Archive for the ‘WordPress’ Category

Quick WordPress Tip about deleted Tags Creating 404 errors in Google Webmaster Tools

If you delete a wordpress tag, it will create a 404 error if a visitor or possibly as important, Google Bot comes through to re-index your site.

Sure you can redirect that deleted tag link, but if you later create it again on the fly with a new post, your redirection will drive people away from the tag. 

Solution – Don’t Delete WordPress Tags!

If you have already deleted a WordPress Tag, think about adding it back in again so that you don’t get nicked by the Search Engines! 

Since July, I have been experiencing CPU usages on my Virtual Dedicated Server.  In July, my host InMotion Hosting, whom I have had an excellent relationship with for over 3 years, recommended that I should move to a ‘new faster server’ and they would migrate my accounts for free.

Sounded good, I asked a few questions, hoping to make a relatively informed decision, but I know next to nothing about servers and hardware, which is the reason why I turn to them for hosting and Virtual dedicated hosting specifically.

They upgraded me and within about 2 weeks, I started having problems with my account using up too much load on the CPU of the server.  My sites and the server were crashing every couple weeks, and InMotion Hosting started telling me that I would have to upgrade to a dedicated server, a price difference of $150 per month!  (Currently paying about $50 a month, prepaid for a year, Dedicated costs about $200 per month).

Frankly, I couldn’t afford the move.

At the time this first started happening, I was traveling in NYC for Affiliate Summit, and I didn’t have the time to completely figure out what was going on.  Twice over the years, I’ve run into CPU load issues and it usually involved a plugin that was broken or not working right.

I searched through my cpanel accounts, checking the error logs on each.  I found a few little errors but nothing significant.  I fixed those, checked with my host, and that didn’t seem to phase anything.

I did some heavy lifting in robots.txt to insure that I wasn’t being indexed by bots that were driving up the CPU (there was some indication that a bot masquerading as the cuel (cool) search engine was causing a bit of a problem.  I worked to eliminate bot access to every folder that wasn’t essential.

I triple checked my largest sites to insure that my images were optimized too.  (they were already, but I wanted to double check)

I was already running WP-Super Cache on my largest 2 sites, so I started loading that up on all my other sites.  Then I added DB Cache and even Widget Cache and DB manager so that I could routinely optimize my DB.

That seemed to make a small bit of a dent but not enough.

My biggest problem was really the lack of information at a domain level.  On a VDedicated account, I have absolutely NO TOOLS to help me identify if one domain/cpanel account is causing the bulk of the problem or if all domains are.  I thinned out the herd and eliminated/suspended/moved some cpanel accounts.

Again that helped just a little bit, but not enough.

Finally towards the end of September, I spoke with a admin at Inmotion who was able to install a script or a program to monitor my account.  I couldn’t view this program, but she was able to tell me the top domains or directories that were using the most CPU at the time.  She was also able to point out a couple plugins, that were not creating errors but did seem to be consuming to much of the cpu resources.  I deactivated and deleted them.

A couple days later, I got a message from Inmotion saying that that action had fixed the problem!

I sent back a message saying terrific! I can’t believe we finally solved this.  I was very happy and relieved.

But 20 minutes later, the same person replied again and told me that actually things weren’t fixed and we’d have to continue monitoring.

Uh, OK.

Four days later, I get an email saying that things were still bad, and my account would be shut down tomorrow, the original deadline given several weeks earlier.

So I called in, got filtered through hold for 20 minutes, got a low level representative on the phone, who was nice and polite but frankly jerked me around for 14 minutes because 1) he couldn’t do anything about the issue 2) its his job to make sure that people like me no longer have direct access to the admins 3) their own internet connection was apparently down 4) when he tried to transfer me, it didn’t work a couple times, maybe internet down related.

So I finally get on the phone with the admin who had sent me the latest message.  I mentioned to him, that when I had spoke with the helpful representative that had set up the monitoring script, that she had indicated the next thing to trouble shoot would be whether my Apache configuration on the new server was not optimal for my sites as compared to the Apache configuration on the old server.

I asked the new guy if we could look at this.  I had done some quick research that had indicated:

mod_php Vs. FastCGI

How you integrate PHP into Apache has performance implications. The two most popular options are:

mod_php

The PHP interpreter and all it’s linked in libraries are compiled into a loadable Apache Module (mod_php) and this module is loaded into every running Apache process at startup time. This is generally the simplest way to run PHP and is supported by most hosting environments. It also introduces memory overhead because of the monolithic Apache processes which you have running, and because the PHP interpreter is included in the web server binary which services non PHP files.

FastCGI

An alternative method of using PHP is to have the PHP interpreter running external to the Apache process and to use the FastCGI API to interface between the web server (mod_fastcgi) and the PHP interpreter. The advantages of this method is that you don’t load the full PHP stack into Apache, you can call upon PHP only when your web server needs to run a PHP script (not images, or HTML/CSS etc) and you also get security benefits of running PHP as a user other than the web server user. This setup is slightly more advanced, and usually requires custom compilation of PHP. One other possible advantage here is that you may be able to run the threaded Apache worker MPM when using FastCGI, since technically any non threadsafe PHP libraries are not being run inside Apache, but inside an external process.

I also found this useful description in a forum post that broke down a few additional settings from someone with the username ‘till’:

2nd April 2009, 10:42

The php option depends on traffic that you expect for the site and if the site e.g. uploads or creates images or files on the server.
mod_php:
- fast
- runs not under admin user of the site
- well suited for low and high traffic sites, but not for cms systems like joomla.
suphp:
- not so fast
- script runs under web admin
- secure
- well suited for low traffic sites
fastcgi
- fast
- script runs under web admin
- secure
- well suited for high traffic sites
so basicalley the decision is, if a site is low traffic, use suphp. suphp spawns a new cgi process for every page request, but it does not use resources when no pages are requested. On the opposite fastcgi, the php processes are running permanently even if no page is requested, this is faster and fine for a high traffic site but for a small homepage with 100 pageviews per hour you would waste resources.

So he agreed to try an alternative, and later sent me this message after it had been set up:

Just to follow up with you I have made two major changes to your VPS platform. The first being php was upgraded to the latest (from 5.2.10 to 5.2.11) and no longer uses suPHP. Also I have recompiled apache to use the MPM Worker instead of MPM Prefork which may help to
reduce load used by apache.

So now I’m in a new holding pattern, hoping that this change might be the magic bullet that gives me back my happily functioning websites and vdedicated account.  I’m heading to BlogWorld next week, so I expect that my account will likely take a crap on me while I’m traveling, not a traffic spike or anything, just a Murphy’s Law issue.

Here’s an excellent Presentation slide show from Brad Williams of WebDevStudios who recently spoke at a WordPress NYC meetup.  Excellent presentation.  Slides built so well that you will get a ton of very very useful information from this presentation to help you secure your WordPress powered website.

Wondering why your site just got knocked down in Pagerank or in the SERPs?

Maybe you were hacked and didn’t even know it.   ~ Just one example of the the very useful information in this presentation on WordPress Security.

I received an email today from a member of our local WordPress meetup group asking the following question:

Got a minute to clue me in on how my WordPress site got hacked?
My service provider said it was easier to do because my WP
version wasn’t updated to the recent version. What can I do to
help prevent this in the future?

As I write this, WordPress 2.8.4 is the current release of WordPress.  I mention that because 2.8.4 was released to address a serious security flaw in 2.8.3.    I learned about this simply by logging into WordPress and reading the updates in the Admin Dashboard of WordPress.

While this should be your only source for information about practicing good security on your WordPress powered site, but it is a good starting point. 

Here’s the email reply I provided below

Its definitely important to review the new wordpress updates as they come out. They often address security concerns. Hackers are always looking for new ways to break into sites, computers, operating systems etc, so the groups and companies that maintain the software behind sites, computers, operating systems etc have to continually evolve and update their systems.

This is one of the advantages to using WordPress. It is supported by an extensive open source network of programmers around the world. They provide continued development and improvements not only in functionality but in security. All you have to do is keep up with their updates and apply them to your site and plugins.

Part of your role as a web designer or webmaster may include keeping up to date on these changes, and making the updates to your own or your clients sites. As you develop more and more sites, it can take a significant amount of your time to continually review the updates needed, test them out to make sure they work on any given site and do not conflict with plugins that may or may not need to be updated as well (or may or may not be compatible with updates) and then execute the upgrade.

In general, you need to practice at insuring that you and your clients use good usernames and good strong passwords. This is typically the area that is easiest for hackers to target because too many people use default or simple user names and passwords that are ‘easy to remember’ which both mean, easy to crack and hack.

In years past on my personal sites, I used to use simple passwords that I could remember.  I never do that now.  I use passwords that are ridiculously long, they include both caps and lower case letters, they include numbers and many symbols.

This definitely can help ward of crackers.  But you can also use stronger passwords, don’t use the default ‘admin’ password if you are setting up a site with Fantastico for example.

Also there are a large number of detailed tips and resources, plus some plugins that can help you evaluate the security level of your site today and improve it in the future.

I found this cool looking plugin recently that helps you optimize keywords within a WordPress Post or Page.  It doesn’t help you find keywords, but once you know the keywords that you want to emphasize with a <strong> tag for example, you can type in the word into the admin panel and the plugin will automatically place the keywords in bold for you, helping to emphasize to search engines that a give post is more about the keywords highlighted, which is more effective than using keywords in a meta tag list.

Highlights

Author: spunkyjones.com

The keyword optimizer SEO plugin was developed so that important blog post keywords on a website could be optimized using the HTML <strong>, <em> and <u> tags. It allows the webmaster to select the keywords he/she wants to optimize from the administration panel and let’s them assign a limit to the number of times a chosen effect is applied to those keywords.

To demonstrate an example of this SEO plugin, if "articles" is an important keyword on a website than the webmaster can choose to surround this keyword around the tag. Using this plugin, the webmaster would need to enter this keyword into the <strong> set under the administration panel and all references to the word "articles" in a given post will be automatically placed inside the <strong> tag. The limit feature provided by the plugin lets the webmaster control the number of times this effect would be applied to that keyword. If suppose the limit is set to 2, then only the first two references to the word "articles" will be effected.

I read an article from my New Media Expo (now Blogworld) friend Todd Cochrane today.  WordPress 2.8+ no longer pings different services as fast as it used to.

The pings now go out only about once per hour.  If you happen to run a site where multiple articles are being published during that interval, it is very possible that some of the articles will not generate a ping at all!

Well, if you are managing your blogs with Windows Live Writer, a desktop application that lets you publish to WordPress, Blogger, Windows Live and many more, will ping any ping service that you might choose to enter including pingomatic.

How Can You Make Sure that each Article is Pinged When You Publish it?

1. Download Windows Live Writer’s Desktop Application from Windows Live –Free download comes with most PC’s these days too
2. Set up your Blog in Windows Live Writer so you can publish to it from your desktop (note there are many great reasons to use Windows Live Writer for blogging, this is just one reason)
3. Setup your Ping List in Windows Live Writer
1. Note, don’t ping the same place more than once!
2. If you have Pingomatic setup in WLW, remove it fm WordPress to avoid duplicate submissions, same for other services.
3. Don’t list a service manually that Pingomatic also pings for the same reason
4. Then simply publish your Posts and Pages through Windows Live Writer to WordPress and the pings will go out in real time!

List of Blog Pinging Sites that Are Not Pinged by Pingomatic

(if you know of more or see one that Pingomatic covers now, let us know!)

http://1470.net/api/ping
http://api.feedster.com/ping
http://api.feedster.com/ping.php
http://bblog.com/ping.php
http://bitacoras.net/ping
http://blogdb.jp/xmlrpc
http://blog.goo.ne.jp/XMLRPC
http://blogmatcher.com/u.php
http://bulkfeeds.net/rpc
http://coreblog.org/ping/
http://mod-pubsub.org/kn_apps/blogchatt
https://phobos.apple.com/WebObjects/MZFinance.woa/wa/pingPodcast
http://ping.amagle.com/
http://ping.bitacoras.com
http://ping.bloggers.jp/rpc/
http://ping.blogmura.jp/rpc/
http://ping.blo.gs/
http://ping.cocolog-nifty.com/xmlrpc
http://pinger.blogflux.com/rpc/
http://ping.exblog.jp/xmlrpc
http://ping.weblogs.se/
http://rcs.datashed.net/RPC2/
http://rpc.blogbuzzmachine.com/RPC2
http://rpc.blogrolling.com/pinger/
http://rpc.britblog.com/
http://rpc.tailrank.com/feedburner/RPC2
http://rpc.wpkeys.com/

I just installed the 2.2.0.17208 Standard Edition of Artisteer, and Artisteer will be available for Mac Users very soon. . . .

Here are some of the improvements added to Beta 2.2 coming from 2.1

The following is the summary of new changes and improvements:
Web Design Features

• CSS structure changes by adding "art-" prefix to style classes to prevent conflicts with other CSS styles.
• Simplified syntax for styling buttons and links: <input style="art-button">, <a style="art-button">

WordPress

• Resolved an issue with footer editing when the PHP option magic_quotes_gpc is turned on.

Joomla

• Added support for module class suffixes

Drupal

• Resolved issues with the Menu not working properly in some cases
• Resolved an issue with missing upload button
• Resolved an issue with uploaded logos not appearing

If DotNetNuke doesn’t get you to interested in Artisteer, or if the ability to create WordPress themes and Drupal or Joomla templates isn’t cool enough because you are on a Mac, guess what?

Artisteer just finalized the Mac version of the program which will hopefully be available for download/trial/purchase very soon!  I know many many Mac users and designers out there that have been waiting for this and it is almost ready!

When the automatic (push button) upgrade of plugins within WordPress first became available, it was the best thing since sliced bread or maybe even WordPress itself.

But over the last few weeks, I’ve noticed that first one then several, then almost all of my plugin upgrade attempts were failing.  It started with the xml sitemap generator plugin.  For some reason, it just couldn’t update itself anymore, when I clicked on the option to update it from within WordPress.

Soon after that, several other plugins on several different servers on several different WP installs started having some difficulties updating too.  Now, I’m just about at the point where every single plugin on every single WordPress install doesn’t seem to work.

I get a failure that looks something like this:

Downloading update from http://downloads.wordpress.org/ plugin/all-in-one-seo-pack.zip

Unpacking the update

Could not copy file: /home/Yoursite/public_html/wp- content/upgrade/all_in_one_seo_pack/all-in-one-seo-pack/all_in_one_seo_pack-pt_BR.mo

Installation Failed

After doing a little research, I came across a few people struggling with similar, if not the same problems.  After catching up on the threads and the support tickets, there appears to be 3 different solutions, which I’ll list in reverse order of how they are presented (thus saving you some time).

1. Upgrade to WordPress 2.8 as this is a bug cemented in my 2.7.1
1. But EVEN THIS won’t work for everyone
2. If it doesn’t work for you, then you will need to download this replacement file for http.php which resides in your wp_includes folder of WP
3. UPDATE – This step did work for me!
2. add "72.233.56.139 downloads.wordpress.org" to the "/etc/hosts" file. 
   1. I have no idea what that means
3. Disable cURL using the "Core Control" plugin ( http://wordpress.org/extend/plugins/core-control/ ) after activating the "HTTP Access Module 0.6" within Core Control.
   1. Note this plugin probably should not be used by people not terribly experienced at programming in a WP environment (not talking html, I mean real programming)

So that all points to step number 1 for your average user.  This may be the MAIN reason to go upgrade to WordPress 2.8 if you are the type that typically sits on the fence for 3-4 weeks (like I usually do). 

Resources

http://core.trac.wordpress.org/ticket/9998

http://wordpress.org/extend/plugins/core-control/

http://wordpress.org/support/topic/231500

For a while now, I ‘ve had a bit of a flash problem.  Some of my drop down menus, that are generated via css, drop down behind flash objects that I embed on my wordpress paqes, such as flash images generated by snagit (images with clickable hot spots) or youtube videos, or screencast videos.

I found this particularly helpful for menus that I have created with my preferred WordPress Theme Generator, Artisteer.

I found a partial fix that solves the problem for general flash or swf file objects, even youtube videos, but I’m still stuck on the screencast video option.

I found the solution in the comments section of this article.

The comments dialogue was a little difficult to follow, as people randomly offered up possible solutions in a comment brainstorm.

Ultimately, I was able to make the following actions work for me:

1. paste the following code within the <object tag : wmode=”transparent” ergo before you close the object tag with a >
2. you must also paste in an additional parameter tag as follows:  <param name=”wmode” value=”transparent”>

This created a solution that worked for me in both Firefox 3+ browsers and IE7.  Screencast has always provided problematic embedding code that has given me other fits in the past.

Note most people in the discussion seemed to settle on a slightly different solution using javascript and div tags.  If I could figure out how to get the Screencast video to render from javascript I might try this solution as well, but I have a suspicion that this might also generate code that is not valid xhtml . . .   

<script src=”swfobject.js” type=”text/javascript”></script>
<div style=”float:right;z-index:-100;” id=”player”>
This text will be replaced
</div>
<script type=”text/javascript”>
var so = new SWFObject(‘slideshow.swf’,'mpl’,’310′,’310′,’8′);
so.addParam(‘allowscriptaccess’,'always’);
so.addParam(‘allowfullscreen’,'true’);
so.addVariable(‘height’,’310′);
so.addVariable(‘width’,’310′);
so.addParam(“wmode”, “transparent”);
so.write(‘player’);
</script>

I have been expending a great deal of effort testing plugins that offer some form of management over nofollow links on a WordPress site.  I’m looking for something that will enable me to specifically select a page or Post by the Post ID and mark that page or post to always receive a nofollow tag whenever I link to it within my blog.

There are several plugins that help to provide nofollow tags for things like Categories, Tags, Archives etc. 

The only one that seemed to do this reliably was the tool that came with Headspace( author homepage), although it missed a few from time to time as well.  Anyway, I can’t recommend any of these because they did not do what I was looking for, but I can help you take a look at what I have searched through and experimented with myself.  If you find something better, let me know and I will happily cover you or your site in a future article with a link (absent the nofollow tag).

http://wordpress.org/extend/plugins/nofollow-case-by-case/

http://wordpress.org/extend/plugins/nofollow-reciprocity/ I even tried to add permalink/deep links to the code on this plugin, but it seems to only work at a domain level.  (I think it strips out the / character which is used in deep links)

http://wordpress.org/extend/plugins/nofollow-links/

http://wordpress.org/extend/plugins/nofollow-links-in-posts/ I liked the concept of this plugin, but it wasn’t what I was looking for

http://wordpress.org/extend/plugins/noindex-archives/

http://wordpress.org/extend/plugins/nofollow-archives/

http://wordpress.org/extend/plugins/ultimate-noindex-nofollow-tool/ This one seemed promising according to its description and admin page, but it didn’t seem to work at all when I tested it out.

http://txfx.net/code/wordpress/identify-external-links/

http://wordpress.org/extend/plugins/sem-external-links/

http://wordpress.org/extend/plugins/seo-automatic-links/

http://wordpress.org/extend/plugins/platinum-seo-pack/ Seemed like a good plugin, but the nofollow capability didn’t quite cut it.

http://wordpress.org/extend/plugins/replace/