Blogger vs WordPress Blog

Version 1.2 is out now!

Crafted with bloggers in mind, impress your audience with Redwood's classic, clean, and stately aesthetic. From its stunning slider and promo boxes to the plethora of color options, Redwood delights visually and functionally, giving you the power to customize your blog with just a click of the mouse. And if Redwood's numerous features, robust options, and arresting design weren't enough, rest assured knowing that your theme is backed by Solo Pine's acclaimed customer service.

Responsive Design

Beautiful Featured Slider

3 Useful Promo Boxes below slider

5 Different Blog Layouts (including full width version of each layout)

Classic Blog Layout

Grid Layout

1st Full Post then Grid Layout

List Layout

1st Full Post then List Layout

Full Width Instagram feed in footer

Post Formats

Standard Posts

Video Posts

Gallery Posts

Music Posts

Custom Styling for "MailChimp for WordPress" so you can display a beautiful newsletter widget.

Custom About Me Widget

Custom Facebook Widget

Custom Social Widget

Custom Latest Post

Custom Instagram Widget plugin included

Support for…

 

Source: Redwood – A Responsive WordPress Blog Theme

The United States government earlier this year officially accused Russia of interfering with the US elections. Earlier this year on October 7th, the Department of Homeland Security and the Office of the Director of National Intelligence released a joint statement that began:

"The U.S. Intelligence Community (USIC) is confident that the Russian Government directed the recent compromises of e-mails from US persons and institutions, including from US political organizations. The recent disclosures of alleged hacked e-mails on sites like DCLeaks.com and WikiLeaks and by the Guccifer 2.0 online persona are consistent with the methods and motivations of Russian-directed efforts."

Yesterday the Obama administration announced that they would expel 35 Russian diplomats and close two Russian facilities in the United States, among other measures, as punishment for interfering with the US 2016 election.

In addition, yesterday the Department of Homeland Security (DHS) and the Office of the Director of National Intelligence (DNI) released a Joint Analysis Report, or JAR, compiled by the DHS and FBI, which they say attributes the election security compromises to Russian intelligence operatives that they have codenamed 'GRIZZLY STEPPE'.

The report that DHS and DNI released includes in it's first paragraph: "This document provides technical details regarding the tools and infrastructure used by the Russian civilian and military intelligence Services (RIS) to compromise and exploit networks and endpoints associated with the U.S. election, as well as a range of U.S. Government, political, and private sector entities. The report contains specific indicators of compromise, including IP addresses and a PHP malware sample."

At Wordfence our focus is WordPress security. Our security analysts spend a lot of time analyzing PHP malware, because WordPress is powered by PHP.

As an interesting side-project, we performed analysis on the PHP malware sample and the IP addresses that the US government has provided as "…technical details regarding the tools and infrastructure used by Russian civilian and military intelligence services (RIS)". [Source]

We used the PHP malware indicator of compromise (IOC) that DHS provided to analyze the attack data that we aggregate to try to find the full malware sample. We discovered that attackers use it to try to infect WordPress websites. We found it in the attacks that we block. Here it is.

The above is the header and here is the footer. The middle contains an encrypted block of text.

This is PHP malware that is uploaded to a server. An attacker then accesses the file in a browser and enters a password. The password also acts as a decryption key and decrypts the encrypted block of text which then executes. Once an attacker enters their password, it is stored in a cookie and they don't need to enter the password again to access the malicious application.

We managed to capture a request from an attacker that contained their password. It was 'avto' without quotes. We used the password to decrypt the block of encrypted text.

This is what the decrypted PHP looks like. It is a big chunk of PHP code that is a web shell.

We installed the web shell on a sandboxed environment. This is what it looks like:

This is the kind of web shell that we see all the time in our day-to-day forensic operations. It includes the following basic features:

File browser/explorer

File search function

A database client to download the contents of a hacked site database

Network tools including a port scanner and the ability to bind a service to a port

A tool to brute force attack passwords on FTP and POP3 services.

A command line client to run arbitrary operating system commands

A utility to view server configuration info

By viewing the source code, we could find the name of the malware and the version. It is P.A.S. 3.1.0.

We googled it and found a website that makes this malware. You can find the site at this address: http://profexer.name/pas/download.php

You can enter a password that you will use to access your malware once it's installed and then hit 'download' and a ZIP file downloads.

The ZIP contains a text file and the malware. The text file looks like this:

The website claims the malware is made in Ukraine and the date at the bottom has the Ukraine country code UA.

This malware is version 3.1.7 which is newer than the malware that the DHS indicator of compromise identifies. It is almost identical including it's indentation:

And the footer:

But PAS has evolved even further since 3.1.7. It is now version 4.1.1 which you can get from the same website:

The 4.1.1b info.txt file:

And the code has changed in 4.1.1 quite substantially. This is the header:

The PAS malware is user friendly. It has an About page:

They also have a helpful FAQ:

How does PAS infect WordPress websites?

This is a typical infection attempt for PAS 3.1.0 which is the DHS sample:

The above request is an attempt to install a plugin in the WordPress CMS through the normal file upload method. What surprised us is that this request had a full set of cookies that indicates that the user or bot doing this was signed in and this probably was an actual web browser.

It also includes the WordPress nonce which is a security feature, also indicating this is a user. Only about 25% of the attacks that we see include the WordPress nonce, which suggests that many of these attempts fail.

The vast majority of attacks we see that try to infect with PAS 3.1.0 use this kind of request. Here are a few theories:

WordPress website owners have malware installed on their workstations and that malware attempts to install PAS 3.1.0 on their WordPress websites.

This is CSRF, or cross site request forgery attack, that installs the malware. This is unlikely because the nonce is present in many requests. A nonce is a security feature that prevents CSRF attacks.

Users are voluntarily installing this on their own websites after downloading it from a malicious website thinking it is safe. Unlikely because the file that is uploaded is plain text PHP and it is clearly suspicious if you examine the file contents.

Attackers are compromising websites through some other means and then using the compromised credentials to manually sign in and install PAS 3.1.0 with a standard browser. These sign-ins could be partially or fully automated.

Malware Conclusions

DHS and DNI have released a joint statement that says:

"This document provides technical details regarding the tools and infrastructure used by the Russian civilian and military intelligence Services (RIS) to compromise and exploit networks and endpoints associated with the U.S. election, as well as a range of U.S. Government, political, and private sector entities. The report contains specific indicators of compromise, including IP addresses and a PHP malware sample."

The PHP malware sample they have provided appears to be P.A.S. version 3.1.0 which is commonly available and the website that claims to have authored it says they are Ukrainian. It is also several versions behind the most current version of P.A.S which is 4.1.1b. One might reasonably expect Russian intelligence operatives to develop their own tools or at least use current malicious tools from outside sources.

Analysis of the IP addresses provided by DHS and DNI

DHS provided us with 876 IP addresses as part of the package of indicators of compromise. Lets look at where they are located. The chart below shows the distribution of IP addresses by country.

As you can see they are globally distributed with most of them in the USA.

Lets look at who the top ISP's are who own the IP addresses:

There are several hosting companies in the mix including OVH SAS, Digital Ocean, Linode and Hetzner. These are hosting companies that provide low cost hosting to WordPress customers and customers who use other PHP applications. A common pattern that we see in the industry is that accounts at these hosts are compromised and those hacked sites are used to launch attacks around the web.

Out of the 876 IP addresses that DHS provided, 134 or about 15% are Tor exit nodes, based on a reverse DNS lookup that we did on each IP address. These are anonymous gateways that are used by anyone using the Tor anonymous browsing service.

We examined our attack data to see which IP addresses in the DHS data are attacking our customer websites. We found a total of 385 active IP addresses during the last 60 days. These IP addresses have launched a total of 21,095,492 complex attacks during that 60 day period that were blocked by the Wordfence firewall. We consider a complex attack to be an attack that tries to exploit a vulnerability to gain access to a target.

We also logged a total of 14,463,133 brute force attacks from these IP addresses during the same period.  A brute force attack is a login guessing attack.

The chart below shows the distribution of the number of attacks per IP address. It only takes into account complex attacks. As you can see, a small number of the IP addresses that DHS provided as IOC's are responsible for most of the attacks on WordPress websites that we monitor.

The following shows the list of the top 50 IP addresses in the DHS report sorted by the number of complex attacks we saw from each IP during the past 60 days.

As you can see, many of the top attacking IP addresses are Tor exit nodes. There is also a relatively small number of IP addresses launching most of the attacks on websites we monitor.

Conclusion regarding IP address data

What we're seeing in this IP data is a wide range of countries and hosting providers. 15% of the IP addresses are Tor exit nodes. These exit nodes are used by anyone who wants to be anonymous online, including malicious actors.

Overall Conclusion

The IP addresses that DHS provided may have been used for an attack by a state actor like Russia. But they don't appear to provide any association with Russia. They are probably used by a wide range of other malicious actors, especially the 15% of IP addresses that are Tor exit nodes.

The malware sample is old, widely used and appears to be Ukrainian. It has no apparent relationship with Russian intelligence and it would be an indicator of compromise for any website.

You can find a public repository containing the data used in this report on github.

As always I welcome your comments. Please note that I will delete any political comments. Our goal in this report is to merely analyze the data DHS provided and share our findings.

Mark Maunder – Wordfence Founder/CEO

Special thanks to Rob McMahon and Dan Moen who provided valuable assistance with this research. 

Did you enjoy this post? Share it!

Source: US Govt Data Shows Russia Used Outdated Ukrainian PHP Malware

LIST MAG WP is a beautifully designed WordPress Theme that is built to be engaging, fast and most importantly boost viral traffic with simple features that will help keep your visitors on your site, as well as easy ways for them to share your content on social media. Monetization options such as a good selection of advert locations are important too that's why we've made use of the best location adding Highest-Earning Ad Sizes, after all, you do want to get paid for your efforts! Completely responsive to look perfectly in all mobile devices, easily usable with any device as well as PCs. Responsive design optimized for tablets and smartphones (resize browser and hit refresh to check it out).

Automatic, free theme updates.

100% Fully Responsive

Front-end Submission

7 Custom Widgets

Sticky Sidebars

Fly-out Mobile Navigation

Easy Setup .XML File Included

Unlimited Colors

Child Theme Included

Ready to operate out of the box

Fully Customizable

Font Awesome Icons

Translation Ready .POT file included

Custom Logo Options

0 PHP notices & warnings

Custom CSS via Theme Options > Style Settings

Highest-Earning Ad Sizes

…

 

Source: List Mag WP – A Responsive WordPress Blog Theme

A Guide to Building WordPress on Docker for Windows, Linux and OS X Michael McCallister December 28, 2016

#containerization

#docker

Get a free WP Checkup Today! Get a completely free health check of your WordPress site, no email or signup required. Free Scan

"Containerization" is a relatively new buzzword in big-company enterprise software circles. Just put a batch of environments in the cloud, or on a server, that just have important applications and little else. The name you hear most often when containers come up is Docker, an open source project that has become a monster.

You don't necessarily have to own a server farm to gain some benefit from containerization. What if you just want a test environment for WordPress that allows you to experiment with themes and plugins (perhaps even developing your own) before posting everything on the web where the world can see it?

Docker can help you live that dream – and I can help you get there.

What is Docker?

Setting up a testing environment for experiments with software can be a pain. This can be especially true with WordPress. You have to set up a web server, database, credentials and all that stuff. Then the web server stays on, sucking up memory, because we're often too lazy to only have it running when we need it.

Wouldn't it be great if we could just have WordPress up only when we wanted to work on it, with a simple install and everything else?

Enter Docker.

James Governor at industry analyst blog Red Monk describes the idea behind Docker this way:

Docker makes it simple to spin up a container which contains everything needed to run an app – the code itself, the runtimes, systems tools etc. Develop on your laptop, then in theory deploy to any server. Unlike virtual machines, containers include the application and all of its dependencies, but share the kernel with other containers, an efficient model which maps cleanly to current development thinking in areas such as continuous integration and microservices.

Note: If you're curious, Docker is written in the easy-to-learn Python programming language. If you're inclined, you can poke around the code at Github.

Installing Docker on Windows

Docker was originally a Linux program, but its success among system administrators led Microsoft to pony up some cash to port Docker to Windows, which went live in summer 2016. The first iteration of Docker for Windows, however, is designed strictly for the data center. To run it, you need Windows 10 Pro with hardware-assisted virtualization and the Hyper-V virtualization client. Until Docker for Windows comes down to us mortals, we get a slightly more complicated install, with several third-party tools to set up.

First, you'll need VirtualBox, an open source virtual machine manager owned by Oracle, but available to download at no charge. The latest version is 5.1.10.

When you open VirtualBox the first time, you'll be asked to install an Extension Pack. Do this; especially if you want to be able to open WordPress in your real machine's browser. More on that later.

Next up, download Docker Toolbox. This application (also free) will, among other things, create a tiny version of Linux to run Docker in a virtual machine.

Now, technically, the current version of Docker Toolbox will install VirtualBox on its own, if you don't already have it. It also includes these applications:

Docker Machine

Docker Compose (more about this later),

A GUI container management tool called Kitematic (alpha software that currently doesn't work very well), and

The distributed source-control system, Git, which also comes with its own command line environment and text editor, Atom.

Run the Toolbox to create the virtual machine in VirtualBox. The VM creates a command-line only version of Linux with the Docker commands and some basic shell tools. Nothing fancy like a graphical interface. All of these files are placed in the /usr/local/bin directory of your Linux VM.

An interactive shell appears once you've finished the QuickStart process. To confirm that all is running properly, type docker run hello-world. If this completes, you are ready to use Docker to set up WordPress.

Installing Docker on Linux

Because Docker was originally built for Linux, it's considerably easier to run in there directly. Chances are very good that a reasonably current version of your distribution (Ubuntu, Fedora, openSUSE, Debian and all their descendants) will include the Docker engine, the Docker Machine application, and the Docker Compose feature that simplifies image creation by way of a nice configuration file. The nice thing is that Linux distributions also have a graphical browser to test on. That's how you'll install WordPress this time.

Use your package manager to install Docker, Docker-bash-completion and Docker Compose.

Really, that's it!

Installing Docker on Mac OS X

Docker for OS X runs on Yosemite (Mac 10.10), so chances are better you can install and run the new product on your Mac than Windows users. Read the instructions carefully before installing the application.

1.6 million WordPress Superheroes read and trust our blog. Join them and get daily posts delivered to your inbox - free! Subscribe

Docker for Mac runs inside the HyperKit VM system, and includes the Docker Engine, the command-line interface, Docker Compose and Docker Machine

Setting Up WordPress Using the Command Line

Next up, let's set up WordPress in the Docker VM. There's a couple of ways to do this. The first was suggested to me by blogger James Wade.

The good news is that from here on out, it doesn't matter what operating system your computer runs. Once you're living in the Docker environment, it all works the same way.

Create a new directory for the WordPress environment by entering the command: mkdir wptest

Change directories to the one you just created, cd wptest.

Now the fun starts. You're going to make a database from the command line. Type:

Here's where Docker can seem like magic. Install WordPress with just three words:

docker pull wordpress

Docker will check to see if WordPress and all its dependencies are installed. If it isn't, it will automatically download a zip archive from the Docker Hub website, unzip it, and install (pull) to your system. In Docker-speak, it creates an "image" of the application on your system.

One more task: Building the container. If you've ever installed WordPress, you'll see some familiar commands in this string:

Now you have a Docker container named wptest linked to the MySQL database called wordpressdb. It will run in the background (because of the -d switch), and use the WordPress image we pulled a few minutes ago.

To confirm that wptest is running, and locate its IP address (so you can run it in a browser), type:

I'll bet the result looks a lot like this:

Now if you open that address in a browser, you'll see the familiar Five Minute WordPress install screen. You're in business!

That's kind of a manual way to do it, and it's cool to make strictly from the command line. Let's see what we can do in a more programmed way.

Setting Up WordPress with Docker-Compose

Docker Compose uses a configuration file to create the container, making it easy to replicate as often as needed. The configuration file described here is part of the official Docker documentation.

Again, you should create a project directory to store the container and its configuration file.

Confirm that you have docker-compose installed with this command:

Use a text editor to create a docker-compose.yml file that will start your WordPress site and a separate MySQL instance with a volume mount for data persistence.

In the services section, you create the WORDPRESS database and define the credentials to access it: MYSQL_ROOT_PASSWORD, MYSQL_USER, and MYSQL_PASSWORD. Then you tell Docker to pull the latest WordPress image from Docker Hub, display any content on Port 8000 and connect it to the WORDPRESS database it just created.

NOTE: The docker volume db_data will persist any updates made by WordPress to the database.

Once you have the YAML file in the project directory, run docker-compose up -d from your project directory.

As with the manual version, the Compose file does the same thing that Docker pull WordPress does – pulls the needed images, and starts the WordPress and database containers, as shown in the example below.

Last step: Let's run WordPress. You may want to wait a few minutes after running Compose. The WordPress site will not be immediately available because the containers are still being initialized.

While you're waiting, typing docker-machine ip MACHINE_VM will give you the machine address. You can then open your browser and type the results of the machine address command: http://MACHINE_VM_IP:8000.

At this point, WordPress should be running on port 8000 of your Docker Host, and you can complete the "famous five-minute installation" as a WordPress administrator.

Have you used Docker? If this is your first time installing it and you have any questions, let me know in the comments below. POST the first comment

Share on Facebook

Share on Twitter

Share on Google+

Get a free WP Checkup Today! Get a completely free health check of your WordPress site, no email or signup required. Free Scan

Michael McCallister

Michael McCallister is a freelance technology writer, focused mostly on free and open source software like WordPress and Linux. He co-authored two editions of WordPress in Depth (Que) and has helped organize several WordCamps. His tech blog, Notes from the Metaverse, has been on WordPress.com for 10+ years.

Source: A Guide to Building WordPress on Docker for Windows, Linux and OS X

site: http://www.mijnjaaralsjobhopper.wordpress.com ; Today 27 december my son accidentally edited the whole 'blog' page, while trying to add a blog post. It resulted in an added page 'mijn eerste job' which has taken up the place and internal links of the old blog page, and in a blogpost page that cannot be linked to, and that only shows up in the page list as 'not used'. Fortunately, all blog posts (including a new one which is the correct version of 'mijn eerste job') are still in the blog post list, and are accessible trough the archives-function. We would like to restore the blog page and repair the links (in the menu) on the welkom page. As we still have a wordversion (draft) of todays blogpost, a quick&easy solution would be to just restore the site als it was yesterday - I don't know if that is an option?If not, please provide detailed steps - we are no experienced users

The blog I need help with is ciliacielen.wordpress.com.

Source: blog page 'not used'

Amsterdam is a really powerful WordPress magazine and blog theme with great attention to details and incredible features. Amsterdam offers too many customization options, layouts and headers with an easy to use Admin Panel. This amazing product offers many incredible features, each added in order to enhance your web page. It manages to balance power and beauty, resulting in a high-quality browsing experience for all users.

Using the exclusive Amsterdam Drag & Drop Page Builder users can have fun creating a unique homepage and easily make modifications to it any time they wish. Having built-in support for SEO using rich snippets and HTML5, your site will rank better in search engines. Make your content more appealing, engaging and usable.

Demo    Source

Source: Amsterdam – Clean Blog and Magazine WordPress Theme

Hello and happy holidays,

I am back on WordPress after what I believe to be more than two years since I last had a blog. I have searched my old address (yewfy.wordpress.com) and is comes up with the 'deleted site' page, and I believe it's been two years since I last used WordPress, but it's still not available for use. Since your support page says if it's been two years, I can reuse it, I was wondering if you could provide some guidance or assistance on the matter?

Thank you so much.

Source: Recycling my own blog address

Creating a membership-based system could be a great way to earn some extra income. You can create a brand new site from scratch or turn your existing site into a membership site. Either way, you will need a dedicated plugin to offer various features of a membership site and to ensure the proper management of the community.

There are lots of membership plugins available for WordPress. But not all of them provide the necessary options. For today's post, I have made a list of the most comprehensive membership plugins for WordPress. You can use any of these plugins to create a fully featured membership site.

Let's see which is the best WordPress membership plugin, shall we? 7

Restrict Content Pro

Restrict Content Pro is a very popular membership plugin for WordPress. This feature-rich plugin allows you to lock your valuable contents only for the members. The simple member management options will help you to manage the active, expired, pending, free, and cancelled users from one location.

When using this plugin, you can accept credit card payments by using popular payment methods including 2CheckOut, PayPall Pro, Stripe, BrainTree, etc. The integrated subscription package feature allows you to create unlimited number of packages at various price points.

The plugin also comes with readymade email templates for various events like new member registration, payment confirmation, reminder before expiry, etc. You can export the member data as a CSV file.

There are several pricing plans for the plugin. The basic one starts at $49 per year.

Plugin Highlights:

Versatile dashboard for easy customer management

Simple upgrade and downgrade system for members

Total support for payment modules and WooCommerce

Detailed report for tracking website performance

Full Details & Download

6

S2Member

S2Member is a fully featured membership platform for WordPress. You can use this plugin to create a membership website or reserve some of your contents as member-only. The plugin allows you to choose a custom login page and add custom fields to the registration and profile pages.

Thanks to the integrated Pro-Forms feature, you can offer one-step registration and checkout for new members. The plugin supports all popular payment methods including PayPal Pro, Stripe, Authorize.net, ClickBank, etc.

As the plugin makes heavy use of shortcodes, it is very easy to use its various features. When it comes to security, s2Member can help you protect your site by using the unique IP restriction, brute-force login prevention, and security encryption key features.

Plugin Highlights:

Total solution for developing membership sites

Complete integration with popular payment methods

Reliable security features

Lots of shortcodes for using various features

Full Details & Download

5

Ultimate Membership Pro WordPress Plugin

Ultimate Membership Pro is a widely used plugin for providing complete membership solution. This premium plugin allows you to protect your valuable posts, pages, products, images, etc. and choose a replace content rule for free users.

The plugin is fully compatible with WooCommerce. That means you can sell your membership plans as products, use all the extensions and payments gateways of WooCommerce. You can create different types of levels of membership plans for your visitors.

There are several readymade templates for the register and login pages. The plugin also supports social login, integration with popular email marketing platforms, unlimited form fields, coupon codes, etc.

The plugin is priced at $28.

Plugin Highlights:

Multi-level membership plans with precise restriction

Social login with support for 7 social media networks

Complete integration with WooCommerce and BuddyPress

Dedicated profile and account settings page for members

Full Details & Download

4

WooCommerce Membership

If you are looking for a reliable plugin to introduce membership system on your WooCommerce website, this plugin is the solution for you. The plugin allows you to convert any of your WooCommerce product to membership-based product.

You can create different types of membership and offer various features for the packages. The simple admin interface allows you to manage the existing and new members. If you want to create a content drip feed system, the delayed plan activation feature will be very useful for you.

The plugin also comes with a diverse range of options to restrict access to exclusive posts and/or pages, grant access to all members, non-members, or choose accessible posts or pages in bulk.

You can get the plugin for $39.

Plugin Highlights:

Simple solution for converting WooCommerce products to membership system

Advanced content restriction options

Simple options to manage members

Full Details & Download

3

WP Membership

WP Membership is a simple but effective WordPress plugin for using the membership feature in your website. It allows you to offer free or paid trials so that your members can evaluate the benefit before signing up. The plugin works with both PayPal and Stripe, which means you can easily accept payments on your membership site.

The plugin allows you to store new member details on your MailChimp account. The fully responsive plugin makes sure that your membership features work perfectly on all devices. As the plugin is available in 11 different languages, you can use it to create membership websites on other languages too.

You can purchase WP Membership for $34.

Plugin Highlights:

Beginner-friendly options to get started quickly

Supports different types of free and paid memberships

Multiple readymade styles for pricing table, signup form, and profile page

Full Details & Download

2

Membership 2 Pro

Coming from WPMU Dev, Membership 2 Pro could be another excellent solution for building your membership site. The intuitive setup wizard will be very useful in setting up the basics of your membership site. Thanks to the smart simulation mode, you can easily confirm that everything is working before you go live.

The plugin supports four membership types – standard, guest, dripped content, and default memberships. You are free to use any or all of these types according to your requirements. You can accept payment by using 4 payment methods – PayPal, Authorize.net, Stripe, or manual payment.

Membership 2 Pro works perfectly with multi-site network. It is also possible to extend the plugin functionalities by purchasing various add-ons.

You can get the plugin by becoming a WPMU Dev member. Membership pricing starts at $49 per month.

Plugin Highlights:

Supports all types of membership sites

Smart setup wizard to help you with the setup process

Advanced options for sitewide content protection

Full Details & Download

1

MemberPress

MemberPress is another premium solution for creating a fully functional membership site in WordPress. With the help of this plugin, you can turn your website into a money making machine. You can create different types of subscription plans. You can provide or revoke access to various posts, pages, categories, media files, etc. based on the plans.

As MemberPress supports common payment methods like PayPal, Stripe, and Authorize.net, you can easily accept payments from your visitors. The plugin also works perfectly with the popular email marketing tools.

The plugin price starts at $99 per year.

Plugin Highlights:

Simple solution for building membership plans

Advanced controlling options on content access

Convenient way to sell digital products

Full Details & Download

Final Words

When creating a membership site, you have to handle various things like user management, member profiles, membership plans, content locking, payment, security, etc. Premium membership plugins provide a complete solution to all these requirements.

This post introduced you to the best membership plugins for WordPress. Feel free to choose any of these and get your membership site started shortly.

So, which plugin looks the most interesting to you? Does it offer all the features you look for in a membership plugin? Let me know by leaving a comment below.

Source: The Best WordPress Membership Plugin for 2017

December 23, 2016

By Susan Friesen in Featured SE Tactics Website Traffic WordPress

We all want websites that are search-engine friendly. But sometimes when you are busy it's easy to publish a new blog post and be off to the next thing on your to do list.

Over time, this can really hurt your SEO efforts. That's why I've put together this short hit list of things you can do to boost your WordPress SEO.

Schedule these tasks in your calendar to make your blog traffic soar.

1. Post New Content Regularly

Google has a bias toward fresh content. Part of Google's algorithm looks at how new the content is and gives preference to more recent results. So publishing original content on a regular basis is important.

Also, size matters when it comes to content. Generally longer content ranks higher than shorter content. So strive to make your post at least 500 words.

2. Create a Keywords List

If SEO is a priority, then you'll want to develop a keyword list. This is basically a list of keywords and phrases that describes your products and services. These keywords should include words from search terms that are more likely to be used to find your offerings online.

Google has some incredible tools to make keyword research easy including Google Search, Google Suggest, Google Instant and Google Wonder Wheel.

Hint: if you want a really targeted keyword list, hire an SEO expert.

3. Install an SEO Plugin

This will allow you to set keyword-rich custom titles and Meta descriptions for your posts for search engines.

A couple of popular SEO plug-ins to consider are All in One SEO Pack and WordPress SEO by Yoast.

Again, this is something your Web designer or a SEO professional can easily install for you.

4. Hand Submit to Search Engines

What good is a site if no one can find it? That's why getting listed in Google and the other popular search engines and directories is one of the most effective ways of getting free targeted traffic to your website.

You have probably seen lots of automated submission services where you pay a small fee for them to submit your site to hundreds of search engines. These services not only won't help — they can actually hurt you.

Almost all of these free directories never send an actual visitor to your website and getting links from them can hurt your ability to rank in the real search engines like Google and Bing.

The best practice is to manually submit your site to search engines yourself. WordPress makes this easy once you set up an account in Google, Bing and Yandex Webmaster Tools.

If unsure, just ask your webmaster or SEO specialist to set up these accounts.

5. Add Tags to your Posts

WordPress, straight out of the box, comes ready to embrace search engines. The tags feature is one of those SEO-friendly features you should take advantage of.

Be sure to add relevant keyword-rich tags to every post you publish.

6. Leave Comments on Other Blogs

Start linking more to other people's posts on their blogs and encourage them to link back to you.

One search engine factor that Google considers is backlinking. A website that has more backlinks is considered more of an authority site and gets higher rankings.

7. Block Spam Comments

When people leave comments on your blog, it counts as content to Google. So if you have a website about DIY crafts and someone leaves five comments about 'cheap enhancement pills' that ruins your keyword relevancy and hurts your rankings.

So blocking spam comments from posting to your blog will improve your SEO as well as make your real blog readers happy.

8. Internal Linking

One easy way to get more traffic is to add internal links to your blog posts.

For example, if you have an article on Overcoming Your Resistance to Blog Writing, then at the bottom of that article you can post links to 'Other Related Articles You May Enjoy.' WordPress SEO by Yoast does this automatically for you.

9. Use Image Alt Tags

For each image you use in your post, ensure you add the Alt tag to help them rank better in image searches. This is another excellent place to put relevant keywords.

Google has an image search function that works in pretty much the exact same way as the webpage search with keywords and relevance. So adding Alt tags helps Google find and include your images when someone does an image search.

10. Tweak Blog Post Titles

If you quickly wrote titles to your blog posts before, take time to review them first before publishing.

Your blog post titles are vital to your SEO rankings, so compare the keywords used to your keyword list and make your blog titles more keyword rich.

11. Add Social Media Sharing Buttons

When Google sees a blog article is getting a lot of posts and shares on social media, it boosts the ranking of that blog post.

So making it easy for readers to share your posts helps others tweet and share your great content.

12. Update Your Theme

Not all WordPress themes are SEO-friendly and the free WordPress themes may be hurting your search engine rankings because of this.

Having a premium WordPress theme ensures your content will be indexed by the search engines, since the developers have taken special time to optimize every aspect in terms of both security and SEO.

It's smart to make sure your theme programming isn't bloated with inefficient code that slows down page load times — something that can occur with purchased themes compared to custom themes.

As the founder, Susan Friesen brings a unique advantage to eVision Media clients by having earned a Bachelor in Business Administration degree with a concentration in Computer Information Systems through the Thompson River's University. Her experience in the Web development industry since 1999 has gained her much insight and knowledge in how to effectively brand a business and then translate that to a user-friendly, search-engine friendly, custom designed website. She is a graduate of the Vancouver Film School multi-media program and also earned several certificates in technology through the University of Victoria and Athabasca University. She won the 2003-2004 Governor General's Bronze Academic Award for achieving the highest academic standing in a diploma-level post secondary program. http://evisionmedia.ca

Source: 12 WordPress SEO Hacks to Boost Your Traffic

I am trying to export my blog. The first 2 times I tried this, I was able to (seemingly) - but then I could not open the .zip file on my computer. Unfortunately I deleted these files from my computer thinking they were invalid. Now, I can't even export - I keep getting an error message. I've read past threads but they are not offering any insight for me. I'm wondering if you can export and send me the file by email on file with our account. This seems the timeliest way to resolve this and would be MUCH appreciated! Thanks so much for your time

The blog I need help with is collagenblu.wordpress.com.

Source: Export all blog

Whether you have a blog, a store, or a portfolio, a feminine brand warrants a suitable and appropriate design. However, selecting a theme solely based on aesthetic could lead you to choose one that lacks your required functionality.

Thankfully, there are lots of pretty, chic, feminine WordPress themes that also provide plenty of features to get your website in shape. Looking over a list of fitting themes should reveal at least one or two that might work for your project.

This post will highlight the ten most exquisite feminine themes in 2016, and will definitely inspire you to prettify your site. Let's get started!

1. Chic ($49)

Our own Chic theme is classy, elegant, and perfect for creating a beautiful blog or e-commerce store. Its clean and modern aesthetic provides the perfect palette to craft your own unique site. The featured posts home page slider can create an immediate impact for your viewers. Alternatively, you can drag-and-drop your way to a category-style homepage.

Chic enables you to completely customize your design for all pages and posts with options including number of columns, full width layouts, and adjustable sidebars. If you're creating an online store, you can speed things up by taking advantage of five pre-built shop sample pages, and enjoy full WooCommerce support.

Finally, this fast and well-coded theme means you don't have to worry about site performance and can focus on your content. We would, naturally, whole-heartedly recommend it!

2. Honeycrisp ($70)

Honeycrisp oozes femininity with its feminine, yet minimalist design. Ideally suited to blogs or businesses, you can tailor the layout of this theme to suit your specific needs. You can adjust the width of your site, easily add widgets to your sidebar, and also insert shortcodes to create components.

Additional options include graceful typography, three different blog styles, and a variety of galleries for showcasing your images. You can also use a slider or carousel to give your site a look that's both stylish and professional.

3. Rosemary ($49)

Rosemary is a light and bright theme that enables you to display gorgeous imagery alongside elegant typography. This blog-focused theme offers five different layouts for your posts, as well as a variety of custom post formats. A featured slider also enables you to flaunt your best content front and center.

Rosemary also includes a popular element of many themes of this ilk – a full-width Instragram footer area that will keep your viewers wanting more. Finally, the theme's clean and contemporary design is ready to be tailored to fit your brand – you can add a cute logo, and use the vast color options to create a stunning and unique website for your blog.

4. Isabelle ($79)

Isabelle is a whimsical theme that's both pretty and flexible. Tailored to suit a blog or e-commerce website, it has a range of chic layouts to choose from. You can utilize the slider as is, or set it to full-width to create an even bigger impact with your featured images. If you love Isabelle's logo, you can simply type your blog or business name to get the default styling. Of course, you can also opt to upload your own instead.

A handy feature of this theme is the pre-built forms for MailChimp and Convertkit, enabling you to start growing your email list immediately. Isabelle also has embedded Schema markup, so your site will be search engine friendly.

5. Kloe ($59)

Kloe is a multipurpose theme for all things lifestyle and fashion. It offers a fresh and modern design that could lend itself to a blog, e-commerce store, or portfolio. One of the best things about this theme is its vast array of stunning demo pages. If you want a quick setup, you can simply craft your site by selecting from 14 pre-built home pages – each installed via one click.

You can offer a 'wow' factor with features such as full screen headers, video sliders, and parallax effects. And if you're looking to launch an e-commerce site, Kloe also comes with pre-built shop pages and WooCommerce support.

6. Activello (Free)

Activello is a clean and minimalist blog theme that offers a crisp and fresh look. Its default layout and fonts create an elegant aesthetic perfect for any feminine blog. You can craft your unique homepage by adding an attractive logo, and displaying featured images in the header slider.

You can also opt for a static front page or a blog reel, and customize accent and background colors. Activello doesn't have an adaptable footer widget, but it does give the option of infinite scrolling, enabling your visitors to simply keep on browsing.

7. Florence ($49)

Florence is a classically crisp theme that's designed make your content shine. It avoids the frills and fancies to place your imagery and text at the forefront of your site. However, that doesn't mean it's light on features. You can still add popular elements such as a full-width Instagram footer, along with a host of other sidebar and footer widgets.

Florence is perfect for showcasing your work in an organized way against a light and airy backdrop. For your blog, you can use a variety of post formats within your choice of four attractive layout options.

8. Olsen Light (Free)

Olsen Light is a crisp and professional looking theme that sets the stage for an easy to maintain blog. You can build your pages within an intuitive drag-and-drop interface, and easily customize widgets, social options, and colors.

For a free theme, Olsen Light comes with some nice features. It has an Instragram photo slider for easy integration of your Instagram pictures, is translation ready, and search engine friendly.

9. Oleander ($49)

Oleander is a clean and fresh theme designed for blogs and e-commerce sites. It's been crafted with your visitors in mind, with a focus on striking and enchanting components. You can showcase your featured images in the full-screen slider, and flaunt your top content in adorably-styled promo boxes.

In addition, you can choose from a myriad of layouts and post format options to craft the look that suits your brand. You can also add your Instagram feed to the full-width Instagram footer area.

10. BeautySpot ($59)

BeautySpot is a stylish feminine theme specifically for beauty-related businesses such as salons or spas. However, it has the flexibility to cover a broad range of niches. It comes with plenty of relevant template pages including Services, About Us, and Gallery. If you'd prefer to start from scratch, you can use the built-in Visual Composer plugin and powerful shortcode generator.

You can choose from eight color skins, or create your own quickly and simply. BeautySpot also comes with Font Awesome icons, a MailChimp subscribe form, and WooCommerce support.

11. WP Beauty ($39)

No matter what you want to build WP Beauty will work for you. Marketed as a multi-purpose beauty theme for spas, salons, gyms, e-commerce shops, beauty & fashion blogs this theme can do it all. WP Beauty includes premium plugins for sliders, appointment booking and drag & drop page building. Plus it's fully compatible with WooCommerce and WPML Translations.

The theme also boasts personalized support from the theme developer (our friend Chris!), full Instagram feed integration, tons of custom page building elements, lots of easy to use demos you can import and much more. It's definitely a theme you won't want to miss.

Conclusion

A feminine brand needs a beautifully styled website as part of its marketing platform. With so many stunning WordPress themes available, choosing the right one can be a tough decision. While you may have aesthetic as your top criterion, features and flexibility also need to be considered.

We've provided you with a list of ten pretty, chic, and functional feminine themes, one of which could be right for you. Pick a theme that fits your needs and get prettifying!

Which theme will you try for your next project and why? Let us know in the comments section below!

Source: 10+ Best Feminine WordPress Themes for Your Beautiful Website