Short answer? Everyone knows websites can be important for sales and marketing, sure. But what about recruiting and reputation management?
Early in my career I got a 2nd-hand referral for a surprisingly large B2B company that didn’t have a website. The referral was from a consultant who felt they should have one, even though the owners didn’t think they needed one.
Do you need a website for sales?
Thing is, these particular owners handled 100% of company sales with other CEOs on luxury resort golf courses. I don’t think they even had business cards! (Their assistants and attorneys probably did.) They correctly believed they didn’t need a website for sales.
That’s an extreme case but it points out that websites are important if and only if you need clients who will look you up either in search or to check your suitability after they get a referral or introduction.
For sales? Maybe not. But how about recruiting?
That said, the consultant wanted them to have a website because the company was off the beaten tracks and was having a hard time recruiting executives and high-skill employees. So the consultant felt a recruitment oriented website could help prospective hires get over concerns about relocating to the middle of nowhere.
Again, an extreme case, but the point is that websites aren’t just about direct sales.
If not for sales and recruiting, how about reputation management?
Final point: the first website I was paid to build was for an elementary-school curriculum company. As with almost all curriculum companies, back in the 1990s, there were 20-30 times more negative articles and reviews than positive ones. Without a website anyone searching for the curriculum online saw page after page of negative results. With a website and just a minimum of SEO key phrases (basically the company and product names plus “curriculum” and “education”) they became the top hit. And their pages and blog posts could directly counter the negative publicity, even though they didn’t need it for direct sales.
An extreme case yet again but it illustrates the point that a website can protect a company’s reputation even if it doesn’t need it for sales.
Why do contact forms and password-recovery email messages work fine with some websites and not with others? A lot of it has to do with the way the web server is configured and/or the security settings for the client’s domain email. Most web servers can send simple email messages. Others, especially depending on what email service they’re using, need to jump through more hoops. Sometimes it’s as simple as editing an SPF string in the domain’s DNS record. Other times you have to add and configure your own SMTP plugin like WP Mail SMTP.
Without getting into too many details, here are the….
Things I check before manually setting up SMTP on a client’s site:
- Can the site send email outside the domain? (e.g. to a generic email address like email@example.com.)
- Can the site send email inside the domain (e.g. if the site is myexample.com can people with @myexample.com addresses receive email?
- Does the host block outbound email? Some hosts, especially shared-hosting that wants to avoid blacklisting, block outbound mail by default.
- Are all required DNS records correct for the domain? (SPF, obviously, but some email hosts, especially Microsoft 365, require more.)
If outbound email is enabled and all DNS records are set correctly and the system still can’t send mail to @myexample.com addresses, then you’ll probably have to manually configure an SMTP plugin.
When you hire a WordPress professional to work on your site it’s pretty common for them to ask for
- An administrator account for your WordPress website
- Login access to your web server or hosting-company control panel
It makes sense that they’d need to log into your website as an administrator. If they couldn’t they couldn’t add or remove plugins, make changes to the theme (colors, fonts, menus, widgets, footers), or run fairly important configuration and optimization routines. They also can’t make in-site backups, or, more importantly, restore them. So that makes sense.
But server access too? That can feel a lot like you’re giving them the keys to the kingdom. What’s up with that?
- Is it safe?
- Do they really need it?
- What will they do if you give them access?
Ok, speaking for myself, I don’t need access to the server to if my changes are going to be very minor. But otherwise, yes, if I’m doing serious work on your website I’m going to need to be able to access the server so I can
- create and/or restore a backup if something goes wrong. (Bonus: Murphy’s Reverse Law says you’re less likely to need to restore a backup if a backup is available and installable.)
- edit code files like functions.php without risk of “white screening” with a bug or typo. (They can edit existing files through the WordPress theme editor but if they introduce a PHP error the whole site can crash… and then they don’t have access to the editor to undo it.)
- add files or folders to your (child) theme to override or enhance current site functionality. Example: custom WooCommerce templates, almost any customizations to The Events Calendar, page-builder module overrides
- Backup, restore, or perform cleanup on the database
You may be able to just give your developer FTP access, though that can be a pain if they also need to access the database.
It’s always best if you can “delegate” access to your account (e.g. what GoDaddy calls it) or make someone a “Collaborator” (e.g. what SiteGround calls it) or otherwise give them tech-only access. Most hosting plans let you do this, especially since most credible hosting companies require 2-factor authentication.
But, yeah, it’s pretty normal to give developers some sort of access to your server.
And yes, once they’re done it’s also perfectly fine for you to revoke their access by deleting their WordPress admin account and removing their collaborator access. If for some reason you needed to give them your own credentials it’s a very good idea to go back in once they’re done and change your passwords.
This post is based in part on a more detailed post from Jeff Starr at Digging Into WordPress. I’m posting it here so I can easily find the recipe I most often need. Definitely visit Jeff’s post for a full explanation.
99.999% of WordPress users are unlikely to need to import from an older archived website database into a new one. This post is for the remaining few (including me!) who run into character mismatches when they do have to do this.
Note that this post is more of a “shorthand” than a detailed explanation. Note also that you can break your website, badly, if:
- you don’t have at least one full backup plus a database backup and you’ve tested to make sure you can restore your site from the backups you’ve just made, and
- you already know what you’re doing.
Run these code snippets in your MyPhpAdmin or Adminer database manager.
First this to clean up post titles
UPDATE wp_posts SET post_title = REPLACE(post_title, 'Â', ''); UPDATE wp_posts SET post_title = REPLACE(post_title, 'â€œ', '“'); UPDATE wp_posts SET post_title = REPLACE(post_title, 'â€', '”'); UPDATE wp_posts SET post_title = REPLACE(post_title, 'â€™', '’'); UPDATE wp_posts SET post_title = REPLACE(post_title, 'â€˜', '‘'); UPDATE wp_posts SET post_title = REPLACE(post_title, 'â€”', '–'); UPDATE wp_posts SET post_title = REPLACE(post_title, 'â€“', '—'); UPDATE wp_posts SET post_title = REPLACE(post_title, 'â€¢', '-'); UPDATE wp_posts SET post_title = REPLACE(post_title, 'â€¦', '...');
Then this to clean up post content
UPDATE wp_posts SET post_content = REPLACE(post_content, 'Â', ''); UPDATE wp_posts SET post_content = REPLACE(post_content, 'â€œ', '“'); UPDATE wp_posts SET post_content = REPLACE(post_content, 'â€', '”'); UPDATE wp_posts SET post_content = REPLACE(post_content, 'â€™', '’'); UPDATE wp_posts SET post_content = REPLACE(post_content, 'â€˜', '‘'); UPDATE wp_posts SET post_content = REPLACE(post_content, 'â€”', '–'); UPDATE wp_posts SET post_content = REPLACE(post_content, 'â€“', '—'); UPDATE wp_posts SET post_content = REPLACE(post_content, 'â€¢', '-'); UPDATE wp_posts SET post_content = REPLACE(post_content, 'â€¦', '...');
And yes, there are other characters out there. And other columns in other tables you may also need to clean up (comments for instance.) Adjust your scripts accordingly. There are also “more complete” ways to do this that involve editing database, table, and column character codes.
In the r/WordPress subreddit user named only_sort_by_new asked a great question about how to use pages and posts (lightly edited)
Help deciding on if something is a Post/Page and how to organize a sauce review site with Categories/Tags?
Currently working on my first site which is suggesting and reviewing sauces. I love trying any type of new sauces, so wanted to start writing some blog posts and reviewing specific sauces.
The issue is, that I am very confused and stuck on how to layout a site like this. Is each type of sauce a Page and then when I write a blog Post mentioning the sauce, I just tag that sauce? I imagine I will make many blog posts that reference a specific sauce… that is why I am thinking that I might need a Page (not a Post) for each sauce/sauce type. And every blog post mentioning that sauce (via Tags) will pop up on that sauce page.Reddit user u/only_sort_by_new
So would the above breakdown above be Pages that use Parent/Child structure? Or are those actually Posts too and I just use Categories in a hierarchical way? Or need to utilize tags for this to work?
When it comes to the front end of a website neither WordPress nor Google makes much of a distinction between posts and pages.
Instead the best way to look at them is…
- pages are typically accessed through navigation. So think of menus, “learn more” links, and callout “card” links on main pages.
- pages are also used for permanent “behind the scenes” pages like quiz results, thank you pages, shopping cart and other checkout pages.
- posts are more often found through searches, incidental links in text, and especially in lists. (The “blog” page is a list. So are “related posts.”)
- the biggest difference is that posts are typically organized by categories and tags rather than menus.
While we don’t typically think of e-commerce products as “posts” it can be a good idea to think of posts the way we typically look at products in e-commerce. You browse catalogs and search for products instead of navigating through menus for them. There might be menu items for categories of things, but adding every item in your shop to the navigation menu would be waaay too unwieldy for the average shopper.
Think about posts the same way. Typically you’ll have just a handful of navigable pages, while you might have hundreds of posts.
In the original poster’s particular case it makes more sense (and is probably easier) to create each sauce as a post and use categories and tags to help find them on their site.
They can then choose from a ton of “posts” or “loop” plugins, blocks, modules, and widgets to display the right sauces on more structured pages.
Here’s a simple example would be our own Portfolio page. It’s a permanent page available through the navigation menu, with a few paragraphs of explanations, and then a “posts” module a filter set to choose (query) only posts marked in the “Portfolio” category. We go a step further on our Website Updates, Repairs, And Upgrades page with a different “posts” module with filters that limit results to posts in the Portfolio category and the “rebuilt website” tag.
Bottom line, though, is that pages are meant to be navigated to with menus and buttons; posts are meant to be listed, filtered, searched for, or “mentioned” in in-text links.
Hey, if WordPress is so great why do so many web developers offer maintenance plans? Is WordPress really that insecure? Fragile? Hackable? No! A well-built WordPress site on a good hosting plan is surprisingly secure. So… why should you still get a good WordPress maintenance plan?
Here’s how I explain things to my clients: WordPress is like a car. Once you get your car from the dealer, you can drive wherever you want. You don’t need a mechanic in your car to help you change gears, right?But even the nicest cars still oil changes and 50,000 mile tune-ups. And if you take it off-road, or if it gets wrecked or stolen, you’re going to need a mechanic to help you get it back in the road.
It’s the same with WordPress, or any other site that’s not pure HTML with maybe a little CSS. Web protocols change. Just like a car you don’t need a developer to help you use WordPress day to day. But over time browsers get more capabilities and site visitors get less and less patient with slow performance. Over time server software changes. WordPress software changes too. And it’s almost all driven by impatient visitors who expect more and, of course, hackers. Hackers and their bots have a lot of incentive to exploit your website, and every year they get more and more (and more!) creative.*
So, yeah, you’ll always need basic maintenance and updates for your site, server, and software stacks just like you need routine maintenance for your car. And that’s why WordPress (and all other websites) need routine maintenance too.
* Speaking of hackers, they’ve already been using simple AI/ML-like techniques for at least a decade, so it won’t be long before they’ll begin using surprisingly sophisticated GPT queries to challenge even the most security-through-obscurity-coded website.
This post includes the steps for converting a site from Google Analytics 3 (GA3) to Google Analytics 4 (GA4.) I’m posting it so I’ll be able to find it myself, but it may be helpful for others as well. If I find further information about making the switch I’ll try to update this post.
Earlier today I got an email from a client asking me for help with a warning she’d received from Google Analytics
“Today I noticed this alarming notice at the top of the page, which I don’t quite understand, see below. Can you explain this to me and hopefully assist me if a new google analytics site needs to be set up. Thanks in advance”Email with screenshot from a client
Since I specialize in building, fixing, and maintaining websites I typically leave Analytics to my clients’ marketers. ut this was a great customer and they were genuinely concerned so I decided to take it on.
This is a change Google has been “threatening” for at least a year, and for most of that year people (including marketers) have expressed a lot of confusion about it. And when I logged in I was… equally confused.
So I reached out to the local WordPress community with the following request
Ok, has anyone figured out the shortest-path steps to convert a client from regular old Google Analytics to GA4? Most of my small-biz clients only use GA to track simple site visits rather than all the ad-word and phone-app stuff GA seems to have morphed into.
I just tried setting up a client with the GA “conversion assistant” option and while it seems to have done the conversion it also seems like
- They want me to add new tracking codes to the website, but
- I’m not seeing any evidence of where such a new script can be found.
But then since I just build and fix website instead of SEO and marketing I have the patience of a goldfish for Google’s change-of-the-month-club approach.
Any explain-it-like-I’m-5 links would be appreciated.
I got a great answer from Matthew Woicik, the owner of ML2 Solutions. Even though SEO happens on websites it’s a marketing function. Matt’s company specializes in social media, business listings, paid advertising, and search engine optimization and analytics. (That’s an endorsement, by the way.)
Here’s what Matt told me, lightly formatted to make the steps more clear:
…the simplest path is to use the GA4 Setup Assistant that is in the admin interface. That should transfer most of the settings to a new Google Analytics 4 property. However, like you found out, you might need to update the tracking code. Here is how to find the tracking code:
Matthew Woicik, the owner of ML2 Solutions
- Login to Google Analytics and go to the Google Analytics 4 property.
- Click on the gear icon for the Admin configuration.
- Click on “Data Streams”.
- Click on the data stream that should have been created as part of the GA4 Setup Assistant process.
- Click on “Configure tag settings”.
- Click on the link for “Installation instructions”.
- Finally, click on the tab labeled “install manually” for the tracking code.
I have to admit that looking in the “data streams” property wouldn’t have been the first… or even 7th place I looked. Nor was it clear from any of Google’s extensive but never-very-helpful documentation. So I’m really grateful. Thanks!
The final step for me was to copy the resulting code snippet and using it to replace the old google analytics code in my client’s site headers.
I’ll be able to check tomorrow to see if the new tracking code is actually, well, tracking. And if it is then…
Then I’ll be able to apply these steps for any other clients who need help making the conversion.
Have you received a bogus “DMCA takedown notice” from an individual (falsely) claiming to be a lawyer with the email address “firstname.lastname@example.org”? Was the claim based on a dubiously-dated post on a website called “Global News” or “Global Express News?” If so this might interest you.
Back in June, 2022 I got a bogus takedown notice for a post I’d written warning about a scam-like “domain listing” company that sends invoices that look like a domain registration renewal, charges more than 10x the actual price to renew a domain registration and… doesn’t actually renew your domain registration.
I’ve written about this problematic invoicing ploy several times… and received and debunked a bogus DMCA takedown notice last year. So I wrote about yet another similarly bogus “domain listing ploy the other day aaannnddd… this morning I got another bogus takedown notice, seemingly from the same “black-hat PR” individual
I want to be really clear that I’ve spoken to the real Thomas Ross named in some of these takedown notices and it’s absolutely clear someone is stealing his identity! I’ve spoken to other attorneys who’ve worked with the real Tomas and they’ve assured me he wouldn’t be involved with this sort of scam.
As I mentioned last June, the scam seems to involve finding negative blog posts, copying their contents and posting them to this “Global Express News” blog with a hacked earlier post date!
The “Global Express News” site seems to only *cough* post these sort of negative stories, marked as “no index” so they won’t show up in Google and other searches. After I made that earlier post others got in touch with me saying the same thing had happened to them.
The good news is
- These takedown notices are entirely bogus
- They’re not worded legally
- If you got one of these things you’re not the only one
- You can probably use this and my earlier blog post as evidence if your hosting provider or CND asks for an explanation