Tip: How to show the ManageWP Worker plugin

When you install the ManageWP plugin, you can configure it to be hidden from view so the client website won’t accidentally remove it.

This also hides the plugin from you and, in the case that you want to remove it, makes it slightly more painful than it needs to be.

Simply add the following query parameter on the plugins page to reveal it:

?showWorker=1

This will reveal the plugin so you can manage it.

AMA: What affordable hosting do you recommend?

Morgan E. asks: “I need to switch hosts because mine is super slow and support isn’t helpful, who do you use?”

Hey Morgan this is a super common question I get asked all the time.

The bottom line is there is no one-size-fits-all, permanent solution for this problem. In fact, most hosts change over time. Some improve; some decay.

For example, GoDaddy (in my opinion) had a remarkably bad hosting service when I worked with them a few years ago, but has really improved their hosting and support game lately. Meanwhile, BlueHost has fallen off.

On top of that, each host may be good at one thing while bad at others. Between speed, support, account management, pricing, limitations, and product offering, each host has many opportunities to fail you.

I’ve tried HostGator, 1and1, and A Small Orange as well – each recommended one time or another and none impress me or have my business any longer.

Presently, I recommend Media Temple for your standard shared hosting needs. They have fair pricing, good reliability, good support, and their account center is extremely well organized.

Alternatively, WP Engine is the one consistent company for WordPress sites that I have seen. They are the only site I trust with the label “managed WordPress hosting” because there is a ton of false advertising out there. They can be pricey if you want to have multiple sites and aren’t suitable for hosting non-WordPress sites, though.

Lastly, if you’re a technical person like myself, Digital Ocean is the way to go. You’ll need to do all the leg work, but the pricing, flexibility, and speed are excellent.

But, at the end of the day, it’s all trial and error – and most likely you’ll need to switch over time.

Good luck!

Why you should keep your WordPress site updated (obviously)

Have you ever logged into your WordPress site and seen those bright orange notifications in the sidebar?

“11 Updates!? I just updated this last month!”

How many times have you ignored those notifications, letting them pile up week after week until you finally say “screw it” and update them all in one shot?

Has that ever backfired on you? Some plugin update breaks your site and you’re now scrambling for 6 hours trying to fix it.

Has that caused you to avoid updating altogether?

You’re not alone.

Almost 40% of WordPress sites are not running the latest version (aka 10% of the internet) – let alone the countless plugins and themes that are also out of date.

The problem is that this is an incredibly bad idea.

When you leave WordPress out of date, you’re practically inviting hackers to enter your site.

This is because the vulnerabilities of older versions are published and available to the community as soon as the new version goes live (and often times soon).

So, that little orange icon should say something like “hackers literally know how to abuse your old plugins now”.

Scary? It should be.

What’s crazy is that this is completely common.

In fact, WP White Security found that 73% of the 40,000 most popular websites that use the WordPress software are vulnerable to attack.

So, what’s the worst that could happen?

Most likely, your website is an integral part of your business. Whether you’re using Ecommerce or simply blogging, your website is practically the face of your business and probably has access to sensitive customer data.

Leaving your site out of date leaves your site vulnerable for someone to take advantage of you and really hurt your business.

Extortion

This tactic can be attached to basically any of the following issues. Hackers will takedown or defame your site until you cough up some money for release.

And, unless you solve the problem, you’re vulnerable for them to extort you over and over again.

Compromised Customer Data

If you are collecting customer information like emails and phone numbers (or potentially payment information), you’re now dealing with a true crisis that leaves you exposed to customer retaliation and a PR nightmare.

Heard of Experian? Yeah.

Blacklisting

Typically, hackers will publish thousands of garbage posts and pages using your site that all backlink to some scam.

Or maybe they’ll inject malware directly onto your site to try and compromise customers.

When Google finds these pages on your site, it will Blacklist you from Search Results.

In fact, Google blacklists around 20,000 websites for malware, and around 50,000 for phishing each week.

That’s right – no more search rankings or traffic.

Oh, and it’s damn hard to undo, too.

Use in Botnets

Ever hear about “Russian botnets” or “DDoS”?

Hackers will basically put sleeper code onto your server and use it to attack other servers.

Defamation

After gaining access, hackers could take over the design of your site and post some pretty horrific content in its place.

Say goodbye to customers at least.

Takedowns

This is by far the nicest of punishments – taking your site completely offline. No site = no business.

All that, just from outdated stuff?

Yeah, it’s real life.

The simple act of updating WordPress, plugins, and themes protects you from most attacks (and that’s over 90,978 attacks happening per minute).

Naturally, there are other methods of entry, so you should be employing a security plugin as well, but just updating keeps you on a good level.

Even if you just use a secure password, you’ll be protected against 8% of WordPress security breaches.

Ok, I’ll do better to keep my plugins updated from now on.

Well, there’s another problem: plugin updates can crash your site.

Yeah I know, right? Can’t catch a break.

Plugin conflicts are no stranger to anyone who’s worked with WordPress for long, but only the dedicated few really know how to resolve these quickly.

Maybe the plugin you just installed doesn’t outright break your site, but it could still be a problem like the thousands of WordPress websites that were infected with malware disguised as a search engine optimization plugin.

And if it’s a severe break, do you have a backup of your site available? Know how to restore it?

Are you ready to call the amazing tech support at your server host when things go wrong?

To recap, if you plan to do this yourself, you’ll be responsible for:

  • Updating WordPress core, plugins, and themes daily
  • Checking if updates break your site
  • Checking that new plugins are ok to install
  • Resolving plugin breaks
  • Protecting your site against other vulnerabilities
  • Auditing your existing site for malware
  • Keeping an eye on your passwords
  • Backing up your site properly
  • Restoring your site if it goes down
  • Talking with tech support
  • Oh, and the rest of your business

How much are those hours worth to you? You should be doing bigger and better things.

Let me do it for you.

With plans starting at $100/mo, you’ll have a dedicated WordPress expert managing your site for you.

WP Spritz Speedreader Plugin

Spritz is an easy to use speed-reading tool and one of the most oddly satisfying things I’ve seen developed for blogs.

In short, it is a small frame on your site that allows you to stare at one spot while words whiz by. Your brain can automatically read the words without you needing to scan or scroll. It’s oddly effective and you can reach speeds of 700 words per minute (aka insanity).

When I first discovered Spritz in 2015, the WP Spritz plugin did not exist and I immediately thought to myself: this would awesome if you could simply add it to your website.

I quickly got to work and put together a prototype plugin that would add the Spritz tool to your blog post (top or bottom or even as a floating slide-in) and automatically feed the blog content to it.

It’s a fairly straightforward build and just requires a login to Spritz. I created a simple admin to choose between the 3 styles and followed up with three the_content filters that wrap Spritz around the content itself.

In fact, this was the first plugin I’d ever made. And as such, I did not have enough confidence to submit it for review on WordPress.org.

One day someday I’ll revisit this project and give it a solid rewrite; meanwhile check out Spritz!

Firefly Festival – Website Redesign

Firefly Music Festival is the East Coast’s premier music festival. It brings together over 60k fans and millions in dollars of revenue.

I worked with multiple departments within Red Frog Events to plan, design, build, launch, and actively manage the Firefly website to maximize Ecommerce revenue and deliver the best fan experience possible online.

The WordPress site I built has over 50 custom pages, is viewed by over 1m unique visitors, and includes a custom built user survey platform with over 50k active users.

I personally developed the data structure and page hierarchy for the site to ensure the best possible user experience and navigation flow.

More importantly, I imposed and enforces a strict ban on homepage slider heros – forcing the team to come up with unique and purposeful static hero content.

Firefly has seen happier customers, an easier content management flow, and better user data than ever before.

Screenshots

Warrior Dash – US Map Event Navigation

If you’re not familiar with Warrior Dash, it’s a 5k obstacle course mud run and festival with event locations across the country.

Typically starting in February (in Florida), Warrior Dash moves across the country for one or two-day events until the end of the year.

Ideally, a customer would go on the site and easily see the closest event location to them (which we would later implement).

At the time, the site only showed locations by date and by alphabetical order – there was no easy was to quickly see that there was an event in Maryland or New York without scanning the page for words.

It was not ideal and the page’s bounce rate reflected that.

The Build

The quickest solution was to add a clickable map of the US that highlighted upcoming events.

A visitor could clearly and instantly see that their state was highlighted and click to the event page to learn more and checkout.

Building the map to work with the existing event data was tricky.

The events themselves were handled by a WordPress Custom Post Type that had been extended over the years using the Advanced Custom Fields plugin. Each had a text description of the address, a latitude & longitude, and a state input.

In order to turn around the project in a timely manner, I opted to use a jQuery map library and highlight states instead of pinpointing the exact event location on the map. This had the added benefit of increasing click-thru rates for curious residents and gave the location page a chance to convert users who may have felt far away from the event location.

This left both the address and coordinate fields moot and the state input had been used poorly as a location nickname. In short, I had to add a new field for the coordinator to use for state abbreviation.

Now that events had proper state abbreviations, I appended the information to the pre-existing location HTML elements on the page and used jQuery to fill out the map data. No need to duplicate Database queries!

The map was now at a point where the active states were highlighted in red and the past states in blue – each clickable.

It’s not just pretty, but massively effective as well.

Average time on this page toppled from a whopping 6:25 to merely 25s over 5 months – a reflection that people no longer needed to figure out the page in order to move forward.

Bonus Points: Email List Growth

But what about the other states?

The Warrior Dash team is always looking for supporting data to help them decide to host in a new state.

Using a data structure I had already built for the site’s email marketing platform, Emarsys, I added the inactive state abbreviations to their map links. Then, I created a landing page for these clicks that automatically pre-selected the state in an email signup form.

Users could now easily click their state, land on a signup page with their state selected, and just fill in their email to become part of this “state waitlist”.

The result: a steady uptick of new email signups for inactive states.