Industry Buzz

Security Vulnerabilities and 4 Ways to Protect Your WordPress Site

Reseller Club Blog -

Running a self-hosted WordPress website is not as easy as advertised, yet it can be done with the right tools and knowledge. You need to take care of hosting tasks, like choosing a host and making sure your site loads smoothly. You then need to design the site, using themes and plugins in a way that ensures positive user experience.  You also need to create and add content on a regular basis. These are just a few basic tasks that many site owners, admins, and managers need to take care of. Despite the amount of work required, WordPress is a powerful CMS that powers 35% of websites across the globe.  WordPress provides many advantages, amongst these are its open source nature, the huge community of contributors, and the massive marketplace dedicated to WordPress services and products. The platform itself is offered free, and what you need to pay for is another infrastructure. This model enables businesses to grow at scale, add features as needed, and build affordable yet powerful websites for a wide range of purposes.  Like most websites and online systems, WordPress is vulnerable to attacks. While WordPress comes with many features and capabilities, it does not come with in-built security features. You need to install plugins, integrate with security tools, and monitor continually. In this article, you will learn what security vulnerabilities are, and how attackers use these to hack into WordPress sites. You will also learn what the top WordPress security vulnerabilities are, and how to protect your WordPress site against them. What Security Vulnerabilities are and Why You Should Care Security vulnerabilities are unprotected areas of your site or site host that attackers can exploit to steal your data, modify your site, or otherwise cause damage. These vulnerabilities often exist due to insecure plugins that you may add to your site, lack of control over visitor interactions, or failure to regularly update plugins. While you may think that attackers would have no interest in your site, attacks happen regularly to every type of site, regardless of size or traffic. In fact, Wordfence researchers have found that more than 90,000 attacks against WordPress sites occur every minute.  Attackers value user data that your site contains and the site’s access to visitors. For example, a successful attack may allow an attacker to plant a malicious script on your site. Then, when users visit your site, that script runs and enables attackers to steal user passwords or gain access to webcams. Top WordPress Security Vulnerabilities and How to Overcome Them To protect your site and your visitors, it helps to understand what type of vulnerabilities you may be exposed to. Below are some of the most common vulnerabilities that site owners face and some suggestions on how to manage these risks.  Insecure WordPress logins Your WordPress login is a valuable target for attackers because it provides access to your site administration dashboard. If attackers can gain access to your login credentials they will have full control over your site. An insecure or weak administrative password provides easy entry for attackers.  Weak passwords are passwords that can be easily guessed or uncovered through brute force attacks. Brute force attacks are attacks that keep trying different password and username combinations until access is gained. These attacks are possible because WordPress doesn’t limit the number of login attempts an attacker can make. To prevent these attacks, it’s important to:  Use a secure password and change it periodically. Secure passwords are typically passwords that are:  eight or more characters and a combination of uppercase and lowercase letters, numbers, and special characters  The easiest way to ensure you have a secure password is to use a password generator such as the one provided in Google Chrome browsers. Enable two-factor authentication. Two-factor authentication requires you to correctly enter your username and password. Then a code is sent to your email or a personal device, such as a mobile phone. Once you provide this code you are allowed to finish logging into your account. Two-factor authentication can help ensure that even if an attacker steals your login information, they are not able to access your account. 2. Outdated themes and plugins Any theme, plugin, or application that you add to your site may introduce vulnerabilities. If attackers discover these vulnerabilities they can exploit these weak spots to gain access to your site and users.  After plugins, themes, and applications are released, developers often continue working on these components. For example, adding new features, fixing bugs, or patching security issues. If you do not keep your various components up-to-date, you miss out on these improvements and may leave vulnerabilities exposed.  To avoid this, it is important that you:  Keep track of current versions of your components and that you are aware when vulnerabilities have been reported. To remain up-to-date, you should periodically check for new versions or patches. If you can enable automatic updates for components you should. ResellerClub’s WordPress Hosting provides automatic WordPress updates, making it easier to stay up-to-date. If automatic updates aren’t available, you need to use a different method of alerting yourself to possible threats. One way is to monitor a vulnerability database. Vulnerability databases are listings of known vulnerabilities and include information about what components are affected and how to fix the vulnerability. These databases can help you ensure that you are aware of any known vulnerabilities regardless of whether an update is currently available.  3. Incorrect WordPress permissions When you create your WordPress site, you create an administrator account, and you may also create user accounts. For example, if you have a team of people who are working on your site or if you have a subscription service. Each of these accounts has a set of permissions assigned to them that determines what a user can do on your site.  When setting these permissions it is important that you only allow users as much ability as they need. For example, you don’t want your subscribers to be able to edit posts or your editors to be able to change site settings.  Roles in WordPress are as follows, from most to least permissions: Administrator—can fully control your site.  Editor—can modify and publish site posts. Author— can modify and publish their own posts. Contributor—can create drafts of posts. Subscriber—can only modify their profile. To ensure that you are assigning permissions correctly, make sure that you place users in the lowest possible role you can. You can always change their role later if you find that the current one isn’t high enough. However, it is hard to undo the damage caused by users with high level permissions.  4. Running your website on HTTPS Hypertext Transport Protocol (HTTP) is the method used to connect your site to your user’s browser. If your full site address starts with http:// then you are using an HTTP connection. This connection is available to any user and does not require any sort of authentication to use.  Because HTTP connections are not protected in any way, attackers can intercept requests made by users visiting your site. For example, if a user clicks a link on your page, a request is sent to your web server for that page. If an attacker intercepts and modifies this request, they can send your user to a different page entirely.  To prevent attackers from manipulating user or server requests: Enable HTTPS. HTTPS is a modification of HTTP that includes security features for encrypting or hiding the information that is being sent in a request. This encryption prevents attackers from reading or modifying data and ensures that only your web server and the browser making the request have access.  HTTPS is especially important if you are running an eCommerce site. Many users are unwilling to make purchases from a site that is not using HTTPS because they don’t want to risk having their credit card or other payment information stolen. Conclusion In simple words, vulnerabilities are anything that hackers can use to breach your site. There are two types of vulnerabilities: those created by authorized users (like site owners and users) and those created by unauthorized users (like hackers).  Vulnerabilities created by authorized users are typical mistakes such as code errors, misconfigured plugins, insecure themes, weak authentication, etc. When hackers create vulnerabilities, they use techniques that enable them to inject malicious code into your site or eavesdrop on your communications. Top WordPress security vulnerabilities include insecure WordPress logins, outdated themes and plugins, incorrect permissions, and using HTTP instead of HTTPS. The bad news is that there are hundreds and thousands of vulnerabilities out there because human error is a fact and hackers always hack. The good news is that you can avoid many issues by following the practices mentioned above. To know more about WordPress CMS, hosting and features of WordPress, read more from our WordPress Blogs Category.   .fb_iframe_widget_fluid_desktop iframe { width: 100% !important; } The post Security Vulnerabilities and 4 Ways to Protect Your WordPress Site appeared first on ResellerClub Blog.

Working Remotely Isn’t Just About the Work

WordPress.com News -

With COVID-19, the business world has come to a fork in the road: Down one route, shuttered offices. Down the other, companies embracing remote work, showing us how businesses can survive — and thrive! — with a fully remote workforce. And that includes fostering strong team bonds and employee relationships; just because there’s no physical break room or water cooler doesn’t mean companies can’t create opportunities for colleagues to connect. Not all businesses can operate with remote employees, and the world’s frontline workers don’t have the luxury of dialing in from home. But for those companies that can function without a central office, there are myriad benefits to a distributed workforce. Automattic has always been fully distributed, and we’ve learned a lot about how to build a productive and happy remote workforce over the past 15 years. (CEO Matt Mullenweg is sharing many of these lessons and chatting with other folks running distributed companies on Distributed.blog and on the Distributed podcast.) Lots of companies find themselves suddenly switching to a remote work environment, and there’s a learning curve. One of the things that can be seen as challenging is social interaction on the job, which plays a vital role in productivity and mental health. When employees build friendships and strong interpersonal relationships, they enjoy their work more and do a better job overall. And if you’re reading this, thinking you don’t know anyone whose work improves when they have strong social bonds among colleagues, you do now — it’s me! As an extrovert, I get energized when I’m able to see people and faces, especially in person, but also online. I’m a conversational learner, too, so ideas stick better in my brain when I have the chance to discuss and brainstorm topics in real time with teammates. These days, it seems teleconferencing software is as commonplace as coffee shops in Seattle. “Zoom” has become part of our vocabulary, helping us to remain close with family and friends (albeit not physically), and it’s become fodder for marketing and advertising campaigns. It’s also our preferred conference tool at Automattic, and we use it for a wide range of work gatherings, like town halls and team meetings. But that’s not all we use it for. Knowing that social communication is vital to ensuring a strong culture of camaraderie, we use Zoom to hang out together: We host open mic nights, break out our pencil crayons and color collectively, or do some chair yoga with one another. We’ll also grab a beverage of choice — coffee, beer, Soylent, tea, a crisp rosé — and join a happy hour. In addition to maximizing online communication tools, we strengthen our collegial relationships offline. For example, we take advantage of the fact that we are distributed all over the world and send postcards to one another. Whatever we do, we do it because we know that social connection is important. That we’re not going to work in the same physical office just means that we have to be more intentional about making the time, and carving out the (virtual) space, to connect with coworkers. To help inspire other businesses with newly distributed workforces, we’ve put together a resource that lists the many ways we communicate socially at Automattic. You can find it on this page.

Making DNS record changes more reliable

CloudFlare Blog -

DNS is the very first step in accessing any website, API, or pretty much anything on the Internet, which makes it mission-critical to keeping your site up and running. This week, we are launching two significant changes that allow our customers to better maintain and update their DNS records. For customers who use Cloudflare as their authoritative DNS provider, we’ve added a much asked for feature: confirmation to DNS record edits. For our secondary DNS customers, we’re excited to provide a brand new onboarding experience.Confirm and CommitOne of the benefits of using Cloudflare DNS is that changes quickly propagate to our 200+ data centers. And I mean very quickly: DNS propagation typically takes <5 seconds worldwide. Our UI was set up to allow customers to edit records, click out of the input box, and boom! The record has propagated!There are a lot of advantages to fast DNS, but there's also one clear downside – it leaves room for fat fingering. What if you accidentally toggle the proxy icon, or mistype the content of your DNS record? This could result in users not being able to access your website or API and could cause a significant outage. To protect customers from these kinds of mistakes, we've added a Save button for DNS record changes.Now editing records in the DNS table allows you to take an extra look before committing the change. The new confirmation layout applies to all record types and affects any content, TTL, or proxy status changes.Let us know what you think by filling out the feedback survey linked at the top of the DNS tab in the dashboard.

Secondary DNS — A faster, more resilient way to serve your DNS records

CloudFlare Blog -

What is secondary DNS, and why is it important?In DNS, nameservers are responsible for serving DNS records for a zone. How the DNS records populate into the nameservers differs based on the type of nameserver.A primary master is a nameserver that manages a zone’s DNS records. This is where the zone file is maintained and where DNS records are added, removed, and modified. However, relying on one DNS server can be risky. What if that server goes down, or your DNS provider has an outage? If you run a storefront, then your customers would have to wait until your DNS server is back up to access your site. If your website were a brick and mortar store, this would be effectively like boarding up the door while customers are trying to get in.This type of outage can be very costly.Now imagine you have another DNS server that has a replica of your DNS records. Wouldn’t it be great to have it as a back-up if your primary nameserver went down? Or better yet, what if both served your DNS records at all times— this could help decrease the latency of DNS requests, distribute the load between DNS servers, and add resiliency to your infrastructure! And that’s precisely what Secondary DNS nameservers were built for.As businesses grow, they often scale their DNS infrastructure. We’re seeing more customers move away from two or three on-premise DNS servers to using a managed DNS provider to having multiple DNS vendors—all to increase redundancy against the possibility of a DDoS attack taking down one of their providers. Cloudflare has data centers in over 200 cities, all of which run our DNS software allowing our authoritative DNS customers to benefit from DNS lookups averaging around 11ms globally. So we decided to expand this functionality to customers who want to use more than one DNS provider, or for those that find it too complicated to move away from their on-premise DNS server.Customer ChallengesWhen we first built our secondary DNS product, our MVP was focused on functionality and not ease of use. We did this because we thought that this feature would be used by a small portion of our Enterprise customers and that they would be comfortable using the API. But the demand for secondary DNS was far greater than we initially imagined. Many customers are interested in the service, including those who aren't comfortable managing DNS  through the API.Previously, setting up secondary DNS on a zone required a series of API calls: one for creating the zone, one for defining the IP address and settings of the master server, one for linking the master(s) to the zone, and one for initiating a zone transfer.We heard from customers that this experience was frustrating. There were also a lot of places where the setup could go wrong: some customers would forget to link a master to their zone, others would forget a step when adding subsequent zones, and still others would have to spend hours debugging a typo in their API call. We believe secondary DNS customers should have as seamless an experience as our authoritative DNS customers, and shouldn’t be treated as secondary (pun intended) class citizens. When creating the onboarding UI, we asked ourselves, how can we simplify the experience to just a few input fields? How do we prevent customers from making easy, potentially messy mistakes, like forgetting to attach a master?Enter: The new Secondary DNS Onboarding ExperienceStarting today, enterprise customers who are entitled to secondary DNS will be able to configure their zone in the Cloudflare Dashboard. The time from when they type in their domain name to when they see their records in the dashboard is less than two minutes. We’ve added error prevention to stop customers from adding their zone until they’ve configured at least one master. Customers will also be able to review their transferred records before finishing the onboarding process, allowing them to see what was transferred, without juggling API calls and and switching back and forth between the dashboard and a support article.How It LooksThe “Add Site” flow in the Cloudflare Dashboard gives customers two options: Authoritative or Secondary DNS. Next, they will need to fill out the IP address of their master server, attach a TSIG (Transactional Signature) to authenticate zone transfers, and voila! In just a few clicks, records populate to your DNS table. The Intricacies of Secondary DNSAs mentioned above, primary nameservers are where DNS records are managed, and secondary nameservers are responsible for holding the read-only replica of those records. But how do they get there? The communication between a primary master and a secondary nameserver is known as a zone transfer.Master servers use SOA (Start of Authority) records to keep track of zone updates. Every time a zone file changes (say you add or remove a DNS record), the serial number of the SOA record is incremented as a way to signal secondary nameservers that the zone updated, and it’s time to fetch a fresh copy.Primary masters can send a NOTIFY message to a secondary master to signal a zone file change. Once the secondary receives the NOTIFY, it will do an SOA sanity check against the master and perform a zone transfer if it sees that the SOA value has increased. An AXFR or IXFR query can initiate the zone transfer. An AXFR query initiates a full zone transfer and is usually requested the very first time a zone is transferred. But AXFR transfers are not always necessary as most zone file changes are minute. This is why IXFR (incremental zone transfer) requests were created— they tell a master server which version of the zone a secondary currently holds and the master sends the difference between the new version and the one the secondary has— this way only the new changes are transferred. Some masters, unfortunately, do not support NOTIFY queries. This means that instead of the master notifying the secondary of zone updates, the secondary needs to periodically check the SOA of the primary server to see if the value has changed.Securing Zone TransfersZone transfers between a primary and secondary server are unauthenticated on their own. TSIGs (Transactional Signatures) were developed as a means to add authentication to the DNS protocol, and have mostly been used for zone transfers. They provide mutual authentication between a client and a server by using a shared secret between the two parties and a one-way keyed hash function, which is attached as a TSIG record to a DNS message. The TSIG record guarantees that only secondary nameservers with the TSIG can pull zone transfers from a master. And vice versa, secondary servers will only accept zone transfers from masters that have the proper TSIG attached. Additionally, TSIGs provide data integrity and ensure that the DNS message was not modified en route.We support TSIGs and highly recommend that you add it when configuring your master.Extending DNS Analytics to Secondary DNSSetting up a secondary zone on Cloudflare is a simple process with the new onboarding UI. In just a few clicks, Cloudflare’s nameservers in all 200+ cities will begin responding to DNS queries. In addition to serving DNS records, secondary DNS customers will also be able to see the same DNS analytics that we provide to our authoritative DNS customers. The analytics show a breakdown of DNS traffic by record type, response code, and even geographical regions.One of our customers, Big Cartel, runs an E-commerce platform that has helped people all over the world sell $2.5 billion of their work since 2005. As they grow, Cloudflare’s secondary DNS product helps keep their site fast and reliable:“At Big Cartel, we provide an online storefront for our customers. We need to be always available and avoid any chances of downtime — eliminating all single points of failure is critical for us. With Cloudflare's Secondary DNS, we can do just that! It keeps our DNS infrastructure more resilient while allowing our customers to benefit from fast query times. Additionally, using Cloudflare's Secondary DNS analytics provides granular insights into how our traffic is balanced between our DNS providers” - Lee Jensen, Technical DirectorGetting StartedSecondary DNS is currently available on the Enterprise plan, if you’d like to take advantage of it, please let your account team know. For additional documentation on Secondary DNS, please refer to our support article.

How to Scale Facebook Ads: 4 Ways

Social Media Examiner -

Want to maximize the results of your top-performing Facebook ads? Looking for ways to get more leads or sales from your existing Facebook ad campaigns? In this article, you’ll discover four horizontal and vertical ad-scaling techniques for Facebook ads. Horizontal Facebook Ad Scaling To scale your Facebook ads for reach, try adding new ad sets […] The post How to Scale Facebook Ads: 4 Ways appeared first on Social Media Marketing | Social Media Examiner.

Facebook Shops and Shops on Instagram: New Business Tools for Marketers

Social Media Examiner -

Welcome to this week’s edition of the Social Media Marketing Talk Show, a news show for marketers who want to stay on the leading edge of social media. On this week’s Social Media Marketing Talk Show, we explore Facebook Shops and Shops on Instagram with special guest, Allie Bloyd. Tune Into the Social Media Marketing […] The post Facebook Shops and Shops on Instagram: New Business Tools for Marketers appeared first on Social Media Marketing | Social Media Examiner.

.STORE: Unlock Business Potential This Lockdown

Reseller Club Blog -

If the COVID-19 crisis has taught us anything, it’s that the Internet is King. I’m sitting at home, writing this blog which I will upload soon, exactly as I would’ve done if I were sitting at my office desk. I take all my meeting appointments exactly as I would’ve done at work (only, virtually, this time). We’ve been fortunate enough to have the option to work from home and keep our business going, thanks to the Internet. While the world wide web has been around for 30 years, the COVID-19 crisis has catapulted the dependence on digital. I have a few predictions for life post the lockdown (or as I like to call it, ‘the after-life’): Many companies will shift to a work-from-home model, saving commute time and office rent More will seek out online classes, online certifications (major educational institutions like Harvard, MIT & Stanford are offering online courses that you can take, at home, from another part of the world) Online businesses are going to sprout in every industry (Online dance classes? Yes, please. Online baking? You bet.) E-commerce will see a boom (a demand not just for clothes, makeup and mobile phones, but daily groceries, meats, vegetables, medicines and more). So, what better time than now to invest in .STORE domain names? Your customers are going to want to capitalize on the demand in these times, especially in the e-commerce industry. .STORE fits bang at the centre of this dynamic.  Who is .STORE for? Some of the biggest brands are already on the .STORE domain. .STORE is for: Fortune 500 companies Artists who want to sell online Huge clothing, books, gadget retailers Amazon.store Fashion brands Jimmychoo.store Sport brands Nike.store While it  is valid for the industries mentioned above, it is even more essential today for: Grocery stores (think: the mom & pop shop across the street) Chemists (to be able to serve customers who need to order online and can’t leave home) Cold storage for meats Vegetable vendors Supermarkets In this lockdown period, I haven’t been out of my house in 60 days. Luckily for me, I simply pick up my phone, place an order online and my local supermarket delivers my groceries at home.  Why choose .STORE? Think of www.medicines.store and www.groceries.store. Doesn’t that website address stay with you? A .STORE domain name is/has: Relevant Memorable  High recall value So, let your customers take their business to the world. Help your local supermarket or your local dance classes get online and run their business. A .STORE domain is for anyone and everyone who provides a service, a product, a subscription online, anything.  Buy .STORE domains at a price of just x today and resell it for a profit! Read more articles from our Domains category. .fb_iframe_widget_fluid_desktop iframe { width: 100% !important; } The post .STORE: Unlock Business Potential This Lockdown appeared first on ResellerClub Blog.

Exciting Upgrades to the Dedicated Hosting Platform

InMotion Hosting Blog -

Our dedicated hosting products are going through…some changes. Continuing to serve the needs of the advanced enterprise operation, the dedicated hosting platform brings you the ultimate in speed and security—now with impressive upgrades. Check out the new Dedicated line. Upgrade Rundown We’ve gone through all of our dedicated hosting packages and upgraded hardware across the board. Some of our competitors might think we’ve gone too far with the combination of features and price, but we think it’s just right. Continue reading Exciting Upgrades to the Dedicated Hosting Platform at InMotion Hosting Blog.

How to Migrate WordPress From Localhost to Live Server

Reseller Club Blog -

Great, you are done developing and testing your WordPress website on your local setup. You have ironed out all the problems and are happy with the results.  What next? The next step is to make it live, so your users can get to it.  The big question is, ‘How do you go about migrating your WordPress site from your localhost to the live server?’ Well, that is what this article is all about. We will cover two ways to help you publish your WordPress website: Using a plugin  Manually We recommend the first method as it is easy for both techies and the not-so-tech-savvy. Also, this method works seamlessly for all hosting providers. However, do go through the manual method as well, in case the plugin fails (for whatever reason) or you want tighter control of all the aspects of migration. Let us jump right in. Migrating WordPress site to live server from a localhost While we are going to use the Duplicator plugin for this article, you can use any other suitable plugin. Here are a few that you could consider: All-in-One WP migration UpdraftPlus WordPress Backup Plugin Migrate Guru WP Migrate DB BackupBuddy VaultPress Step 1: Install and activate the Duplicator Plugin on the localhost Start by installing and activating the Duplicator plugin on the WordPress site hosted on the localhost.  Navigate to ‘Add Plugins’ and search for ‘Duplicator’. Once you find it, click on ‘Install Now’ Do not forget to activate the plugin after installation completes. Step 2: Create a package Package here refers to two files: a zipped archive of your website and an installer.php file to install the archive contents on the live server. To get these files generated, you first need to create a package.  On the left, navigate to the Duplicator menu on the menu bar, and click the Packages submenu. Next, click on the ‘Create New’ button that shows up on the right-hand corner of the screen. Fill in the package name and press ‘Next’ on the next screen. Once the scanning is complete, you will see a screen with a ‘Build’ button at the bottom. Click it to start building the package. The building may take some time. Once completed, it will create a zipped archive that contains your website’s content, plugins, themes, database and all the WordPress files. Once the Duplicator plugin has built the package, you will be presented with a screen that allows you to download the generated files to your computer. You can choose to download the Archive and Installer separately, or together, by using the ‘One Click Download’ option. Step 3: Use an FTP client to transfer the Archive (ZIP) and installer.php to the live server Once you have the generated archive and installer.php, you need to transfer these files to the live server where they can be used to prepare a WordPress installation for your live website. You can use any FTP (File Transfer Protocol) client for this purpose – we prefer FileZilla as it is free and the most popular one out there. FileZilla also allows you the option to use SFTP (Secure FTP) to transfer your files over a secure connection.  Enter the hostname and FTP/SFTP credentials of your live server to make a live connection. Upload the Archive and installer.php to the root web folder (usually public_html) on your live server (you will find these files in the location you downloaded them to in the previous step) Step 4: Run installer.php on the Live Server Now that you have the required files on the live server, it is time to execute installer.php. Point your browser to http://<yourdomainname>/installer.php. This will launch the Duplicator installer. Simply click on ‘Next’ and keep moving. https://theme-fusion.com/wp-content/uploads/2018/10/doc_duplicator_deploy_step1.jpg NOTE: Before moving to the next step, you may want to remove the previous data (if any) from the live server database. You can use the Database Manager to do this. This will reduce the chances of any leftover data causing any kind of issue later. The next step will ask for your database credentials. Fill in the required information and click on ‘Next’. https://theme-fusion.com/wp-content/uploads/2018/10/doc_duplicator_deploy_step2_options-1200×1037.jpg Step 5: Update site data and test  live website Confirm the settings on the next screen and click on ‘Next’. https://theme-fusion.com/wp-content/uploads/2018/10/doc_duplicator_deploy_step3_update_data-1200×1033.jpg Click the ‘Admin Login’ button on the ‘Test’ screen and your familiar wp-login will popup.  Login and navigate through the site and ensure everything is as you want. https://theme-fusion.com/wp-content/uploads/2018/10/doc_duplicator_deploy_step4_test_site-1200×784.jpg Note: To keep your website secure, deactivate the plugins you do not need (including the Duplicator plugin). Congratulations! You have successfully transferred WordPress site from localhost to server, with the plugin handling all the complexities of the process.  Migrate WordPress site to the live server manually In Migration of WordPress manually, you can use different tools to export database files from local setup and import it to live server as well there are also FTP clients, cPanel to transfer WP files. Step 1: Transfer WordPress Files to the live server Use any FTP client; go to the root folder of your WordPress installation on your local server. Connect to your live server and upload all the contained files to the public_html directory of your domain directory. Using cPanel to achieve the same is also perfectly fine. Step 2: Export the local database Using the phpMyAdmin on your local server, select your WordPress database on the left and use the top menu bar to navigate to Export. Quick Export Method, and click on ‘Go’. This will create a ‘.sql’ file in your download file, containing the commands for your exported database. You can also choose to export to an archive file instead of creating an SQL file. Step 3: Import the database on the live server You can either use the phpMyAdmin interface or Database Manager. Import the DB file you generated in the previous step to the live server database. Make sure the newly created database has the needed privileges for the DB user. https://www.wpblog.com/wp-content/uploads/2019/10/17.png Step 4: Update the values for siteurl, home and blog name options  Navigate to the wp_options table, and click on ‘Select Data’ You need to change the values of siteurl, home and blog name to your website’s URL. https://www.wpblog.com/wp-content/uploads/2019/10/22-1.png Step 5: Update your wp-config.php Once you are done setting up the DB and getting all your files to the live server, you may need to change some settings on the wp-config.php to match them with your database. Verify these settings: define(‘DB_NAME’, ‘database name’); define(‘DB_USER’, ‘database user’); define(‘DB_PASSWORD’, ‘database_password’); define(‘DB_HOST’, ‘server name holding your database (usually localhost)’); Step 6: Activate your SSL certificate on the live server Finally, protect your live WordPress website with your SSL certificate. (assuming you have already installed it on the live server). ​Introduce these two lines in wp-config.php just above the line that​ reads ‘/* Tdefine(‘FORCE_SSL’, true); define(‘FORCE_SSL_ADMIN’,true); That’s it. You now know of two ways to migrate WordPress from localhost to server. Choose a plugin to make things easier. Or, use the manual method if you want more control over the steps. You are now ready to showcase your WordPress website to the world. To know more about WordPress CMS, hosting and features of WordPress, read more from our WordPress Blogs Category.   .fb_iframe_widget_fluid_desktop iframe { width: 100% !important; } The post How to Migrate WordPress From Localhost to Live Server appeared first on ResellerClub Blog.

Add a Post Carousel and Embed a Podcast Player in Seconds with Our Two Latest Blocks

WordPress.com News -

The WordPress editor keeps expanding its library of blocks, adding new and exciting functionality to websites on a regular basis. After a crop of new business-related blocks last month, our most recent additions will appeal to three communities we hold close to our heart: podcasters, podcast lovers, and bloggers. Use the Podcast Player block to spread the word about your favorite episodes Podcasts have been an unstoppable cultural force for several years now — and the format seems to have only grown in popularity in recent months, as so many of us are at home and looking for entertainment and (occasionally?) enlightenment. Are you a podcaster? Add the Podcast Player block to share your passion project with your visitors, embedding your podcast’s latest episodes on any post or page on your website. If you haven’t launched a podcast (for now, anyway), but are still an avid listener, you can now embed episodes from others’ shows within your own content so readers can listen to them without ever leaving your site. Once you choose the Podcast Player block from the available blocks in the editor, you won’t need any special codes or embed links. The only information you’ll have to provide is the podcast’s RSS feed URL (not sure where to find it? The information will be readily available on your preferred podcast platform.) Here’s what the podcast player will look like on your site — the example below features the latest episode on the Distributed podcast, hosted by Automattic CEO Matt Mullenweg: Episode 20: Adam Gazzaley on the Distracted Mind During a Crisis – Distributed, with Matt Mullenweg Episode 20: Adam Gazzaley on the Distracted Mind During a Crisis {"attributes":{"url":"https:\/\/distributed.blog\/category\/podcast\/feed\/","itemsToShow":1,"showEpisodeDescription":false,"showCoverArt":true},"title":"Distributed, with Matt Mullenweg","link":"https:\/\/distributed.blog\/","cover":"https:\/\/i1.wp.com\/distributed.blog\/wp-content\/uploads\/2019\/05\/distributed_cover.jpg?fit=3000%2C3000&ssl=1","tracks":[{"id":"podcast-track-1","link":"https:\/\/distributed.blog\/2020\/04\/29\/adam-gazzaley-distracted-mind\/","src":"https:\/\/distributed.blog\/wp-content\/uploads\/2020\/04\/distributed-episode-20-with-adam-gazzaley.mp3","type":"audio\/mpeg","description":"Matt Mullenweg speaks with neuroscientist Dr. Adam Gazzaley, co-author of the book The Distracted Mind: Ancient Brains in a High-Tech World, about how our brains work, particularly during times like the current pandemic. How does the brain handle internal and external stimuli, and what do we know about the effect of practices like meditation, exercise, nutrition, and sleep?","title":"Episode 20: Adam Gazzaley on the Distracted Mind During a Crisis"}],"playerId":"jetpack-podcast-player-block-1"} ( function( instanceId ) { document.getElementById( instanceId ).classList.remove( 'is-default' ); window.jetpackPodcastPlayers=(window.jetpackPodcastPlayers||[]); window.jetpackPodcastPlayers.push( instanceId ); } )( "jetpack-podcast-player-block-1" ); You can customize the Podcast Player block in a number of ways, from specifying how many of the most recent episodes to display, to deciding whether or not you’d like to show each episode’s description. Whether you feature your own podcast or someone else’s, you get to design the listener’s experience on your site. Learn more about adding and customizing the Podcast Episode block. Keep readers reading with the Post Carousel block Sooner or later, both veteran bloggers and newer creators encounter a similar issue: publishing frequently helps energize your audience (and gives you an SEO boost, too), but also makes older posts tougher to find. The Post Carousel block comes to the rescue, providing an easy gateway to the treasures in your blog’s archives. Add the Post Carousel block to any post or page on your site to encourage visitors to explore more posts (by default, the block will display your most recent ones). For a post to show up in the carousel, it needs to have a featured image; the idea is to engage and entice readers with strong visuals they’ll want to click on. To get a taste of the carousel in action, here’s one highlighting the five most recent posts on the WordPress.com Blog: Add a Post Carousel and Embed a Podcast Player in Seconds with Our Two Latest Blocks by Jerry Jones May 22, 2020 Expert Advice: SEO and Content Marketing by Kasey Steinbrinck May 21, 2020 10 Ways to Make Your Site More Accessible by Cheri Lucas Rowlands May 21, 2020 Say Hello to the WordPress Block Editor by Dave Martin May 18, 2020 Coming Soon: Make Your Site Private Until You’re Ready to Launch by Adam Zieliński May 15, 2020 For a more curated experience, you can customize what the post carousel shows. A post about your cauliflower taco recipe might call for a carousel showing other recipes that share the “vegan” tag or category. If you run a multi-author online magazine, consider presenting other stories by the same contributor. You can also configure how many items each carousel displays and whether it automatically slides from one featured post to another (among other options). Learn more about adding and customizing the Post Carousel block. We hope you give these two new blocks a try — leave a comment if you have any questions, or if you’d like to share a link to a post where you’ve already used them.

Improving Conversion Rates Starts With a Great Call To Action

InMotion Hosting Blog -

It’s pointless to have a website where you sell products or services, but don’t have a call to action (CTA).  In many ways, the success of any marketing campaign you put together depends on the quality of the CTA and how easy it is for customers to make a transaction.  A call to action is defined as a prompt located on a website urging visitors to take a certain action.  This could be anything like “Buy Now,” “Sign Up Today” or “Contact Us” and could be in the form of a simple hyperlink, an icon, button or many more options.  The best call to actions entice and compel the visitor to take immediate action, whether it’s purchasing something, reading more, signing up or anything else your marketing campaign is promoting.  Without a clear call to action in multiple places on your website, your visitors may move on to other websites after looking for a couple of seconds.  In other words, customers need guidance when they visit your website and a call to action is the way to give it to them. Continue reading Improving Conversion Rates Starts With a Great Call To Action at InMotion Hosting Blog.

Boost Your Domain Authority Score For Higher Website Visibility

InMotion Hosting Blog -

It doesn’t do any good to build a website if no one comes to see it.  Search Engine Optimization (SEO) is important for ensuring your website shows up high in search engine rankings.  The better the SEO of your website is, the higher up it will appear in the listing when people do a search relevant to your industry. But how do you know if your SEO is up to par to have a high ranking? Continue reading Boost Your Domain Authority Score For Higher Website Visibility at InMotion Hosting Blog.

WP Engine Releases make|SHIFT, Groundbreaking Documentary Highlighting How Creative Technology Has and Will Continue to Transform Advertising

WP Engine -

AUSTIN, Texas — May 22, 2020 — WP Engine, the WordPress Digital Experience Platform (DXP), today announced the public release of the full-length documentary make|SHIFT, which explores the history of modern advertising and the role that creative technology played in its evolution. The film highlights the makers, agencies, and brands who had the courage to… The post WP Engine Releases make|SHIFT, Groundbreaking Documentary Highlighting How Creative Technology Has and Will Continue to Transform Advertising appeared first on WP Engine.

Releasing Cloudflare Access’ most requested feature

CloudFlare Blog -

Cloudflare Access, part of Cloudflare for Teams, replaces legacy corporate VPNs with Cloudflare’s global network. Instead of starting a VPN client to backhaul traffic through an office, users visit the hostname of an internal application and login with your team’s SSO provider. While the applications feel like SaaS apps for end users, your security and IT departments can configure granular controls and audit logging in a single place.Since Access launched two years ago, customers have been able to integrate multiple SSO providers at the same time. This MultiSSO option makes it seamless for teams to have employees login with Okta or Azure AD while partners and contractors use LinkedIN or GitHub.The integrations always applied globally. Users would see all SSO options when connecting to any application protected by Cloudflare Access. As more organizations use Cloudflare Access to connect distributed and mixed workforces to resources, listing every provider on every app no longer scales.For example, your team might have an internal GitLab instance that only employees need to access using your corporate G Suite login. Meanwhile, the marketing department needs to share QA versions of new sites with an external agency who authenticates with LinkedIn. Asking both sets of users to pick an SSO provider on both applications adds a redundant step and can lead to additional questions or IT tickets.The ability to only show users the relevant identity provider became the most requested feature in Cloudflare Access in the last few months. Starting today, you can use the new Cloudflare for Teams UI to configure identity options on individual applications.Cloudflare AccessCloudflare Access secures applications by applying zero-trust enforcement to every request. Rather than trusting anyone on a private network, Access checks for identity any time someone attempts to reach the application. With Cloudflare’s global network, that check takes place in a data center in over 200 cities around the world to avoid compromising performance.Behind the scenes, administrators build rules to decide who should be able to reach the tools protected by Access. In turn, when users need to connect to those tools, they are prompted to authenticate with one of the identity provider options. Cloudflare Access checks their login against the list of allowed users and, if permitted, allows the request to proceed.The challenge of agreeing on identityMost zero-trust options, like the VPN appliances they replace, rely on one source of identity. If your team has an application that you need to share with partners or contractors, you need to collectively agree on a single standard.Some teams opt to solve that challenge by onboarding external users to their own identity provider. When contractors join a project, the IT department receives help desk tickets to create new user accounts in the organization directory. Contractors receive instructions on how to sign-up, they spend time creating passwords and learning the new tool, and then use those credentials to login.This option gives an organization control of identity, but adds overhead in terms of time and cost. The project owner also needs to pay for new SSO seat licenses, even if those seats are temporary. The IT department must spend time onboarding, helping, and then offboarding those user accounts. And the users themselves need to learn a new system and manage yet another password - this one with permission to your internal resources.Alternatively, other groups decide to “federate” identity. In this flow, an organization will connect their own directory service to their partner’s equivalent service. External users login with their own credentials, but administrators do the work to merge the two services to trust one another.While this method avoids introducing new passwords, both organizations need to agree to dedicate time to integrate their identity providers - assuming that those providers can integrate. Businesses then need to configure this setup with each contractor or partner group. This model also requires that external users be part of a larger organization, making it unavailable to single users or freelancers.Cloudflare Access avoids forcing the decision on a single source of identity by supporting multiple. When users connect, they are presented with those options. Users choose their specific provider and Access checks that individual’s login against the list of allowed users.Configuring per-app optionsNot all of those options apply to every application that an organization secures. To segment those applications, and reduce user confusion, you can now scope specific apps to different providers.To get started, select the application that you want to segment with a particular provider in the Cloudflare for Teams UI. Click the tab titled “Authentication”.The tab will list all providers integrated with your account. By default, Access will continue to enable all options for end users. You can toggle any provider on or off in this view and save. The next time your users visit this application, they will only see the options enabled.If you disable all but one option, Access will skip the login page entirely and redirect the user directly to the provider - saving them an unnecessary click.What’s next?You can start configuring individual identity providers with specific applications in the new Cloudflare for Teams dashboard. Additional documentation is also available.The new Teams UI makes this feature possible, but the login page that your end users see still has the legacy design from the older Access dashboard that launched two years ago. Cloudflare for Teams will be releasing a style update to that page in the next month to bring it in line with this new UI.

Facebook Organic Reach: How to Develop an Engaged Following

Social Media Examiner -

Want a more engaged Facebook following? Looking for creative ways to leverage organic marketing rather than ads? To explore how to develop an engaged organic following on Facebook, I interview Fallon Zoe on the Social Media Marketing Podcast. Fallon is an organic reach expert who specializes in Facebook. Her Facebook-focused membership community for female business […] The post Facebook Organic Reach: How to Develop an Engaged Following appeared first on Social Media Marketing | Social Media Examiner.

How to Migrate WordPress From Localhost to Live Server

Reseller Club Blog -

Great, you are done developing and testing your WordPress website on your local setup. You have ironed out all the problems and are happy with the results.  What next? The next step is to make it live, so your users can get to it.  The big question is, ‘How do you go about migrating your WordPress site from your localhost to the live server?’ Well, that is what this article is all about. We will cover two ways to help you publish your WordPress website: Using a plugin  Manually We recommend the first method as it is easy for both techies and the not-so-tech-savvy. Also, this method works seamlessly for all hosting providers. However, do go through the manual method as well, in case the plugin fails (for whatever reason) or you want tighter control of all the aspects of  migration. Let us jump right in. Migrating WordPress site to live server from a localhost While we are going to use the Duplicator plugin for this article, you can  use any other suitable plugin. Here are a few that you could consider: All-in-One WP migration UpdraftPlus WordPress Backup Plugin Migrate Guru WP Migrate DB BackupBuddy VaultPress Step 1: Install and activate the Duplicator Plugin on the localhost Start by installing and activating the Duplicator plugin on the WordPress site hosted on the localhost.  Navigate to ‘Add Plugins’ and search for ‘Duplicator’. Once you find it, click on ‘Install Now’ Do not forget to activate the plugin after installation completes. Step 2: Create a package Package here refers to two files: a zipped archive of your website and an installer.php file to install the archive contents on the live server. To get these files generated, you first need to create a package.  On the left, navigate to the Duplicator menu on the menu bar,and click the Packages submenu. Next, click on the ‘Create New’ button that shows up on the right hand corner of the screen. Fill in the package name and press ‘Next’ on the next screen. Once the scanning is complete, you will see a screen with a ‘Build’ button at the bottom. Click it to start building the package. The building may take some time. Once completed, it will create a zipped archive that contains your website’s content, plugins, themes, database and all the WordPress files. Once the Duplicator plugin has built the package, you will be presented with a screen that allows you to download the generated files to your computer. You can choose to download the Archive and Installer separately, or together, by using the ‘One Click Download’ option. Step 3: Use an FTP client to transfer the Archive (ZIP) and installer.php to the live server Once you have the generated archive and installer.php, you need to transfer these files to the live server where they can be used to prepare a WordPress installation for your live website. You can use any FTP (File Transfer Protocol) client for this purpose – we prefer FileZilla as it is free and the most popular one out there. FileZilla also allows you the option to use SFTP (Secure FTP) to transfer your files over a secure connection.  Enter the hostname and FTP/SFTP credentials of your live server to make a live connection. Upload the Archive and installer.php to the root web folder (usually public_html) on your live server (you will find these files in the location you downloaded them to in the previous step) Step 4: Run installer.php on the Live Server Now that you have the required files on the live server, it is time to execute installer.php. Point your browser to http://<yourdomainname>/installer.php. This will launch the Duplicator installer. Simply click on ‘Next and keep moving. NOTE: Before moving to the next step, you may want to remove the previous data (if any) from the live server database. You can use the Database Manager to do this. This will reduce the chances of any leftover data causing any kind of issue later. The next step will ask for your database credentials. Fill in the required information and click on ‘Next’. Step 5: Update site data and test  live website Confirm the settings on the next screen and click on ‘Next’. Click the ‘Admin Login’  button on the ‘Test’ screen and your familiar wp-login will popup.  Login and navigate through the site and ensure everything is as you want. Note: To keep your website secure, deactivate the plugins you do not need (including the Duplicator plugin). Congratulations! You have successfully transferred WordPress site from localhost to server, with the plugin handling all  the complexities of the process.  Migrate WordPress site to the live server manually In Migration of WordPress manually, you can use different tools to export database files from local setup and import it to live server as well there are also FTP clients, cPanel to transfer WP files. Step 1: Transfer WordPress Files to the live server Use any FTP client; go to the root folder of your WordPress installation on your local server. Connect to your live server and upload all the contained files to the public_html directory of your domain directory. Using cPanel to achieve the same is also perfectly fine. Step 2: Export the local database Using the phpMyAdmin on your local server, select your WordPress database on the left and use the top menu bar to navigate to Export.Quick Export Method, and click on ‘Go’. This will create a ‘.sql’ file in your download file, containing the commands for your exported database. You can also choose to export to an archive file instead of creating an SQL file. Step 3: Import the database on the live server You can either use the phpMyAdmin interface or Database Manager. Import the DB file you generated in the previous step to the live server database. Make sure the newly created database has the needed privileges for the DB user. https://www.wpblog.com/wp-content/uploads/2019/10/17.png Step 4: Update the values for siteurl, home and blog name options  Navigate to the wp_options table, and click on ‘Select Data’ You need to change the values of siteurl, home and blog name to your website’s URL. https://www.wpblog.com/wp-content/uploads/2019/10/22-1.png Step 5: Update your wp-config.php Once you are done setting up the DB and getting all your files to the live server, you may need to change some settings on the wp-config.php to match them with your database. Verify these settings: define(‘DB_NAME’, ‘database name’); define(‘DB_USER’, ‘database user’); define(‘DB_PASSWORD’, ‘database_password’); define(‘DB_HOST’, ‘server name holding your database (usually localhost)’); Step 6: Activate your SSL certificate on the live server Finally, protect your live WordPress website with your SSL certificate. (assuming you have already installed it on the live server). ​Introduce these two lines in wp-config.php just above the line that​ reads ‘/* Tdefine(‘FORCE_SSL’, true); define(‘FORCE_SSL_ADMIN’,true); That’s it. You now know of two ways to migrate WordPress from localhost to server. Choose a plugin to make things easier. Or, use the manual method if you want more control over the steps. You are now ready to showcase your WordPress website to the world. To know more about WordPress CMS, hosting and features of WordPress, read more from our WordPress Blogs Category.   .fb_iframe_widget_fluid_desktop iframe { width: 100% !important; } The post How to Migrate WordPress From Localhost to Live Server appeared first on ResellerClub Blog.

Grow and Succeed Together With LinkedIn Groups

LinkedIn Official Blog -

Now more than ever we are seeing the critical role that community plays as we navigate our lives. Professionals around the globe join LinkedIn Groups to extend their networks and connect with school classmates, company colleagues, alumni, or professionals who share common interests. As a group owner or manager, you play a pivotal role in the way people interact and feel supported by like-minded professionals. Starting a LinkedIn group Before you get started, ask yourself: What is the purpose of... .

Transparency Report: Second half of 2019

LinkedIn Official Blog -

Today we’re releasing our latest Transparency Report, addressing government requests we received as well as our own actions to remove inappropriate content and fake accounts from LinkedIn in the July-December 2019 reporting period. We see transparency as crucial to maintaining the trust of our members and building a safe, trusted and professional platform. So what do the numbers show? As expected, across most reporting categories in our Government Report and our Community Report, we continue to... .

Expert Advice: SEO and Content Marketing

WordPress.com News -

You’ve launched your website or started a blog. Congratulations! Now it’s time to attract an audience. You built a website to reach people with your art, ideas, or products and services. We’ve created a free online session to help you do just that.  Register for our next 60-minute webinar, Traffic Control: How to Find and Grow an Audience for your Website, to get advice and guidance on attracting the right people to your site. Date: May 27, 2020Time: 10:00 a.m. PDT | 11:00 a.m. MDT | 12:00 p.m. CDT | 1:00 p.m. EDT | 17:00 UTCCost: Free | Register nowWho’s invited: Content creators, online publishers, and small businesses looking for the best ways to build an audience of loyal customers and dedicated readers. Topics will include: Understanding your audience.Demystifying SEO.How to optimize your site for local visitors.What does “quality content” really mean?Using email, social media, and paid advertising.How to take advantage of WordPress.com’s marketing tools for audience growth. Hosts Chris Smith and Kasey Steinbrinck run their own sites and both have worked with a variety of businesses to help them optimize their websites and create strong content. They’ll help you choose what to focus on so that you can make the most of your time.  After working as an SEO specialist for many years, Chris supports WordPress.com customers with expert advice as a Happiness Engineer. Kasey started his career as a TV news producer and entertainment writer before becoming a content marketer and an independent blogger. Today he works on WordPress.com’s content strategy. The 60-minute webinar will include detailed instructions on WordPress SEO as well as a Q&A session. Seats are limited so register today to reserve your spot.

Pages

Recommended Content

Subscribe to Complete Hosting Guide aggregator