2. WordPress Stack

Your WordPress stack consists of the Web Server, Mysql, PHP, and other smaller components to power your website. By optimizing your WordPress stack, you can reduce page load time.

The Web Server: You can use Apache for light use, but you will need to consider switching as larger loads will affect the performance. For greater load and shared hosting servers, focus on finding a provider that uses Litespeed or Nginx. They’re much faster and more stable under greater loads.

The PHP: Use PHP 7.x as it gives a large increase in performance over PHP 5.6. If your WordPress host or theme doesn’t have it, then it’s time to find a new one.

Caching: Use a host that offers true caching at the server level. I recommend Litespeed LsCache and Vanish to provide the most optimal service.

3. Live Visitor Monitoring and Recording

Instead of using a plugin for live visitor monitoring and recording, I recommend using Google Analytics instead. While plugins like this are great for tracking your traffic, they can slow down the performance of your website.

Google Analytics is a perfect way to monitor and record live visitors because it doesn’t affect your WordPress performance. It’s an external service that is integrated with your WordPress website. It does all the work for you while reducing page load time.

4. Themes and Visual Composer

Poorly constructed themes and most drag-and-drop page builders, such as Visual Composer, will slow down your website’s performance. Avoid using them if you can. Instead of drag-and-drop page builders, try going with child themes based on frameworks like Genesis or Thesis.

If coding isn’t one of your strengths, you can find pre-made WordPress themes that are easily customize-able. Stay away from drag-and-drop page builders if you want a fast performing WordPress website.

5. Plugins

Plugins are great for customizing your WordPress website but similar to the live visitor monitoring, or drag-and-drop page builders, they can affect your website’s performance. Deactivate and discard of any plugins that you may not need. Always do your research before adding them to ensure that you’re only using what you need. Remember, less is more!

6. Bots and Crawlers

To reduce page load time, you can configure Wordfence crawl-limiting rules to help block fake and aggressive crawlers, bots, and spot. In your robots.txt file, use this:

User-agent: *
Crawl-delay: 10

Most “good” crawlers will obey this as Wordfence takes care of the rest.

7. Removing xmlrpc.php

Most people don’t need xmlrpc.php and it can be removed. The most common plugin that uses this is Jetpack, so you may need to weigh the pros and cons. If you don’t need Jetpack, I would recommend removing it because it’s a very heavy loaded plugin that can affect your WordPress performance.

8. Disable or Slow Down WordPress Heartbeat

If you have the Heartbeat Control plugin, I recommend disabling or slowing it down. It’s a tool that provides real-time communication between the server and the browser when you are logged into your WordPress admin panel, but it can cause a lot of performance issues.

However, disabling Heartbeat Control should only be done if you have identified that it’s the cause of high CPU use. To identify this, you can:

  1. Check your access_logs to see if you see a ton of calls like “POST /wp-admin/admin-ajax.php” and the timestamps match with a CPU spike.
  2. If your provider uses cPanel and CloudLinux, you probably have a feature that takes a snapshot when there is a resource spike and shows the cause which will also list admin-ajax.php.
  3. If you have root access, you can monitor with “top -c”.
  4. Tailing the users access_logs in real time.

9. Disable WordPress Cron

Instead of using WordPress cron to fire every time someone visits your website, disable it and set a system cron instead. This will help with your WordPress performance to reduce page load time.

This can be done by adding the following to your wp-config:

define('DISABLE_WP_CRON', true);

Now in your control panel, set a system cron with the command:

/usr/local/bin/php /home/user/public_html/wp-cron.php

10. Analyze the Logs

Logs are extremely useful in telling you when something is wrong with your WordPress website. They can be used in diagnosing performance and instability issues. The two main logs you will need to know are error logs and access_logs.

Familiarize yourself with them to learn about any errors or entries that can occur. You will gain a much better understanding of how your WordPress website works!

By following these 10 tips and tricks, you will see a significant increase in your WordPress performance. You will notice a reduced page load time and a greater experience for your visitors!

Tutorials February 8, 2019

WordPress Maintenance Checklist: 10 Essential Tasks to Perform Regularly

If you landed on this page, you most likely want to learn more about WordPress maintenance. It’s a hot topic and many WordPress users like you – are searching for the best tips to make sure their sites run smoothly.

And yes, unless you are running a huge business site, you will be able to do your own WordPress site maintenance.

Hiring a WordPress maintenance agency to take care of your site is awesome. This way, you can fully focus on scaling your business or spending time with your family.

However, if you are on a tight budget or you are passionate about WordPress, you can do your own site maintenance.

Don’t know how to start? Here is our WordPress maintenance guide; it’ll help you maintain your site like an expert.

Mandatory Tasks (Red Code)

WordPress maintenance covers a large array of activities; all of them are important, but a few activities are critical for the existence of your site. Unfortunately, users have a tendency of ignoring some of these important tasks.

Website Security

You must be aware that a site is never secure enough. Website security isn’t an endpoint, it’s a journey. Start this journey by installing a security plugin. Luckily, developers have created plugins that considerably strengthen site security. In no particular order, check these plugins aimed at securing your site: Wordfence, Defender, All in One WP Security and Firewall, and Sucuri Security.

These plugins do most of the legwork for you, but it’s still not enough. You have to do a few other tasks like:

  • Username and password audit. Are you using “admin” as a username? You have significantly simplified the work of a hacker. Audit your passwords and change them regularly.
  • Check the users and their contributions. Delete users that don’t need access to the site anymore, or reduce their privileges. More or less, each user is a vulnerability, so deleting them improves security as long as it doesn’t affect the site performance.

Regular Backups

You don’t appreciate the value of a backup copy of your site until you desperately need one in emergency situations. Don’t make the same mistake, your site must have a safety net! UpDraftPlus, BackupBuddy, Duplicator, and BackWPUp are some of the most used backup plugins.

Install your backup plugin of choice and look through all its options. Most plugins allow you to perform automated site backups, and let you choose the backup frequency and where to save the files. If possible, set up more remote locations to save the backup copy.

Don’t forget to check the existence and integrity of the backup copies from time to time.

Update Everything

Updating your WordPress version, themes, and plugins is a snap. We wrote previously on how to update WordPress to the latest version, while updating the themes and plugins is a matter of a few clicks. Users ignore it probably due to its simplicity.

Don’t make the same mistake. Even minor updates may contain patches that improve the security of your site. Check out this table featuring WordPress vulnerabilities; a hacker has more than enough opportunities to harm your site if you use an old version of WordPress.

Have you ever heard of the Panama Papers? This was a huge data leak revealing how wealthy people and political leaders hide their money in offshore entities. It seems like a Revolution Slider plugin vulnerability let the hackers steal huge amounts of data. Hiding so many secrets and getting hacked due to a plugin that wasn’t updated…not cool at all, right?

Check Site Indexability

Lots of people simply don’t check whether their site is indexed by search engines, especially by Google. That’s because not many sites are deindexed, but that’s still not a good enough reason to not check if your site is being indexed by search engines.

All you have to do is to search site:yoursite.com in Google and look at the search results. Google has indexed your site if the results are webpages of your site. Take a look at Google Analytics and Google Search Console for more details about your indexed webpages.

Test Your Forms

The vast majority of sites have at least a contact form. You may lose precious leads if you didn’t configure the form properly. A basic test is to send yourself a message via the contact form. Did it arrive in the desired inbox? Cool…the form works and you haven’t missed any good opportunities.

Highly Recommended (Yellow Code)

Red Code recommendations are to keep your site secure, indexed by search engines and reachable by leads. Yellow Code suggestions are to make the site more attractive to visitors. I doubt that your site will generate solid revenue if you don’t apply the following tips.   

Speed Improvement

Some people claim that speed is the new SEO. This is an exaggeration, but certainly, a fast loading website is a must-have for a profitable business.

Start your speed optimization process by benchmarking your current asset. GTMatrix or PageSpeed Insights are great tools to test a site’s loading speed. These provide quality data and useful tips to improve loading time.

The hosting performance matters a lot in the speed equation. Evaluate the host quality and choose a superior plan, or change the provider. The theme used is another determinant factor – is it built with speed in mind? Is it built using the latest technologies?

Next on your speed improvement strategy would be a caching and image optimization plugin. WP Super Cache and  W3 Total Cache are good caching plugins, while Smush It and Short Pixel optimize images properly. Millions of users are satisfied by these four plugins, so test drive them confidently.

Last, but not least, delete unused themes and plugins. These slow down the loading speed and may contain vulnerabilities.

Database Optimisation

Blog posts, comments, and categories are all stored in tables within a database. If you are not a techie, you may have disregarded this, but you can’t ignore cleaning up the database. The default WordPress installation is made up of 12 tables, but many installed plugins generate new tables. Over time, these additional files make your site load more slowly.

Experienced users know how to clean up a WordPress database, but you can do it faster and easier with plugins. WP-Optimize accurately cleans up WordPress databases, use it worry-free!

Uptime Monitoring

Perfect is the worst enemy of done, and website up-time is a living testament to this statement. Your site can’t be available 100% of the time, but you have to do everything possible to strive for perfection.

Use your up-time monitoring tool of choice and audit the site downtime. Determine the causes of downtime periods and craft a strategy to reduce them. Usually, server updates and site maintenance are responsible for your site being unavailable.  

Recommended (Green Code)

The following tasks are less important than the previous ones, but they must be performed if you expect your site to attract leads and clients. They are simple to accomplish but can be time-consuming in some cases.

Comment Moderation

Comment moderation is a delightful activity when users’ contributions are on-topic. Sadly, the majority of comments submitted are about improving sexual life and paying a commission to earn a huge amount of money!

Nowadays, comment moderation is almost equivalent to spam removal. Use Akismet plugin to save you time; it works miracles against spam comments. However, Akismet isn’t perfect, so it’s recommended to look through comments before letting the plugin delete them permanently.

You may delete insightful comments if you follow it blindly, which will only annoy your users. Don’t forget to reply to genuine comments – readers appreciate that you care about their opinions.

Check Internal and External Links

You linked to other sites through your posts, but some sites have been abandoned, and linking to them hurts the user experience. Go to Google Analytics and Google Search Console and check for broken links.

This Wordstream tutorial can help you with this. Still, once again, a plugin does the legwork for you –  for instance, Broken Link Checker monitors your site and looks for broken links.

WordPress maintenance isn’t limited to just these tasks, but these are essential for running a functional site. Use this checklist to ensure your site runs smoothly. Do you have an important tip to share with us? Please leave us a comment and share your WordPress maintenance tips and tricks!

Tutorials February 1, 2019

WordPress Security: Step-by-Step Malware Removal Guide

It’s common for websites to contain vulnerabilities and be prone to infections at any time. Paying for an additional service to have it removed can be costly. Instead, you can learn about malware removal on your own. In this guide, you will learn how the step-by-step process of removing malware, fixing the vulnerabilities and removing websites from the blacklists.

Before Starting the Malware Removal Process

Before starting the WordPress malware removal process, you will need to lock down your website. This is to ensure that during the process, only you will have access to the website. This can be done through your hosting service to put the site into a maintenance mode. If you can’t find it, there are other ways to lock down your website:

Apache

Open your .htaccess, sometimes called htaccess.txt, file and write the following lines on top:

order deny,allow
# Deny access from all IPs
deny from all
# Allow access from specific IP
allow from YOUR IP ADDRESS

Nginx

Open your nginx.conf file and write the following lines:

location / {
# allow your IP below
allow 127.0.0.1;
# drop rest of the world
deny all;
}

1. Install Anti-virus Software on All Computers From Where the Site is Accessed

It can be common that your FTP access, /wp-admin/ username and password credentials are leaked through the keylogger or computer virus. Having antivirus software installed on the computer from where you access the admin panel or log into your hosting server or FTP is essential.

Using the antivirus software, scan your computer for possible malware. Be sure to also take a look at your operating system security settings to make sure that the firewall is turned on. It also helps to frequently update your operating system, web browsers, and browser extensions.

2. Change All Access Codes (Hosting, SSH, FTP, MySQL, WP Users)

To prevent your credentials from leaking, you should change them one by one. Change your hosting panel password, then revoke all FTP accounts and create new ones with pre-generated passwords. If your host doesn’t automatically do it, use a password management tool such as LastPass to generate a secure password.

Changing WordPress Admin Panel Credentials

Through your WordPress admin panel, delete all inactive accounts then edit each active account one by one to suspend all sessions and generate new passwords.

Changing Database Credentials

When changing the MySQL or a database password, you will also need to update this information on your wp-config.php file.

Changing Salts

Salts are used to safeguarding stored passwords from being read. After a breach, a new salt is generated for each password and it’s important to replace the old salts with the new ones in your wp-config.php file.

We recommend changing these codes on a regular basis to improve your website security (every 3 – 6 months). You can manually generate the Salt keys from WordPress.org secret-key service.

3.  Fully Backup Your Website

It’s always important to download all of your file server content and database to a local environment as safety. This can be done with SFTP, SSH, or through PhpMyAdmin panel.

SFTP

This method is a secure version of FTP, which is used for transferring files from one database to another. Access codes are found in your hosting account as the regular FTP access codes. SFTP port is 22 while FTP port is 21. You can access the service with a client such as FileZilla for this.

SSH

Some hosting servers will give you SSH access to make things much easier. It will generate a .zip file with all your files on your hosting account, which can later be downloaded directly over SFTP.

After logging into your WordPress website with SSH access, perform the following:

zip -r backup-pre-cleanup.zip

Database

Through your hosting service, you can find the PhpMyAdmin which allows you to manage the database. You can easily export the entire database within the PhpMyAdmin panel. Save this to the same folder, “backup-pre-cleanup”.

You can also export your database via SSH with the following command:

mysqldump -p -h hostname -u username database > backup-pre-cleanup.sql

After exporting it with SSH, be sure to download this to your local environment and delete it from the file server.

4. Analyze Logs and Recent Changes

Logs are great to detect changes and analyze for incidents. You will be able to download access logs from your hosting service. With the logs, you will need to open it with a software such as Sublime Text and search (control + F) for “POST” method. Look at the dates to see if any PHP file has been added to the server. Also, look at events around suspicious behavior to see if you can catch anything.

You can also check which PHP files have been recently updated by running the following command through SSH:

find . -type f -name '*.php' -ctime -7

To see if any JavaScript files have been added or modified, run the following command:

find . -type f -name '*.js' -ctime -7

To see all the files, permissions, and attributes that have been modified in the past 7 days, you can run this command:

-ctime -7

You can change the number lower/higher depending on the need while:

-7 = modified in less than 7 days

+7 = modified more than 7 days ago

5. Update Your PHP Version

Updating your PHP version to 7 will not only secure your website, but it will make your website run twice as fast compared to PHP 5. It also has a 50% better memory consumption, so you should quickly upgrade to the latest version.

6. Update Your WordPress Installation

Don’t ignore the WordPress installation notifications. Your website can get infected if it has outdated code, plugins, or themes installed. Websites with too many plugins or weak passwords are common reasons why WordPress websites get hacked.

Remove Unused Plugins and Themes

You should deactivate and remove any plugins and themes that aren’t in use. By just deactivating it, it will still stay on the server and can still be exploited if it’s vulnerable. We recommend removing software that isn’t being used to reduce the risks of outdated and vulnerable software.

7. Set Proper File Permissions

By default, all folder permissions in WordPress should be 750 while all files should be 640. The only exception is wp-config-php which can be as low as 400. Avoid having any file or directory set to 777.

You can change all folder permissions to 750 through SSH with the following command:

find /path/to/your/wordpress/install/ -type d -exec chmod 750 {} \;

You can change all file permissions to 640 through SSH with the following command:

find /path/to/your/wordpress/install/ -type f -exec chmod 640 {} \;

You can change wp-config-php permission to 400 through SSH with the following command:

chmod 400 /path/to/your/wordpress/install/wp-config.php

8. Remove Symbolic Links

Access can be gained to root or higher folders in your hosting server if vandals try to symlink folders. Please be sure there are no symlinks before changing file and directory permissions. If a symlink goes undetected and you try to delete the linked folder, you might end up deleting all the files in your server. To avoid this from happening, use the following command through SSH and wherever you see the suspicious folder:

find . -type l -exec unlink {} \;

9. WordPress Malware Removal Through Files

There are various things you can do to detect suspicious files automatically and manually. We recommend doing as much as you can to be sure that WordPress malware removal is done correctly.

Manually Compare Clean and Infected Files

Create a new WordPress installation and install the exact same plugins and themes to ensure that everything runs at the same version. Create a new folder to your local environment named “Compare” and add 2 folders inside the folder called, “Clean” and “Infected”. Using SFTP, download the new WordPress installation and save this to the “Clean” folder. Now open your previous backup, find the WordPress installation, and copy it to the “Infected” folder.

Now download Beyond Compare to compare the two folders while keeping your main focus on PHP and JavaScript files to see which are different from the original. Open your SFTP access to the original website and open the “Clean” folder locally.

If Beyond Compare is telling you that index.php files are different in these two folders, move as many files from “Clean” folder to your website and see if the website is working properly after replacing each one. If the website breaks, then revert it by uploading the same file back to the server form the “Infected” folder.

If you feel comfortable with the terminal, you can also use a command through SSH like this:

diff -r wordpress-clean/ wordpress-infected/ -x wp-content

Removing PHP Files From Uploads Folder

PHP files should never be in the uploads folder, but they can end up there whenever a vulnerable upload functionality if being exploited.

To remove the PHP files from the uploads folder, open up your SSH terminal and navigate to /wp-content/uploads and run the following command:

find . -name "*.php"

Finding and Removing Backdoors and Malware

Web-shells, also known as backdoors, and malware are often hidden to avoid detection from automatic malware scanners. They can be removed manually with the following steps:

Some functions that are commonly used in backdoors and malware are:

eval(), base64_decode(), gzinflate(), str_rot13()

To locate these files, open your SSH terminal and run the following command:

find . -type f -name '*.php' | xargs egrep -i "(mail|fsockopen|pfsockopen|stream\_socket\_client|exec|system|passthru|eval|base64_decode) *("

Use this command to look for backdoored image files:

find wp-content/uploads -type f -iname '*.jpg' | xargs grep -i php

And iframes:

find . -type f -name '*.php'  | grep -i '<iframe'

To automatically remove backdoors and malware, you can use OWASP web malware scanner, Ai-Bolit malware scanner, and PHP malware scanner. Be sure to manually compare clean and infected files to ensure there are no suspicious files left.

10. WordPress Malware Removal Through The Database

It’s common for malware to be injected into the database and loaded to the website through posts, pages, comments, and other website content. There are different ways to perform WordPress database malware removal.

Searching for Suspicious Content From the .SQL Database Backup

Open the .SQL file directly with Sublime Text and use Control + F to find malicious content from the database.

Search for iFrames: <iframe

Search for base64: base64_decode

Search for eval(): eval()

Search for scripts: <script

List all the malicious findings and try to understand where they are located. Don’t delete them directly from the database backup. Proceed to editor one-by-one and select Text mode, then delete malicious code and if needed, reformat the content. Look at the comments and delete possible spam.

Searching for suspicious content via PhpMyAdmin

If you have access to PhpMyAdmin, you can directly search for similar entries with the search option. If you’ve detected a malicious content, try to understand where it was added. Then, proceed to editor one-by-one and select Text mode, then delete malicious code and if needed, reformat the content. Look at the comments and delete possible spam.

11. Check the Site Manually and From a Search Engine Perspective

View your website as a visitor to see if you can find anything suspicious or if the website isn’t performing well. Also try looking up your website on search engines, such as Google, with the query “site:mywebsite.com”.

If you see weird characters or suspicious Canadian offerings in Google results, then your website is probably infected with SEO malware that is only visible on Google and other search engine crawlers.

Install User-Agent Switcher extension for Google Chrome, which allows you to see your site from the search engine perspective. You can set a custom user-agent from the extension settings, the most popular user-agent used by Google bot is:

Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)

Try visiting your website again with the Googlebot user-agent and don’t see different content, then you have successfully removed the SEO malware. If it still looks weird, then go through the malware removal process again.

After the Malware Removal Process

Restore Public Access to the Website

After removing the malware and you feel confident that your website is now clean, remove the restrictions from your website. If your hosting server blocked your access, ask them to rescan your website and to restore public access to your website.

Ask to be removed from Blacklists

You can check to see if your website has been blacklisted by any AV vendors or search engines by using VirusTotal. If you’re blacklisted by Google Safe-browsing, you can log into Google Webmaster Tools and request a rescan.

If you’ve been blacklisted by AV vendors or other search engines, simply contact them to request a rescan.

Disable PHP execution in /uploads/ and /cache/ folders

Add the following codes in your configuration to prevent PHP usage inside /upload/ and /cache/ folders.

Nginx:

# Deny access to PHP files in any /uploads/ or /cache/ directories
location ~ /uploads/(.+)\.php$ { access_log off; log_not_found off; deny all; }
location ~ /cache/(.+)\.php$ { access_log off; log_not_found off; deny all; }

Apache:

Create a .htaccess file to /upload/ and /cache/ folder and write following inside both of the files:

# Kill PHP Execution
<Files ~ "\.ph(?:p[345]?|t|tml)$">
deny from all
</Files>

To prevent future malware infections from happening, be sure to keep your WordPress updated and use a secure hosting service. Have a managed firewall that is always updated with the latest security risks to avoid potential threats. Since WordPress sites are constantly attacked by botnets and hacking scripts, hide default admin panel and disable file editing options directly from the WordPress admin panel. This can be done by adding the following code in your wp-config.php file:

## Disable Editing in Dashboard
define('DISALLOW_FILE_EDIT', true);
Tutorials January 25, 2019
1 2 3 4 5 14
css.php

Error: Please enter a valid email address

Error: Invalid email

Error: Please enter your first name

Error: Please enter your last name

Error: Please enter a username

Error: Please enter a password

Error: Please confirm your password

Error: Password and password confirmation do not match

No thanks, proceed to download