Close
Close

How to Improve Workflow in a Multi-Author WordPress Blog

This guest post is by Syed Balkhi of WPBeginner.

Running a multi-author blog can become a hassle, especially if you do not have a dedicated content manager for your site.Having run several multi-author blogs myself, I understand the issues you face and decisions you have to make.

If you’re running a multi-author blog, you may have asked yourself questions like, should I give the writer access to my WordPress dashboard? Is it secure? How do I monitor their activities to see they aren’t messing up my website? How do I improve my workflow?

In this article, I will share my personal experience in managing a collaborative WordPress site safely and effectively.

The “t” in “team” is also for “trust”

If you want to improve your workflow, then you will have to give your writers access to your WordPress dashboard. Otherwise, you will find yourself copying and pasting a lot of elements from a Word Document into your WordPress dashboard, attaching images, adding styling elements, and so on.

Fortunately, WordPress comes with numerous user roles with various permission levels.

user capability

If you look at the charts above, the two permission levels that make the most sense for multi-author blogs are Contributor and Author.

The biggest issue with Contributors is that they can’t attach images because they do not have the ability to upload files. Since you want your authors to have the ability to upload and attach images to their articles, you will want to give them Author-level permissions.

The big issue with that is that it gives them the ability to publish posts, delete posts, edit published posts, and so on. While I trust all of my authors, I don’t want things to go live without going through an editorial review. So I don’t want them to have this capability.

The good thing about WordPress is that there is a plugin for just about everything. You can use a popular plugin called Members to modify the capabilities of the Author role. Once you install the plugin, go to Users > Roles and modify the Author role. Your final permissions settings should look something like this:

The roles editor

As you notice, the only abilities we’ve given Authors here are editing posts, reading posts, and uploading files.

Security and monitoring

In the past, I have seen hackers trying brute force attacks through the login page. Because each author’s URL contains their username, they only have to guess the password for an author to get access to your site. What’s worse is if your author has used the same password elsewhere, and the hacker knows this.

To prevent this kind of attack, the first thing you need to do is to limit the number of failed login attempts. This means that after three failed login attempts, the user will be locked out.

The second thing you need to do is make sure that you use the plugin Force Strong Passwords. To monitor users’ activity, you can use plugins like Audit Trail or ThreeWP Activity Monitor.

Last, but certainly not least, make sure that you have a strong WordPress backup solution in place. Of course there are other security measures you can take to protect your site in other ways, but these are the ones that are specific to multi-author blogs.

Improving your workflow

A good editorial workflow can make things a lot easier. The key to a good workflow is communication. I use a plugin called Edit Flow to make things easy for me.

The first step is to define the stages of your workflow. My workflow looks like this:

  • Draft: default auto-saved posts, or any un-assigned posts
  • Pitch: when an author pitches a post idea
  • Assigned: the editor or admin assigns the post idea to a specific author
  • In progress: the author puts the article in this mode so everyone knows that someone is working on it
  • Pending review: once the author finishes the post, they submit it for an editorial review.
  • Ready to publish: once the editorial review is complete, we make the post Ready to publish. From there, I or another admin can take a look at it and schedule it for publication.

This workflow makes the process really easy, especially when we have a lot of writers. This plugin comes with default statuses, but you can always add your custom post statuses.

The best part is that you can sort posts by the custom status. Changing the status is extremely simple.

Custom status

You can also use the Edit Flow plugin to communicate with the author from within your dashboard. This makes the communication part really easy, and prevents you juggling through emails. Also, when assigning posts to a specific author, you can set deadlines in the Editorial Meta Data option.

The plugin also gives you a convenient month-by-month calendar-view of posts. This lets you know if you have a post scheduled for a specific day or not.

Calendar view

A private area just for contributors

Over time I have learned that I don’t have to do everything myself. I can assign tasks to trusted folks in my team. The best way to establish this trust and find out who is the right person for the job is by judging their interest level. Setting up a private area just for your team members can help you determine that.

I recommend that you set up a site with P2 theme and invite your team members and authors there. Password-protect the site, so only logged-in users can see the content. And when an author stands out in this environment, you can promote them to an Editor or another position within your business.

What’s your workflow process? I’d love to hear about it in the comments. Feel free to share your tips and tricks for multi-author blogging, too.

Syed Balkhi is the founder of WPBeginner, the largest unofficial WordPress resource site that offers free WordPress videos for beginners as well as comprehensive guides like choosing the best WordPress hosting, speeding up WordPress, and many more how-to’s.

How I Tweaked my WordPress Blog to Rank Better in the Search Engines

This guest post is by Jonathan of NutraSol Natural Center.

As bloggers and website owners, improving our websites is an absolute must, and search engine optimization is important if we want to get more traffic through search engines.

I have been familiar with SEO since before I started my first blog on professional business strategies. I came across it during the research stage when I was trying to learn everything I could about creating a website. Once I was exposed, I was instantly hooked.

What interested me the most about SEO was the challenge of competing with other sites to appear on the first page of Google for my target keywords. It is almost as if SEO gives us esoteric super-powers that are only fully understood by a small community of internet marketers.

After learning enough to get me started, I created some blogs and conducted experiments that allowed me to learn a few tricks on my own.

Using WordPress features for SEO

Not long ago, I started a Spanish blog on home remedies and alternative medicine. It’s not in English—my apologies—but that’s the blog I first implemented this technique on.

When I started it, I had envisioned it as a reference site where people could go and find information on natural remedies, so I decided to have the articles on static pages rather than blog posts. 

I also decided to have the names of the ailments in the page URL. For example, for hypertension, I had the URL http://www.informenatural.com/hipertension/  on a static WordPress page. 

The logic behind this approach was to have a reference page for all the ailments I covered, and people could go there just to get this information. It was going well and traffic was growing little by little, but suddenly, a light bulb switched on in my head. 

I decided to turn my static-page reference site into an online magazine instead, and to feature articles that would encourage social activity where people would be allowed to leave comments. Effectively I wanted to move from a static informational website to a blog.

The problem was that in order for me to do this, I had to turn all the pages I had into posts.

Turning pages into posts without losing links

The site was already two years old and I had backlinks around the web that I didn’t want to lose. But I also knew that I couldn’t have the old pages and the new posts existing together because that would create duplicate content issues for my site with the search engines. Not only that, but all of the pages were in Google’s index and some were ranking in the first page of search results for some of my target keywords.

Now, you may be thinking, “Why didn’t you just give the posts the same URL as the pages?” or “Why didn’t you just use a 301 redirect?” The reason is because I was going to turn all the articles I had into posts, and I didn’t want one post to have a permalink with a specific single keyword term such as Hypertension. I also preferred to have more pages indexed by the search engines anyway.

Hypertension Page

So, I decided to take a different approach. I decided to turn the single keyword terms into categories so that I could keep the same URL structures and can keep all the inbound links my blog had acquired over the years.

I also decided to do this because the single keyword term in the URL could then be used to direct users to other articles that have to do with that term.  For example, www.informenatural.com/hipertension would no longer lead to one article on a static page; it would be the page to go to to find all the posts related to that subject.

Add Category Hypertension

Here’s how I did it

By default, WordPress category pages contain the word “category” in their URLs. For example, informenatural.com/hipertension would be converted to informenatural.com/category/hipertension. 

In order for things to go as planned, I needed to remove the word “category” from the category permalinks. I did this by using a WordPress plugin called WP No Category Base.  Doing this allowed me to maintain the URL and preserve the permalinks in the format I originally had them in.

After doing this, I copied the content from the page to the post, with my keyword terms in the titles and permalinks of the posts.  Then, I deleted the pages.

Hypertension Category Page

This allowed me to maintain my links and transform my static-page site into a blog. I conducted keyword research, found the long-tail terms that I wanted to rank for, and included them in the permalinks of my posts. 

After that, I signed into my Google Webmaster Tools account, and used the Fetch As Google tool to submit the new URLs.

Hypertension Post

Grow your traffic with WordPress

These changes have allowed my traffic to increase tremendously and I predict it will continue to grow with time.

WordPress gives us the flexibility to do many things with our blogs and it allows us to stay organized while we’re at it.  If you find that a post is not ranking well enough for a keyword, you can always do some keyword research to find a better phrase with more searches and change your URL to include that term.

Experiment with your blogs, using WordPress features to your advantage, and you can help your blog grow like never before.

Do you use WordPress features to help your search rank? Share your favorite tip with us in the comments.

Jonathan is the founder of NutraSol Natural Center and LocalRoamer.Com. He has a Bachelor’s Degree in Business Administration and he is currently enrolled in courses to get a degree in Nutrition. Jonathan has designed 2 blogs on natural remedies to educate his customers for his store at Informe Natural and Earth Doctor.

Top 10 WordPress Security Myths

This guest post is by Anders Vinther of The WordPress Security Checklist.

WordPress Security is about as sexy as cleaning your house. And as a serious blogger, you already know that securing your site properly is not a trivial task.

That makes it a fantastic topic for myth fabrication.

In this post, I’ve compiled the top ten WordPress security myths for your easy consumption, followed by a light sprinkle of facts to debunk the myths.

Here are the myths:

  1. WordPress is not secure.
  2. Nobody wants to hack my blog.
  3. My WordPress site is 100% secure.
  4. I only use themes and plugins from wordpress.org so they are secure.
  5. Updating WordPress whenever I log in is cool.
  6. Once my WordPress site is setup my job is finished.
  7. I’ll just install xyz plugin and that’ll take care of security for me.
  8. If I disable a plugin or theme, there is no risk.
  9. If my site is compromised I will quickly find out.
  10. My password is good enough.

Myth 1. WordPress is not secure

When people experience security problems with their WordPress sites, they tend to blame WordPress. However, the WordPress core is very secure. And when a security hole is found, the development team is very quick to respond.

The most frequent causes for compromised WordPress sites are in fact:

  • outdated software
  • insecure themes and plugins
  • bad passwords
  • stolen FTP credentials
  • hosting problems.

For more on this topic, see WordPress Security Vulnerabilities.

Myth 2. Nobody wants to hack my blog

Most hacking attempts are automated. There are rarely personal or political motives behind WordPress hacking—more often the motives involve financial gain.

Maybe you’re thinking, “But I don’t have anything for sale on my site. I don’t have credit card information or any other sensitive information. What could they possibly steal from my site?”

What you do have is resources.

Possible ways to exploit your site are:

  • the insertion of spam links in your content to boost SEO for other sites
  • through malware infections of your visitors computers, e.g. to steal their financial information
  • redirecting your traffic to other sites.

For more details, see Are Small Sites Targeted For Hacking?

Myth 3. My WordPress site is 100% secure

No site that’s accessible on the internet will ever be 100% secure. Security vulnerabilities will always exist.

That is why you need a backup and recovery plan. If disaster strikes, you need to have a good backup available, and a plan for how to restore your site.

For more, see:

Myth 4. I only use themes and plugins from wordpress.org so they are secure

The WordPress Team reviews themes and plugins before they are included in the wordpress.org repository. However they do not have the resources to review updates.

Themes and plugins are developed by programmers from all over the world. Their experience and programming skills vary greatly, and so does the quality of their work. Even the best programmers make mistakes and all software contains bugs. Just pick a random plugin, look at the change log and you will see that bugs are routinely discovered and fixed. Even the best plugins developed by the most renowned people could contain undiscovered security risks.

Is it safer to get your themes and plugins from wordpress.org? Absolutely.

Is it guaranteed that there are no security problems with themes and plugins from wordpress.org? Absolutely not.

For more information, see:

Myth 5. Updating WordPress whenever I log in is cool

You need to keep WordPress core, plugins, and themes updated at all times. Whenever a security update is released the whole world can see what the problem was. This obviously exposes any site that has not been updated. Unless you log in to your WordPress admin dashboard every day, you’ll need a plugin that will notify you when updates are available.

More information can be found in the article, Update Notifications.

Myth 6. Once my WordPress site is set up, my job is finished

Having a WordPress site is an ongoing commitment—it’s like having a dog. As a bare minimum your WordPress blog needs to be maintained when new updates come out. This is crucial even if you do not write new posts or otherwise update the content.

If you simply leave your WordPress site behind like an abandoned holiday pet, chances are that you will be helping the bad guys carry out their malicious schemes to control the world. So if you will not or cannot keep your WordPress site updated, it’s better if you take it down!

Myth 7. I’ll just install xyz plugin and that’ll take care of security for me

You do need security plugins. And you need the right mix of security plugins. However, keeping your WordPress site secure goes well beyond what you install on your site.

Other factors you need to consider include:

  • securing the computer you use to connect to your hosting account (anti-virus, malware and firewalls)
  • creating and managing strong passwords
  • using Secure FTP to access your hosting account
  • protecting sensitive WordPress files from access from the internet
  • off-site WordPress monitoring.

Myth 8. If I disable a plugin or theme, there is no risk

All files that exist in your WordPress folder are accessible from the internet unless you specifically protect them. This means even disabled themes and plugins can be exploited if they are vulnerable.

The best practice is to remove anything you do not use. Or, at a minimum, make sure you keep de-activated themes and plugins updated.

Myth 9. If my site is compromised I will quickly find out

Professional hackers are not interested in you finding out that your site has been compromised. Therefore you might not find out what has happened until quite some time after a hack has occurred—if you find out at all.

Some types of hacks that are difficult to spot include:

  • redirection of all traffic coming from a search engine (so if you enter the URL in your browser or use a bookmark, everything will look normal)
  • the inclusion of hidden text in your posts and pages.

You need some kind of off-site monitoring of your WordPress site. For more details, see:

Myth 10. My password is good enough

Unless your WordPress admin password looks something like LR!!g&6uTFL%MD8cyo, you need to change your password management strategy. And make sure you do not reuse passwords on multiple websites.

Amazingly password and 123456 are still the two most used passwords! To find out more about this issue—and how to solve it—see:

Don’t get caught out!

Getting WordPress security right is not trivial. That’s probably the reason why too many bloggers stick their heads in the sand when it comes to protecting their valuable assets.

While you do need to be pro-active and take action WordPress Security is by no means an impossible task. The same way you would add an alarm to your car and get a guard dog for your house you need to secure your website. Don’t get caught with sand in your ears, nose, and mouth when the hackers come knocking on your door. Act now!

Check out ’s free WordPress Security Checklist, which is all about protecting your WordPress assets properly and sleeping well at night.

Transfer Your Blog From WordPress.com to WordPress.org Part 2

This guest post is by Ayelet Weisz of All Colores.

Yesterday, I started the convoluted process of swapping my blog from WordPress.com to WordPress.org. As you may remember, I’d finally got to the point where I was ready to import the files of my blog. Everything seemed to be okay, until….

Big Deal #4: The import keeps getting stuck

You see that white screen? That’s how it stayed.

Importing the files

At first, I was happy. The little circle on my browser was turning. I assumed it would take a lot of time. Even though my blog was obviously smaller (2.9 megabytes) than the maximum allowed file (64 megabytes), I figured it would take time to import eight months worth of blogging with almost 2000 photographs.

So I let it be.

When I returned to my computer, I found out that the import process had got stuck. Remember, my blog crashed for almost 48 hours. I was sure that was the reason of my current technical challenge. After my blog returned to life and I was able to work again, I repeated the process explained above. While my blog hasn’t crashed since (and it was in late February), after a short moment of importing, nothing was circling anymore: the white screen of the import remained white.

Big Deal #5: Challenges with the blog file

I decided to open the file I had exported from WordPress.com. This is what it looked like:

Inside the file

I learned that there were two errors in the file:

  1. Error on line 149 at column 32: Namespace prefix atom on link is not defined.
  2. Error on line 150 at column 29: Namespace prefix atom on link is not defined.

I Googled it and found various discussions on the matter. I looked for ways to fix the file, yet found no help in simple language. I tried exporting the file from WordPress.com and importing to WordPress.org various times, and kept hitting the same error, only in different lines and columns each time.

As I kept searching the web, more and more answers seemed to lead to one solution, but one that sounded too simple—and to be honest, too frustrating—to be true.

The advice said, refresh the page.

I exported the file once more. Imported it once more. And then refreshed it an unbelievable number of times.

Each time, more and more files appeared to be added. Sometimes only a few files were added when I hit Refresh; sometimes there were many at a time.

The list of problem files

Either way, the list of files kept growing.

At the end of every file line, it said “already exists”. For example, “Media ‘DSCF1372′ already exists”. Also, I didn’t see all my posts and pages on the list. I was concerned that some aspects of the blog were being imported multiple times and some not at all.

Then I got some good news.

“All Done. Have Fun!” WordPress.Org wrote to me.

All done, have fun

Could it all really be done? Could I now actually stop dealing with technicalities and return to writing?

I logged in to my new URL: www.AllColores.com—no “WordPress” between my blog’s name and the dot-com—and I saw my blog! It was an exciting moment.

Until I noticed something was not okay.

Big Deal #6: My photos weren’t included

All was well with the posts and the comments on my blog, but no photos appeared in the posts. Let me remind you, we are talking about almost 2000 photos, which I made sure to include in the export and import processes.

After some digging in my dashboard, it turned out I’d actually done things well. The photos were indeed imported to the new blog … most of them just weren’t “attached” to any blog post.

Unattached images

The solution? Take a deep breath!

On the left-hand sidebar of your dashboard you will find the word “media”. Click on it. You will reach your media library, where all your photos are listed. I had 1856 media files, all of which were photos, and 1847 of them were unattached. That means that only nine photos were attached.

As you will see in the above photo, in each line beside the media file, you will find a column named “author”. Next to it, there will be a column called “attached to”. If the photo is unattached, an Attach button will be available. Click on that button to attach the picture to the post.

Attaching images

An image will pop up, asking you to search for a post or a page. You can type the beginning of a post title, or choose from a list offered by WordPress by clicking on the right post, then click on Select.

If you, too, have many media files and don’t feel like spending hours “attaching” them to countless posts, you can Google for plugins that might do it for you. From the various message board discussions I read, these actually had helped several people. I tried a couple of options, but they did nothing for me. It was back to manual work.

How do you remember which media file belongs in which post?

That’s where not deleting your WordPress.com blog comes in handy. Keep one window open on your WordPress.org dashboard, and log back in to your WordPress.com dashboard on another. Go to your media library. In your WordPres.com dashboard, files are attached to posts. Follow what it says there as you attach photos on your WordPress.org dashboard.

And, as it turns out, there’s a way to hurry up the process after all.

On any given page, mark all the photos related to a single post and only then click Attach on one of the photos. You will select a post the same way, yet when you click Select, up to twenty photos will be attached at the same time.

Bulk image attachments

Once I was done attaching, I verified that all photos were transferred and attached well.

The end result

Here is a part of my post “More Photos from Bariloche”, which I published while in Argentina in September 2011 to let everyone back home know I’d been doing well and enjoying the snow.

A post

Here is part of that post as it appeared on my new WordPress.org blog in late February 2012:

The old post

At last, I could breathe a sigh of true relief. I would have preferred to start with WordPress.org, yet accomplishing this triumph gave me a new boost of energy as I returned to do what I love most: writing.

Have you encountered any other technical challenges while transferring your blog from WordPress.com to WordPress.org? Share your tips and tricks with us in the comments.

Ayelet Weisz is an enthusiastic writer and translator from Israel. She celebrates the everyday and extraordinaire joys of life through travel on her travel blog, All Colores. Follow her adventures onTwitter and sign up to her RSS Feed.

Transfer Your Blog From WordPress.com to WordPress.org Part 1

 This guest post is by Ayelet Weisz of All Colores.

WordPressIt was finally happening: I was about to embark on the trip of my dreams—and I wanted to write all about it.

I decided that a travel blog, shared initially with family and friends, would be a great experiment to see if I felt comfortable with the format of blogging that I’d wanted to try for quite some time. I did some research and found out that WordPress was a highly recommended platform. I read about the differences between WordPress.com and WordPress.org, yet I wasn’t up for all the technical mumbo-jumbo that I thought comes with launching a site on WordPress.org, even if it allowed me to monetize the blog.

I opted for WordPress.com, thinking I could always transfer later if I decided that was the path for me.

Transferring from WordPress.com to WordPress.org looks easy at first

I read blog posts about it, I read explanations about it on the WordPress website, I watched videos on YouTube. And they all said roughly the same thing: all you have to do is follow these very simple steps, and then your blog is exported from WordPress.com and imported to WordPress.org.

What’s the big deal?

The basic process is supposed to go something like this:

  1. Log in to your WordPress.com dashboard.
  2. Choose “Tools” on your left-hand sidebar.
  3. Under “Tools”, choose “Export”.

There, choose the material you’d like to export. You can choose to export only your posts, for example, and create brand-new pages at your blog’s new home. Or you could choose to transfer the pages, yet start fresh on the posts front. You can also choose to export all the content at once—posts, pages, media files and comments.

Since I wanted to transfer everything in my blog to its new location, I chose All Content and clicked on Download Export File.

Selecting All Content

The file was downloaded pretty quickly. The file—an XML file type—appeared at the bottom of my screen.

The file downloads

My blog’s name is All Colores and the URL I had at WordPress.com was http://allcolores.wordpress.com . That’s why you see it in the image. When the download ended, I clicked on that box to open the file, which contained lots and lots of lines of code. Who knows how to read that?

Later, since I wanted to import this file to my WordPress.org blog, I needed to know where this file was saved. You’ll see soon that I needed to select it from my computer and upload it. But I didn’t know where that code was saved! It looked as weird to me as writing from right to left will probably look to you. What’s a blogger to do?

The solution is simple—at least in this case—so savor it: click on that arrow you see and choose to view the file in a folder. A folder will open up with a list of files, and the file you need will be marked—like magic! This is what you will see at the bottom of your screen:

What appears on screen

(Note: You might not see Hebrew on your computer—unless you have an Israeli computer like I do…)

You can make a note for yourself or memorize the location where this file is saved. I decided to copy it to my desktop, where I don’t have many wandering files and it would be easy for me to pick up during the import process.

Important: Do not delete your site from WordPress.com, at least not yet. You might need it later in the import process.

Big Deal #1: Get a domain and server, and install WordPress.org

You’ve exported the file and you know where it’s saved—congratulations! Now … where do you move it to?

Getting a domain is the easy part. That’s the www.YourSite.com URL. Just Google around for best domain sellers and you’ll find plenty of recommendations. I got mine at NameCheap, as I got a personal recommendation for that store, and it included some free protection with its regular sales price.

Next, Google for recommendations on a web host where you can host your site. If you plan on writing lots of posts and including many media files, it is best to find a host with unlimited space. It won’t necessarily cost you more. Another aspect to consider is that some hosts will allow you to use a large or unlimited number of domains. This is important if you dream of launching a network of blogs. Hosts will sometimes offer a one-click installation of WordPress, which will make your life a bit easier, yet I suggested finding YouTube videos that will guide you until that one click. For me, Hostgator has been the perfect fit these past few months, and I am also satisfied with its customer service.

Big Deal #2: The blog crashes after you’ve finished installing

Note that it’s best to do this process a few days before you actually plan to start working on your blog. While your site will usually go live right away, sometimes it can take up to 72 hours for all the systems of cyberspace to cooperate and recognize your blog. If your blog does crash in the meantime, you will not even have access to write posts.

For me, it took almost 48 hours. Those 48 hours plus all the technical challenges that followed added up to days. Remember, I had no idea what I was doing and therefore researched almost every move as I went along. Those days were days I cleared to write content for my blog before a busy month started, and instead, I found myself dealing with technical mumbo-jumbo. So register and install in advance!

This whole ordeal of domain, server, and installation processes scared me immensely back in July, when I launched my blog. Little did I know that you can find great how-to videos on YouTube. Just doing it would have you done with these challenges in almost no time—rather than taking days off your writing time. If you’re reading this and haven’t launched your blog yet, stop right now. Go get yourself a domain and a host. Trust me, the worst in this post is yet to come.

Once that’s installed, you’re ready to begin importing your blog

You can now access your dashboard from http://yourdomain.com/wp-admin. So access it and log in. Once you do, it’s time to start the importing process!

Follow these steps:

  1. Click on Tools on the left sidebar.
  2. Choose Import.
  3. Your screen will look like the image bellow. Click on “WordPress” at the bottom of this list.

Importing your blog

This is what I saw when I clicked on “WordPress”:

A plugin is needed

My Dashboard was darkened and I was required to install a plugin that would enable the importing of my blog to WordPress.org.

As with any plugin on WordPress.org, after you download it—which usually takes a second—you must activate it before it will work. The screen for activating the plugin will appear right after the download is complete. But if you accidentally closed your browser or clicked on something else, worry not: you can always access your downloaded plugins on the left-hand sidebar of the Dashboard. Each plugin that you activate can later be de-activate and even deleted here.

Downloading the plugin

I decided to follow the advice of WordPress and the YouTube videos I watched: I downloaded the plugin and clicked on Activate Plugin & Run Importer. Within a second, the plugin was activated. That’s right—no installation nightmares! How good is that?

Finally, you get to upload your file (good thing you know where it’s saved). Import it and then start working, right?

Importing your blog file

Wrong. This is where all the trouble begins!

First, I was concerned my blog might be too large, as it contained almost 2000 photos. WordPress asked me to upload a file with the maximum size of 64MB (64 megabytes). I looked at my saved blog file to see how big it was. The number I got was 2989. That’s way bigger than 64! But wait—this figure had different letters next to it: KB. That would be kilobytes.

What does this mean? I asked Google. It turned out 2989 kilobytes equaled 2.9 megabytes. If you scroll back up, you’ll see this information was given to me when it was time to save the file. Paying attention to details is important. What’s 2.9 megabytes compared to 64 megabytes? I was about to find out.

I uploaded my file…

Big Deal #3: My blog’s file version was outdated

This is the message I received when I tried uploading my file: “This WXR file (version 1.2) may not be supported by this version of the importer. Please consider updating”.

The file version warning

Well, I did consider it. However, first, I couldn’t figure out what a WXR file was. I thought it might be the file I just uploaded—that seemed to make sense, yet that file was an XML file. Could a file be both XML and WXR?

Second, I couldn’t figure out how to update the file. I searched on my WordPress.com dashboard and on Google and couldn’t find the answer.

WordPress tip: For any challenge you might be experiencing, type it into Google and you’ll find plenty of message board discussions that were started by people with similar challenges. Many of these discussions take place on WordPress forums, which will start showing up many times once you Google your challenge.

I found message board discussions regarding my file version challenge. I just didn’t find solutions. When I did find message board answers that seemed to be offering a solution, the language they used was too technical for me to understand and know how to implement. I didn’t have the background or experience necessary to do it.

Whether it was the “right” thing to do or not, this is what worked for me. I don’t know if this will work for you too. What made most sense to me was that the above-mentioned comment referred to the file I just uploaded. I mean, it wasn’t there before, it appeared the moment the file finished uploading and it mentioned a file! Unable to discover how to update its version, I decided to go along and use it anyway the way it was. After all, if the file “may not be supported”, it may be supported. WordPress did not obligate me to update—it simply recommended it.

For me, this worked. I had a bunch of technical challenges that you’ll read about tomorrow, and they may or may not have resulted from this decision. Nonetheless, the fact is my blog is up and running on its new domain as you read this. Therefore, this is the place to smile: there is hope!

Before you click Submit…

It’s important to notice two elements on this page before continuing to the next screen.

First, you can assign user roles and positions to posts during this import. If you do this, you might need to handle more settings manually later on. Since I am the only author of my blog, I decided to leave this space blank and avoid dealing with settings. If you have more than one writer, you will likely want to explore it further.

Second, you need to choose whether to download attachments. If you leave the box “download and import file attachments” (right above the Submit button) empty, your photos and videos will not be imported to your WordPress.org file. Do yourself a favor, check that box.

Then click Submit.

At last, you can breathe

WordPress is importing your blog file! Yay! Celebration time, right?

Import problems

Wrong!

That’s right: there were problems with this step too. Don’t worry—I’ll show you what the problem was, and explain how I solved it tomorrow in the second part of this series. In the meantime, if you have any WordPress.com to WordPress.org war stories to share, we’d love to hear them in the comments!

Ayelet Weisz is an enthusiastic writer and translator from Israel. She celebrates the everyday and extraordinaire joys of life through travel on her travel blog, All Colores. Follow her adventures on Twitter and sign up to her RSS Feed.

Weekend Project: Sharing a WordPress War Story

While we love blogging, we all know there are some aspects that really do seem impossible sometimes—none moreso than transferring a WordPress.com blog to the WordPress.org platform.

We’ve discussed the differences between these two platforms before, because more than one blogger has been caught up by the limitations of WordPress.com (usually the limitation that this platform doesn’t allow you to monetize your blog). But it’s well known that swapping to the .org platform from .com can be a challenge.

This weekend’s project explains the WordPress war story of a blogger who chose to start a blog on WordPress.com, because it required so little technical knowledge. But when she wanted to monetize her blog—and switch to the .org platform—that lack of technical skill proved a major hurdle. It’s no wonder the process has gained such a bad reputation!

Actually, I think this is something that blog platform developers probably want to consider as they’re creating their platforms‚ because any help they can give to users who want to upgrade or switch to other versions of their products is always much appreciated.

If you’re one of those bloggers who’s itching to move your blog from .com to .org, but you’ve been too scared, clear some time in your weekend schedule to implement the process that our Weekend Project sets out. I’m giving you plenty of warning for this project—it starts tomorrow!

For now, if you have a WordPress war story of your own that you’d like to get off your chest, feel free to vent in the comments.

How to Back Up and Move a WordPress Blog

This guest post is by Caimin Jones of Genius Startup.

Sometimes you’ll need to move your blog from one host to another. It’s a bit of a pain and might seem a daunting task if you’ve never done it before.

But transferring a site is a fairly straightforward process that you can do yourself with an FTP program and this step-by-step guide.

Before trying the DIY method, it’s worth checking to see whether your new hosting company offers a site transfer service for new customers. Many do—but check whether there’s a cost involved. I’ve seen free services for this, but I’ve also seen prices around $300!

If you just need to learn how to make a simple backup of your posts, and don’t need to move hosts, take a look at this ProBlogger post.

But if you’re ready to back up and move your blog, let’s do it.

What you need to begin

To get stated, you’ll need:

  1. an FTP program (two good, free ones are FileZilla or FireFTP which works as a Firefox add-on)
  2. the FTP login information for your current host
  3. the FTP login information for your new host
  4. the MySQL username, password, and host name for your new server
  5. the nameserver information for your new host—there are usually two host names, sometimes more
  6. the login details for the registrar with which your domain name is registered.

It’s best to move hosts during a quiet time of the week for your blog, which probably means over the weekend. Check that support is available at your new host, and have the number handy. If something doesn’t work as it should, you’ll be glad you don’t have to go looking for that phone number.

Two preliminary steps to make life easier

If you’re using a cache plugin like Total Cache or WP Super Cache, deactivate and completely remove the plugin before you start the move process.

Cache plugins store file settings on the server, and these will be different for your new host, so you need to do a new install for those types of plugins. Most other types of plugins won’t need to be re-installed using the process I’m outlining here.

Secondly, it’s highly recommended go to your domain registrar or hosting company and lower the TTL value on your domain to something like 300 seconds, or the lowest value allowed.

TTL stands for Time To Live. It’s the number of seconds browsers should wait before refreshing the DNS information that connects domain names with web servers. Setting it to a low value means you won’t have to wait more than a few minutes for your host switching to take effect.

You’ll find the TTL as a setting under a DNS Zone file. For example, it looks like this in Media Temple:

TTL settings

And it looks like this in Go Daddy:

TTL settings GoDaddy

Make sure you change the TTL at least 12 hours before you plan to switch web hosts, so that the newer, faster refresh time has updated around the internet.

Making the move

Step 1. Install WordPress on the new hosting company

If the new host has a one-click install feature, use that to install WordPress—you’ll save yourself quite a bit of time and hassle.

If you have to install it manually, take a look at the official installation guide.

Step 2. Back up the database

The easiest way to make a complete database backup is to install the WP-DBManager plugin .

Once it’s installed, go to Database > Backup Database and click the Backup button. If you have a lot of posts or comments, this might take a few seconds.

When you see the message that the backup has been created, go to Database > Manage Backup DB and check the backup file is definitely there.

Step 3. Back up all the files from your old server

Using your FTP program, log in to your old host and navigate to your wp-content directory. Download everything in that directory to your computer.

At this stage you have a complete copy of your entire blog—and you’re halfway there.

Downloading the copy

Step 4. Upload your files to the new server

Now, it’s back to your FTP program. Log in to the new server and navigate to the wp-content directory.

Before you take the next step, double-check that you really are logged in to the new server and not the old one.

Now delete everything in the wp-content directory.

Then upload everything in the wp-content copy on your computer to your new host.

Step 5. Change nameservers

You’re nearly there! Now you need to log in to your domain name registrar and change the nameservers to those of your new hosting company.

Changing the nameservers

Changes to domain nameservers can take a few hours or more to propagate through the internet, so it may be a while before your blog is being served from its new home. However, if you followed the tip to reduce the TTL value before you began, you’ll only need to wait a few minutes for the changes to take effect.

Sep 6. Make the finishing touches

Visit your blog homepage and refresh it every few minutes until you see the WordPress install page (if you manually installed WordPress) or an empty blog using the standard theme (if you used a one-click install option).

Don’t panic! Log in to the Admin area and go to Database > Manage BackupDB. You should see the backup file you made on your old server. Select it and click Restore.

Now check your blog homepage and you should see a fully working blog, with posts, comments, theme, and plugins working correctly.

If everything looks good, you can now reinstall your cache plugin, if you were using one. I’d also say you’ve also earned a glass of your favorite beverage!

Caimin Jones is founder of Genius Startup which gives bloggers and small startups no fluff, practical strategies to build a successful web business.

4 WordPress Alternatives: the What, Where, and Why

This guest post is by Matt Setter of MaltBlue.com.

As bloggers, we’re all familiar with WordPress, whether as a self-hosted setup, or via WordPress.com. I think that, if you’re a blogger and you’ve not used it, then you’re likely in an odd minority.

If you do a Google search for “blogging software,” WordPress will likely be among the first results you’ll see. But is it necessarily the best choice?

Yes, “everybody’s doing it,” but does that make it the right choice? Just like in the 90’s when Microsoft seemed like the only choice, but then we found alternatives like Mac or Linux, there are alternatives to WordPress too.

Now maybe you’re quite happy with your WordPress installation, it meets your needs, and your site’s humming along nicely. Well, that’s perfectly fine. But what if you’re not? What if you want to change, or have the opportunity to change?

What if you’re:

  • just starting out
  • about to rebuild or redesign your blog
  • moving hosts
  • concerned WordPress is not meeting your needs
  • contrarian in your thinking?

Well if you’re any one of these, you’ll love this post. Today I present to you four alternatives you may never have heard of, showing you the pros and cons of each, how much they cost, and where you can get them from. Ready? Great! Let’s begin.

Habari

habariHabari is a secure blogging platform designed from the ground up with the current and future needs of the blogging community firmly in mind. It’s also designed to be open and transparent, using modern software development techniques in its design.

Some examples of blogs run on this platform include:

The Habari project screencast linked below gives a great introduction to the CMS.

Features

  • Support for a wide variety of plugins and extensions, including:
    • contact forms
    • Last.FM
    • spam management
    • Amazon
    • Google Maps, AdSense, and Analytics
    • star ratings
    • members-only access
    • LinkedIn
    • Twitter
  • modern theme support
  • support for multiple users and multiple sites in one installation
  • support for tagging
  • support for a wide variety of media, including Viddler and Flickr
  • custom RSS feeds and statistics
  • Feedburner integration
  • modern spam filtering techniques
  • automatic Twitter updates
  • Disqus integration for commenting.

Cost and availability

Habari is available as a free download from the project home page. You can even try out a demo version without needing to install it.

Support options

Habari support is available via:

  • FAQ
  • users group
  • IRC (internet chat, similar to ICQ, MSN, Google Chat etc).

Is it for you?

If you’re keen to roll up your sleeves and manage things yourself, or you have great tech support, try out Habari. However, if your host doesn’t support it or you’re not able to do it yourself, then this may not be the best option for you.

CushyCMS

cushycmsCushyCMS is, as the home page says, “A Truly Simple CMS.” It was designed to be implemented with as little effort as possible; to be “Super Easy To Use!”

Where Habari is more like WordPress in that you can download, install, and configure it yourself, CushyCMS is a fully hosted solution.

Minimal manual effort is required on your part, other than the work required to implement modest customisations. Have a look at the introductory video below to see just how easy it is.

Blogs that use CushyCMS include:

Features

Depending on the package that you choose, different features will be available to you. In the free package, you get:

  • five sites
  • unlimited site editors
  • availability in 20 languages.

If you take the pro package, you can:

  • brand your installation
  • customise the interface via a wysiwig editor
  • remove all ads from the site
  • use your own domain name and logo
  • configure access rights for each user
  • customise the CSS classes.

Cost and availability

CushyCMS is available from Stateless Systems and comes in two forms:

  • free
  • pro, for US$28 per month.

Support options

This depends on the package that you’ve chosen. If you’ve chosen the free package, you get:

  • videos
  • documentation
  • package FAQ
  • access to the Google user group.

If you upgrade to the pro package, you get all that, plus direct email support from Stateless Systems.

Is it for you?

Depending on your needs and requirements, CushyCMS could be just what you’re looking for. You can sign up and get started in minutes. There’s no need to worry about what your current provider does or doesn’t support, as this system is fully hosted. You can get started with the free version, but you’ll have limited branding and domain control privileges.

You can upgrade to the pro version, but unless you’re making regular money with your blog, you might not want to pay the monthly fee for it. However, you do get a company backing the product with 24/7 support, should you have any questions or queries.

concrete5

concrete5Just like WordPress and Habari, concrete5 is available to be downloaded, configured, and installed at your web host and is a blogging platform built from the ground up to satisfy the needs of website editors, designers, and developers alike on a foundation of proven open source technologies.

The underlying philosophy of concrete5 is to make running a website easy. As you can see from the demo video below, in just about all aspects of site administration, you can simply click on a region of the page and edit it to your heart’s content.

A couple of blogs that run on concrete5 are:

Features

Concrete5:

  • is easy to theme yourself, or you can choose from a wide variety of pre-made themes
  • supports a wide variety of plugins and extensions including:
    • digital download support
    • discussion forums
    • ecommerce
    • ad servers
    • configurable menu navigation
    • star reviews
    • scrolling ticker
    • image gallery
    • traffic and statistics management
    • Google Maps
    • user chat
    • country-based redirect
    • Vimeo and YouTube support.
  • easy to configure, whether by hand or via the wysiwig editor
  • easy to update, right from your browser
  • open source and completely free to use
  • easy to install and configure.

Cost and availability

Concrete5 is available from the concrete5 website and is open source, so it’s free.

Support options

Similar to Habari, concrete5 doesn’t have a paid support option, however it does have:

If you are a developer, or have access to development support, training and integration packages are also available.

Is it for you?

Concrete5 is a good mixture of the best parts of the two previous packages. You can install it yourself, but training and custom build support are also available. So, depending on your needs and your available budget, concrete5 may be the right option for you. Why not give a trial version a go today to see?

TomatoCMS

tomatocmsLast, but by no means least, is TomatoCMS. Like Habari and Concrete5, TomatoCMS is an open source, modern blogging and CMS platform designed from the ground up to meet today’s needs and demands.

Examples of blogs that run on this platform include:

Two key aspects set TomatoCMS apart: Widgets and the Layout Editor. Let’s look at its feature list.

Features

Among a vast array of compelling features are:

  • a variety of built-in modules (extension) including:
    • banner advertising support
    • category management
    • comment management
    • simple menu management
    • multimedia management
    • in-built news system
    • tag support
    • poll support
  • built on the Zend Framework, jQuery, and 960grid, making it fast, light and flexible.

In addition to this it’s also:

  • SEO friendly
  • secure
  • highly themable
  • packaged with a simple visual editor allowing you to drag, drop, and resize almost any interface element.

Cost and availability

As with Habari and Concrete5, TomatoCMS is also a free download available to be installed and configured on your host as your needs demand.

Support options

Also like Habari and Concrete5, TomatoCMS doesn’t offer a commercial support package. However it does have a solid project wiki and a thriving forum. If you have troubles with it, then you’re likely to find the solution there without too much hassle.

Is it for you?

If you’re keen to control most, if not all, of the aspects of the system on your own host, then this is the option for you. However, if you need support then this option may not be the best choice.

Choices, choices

So there you have it. If you want to change from WordPress, have an opportunity to change, or are just starting out, now you have four additional options to WordPress to choose from.

Take a closer look and evaluate them. When you find the one that ticks all your boxes, give it a try and let me know how it goes for you.

Do you run your blog on an alternative to WordPress? Why is it your platform of choice? What makes it the best one for your blog and your business? Let us know in the comments.

Matthew Setter is a freelance writer, technical editor and proofreader. His mission is to help businesses present their online message in an engaging and compelling way so they’re noticed and remembered.

The Blogger’s Essential WordPress Guide: 13 Top Tutorials

Over the last couple of months, we’ve taken a close look at WordPress here on ProBlogger.

WordPressI know that many readers do use WordPress—either the free or paid version—and it’s the content management system of choice for many high-profile sites. I’ve been using it for years, and I’d have to say that it’s served me really well over that time.

The articles we’ve published have covered many of the essential aspects of blogging using WordPress, from choosing the service that’ll suit you and weighing up different themes, to securing, posting to, and making money from your WordPress blog.

In case you’ve missed any of these great posts, I thought I’d compile them all here for easy reference.

Getting started

  1. WordPress.com or WordPress.org? Which one’s right for you?
  2. What you need to know before you start a WordPress blog
    Security
  3. Set safe, secure user roles on your WordPress blog
  4. Secure your WordPress blog without touching any code
    SEO
  5. Essential SEO settings for every new WordPress blog
    Themes
  6. How to select your first WordPress theme
  7. Install your first WordPress theme
    Plugins
  8. Install your first WordPress plugin
  9. 19 Essential WordPress plugins for your blog
  10. 5 WordPress plugins to help you make money from your blog
    Posting
  11. Use email to post to your WordPress blog
    Making money
  12. 9 Ways to make money from WordPress … without having a blog
  13. Premise 2.0 released: complete digital sales and lead generation engine for WordPress

Thanks to all the contributors who put in the work to help us get our heads around these finer points of WordPress, including Matt Hooper, Karol K of ThemeFuse, Anurag Bansal of Techacker, Eric Siu of Evergreen Search, Louise of MoneySupermarket.com, and Sean Platt of outstandingSETUP.

Of course, while this CMS dominates the blogosphere, there are many solid alternatives to WordPress (and no, I’m not talking about Blogger!). If you’re looking for a change for some reason, give them your consideration.

Do you have a favourite WordPress tutorial or resource that you can add to this list? Share it with us in the comments.