A year ago, I summarised some of the events that had occurred as a result of 2 controversial talks at a TEDx event in England.
As the site Science Set Free illustrates, the controversy didn’t die off. (scroll down their page for the background) 251 PhDs and MDs have signed a petition that was recently delivered to TED, expanding on the original 16. There is also a change.org petition still underway. They held a public rebuttal, though it looks more like a press conference for the petition.
This article also came out, with more details about the West Hollywood event they pulled the plug on, 2 weeks before it was due to go. As the event was largely intact, they decided to go ahead anyway but Livestream inexplicably pulled the plug on them too. TED seems the only explanation. That created a rather large price tag for the shows producer. Reimbursement or support seems dubious at this stage of the game but it’s disturbing the apparent lack of integrity on TED’s part. As Science Set Free notes, TED “has become the central hub of cutting edge social and scientific thought internationally“. That’s disturbing if they’re being driven by radical atheists. Ironically their behaviour reinforces Sheldrake’s points.
The other TEDx event I’m aware of that lost TED support also went ahead, with a little more warning. Hosted by a small university, their original line-up had only one speaker mentioning the word “consciousness” in their talk title but there was a human potential theme. Ironically, that speaker was Kilby-award winning physicist John Hagelin who had spoken at TEDxWomen a few months prior. That talk is still present in the TED channel. The theme of that event? Fact & Faith.
Amusingly, the university conference is now being presented on-line under the banner “Consciousness Talks“. They set up a web site for it and have been gradually posting videos from that event this year. I posted an article on one of them by Dr. Pam Peeke: Hacked by a Cupcake, on Food and Addiction. One that should be on TED. I look forward to others.
When you log into a secure web site and get “https” and a lock symbol, what you transmit is secure, right? Maybe. About 2/3′s of the web uses OpenSSL and its recently been discovered it’s had a bug for about 2 years.
“Heartbleed has the potential to be one of the biggest, most widespread vulnerabilities in the history of the modern web.”
Security expert Bruce Schneier says “‘catastrophic’ is the right word. On the scale of 1 to 10, this is an 11.“
While there is a fix and it’s unlikely this was discovered and exploited in the past, the issue now is with sites that don’t have decent maintenance and don’t get updated. Now that the bug is known, some old site you used once long ago may now be insecure. If you have the habit of using the same password all over or using your social media (Facebook, Twitter, etc) logins on other sites, you may have unwittingly shared your access all over. Including to sites that are now secure.
Changing your password on such old sites won’t help in the slightest, contrary to some of the advice floating around. It’s only a useful exercise if you know the site has updated. But you can on sites that are fixed. All the major ones apparently have but there are millions of servers out there.
And the trick is, even server admins may never know they’ve been hacked with this one.
This article explains: Heartbleed Nightmare
You can check a site you use here
This is a great reason not to use the same password on multiple sites and may be a great time to implement a password manager like LastPass, if you have not already.
Not only did Monday bring Heartbleed but there was a security update for WordPress on Tuesday and another for Jetpack on Wednesday. The second 2 are things bloggers should update now. The first you want to be sure your web host has. You really don’t want your ecommerce offerings to go nasty on you.
UPDATE – see comments for more links
The technology landscape has been changing rapidly. Companies like Microsoft have already lost over half their market share. Meanwhile, the open Internet has devolved into a giant marketing opportunity. Dominant technology players are gathering everything they can about our movements, shopping, and social lives. Just look at what you have to approve on a typical smart phone app. Or how you’re invited to use one service to log into another. Government agencies have been doing the same and more, quite illegally.
Meanwhile, a variety of technologies have been developing to change the way we connect and interact – mainly to take out the intermediaries. The behaviour of business and government above and the revelations of security breaches and spying are simply pushing those technologies to the fore so we can take back control of our lives and devices.
Here is a talk by Fred Wilson in Paris, on 3 macro trends in society:
3 macro trends:
- from bureaucratic hierarchies to technology-driven networks (eg: newspaper to Twitter)
- unbundling – how products and services are delivered, specialization (eg: finance moving away from banks, a la carte entertainment on demand)
- becoming a network node (w/ smart phones, shifting from desktop), always on and connected
4 Sectors to watch:
- money – distributed and decentralized payments on the Internet, without the banks
- health & wellness – staying out of the health care system, wearable monitors
- data leakage – data pollution, spying
- identity – cryto-currency applied to online and secure identity
This article lists 21 technologies that may decentralize networks, including mesh networks, alternative domain registration, and decentralized farming. We live in remarkable times.
A weird episode in Internet “marketing” this week. A real company, HUVr Tech, seeking funding sought buzz. First, they faked up a Promo video for Hoverboards, complete with the famous and Back to the Future references. Note the 0 noise and that the video is named “belief” (on their web site). They apparently used the Back to the Future wire harness.
Fake promotions and fake apologies? Lame. Pranks are funny only if you include the punchline. Has their home page been updated to reflect this? Nope. This is what they think of their possible customers?
Periodically, I’ve recommended some tools that help keep your browsing safe. Web sites are the most common way of getting infections now. Not to mention tracking your activities and identity. I thought it was time for an update as the threats and tools continue to evolve.
Of course, the most important tool is common sense. Don’t go into bad neighbourhoods. Look before you leap.
I personally use the Firefox browser because it’s the most customizable. It’s also an open-source platform that’s not invested in making money from the collection of user data. That collection in itself leads to both privacy and security issues. Some consider Chrome superior but I have concerns about using too many Google services as they do collect user info for marketing. LifeHacker discusses the browser issues here.
This article is thus focused on securing Firefox on a Windows PC. Some of these tools or equivalents are also available for Chrome and Internet Explorer. This is not a review of all security tools but rather recommended examples in several categories, with a few caveats. All are free, unless otherwise noted.
Your first line of defence is of course a good Anti-Virus service and Firewall. With Windows 7, the built-in firewall is fine. The hardware firewall in routers is also advantageous. As for anti-virus, you can check testing sites like AV-Test for your choice. Some free ones are as good as the paid ones for basic protection. I’ve been using paid ESET NOD32 AV to good effect for some time.
Blocks most annoying 3rd party ads that slow down web sites and track your presence.
The first thing many suggest you install – it blocks the troublesome scripts on web sites, similar to the above. Lifehacker suggests this is redundant with AdBlock. I’ve been using both but they have come to overlap more.
RequestPolicy is a more aggressive version of this. With it, I typically found a web site was text-only until I worked out where their styles and functionality were loaded from and adjusted the settings. This is a bit of a guessing game that makes it less effective in practice to me.
Specifically targets tracking done by social networking services on other sites, like the omnipresent Facebook “Like” buttons that can track your browsing even without clicking.
This deletes “Super” or Flash cookies – a more invasive and persistent type of cookie. I’ve not found the deletion affects performance of any sites. But I was surprised how many some sites use.
None of these would be necessary if web sites played more politely with visitors.
Safe Sites marker:
WOT (Web of Trust)
This is a crowd-driven add-on that will flag your search results to warn you off of troublesome sites. (versions for most everyone)
This tool does not show up in search results unless you ask but can give an overview from 5 services, including WOT, before you click. (Norton now stingily blocks 3rd-party tools like this) I use it as a 2nd opinion if the WOT result is unexpected either way. I used to recommend LinkExtend similarly but it’s not been updated in some time.
A Virus Total tool to give a site or download link a deeper check with a right-click. How’s it fare with multiple anti-virus sources? A cautionary step before inviting something onto your computer from unknown sources.
(VT has other versions for Chrome and IE)
Shuts off nested links in Google search results to avoid click-tracking. Google will still track you but it reduces some of this and it makes copying web addresses, doing checks with the above tools and so forth much easier. It also makes Google faster.
StartPage.com is a search alternative that doesn’t track but uses Google. DuckDuckGo is also suggested but I’ve not found the results as useful. Both eliminate the “filter bubble” of targeted search results where your IP and history determine what you see, rather than what the larger world is discussing.
For secure passwords – much more secure storage that will fill-in login details and remember strong passwords for you. Way better than browser tools. I’ve recommended this before. RoboForm is also well-recommended but not free.
TIP – Avoid the temptation to use your social site logins on other sites. It makes you much easier to hack and track. That’s becoming all too common and is not in your best interest. Use distinct logins for every site and let something like LastPass help you keep track of them.
backs up your Add-ons, themes, and settings in Firefox automatically.
If you want to see how a site is tracking you, try Lightbeam.
Some of the other add-ons I’ve tried I found too aggressive. Lifehacker recommends Disconnect, for example. While it may reduce tracking, it also greatly reduces the functionality and display of web sites. Again it becomes a guessing game to know what needs OK. They have made you more anonymous but do it by breaking site features.
And if you’re also logged into a sister site, you’ve lost the advantage. Even worse if you’ve logged in using a social media sites credentials.
Browsing through a VPN, sandbox, or alias site would be more effective if privacy is a priority. Just keep in mind that the web is not about privacy but sharing. That’s why it’s called a world wide web. Anything you share often stays shared, beyond anything you may have imagined. A long-gone web site I built 16 years ago still has a copy on-line at the Wayback Machine, for example.
On the flip side, you may find this HowToGeek article useful – some browser add-ons are or have become spyware, reporting all of your browsing history and inserting ads on pages you visit. The article includes a follow-up list of troublesome ones to avoid or remove.
I considered moving away from popular webmail services to avoid some of the tracking but soon realized that many contacts use them, so the messages get tracked anyway. Email has not yet had this kind of functionality added. Another gold mine for advertisers.
Many tell me they’re not worried if their computer dies – they’ll just buy another. But gradually as our lives go more digital, we start collecting digital things that are more difficult to lose. The password for the service you paid for. The holiday photos. Your oh-so-carefully prepared resume. Important contact information. The list gets larger and larger.
With that growing body of digital history, the need for decent backup grows. For most people, you want it to be automatic. Set it and forget it. Manual gets forgotten.
At the same time, you want a backup that works. If it’s not reliable or there are barriers to getting access to your key files during a failure, it’s not working. A backup is only useful if it can be easily restored. I’ve seen studies that show even expensive business backup solutions failed in practice the majority of the time.
Software and Data, Local and Remote
There are 2 types of stuff to back up and 2 types of places to put that backup.
The first type of stuff to backup is your operating system (OS) and programs. The key reason to do this is to get you up and running again as quickly as possible. Having to reinstall the OS, all your software, and all the updates can literally take days of your life.
The best solution for software is an Imaging tool. The ones built into modern operating systems (like Windows 7+) are fine. Or buying the well-known Acronis TrueImage. This can be set up to be automatic. Weekly is probably enough unless you experiment with software a lot.
The second type of backup is for all your stuff – all the files you create or receive and store in the digital world. If your needs are simple, the above imaging software may be fine. Just image it all together. If you do this, set the backup for ‘daily incremental’. This will catch all the changes made each day.
The downside of imaging your data is access to that backup. If your system goes down or is stolen, you have no quick access to your stuff inside the backup until you have a similar environment and software installed. Go to your old Vista computer, for example, and you’ll have to jump through hoops to get at your Win7 backup.
A better solution is simple file copy or zipping. Those copies of all your created files can then be accessed at any time by any OS – even a floppy. Cobain Gravity has been my recent free choice for that. Plug in your backup drive to another computer and get to work.
For your most critical files where you want to save current versions more often than daily, I recommend File Hamster. When that file or folder is added to File Hamster, ever time you hit save, it makes an additional copy to the location of your choice. (a different drive) This has saved my bacon a couple of times when a file got corrupted. And this is much more likely to happen on files you use all the time.
The program is not presented as free but if you don’t purchase it after the trail period, it reverts to Basic mode. It’s more than worth paying for though. I wrote 2 articles about it here.
Location, location, location
The first type of backup location should be local, due again to the simple question of immediate access. In your office or nearby on the network. An external hard drive or network attached storage (NAS) are best and not expensive. Different types of backup above can be saved to different folders on the same external drive. Figure on double to triple what you have now for the size of the external drive.
Backing up to an optical disc is useful for long term archives, but is too manual for automated backup. Thumb drives have longevity issues and are again too manual.
Unfortunately, a local backup will not save your files in the event of a fire, major theft or other such disaster. For that you need a secondary off-site backup. But it should be secondary. Automated remote backup still has too many possible points of failure to be your primary solution.
Storing an OS image in the cloud is problematic as it is large and thus takes massive time and bandwidth to upload. Not to mention the cost of the on-line storage. And then if you have a failure, you cannot restore the OS from the cloud. You need an OS to get to the OS.
The simple off-site solution for the OS is making a periodic image to portable media and storing that safely off-site. Then you can still restore if your local backup solution fails. It’s a bit manual, but ensures it’s easy & workable.
The focus of your automated secondary backup is for your critical files. On-line file-sharing and backup services have been growing in leaps and bounds. I even researched setting up one myself. But they also have issues. Make sure the service is suited to the task. Some sites delete your files automatically after a certain period of time. They’re not designed for backups.
Copying your critical data over the wide open Internet is akin to sharing – not a fine idea. Some suppliers may add encryption, but make sure it’s also encrypted in transit or you’re exposing your content where it’s most vulnerable. Complicating your choices are the cost and that some use quite proprietary techniques. This can again create access issues in the even of system failure.
In a recent article by Fred Langa, he introduces an alternative solution. You use the online storage of your choice. And you use a local pre-encryption tool that automatically encrypts, then uploads to that on-line service whenever you copy files to it. He used Boxcryptor. (requires .Net4)
You set up Boxcryptor and point it to your on-line storage. Then you set up a secondary backup routine in your backup software to copy to your designated Boxcryptor folder on an automated schedule. Backup to Boxcryptor to On-line storage. Voila – automated and secure on-line backup. The basics are free for personal use.
From a convenience and recovery standpoint, those encrypted files are then available from all platforms anywhere – Android , Mac, & PC.
Be sure the size of your backup routine is less than the size of the on-line space you have. BoxCryptor does allow you to connect multiple services. Also make sure you’re backing up to the virtual drive, not the BoxCryptor.bc folder, or the files won’t be encrypted. Same with decrypting them – get them from the virtual folder or they won’t be decrypted – they’ll just be gibberish. PCWorld talks about using BoxCryptor here.
Fred’s article talks about using it with Skydrive. Boxcryptor supports a wide range of on-line providers, including Dropbox, Google Drive, Box and many more.
Just make sure you use LastPass or some other tool to securely store that unrecoverable Boxcryptor password. In a place that can be accessed any time. Otherwise, you’ve added a key point of failure.
I also reviewed several other encryption options. Some of the on-line storage companies are offering software to do much the same with their own tools but reviews said they were slow. Several tools only work with the big 3 or even only with Dropbox.
And then there’s ownCloud. A little more geeky, but it lets you create your own on-line storage in whatever web server space you have available (assuming your web host is OK with that). It can also manage other sites, mount webDav supporting services like Box, DropBox, GoogleDocs (which it will also open) and supports FTP. It will also give you a cross-platform tool for accessing files, calendar, contacts, bookmarks, galleries and so forth.
Blend that with Boxcryptor and you have your own custom solution.
At a TEDx talk in Victoria, Ian MacKenzie explores the history of the mask that came to be used by Anonymous, then the Occupy movement. Then he looks at the Occupy movement itself. Then how to Occupy the Noosphere with Memes via Mindbombs.
What is the ultimate Mindbomb we could release?
Ian was also involved in Velcrow Ripper’s film, Occupy Love. While not as far reaching as the 2 previous films in his trilogy, it does better explain the Occupy phenomena than anything else I’ve seen.
< Part 3
If you haven’t already, now is the time to finish the content for your fixed Pages.
When your site is ready, take down the landing page and… you’re live!
But there’s one more step.
10) Redirect the old site to the new
Given you have probably built up search engine rankings and reader bookmarks, your typical choice will be to activate a referral service to bring people from your old blog to the new site automatically. Then those clicks and SEO won’t be lost.
WordPress will take care of this for you for $13 a year. On the old site, go to the Dashboard and click Store. Then Site Redirect. Once the domain is in and you purchase, it’s live.
b- leave the old blog as is? Not a good idea. Search engines like Google may see your new duplicate site as a spam site and not index it. Dead SEO.
c- Delete the original .com blog.
d- if your old site is small, you can go into the old posts and replace them with links to the same post on the new site, with a small explanation. But that’s a lot of grunt work. Molly mentioned problems with forwards, but it’s worked fine for me. It would be a problem if you have not matched Permalinks though, as discussed prior (Step 6).
e- Labnol offers a process to redirect you, saving the WP fee. (see his Step 3-4) But you’ll need to be a little DNS server savvy to follow this for your registrar. I’ve not tried it.
If this sounds like it’s all too much, don’t let my proneness to detail overwhelm you. Molly described this in 4 steps, if you want to follow her simpler version for Bluehost. Or you can pay your host (some will) or WordPress to move your blog for a fee. WP calls it “Guided Transfer“. It’s also in the WP.com Dashboard, Store. You then need to pay someone to configure it for you or all you get is a generic default theme. But plug-ins are not hard if you take the time to look around or choose the Keep it Simple approach (see Part 3). Just take it a step at a time.
You may also find it useful to run your site by Google’s Pagespeed check. Just keep in mind that some of the things they suggest may not be in your control. Does it matter if your theme could compress the CSS by 3KB?
For this process, I want to thank:
Molly Greene: Moving from Free to hosted WP blog
I hope this series helps you in your migration. I’m very pleased to have made the shift myself. My new site is far more advanced and customized than at WP.com. But it did take longer to tweak and experiment than I thought.
< Part 2 – Setup
One you have the site up, you’ll want to browse the dashboard and all the settings you have. Lots of little things to tweak.
You may find going over the free Easy WP Guide will help you get a sense of the WP.org dashboard and features. It is much like WP.com, but with extras. This is the start page for WP.org help. Google will bring you more.
The Appearance, Widgets section allows you to sort and change the components and appearance of items in your sidebar(s). This is much as in WP.com but much fancier and many plug-ins will add more widget options.
Your research will have given you a good idea of the extras you’ll want to add and thus the plug-in research you’ll be doing. Most integration with WP.org is with plug-ins – be it e-commerce, subscription services, SEO, backup, social networking, and a zillion little tweaks you can make.
You may find small things your theme settings don’t cover. There may be a snippet of custom CSS that can be added to the theme to make these adjustments. The themes support pages should have examples. For example, I removed the author footer, changed the hyperlink colours, and fixed a couple of plug-in issues this way. Don’t try to edit the theme itself or your changes will be overwritten on the next update. Use the Custom CSS box in the themes settings.
There is a vast plug-in repository. Some are abandoned or no longer compatible with current versions. Some are not compatible with each other. The key is to review the info on the plug-in – Is it what you need? Current? How is support response? Rating? Is there a cost for the features you need?
After reviewing your theme and site, what features remain to be addressed?
As you’ve already installed a plug-in or 2, you’ll be a little familiar with the process. But for review, these are they typical steps.
1 – research on-line per above
2 – search for the chosen one in Dashboard, Plugins, New
3 – click Install on your choice from the above
4 – click Activate (a way to control which plug-ins are live)
5 – browse settings – in Plugins, Installed or in the Dashboard, Settings menu (generally)
You may also need to go into Appearance, Widgets and set sidebar widgets up. And tweak theme settings.
6 – test
Some plug-ins will require you to create an account at the related service, like Twitter or your newsletter service. The service will then provide you with special links, API or security keys to interact securely between your blog and them. Record your account login and these details carefully.
You have 2 main approaches to plugins:
The first – Keep it Simple. You may find that Jetpack and Akismet (spam protection) are all you need. These make your hosted blog the most like WP.com too. Jetpack is a mega-plugin that includes over 30 modules, made by the people behind WordPress. Some are pre-activated and others can be activated as desired.
Then you can add a couple of others if you like. However, some find Jetpack pushes features you may not want unilaterally, much like WP.com. And it keeps you tied to WP.com.
Your other approach for greater control and customization is to locate and install plug-ins to cover each feature you need. I started with Jetpack but soon realized I’d have the same issues with it as I did with WP.com.
Be very careful about plug-ins that have overlapping functions that may conflict. And be open to experimentation. I replaced some plug-ins that were on my initial list with others.
Your first step may be to browse some recommended plug-in lists. Just keep in mind that just because there’s a category, it doesn’t mean you need it. You don’t want to bog down your site with too many fiddly bits.
Here are some categories I looked at:
*Rather than linking to specific plug-ins, I’ll let you look up the names on the WP Plug-in site. That way, they’ll be placed in context and other alternatives will be more obvious.
Comment Spam control
Akismet? Captcha? Complex captcha is over-kill for low traffic sites. But you’ll be flooded with people making vague comments, trying to get their links on your site without something. I deactivated Akismet and started simple, then raised the bar a little. Still an experiment.
- CommentLuv – adds an article link of the commenting bloggers below their comment, encouraging them.
- Subscription tools (see below) often offer a subscription checkbox for your commenters, contact form, etc.
- Replacement commenting systems like IntenseDebate or LiveFyre. (careful with conflicts here)
Contact Form, like Contact Form 7. You may want to add a custom choice field to avoid Contact spam. I added a required “Contact Type” pick list, for example. Simpler than Captcha but that’s an option too.
You do NOT want to publish your email address directly on your site. This is like wearing a Kick Me! sign for spammers to sully your new email account. If you do decide you want to offer it, use code from a munger site like Enkoder (best) or AddressMunger.
TinyMCE Advanced – adds a whack of features to the Add New Post form, including inserting tables, video, columns, pull quotes, buttons, and more. Very customizable.
Image Widget – to add an image on the sidebar.
Custom Meta Widget (clean up the sidebar Admin Menu)
Link Manager – If you’d like to bring back the Blogroll. I decided to have a links Page instead.
Broken Link Checker – great if you have many external links in your articles. It checks periodically and warns you of links that have gone south.
Simple Feed Stats (for RSS)
Google Analyticator or the more customizable Yoast (for Google site stats)
Google XML Sitemaps – for search engines – helps your site get indexed.
Social Media – 3 types:
The RSS feed of your articles can be posted to other social media sites, like Twitter (use WP to Twitter). This way, readers can get your content however they wish. Your email subscriber service may have a newsletter to social connection. MailChimp feeds to Twitter and Facebook, for example.
b) Readers sharing your article
Typically under your blog post will be a row of links to social media sites the reader may use. This allows them to more easily share a link to your article with others and bring traffic.
I’m still experimenting with this. Shareaholic was buggy in Firefox. obsocialbookmarker is less prominent and a lighter load but out of date. ShareThis and Social Media Feather are others – each has a different look, style and approach.
c) Connecting with your social sites (Follow)
There are also plug-ins to place links to your Twitter, LinkedIn and other such accounts on your sidebar or footer. This allows readers to connect to you that way as well or instead. I looked at a few plug-ins but discovered some simple code in a text widget with the icon set of my choice was a better solution. This is also a good place to put RSS feed links for the less familiar. Just search free social media icons for many options and ideally, the size you want. I ended up with WPZoom’s big set.
Also note that some Themes have social media features – but make sure you’re clear which of the above they are.
Some people get confused looking at shopping carts with this or that host. WordPress allows you to add shopping carts to your blog more directly, making this less relevant unless you plan on building a large store.
If all you want to offer is digital downloads like a few ebooks, EasyDigitalDownloads may be enough for you. For more range, WooCommerce is a popular one. I chose iThemes Exchange plugin as it was free for the basics and I quite like the approach of the company. For example, development priorities are partly based on user feature votes. It also works with Stripe. Stripe is an e-commerce integrator that, unlike Paypal, keeps clients on your site for transactions. Don’t let Stripes developer approach make you nervous. Exchange guides you through the steps you need with videos and support pages. Basically it’s selecting Stripe in the plugin, creating an account at Stripe, then pasting some numbers from the account into boxes on the Exchange plugin. Stripe only charges per transaction.
While WP has a built-in subscription function, you have zippo control over it or subscribers. If you are working to build a subscriber base, you definitely want something better. I’d recommend a Newsletter service. You connect that to your RSS feed and your posts go out daily (or weekly, etc.) in a newsletter format of your choice and design. If you have under 2,000 subscribers, you can go free with MailChimp or MadMimi. More experienced marketers than I recommend the second but MailChimp is a little older and has more integration. There are also more basic newsletter plug-ins but if you plan to grow this, you’ll find them limited. A newsletter has a bit more setup but both sites have lots of support to guide you through the necessary steps. Basically in MailChimp it means setting up a list by importing your subscribers. Then creating an RSS “campaign” with an RSS layout theme (or customizing another more) and walking through the settings for it, including social sites. You configure the connection to MailChimp and forms on your blog with MailChimp for WordPress plugin.
Please Note: Your subscribers are NOT migrated with your web site. Email rules require opt-in.
I originally chose Feedburner so that when my site moved, I just needed to point all subscribers to the new site. Easy. But 2 problems with that idea. WordPress unilaterally added a subscription service later that you could neither manage nor turn off. I ended up with 2 sets of subscribers. (and nags to change from Feedburner – they knew) Meantime, Google bought Feedburner but now appears to be abandoning it. They’ve killed it’s API.
WordPress.com will move your WP subscribers IF you use the Jetpack plug-in on your new site. Their web site indicates they support this but I got 0 response. It also became apparent I didn’t want WP subscriptions anyway as there are no tools for managing them so I didn’t pursue it.
I recommend you migrate all email subscribers to a subscription management service as above. Gather them in a spreadsheet or text file and you can import them into the above services. They did already Opt-in, after all. I notified everyone of the change and only one unsubscribed.
After this, I removed email addresses from Feedburner and changed the RSS feed to the new site, then invited them to migrate to the new sites RSS. And invited WP RSS subscribers to the new site. A large % quickly complied. RSS users are usually very familiar with easily adding and removing sites.
There are lots of other things you can add like forums, image galleries, feature pages, Google fonts, search enhancements, SEO, caching management, uptime monitoring, database management and so on. It depends on your needs and you can adapt features over time.
My priority was to get the initial features I need up, then refine it over time.
< Part 1
Part 2 – Setup
This step will depend a little on your host. With easyPress, the blog is installed and secured for you when ordered so you can skip this step. With some cPanel sites, they have a one-click install. Molly runs through a BlueHost install here (see Part 1)*. Other hosts may require you to download the installer from WordPress.org and do the server install yourself – see WP.org for the Manual install. It’s not difficult.
*Another site recommends installing WP to a subdirectory. This separates the standard web site files of you and your host from the WordPress files making it a little tidier and easier to work with.
Time to install your new theme.
You can go to WP Dashboard, Appearance, Themes, Add New. Browse & select your chosen theme. (the zip file)
Some sites suggest you NOT activate your theme at this time. I did and it caused no problems but it can add problem variables to the Import coming up. This would depend on the theme.
6) Permalinks (article address format)
In Dashboard, Settings, Permalinks. I’d highly recommend you set them to the old WP.com style of “Day and Name” for ease of import. It’s better for SEO as well to have named posts, not numbers.
If you’re going to have your old WP.com blog forward to the new site (Step 10), matching URLs is required.
6) Export your old content
- On your old WP.com site, log in to the Dashboard.
- Clear out Spam comments and any blog posts you don’t want to migrate, including any unpublished. (Dashboard, Posts)
- Click on Tools, Export. Choose what you would like to migrate to the new site – Normally you want to choose All Content. This includes pages, posts, comments, and custom post types.
- Click Download to Export the XML File
- Save the file somewhere safe. This is all your prior hard work.
7) Import – migrate time!
- On your new site Dashboard, click Tools, Import
- Choose WordPress (if you’re importing something else, choose that platform)
- it will ask you to install and activate the WordPress Import Plug-in. Follow the prompts.
- click Browse and locate your Exported XML file.
- Upload – It will unpack the old content.
- When the uploading finishes, it will ask you to choose authors. You can create new ones based on the prior authors or retain the same authors (users) as the old blog. You have this choice for each author.
- Choose to import the attachments – this is your media library, like pictures, PDF files, etc. These were not exported in the XML but are instead migrated now. This may take quite some time.
When it’s done, you have migrated your .com blog! Congratulations!
I had 3 issues with the import.
a – All internal links still pointed back to the old blog. The fix for this required a search and replace script run from the database admin. Geeky but reliable. Just follow the instructions carefully as you’re editing data directly. Hundreds of links took seconds to fix. You’ll need your database admin login for this.
b – Embedded content partly broke due to the non-standard way WP handles it. In the new environment, a few things are different.
Embedded images lost their text wrap. Old images now display between paragraphs of the old posts rather than in-line. Not a concern and may be theme related.
Embedded videos such as YouTube now just show bracketed URLs that are not hyperlinked. Not a big deal as the URL is available. I didn’t notice this issue while Jetpack was installed, so if you use that, that may address this. (didn’t check)
8) Activate Theme
Next, activate your chosen theme.
- On your new WordPress Dashboard, go to Appearance, Themes. Select your uploaded theme and click Activate. Ta daa!
You’ll want to browse the Appearance sub-menu for options. They vary widely by theme but can include WP menu items, altered WP menu items and theme specific items. Widgets are ways to customize your sidebar column(s). Each widget has its own features.
And of course, take a look around your site – how’s it look?
9) Point the Domain
It’s time to point your domain to the new site. Follow the directions of your domain registrar and host. Your host will have given you your sites IP address. This will be entered into your Registrars domain A record.
Here are the steps for easyPress, for example. (other registrars will be different but somewhat similar)
Note that this change is then updated to the DNS servers which then update the DNS servers the world over. It may take a few hours for your local ISP to update.
When you’re designing a standard website, leaving the domain parked while it’s under construction is common. But because Blogworld is so interconnected, the domain has to be in place for many features to be set up, including Jetpack. Thus you need a blog equivalent of an Under Construction page.
I can recommend the “Ultimate Coming Soon Page” Plug-in for this. You can mock-up an under construction page for visitors with a link back to your old site.
In the Dashboard, just go to Plug-ins, Add New and search for the above. Click Install, then Activate. In the Plug-ins Settings, you can lay out the page and colours and turn it on. Use your domain/wp-admin/ address to login in while it’s up. Your site will only be visible if you’re logged in. You’re free to browse your imported content, checking and tweaking and noting any issues. Everyone else gets the Coming Soon page.