Having a backup for all your WordPress files is crucial. You can use a plug in called UpdraftPlus.
Creating a temporary maintainence page lets the end user know there is work currently in progress. You can then update it again by removing it.
WordPress core files, plugins, and themes will need to be updated from time to time, but make sure you have a backup first.
Chapter 2
Having strong passwords is critical for securing your sites. Its a great idea to get a password manager so you can retain all the password info you need to have access.
Enabling the WordPress multisite, you can change an admin as a super admin which will have oversight across all sites.
Investigate any plugins or themes to make sure they can be trusted which indicates that they are maintained regularly.
Cleaning your site is not only improves performance but tightens up security as well. Its best practice to remove unused files, plugin, and themes.
Chapter 3
Securing the configuration file makes it to where you cannot access the file directly to avoid anyone from looking at it.
Changing the database prefix will change the default 'wp_' to something that you assign it to. You can do this during the installation process and it will change everything all at once.
Directory listing occur when you do not set a default page using the 'index' file name which will expose all your files for the public (and attackers) to see.
By default, WordPress displays the version number and information on urls and feeds.
Chapter 4
If your site has a comments section then you will encounter spam comments that will solicit information or unwarranted ads. You can use a plugin to counteract these spam comments.
Limiting the number of login attempts will reduce your chances of an attacker from accessing your login page. You can use a plugin to help reduce the number of login attempts.
WordPress can expose your username on the site and the url through user enumeration. You can use a plugin to prevent from exposing your username.
Protecting your WordPress site with a firewall will reduce the strain of resources and memory of your site which will help increase speed for legit users. You can use a plugin to add a firewall to your site.
Chapter 5
Hotlinking is when another site uses a picture from another site and using that sites bandwidth and resources. This can be combatted with using code on your .htaccess file site.
On a WordPress site, you can still access the installation file even though its already been installed. Its best practice to remove access to the site or replace the content within that page.
Using the htaccess file to manage bad bots will increase performance and reduce server resources from being used.
While not all proxy servers are not evil, attackers can use them to conseal their identity. Only block proxy servers if your site has very sensitive information.
Chapter 6
If there are any bugs or security vulnerabilities, it is very important to report it to wordpress.org or wordpress security. Do not post about it on other websites.
Shared Hosting is a host where you are sharing a server with multiple sites. They're cheaper, but have less features and may have some security risks.
Virtual Private Server (VPS) Cost more and the sites on once server are in a virtual container. They also have more controls and features.
Dedicated Server gives you complete control of a web server which can be dedicated to your websites but are the most expensive and requires a bit of server knowledge.
Cloud Hosting is hosting a site across multiple servers and is very scalable. They cost less than other hosting services but do requires some extra knowlege on server and cloud software.
WordPress Plugins: Advanced Custom Fields
Chapter 1
Installing WordPress at first the editing is very barebones. Custom fields allows developers to add additional data to a post depending on the theme that is chosen.
Advanced Custom Fields is a plugin that allows you to add different field types. There is a free version and pro version.
Chapter 2
Field groups attach to post or post types depeding on what kind of post that you are making.
With Advanced Custom Fields has many field labels such as plain text, content, choice, relational, etc.
In order for the custom fields to show up, you'll need to make a child theme to display it properly.
Chapter 3
Using a custom child theme will prevent a loss of data from a new WordPress update.
A child theme is simply a copy of a WordPress theme that can be modified more extensively.
Chapter 4
ACF Pro gives you mroe custom fields and more flexible, advanced layouts.
The repeater field will allow you to create subfields that can be repeated over and over.
Once you get the repeater field displayed it will still need to be stylized with CSS.
Chapter 5
With ACF you can display short codes as blocks without needing to use Javascript.
Once you created the block in code, you can add the defining block to a new custom field.
When you create you own custom block, you'll still need to stylize it with CSS.
Chapter 6
You can display or hide meta boxes on any user profile in order to keep things more tidy.
With the rules on the custom fields, you can add additional condition such as AND and OR.
You can use OR condition if you want to use a field in multiple places.
Use the AND condition if you want to narrow down what you want shown.
WordPress: Contact Forms
Chapter 1
When your making your contact form it's best to look ahead at least six months down that line becuase your needs for the site might change, which will change either what you want to add or change what plugin you wnat to use.
When you're making a form, its best practice to make it as minimalist as possible.
Top left aligned field names make it much easier to the end user to read it. Avoid using muliple fields on the same line when possible.
Data privacy laws are beginning to be enforced so it is good practice to only hold on to data that you necessarily need. You may have to create a data deletion request form at some point.
There are free SMTP services that can be used for free up to a certain number of emails like Mailgun.
Chapter 2
Jetpack is plugin that has security and contact forms, but is only good when the site is live.
If you want to develop your site locally, then you might want to use something like Contact Form 7.
You can add extra fields like a phone number and also customize what forms that need to be required.
Using CAPCHAs on your site is a bad idea as it makes the user experience more difficult to read.
Akismet Anti-Spam is a plug in that already come with WordPress and can automatically block spam accounts.
Chapter 3
Ninja Forms is an open source form service with some premium services available too. They come with several different templates for contact forms.
Ninja Forms also include an anti-spam protection if needed since bots don't have the capacity to read.
SendWP (formerly Ninja Mail) is a paid SMTP mail service that integrates with your Ninja Forms.
You view any submissions that are sent in case you need a back up if someone misspells their email or something of that nature.
Chapter 4
Gravity Forms in a premium WordPress plugin form service that has all the features and add-ons included unlike Ninja Forms.
In order to use this plugin, you'll need to purchase a license key and add it onto the site.
With new data laws you need to add a privacy policy checkbox with a way to display your privacy policy and make it accessible.
It is possible to make an E-commerce form with Gravity Forms but it is recommended that a dedicated plugin should be used instead.
Chapter 5
Landing pages or squeeze pages care microsites designed to do one specific task.
They are usually used to collect information such as their first and last name and email address. You will need a newsletter extension.
Creating a landing page will allow the end user to be persuaded to wanting/purchasing a product or service. Usually contains two forms to subscribe at the middle of the page and towards the end.
Ninja Forms and Gravity Forms do not support adding the same form muliple times as of this course.
WordPress: Backing Up Your Site
Chapter 1
Backing up a site is critical to development because something can go wrong and/or they're might not be a way to fix it.
You're web host could have technical problems, site gets hacked, or the web server is shut down. Its always good to have a secondary backup of your work.
Wordpress files like htaccess and themes/plugins should be updated once a month or if any changes are made.
The database and any uploads should be updated monthly, weekly, or daily depending on the productivity of the site.
Chapter 2
Backing up the database is a critical part of WordPress since thats where all the content lives. You'll need to access the phpMyAdmin and export all the files that you need.
WordPress the application doesn't need to be backed up as you can always reinstalled a fresh copy anytime, but you'll need to your raw files like htaccess and config files.
You should use something like an FTP program like Filezilla to be manually backup the files you need.
Its best practice to restore the config files, content folders, and plugin/themes when backing up your site as it will result in a cleaner back up while still maintain your content.
Chapter 3
Web hosts services also can give you backup access that is automatically updated.
This is convenient as it creates a restoration point that you can rollback to should anything go wrong.
With some hosting backups you can target certain files/folders to rollback on a certain day if needed.
Chapter 4
Even with hosting backup services, its still reccomended to get a third party backup should that hosting backup get compromised.
Plugins like UpdraftPlus, WP Time Capsule, etc. offer more than just manual backup, but can have cloud service or something similar to that.
With UpdraftPlus you can schedule backups for files and backups and create restore points should anything severely breaks.
With the premium plugin, you'll get access to restoring a site a specific time of day, faster customer service, and incremental backups.
You can backup and transfer the remote storage through other services like Dropbox.
Chapter 5
Backing up and migration are very closely related. With migration you're essentially moving your files from one place to another whether is online to a computer or vice versa.
With plugins (some of them are premium features depending on the plugin) you'll be able to schedule the creation of a package and be able to transfer the package to a service like Dropbox or elsewhere.
In the process of restoring a site from a package you'll have two files: the PHP installer file and the zip file archive. Both hash names should be be same otherwise it might create conflicts.
When you're integrating a site into an already existing site, you will be overwriting almost any and all files that are existing on the site so proceed with caution.
WordPress E-commerce: WooCommerce
Chapter 1
WooCommerce is an open source, E-commerce plugin that is built around WordPress.
Because its open source, you'll have full access to the source code so you can modify it based on the needs of the site and have other fellow developers that can support you.
It allows you do sell almost any product from physical to preorders, be able to use various payment programs like Stripe, Paypal, etc., and get live shipping quotes from UPS, FedEx, etc.
For most E-commerce stores, you won't need a comments section so its best to turn them off.
Chapter 2
There are two ways to install WooCommerce: through the wordpress site or the actual site.
Going through the site you can answer several questions that will improve what kind of content you need based on what you are selling.
Going through the welcome wizard helps determine what country you are based on and what payment options you want to use.
Its a good idea to have at least two payment options in case one goes down.
Chapter 3
The add product might still use the classic editor and might get updated in the future.
When you choose a picture of a product, you need to adjust the whitespace depending on the product. Functional products should use less and anything crafted should use more to show off the design.
Make sure the image has a clear file name so you can keep things organized and gain some SEO.
You can handle product data such as tax info, sku numbers, and setting up an out of stock or backorder function.
When you're organizing your categories and tags, make sure you don't use the same name for both.
When you're selling a virtual good, the shipping the tab disappears and if its a product thats downloadable make the selection.
Virtual items that aren't downloadable is something like a membership or subscription.
Chapter 4
Storefront is a free WooCommerce theme that is fully customizable and well tested for all the features.
With the basic Storefront theme, you are able to customize a lot of stuff like adding logo images, changing background colors, etc.
You can set up your welcome page very easily adding featured products, products on sale, etc.
Customization of the sidebar you can add categories and a filter by price.
You can also customize your product pages by adding social media icons and add to cart sticky.
Chapter 5
The most difficult aspect of adding shipping to your store is tyring to appeal to how their they want their products shipped. Some of them prefer it to be fast/free and possibly be able to choose whih shipping carrier they want to use.
Shipping Zones determine what kind shipping you need to use depending on where you're shipping to compared to where your store is located.
You can add options of shipping methods with a flat rate, rush delivery, or ship locally. You can set up the prices of each shipping option.
When it comes to free shipping you can set it up to where a certain dollar amount needs to be spent to qualify for it. Customers are more likely to get more products if they can get free shipping.
You can add live rates from various carriers with payable plugin extensions. It can cause option paralysis if you have too many rates displaying.
Chapter 6
Using payment options like Stripe takes care of the payment gateways.
You'll needs to set up an SSL Certificate so the site will be encrypted and secured from site attacks and hacks.
Its just best practice to set up the site as an HTTPS site so it's more secure.
Having muliple payment options is important such as PayPal, Stripe and more recently Apple/Google/Amazon Pay.
Chapter 7
WooCommerce already has automated taxes set up so you don't have to worry too much about how calculate tax setups.
Depending on your store and location you can still adjust any tax rules that you need to use.
Chapter 8
Installing Google Analytics is important for as you you'll be able to get more information about how your site is performing. Its best to set up before or immediately after you launch.
You can also install a newsletter service that can help create a newsletter inviting your customers to come back to their site more regularly. You will need get your API keys to integrate it to WooCommerce.
Its good practice to ask your end user's permission to opt in. If you're in Europe it is required by law to do so.
You can integrate Facebook which has a massive pool of users where you can establish a presence and be able to send ads to billions of users.
Chapter 9
Its important to test out the customer experience by going into incognito mode to test all the features like shipping and checkout.
There is an a service called Robot Ninja that can scan through your site to make sure that everything does work.
In WooCommerce you can manage order by creating notes that go to the customer and you can check off when an order is complete. Then its followed by payment heading towards the account.
With refunds, you can make adjustments to the order based on if its a quantity change or a full refund. With Stripe you can automatically refund it without going through the busy work.
Over time, once you get more and more orders, you'll be able to check the reports of how much your profit margin is, how much you are paying in taxes and shipping, and compare your current quarter based on the previous one.
Chapter 10
In the General Settings you can update your main address for shipping, adjust whether or not you can ship to other countries, and be able to geolocate where a customers IP is visible from.
With product settings, you can adjust how you display dimensions, image sizes, adjust the product quantity whether its out of stock or set up backorders. and add product reviews that customers or verified owner reviews can post.
You can use a plugin extension that creates a waitlist for products.
In the checkout settings you can always adjust how the shipping costs are displayed as sometimes it can be a burden on your site by slowing performance on other pages.
You can also add whether or not to make the user create an account with the site but its best practice to make that optional.
Due to legislative updates when its comes to data and privacy, you definitely add the option for users to delete their account and it may conflict with laws from EU.
Wordpress isn't designed to be able to handle a ton of emails going back and fourth so you'll definitely need to have a SMTP provider to do all the heavy lifting on sending emails out.
Chapter 11
WooCommerce has a mobile app that will require a Jetpack plugin.
Within that app you check on your orders, get notified when you get one, check what products are top performers, and manage orders.