Just yesterday, I was visiting a blog and all of the posts were written by “Admin”. This is a common newbie mistake but it’s also a very dangerous one. I’ve written before about this being a security vulnerability. I’ve also written about other tips for newbies. Here’s my list of the top threetips that come to my mind. (Not all are about security. It’s an eclectic mix.) Feel free to add your tips in the comment section.
#1 – Delete the ADMIN User in WordPress
One of the first things everyone should do after installing WordPress is to delete the user “Admin”. Why delete it? It puts your website at risk. Hackers know that WordPress creates that account by default. So, it’s easy for hackers to run a program looking for sites with that user. Then, all they need to do is crack the password and they’re in your site as an administrator.
What should you do? Logon as Admin, add a new user (with the “Administrator” role and a secure password) and log off. Log back on as your new user and delete the Admin account. If you have published posts using the admin user account, assign them to your new account when you’re prompted to do so.
#2 – Create an XML Site Map
An XML site map is a a file that contains a list of the URLs of the website pages that you would like indexed by the search engines. Actually, it contains more than that. It also contains important metadata (an additional information layer) with information such as when the page was last modified, how frequently it changes and how it ranks in importance relative to other URLs.
What should you do? If you’re using WordPress, you can install an XML sitemap plugin, or if you’re a do-it-yourselfer, you can create a sitemap file manually and FTP (file transfer protocol) it to the public folder of your website. (I use XMLSitemaps.com to generate the sitemap and the Filezilla client for my FTP program.)
#3 – Register for a Free Gravatar
A Gravatar is a globally recognized avatar and it’s free and easy to create one. Go to Gravatar.com and register your username. Register the email address that you use for commenting along with the URL of your blog. Upload your profile picture and you’re ready to go. After doing this, you’ll no longer have that generic icon that you see next to your comments on blogs. This is a big step towards branding yourself and building name recognition.
What should you keep in mind? Your username is part of your brand. So, choose it wisely. Since Twitter only allows 15 characters, you may need to get a little creative. Go to KnowEm.com to see if your username is available on most of the common social networking sites. Don’t forget to register your username on as many social networking sites as you can, whether or not you ever intend to use them. (It will prevent someone else from reserving it.)
What other advice do you have for bloggers? Can you think of anything else that puts our websites at risk? (That question alone could lead to a whole post on security plugins.) Feel free to add your suggestions below.
About Sherryl PerryWelcome! If you're looking for help building an Internet presence that fits your needs and works for you, you're in the right place. I blog common sense articles about WordPress, social media and SEO. My goal is to help small business owners and entrepreneurs understand their core business. Together, we can develop and implement business strategies that make sense to you.
Thanks for sharing some extremely important real world advice Sherryl!
Unfortunately, not one of the first two or three courses I took
about learning “how to” use WordPress bothered to explain
the very first point you shared!
And all three teachers were suppose to be WordPress experts!
And point two, I got help from a techie and point three one of the instructors made us aware of.
But all in all, what you’ve shared here for free, is extremely important and helpful!
Thanks so much for doing so!
Because it will help lots of beginners and intermediates!
Mark recently posted..How Some Really Tiny Gestures Can Lead To Massive Customer Satisfaction!Part Two
Hi Mark,
You’re welcome! Thanks so much for letting me know that you found my 3 tips helpful.
When I started blogging, I invested in the book “Digging Into WordPress” by Chris Coyier & Jeff Starr. It’s a really valuable resource and it’s available both in print and as a downloadable PDF. Recently, they updated it to be current with WordPress 4.2. (Even though I bought my copy in 2010, I can still download the updated version for free.)
At the risk of sounding like I’m promoting something, if anyone here is interested in buying a copy, I’d really appreciate it if they used my affiliate link: keepupweb.us/1JtJiR6
Sherryl Perry recently posted..What Blogging Tips Are You Missing?
I just deleted my admin account. I did not know that could be a security problem. Now I have to setup a gravatar. I’m glad I found this post. Thanks.
Eva,
I’m glad to hear that you deleted the admin account. It’s really not difficult once you know the steps. Good luck setting up your Gravatar. I look forward to being able to recognize your face. 🙂
Sherryl Perry recently posted..What is Your Favorite WordPress Plugin? #FridayFinds
You’re welcome. Keeping “Admin” is dangerous. I’m sure new bloggers keep it because they aren’t aware of the risks.
Sherryl Perry recently posted..Why You Should Be Your Own Google Analytics Ninja and 4 Steps To Do It – Part 1
Hi Sherry,
thanks for your wonderful thoughts. all the above listed points are really helpful for new bloggers. Sitemap submission is necessary for new bloggers.
Hi Ravi,
Thanks for letting me know that you found my tips helpful. Lots of people don’t know what sitemaps are or why they need them. Then, there are people who think that the site map that webmasters build for their visitors to navigate their site is the same as the sitemap for the search engines and they’re entirely different.
Sherryl Perry recently posted..Top 5 Reasons to Buy the CommentLuv Premium This Week
This is very helpful indeed. Thank you very much. For me, the most important here is deleting the admin user and preventing pinging. I did not know about this. Thanks again.
Hi Jason,
Thanks for letting me know that my article on blogging tips helped. That admin user ID really puts new bloggers at risk. I’m glad it helped you. (BTW – Sorry for taking so long to reply to your comment. It’s been slightly hectic around here. 🙂 )
Sherryl Perry recently posted..Is Your Email Address Part of Your Brand?
Hi Fatima,
Thanks for letting me that you learned something from my article. The tip on pinging is fairly obscure. I give you extra points for knowing about the XML sitemap. 🙂
Sherryl Perry recently posted..How to Add the Facebook Like Box in a WordPress Text Widget
Hi Sherryl,
These are not just tips, but the words of wisdom for the individuals who are quite new to the field of blogging. The tips shared in this post are quite effective in order to create and run a successful blog. Thanks for sharing this valuable share.
Hi Aayna,
Thanks for letting me know that you found my article helpful. I’ve blogged about these tips before but it was one of those days where I kept seeing “admin” as the author. If this post had been about one tip instead of four, that would have been my top choice.
Sherryl Perry recently posted..Are Your Website Visitors Sticking Around Or Bailing Out?
These are simple yet very effective tips for the newbies. Getting a Gravatar is so simple and quick, still
people tend to avoid it. Thanks for sharing this .
Hi Richa,
Even the camera shy should take advantage of the opportunity to be recognized. I’d rather see Gravatars that are headshots but even a logo is preferable to the anonymous default icon.
Sherryl Perry recently posted..Can Your Small Business Compete with the Big-Box Stores?
I have recently started blogging and am learning new things everyday. The above tips proved to be very helpful especially the point about XML sitemaps. I didn’t know the importance of sitemaps earlier but after reading this I definitely have got to get some for my sites. Thanks for sharing and helping newbies like me.
You’re very welcome Sarah. Sometimes I’m surprised that there aren’t more articles on some of the lesser known techie stuff that needs to go on behind the scenes. Thanks for letting me know that you found my article helpful.
Sherryl Perry recently posted..Is Your Email Address Part of Your Brand?
I have recently changed my old static website for a WordPress blog. I’m only just finding my feet with blogging but was really pleased to see that I have the basics right.
Thank’s for a post that helped to put my mind at rest 🙂
Hi Sarah,
Your comment made me smile. I’m glad that you’ve got the basics right! Congratulations on replacing your static site with a WordPress site and for building a nice foundation so quickly. Lots of people blog for a long time and still use things like the admin logon.
Below my reply, you’ll see that I’ve selected a link to an article about “pinging”. This is something that a lot of bloggers aren’t really aware of and actually, I’m among the people who feel that the core program for WordPress should handle pinging better.
Sherryl Perry recently posted..How to Ping Your Website Blog and When Not To
Thanks Sherryl, will look into pinging next..
And always good to have made someone smile! 😉
Very useful tips here, Sheryll. Yes, changing your username into something quite tricky can help improve your security. It’s also a good idea to get a plugin that will limit the number of times that you can try to log into your WP-admin panel to increase the security of your blog.
Adeline Yuboco recently posted..Hail to the Kadayawan: King of All Festivals in Mindanao
Hi Adeline,
That’s an excellent suggestion to use a security plugin that limits logins. I also like to install one that lets you ban IP addresses as well. I’ve been using the Better WP Security plugin. It’s very powerful and needs some tweaking though. Otherwise, you can easily find yourself bombarded with too much information.
Sherryl Perry recently posted..Can Your Small Business Compete with the Big-Box Stores?
Sherryl, quite a short but good list of tips for new bloggers. I’d like to add some info too. When working with wordpress, add in some plugins like All in one SEO pack to enhance your website’s visibility in search engines.
Hi Glen,
Thanks for mentioning using an SEO plugin. Some premium themes have SEO built in but if you’re using a free theme, you definitely should consider a plugin like the All-in-One SEO pack. I recommend Yoast’s WordPress SEO plugin too. That’s an excellent plugin to use.
Sherryl Perry recently posted..SEO Should Be A Habit Not A Headache
In my opinion, these tips are not the only ones, but generally saying, one of the most important.
Hi Jessica,
There are so many tips for new bloggers (and pros too). These are just four that popped into my head. The “admin” user is really dangerous and the Gravatar is so important to building recognition.
Sherryl Perry recently posted..Is Your Email Address Part of Your Brand?
Really useful information , as a Beginner these tips will be really useful to me , will definitely follow up your tips and i need any help will surely contact you …thanks for sharing
Thanks for letting me know that you found my article useful Linda. I appreciate the feedback. Feel free to contact me. You’ll also find some great tips in the comment sections of my posts too. I’m grateful that a lot of readers share their ideas and tips here.
Sherryl Perry recently posted..4 Basic Steps to Better Blogging, Better Branding and More Business
Apologies if this is a double post. Not sure my last one went through. Thank you for tips 1 and 4. I had to go and delete my admin account. It hadn’t occurred to me that this was a security risk. Thank you.
You’re welcome Don. Thanks for letting me know that my article was a help to you.
Sherryl Perry recently posted..How to Add Follow Buttons to WordPress without a Plugin
Hallelujah! I wondered what I might have done wrong or not done at all. Glad to know it’s just a bit and byte issue that is resolved. THANKS.
“bit and byte issue” – I like that! 🙂
Terrific ideas. I must confess I depend on my webmaster for this kind of thing. I would suggest this though: backup regularly. This is so important. The isp we use for my blog actually does this automatically every evening. I also know there are tools available to do it automatically.
Great ideas here! Thanks.
Patricia Weber, LinkedIn Group BHB
Hi Patricia,
It’s wonderful that you have a webmaster to depend on. (Sometimes, I wish I had one. 🙂 I miss the days when I had an IT department who would look out for the day-to-day techie “stuff”. Now, not only do I babysit my sites but client sites as well.)
I just realized that your Gravatar isn’t showing up. You have one right? (Maybe the email address that you commented with isn’t associated with it?) I’m so used to seeing your profile pic on LinkedIn that the “anonymous” icon startled me.
Sherryl Perry recently posted..Do you Brand Yourself, Your Company, or Your Product on Social Media Sites?
You are so right! I put it on my to-do list and skipped ahead to it to check.Indeed Sherryl, different email. Hope to see my Gravatar show up now. Thanks for the nudge.
So odd; I add the email that I used here. Even confirmed it. Oh well. Back on the to do list. THANKS.
There you are! 🙂 I had to delete the cache on the “server”/host for your Gravatar to appear. Deleting the cache makes the “client”/our computers go to the server and retrieve a fresh version of the page.
Hi Sherryl,
Yes – I do agree. If I have to think back to when I started blogging – these are some of the best tips or guideline to use when you are new. If only I didn’t learn these tips the hard way through experience and learning from mistakes.
Hi Anton,
I avoided making quite a few mistakes thanks to a lot of research but I still learn lessons the hard way. It wasn’t until my Thesis theme broke (weeks after upgrading a plugin) that I learned that backups don’t always restore everything. It turns out that there was an export option for the design settings in Thesis. If I had paid attention to that, I wouldn’t have had to recreate my entire design. (Thankfully, I had documented the design but it wasn’t pretty.)
I think one of the big things is security these days. I try to pay more attention to updates that center around security first and worry about the other or not as important ones later. It does seem like it is a bigger concern than what it was a few years ago.
Ray recently posted..Google Pagerank Update August 2/3, 2012
Security is a huge concern Ray. All these updates recently are starting to consume a lot more time. It seems that there has been a recent onslaught of upgrades to plugins (probably still the aftermath of the 3.4 upgrades to WP). Just today, I heard from someone who upgraded their Google XML sitemap plugin and could no longer “see” their site. Thankfully, she had tracked which plugins she had recently upgraded and was able to disable it.
(Since talking with her, she’s taken my advice and stopped using that plugin. She is now exploring Webmaster Tools. The fewer plugins that we depend on, the less chance there is of something breaking on our site.)
Sherryl Perry recently posted..3 Steps to Protect Your WordPress Blog from Hackers
All great tips! One of the first things I do for a new client new to WordPress is set up some kind of backup system. Ideally, one that is easy for the client to use and one that includes mailing the backup to the client, so not everything resides on the server.
I like how you included the Gravatar in this list. It may be simple to us, but to someone new to blogging, it may not be apparent.
Leora recently posted..9 Posts on Website Security
Hi Leora,
Thanks for mentioning backing up. I try to set up scheduled backups that email the backup too. I don’t think everyone appreciates the value of having a Gravatar. No matter how many times I mention them, I still see people commenting without them. Maybe they’re camera shy?
Sherryl Perry recently posted..The Powerful WordPress Text Widget
Sherryl,
There are a lot of things that fall into the category of “No matter how many times I mention them, I still see people” doing X “without them.” For example, concentrating on incoming links for other sites for SEO, or remembering to add an image to a post, or using imagery in general.
Sometimes, after years of slowly saying it in different manners, one day they (sometimes) get it. People sometimes need real life experiences to be convinced.
Leora recently posted..9 Posts on Website Security
. . . or renaming your image files with keywords, or adding meta tags like alt-text and descriptions . or … sounds like a great idea for another post. 🙂
Really useful advices, especially for me, because I have just started my small home business, and it is my first time (honestly I am a newbie to this scene) and I feel glad about all the useful information I can collect. Thanks for sharing your helpful tips!
You are very welcome Vera. There is so much to learn when you first start blogging. Even as an experienced blogger, I’m still learning too. It’s great to share and learn from each other.
Sherryl Perry recently posted..Is Your Email Address Part of Your Brand?
The perfect fundamental tips when starting out. The one other thing I always do is change my permalinks to something that looks a little more pretty – I always go for the custom option just like you have (%postname%)
Hi Sandip,
Thankfully, with the 3.4 release of WordPress, the default setting for permalinks is the post. So, that was a big help.
Thanks for letting me know that you liked my post.
Sherryl Perry recently posted..How to Ping Your Website Blog and When Not To
Ah, that’s very useful to know. I haven’t set up a new blog for a while which is why I didn’t know about this – glad they made the change
Yeah i agree, an About page is very important. I find it makes the page seem more personal and one is more likely to engage with the site, the blog because of this fact. Good post.
Thanks for letting me know that you enjoyed my post Elena Anne. I recently wrote about a personal experience that I had when we were shopping for wall-to-wall carpet. When I searched for a small local store, I found a business that was about 10-miles from us. This business is tucked into an old mill and we had no idea that they even existed. They have a pretty basic website but their about-us page won us over. We ended up buying from them and we’ll definitely both recommend them and buy from again.
Sherryl Perry recently posted..Can Your Small Business Compete with the Big-Box Stores?
Speaking about a gravatar… it amkes all your comments and all your blogging much more personal. And it attracts other people to follow you!
Katherin recently posted..Motorola PHOTON Q™ 4G LTE Coming
I agree with you Katherin. Some people choose to upload their logo for their gravatar. While it’s better than not having any gravatar, I still think having a headshot is better because it does keep it personal. People like to do business with people that they like and trust.
Sherryl Perry recently posted..Do you Brand Yourself, Your Company, or Your Product on Social Media Sites?
To publish our posts I recommend to use different user, because when we use admin username to post you can easily know the user name by clicking on the author
Hi Khaja,
It’s been a while since I’ve read an article about Joomla. Do you still use Joomla? I have one active website left that I built in Joomla. All the sites that I build now are in WordPress. It’s so much easier to handle and it’s easier to teach clients to maintain their sites too.
Sherryl Perry recently posted..3 Steps to Protect Your WordPress Blog from Hackers
Hi Sherryl,
Yes I too recommend WP for blogs but it comes to business sites, most of them have their customization. And Joomla fits best (according to me) for business sites. and blogs WP is only the BEST CMS.
I loved Joomla when I first started using it. It’s good to hear that you use it. We definitely should have alternatives. I don’t know if it’s still true but up until a couple of years ago, our local university was still promoting courses in Drupal.
Thanks for the information about ping spamming Sherryl. Just last weekend I noticed my art director had updated my blog with an auto-ping feature… and here I was still pinging it by hand!
Hi Catherine,
It’s not easy keeping up with all the ins and outs of WordPress, SEO, social media etc. That’s why it’s great to be able to read other blogs and quickly catch up.
I read your post earlier today and I recommend it. Responsive web design is definitely something that we all should be paying attention to. The use of smart phones and mobile computing is definitely an area that everyone who is interested in online marketing should pay attention to.
Sherryl Perry recently posted..Can Your Small Business Compete with the Big-Box Stores?
I read this article earlier and just realized that I did not leave my comment. Senior moment… I SO appreciate this kind of information. Thanks for keeping us informed. I needed to do that whole admin thing. 🙂
It’s a quick and easy fix. I promise. 🙂
Sherryl Perry recently posted..The Powerful WordPress Text Widget
Good tips Sherryl and like the others I am surprised that people do not have a gravatar. I also think that although there are lots of information abut security etc it can be confusing for those new to blogging as much in written in tech language and not always simple to understand. That is why your posts resonate because you can communicate in a way that is easy to understand.
Susan Oakes recently posted..How Tough Is It To Stand Out In A Crowded Market?
Thanks Susan. I do promise “English not Geek spoken here.” 🙂
Excellent suggestions Sherryl!
Often wonder why people online don’t get a gravatar? Not having one could make a person appear a bit dodgy. And some of them are. The worst is when it’s fake identities created for various dubious activities.
I agree Catarina. In a way, it does help me decide whether or not the person is a spammer.
Blogging has showed me that there are many other things worth learning and doing. Also when I start blogging I realized how big the online world is and how many opportunities it can offer.
It sounds like you’re having a positive online experience Becca. That’s good.
Sherryl Perry recently posted..Is Your Email Address Part of Your Brand?
Sherryl — very good advice. It always surprises me that people leave the default Admin. Very dangerous as you point out. Two other pieces of advice: update your WordPress to the new releases so you don’t have a disaster like Thomson-Reuters. They were three updates behind and their site was hacked. Also backup your blog so that you can restore it if it crashes or is hacked.
Jeannette Paladino recently posted..WordPress Security — If It Ain’t Broke, Fix It Before It Is
The admin user is dangerous. To me, it looks unprofessional too. Thanks for mentioning updating your site and backing it up too. That’s great advice!
Sherryl Perry recently posted..The 2012 Reader’s Choice Award for Best Marketing Strategy Blog
All good reasons to switch over to wordpress (which I have yet to do, but you always remind me about and make me want to punch myself). The gravatar thing is such a simple way to just put a face to a name and begin the recognition process. Sheryl, have you ever transferred a blogger blog to a wordpress site?
Dennis Salvatier recently posted..Why Does Your Creative Career Feel Stagnant? 4 Things You Can Do To Change That
LOL Dennis. Don’t punch yourself! I have transferred blogger blogs. We should talk.
As a graphic designer, Gravatars must really resonate with you. It’s such an easy, no-cost step to take that it amazes me to see so many people who don’t register one.
Sherryl Perry recently posted..Do you Brand Yourself, Your Company, or Your Product on Social Media Sites?
thanks for this valuable tips. The most important thing is deleting the admin. Otherwise you can loose your website. And all the remaining things are completely new for me so thank you very much for this valuable post.
praveen recently posted..Four Best Blogging Ideas to get More Traffic
You’re welcome Praveen Definitely register for a Gravatar. It’s free and easy to do. When people start recognizing you, they’re much more apt to pay attention. Everyone likes to do business with people they like and know. Using a Gravatar personalizes your interaction on blogs and social media sites.
Sherryl Perry recently posted..SEO Should Be A Habit Not A Headache
Great tips! I hadn’t thought about number 1 and didn’t even know about number 3. WordPress is so widespread now, that securing your site has become very important.
Thank you for all the little useful tools, too. I’ll definitely be using knowem.com. It’s a tool that can save marketers a lot of time.
Hi Sherryl, After reading your post I’ve just done your Number 1 comment, didn’t even realise there was an Admin account. I’ve already got a sitemap but i’m now going to look at number 3. Thanks for all your help, I’d be a bit lost without reading these posts
Hi Richard,
Thanks for letting me know that you took my advice and deleted the admin account. That’s a big step. Not only are you protecting your website, it also makes your site look much more professional. You’re definitely welcome. Thanks for letting me know that you find my blog valuable. Feel free to ask questions. Lots of times, I find the inspiration for my next article by reading the comments. 🙂
Sherryl Perry recently posted..4 Basic Steps to Better Blogging, Better Branding and More Business
Deleting the admin user account is very important and over-pinging can get you into trouble.
Thanks for letting me know that you found my post helpful!
Sherryl Perry recently posted..4 Basic Steps to Better Blogging, Better Branding and More Business
Hi Sherryl, I have just started a workpress blog, so your info feed will be more helpfull than ever. All the social media and tech stuff kills so much time, between learning, and posting, etc.. It takes a way from other business tasks. Thanks for helping me sort it out and making it a little easier.
Hi Myron,
Good luck with your blog! It does take time. So many people start blogs and abandon them. One of the keys to blogging is to be consistent. If you decide to blog once a week or every other week, just try to stick with it. You may find it helpful to write ahead of time and then schedule your posts. Make sure you’re backing up your site too.
Sherryl Perry recently posted..Is Your Email Address Part of Your Brand?
I have learned so much by reading your blog. It always amazes me how much there is to learn. It is also mind boggling how fast things change. For a newbie like me having a resource like you is a God send.
I have done most but not all of these thing. The one thing I might add is to have a good “About” page to tell everyone about you, the blogger, and what your site is all about. Oddly enough that is one of my highest visited pages and then the visitor goes from there to other articles.
Thanks Susan! I appreciate your feedback. There is a lot to learn. When I first decided that I was ready to start blogging, I bought the “Digging Into WordPress” book and spent hours learning from other bloggers. It can be a little overwhelming at first.
Having a good “About” page is more important than a lot of people realize. Thanks for letting everyone know that your page gets a lot of visitors. I just took a peek at it and you have done a great job on it. (Maybe, you’ll get some new visitors to your blog when people read this. 🙂 )
Sherryl Perry recently posted..What the Heck is an RSS Feed?
Thanks Sherryl, That is high praise coming from someone I greatly respect and someone I consider a friend. :-)))