Beaver Builder How-to and Intro

Talk by Cousett Hoover Pat Ramsey, and Ryan Hoover

Beaver Builder delivers on the claim to “Free Up Your Time and Unleash Your Creativity”. With just a few clicks you can create a complex layout with dynamic content and eye-catching visuals. It is powerful, robust. So we deep dived into this for our practitioner’s meetup!

During the talk, Cousett covered the ins and outs of this powerful WordPress page builder, from the basics to some of the extensions and pricing options.

Cousett did this talk for anyone looking for a solid page builder, is curious about Beaver Builder or who wants to expand their knowledge on page builders.

Here are the notes for anyone who is looking for a way to bypass the hassle of coding a complex template using Beaver Builder.

Before we go on, if you want a quick intro to Beaver Builder, you can see Chris Lema’s review here.

Here are the slides to the talk.

What is a Builder?

A Theme ▸ Controls visual aspects of website

  • Some functionality
  • Might contain a builder

A Plugin ▸ Controls the functionality of the website

  • Sometimes a builder can be a plugin

A Builder ▸ Allows user to control the visual AND functionality of the website

  • It might possibly be a theme to install
  • It might possibly be a plugin to install

It’s a Builder World

Here are some builders:

  • Beaver Builder
  • Velocity Page
  • Themify Builder
  • MotoPress
  • Live Composer
  • Page Builder
  • Visual Composer
  • DIVI – Elegant Themes
  • Cornerstone

Closer Look at the Beaver

What specific features does Beaver Builder have?

  • Layouts Available
  • Plugin, Not a theme
  • Live Editor
  • Drag and Drop

Beavers bring you a Theme, Builder, and Themer!

How Much Will It Cost

There are two flavors of Beaver Builder the lite version available in the WordPress repository and the paid version ranging from $99 – $399.

I Get Everything for Free?

The lite version of Beaver Builder does have some limitations. It is great to get started and get familiar but you will find a lot of features lacking when you dive in.

Add Ons

Beavers Unite

The Beaver Builder community is super active and has a slack channel that is open to everyone and has updates daily and a FB group that is also very active.

Still Not Convinced?

 

I’m convinced, what’s next?

Community Resources For Beaver Builder

 

Website Design Best Practices & How to Implement them in WordPress

Rich Plakas lead a lively presentation that covered what those new to WordPress need to know about Best Practices for Website Design and How to Implement them in WordPress. This presentation guided attendees through the types of questions and thought processes you need to keep in mind when developing a site for yourself or others.

Who is the target audience?

What is the primary goal of your website?

How do you plan to drive traffic to your website?

Is your website mobile responsive?

Using Analytics to gain insight to visitors.

Are Mailing Lists useful?

Rich  reviewed some websites to help attendees to know what to look for in a best practices-designed site. Additionally he reviewed some of the attendees’ sites and made suggestions for improvement.

You can find the slides from last night’s presentation at:

http://www.slideshare.net/richplakas

2015-04-20 19.57.11 2015-04-20 19.10.35 2015-04-20 19.19.06 Sandi at WordPress 2015-04-20 19.20.14 Nick.Sandi at Meetup

Security Advisory: XSS Vulnerability Affecting Multiple WordPress Plugins

This entry is part 1 of 1 in the series WP Security

This Security Advisory is Coordinated Disclosure by Sucuri and released jointly with all developers involved and the WordPress core security team and was posted on the Surcui Blog by  Daniel Cid on April 20, 2015

https://blog.sucuri.net/2015/04/security-advisory-xss-vulnerability-affecting-multiple-wordpress-plugins.html

Multiple WordPress Plugins are vulnerable to Cross-site Scripting (XSS) due to the misuse of theadd_query_arg() and remove_query_arg() functions. These are popular functions used by developers to modify and add query strings to URLs within WordPress.

The official WordPress Official Documentation (Codex) for these functions was not very clear and misled many plugin developers to use them in an insecure way. The developers assumed that these functions would escape the user input for them, when it does not. This simple detail, caused many of the most popular plugins to be vulnerable to XSS.

To date, this is the list of affected plugins:

There are probably a few more that we have not listed. If you use WordPress, we highly recommend that you go to your wp-admin dashboard and update any out of date plugins now.

This issue was first identified by Joost from Yoast in one of his plugins (he did a great write up about it as well). We worked together with him to investigate the issue and found that it likely affected a lot more plugins than just that one.

Our research team, along with a few friends (especially Joost from Yoast ) have been going through the WordPress repository for the last few days in an attempt to find and warn as many plugin developers as possible – to warn and help them patch the issue.

Coordinated Disclosure

This vulnerability was initially discovered last week, due to the varying degrees of severity and more importantly, the large volume of plugins affected, we coordinated a joint security release with all developers involved and the WordPress core security team. It was great team work, and a pleasant experience to see so many developers united and working together for the common good. We can happily say that all plugins have been patched, and as of this morning updates should be available to all users. (yes, everyone pushed their updates in unison 2 hours ago).

If you use WordPress, now it is your turn to update your plugins!

If you have automatic updates enabled, your site should already be patched, especially in the most severe cases.

There are more plugins vulnerable

Our team only analyzed the top 300-400 plugins, far from all of them as you might imagine. So there are likely a number of plugins still vulnerable. If you’re a developer, check your code to see how you are use these two functions:

add_query_arg

remove_query_arg

Make sure you are escaping them before use. We recommend using the esc_url() (or esc_url_raw())functions with them. You should not assume that add_query_arg and remove_query_arg will escape user input. The WordPress team is providing more guidelines on how to use them here.

Update Time!

If you use any of these plugins, make sure to update them now! We will continue to investigate and look for more plugins vulnerable and keep our list here current.

This is also a good time to remind everyone that all software will have bugs and some of those bugs will inevitably lead to security vulnerabilities, such is the life we live in. This applies to plugins, themes, webservers, CMS’s and basically anything that is written by people and based on code. As much as developers try to minimize them and deploy secure coding principles, mistakes will inevitably still happen. We just have to be prepared and find ways to minimize the affect of any vulnerability in your environment; a perfect example of such an approach is what you’re seeing today with this coordinate release.

Here are some tips and tricks to remember to help reduce your overall threat risk, helping to improve your individual security posture:

  1. Patch. Keep your sites updated.
  2. Restrict. Restrictive access control. Restrict your wp-admin directory to only white listed IP Addresses. Only give admin access to users that really need it. Do not log in as admin unless you are really doing admin work. These are some examples of restrictive access control policies that can minimize the impact of vulnerabilities in your site.
  3. Monitor. Monitor your logs. They may give you clues to what is happening on your site.
  4. Reduce your scope. Only use the plugins (or themes) that your site really needs to function.
  5. Detect. Prevention may fail, so we recommend scan your site for indicators of compromise or outdated software. Our plugin and Sitecheck can do that for free for you.
  6. Defense in Depth. If you have an Intrusion Prevention System (IPS) or Web Application Firewall (WAF), they can help block most common forms of XSS exploits. You can even try our own CloudProxy to help you with that. If you like the open source route, you can try OSSEC, Snort and ModSecurity to help you achieve that.

These principles are commonly applied to most secure networks (or on any business that needs to be PCI compliant), but not many website owners think of them for their own site / environment.

These are but a few high level recommendations; we recommend going through our blog for more ideas on how to keep your sites safe and ahead of the threats.

###

This was such an extraordinary threat to our membership I wanted to reach as many as possible as quickly as possible with the information to deal with the issue quickly.

We all owe the Sucuri security folks and the WordPress Security team a big thanks for the coordinated heads-up and the fast fix.

Looking foward to seeing you at a Meetup soon, Sandi

The Technical Aspects of SEO for WordPress

Announcements

WordCamp Austin 2014 will be in April, final location and dates TBA soon. It will be a two day event this year for $40, and we will have an online option for those who can’t attend in person. We are still looking for people who are interested in coordinating different aspects of the program. Join our Facebook group for updates and contact us at austin @ wordcamp.org  to volunteer!

Presentation

by Robert Neu @rob_neu

Intro

One mistake some people make is trying to manage search engine optimization before the site has been built out. Best advice: work on your site and create good content and then worry about your SEO and Google rankings.

Be careful if you hire an SEO consultant – some will use automated spam tools, spammy backlinks, and things like that. Robert recommends that you contact previous clients to make sure you get what you’re paying for.

Basic installation of Yoast’s SEO plugin

Why this plugin? You want someone who knows how to rank sites – and Yoast has a solid track record on how to do this. In Robert’s experience, this plugin has out-performed all others he’s tried. This plugin also provides live feedback on how well you are optimizing your content.

  1. Go to Plugins tab > Add New
  2. Search for WordPress SEO by Yoast
  3. Install and activate
  4. If you see a warning “blocking access to robots” which will happen if you have your site set to no-index. If this is an active site you will need to correct this in your Settings > Reading to allow search engines to index the site.
  5. Make sure your permalinks are set and working correctly. Clicking on this will take you to your Permalinks setting, and the “Post name” setting is usually what you want.
  6. You can use the Yoast plugin to claim your Webmaster tools. Google Webmaster is a good idea to claim so that you can submit a sitemap to Google and Google will crawl your site sooner. (Bing and Alexa are less important.)

How Yoast works in your admin Dashboard

In your pages and posts listing,  you will get a SEO indicator. Ideally you want green lights all the way down. You will need to edit each post with content in the new SEO metabox below the post editor.

Page title, Meta Description, and Focus Keyword

The Focus Keyword field works a lot like the way Google works. You start typing in a phrase and you will see suggestions pop up that might help you refine your keyword. Once you have updated the SEO content, you will need to update the post or page. At that point you will see feedback in the posts/pages list. You are wanting to optimize for one keyword or phrase for each piece of content. More keywords will water down your results.

Your focus keyword should also feature in your first paragraph of the article. You don’t need to mention it over and over – that is not the case any more.

You need to have a unique page title and a unique meta description. The meta description isn’t important for ranking so much as it is to get people to click on your link. There’s no point in keyword stuffing here, but instead to write a description that sells the content and makes people interested in reading more. Your title is important for SEO. You want to put the keyword phrase as close to the beginning as possible, but also make a reasonable title.

Meta keywords are not used by Google. You can ignore them if you want.

Article Heading: the title of the post or the page in the post editor. It’s a great idea to repeat the focus keyword here

Permalink/Page URL: ideally you will want to have the keyword phrase here as well.

Page Analysis tab: will provide a breakdown on what you still need to do to optimize your content, listed in priority order.

Body Content: The content that matters the most to Google will be your body content. Sidebars, footers, sliders are all also important for SEO but considered secondary to the body content.

Multiple topics: If your content covers several topics, it should all be focused on a single concept/phrase/keyword. If that isn’t easily done, your content may not be focused enough.

Home page, category page, etc.: The home page is special. Tailor a phrase for your home page that applies to all of your content and a focus keyword that works for the content as a whole. For home pages without text or content other than images – that’s something to address.

Pay Per Click pages: Generally should be set to no-index because those can hurt your SEO.

General SEO strategies

  • You don’t want your entire site indexed in Google.
  • Use good alt texts and image names. Use keywords where relevant.
  • Try to get brand names, artist names into the posts and image names/alt tags
  • Don’t add the same keyword for a gallery of images; mention keyword on a couple. Instead just make sure all images have names and alt tags that have relevance for the images themselves.
  • For existing pages and posts
  • Image attachment pages generally are not useful for SEO and should be no-indexed
  • Major theme companies are good at building in good SEO practices. Robert recommends StudioPress, iThemes, WooThemes.  They also generally have good support. (You can get yourself in trouble with Theme Forest.)
  • Custom post types: if you are trying to rank custom post types, and if that content is important, ideallyyou would not want query strings attached to those pages and they should have clean permalinks.
  • Use a dash (hyphen) to separate keywords in image titles, URLs, etc.

Settings within Yoast

  • Use the WordPress “Help” tab for descriptions for different settings
  • Meta settings: good to set archives to no-index; may wish to check several other options here as well
  • Home – you can modify your home page URL structure and you can add a page description
  • Post types: will vary; this tab will set the default for each page if you don’t set something separate for individual pages
  • Attachment pages – best to no-index them
  • Do not no-index posts and pages!
  • Taxonomies: categories and tags oh my! Great for helping people find content on your site but not an SEO tool! Keep them tight and focused. For most sites keep categories under 10 and group your site into semantic categories that make sense for your site.
  • Tag pages are watering down the quality of your site because they will have tons of duplicate content; no-index them! If people do find your site through one of those pages, they aren’t going to have a good idea of your site or a good call to action. Same thing for category pages in most cases.
  • Format pages: no-index
  • No-index or even disable author  and date archive pages because they can create duplicate content.

Social Settings

  • Add Open Graph meta data so correct data from your site is shared on FB
  • Add Twitter username if you use Twitter
  • Google+ is showing thumbnails of contributors to high value sites but not everyone. You can set the admin as the G+ profile but they will need to have a Google+ profile added in the WordPress profile page. If your thumbnail appears it can improve your click-through rate considerably.

Sitemaps

  • Remove media, taxonomies and any pages you have disabled in your other settings

Permalinks

  • strip category base
  • enforce trailing space – can be good for click tracking, canonical URLS but can cause issues with plugins
  • wouldn’t mess with much
  • Canonical settings – usually just leave with default settings

Internal Links

  • Breadcrumbs can be good for users and Google crawlers, but if your theme doesn’t support them, you may need to modify your theme’s template files
  • Yoast adds additional markup here

RSS

  • You usually don’t need to change much
  • By default – no-follow

Best Practices for Administering WordPress

For the notes to this meetup, visit Best Practices for Administering WordPress

How To Use Social Networks To Build Your On-line Brands and Customer Awareness

Presentation by Yvonne “V” Young of SincereSocial

Social media is networking, sales, customer service and more. You’re building relationships.

  • Customer service through social media is a great way to reach out to your customers.
  • Listen more than you speak.
  • Give other people credit for ideas
  • You’re talking to real people.

Who are you?

  • Are you a person?
  • A business?
  • A prospective employee?
  • A customer?

Consider your time and money budget

  • If you can invest more time, you can save money.

Most popular social media sites

  • Facebook, linkedin, twitter, google+, pinterest, Youtube

Most important sites for B2B

  • LinkedIN Twitter, Facebook

Most important for B2C

  • Facebook, Pinterest, Twitter

Google+

  • requires a business page
  • you can’t pay to be noticed, unlike Facebook
  • people on Google+ aren’t really looking for businesses
  • helps your SEO
  • adds reliability to your sitesites show up in searches

Getting started

  • don’t bite off more than you can chew
  • set a schedule
  • budget time every day
  • Use tools to help manage

Tips and Tricks

  • Don’t half-ass it
  • Use quality graphics
  • Fill out everything
  • Put important links in every profile; make sure people can find you on the network they prefer
  • Use a well-written bio with correct grammar
  • Be consistent
  • Be kind

Facebook

  • 1.11 billion users
  • Pay to play
  • Great content helps retain followers
  • Views depend on how intensely users want your content, and how much you spend

Twitter

  • 500 million users
  • Requires more content/posts
  • Quality content is key; every single post needs to be good
  • The second heaviest time commitment (after Pinterest)
  • Most limited characters/post
  • Easiest to do without paying money
  • does have promoted posts etc. which cost money; not necessary to be effective

LinkedIn

  • 225 million users
  • Used primarily by people looking to connect with businesses
  • Money is required to reach some people
  • Requires a personal touch
  • Very hands-on approach, like cold calling, building connections, building groups
  • Company pages add to company reliability

Pinterest

  • 48.7 users
  • No $$ needed
  • Requires lots of photos/graphics; great for people with shops with actual goods
  • Most time consuming network
  • Content is key both in terms of quality of content and number of posts. You have to have professional-quality photos to compete.
  • 5 posts a day with pictures is pretty standard to get some traction
  • No need at this time to do the business Pinterest for most uses

Key points for all social media

  • Graphics are key. People like photos. More interaction, sharing. Videos are also great, but are second to photos.
  • Be generous in your content. Praise others give thanks, share things important to audience.

Tools to help you out with Social Media

  • HootSuite; can schedule posts.
  • Sendible; doesn’t make you pay $ for data; can schedule posts.
  • Twitter tools – Manage Flitter (followers, etc)
  • Blog tools – built-in WordPress Apps, Jetpack; Networked Blogs
  • #1 tool: Smart Phone – saves you time, effort, worry. Can check for updates

 

Questions:

Is there a tool to manage followers with Facebook?

  • Great analytics, but no way to manage individual followers as well as with Twitter.

How do you follow good content and filter noise?

  • Twitter – difficult. There is a lot of noise and it can be like wading through a river, you catch what you can. Only way to manage is to manage who you follow.

Tools to post to Facebook:

  • SharePress
  • Publicize (Part of Jetpack)

How do you determine where to be? How do you determine where your customers are?

  • type of products
  • customer income level
  • how much time do customers have to devote to social media

How can you find broad trends, identify customers, analytics

  • Hootsuite and Sendible have analytics
  • Raw data on pretty much every network but Twitter
  • There are tools that will look at this: there are several, but cheapest is $500/month
  • WordPress plugin that can help: Social Metrics
  • Someone suggested Sumall

How do you know if you have the “right” followers – actual customers

  • They are engaged, they are commenting and sharing
  • If that isn’t happening, you need to change how you’re doing things
  • Don’t worry so much about having the right followers but instead focus on your message

If you are targeting Spanish-speaking customers, you need to engage in social media in Spanish as well as English

Facebook Geotargetting

  • Playing around with it, seems to work somewhat, appear to be some bugs still. Might be worth trying if you have content that is relevant to only one location

Posting personal content on business sites

  • Depends on who you are and what kind of personality you are trying to convey
  • Will customers expect you to be professional or casual?
  • Social media is a party; your posts are your outfit, how you want people to feel about you
  • The posts and images need to be indicative if someone walked into a physical location; if there is no physical location, decorate your sites as if you did

Promoted/sponsored posts

  • You run a risk of negative feedback so be careful
  • If a promoted post doesn’t run too long they can be useful
  • Most promoted posts are for engagement only
  • If you have a good following, a promoted post is a good idea

Asking for reviews

  • You can ask, and if you don’t pressure the customer, they will often do so
  • Reviews, especially Google reviews, help with SEO

 

Images and Media Library

We didn’t get notes from this week’s meetup on Images and the media library, but I didn’t want to leave you empty handed, so here are a few links for you.

 Images and galleries:

Free image editing software:

  • GIMP (GNU Image Manipulation Program): open source, free image editing for PCs and Macs (very powerful for free!!)
  • Paint.NET (free, Windows only)
  • Pixlr: web-based image editor

Jetpack:

1500 and growing

FYI, y’all – we passed 1500 members in the Austin WordPress Meetup yesterday. 😀

Big thanks to our co-organizers & sponsors  for helping out with the meetup, WordCamp Austin, everything. It’s you guys stepping up to the plate and helping out that makes all the difference.

Jason, Shayda, and everyone at WP Engine – you guys have been great in helping us out since you started. Your enthusiasm and passion for WordPress is contagious and addictive. I can’t say enough about your help in the community. I’m going to get verklempt.

Bobbie & BuildASign – you have been integral in our growth. Stepping up with a second location for the Hands-On meetup has been wonderful. We love meeting there & hope to keep working with you as long as you’ll have us.

Speaking of growth, this year, with Blossom, Bobby Brooks, Jackie Dana and Nick & Sandi’s help, we added three monthly meetups in-between our foundational ones. I could hug each & every one of you for finding ways to increase our in-person outreach. Having 1500 members on meetup.com is one thing; getting in-person contact with them all is something else entirely. The more members who step up and host meetups, the closer we can get to making contact with everyone. ( I can dream… )

austin-wordpress-membership

I think the efforts of everyone is evident in our membership growth. We had 1000 members right around last year’s WordCamp. In less than a year, we’re just over 1500.

A hell of a year!

I thought I’d just say “Thank You” to all of you and to the group & community. I smile when I think about being a part of this.

 

Back to the code now, Cheers!
–Pat

Exploring the Universe of WordPress & Automattic

We’ll have notes & the presentation from last night up here soon. The webcast can be seen below.

 

Presentation link:

https://docs.google.com/presentation/d/1ON3rnBARX1KK54HNKTx3lkTjWaDQCbJxjHWQJYzWujI/edit?usp=sharing

Functions, functions, show us your functions!

Announcements:

    • WordPress for Business: 2nd and 3rd Mondays. First two are Feb 11th and Feb 18th.
    • WordPress for Users: content and blogging; inaugural meeting on March 6.
    • These meetups are in addition to our 1st and 4th Tuesday meetups. Join our WP Austin Meetup group for information on all upcoming meetups.
  • Automattic is hiring!

Functions for tonight:

gist.github.com/wpatx/starred

Presenters:

  • Devin Price
  • Pete Nelson
  • Clark Wimberly on behalf of Bobbie Wilson
  • Clark Wimberly on behalf of himself
  • Bill Erickson
  • Paul Ruescher
  • Nick Batik

Other things mentioned tonight: