10 Things to know about WordPress Content Creation
(This is part 3 of a 5 part series, click here to see the whole series)
1.) Make a post sticky
If you want a post to be on the front page above all other posts, you can make it sticky. To do this, go the the post’s edit page. Under the Publish panel, click [edit] to the right of Visibility and check the box “Stick this post to the front page”.
2.) Require a password to view a post
You can password protect a posts individually. To do this, go the post’s edit page. Under the Publish panel, click [edit] to the right of Visibility and click the radio box “Password protected” and type a password to view this page. When someone tries to go to this page they’ll be prompted with a password to access.
3.) Schedule posts for the future
Many times you may find yourself writing multiple posts at once, yet it’s best to moderate the frequency of your publishing. This has multiple benefits. To do this, go the the post’s edit page. Under the Publish panel, click [edit] to the right of Publish and set a time in the future for when the post will go live.
4.) Make images “web friendly”
It’s best to make your images larger than they need to be on the page. This means if you took a photo with your digital camera, you should resize it before uploading it to WordPress. Here’s a great Windows add-on for this: http://imageresizer.codeplex.com/
5.) Re-use the same images when possible
You don’t have to upload the same image again if you’ve already uploaded it. From the post edit page, click the [Add an image] icon. Click on the Media Library tab at the top and select an uploaded image.
6.) Spell check your posts and pages
Sometimes even proofreading your content multiple times isn’t enough for mistakes to slip. Use After The Deadline plugin to not only check your spelling, but also check your grammar. You can install it by itself or as the JetPack package (recommended).
7.) Copy and Paste your Microsoft Word content properly
When copying and pasting content from Microsoft Word, many times you’ll get unwanted characters and formatting in your WordPress. If you’re writing your posts in Microsoft Word before posting to WordPress you should be using the Import from Microsoft Word functionality of the TinyMCE editor.
8.) Link to other posts quickly
New to WordPress 3.1 is the ability to search your old posts and add them as a link to a new post. From the post edit page, click the link icon in the TinyMCE editor and click [Or link to existing content]. Here you can search your old posts, click on the post to link and then [Add link].
9.) Easily search and embed content from the web
Researching content for your posts can be painstaking and long. Using the Insights plugin you can easily embed images from Flickr, videos from Youtube, search Wikipedia and more, without ever leaving your blog post. Install the Insights plugin to do this.
10.) Write content for the web
Too many times people write their content like white papers or press releases. The easier users can digest your posts, the more likely they’ll read more of your content and share it. This topic is big and important, so here’s a place to start and a place to explore more.
10 Things to know about WordPress Security
(This is part 2 of a 5 part series, click here to see the whole series)
1.) Hide WordPress files
Don’t allow hackers to find your WordPress, hide them. Here’s a simple trick to help hide WordPress files to the public: http://ox.no/posts/hiding-wordpress-installation-files
2.) Excellent password practices
It’s important to use secure passwords for your WordPress sites (this includes your database password when installing WordPress). Here’s a great site for creating passwords: http://www.safepasswd.com
Even the most secure passwords can sometimes be found. It’s good to update your passwords regularly. Make it a habit to add a monthly reminder into your calendar to update your site’s password.
If you’re going to use a password management tool, I highly recommend LastPass for its YubiKey support. Like most password management tools, all your passwords are protecting under 1 master password. If that one password is found all of your sites maybe compromised. LastPass offers a 2 step authentication which requires a USB key along side your master password to access your vault. To see more: https://lastpass.com/support_screencasts.php?feature=yubikey1
3.) Change your default login link
By default, to login to WordPress you can just put ‘/wp-admin’ at the end of a WordPress powered site to get to the login page. Use the Stealth Login plugin to change the login URL to something like ‘domain.com/mylogin’.
4.) Prevent too many login attempts
To protect yourself from brute force login attempts, make it harder by limiting the number of login attempts to your site with this plugin: Limit Login Attempts
5.) Monitor your WordPress installation
If someone does happen to somehow compromise your site by adding, deleting, or changing a file get a email immediately with this plugin: WordPress File Monitor
6.) Upgrade WordPress to the latest version
WordPress is constantly being updated, many times to fix vulnerabilities. It’s best to have the latest version. See: Updating WordPress
7.) Scan your install after making admin changes
Its possible that plugins, themes, and even posts can open up vulnerabilities in your install. So if you’ve recently done some changes to your WordPress install, you may want to run a security scan before walking away. Here’s a plugin to do so: WP Security Scan
8.) See installing WordPress above
To reiterate, don’t use ‘admin’ as your username, don’t user ‘wp_’ as your database prefix, and don’t create the ‘wp-config.php’ file manually.
9.) Backup your database regularly
Even the most secure site can get hacked. It’s good practice to backup your sites database. If all other security measures fail, you can retrieve your database (posts, pages, comments, plugin/theme configurations) from a backup. Use a plugin to get database backups emailed to you regularly: WP-DB-Backup
10.) I’ve been hacked, what do I do?
Start here: http://codex.wordpress.org/FAQ_My_site_was_hacked
100 Things all WordPress Users Need To Know (a 5 part series)
At WordPress Ann Arbor‘s March meetup John Pratt and I decided to team up and go over a collection of things every WordPress user should know. The idea is to build a base of good practices that all WordPress users new and old can follow. This joint effort will cover 10 different topics, each with 10 different tools/tips. So a total of 100 useful things. John and I did 50 things each and presented it at WordPress A2′s March 2011 meetup.
Over the next 5 days each of us will post our 10 things live. As the posts go live, I’ll update this post with links. So feel free to book mark this page as a table of contents to our content. Get ready to enjoy 20 new WordPress things a day for the next 5 days!
Here are the 10 topics over 5 days:
Day 1
Day 2
Day 3
Day 4
- 10 Things to know about Theme Modification
- 10 WordPress Plugins to Install for Fundamental Functionality
Day 5
10 Things to Know About Setting Up and Installing WordPress
Read all before installing!
(This is part 1 of a 5 part series, click here to see the whole series)
1.) Simple WordPress Install
WordPress is really easy to install. After you have your webhost here’s the quick and dirty on getting WordPress installed. (WordPress shows 5 steps, but you really only need to follow 4, I’ll explain this below.)
- a.) Download WordPress
- b.) Create a database and user
- c.) Upload WordPress files to your webhost
- d.) Follow the on screen step-by-step WordPress instructions
Here’s a video to show you all of these steps for 1and1 webhosting:
2.) Automated WordPress Install
Some webhosts offer automated solutions making it even easier to install. This method can be typically be done through your webhost’s admin panel.
Here are few videos showing how to do with multiple webhosts and their automated method:
3.) More installation Help
WordPress’ recommended ways to install: http://codex.wordpress.org/Installing_WordPress
For some videos: http://wordpress.tv/category/how-to/installation-how-to/
4.) Don’t create a wp-config.php file manually
I know it says this on the WordPress install page (Step 3), but with newer version of WordPress, setting the database credentials can be done through the easy browser-based install. Using the browser install helps prevent errors on modifying PHP code in an important install file.
5.) Don’t use ‘admin’ when installing WordPress
This is a security thing, by default, WordPress has its first user’s name ‘admin’ (pre WP 3.0). Change it to something custom to you. It’ll make it harder for potential hackers to get into your site.
6.) Don’t use ‘wp_’ as your database prefix when install WordPress
Again, another security precaution. This is a WordPress default, change it to something custom to the site. Relating to the previous tip, by changing default values on install you’re eliminating the most common possibility a hacker would use when trying to access your site.
7.) Install more than 1 WordPress site to the same database
Extending 6., by changing your database prefix you can easily install multiple WordPress sites to the same database. Next time you are installing WordPress on the same webhost of an existing install, use the same database credentials. When asked to set the database prefix give it something different than your previous install. You can repeat this multiple times. (It’s not always ideal to install multiple sites on the same database, i.e. – shared web hosts with small databases, heavily trafficked sites.)
8.) Build your site offline
It’s good practice to setup WordPress on your computer locally. When the site is ready to “go live” you can move the files to your webhost. What this means is you would setup a server on your computer and install WordPress to that. Then you would be able to edit and test your site locally without the fear of destroying the live site.
Here’s the 3 step process
- a.) Install WordPress locally
- b.) Create your WordPress site (this is all the things you’d do with any WordPress install)
- c.) Move WordPress to your webhost
9.) Install multiple sites under one WordPress installation
Use WordPress’ multisite feature to manage multiple sites under one install. If you have multiple WordPress sites it can easily become overwhelming to remember to update all your sites, plugins, themes, etc.) With WordPress multisite you can create a super-admin which would allow you to upgrade WordPress once and push it to all of your WordPress installs. This can also be done with your plugins and themes. Using multisite will allow you to create all your users in one location. Setting up a network of sites is a bit more advanced, but here’s some links to helping you do this:
If you’re sites have different domains (i.e. – this.com, that.com more.com) you’ll need to setup domain mapping with this plugin:
Activating WordPress Multisite (vide0)
10.) Still having trouble installing WordPress?
Here’s a comprehensive FAQ that covers the many facets of installing WordPress: http://codex.wordpress.org/FAQ_Installation
See the many other ways to install WordPress: http://codex.wordpress.org/WordPress_Installation_Techniques
If all else falls search and/or submit your question to the WordPress forums: http://wordpress.org/support/
(You’d be surprised to see how fast you’ll get a response back, I know because I’ve battled others to be the first to help someone out!)
Episode 1: 5 WordPress Things
The Beginning
In an effort to start posting more content online, I’m going to be trying something new. For over 5 years in the WordPress community and over a year co-organizing a local WordPress meetup, it only makes sense that I can share more at least once a month. In this new effort, I plan to speak 5-7 minutes on 5 things related to WordPress at each monthly Ferndale WordPress meetup. Each talk will be recorded and posted live for all to share. The content will be WordPress specific, including everything from new plugins, tools and tips, easter eggs, themes, and much more! So without further adeu, here’s the first episode:
Episode 1
1.) WordPress Keyboard Shortcuts
Since WordPress 2.7, moderating comments is much easier with keyboard shortcuts. You can easily enable keyboard shortcuts for comments from your WordPress Admin by clicking Users → Your Profile. Click on the check box next to Keyboard Shortcuts.
Now on your comments page you can use your keyboards to quickly moderate your comments. Try using ‘j‘ and ‘k‘ to move up and down between your comments. Next user ‘a‘ to approve, ‘d‘ to delete, or ‘s’ to mark as spam for the selected comment.
Here is a quick table of keyboard shortcuts for commenting:
| Shortcut | Action |
|---|---|
| j | Moves selection down |
| k | Moves selection up |
| a | Approves the comment |
| s | Marks comment for spam |
| d | Moves the comment to trash |
| z | Undo last action |
| u | Unapproves the comment |
| r | Opens the reply box |
| q | Opens quick edit for the comment |
For more information on keyboard shortcuts, such as bulk edit: http://codex.wordpress.org/Keyboard_Shortcuts
2.) Image Editing
Since WordPress 2.9, simple image editing can easily be done without 3rd party applications or extra plugins. When editing an image in Media, click the Edit Image button below the image preview to open up the image editor.
From here you can do a collection of quick image editing, which includes Crop, Rotate Clockwise, Rotate Counter-clockwise, Flip Horizontally, Flip Vertically, and Scale. There are also a collection of keyboard shortcuts which make it easier to make these changes pixel perfect!
For more information on image editing: http://codex.wordpress.org/Media_Add_New_SubPanel#Edit_Image
3.) Creating Your Admin Space
This is a combination of things, but it’s really important to have a customized WordPress admin that best suites you. So here are some quick tips on making your admin space yours.
- Minimize your admin sidebar for more room.
- Hide/Show functionality across different screens
- Reorganize your panels.
4.) Customizing your site URLs
URL structure is very important for a few reasons such as SEO and user friendliness. Here are a few things to remember when creating your URLs. To start, you need to set your permalinks (Settings → Permalinks).
There are a few templates that WordPress provides, but you can also create your own custom URLs using tokens. Here is a list of tokens to customize your permalinks:
| Token | Shows This |
|---|---|
| %year% | The year of the post, four digits, for example 2004 |
| %monthnum% | Month of the year, for example 05 |
| %day% | Day of the month, for example 28 |
| %hour% | Hour of the day, for example 15 |
| %minute% | Minute of the hour, for example 43 |
| %second% | Second of the minute, for example 33 |
| %post_id% | The unique ID # of the post, for example 423 |
| %postname% | A sanitized version of the post name, typically all lower case, replacing special characters and spaces with hypens. |
| %category% | A sanitized category name (same sanitization as %postname%) |
| %tag% | A sanitized tag name (same sanitization as %postname%) |
| %author% | A sanitized author name (same sanitization as %postname%) |
You can also customize the base category and tag names in your URLs. Instead of showing the word ‘category‘ before your category name you can change it to something such as ‘section‘. Same applies to tag URLs.
Note: Your URLs can follow a hierarchy by creating a parent/child relationship between your pages. (i.e. – For the instruments page below the URL would follow: http://www.site.com/gear/instruments)
For more information on using permalinks: http://codex.wordpress.org/Using_Permalinks
5.) Comparing revisions
Next time you’re editing a post, try comparing revisions. You can compare two revision to find out the changes you’ve made.
Easter Egg: To do this, click on a revision, then below the revision compare the latest revision to itself.
Enjoy!
