CAll Us: +1 888-999-8231 Submit Ticket

How Two-Factor Authentication Can Help Keep Your WordPress Site Safe

How Two-Factor Authentication Can Help Keep Your WordPress Site Safe

Image by RLJ Photography NYC

There are lots of hacked WordPress sites on the web. Hacked sites are often the victims of botnets that brute force the login process, trying lots of different combinations of usernames and passwords until they hit one that lets them in. After they have access they can plant malware or other undesirable content on a site.

The success of this sort of attack has almost nothing to do with the security of WordPress itself and everything to do with the behavior of WordPress users. In principle, username and password combinations are a very safe way of securing a site. In practice, people don’t understand how to use passwords properly and value convenience over security. If they can get away with having “pa55word” or an equally guessable combination as their password, many will.

We can rail against this sort of complacency all we like, but as responsible site owners we just have to accept lax password security as a part of the landscape. Education helps, but not much; we need to implement other mechanisms for ensuring that our sites don’t fall when the botnets come knocking.

Usernames and passwords work because the number of possible combinations is enormous. For a sufficiently long, complex, and random password, it would take even the most powerful computer many years to hit on the right combination. For a sufficiently simple password, it can take fractions of a second. If users aren’t willing to use random and complex passwords, the solution is to implement another verification mechanism — a second factor – that will ensure the chances of guessing a valid combination remain remote.

There are various ways of implementing two-factor authentication — biometrics such as fingerprinting are one, but that’s more complex to implement than the method I’m about to suggest, one-time passcodes.

Unlike a password, a one-time passcode works for a short amount of time, usually about 30 seconds. The TFA service and the user share a secret — frequently a long string of numbers — which is used in combination with the time to create a unique passcode known to the TFA service and the user without it ever having to be communicated between them. It’s much safer than using passwords alone and because the choice of passcode isn’t up to the user, they can’t circumvent security by using an easily guessable combination.

The typical scenario would go as follows: the user wants to log in to your WordPress site. They enter their username and password, after which they are asked for a further passcode. They will have an application from the TFA service provider installed on their smartphone or a dedicated device, which will generate a passcode that can only be used for a short time. When they enter the passcode correctly, they are logged in.

There are a several good TFA services that integrate well with WordPress, but I’m going to suggest you take a look at two: Duo Security and Authy 2FA.

If you run a multi-user WordPress site, particularly if you have several admin users, implementing two-factor authentication will make it almost impossible for casual brute-force attackers to successfully breach your site. It’s well worth the minimal effort to avoid the risk of becoming a vector for malware or a hacker’s playground.

Posted in:
Security, WordPress

Source link

A Holiday eCommerce Winning Combination

Site Performance and Optimization: A Holiday eCommerce Winning Combination Increasing eCommmerce conversion rate is important any time of the year, but especially during the two months of the traditional holiday online shopping season, when competition is fierce and many companies are willing to undercut margins to win customers. With holiday promotions starting earlier and earlier each year, running deep discounts for close to 25 percent of the year can seriously affect your profit, loss and margins; not to mention constant percent off promotions can exhaust customers already inundated with marketing offers.

Magento Business Intelligence research found that merchants can acquire up to 59 percent more new customers during the holidays, compared to post-holiday and the rest of the year, but a site that is not performing at its peak will never attain these impressive numbers.

So, what can you do? Here’s holiday health tips from the eCommerce team at Web Solutions NYC to get your online store in top-tier shape and make the customer journey as seamless as possible, potentially conversion and driving additional sales.

Data-driven Decisions

It’s hard to pinpoint a perfect conversion rate across-the-board for online merchants. For example, you’d expect a B2B medical supply site to have a lower conversion rate than a fast-fashion site. Checking your conversion trends year-over-year (YoY) can help you pinpoint the lift you want to see in sales, conversion and average order volume. While digging through your goldmine of data, be sure to be on the lookout for Key Performance Indicators (KPIs) that are decreasing or any blips on the radar. Decreasing performance or conversion could signal potential bottlenecks or issues in your site that have gone undetected. Some of the KPIs to check for anomalies are:

Bounce Rate: The number of visitors that exit your site after visiting only one page. An increase in site bounces could signal that your site is running slower than the norm, causing customers that are used to lightning-fast websites to migrate off the site before it loads. An optimal site load time is 1-3 seconds, anything above that could be causing a loss in potential customers.

It could also signal a user experience that could use some work. If a customer is confused by the homepage set-up, they will more often than not exit the site before spending time to figure out your UX.

Customer Source and Conversion: Looking at where your customers are coming from: tablet, desktop or mobile, can deliver key insights on whether there is room for optimization across your selling channels. If there is significantly less customer conversion on one selling channel versus another, self-check for speed, design, broken pages and other issues that could be causing customers to not complete a transaction. You can expect a bit less conversion on smartphones versus desktop traditionally, but if the gap increasing YoY, you may need to evaluate your omnichannel design or strategy.

Don’t Set a Goal without a Plan

Anticipating the spike in traffic pre-holiday can ensure that there is no need to deploy a site-fail emergency plan, or lose profits because of a lagging site that cannot handle the traffic and capacity of many customers buying from your site at once.

As a merchant selling during holiday, your web store is your lifeblood. Operationally, your server and eCommerce platform should be able to scale and accommodate load spikes on Black Friday, Cyber Monday and “Green Monday;” these are key times your site should be running at the same performance levels as the rest of the year. A non-functional site is a customer service nightmare and can cause lost revenue, and the loss of loyal customers post-holiday. Here are a few items to self-audit now, or work with a partner to audit, to eliminate operational roadblocks during holiday:

  • Review of all added Modules, Widgets and Extensions
  • Review of Server Performance and Function
  • Review of Security Patches and Upgrades
  • Review of Customizations
  • Review of Server architecture and Logs
  • Review of Front-end Work
  • Review of Site Speed
  • Clean-up of Old and Outdated Pages and Promotional Codes
  • Start Sooner

A scalable and agile approach is crucial to optimizing your holiday performance plan, being well informed of analytics and identifying potential issues well before holiday is on any consumer’s mind should begin in summer and early fall. Schedule a site audit with Magento Enterprise Solutions Partner Web Solutions NYC or a server test with Hostdedi to help identify potential issues and eschew the holiday hang-ups that can kill eCommerce revenue.

Guest Author: Karah Finan is the Marketing Manager for Web Solutions NYC, a Magento Commerce Solutions Partner and Magento 2-trained solutions provider. Karah has over five years in eCommerce, and a decades-long interest in technology, and she’s passionate about disruption and innovation in the online landscape.

Posted in:
eCommerce, Webmaster

Source link

Which Languages Do You Need To Know?

Theme DevelopmentWordPress is enormously popular and that popularity shows no sign of waning. If you learn how to build themes, plugins, and other integrations, you can tap into a massive market. It’s a competitive market, to be sure, but one that offers opportunities to developers in many different areas: bespoke theme and plugin development, premium theme and plugin development, WordPress management and security services, and, with the introduction of the REST API, the ability to build novel and innovative front-end and back-end integrations that transform WordPress.

You could learn WordPress development as you go, picking up snippets of knowledge here and there as you work to solve problems. But I’d advise prospective WordPress developers to invest some time into understanding the fundamentals of the technologies WordPress is built on. Fundamental knowledge will help you write code and solve problems more efficiently, as well as avoid common security and performance pitfalls.

So, what do you need to know to be a WordPress developer?


HTML is the markup language webpages are written in. WordPress uses HTML everywhere: themes are largely written in HTML and WordPress’ most important job is to produce HTML that browsers understand.

While HTML structures documents, CSS dictates how those documents appear on the page. HTML may say “this is a header,” but CSS says what the headers look like.

HTML and CSS are the basic building blocks of all web development. They’re essential to any sort of web development, including WordPress development. There are any number of excellent free resources for learning HTML and CSS on the web, but rather than cobbling knowledge together from tutorials, I’d advise new learners to take a course from Code School or Code Academy, which cover the fundamentals and provide a strong grounding learners can build on.


Unlike HTML and CSS, PHP is general purpose programming language that can be used to build almost any piece of software. WordPress is a PHP-based application — to develop a deep understanding of how WordPress works, PHP is vital. As programming languages go, PHP is not difficult to learn, but if you have no prior knowledge of programming, you should set aside a few weeks to learn the basics.

To develop themes, you won’t need more than the basics of PHP and an understanding of how it’s used in the WordPress theme architecture, but if your aim is to build plugins and more advanced WordPress integrations, you’ll need a strong grasp of PHP and the APIs that WordPress makes available.

You’ll find no shortage of learning resources for PHP, but I’m going to once again recommend you use Code School or Code Academy, both of which offer excellent PHP tracks.


Web applications like WordPress can be divided into two parts, the code that runs on the server and the code that runs in the web browser. There are many different server-side languages, but, as we’ve discussed, WordPress uses PHP. There is only one language that runs natively in web browsers: JavaScript. JavaScript is used heavily in WordPress themes, so learning JavaScript (or at least JQuery) is essential if you’re to progress as a WordPress developer.

There’s another excellent reason to learn JavaScript: the new WordPress REST API can be accessed with any language, but the JavaScript ecosystem provides many frameworks specifically designed for building interactive front-end interfaces. WordPress’ creator, Matt Mullenweg, has advised WordPress developers to “learn JavaScript, deeply.” In fact, if you have no prior knowledge of coding, I’d advise you start with JavaScript and then move to PHP.

As you might expect, CodeSchool and CodeAcademy have JavaScript tracks, but new learners should check out these resources too:

This might seem a little complicated, but it’s possible to pick up a thorough grounding in the fundamentals you need to get started on WordPress development with a couple of months of dedicated study. Then, as you work on WordPress projects, your knowledge and expertise will deepen. WordPress development offers great opportunities to new developers, and, most importantly, there’s a huge community willing and able to help you and make WordPress development fun.

Posted in:
Content, WordPress

Source link

Why Is It Important That WordPress Is Open Source?

Open SourceWordPress is open source software. For a project to be called open source it has to fulfill a couple of criteria: the source code must be freely available and it must be licensed in such a way as to ensure that anyone can modify and share and the code.

If you aren’t a developer, your response to that might be, “So what?” The vast majority of WordPress users don’t look at the code and even fewer modify it. To the writers, bloggers, marketers, and businesses that use WordPress sites, coding is an arcane practice a million miles away from their everyday experience of WordPress.

If that’s true, why should WordPress users care that it’s open source? If they never look at the code, does WordPress being open source really matter to them? Why not choose a proprietary publishing platform or site builder like SquareSpace or Medium.

I’d argue that it does matter. In fact, WordPress being open source is vital to every WordPress user, whether they look at and modify the code or not.

WordPress Is Free

Open source advocates might not be happy that I’ve included this as my first reason that open source matters, but it does matter to WordPress users. You can use WordPress for free. There is no license fee. You don’t pay for updates. You’ll never be forced to pay for WordPress’s features.

That doesn’t mean a WordPress site is free: for WordPress to be useful you’ll need to pay for WordPress hosting. But you can freely choose where you host WordPress. You’re not locked into a proprietary platform. It’s simple to take your data and set up a new WordPress site elsewhere. WordPress gives you freedom.

No One Can Take WordPress Away From You

It seems like every week we hear about a proprietary publishing platform that has “pivoted” or been “sunsetted” to the detriment of its users. That’s because these platforms don’t exist for the sake of the publisher or blogger: they exist for the platform’s owners and investors.

They exist to make money for people who aren’t the people who create and publish the content.

WordPress is different. When you download WordPress and install it on a web hosting account, that site exists to meet your needs, whatever they might be. No one will tell you what your site should look like, what you should and shouldn’t publish, and how you should make money.

That won’t change and it’s WordPress’s open source license that ensures it won’t change.

You Can See And Edit The Source Code

Even though most WordPress users will never look at or edit WordPress’s code, it’s important that someone can look at and edit it. On a proprietary platform, only the people who work for the platform’s owners can look at the code. Their motivations are aligned with whomever pays their wages.

If there’s a problem with WordPress, there are millions of PHP developers capable of understanding the problem and raising the alarm. No single developer or organization can warp WordPress to its own interests.

I don’t want to give the impression that there’s something intrinsically wrong with proprietary content management systems — there are several excellent options, including CraftCMS (which isn’t open source, but does offer a free tier and make its code available for scrutiny). The best proprietary content management systems offer many of the same freedoms as WordPress, but the same can’t be said for publishing platforms that tightly integrate hosting and content management system.

Even if you never intend to look at the code of your content management system, its status as an open source project should be part of your decision-making process.

Posted in:

Source link

Invisible ReCAPTCHA Identifies Humans Without Annoying Them

Invisible reCAPTCHAGoogle’s new Invisible reCAPTCHA system can reduce the amount of spam submitted to WordPress sites without asking users to decipher obscure images, click a button, or even be aware that their “humanness” has been tested at all.

Spam continues to be a huge problem for WordPress sites with forms, including comment forms. Whenever a site publishes a form on the web, it’s hammered by spambots that submit fake information. Typically, forms collect far more spam than authentic data, and site owners have to use spam filtering tools to sort the wheat from the chaff.

Spambots and automated scrapers attack any login or registration form they can find to harvest email addresses, steal content, and even use stolen credentials to gather information for identity theft.

The original reCAPTCHA system was, for its time, a novel and useful solution to the problem of distinguishing humans from bots and scripts. reCAPTCHA displayed difficult-to-read images of text. Humans didn’t have much trouble reading them and entering what they said into a text box. Bots simply weren’t sophisticated enough to pass the test. But, in the last few years, advances in machine learning and image recognition have made it possible to defeat the original reCAPTCHA without a human.

The main problem with the original reCAPTCHA was that users hated it. I know I was never thrilled to be asked to squint at a barely legible scribble every time I wanted to log into a site. It wasn’t just an annoyance, though. reCAPTCHA discouraged users from completing forms and registering for services, negatively impacting conversion rates.

Although a small number of sites — frustratingly — still use a version of the old reCAPTCHA system, most have moved to the more recent iteration which asks users to click a checkbox to assert that “I’m a human”. The newer reCAPTCHA’s uses sophisticated algorithms to analyze mouse movement and other factors to determine whether the user is human.

The new Invisible reCAPTCHA system goes a step further. Users don’t have to do anything to prove they are human other than behave like a human. Invisible reCAPTCHA has no user-facing interface. The work of identifying humans is done in the background as the user interacts with a web page. Google is being tight-lipped about how the new system works, only saying that it uses “advanced risk analysis technology to separate humans from bots”.

It’s likely Google is using its machine learning and artificial intelligence expertise, huge quantities of data about how humans and bots behave, and threat data about bot networks to develop sophisticated pattern recognition algorithms that can discriminate humans from bots.

At the time of writing, Invisible reCAPTCHA is still in Beta, but it can be used on WordPress sites with the excellent Invisible reCaptcha for WordPress plugin. For developers, Invisible reCAPTCHA is relatively straightforward to implement, as Google details on its help pages.

Posted in:
Security, Webmaster

Source link

Here’s Why You Should Outsource Content Writing For Your Business

Outsource ContentContent is the heart of any online marketing strategy. Blog content, social media content, native advertising content, and more: each is an essential component of online marketing. Without content, it’s difficult to gain prominence in search engines or on social media networks, essential sources of referrals for any business.

I’ve met business owners who plow huge amounts of time into creating “authentic” content. I write for living, and over the years I’ve become an efficient creator of online content, but it doesn’t always come naturally. Some business owners spend many hours developing topics, researching, writing, and editing — time that could be spent growing the business in other ways.

If that’s the case, consider outsourcing your business’s writing workload to a professional.

Writing Isn’t Your Thing

Of course, you can write, but there’s a difference between writing an email and writing a long-form blog post that communicates valuable and relevant information in an entertaining style.

It’s easy for some, and a hard slog for others. If, after spending hours on a post, you read it through and think “even I wouldn’t read this,” it might be time to think about bringing in a pro.

You Don’t Have The Time

Every business owner is pulled in a million different directions, constantly asked to carry out tasks only they can complete. If you’re already working twelve-hour days, it might not be a good idea to add content creation to your todo list.

Your Time Is More Valuable Than The Cost Of Outsourcing

This is a simple matter of economics. Your time is valuable to you and to the business — it has a dollar value. If outsourcing content to a creative professional costs less than the amount of time you’d invest personally to produce a similar outcome, outsourcing is the rational choice.

Volume Matters

In addition to quality, there are two important factors that influence the success of a content-based strategy: volume and regularity. If you can’t commit to creating a sufficient quantity of content on a strict time-table, outsource the job to someone who can.

Outsourcing content writing seems like the opposite of authenticity. Business owners understand their brand and the identity they want to communicate. They worry that a hired gun simply won’t get it.

But that’s what creative professionals do: they are skilled at assessing a brand and producing content that embodies its identity. Outsourcing may improve the quality and consistency of your brand’s message, while freeing you to focus on building your business.

Posted in:

Source link

Will Moving To A JavaScript Front-End Hurt Your WordPress Site’s SEO?

SEOWhen the REST API was first introduced, Matt Mullenweg said WordPress developers should “learn JavaScript, deeply”. The REST API, which recently gained new content endpoints, makes WordPress more than a content management framework: it can now act as the back-end for a huge variety front-end applications and we can expect to see more WordPress themes embracing JavaScript and the API.

In 2017, web apps are par for the course. Many of the pages we see on the web are put together by JavaScript code running in the browser. Modern web apps render most of the content on the front-end or use a hybrid server-side / client-side technique. In time, that’ll be the case for WordPress too, which has many WordPress users wondering if the adoption of JavaScript-based front-ends and themes is going to hurt their SEO — can Googlebot cope?

The short answer is yes; Googlebot can cope perfectly well with JavaScript of the level of complexity involved in most web applications. It will deal with JavaScript-created content just as well as HTML built on the server. There are some limitations, but for the most part, JavaScript doesn’t make Googlebot sweat.

In the past, search engine optimization best practice has encouraged server-side rendering, the strategy used by WordPress. The browser sends a request to the content management system, which gathers up data from the database, executes PHP scripts, and combines the results with templates. The output is HTML that browsers — and search engine crawlers — can handle without a problem.

A few years ago, search engine crawlers weren’t all that great at dealing with JavaScript, and site owners couldn’t guarantee JavaScript that rendered content or handled routing would be executed properly.

Last year, John Mueller, webmaster trends analyst at Google and a frequent poster on SEO issues, published a post on Google Plus that detailed best practices for JavaScript SEO — if developers steer clear of the some of the gotchas mentioned, JavaScript front-ends won’t have a negative impact on SEO. Google is quite capable of indexing content — including title and meta description tags — rendered by JavaScript. Similar advice is also given on Google’s guide to building crawlable web applications.

If you have any doubts about whether a particular theme or front-end app is crawlable and indexable, Google provides a Fetch As Google tool so site owners can see how their site looks to Google.

Finally, engineer Stephan Boyer ran several experiments to test whether Google is capable of executing JavaScript in a number of scenarios, and, although the tests were far from comprehensive, Google passed with flying colors.

JavaScript is a big part of WordPress’ future, and many of the most interesting advancements in the WordPress world will involve JavaScript front-ends and themes. Happily, it appears you shouldn’t let SEO worries prevent you from embracing the future of WordPress wholeheartedly.

Posted in:
Content, WordPress

Source link

What Do WordPress File Permissions Mean?

WordPress SecurityA WordPress site is made of files. Database aside — which is a special set of files — everything else is a chunk of data stored on the server’s file system. That includes content like images and the executable PHP files that comprise WordPress Core, themes, and plugins.

It’s vitally important that only the right people and programs — represented by user accounts on the server — have access to those files. If every user on a server has access to all the files, there’s no end to the mischief they could make, and that’s before considering unauthorized users like hackers.

If you just want to know about sensible permissions for your WordPress site’s files, skip to the last paragraph. If you want to understand how permissions work, read on.
Most WordPress sites run on Linux servers, and the Linux operating system has a permission mechanism that controls who can read from, write to, and execute files. It’s useful for WordPress users to understand how these permissions work, because assigning the wrong permissions can leave a site open to security problems or stop it working altogether.

The permissions are stored as attributes. Each file has attributes for its owner, group, and everyone else.

Owner, Group, The World

The owner is a single user account on the server. The user account doesn’t have to be associated with a particular person: user accounts are often created for programs (the web server owns some files, for example) and the root user automatically has permission to do anything with any file.

In addition to belonging to a user, a file also belongs to a group. A group is a set of user accounts that can be given permission to interact with a file. For example, you might have a group of user accounts who can write to a file, but only allow the owner to execute it.

Finally, there’s the “world” or everyone else on the server, which allows for the setting of permissions that cover all user accounts.

Each of these types of user — the owner, group members, and the world, can have three levels of access: read, write, and execute. So, a file might have permissions that allow the world and the file’s group to read and write to it, but only allow the owner to execute it.

There are two ways file permissions are displayed. You’ve probably come across notations that look like 744 or drwxrw-rw-. Let’s look at the last of these first. It’s easy enough to understand if you’ve followed what we’ve talked about so far. The first letter (“d” in this case) represents access modes for the file, which we’re not going to get into here.

The rest of the string — rwxrw-rw- — is split into groups of three, with each triplet referring to the permissions of the owner, the group, and the world respectively. In our example, the owner has read(r), write(w), and execute(x) permissions. The group has read and write permissions, and so does the world.

Now to the other notation, which is the one you’re most likely to see in articles discussing WordPress. If we take 744 as an example: the numbers refer to the owner, group, and world permissions. The 7 is for the owner, the first 4 for the group, the second for everyone else.

Each of those numbers represents read, write, and execute permissions. No permission is worth 0, execute permission is worth 1, write permission is worth 2, and read permission is worth 4. Adding those numbers together gives you the permission for each of the sets of users.

This can be hard to get your head around, but it makes sense after seeing a few examples. Consider 744. The 7 is for the owner, and the only way to get a 7 given what we’ve seen is to add execute(1), write(2), and read(4) together. The second number — the group permission — is 4. That has to be a read-only permission. If, for example, it was a 6, it would indicate read(4) and write(2) permissions.

The permissions on files can be changed from the command line using the chmod utility. You can look at chmod’s manual page for full details, but to set a file’s permissions to 766 you’d run this command:

chmod 766 file.php

Finally, which permissions should your WordPress files have? The best defaults are 775 for directories and 644 for files. I haven’t really discussed directory permissions here, but the the basics principles are the same. These are are relatively safe defaults, providing file ownership permissions are properly set, as is discussed in the WordPress Codex.

Posted in:
Security, WordPress

Source link

Three Plugins For Quickly Adding Images To Your WordPress Blog Posts

WordPress BlogIt’s not essential for every blog post to have a featured image, but a relevant, eye-catching, and compelling image enriches the reader’s experience and helps to make a post more noticeable — and clickable — on social media.

I like to add an image to every blog post I publish. Sometimes they’re directly related to the content, sometimes the only relationship is a vague association between the subject of the post and the picture, and sometimes I include an image just because I think it looks cool.

I write a lot of blog posts, which means searching through hundreds of images on both free and paid stock image sites, and, if the post is for my personal blog, searching through my own image catalogue.

For the most part I use free image sites: those that make images available under a Creative Commons license or in the public domain. The quality of public domain and CC images has improved enormously over the last few years, largely thanks to sites like Unsplash, which list the work of professional photographers.

But it’s not enough to rely solely on Unsplash and its peers. Everyone knows about these sites, which means the same images appear on dozens of posts. If you want originality, it’s a good idea to create your own images or throw the net a little wider.

For a long time, my WordPress image workflow wasn’t well organized. I’d finish a post, open up five or six image hosting sites in tabs, and spend the next twenty minutes running searches and perusing the results until I found the perfect image.

Today, I use three WordPress plugins that let me integrate WordPress with my most frequently used image sources.

Lightroom To WordPress

I use Adobe’s Lightroom to organize my personal image collection, and until recently there was no easy way to integrate my Lightroom collection and the WordPress Media Library.

I was very happy when Automattic released Lightroom To Adobe, a WordPress plugin that allows Lightroom users to choose and import images from within the WordPress dashboard.

If you want to use this plugin, you’ll need a account and have the Jetpack plugin installed.

Instant Images

I’ve already talked about how much I enjoy using Unsplash, and although I’m an admirer of the Unsplash interface, I prefer to be able to search for images from within WordPress.

Instant Images is a straightforward WordPress / Unsplash integration, allowing users to search the Unsplash catalogue and upload images to their Media Library.

This plugin is also great for WordPress developers who need filler or demo images.

Image Inject

When Unsplash doesn’t deliver or I want some variety, I use the Image Inject plugin, which performs a similar function to Instant Images, but includes both Flickr Creative Commons and images from Pixabay.

Neither source offers the same guaranteed high-quality images as Unsplash, but there are plenty of diamonds in the rough. Before Unsplash, Flickr CC search was my go-to source for blog images.

With these plugins, my image-searching workflow is more efficient, and I spend less time trawling through image hosting websites and more time writing.

Posted in:
Content, WordPress

Source link

What’s The Difference Between Content Marketing And Content Strategy?

Content MarketingNot long ago I had a conversation with a content strategist for a large company. Because I work in marketing, the conversation naturally came round to content marketing. She, while enthusiastic about content marketing, expressed some irritation that marketers seem to use content marketing and content strategy interchangeably, as if they were the same thing.

Now, anyone with expertise is more precise about their own field than people outside that field — ask a forensic scientist what they think about CSI. Sometimes it’s just nitpicking, and sometimes it’s important only if you’re a professional within the field — but sometimes the confusion is of broader importance.

I think the content marketing / content strategy confusion is an example of where it really does matter that we don’t conflate the terms. Think of the small business owner who wants to hire a content marketer and advertises for a content strategist. Think of the marketing manager who gives a content marketer responsibility for tasks that lie within the remit of a content strategist.

As Greg Secrist puts it:

“In fact, understanding the differences between content marketing and content strategy, as well as planning how they can both work together, is one of the most important things you can do fundamentally for your business to succeed online and beyond.”

What Is Content Marketing?

Defining content marketing is straightforward: it’s the use of high-quality, relevant content to promote or contribute to the promotion of a business. The paradigmatic example of content marketing is gated access to premium content. Someone who wants the content has to submit their contact details, which will be used for further marketing and promotional efforts. A variety of other strategies also fall under the content marketing remit, including blogging and guest blogging.

It should be understood that native advertising — paid content placement — isn’t really part of content marketing as it’s traditionally understood, although the same team might do both.

What Is Content Strategy?

Content strategy is a broader field than content marketing. In a nutshell, content strategy deals with the management of all of the content an organization produces — and for today’s businesses, that can be an awful lot of content.

Content strategists think about everything from documentation to the corporate intranet. They figure out which content management systems should be used and how they’re used; policies for who can publish content and where it should be published; when and how content is archived; internal guidelines for the governance of content; and how the totality of content can be put to use to fulfill a wide range of business goals.

They’re responsible for designing metadata policies, communication plans, content auditing, migrations between content platforms, quality assurance, content auditing, and a multitude of other tasks related to the creation and management of content to the benefit of the business.

Ultimately, content marketers and content strategists have the same goal: to further the needs of the business through the creation and management of content, but the areas of responsibility differ. Both are essential business roles for any moderately sized business, but they don’t do the same thing.

Posted in:

Source link