Google this week announced that new warnings added in the Google Workspace Alert Center will keep administrators notified of critical and sensitive configuration changes.
Previously known as G Suite, Google Workspace provides secure collaboration and productivity tools for enterprises of all sizes. Accessible from anywhere in Google Workspace, the Alert Center delivers real-time security alerts and insights, to help admins mitigate threats such as phishing and malware.
With the new alerts in place, admins will also receive notifications whenever select changes are made to their Google Workspace configurations.
Specifically, warnings will be displayed when the primary admin is changed, when the password for a super admin account has been reset, and when changes are made to SSO profiles – when a third-party SSO profile has been added, updated, or deleted for the organization.
“These additional intelligent alerts will closely monitor several sensitive actions, making it easier for admins to stay on top of high-risk changes to their environment and potentially malicious actions being taken by bad actors,” Google explains.
An email notification containing key details on the event will be delivered to admins and super admins for each alert. The security investigation tool will allow admins to further investigate the reported incident.
The alerts and their associated email notifications are enabled by default and cannot be turned off.
The new capability is rolling out to all Google Workspace customers, including legacy G Suite Basic and Business customers, and is expected to become visible for everyone in the next couple of weeks.
Earlier this year, Google boosted malware and phishing protections in Workspace with updated comment notifications that now also include the commenter’s email address, so that users can better assess the legitimacy of the message.
Do you want to send email to WordPress users from your admin dashboard?
It’s actually quite simple to use WordPress for sending emails to your registered users. This can be useful if you have a membership site and want to send email announcements or other updates to your site members.
In this article, we’ll show walk you through the steps for sending emails to WordPress users without needing any code.
When Should You Send Email to WordPress Users?
WordPress automatically sends transactional emails to your customers like order receipts and password reset links. But you can also send mass emails to your entire list of users from WordPress. While this isn’t a recommended practice, it’s a good option to have in case you don’t have a proper email list maintained in an email marketing service.
If your website allows users to register, learning how to email users right from your WordPress dashboard is always an important skill. You may want to send emails about new product updates, changes to your website, or other important announcements.
How to Send Email to All WordPress Registered Users
To send emails to your WordPress users, just follow the steps below. First, we’ll set up WP Mail SMTP to take care of your WordPress email delivery from the backend. Then, we’ll set up another plugin that lets you select your WordPress email recipients, compose an email, and send it.
First, you’ll need WP Mail SMTP on your site to deliver your emails reliably to intended recipients.
By default, WordPress uses PHP Mail for emails which is commonly responsible for poor email delivery and spam blocks by mailing servers.
A much more dependable method for sending emails takes advantage of SMTP. In SMTP, your emails are properly authenticated, so their legitimacy is easy to verify. As a result, your WordPress emails are able to avoid spam filters and reach recipients without fail.
To install WP Mail SMTP on your site, first select a plan that’s appropriate for your needs.
You’ll be able to log into your WP Mail SMTP account area once you’ve purchased a plan and created your account. From your account area, click on the Downloads tab.
Now, press the Download Mail SMTP button to start the ZIP file download.
While the download is in progress, it’s a good idea to use this moment to copy your WP Mail SMTP license key. You’ll need this later on.
When the file has finished downloading, open your WordPress dashboard. Then, go to Plugins » Add New.
Here, you can upload the plugin file that you just downloaded. Click on the Choose File button and locate your WP Mail SMTP zip file in your download folder.
After selecting the file, click on Install Now. It will only take a few seconds for WordPress to install this plugin.
Press the blue Activate Plugin to activate WP Mail SMTP on your site.
Great job! Now we just have to configure a mailer with WP Mail SMTP to finish the setup.
2. Integrate WP Mail SMTP With a Mailer
WP Mail SMTP needs an API connection with a mailer service in order to deliver your WordPress emails properly.
The WP Mail SMTP setup wizard allows you to set up a connection between your WordPress site and a mailer service very easily.
After you activate the plugin, the setup wizard should launch automatically. But if for any reason it didn’t start, you can launch it manually.
From your WordPress dashboard, go to WP Mail SMTP» Settings. Underneath the Mail section, find and click the Launch Setup Wizard button.
The wizard will ask you to select an SMTP mailer service from a wide range of options.
If you need a reliable and reasonably priced mailer, we recommend SendLayer. However, you’re free to choose from other available options.
When you’ve selected a mailer, click Save and Continue. You’ll need to fill out a few fields to configure the mailer connection.
If you need help setting up a particular mailer, click one of the links below for detailed instructions.
In the final step of the setup, WP Mail SMTP will ask you to check the features that you want to enable. If you have the paid version, you can enable extra features like email logs (which we highly recommend for the purposes of this topic).
If you check the Pro features, the setup wizard will then require you to add your license key (which we copied in an earlier step). Insert your license key and then press Verify License Key.
The wizard will now send a test email to make sure your configuration is properly set up. If all is good, move to the next step.
3. Get the Send Users Email Plugin
Now that you have WP Mail SMTP configured, you can rest assured that your emails originating from any plugin on your site will always deliver successfully.
But by default, there’s no way in WordPress to write an email and send it to your WordPress users at will.
To be able to send emails to any recipient of your choice in WordPress, you’ll need to install a plugin called Send Users Email.
When the plugin is installed and activated on your site, you can start sending emails to your WordPress users easily.
4. Send Email to Registered Users
Open your WordPress admin area and then click Email to Users » Email Roles.
You should now see a page with options to send emails to people selected by their assigned WordPress roles. If you want to send the email to all of your WordPress subscribers, checkmark the box against Subscriber.
You can also select other types of users as your recipients such as administrators and authors. The email subject field lets you write a subject line for your email. There’s also a rich text field for composing the body of your email message.
After selecting recipients and writing the email, press the Send Message button,
Your email will now start sending to all WordPress users that you selected by role above.
But what if you only want to email individual users rather than mass emailing your entire list?
The Send Users Email includes a feature that lets you individually select each registered WordPress user you wish to send your email to.
To access this feature, go to Email to Users » Email Users. Here, you’ll see a list of all registered WordPress users on your site. You can simply select the users that you want to send emails to from this list.
As before, you can use the email subject field and email message fields to customize your subject line and email content.
Press the blue Send Message button to send your email to individually selected WordPress users.
Congratulations! You now have the necessary tools to send emails to WordPress users entire individually or to your entire subscriber list.
5. Track Your WordPress Emails (Optional)
Generally, WordPress isn’t the best way to send emails and run email marketing campaigns. This is because of the inherent limitations of the platform when it comes to email functionalities.
WordPress is primarily a content management system, so its email capabilities are only basic. For the best results and much easier management, you should consider using a dedicated email marketing service (Sendinblue, Constant Contact, and MailerLite to name a few).
However, if you are going to send some of your emails from WordPress, then it’s wise to log and track your emails.
One of the many benefits of WP Mail SMTP Pro is that it includes email tracking features. With this feature, WP Mail SMTP can track how many times your emails were opened and clicked by your subscribers.
To enable this feature, navigate to WP Mail SMTP » Settings.
On the top of the Settings page, click on the Email Log tab.
Here, make sure that the Email Log option is enabled.
Now scroll down to view additional email tracking settings. You can enable open and click tracking to collect open and click rate data for every WordPress email you send to users.
With email tracking enabled, you will be able to see engagement metrics for each email right within your WordPress dashboard.
This information is extremely helpful as it allows you to experiment with different subject lines to produce higher engagement levels.
And that’s all! You now know how to send email to WordPress users (by role and individually) and also track the performance of your emails from your admin area!
Ready to fix your emails? Get started today with the best WordPress SMTP plugin. WP Mail SMTP Elite includes full White Glove Setup and offers a 14-day money-back guarantee.
At Wordfence our business is to secure over 4 million WordPress websites and keep them secure. My background is in network operations, and then I transitioned into software development because my ops role was at a scale where I found myself writing a lot of code. This led me to founding startups, and ultimately into starting the cybersecurity business that is Wordfence. But I’ve maintained that ops perspective, and when I think about securing a network, I tend to think of ports.
You can find a rather exhaustive list of TCP and UDP ports on Wikipedia, but for the sake of this discussion let’s focus on a few of the most popular ports:
20 and 21 – FTP
22 – SSH
23 – (Just kidding. You better not be running Telnet)
25 – Email via SMTP
53 – DNS
80 – Unencrypted Web
110 – POP3 (for older email clients)
443 – Web encrypted via TLS
445 – Active Directory or SMB sharing
993 – IMAP (for email clients)
3306 – MySQL
6378 – Redis
11211 – Memcached
If you run your eye down this list, you’ll notice something interesting. The options available to you for services to run on most of these ports are quite limited. Some of them are specific to a single application, like Redis. Others, like SMTP, provide a limited number of applications, either proprietary or open-source. In both cases, you can change the configuration of the application, but it’s rare to write a custom application on one of those ports. Except port 443.
In the case of port 443 and port 80, you have a limited range of web servers listening on those ports, but users are writing a huge range of bespoke applications on port 443, and have a massive selection of applications that they can host on that port. Everything from WordPress to Drupal to Joomla, and more. There are huge lists of Content Management Systems.
Not only do you have a wide range of off-the-shelf web applications that you can run on port 443 or (if you’re silly) port 80, but you also have a range of languages they might be coded in, or in which you can code your own web application. Keep in mind that the web server, in this case, is much like an SSH or IMAP server in that it is listening on the port and handling connections, but the difference is that it is handing off execution to these languages, their various development frameworks, and ultimately the application that a developer has written to handle the incoming request.
With SSH, SMTP, FTP, IMAP, MySQL, Redis and most other services, the process listening on the port is the process that handles the request. With web ports, the process listening on the port delegates the incoming connection to another application, usually written in another language, running at the application layer, that is part of the extremely large and diverse ecosystem of web applications.
This concept in itself – that the applications listening on the web ports are extremely diverse and either home-made or selected from a large and diverse ecosystem – presents unique security challenges. In the case of, say, Redis, you might worry about running a secure version of Redis and making sure it is not misconfigured. In the case of a web server, you may have 50 application instances written in two languages from five different vendors all on the same port, which all need to be correctly configured, have their patch levels maintained, and be written using secure coding practices.
As if that doesn’t make the web ports challenging enough, they are also, for the most part, public. Putting aside internal websites for the moment, perhaps the majority of websites derive their value from making services available to users on the Internet by being public-facing. If you consider the list of ports I have above, or in the Wikipedia article I linked to, many of those ports are only open on internal networks or have access to them controlled if they are external. Web ports for public websites, by their very nature, must be publicly accessible for them to be useful. There are certain public services like SMTP or DNS, but as I mentioned above, the server that is listening on the port is the server handling the request in these cases.
A further challenge when securing websites is that often the monetary and data assets available to an attacker when compromising a website are greater than the assets they may gain compromising a corporate network. You see this with high volume e-commerce websites where a small business is processing a large number of web-based e-commerce transactions below $100. If the attacker compromises their corporate network via leaked AWS credentials, they may gain access to the company bank account and company intellectual property, encrypt the company’s data using ransomware, or perhaps even obtain customer PII. But by compromising the e-commerce website, they can gain access to credit card numbers in-flight, which are far more tradeable, and where the sum of available credit among all cards is greater than all the assets of the small business, including the amount of ransom that business might be able to pay.
Let’s not discount breaches like the 2017 Equifax breach that compromised 163 million American, British and Canadian citizen’s records. That was extremely valuable to the attackers. But targets like this are rare, and the Web presents a target-rich environment. Which is the third point I’d like to make in this post. While an organization may run a handful of services on other ports, many companies – with hosting providers in particular – run a large number of web applications. And an individual or company is far more likely to have a service running on a web port than any other port. Many of us have websites, but how many of us run our own DNS, SMTP, Redis, or another service listening on a port other than 80 or 443? Most of us who run websites also run MySQL on port 3306, but that port should not be publicly accessible if configured correctly.
That port 443 security is different has become clear to us at Wordfence over the years as we have tracked and cataloged a huge number of malware variants, web vulnerabilities, and a wide range of tactics, techniques, and procedures (TTP) that attackers targeting web applications use. Most of these have no relationship with the web server listening on port 443, and nearly all of them have a close relationship with the web application that the web server hands off control to once communication is established.
My hope with this post has been to catalyze a different way of thinking about port 443 and that other insecure port (80) we all hopefully don’t use. Port 443 is not just another service. It is, in fact, the gateway to a whole new universe of programming languages, dev frameworks, and web applications.
In the majority of cases, the gateway to that new universe is publicly accessible.
Once an attacker passes through that gateway, a useful way to think about the web applications hosted on the server is that each application is its own service that needs to have its patch level maintained, needs to be configured correctly, and should be removed if it is not in use to reduce the available attack surface.
If you are a web developer you may already think this way, and if anything, you may be guilty of neglecting services on ports other than port 80 or 443. If you are an operations engineer, or an analyst working in a SOC protecting an enterprise network, you may be guilty of thinking about port 443 as just another port you need to secure.
Think of port 443 as a gateway to a new universe that has no access control, with HTTPS providing easy standardized access, and with a wide range of diverse services running on the other side, that provide an attacker with a target and asset-rich environment.
—
Footnote: We will be exhibiting at Black Hat in Las Vegas this year at booth 2514 between the main entrance and Innovation City. Our entire team of over 30 people will be there. We’ll have awesome swag, as always. Come and say hi! Our team will also be attending DEF CON immediately after Black Hat.
Written by Mark Maunder – Founder and CEO of Wordfence.
I’m pretty much always thinking about the prospect of starting an eCommerce business. I like my job, but I do not enjoy labor, and the siren songs of any number of passive income streams call to me daily. Tragically, however, I am not cut out for entrepreneurship. I spent a few years freelancing full-time in my early 20s, and I nearly bankrupted myself—I just never did any work.
If you’re thinking about diving into eCommerce entrepreneurship, you should have a clear and thorough understanding of exactly what it takes to be successful as an online seller. So before you start loading up on craft resin or earring hooks, read on to find out exactly what it takes to start an eCommerce business.
Pros and cons of running an eCommerce store
You don’t have to search very far to see what it is that draws people to the idea of starting their own eCommerce business. No micromanaging supervisors to answer to or fat cat executives living off of the fruits of your labor, and without any physical assets or locations, you can go wherever you want and still run your operation.
In short, many people are drawn to eCommerce selling because they think it’s their key to freedom. To those people, I say: au contraire. In many ways, eCommerce sellers are more limited than regular employees.
Sure, I may have to answer to my manager, but if I mess something up, there’s no chance of her requesting a refund on my last paycheck or claiming the work I emailed her got irretrievably lost. I may not make my own hours, but since my salary is fixed, I can take days off knowing that there’s no chance of it impacting how much money I make. You need to decide for yourself whether the benefits of launching an eCommerce business outweigh the risks of flying without the safety net of job security to fall back on.
How to tell if eCommerce is right for you
In the same way that some kids are terrible at homework but are great test-takers, there are some personalities that do thrive under the pressure of relying on their business’s success for their survival. When it comes to employment vs. entrepreneurship, there is no objectively better, more flexible, more independent choice—there’s just what works better for you.
Here’s a quick self-screener you can use to determine if you’re cut out for online selling:
Do you like what you do? This is something you’re going to be spending hours on, day in and day out—and you’re going to have to work really hard to get your business off the ground. Unlike traditional small business owners, you won’t have a staff, coworkers, or a physical workplace; it’s just going to be you, likely in your home, making the thing you sell. If you’re not truly passionate about your product, you’ll be miserable within a few weeks, tops.
Are you self-disciplined? It’s not easy being your own boss, especially in an industry as isolating as eCommerce. Many other small businesses don’t have this problem—I taught piano lessons for a period of time and didn’t have a boss then, but knowing that my students were relying on me to be prepared for their lessons still kept me accountable. It’s a lot easier to stay motivated when you’re interacting with customers or a small staff.
Do you have a lot of commitments? Anyone who has ever tried to work remotely from their parents’ house can tell you that, for whatever reason, people simply do not perceive solo work on a computer as “real work,” so if you want to run a successful online store, you need strong boundaries and a close relationship with the word “no.”
Can you take on the financial risk?Starting a store on the side while you stay in a day job is one thing, but if you’re making a complete leap to entrepreneurship, you need to be able to get by for a few months or even a year without much income. If you have lots of debt or a family to feed, this might not be the career for you.
Provided you’ve given it some thought and you’re ready to make the leap—or if you’re starting your business part-time until it takes off—you’re ready to get started on launching your business.
Choose an eCommerce business model
When I think of small eCommerce businesses, I think primarily of some of my favorite niche Etsy shops selling things like taxidermied squid jewelry and D&D dice with real mushrooms inside. (I am a very fun person to know at Christmas.)
But eCommerce selling includes far more than traditional consumer retail. Depending on your needs, you may find that one of these alternatives suits you best:
Dropshipping: Dropshipping is a type of eCommerce business where you sell products without carrying any inventory. When a customer places an order on your site, you simply contact the supplier (or have the order sent automatically) and have them ship the product directly to the customer. Dropshipping is a popular eCommerce business model because you don’t need to spend a lot of money up front.
Print on demand: Print on demand is similar to dropshipping, but instead of shipping products from a supplier, you have your products printed and shipped by a print-on-demand service. This type of eCommerce business is often used for selling custom-printed products like t-shirts, mugs, and stationery.
Retail arbitrage:Retail arbitrage is the process of buying products from brick-and-mortar stores and selling them online at a higher price. This type of eCommerce business can be profitable, but it requires a bit more work than dropshipping or print on demand. You also need to identify a product niche that allows you to do this profitably, where you can be confident that customers won’t just go to the original source to make their purchase at a lower price.
Wholesaling: Wholesaling is a type of eCommerce business where you sell products in bulk to retailers. The benefit of wholesaling is that you can get discounts on the products you purchase, which allows you to sell them at a higher price and still make a profit. But this requires a large initial investment since you’ll need to stock inventory in bulk quantities.
Subscriptions: Subscription eCommerce businesses sell products or services on a recurring basis, most commonly in the form of a monthly box of curated products (or, in my dog’s case, a monthly delivery of different home-style baked treats). But there are other types of subscription businesses, such as online courses and members-only clubs.
What business model you choose will also rely heavily on the product market you want to target, since not all models will work with all types of products. Naturally, dropshipping won’t work to sell hand-knitted sweaters, while very few people are likely to buy a subscription for artisan coffee tables. The other thing that will help you decide what products to sell is your chosen target market.
A broad target market is the kiss of death for a budding eCommerce entrepreneur. There are over 9.1 million eCommerce retailers in the world, 2.5 million of which are located in the United States. Do you want to compete with between 2.5 and 9.1 million businesses? I didn’t think so.
When you choose a product market, you’re isolating a part of this larger market of retailers that you want to compete within. The more specific your product market is, the fewer competitors you have; the fewer competitors you have, the more likely you are to succeed. In eCommerce, the most successful sellers home in on extremely small, highly specific product markets—also called micro-markets or niches.
How to find your eCommerce niche
A product niche is a very small sliver of a product market that is both large enough to contain a robust customer audience but small enough that it doesn’t contain many competitors. The best way to identify your niche is to start with a product market and whittle it down from there.
To choose a product market to start with target products that:
You’re capable of creating (at high quality)
You enjoy creating (even at scale)
Have a small market/minimal competition
People want or need
Are profitable
Let’s break down each of these characteristics in detail.
Pick something you’re good at
It’s perhaps the most obvious of the five characteristics listed, but it still bears mentioning: when starting an eCommerce business, choose something that you can do or make well. If you choose something extremely unique and specific that no one else is doing, you may be fooled into believing the lack of competition will make up for poor quality. But the moment you gain some popularity, if someone else can create your product better than you can, your business will be dead in the water.
Pick something you like
Choose something you enjoy making, looking at, and thinking about. More importantly, choose something you won’t hate after the tenth, fiftieth, hundredth, or thousandth time you’ve sold it. Selling can be tedious work, especially if you make your products yourself. Don’t build your business around a product market only to find that you can’t stand working in it.
Pick a small market with limited competition
eCommerce sellers can’t use the same logic and strategy that regular companies do to choose their target markets. You’re one person, with one person’s resources and power—if you try to enter a market where you’re competing with full-sized companies and brands, you’ll be out-marketed and out-maneuvered every time.
Be specific: instead of lawn services, target the market for environmentally sustainable lawn care in one finite geographical location. Instead of publishing eBooks on finance, publish eBooks on investing for American women ages 18-24. Keep narrowing it down until you’ve found your product niche (more on that later).
Pick something people want or need
This is just common sense: you need to sell something that people will actually buy. Even the biggest brands still mess this up every once in a while (looking at you, Colgate-brand frozen dinners and the Bristol-Myers Squibb nightmare that was the “Touch of Yogurt” shampoo). Don’t wait until after you’ve launched your product to try to match it to a potential customer market. Do your research, and narrow down your target customer’s pains and gains, or the problems they need to solve and the enjoyable things they want to enhance. Make sure there’s a large enough demographic of people who are in the market for what you can provide.
Pick something profitable
There’s no surefire way to guarantee that a product or business will be profitable, but with some thorough research, you can certainly strengthen your odds. Ideally, you want to choose a product market with a strong balance between a large potential customer base and a small number of competitors. You’re also more likely to succeed if your product is truly unique in some way—if you offer a feature or element that no other competitor offers. Keep narrowing down your market until you’ve found your unique niche.
Narrowing down your product niche
Once you’ve identified a promising product market, you can start adding details to whittle your target market down to a target niche.
For example, let’s say that you make clothes in your free time, and you’re interested in figuring out how to turn that into an eCommerce business opportunity. In the broadest sense, you want to target the clothing industry, but since this is an extremely saturated market—meaning that it contains many, many competitors—it’s not one where you’re likely to succeed as an individual eCommerce seller.
You need to find a more unique product category within the larger framework of the clothing industry. One good choice might be pet clothes, since there are far fewer designers and retailers in the pet fashion industry than the human one. But “pet clothes” is still a pretty broad category, so you might narrow it further to pet clothes that are specifically for dogs.
When solo eCommerce selling was still a burgeoning market, handmade dog clothes may have been a narrow enough niche to pursue since there were so few non-corporate sellers and even fewer online marketplaces where sellers could compete. But today, you’ll want to get even more specific—perhaps by focusing on dog clothes for specific occasions, like weddings and engagements.
That’s as far as I’m taking this example, but if I were actually launching this business, I’d probably drill down even further just to really make sure that I had my unique micro-market cornered. I might narrow it down by size, theme, or even specific clothing items until I hit on my ultimate niche: floral-themed wedding bow ties for small and medium dogs. (Though there’s truly no limit to how far you drill down your niche—until, perhaps, you reach CelebriDucks levels of specificity.)
Your niche isn’t a permanent designation—if your product does well in your corner of the market, you’ll have more capital to invest in better marketing, audience targeting tools, and maybe even an employee or two. The more your company grows, the more resources and power you have to capture a larger market share.
Set up your store
You’ve found your market, honed your niche, picked your product, and you’re ready to start generating inventory and selling it to your customers. It’s time to choose a platform and set up your eCommerce store.
Choose an eCommerce platform
Talk about a crowded market—there are a ton of different platforms you can use to create a store online. You also don’t necessarily need your own online storefront; you can sell on marketplaces, crowdfunding sites, or a number of other eCommerce alternatives. If you do go with an eCommerce platform, here are a few different guides and comparisons that can help you find the right site for your business:
The platforms above fall into one of two categories, each with different setup requirements.
A standard website builder (like Wix, Weebly, Squarespace, or WordPress) will allow you to create an entire website, only part of which needs to be dedicated to your actual store’s functions. If eCommerce selling is only part of your business plan—for example, if you’re a professional photographer who sells prints and posters as a side hustle—you would want your site to be dedicated to your store as well as pages housing biographical information, your professional portfolio, booking information, recordings of photography classes or talks you’ve given, online course signups, and anything else that pertains to your career.
If your primary goal is eCommerce selling, you’re better off opting for a purpose-built eCommerce platform like Shopify or WooCommerce. Both platforms are capable of many of the same features as a general website builder, like adding about pages, forms, image displays, and blogs. These platforms also grant you access to more advanced features and integrations designed specifically for eCommerce sites, which can help supercharge your selling and help your store gain momentum early on.
Ready to build your store? Check out these step-by-step guides to building your store in the platform you want:
With your eCommerce shop all set up, it’s time to throw everything you’ve got into making sure that it succeeds. You can’t wait for your customers to come to you—you need to go out and find, reach, and convert your target audience.
Target inbound sales leads
Inbound sales strategies are designed to draw people to you, instead of the other way around—think search optimization (SEO), paid search, social media, email marketing campaigns, and content marketing.
Explore potential sales strategies in more detail with these guides:
As a small business owner, your plate is going to be full most of the time (frankly, it will often be full-on, Thanksgiving-style overflowing). If you want to keep up with it all, you need to learn to be efficient about using what you already have and drawing multiple marketing materials out of one asset.
For example:
Get into the habit of snapping and recording your day-to-day processes and behind-the-scenes moments, so you always have material for social and website visuals.
If you’re researching a topic, if it’s related to your business, consider adding an extra step to turn your research into a marketing email or SEO post.
Whenever you design a new marketing asset—an email layout, an Instagram Story, a blog structure—aim to turn it into a template that you can use again, instead of starting from scratch on your next asset.
Marketing as a small business owner is a “work smarter, not harder” game. Get as much mileage as you possibly can out of everything you create, and you’ll free up time and attention that would be better spent on business strategy and growing your company.
Automate as much as possible
There are lots of opportunities to automate parts of the eCommerce process. Invest time in setting up automations at the outset, and you’ll save far more time and energy avoiding unnecessary busywork once your store gets off the ground.
In fact, most of the risks specific to eCommerce entrepreneurship come down to the fact that it’s an overwhelming amount of work for one person to handle, so automating as much of your workload as possible can materially increase the likelihood of your business’s success.
Here are a few guides on the kinds of automation that work best for eCommerce and how to set them up:
Mind mapping is a creative way to brainstorm and find connections between different ideas. Done right, it’s a great way to come up with new ideas and solutions to tricky problems, outline an article or presentation, and generally just get your thoughts in order.
Use automation to support brainstorming, delegation, and communication
I do most of my mind mapping digitally—and even when I don’t, I often recreate a paper mind map online so that I can have it safely stored and easily searched. (It’s a weird hybrid approach, but it works for me.)
Over the past several years of updating this list, I’ve tested close to 50 different mind map tools, many multiple times as they’ve been updated and added new features. I’ve also made dozens of mind maps myself, both on paper and digitally. Pen and paper set a very high bar to clear, but these are the five best mind mapping apps that manage to clear it.
Traditionally, a mind map is done with a pen (or, ideally, loads of colored pens) and paper. You start by writing a central idea or theme in the middle of a blank sheet of paper. Then the fun starts: around your central theme, you create “nodes” connected by lines, each with its own related idea or theme. For example, if the central theme was “Summer” (say, for a marketing campaign), the first five or so nodes might be “Good weather,” “BBQs,” “Vacation,” “Air conditioning,” and “School’s out.”
From each node, you then repeat the process, drilling deeper into the different concepts. “BBQs” might lead to “Family time,” “Good food,” and “Burgers.” “School’s out” could lead to “Summer jobs,” “Extracurriculars,” and “Alice Cooper.”
Some ideas will also connect back to other ideas. “Family time” could also link to “Good weather” and “Vacation.” “Burgers” could link to “Summer jobs.” But by getting all these branching concepts down on paper, you can start to see the relationships between different things and generate new ideas. Who’d have thought before we started brainstorming that Alice Cooper flipping burgers at a family BBQ (or maybe in a fast food joint?) could make for a killer summer ad?
What makes for great mind map software?
How we evaluate and test apps
All of our best apps roundups are written by humans who’ve spent much of their careers using, testing, and writing about software. We spend dozens of hours researching and testing apps, using each app as it’s intended to be used and evaluating it against the criteria we set for the category. We’re never paid for placement in our articles from any app or for links to any site—we value the trust readers put in us to offer authentic evaluations of the categories and apps we review. For more details on our process, read the full rundown of how we select apps to feature on the Zapier blog.
Mind mapping with a sheet of paper and a pen is an incredibly intuitive and natural way to work. You just start drawing and go from there with almost nothing in your way.
It does have its downsides, though. Unless you have a gigantic whiteboard knocking around, you’re limited to a fairly small piece of paper. It’s not searchable, and you can’t easily undo things or make edits. And, worst of all, if you lose your mind map, you don’t have a backup. So even though pen-and-paper mind mapping is delightful, it might be worth considering a mind map app.
While each mind mapping tool on this list has its own unique benefits, they all meet at least the following criteria:
It’s actually a mind mapping app. A lot of drawing, diagramming, and flowchart apps are marketed as mind map apps—but they aren’t. While you could make a mind map in them, you could also use PowerPoint, Photoshop, or MS Paint. You could even get a key and carve a mind map into your computer screen. Just because something can be used to make a mind map, doesn’t mean it should or that it will do it well. These more general-purpose apps tend to lack the features that make creating a mind map digitally as easy as possible, like automatically linking nodes, brainstorming modes that let you get a lot of concepts down quickly, and search. For an app to make this list, we dug past the marketing and made sure it was designed from the ground up for brainstorming, not for drawing or creating professional diagrams or charts.
It gets out of the way. Mind mapping with a pen and paper is a joy. No app is ever going to be quite as intuitive, but it should come as close as possible. After a short learning period to get up to speed, you shouldn’t have to stop and think to create a node, or dig through menus to connect two ideas. The app should just fade into the background—the same way your web browser does.
It offers an unlimited canvas. A digital mind map tool should have a practically unlimited canvas size, so you can make a mind map as big as you can conceive of, connecting huge numbers of ideas if you want. Using an app is all about overcoming the analog downsides, not reinforcing them.
It allows you to attach files. Sometimes you need more than a few words to fully illustrate a concept—and doodling is a big part of analog mind mapping. For an app to make this list, you need to be able to attach images, videos, documents, web pages, and other assorted extras to your mind maps.
It allows you to save and export. You can’t easily edit, save, or share your paper mind maps, so one of the big reasons to go digital is that you can. The best mind map software lets you come back to a mind map later and change it up, save it, and export it in different formats, so you can send it to your colleagues, classmates, or anyone else.
This is my third year keeping this list updated, so I’m very familiar with all our top picks—plus all the apps that come close to breaking into this list but just fall short. To test each mind map app, I use it. I start with some silly concept and just mind map away to see how it works and feels. (I’m always comparing things back to both paper and the other apps.) If it’s nice to use and ticks all the boxes, it goes on a shortlist to be considered for inclusion. If it’s awkward, gets in the way, or doesn’t have a key feature, I leave it off the list (though all the testing notes get added to an increasingly complex spreadsheet, so I can check if things improve next year). From that shortlist, I pull out the best of the best. So, here are the five best mind mapping apps.
Best mind mapping software for beginners and occasional use
Coggle is, in many ways, the mind map maker to beat. It’s fast, intuitive, and easy to use (with great keyboard shortcuts)—even though it’s only available through your web browser. Perhaps best of all, Coggle is free for up to three private mind maps. As long as you save your mind maps as PDFs, plain text documents, or images, you can delete your old drafts and basically have unlimited free mind mapping. If you’re only looking to use a digital option every few months, it’s practically perfect.
The moment you start a diagram in Coggle, you’ll see the central node of a new mind map. From there, you can create new nodes by clicking on the plus sign or—if you want a faster experience—tapping the tab key. There’s a handy cheatsheet of all the keyboard shortcuts in the bottom-right corner of the app, and it’s worth learning to use them.
Coggle is packed with thoughtful touches. One of my favorite features is that you can format your mind map items and messages with Markdown, so you can get as fancy as you need to while adding your text, images, and links to the canvas. There’s also collaboration built in. If you want to bounce some ideas off a colleague, you can go ahead and add them to your mind map, carry on a conversation in the messages sidebar, or go into full-screen presentation mode to take a step back and do more high-level ideation.
In short, for occasional mind mapping (whether on your own or with colleagues), Coggle nails it, and it’s your best option s for free mind mapping software. Its paid offering is also great, but for $60/year, you can get other mind mapping apps that work natively rather than just through a web browser.
Coggle pricing: Free for up to three private diagrams; $5/month for unlimited private diagrams and extra mind mapping tools (like additional shapes and color control).
Best mind mapping software for collaborating with a team
MindMeister is one of the best collaborative mind mapping tools out there. It’s a little less intuitive to use than Coggle, and some features—like exporting your mind maps as a PDF or image, or attaching images and videos—are limited to paid plans, so it’s a less enticing option for solo mind mappers. For teams, though, its collaboration features are great: you can add team members and guests to your mind map, leave comments for each other, and otherwise work together to brainstorm or present ideas.
It also has a sleek modern interface and plenty of customization options (including some more corporate layouts). Plus, it automatically aligns your nodes, which makes it easy to create great-looking mind maps that won’t look out of place in a meeting room.
MindMeister is owned by the same people that make MeisterTask, a web-based, kanban-style project management app. The two tools are integrated, so you can turn your brainstorm session into an actionable project, assigning individual items on a mind map to members of your team, tracking task progress, and syncing it all with your other project boards inside MeisterTask—which even integrates with Zapier.
MindMeister pricing: Free for the Basic plan that includes up to three mind maps and real-time collaboration. From $4.99/month for the Personal plan that includes unlimited mind maps, file attachments, and PDF exports.
Best mind mapping software for a modern mind mapping approach
Ayoa is the follow-up to one of our previous mind mapping picks, iMindMap. It was created by Chris Griffiths, a mind mapping expert and author who has collaborated with Tony Buzan, the man responsible for popularizing mind mapping in the 1970s. Put simply, it’s got a serious mind mapping pedigree—and it shows.
Open Ayoa, create a Mind Map, and you have a choice of making an Organic Map, a Speed Map, a Radial Map, or a Capture Map—though you can also change between them at any time with a dropdown menu. (You can also make a Whiteboard or Task Board if you’re doing some more corporate-style brainstorming, though these features are limited to the more expensive plans.)
The Organic Map is the most traditional and mimics the kind of thing you’d draw with a pen and paper. You aren’t confined to just putting words in boxes. Instead, you’re encouraged to label the swooshing, Sharpie-like branches that connect different ideas. It’s a much more natural process than a lot of the other apps.
A Speed Map is similar, but with a stripped-down setup designed for rapid brainstorming. You’re almost forced to use keyboard shortcuts, like Tab for a new child branch and Enter for a new sibling branch, as the buttons to do the same are hidden away unless you deliberately click on a node. It’s great when you want to ideate quickly.
A Radial Map is a totally modern approach to mind mapping. Instead of nodes and lines, every idea becomes part of a series of concentric circles. A peripheral segment of your central idea becomes the center of its own circle of ideas as you move outward. It’s mind mapping that’s moving beyond the limits of what can even be imagined with paper.
A Capture Map is a blank canvas that allows you to quickly add ideas, whether they’re related or not. They float around the page as little thought bubbles. You can then connect them and turn your rough outline into an Organic Map, Speed Map, or Radial Map.
And Ayoa isn’t just limited to basic (and not-so-basic) mind mapping. The chat, real-time collaboration, whiteboard, and task management features make it ideal if you’re part of a small team looking to realize your ideas. It’s also designed to be accessible to neurodiverse people. Ayoa is under rapid development, so it’s worth keeping an eye on their roadmap to see what features are coming down the line. When we reviewed this app two years ago, the whiteboard features didn’t exist. Last year, they were worth mentioning. Now, they’re so good that Ayoa almost made our list of best whiteboard apps.
This year’s surprise feature addition was GenerateIdeas.ai—an AI-powered brainstorming tool (though it’s only available on the most expensive Ultimate tier). Click Open in GI, then right-click on any node and select Ideas, Questions, or Explain, and it will come up with up to four related concepts. I found it was a little too willing to dive into controversial concepts like weight loss (a problem with many AI-powered tools). Using “Spring” as a test bed, I quickly generated ideas like “go for a morning jog” and “chocolate Easter eggs,” which, when the AI expanded on them, led to suggestions like “go for a morning jog to lose weight” and “develop a healthier chocolate to help with weight loss.” Keep this in mind if you’re going to use it in your workplace.
Ayoa pricing: Mind Map plan for $6.95/user/month with all mind mapping features. The Pro plan for $13/user/month adds whiteboards and other advanced features.
Most mind mapping apps are web apps, and if there’s a native app available, it’s really just a shell for the web app. It’s fine if you want the collaboration, sharing, and other features you get with an online service, but what if you just want a simple way to brainstorm by yourself?
MindNode, a native Mac, iPhone, and iPad app, is perfect for Apple users (and when I’m in a big mind mapping buzz, it’s my go-to app). Start a new map on one device and it instantly syncs to your other devices using iCloud. The app is just as easy to use (and as powerful) whether you prefer to tap the plus icon to add a new node on your iPhone or click it on your Mac. And since it’s a fully native app, no internet connection? No problem.
MindNode also has a load of other features that will keep you happy if you’re deep in Apple’s ecosystem, like a Quick Entry dialog in the Menu Bar on your Mac, Widgets for the Home screen or Notification Center, a Watch app, Apple Pencil support, and integration with popular to-do apps Apple Reminders, Things, and OmniFocus. Select any node, and click Add Task to turn it into a to-do item. Or click the share menu and Export to Things (or OmniFocus), and your mind map will get converted into a project in your chosen app with all your to-dos ready to be checked off. It’s a great brainstorming app that lets you turn a brainstorming session into something actionable.
MindNode pricing: Free limited Mac and iOS app; $2.49/month for MindNode Plus with image support, tasks, themes, and styling options.
Best mind mapping software for personal brainstorming
If you just make mind maps by yourself and don’t need to constantly brainstorm with other people, then a lot of the tools we’ve looked at are overkill. A lot of development time goes into supporting real-time collaboration, versioning, and the like. With XMind, however, all that same dev energy goes straight into making mind mapping nicer, faster, and easier.
While XMind is available on the web (if you have mind maps stored in a cloud storage provider like Dropbox or Google Drive), its native apps are what shine. It’s available on Windows, macOS, iOS, Android, and even Linux. If you need something cross-platform so you and your family (or professional team) can all use the same app, even if you aren’t collaborating in real-time, it’s hard to beat.
While it’s subjective, I also feel that XMind makes the nicest mind maps by default. It’s got a slightly hand-drawn style that I wish I could mimic with a pen and paper. It’s professional enough for the office (especially if you use the built-in Pitch mode), but also nice enough that you’ll want to use it by choice.
Otherwise, XMind hits all the marks you’d expect from a mind mapping app. It’s intuitive to use whether you rely on keyboard shortcuts, a touch screen, or clicking buttons with a mouse. There are enough customization options and themes that you can make your mind maps how you like.
Really, the biggest downside is that, at ~$7/month, it’s expensive for one person—especially when you consider all the features it lacks compared to, say, Ayoa or MindMeister. If a nice solo offline experience is more important than the most features for the money, then it’s easy to recommend. On the other hand, if you’re not mind mapping that often or need to work in a more deliberate way with other people, it’s probably not for you.
XMind pricing:$39.99 for 6 months (or $59.99 annually) for up to five desktops and five mobile devices.
If you’re wary of subscription fees and want something for personal use, SimpleMind is a solid XMind alternative. It’s available from €24.99 for Windows or macOS (€44.99 for both), $9.99 for iOS, and $8.49 for Android.
Do you need a mind mapping app?
Mind mapping can be a great way to generate and connect ideas, but unless you do it all the time, you probably don’t need a dedicated mind map creator—or at least not a paid one. Because, when it comes down to it, mind mapping software is just brainstorming software—and you can brainstorm pretty much anywhere. If you want a compromise, Coggle is a great place to start for free mind map software, since the free plan is pretty generous.
Also, reconsider the pen-and-paper method. It’s really hard to beat—which is why there are so many mind mapping apps available and so few on our list—and you can always take a photo of it to save it or share it. It’s not as tech-y as an app, but it works if you don’t make mind maps all the time as part of your job, or even in your personal life.
How to find free stock images for business and commercial use
Stock photo sites are a dime a dozen, so it can be tough to know where to find free, high-quality images that aren’t also on every other website.
And as a freelancer and a business owner, I’ve done my fair share of scouring the web for that perfect stock photo. So I spent several weeks reviewing dozens of stock photo websites—and I narrowed it down to the nine best for your next project.
The 9 best free stock photo sites
Unsplash for the widest variety of free stock images (and integrations)
Flickr for interacting with the photography community
How to find the best websites with 100% free stock photos
How we evaluate and test apps
All of our best apps roundups are written by humans who’ve spent much of their careers using, testing, and writing about software. We spend dozens of hours researching and testing apps, using each app as it’s intended to be used and evaluating it against the criteria we set for the category. We’re never paid for placement in our articles from any app or for links to any site—we value the trust readers put in us to offer authentic evaluations of the categories and apps we review. For more details on our process, read the full rundown of how we select apps to feature on the Zapier blog.
Finding images that are free for commercial use isn’t as hard as it might sound, thanks to a number of sites that aggregate photos, illustrations, vectors, and more. These sites usually let you search and filter by keyword or category, making it easy to find what you’re looking for. But that doesn’t mean every stock photo site is worth perusing.
The best free stock image sites all meet the following criteria:
They must contain images that can be used without payment for both commercial and personal purposes.
I focused on sites that have at least 500 photos, but I favored ones that offer thousands of images.
A lot of free stock photo sites essentially offer the same pictures. I looked for sites that offered unique images, so your content can stand out.
If you plan to use stock photos for your website or branded content, you’ll need high-quality resolutions. Every site on this list offers at least one high-quality download size for its photos.
And of course, the website itself should be fast, easy to navigate, and from this century.
When reviewing these sites, I visited each one and signed up for an account if necessary. I explored the site’s menus and conducted a number of searches to see what types of photos would come up. I reviewed the quality of the photos and took note of things like how advanced the search filters were, whether there were high-resolution download sizes available, and if there was anything uniquely useful about the stock photo site in question.
Best free stock photos site for a variety of photos and integrations
With more than three million photos and multiple plugins, Unsplash is one of the most easily accessible and largest collections of stock photos available.
It comes with native apps like an iOS app, an Android photo picker, Apple TV and desktop wallpaper apps, and even a Chrome extension that randomly selects a background image when you open your browser. Unsplash’s API is also already natively integrated into popular tools like Figma, Notion, Trello, and Squarespace, letting you search and use high-quality stock photos without leaving your favorite platform.
The site is also easy to use: type a keyword into the search bar at the top of the page, and browse the results to find the best images for your purposes. And if you don’t know what you’re looking for, there are category tabs along the top of the homepage for inspiration.
Another feature that sets Unsplash apart from other free photo sites is its Collections section. Users of the site are able to create Collections—like “Christmas Traditions,” “Autumn,” and “Milkyway“—by curating photos they come across. If you want several similar photos of a specific theme, Unsplash may be your best option.
Best free stock photos site for a variety of media types
Pixabay hosts more than 2.6 million photos, illustrations, vector graphics, and videos—all of which are free to use. Click Images next to the search bar to look for images by type, or you can search more granularly by becoming familiar with Pixabay’s advanced search options. Pixabay lets you search by photographer, orientation (i.e., landscape or portrait), size, and even color. The site also features an Editor’s Choice curation section, which highlights the best images chosen by the Pixabay team. Click the Explore dropdown menu in the upper-right corner of the site to see their selections.
If you need a professional-looking illustration—i.e., a hand-drawn image or a computer-generated graphic—you should begin your search here. Royalty-free illustrations can be tricky to find on many free image sites, but Pixabay has loads of them. Just click Images, select Illustrations, enter in your search terms, and that’s that. You can also use Pixabay to search for vector graphics, videos, music, and even sound effects.
Best free stock photos site for quirky images you won’t see anywhere else
The site is pretty barebones—and its color scheme is distracting at best, with bright neon colors and cartoonish UI elements. Photos are organized into only nine different categories: Animals, Business, Fashion, Food, Nature, Objects, People, Urban, and Whimsical. And while the photo resolutions are high-quality, they only come in one size (and you have to download each photo to find out).
But if you’re looking for an odd image that will bring your content to life, Gratisography is definitely the place to start.
Best free stock photos site for adding simple enhancements and overlays
Canva is a web-based graphic design tool that makes modifying images easy. If you’re looking for stock photos for a graphic design project—like designing a social media banner or a flyer—Canva is a one-stop shop for your needs. Even with a free account, the platform offers a library of over 1.6 million free images you can use for any purpose.
If you’re planning on enhancing the images you find with simple text overlays or tweaking the transparency or vibrancy of photos on a regular basis, Canva will help you streamline the process. Find photos, and then use Canva’s built-in design tool to enhance them on the spot.
One helpful feature is that Canva automatically generates a color palette for any photo you choose. If you’re building a vision board or a design presentation, you can easily use the hex color codes to keep your project’s color scheme consistent.
Canva does come with a few downsides, though. As I was testing, I noticed that you can’t directly download a stock photo as you would from another stock photo site. Instead, you’ll have to click Use in a design. Canva takes you to the design dashboard with the stock photo on your digital canvas. While this is helpful if you intend to add text or graphics to the image, it’s an unnecessary complication if you plan to download a stock photo as-is.
Also, many of the best stock photo sites let you choose the size of your photo before downloading it. Canva only provides one size—though the photos are all in high resolution.
If you’re looking for more stock photo sites for graphic design, PikWizard and Kaboompics are both great Canva alternatives. PikWizard is linked to DesignWizard, a design tool similar to Canva. And Kaboompics focuses on color palettes; you can even download your chosen photo along with with the color scheme it uses, which is useful for putting together vision boards and presentations. Kaboompics also lets you choose a custom pixel width when downloading an image, which is a helpful feature.
Best free stock photos site for eCommerce businesses
Burst is a free stock photo site powered by leading eCommerce platform Shopify. The platform offers thousands of free images you can use to strengthen your content, including a large selection of business-oriented photos (e.g., retail, eCommerce, money, and products). The site serves up 28 different categories, several of which are broken down into subcategories to make it even easier to find the images you need.
Unfortunately, the site doesn’t have as much variety as other stock photo sites—and not all of the photos are free for commercial use. The site creator advises commercial users to check with the originating institution’s rights statement through the provided link to the original Flickr posting of each photo.
The site’s search functionality also leaves much to be desired. And unlike most free image sites, New Old Stock doesn’t offer any way to filter photos. If you’re feeling lucky, though, click the magnifying glass in the upper-left corner of the site, type in a search phrase, and you may strike (vintage) gold.
Reshot is a relatively new resource for designers, whether they need stock photos, vector illustrations, or icons. The site’s collection is provided by the design team over at Envato Elements, a paid creative subscription service for templates, photos, music, and more. But Reshot provides free visual resources for designers on a budget.
Unlike many other stock photo sites, Reshot has a wide variety of vector illustrations and icons as well. The site boasts millions of images that are free for personal and commercial use. The website is minimalist in design, with a left-hand menu where you can choose to browse collections of icons, illustrations, or photos. Or if you know what you’re looking for, type your search terms into the search bar and narrow the results by media type and orientation.
If you find an illustration you like, you have the option to download a vector or PNG—while icons come in SVG code or SVG. And since you’ll likely want to make additions or changes to these images, Reshot makes it easy to download files straight into Figma.
One downside I noticed as I was testing is that while illustrations and icons have multiple download types, it appears that photos can only be downloaded as JPEGs—and only in one size. Those sizes are in high-quality resolution, but you can’t choose from a variety of sizes. But in general, if you’re looking for ideas or raw images for your wireframes or prototypes, Reshot is a great option.
Best free stock photos site for optimizing images for social media
If you’re looking for free stock photos for Instagram or other social media sites, 123RF makes your search easy. The stock photo site not only provides a variety of free photos and vector illustrations, but it also lets you choose from a selection of download sizes, including Facebook cover, email header, Pinterest post, and even brochure cover.
These pre-selected sizes can save you hours of cumulative time spent cropping and resizing images for social media. You can even apply a filter, add text, and remove the image’s background directly from the site before downloading it.
As I was testing, I did notice that you can’t reposition an image after choosing a social media-optimized size. So if you choose an image whose focal point isn’t the center, you may run into issues if you pair it with a small or narrow aspect ratio.
Overall, the site is clean and easy to navigate. And if you’re willing to pay a few dollars per image, 123RF provides a wider variety of images as well as a variety of stock footage and audio for use in your next project.
Best free stock photos site for interacting with the photography community
Flickr is a photo sharing social network. The site—which boasts more than five billion images—brings together professional and amateur photographers from around the world.
The thing I appreciate about Flickr is that it places artists front and center. When you navigate to Flickr’s homepage, you’ll immediately see a gallery of suggested people to follow. Click into any one of their profiles to see a “Photostream,” or a feed of their latest and most popular images. Flickr is a great way to discover talented photographers, learn more about the field, and refine your own artistic eye.
The photos on Flickr are known for containing rich metadata, including geolocation information, EXIF data, tags, and more. So if you want to find photos taken in France, select the World Map under the Explore dropdown, and click on one of the pink dots that pop up in that country. If you want to find images of golden retrievers, simply type the term into the search bar in the upper-right corner of the Flickr homepage, and thousands of results will come back. Plus, Flickr lets you search by trending photos and most recently added photos. You can even explore galleries and search specific photographers’ collections by clicking on their usernames.
And if you’re a budding photographer yourself, you can even click Camera Finder under the Explore dropdown to see the most popular cameras currently being used in the Flickr community.
Keep in mind that you can’t use every photo you find on Flickr for free—especially for commercial use. But it’s easy to figure out which ones are usable. Run a search for an image, and then click the Any license dropdown menu and select Commercial use allowed.
If you get sick of seeing ads as you browse Flickr, you can upgrade to an ad-free experience for $5.54/month. The premium subscription also comes with unlimited storage (free users get one terabyte of storage). And if you want to even more with your stock photos, connect Flickr to Zapier to do things like share new Flickr photos on social media or back up new Flickr photos to Google Drive.
Share new Flickr photos on Twitter, Facebook, and Pinterest
If you’re looking for more sites that prioritize the photography community, Pexels is a great Flickr alternative. Pexels offers hundreds of thousands of photos that are free for both commercial and personal use. The site has a leaderboard and a number of photography contests for contributors, which makes it a great site for finding photographers who are engaged with the platform and constantly uploading fresh content.
Other stock photo sites to consider
If you’re looking for something a little more unique (and you have the budget for it), you could try a paid option like Shutterstock, iStock by Getty, or Adobe Stock. These sites are all very well-established resources for paid—but relatively affordable—stock photos. You can subscribe to any of these sites for $29 per month for up to ten monthly image downloads.
There are also many niche stock photography sites out there (like Foodiesfeed, which specializes in food photography). So if you’re looking for a specific type of image, it’s worth seeing if there’s a niche site available. These sites might give you a wider range of options in the specific category you’re looking for.
If you’re publishing content on a regular basis, you’ll likely get the best results by using a combination of our recommended sites. Just be sure that you keep your branding consistent: using too many eclectic images can muddy your brand and make it hard to stand out from the crowd.
A note on copyrights
Why can’t you just scour the web for an image you like and publish it? Because creators own the rights to their images, and if you publish one of them without their approval, you may be guilty of copyright infringement. In a worst-case scenario, that could land you a $150,000 fine for each violation, and possibly even jail time. Of course, you’ll receive a cease-and-desist letter first, telling you to take the images down, but even still, you’ll waste time and effort removing them—in addition to the time and effort you wasted finding them in the first place.
But some creators are happy to share their images with others. Creative Commons offers a number of different licenses that creators can use to enable other people to leverage their work freely. Of course, it’s not all or nothing: some licenses allow for personal use, while others allow for commercial use. Some licenses require you to attribute images to creators, while others don’t. Some allow you to adapt or modify an image, while others require you to use it in its original form. When using an image licensed through Creative Commons, be sure to read the fine print and abide by the terms.
In the Cascade Mountains of Southern Oregon, there sits a volcano with no peak. But what takes the place of a billowing summit isn’t a barren crater — it’s an electric blue lake, surrounded by pine trees and the jagged remains of the volcano’s collapsed mouth, which crumbled during an eruption almost 8,000 years ago.
This place is called Crater Lake. It’s considered one of the most beautiful national parks in the United States. It’s also where Justin Champion, a Content Professor at HubSpot Academy, spent his work day last Thursday.https://www.instagram.com/p/BkTxa6cHCjr/embed/captioned/?cr=1&v=8&wp=648&rd=https%3A%2F%2Fblog.hubspot.com&rp=%2Fmarketing%2Fdigital-nomad#%7B%22ci%22%3A0%2C%22os%22%3A1813.1999999999534%2C%22ls%22%3A1638.5%2C%22le%22%3A1770.9000000001397%7D
A striking landscape, like Crater Lake, is a normal office view for Justin and his wife, Ariele. After working in the National Park, they headed north to Portland and spent a day in Mt. Hood. Then, they drove through Redwood National Park. And next week, they plan to work in Yosemite National Park.
Justin and his wife have been living, working, and traveling across America in a Ford F-250 with an Airstream trailer hitched to its back for the past two years. And their alternative lifestyle has helped them prioritize life experiences and close connections over material possessions. They’re modern day nomads. Or what most people call digital nomads.
What is a Digital Nomad?
Digital nomads are remote workers who usually travel to different locations. They often work in coffee shops, co-working spaces, or public libraries, relying on devices with wireless internet capabilities like smart phones and mobile hotspots to do their work wherever they want.
With 34% of remote employees working 4-5 days a week out of the office, the digital nomad lifestyle could be an exciting possibility if you’ve caught the travel bug and want to break free from the shackles of 9-5 life. Below, we’ll cover the benefits, job opportunities, and realities of this alternative lifestyle.
Let’s find out if it’s the right fit for you.
Living the Dream? 5 Benefits of Being a Digital Nomad
1. You’ll be more productive.
There’s no time to waste when you travel to gorgeous places almost every day. Exploring your new surroundings will motivate you to get your work done as soon as possible. Adventure can be one of the best types of motivation.
2. You’ll have more breakthrough ideas.
Creativity happens when you mash seemingly unrelated concepts together to form a new idea. Neuroscientists call this synaptic play, and the more incongruent the concepts are, the more synapses occur in your brain. Working in a different place everyday gives you a lot of diverse experiences that you call pull from to make these creative connections. And when your brain is chock full of these diverse inputs, your ideas are much more inventive.
3. You’ll become more adaptable.
Constantly traveling to new places pushes you out of your comfort zone. And to adapt to new environments everyday, you need to be willing to engage with different people and cultures. This makes you more open to new experiences in the future.
Traveling also improves your brain’s reaction to change. When you travel, the stress of navigating a foreign place sprouts dendrites in your brain. These dangling extensions increase your brain’s capacity and attentiveness during new and challenging situations in the future.
In a nutshell, traveling strengthens your desire and ability to learn new skills.
4. You’ll have more time to do the things you love.
Even though work can be great, we still work to live, not the other way around. Finishing work faster gives you more time in your schedule to explore your surroundings, do the things you’re passionate about, and spend more time with loved ones.
5. You’ll make lifelong friendships.
Adventure and memorable experiences forge close connections between people. When you embark on your journey, you’ll meet other digital nomads and become friends with them. And if you travel with a friend or significant other, your relationship will be closer than ever before.
Common Jobs for Digital Nomads
Today, most companies embrace remote work. 43% of American employees spent time working remote last year, and this number will only increase. But being a digital nomad and working a few days at home are two different animals. If you want to keep your day job while traveling, you need to prove to your manager that you can handle full-time remote work before you can do work on the road. Justin Champion decided to work remotely for six months before he even asked to travel.
If you’re looking for job, sift through sites that only list remote jobs, like We Work Remotely or Remote.co, and ask prospective employers if the role lends itself to your nomadic lifestyle.
Freelancing is also a common role for digital nomads. Before you embark on your journey, though, you must be realistic with yourself. How will you be able to make a living? Answer the following questions to help you figure this out:
What am I good at?
What do I like to do?
Is there a need for my skill?
Can I do this job online?
Once you know how you’ll be able to make money, you can enter the gig economy by marketing and selling your services on your own, or finding work on a freelance service marketplace like Upwork or Fiverr.
Whether you chose to work for a company or yourself, becoming a digital nomad doesn’t mean pigeonholing yourself in a specific role. Your job just has to be fully digital. Listed below are some common roles that lend themselves well to a fully remote lifestyle:
Accounting
Customer Service
Design
Editing
Healthcare
IT
Marketing
Project Management
Quality Analyst (QA)
Recruiting & HR
Sales
Software Development
Teacher/Tutor
Transcription
Virtual Assistant
Writing
As you can see, there’s a lot of different industries and roles for digital nomads. Remote work is becoming commonplace, which is exciting and beneficial for the workforce. But that doesn’t mean anyone and everyone should be a digital nomad. It’s still a tough challenge. You need to be organized and disciplined, or you won’t be able to enjoy your travels — which is the point of the lifestyle, right? So how do you set yourself up for success?
How Do You Become a Digital Nomad? 5 Things to Consider Before You Get Started
1. Get rid of unnecessary expenses.
Paying for things that don’t greatly impact your life is never ideal. That’s why you need to get rid of all the expenses that you won’t need living as a digital nomad. Things like gym memberships, subscriptions, and debt are all expenses that’ll bog you down on the road. And if you’re a freelancer, they’ll be even more of a burden because you might experience some periods of inconsistent income. Getting rid of these expenses and paying off debt will allow you to fully focus on your work and travels.
2. Make sure you have income you can rely on for months in advance.
Whatever lifestyle you pursue, it’s always smart to have safety net. You never know when an emergency will arise. This rings especially true when you’re a digital nomad because you’re mostly own your own. You can’t find solace in a warm, comfortable home or family, and if you’re freelancer, you don’t have the luxury of a consistent paycheck. To widen your safety net, you should sell any unnecessary belongings, move the essentials into a storage unit, sell or rent your house, and save as much money as possible.
3. Get travel health insurance.
Traveling can give you some of the best experiences in your life, but it not always a blissful, perpetual highlight reel. It’s still real life. You’ll get sick, have emergencies and accidents, and need regular checkups. You also need immunizations to enter certain parts of the world. Your health should be your number one priority during your travels, so make sure you buy a solid health insurance plan that’s valid in all the places you visit.
4. Set yourself up for financial success.
Ample funds are the key to successful travel. American credit cards will usually charge you a fee if you use it abroad, so ask your bank for an international credit card. You should also sign up for credit monitoring services that’ll alert you if anyone tries to steal your identity.
5. If you travel internationally, unlock your phone.
Most countries have different cell phone carriers, so if you want to bounce from country to country, you need to call your current carrier and ask them to unlock your phone. You’ll be able to use your phone in any country because you can put a different sim card in your phone from each international carrier you use.
Once you square these things away, it’s time to start your new life on the road. But actually living life as a digital nomad is an entirely different ballgame than preparing to be one.
7 Tips for Living as a Digital Nomad
1. Make a budget.
As a digital nomad, your budget should be your bible. And if you follow it, you can live quite comfortably. To create a successful budget, calculate your living expenditures, the cost of traveling to each destination, staying there, the activities you’ll do there, the costs of working, and how it all affects your savings if you can’t earn a salary for a while.
2. Plan for the worst-scenario.
When you live abroad, It’s crucial to have multiple backup plans in case of any emergencies. Nothing really ever works out the way it’s supposed to. Things happen. What if your truck breaks down? Or what if you get stuck in a foreign country with no backup plan? What’s your plan B and C? You need to set these processes in place to handle the inevitable bumps in the road.
3. Join a digital nomad community.
Digital Nomad communities like Couchsurfing and Nomadlist will help you learn the nuances of the digital nomad lifestyle, and reduce its steep learning curve. Fellow nomads will be happy to answer any pressing questions about your new lifestyle and any areas you plan to visit. They’ll also teach you how to work effectively on the road. And arguably the most beneficial perk of these communities is that you can connect with other traveling professionals, which can lead to new business opportunities, partnerships, and friendships.
4. Make sure you have cell reception or wifi.
If your employer lets you work remotely, show them and your team some respect by being available as much as possible online. Not having wifi or cell phone reception should never be an excuse for missing a meeting or failing to get an assignment done. The same goes for client work, if you’re a freelancer.
To make sure you’ll always have internet connection, consider investing in a cell phone booster and a mobile hotspot mifi device. Cell phone boosters can detect the smallest shred of cell phone reception and send the signal to your vehicle. Mobile hotspot mifi devices strengthen your mobile hotspot service, so you don’t have to rely on a spotty, public wifi connection.
5. Make sure you can communicate with locals.
Knowing the language of the country you’re going to or knowing that they speak your language is crucial for successful travel. Assuming that there has to be someone who will understand English is a dangerous move. But if you must go to a place where you don’t know the native language or they don’t speak yours, use Google Translate or another translation app to navigate your new environment.
6. Research your destinations.
If you’re not living in an RV, find affordable housing on AirBnB or Couchsurf before you arrive to your destination. And make sure your lodging is near a hospital, emergency room or clinic in case of an emergency. You should also research the area to find safe neighborhood to stay in.
7. Draw cash from ATMs.
Airports are notorious for charging ridiculously high currency exchange fees. If you need cash, draw it from an ATM. Your bank will charge you a fee, but it’ll be much lower than the one at the currency exchange desk.
Before you set off …
If an adventurous lifestyle sounds appealing to you, then being a digital nomad can be one of the most rewarding yet challenging ways to live. But if you arm yourself with organization, discipline, and a thirst for learning, you could enjoy an exciting and fulfilling life on the road. Just ask Justin and Ariele Champion. They’re living the alternative American Dream. And they’ve never looked back.
Are you worried about hackers attacking your website?
Cross-site scripting, also called XSS, is one of the most common attacks on WordPress sites. Hackers find vulnerabilities on your site and use them to steal information and misuse your website.
What’s worse is that if you don’t fix it immediately, these hacks could lead to more severe damage – the kind that’s really hard to recover from.
If your website is already under attack, we’ll show you how to fix it right away in simple beginner-friendly language. We’ll keep cybersecurity jargon to the bare minimum in this tutorial. We’ll also show you how to prevent future attacks.
First, let’s quickly understand what happens in an XSS attack so that you’ll be better equipped to handle it.
What is an XSS Attack in WordPress?
XSS stands for Cross Site Scripting which is a kind of injection attack where hackers inject malicious scripts into a website.
These scripts are disguised as good code on a trusted website. Next, when a user lands on this website, their browser executes all the code, including the malicious script, because it thinks it’s all trusted instructions.
In simpler terms, imagine you’re a spy and you’ve just received an official email from the government about a top-secret mission. It contains all the instructions you need to follow down to the T.
What you don’t know is that someone intercepted that email and added a few more instructions of their own. The government has no clue about it and you don’t bother to double check because you trust the source.
Some of it doesn’t make sense but you’re trained to obey every order to achieve your mission.
In this scenario, the government is your website, and the spy is the user’s browser. The browser follows the instructions from your website and can’t differentiate between the good and bad scripts.
These scripts are usually in Javascript, one of the most popular and widely-used programming languages. Although, these attacks can take place using any client-side language.
Now there are many ways to carry out an XSS attack. One way is to send a link to unsuspecting users to get them to click on it. Once they click on it, the attack can possibly do one or more of the following:
Redirect users to a malicious site
Capture the user’s keystrokes
Run web browser-based exploits
Steal cookie information of the user logged into an account
If the hacker is able to steal cookie information, they can completely compromise the user’s account. For instance, if you’re logged into your website’s wp-admin panel, the hacker can steal your credentials and log into your site.
What you need to do to prevent these attacks is to make sure all user data is validated and sanitized properly before it enters your website. That way, no user input can be malicious Javascript code. Added to that, you need to make sure there are no XSS vulnerabilities on your site that can allow a hacker to attack.
We’ve barely scratched the surface of XSS attacks but we hope you have a decent understanding of how a WordPress XSS attack works. Now if you suspect your site is hacked, follow our easy step-by-step tutorial below.
How to Find and Fix an XSS Attack in WordPress
To find any kind of malware or hacks on your site, you’ll need to run a deep scan on your entire website including its files and database.
We’ll be using Sucuri to scan and clean up your hacked site. Sucuri gives you a robust security setup including a firewall, malware scanner, and malware cleaner.
Sucuri offers a free website malware scanner that you can install inside your WordPress site by navigating to Plugins » Add New tab.
We recommend using the premium server-side scanner. This will turn your website inside out to find any trace of malware.
Added to that, here are a few of its highlights:
Monitors spam and malicious scripts
Checks for hidden backdoors created by hackers
Detects changes made to DNS (domain name system) and SSL
Checks for blacklists with search engines and other authorities
Sucuri comes with a price tag of $199.99 per year. If that’s out of your budget, you can try other security plugins. See our list: 9 Best WordPress Security Plugins Compared.
While selecting a security plugin, make sure it gives you all the cyber security features you need to find and fix malware infections and protect your website.
Step 1: Scanning Your Website
To get started, you’ll need to sign up for a plan with Sucuri. Then, log in to the Sucuri dashboard where you can add your site.
Here, you’ll need to connect your website by entering your FTP credentials. If you don’t know your FTP credentials, you can get them from your web host.
When your site is connected, Sucuri will automatically run a thorough scan of your website. Once done, it will show you a detailed report under the ‘My Sites’ tab.
Now you can click on the ‘Details’ button next to the warning message. This will open up the Monitoring page where you can view the details of the hack or infection.
Step 2: Requesting a Malware Cleanup
On the Monitoring page, you can see what kind of malware has infected your site. Sucuri adds a rating to indicate the risk level. So if it’s a critical or high risk, you know that you need to fix it right away. Added to that, it will also show you if your site has been blacklisted by any search engines.
Now that you know your site is infected, you need to clean it up and Sucuri makes this really easy for you. To get started with the process, click on the ‘Clean Up My Site’ button.
On the next page, click on New Malware Removal Request button and a form will appear where you can enter your site’s details.
Simply fill out the form and submit it. Once done, Sucuri’s security experts will clean up your site for you. In case you don’t know any of the details you need for the form, you can ask your web host for them.
Now you may be wondering how long would it take to get your site cleaned.
Sucuri gives first preference to users on the Business plan. They assure a turnaround time of 6 hours. For other plans, it depends on how complex your site’s infection is and the volume of requests they have in queue.
Immediately after an attack, we strongly recommend logging all users out of your site and changing your login credentials to be on the safe side.
How to Prevent XSS Attacks on Your WordPress Site
It’s always best to protect your website and prevent these kinds of malware attacks on your site. It’s much easier and cheaper than trying to fix a hacked website. Here are our top recommended steps to prevent XSS attacks on your site.
1. Enable a Web Application Firewall (WAF)
Sucuri has one of the best firewalls for WordPress sites. It not only blocks XSS attacks but all sorts of other malware attacks like DDoS, Brute Force, Phishing, and SQL injections.
The firewall will sit in front of your website and scan every user coming through. It will identify and block bad bots before they reach your site.
To enable the Sucuri firewall, navigate to the Firewall tab on your Sucuri dashboard.
Select your site, and you’ll see setup instructions that you can follow. Sucuri gives you 2 options to set up the firewall:
1. Automatic Integration: Simply enter your hosting credentials using cPanel or Plesk. This method requires you to give Sucuri access to your website’s server to automatically set up the firewall on your site.
2. Manual Integration: You can set up the firewall on your own without granting internal access to Sucuri. To get started, click on the internal domain link and make sure that it loads.
Next, you can configure your DNS to point your web traffic at the Sucuri firewall. For this, you’ll need to access the DNS records in your hosting account. Here, you can change the ‘A’ record of your site and enter the IP addresses that Sucuri provides.
If you’re stressed that this is all too complicated, you can ask your web host for help and they will guide you through the process. Added to that, you can also raise a support ticket with Sucuri and their support team will help you change the DNS records.
To open a ticket, you’ll find a link inside the manual instructions on the same page.
Once you’re done setting up the firewall, it usually takes a few hours for the changes to reflect. You can expect a maximum wait time of 48 hours.
When you enable the firewall, it will automatically add security headers to your site to protect it from XSS attacks.
If there’s an attempted XSS attack Sucuri will block it and report it to you in the Reports tab.
Now what we love about the Sucuri firewall is that it’s so easy for anyone to use, including beginners. You don’t have to be a cyber security expert or know any coding.
You can enable all sorts of protection features with just a click in the Settings » Security tab.
So for instance, you can enable DDoS protection and geoblocking to make it harder for hackers to attack your site.
To enable a security feature here, all you have to do is check the box and save your settings. When you need to disable it, you simply have to uncheck the box.
Aside from this, the Sucuri plugin will:
Regularly scan and monitor for spam and malicious code
Alert you of any cross-site scripting vulnerability
Block bad bots and hackers
Check for blacklists with search engines and other authorities
Monitor website uptime
Detect changes made to DNS (domain name system) and SSL
Send you instant security alerts via email, SMS, Slack, and RSS
So your site will be protected at all times.
2. Use Secure Forms
On a vulnerable website, forms are one of the most common targets for hackers. If your form is unsecured, this means anyone can simply enter malicious code in your form fields.
Our recommendation for securing your website’s forms is WPForms. It is the #1 WordPress form builder that has built-in security so your forms are protected right from the start.
By default, the forms have anti-spam protection turned on. Plus, you can even add CAPTCHA to your forms to block spam bots.
You can enable an invisible captcha or the type where a user will have to solve a little puzzle or tick a box to prove they’re human.
3. Set User Role Permissions
When you have multiple people working on your website, it isn’t wise to give everyone admin access. It’s better to assign them roles based on what permissions they need.
WordPress lets you create roles for:
Super Admin
Administrator
Editor
Author
Contributor
Subscriber
Now if a hacker gets control over a user’s account, they’ll be limited in what they can do on your site.
4. Auto-logout Inactive Users
Hackers can gain access to user accounts by hijacking their browser sessions and stealing cookies.
You can minimize this risk by logging out inactive WordPress users.
Many security plugins have an idle session logout feature or you can use the Inactive Logout plugin.
5. Update Your Website Regularly
WordPress plugins, themes, and even your WordPress installation get updates regularly. You’ll see them inside your WordPress dashboard when they’re available:
Many website owners ignore updates for a long time but this can expose your website to hackers. Updates usually carry bug fixes, new features, and improvements to the software. They can also have security patches. You can see if an update carries a security patch by viewing the details of the update.
This means a vulnerability was found in the software that hackers can use to attack your site. When developers find security problems, they patch them up and release a new version of the software.
All you have to do is update the software on your site.
So if you see it’s a security patch, update it immediately to avoid any risk of being hacked.
One of the main reasons site owners ignore updates is that they can sometimes break your site or cause incompatibility issues. We recommend that you test the update on a staging site and then run it on your live site.
With that, you’ve learned how to fix and prevent XSS attacks on your WordPress site.
Before we wrap up, we’ll give you one more security tip. Always take regular backups of your website.
Even with the strongest security measures on your site, there are many things that can go wrong. For instance, a user can make a simple human error that crashes your website.
1. Is WordPress vulnerable to cross-site scripting attacks?
The WordPress core software is developed and maintained by some of the best experts in the world. Their software is pretty rock solid but keep in mind that no software is free from vulnerabilities.
The reason WordPress websites are attacked often is that the platform is so popular. And most users install tons of third-party themes and plugins. Vulnerabilities can develop in any of these elements and hackers can exploit them to hack your site.
2. Are there different kinds of cross site scripting attacks?
Yes. There are 3 main types of XSS attacks:
Stored XSS (also know as persistent XSS): Attackers stores their payload on a compromised server, causing the website to deliver malicious code to other visitors.
Reflected XSS: The payload is stored in the data sent from the browser to the server.
DOM XSS: Here, the server itself isn’t the one vulnerable to XSS, but rather the JavaScript on the page is.
Self cross-site scripting: Attackers can exploit a vulnerability that needs really specific context and manual changes. The victim here can only be yourself.
Blind cross-site scripting: In these attacks, the vulnerability commonly lies on a page that only authorized users can access. The attacker can’t see the result of an attack.
3. How do I make sure there are no other security issues on my site?
Make sure you always have a security plugin installed on your website. This is a must for all kinds of websites including WooCommerce, blogs, and small business sites. We recommend Sucuri, but you can also check out Wordfence, MalCare, and SiteLock. See more of our top recommendations here: 9 Best WordPress Security Plugins Compared.
That’s all we have for you today. We hope this post has given you everything you need to secure your website.
For more on website security, see our resources on:
Do you want to know what’s new in Google Analytics 4? How is GA4 different from Universal Analytics?
There’s a lot that’s changed in the new Google Analytics 4 platform including the navigation. Google has added new features and removed a number of reports you’re familiar with. And that means we’ll need to relearn the platform.
In this guide, we’ll detail the differences between Google Analytics 4 (GA4) vs. Universal Analytics (UA) so that you’re prepared to make the switch.
In this section, we’re detailing the things that are new in GA4 that aren’t present in Universal Analytics at all. A little later, we’ll go into depth about all the changes you need to know about.
Creating and Editing Events: GA4 brings about a revolutionary change in the way you track events. You can create a custom event and modify events right inside your GA4 property. This isn’t possible with Universal Analytics unless you write code to create a custom event.
Conversion Events: Conversion goals are being replaced with conversion events. You can simply mark or unmark an event to start tracking it as a conversion. There’s an easy toggle switch to do this. GA4 even lets you create conversion events ahead of time before the event takes place.
Data Streams: UA lets you connect your website’s URL to a view. These views let you filter data. So for instance, you can create a filter in a UA view to exclude certain IP addresses from reports. GA4 uses data streams instead of views.
Data filters: Now you can add data filters to include or exclude traffic internal and developer traffic from your GA4 reports.
Google Analytics Intelligence: You can delete search queries from your search history to fine-tune your recommendations.
Explorations and Templates: There’s a new Explore item in the menu that takes you to the Explorations page and Template gallery. Explorations give you a deeper understanding of your data. And there are report templates that you can use.
Debug View: There’s a built-in visual debugging tool which is awesome news for developers and business owners. With this mode, you can get a real-time view of events displayed on a vertical timeline graph. You can see events for the past 30 minutes as well as the past 60 seconds.
BigQuery linking: You can now link your GA4 account with your BigQuery account. This will let you run business intelligence tasks on your analytics property using BigQuery tools.
While this is what’s unique to GA4, there are a lot more changes than this. But first, let’s take a look at what’s gone from the Universal Analytics platform that we’re all familiar with.
What’s Missing in Google Analytics 4?
Google Analytics 4 has done away with some of the old concepts. These include:
Views and Filters: As we mentioned, GA4 is not using Data Streams and we explain this in depth a bit later. So you won’t be able to create a view and related filters. Once you convert your UA property to GA4, you’ll be able to access a read-only list of UA filters under Admin > Account > All Filters.
Customization (menu): UA properties have a customization menu for options to create dashboards, create custom reports, save existing reports, and create custom alerts. Below are the UA customization options, along with their GA4 equivalent.
Dashboards: At the time of writing this, there isn’t a way to create a custom GA4 dashboard.
Custom reports: GA4 has the Explorations page instead where you can create custom reports.
Saved reports: When you create a report in Explorations, it is automatically saved for you.
Custom alerts: Inside custom Insights, which is a new feature in GA4, you can set custom alerts.
Google Search Console linking: There isn’t a way to link Google Search Console with a GA4 property at the time of writing.
Bounce rate: One of the most tracked metrics – the bounce rate – is gone. It’s likely that this has been replaced with Engagement Metrics.
Conversion Goals: In UA, you could create conversion goals under Views. But since views are gone, so are conversion goals. However, you can create conversion events to essentially track the same thing.
Now that you know what’s new and what’s missing in GA4, we’ll take you through an in-depth tour of the new GA4 platform.
Google Analytics 4 vs Universal Analytics
Below, we’ll be covering the main differences between GA4 and UA. We’ve created this table of contents for you to easily navigate the comparison guide:
Feel free to use the quick links to skip ahead to the section that interests you the most.
New Mobile Analytics
A major difference between GA4 and UA is that the new GA4 platform will also support mobile app analytics.
In fact, it was originally called “Mobile + Web”.
UA only tracked web analytics so it was difficult for businesses with apps to get an accurate outlook on their performance and digital marketing efforts.
Now with GA4 data model, you’ll be able to track both your website and app. You can set up a data stream for Android and iOS.
There’s also added functionality to create custom campaigns to collect information about which mediums/referrals are sending you the most traffic. This will show you where your campaigns get the most traction so that you can optimize your strategies in the future.
Easy User ID Tracking
Turning on user ID tracking in UA was quite a task. But that’s all been simplified in GA4 with the new measurement model. You simply need to navigate to Admin » Property Settings » Reporting Identity tab.
You can choose between Blended and Observed mode. Select the one you want and save your changes. That’s it.
New Navigational Menu
In GA4, the reporting interface remains familiar and the navigation menu is still on the left! That keeps things familiar but there are quite a few menu items that have changed.
First, there are only 4 high-level menu items right now. Google may add more as the platform is further developed.
Next, each menu item has a collapsed view. You can expand each item by clicking on it.
Now when you click on the submenu items, it will expand the menu to reveal more sub menus.
In GA4, you’ll see familiar menu items you use for SEO and other purposes but in different locations. Here are the notable changes:
Realtime is under Reports
Audience(s) is under Configure
Acquisition is under Reports » Life cycle
Conversions is under Configure
GA4 also comes with completely new menu items as listed below:
Reports snapshot
Engagement
Monetization
Retention
Library
Custom definitions
DebugView
Measurement ID vs Tracking ID
Universal Analytics uses a Tracking ID that has a capital UA, a hyphen, a 7-digit tracking code followed by another hyphen, and a number. Like this: UA-1234567-1.
The last number is a sequential number starting from 1 that maps to a specific property in your Google Analytics account. So if you set up a second Google Analytics property, the new code will change to UA-1234567-2.
You can find the Tracking ID for a Universal Analytics property under Admin » Property column. Navigate to Property Settings » Tracking ID tab where you can see your UA tracking ID.
In GA4, you’ll see a Measurement ID instead of a Tracking ID. This starts with a capital G, a hyphen followed by a 10-character code.
It would look like this: G-SV0GT32HNZ.
To find your GA4 Measurement ID, go to Admin » Property » Data Streams. Click on a data stream. You’ll see your Measurement ID in the stream details after the Stream URL and Stream Name.
Data Streams vs Views
In UA, you could connect your website’s URL to a view. UA views are mostly used to filter data. So for instance, you can create a filter in a UA view to exclude certain IP addresses from reports.
GA4 uses data streams instead. You’ll need to connect your website’s URL to a data stream.
But don’t be mistaken, they are not the same as views.
Also, you can’t create a filter in GA4. In case your property was converted from UA to GA4, then you can find a read-only list of UA filters under Admin » Account » All Filters.
“A flow of data from your website or app to Analytics. There are 3 types of data stream: Web (for websites), iOS (for iOS apps), and Android (for Android apps).”
You can use your data stream to find your measurement ID and global site tag code snippet. You can also enable enhanced measurements such as your page views, scrolls, and outbound clicks.
In a data stream, you can do the following:
Set up a list of domains for cross-domain tracking
Create a set of rules for defining internal traffic rules
Put together a list of domains to exclude from tracking
Data streams will make a lot of things easier. But there are 2 things that you need to be aware of. First, once you create a data stream, there’s no way to edit it. And if you delete a data stream, you can’t undo this action.
Events vs. Hit Types
UA tracks data by hit types which is essentially an interaction that results in data being sent to Analytics. This includes page hits, event hits, eCommerce hits, and social interaction hits.
GA4 moves away from the concept of hit types. Instead, it’s event-based meaning every interaction is captured as an event. This means everything including page, events, eCommerce transactions, social, and app view hits are all captured as events.
There’s also no option for creating conversion goals. But GA4 lets you flag or mark an event as a conversion with the flip of a toggle switch.
This is essentially the same thing as creating a conversion goal in Universal Analytics. You can also create new conversion events ahead of time before those events actually take place.
In GA4, Google organizes events into 4 categories and recommends that you use them in this order:
1. Automatically collected
In the first event category, there’s no option to turn on any setting for tracking events so you don’t need to activate anything here. Google will automatically collect data on these events:
first_visit – the first visit to a website or Android instant app
session_start – the time when a visitor opens a web page or app
user_engagement – when a session lasts longer than 10 seconds or had 1 or more conversions or had 2 or more page views
Keep in mind that we’re only at the start of GA4. With Google’s ever-advancing and machine-learning technology, more automatically collected events may be added as the platform progresses.
2. Enhanced measurement
In this section, you don’t need to write any code but there are settings to turn on enhanced measurements. This will give you an extra set of automatically collected events.
To enable this data collection, you need to turn on the Enhanced measurement setting in your Data Stream.
Then you’ll see more enhanced measurement events that include:
page_view: a page-load in the browser or a browser history state change
click: a click on an outbound link that goes to an external site
file-download: a click that triggers a file download
scroll: the first time a visitor scrolls to the bottom of a page
3. Recommended
These GA4 events are recommended but aren’t automatically collected in GA4 so you’ll need to enable them if you want to track them.
We suggest you check out what is in the recommended events and turn on tracking for what you need. This can include signups, logins, and purchases.
Before we move to custom events, if you don’t see these 3 event types – automatically collected, enhanced measurement, and recommended – in your dashboard, you should ideally create a custom event for it.
4. Custom
Custom events let you set up tracking for any event that doesn’t fall into the above 3 categories. You can create and modify your events. So for instance, you can create custom events to track menu clicks.
You can design and write custom code to enable tracking for the event you want. But there is no guarantee that Google will support your custom metrics and events.
No Bounce Rate
The bounce rate metric has vanished! It’s been suggested that Google wants to focus on users that stay on your website rather than the ones that leave.
So this has likely been replaced with engagement rate metrics to collect more data on user interactions and engaged sessions.
No Custom Reports
UA properties have a customization menu for options to create dashboards, create custom reports, save existing reports, and create custom alerts.
A lot of this has changed in GA4. To make it easier for you to understand, here are the UA metrics and their GA4 equivalents:
Custom reports can be found in the Explorations page.
Saved reports are automatically created when you run an Exploration.
Custom alerts can be set up inside custom Insights from the GA4 home page.
One more thing to note is that you also won’t find a way to link Google Search Console with a GA4 property (at the time of writing). And that’s all the key differences between Universal Analytics and Google Analytics 4.
Now you may be wondering whether you HAVE TO make the switch to GA4. A lot of our users have been asking us this question so we’ll tell you quickly what you need to do.
Do I Have To Switch to GA4?
Google will retire Universal Analytics in July 2023. You’ll have access to your UA data for some time but all new data will flow into GA4. If you have a US property set up, you’ll see this warning in your dashboard:
So you have to set up a GA4 property sooner or later and we recommend that you do it sooner. This is because your UA data won’t be transferred to GA4. You have to start afresh.
You can set up your GA4 property now and let it collect data. In the meantime, you can continue to use Universal Analytics and use the time to learn the new GA4 platform. Then when we’re all forced to make the switch, you’ll have plenty of historical data in your GA4 property.
Want to skip the guide and use a tool? Then MonsterInsights is the best to set up GA4. It even lets you create dual tracking profiles so you can have both UA and GA4 running simultaneously.
These posts will help you track your users and their activity on your site so that you can get more valuable insights and analytics data to improve your site’s performance.
Are you trying to fix issues with WordPress search not working on your website?
While WordPress comes with basic search feature, it has some common errors and limitations that can keep your visitors from finding what they’re looking for.
In this post, we’ll show you how to fix problems with WordPress search not working.
Why Do WordPress Search Errors Happen?
Most websites have a search feature that helps visitors find interesting content on your WordPress blog or products that they may want to buy on your online store.
However, WordPress’ built-in search feature is very basic.
By default, it doesn’t search all types of content such as comments, reviews, or custom post types. This may stop the visitor from finding what they’re looking for.
The built-in search also focuses on matching search words with the post or page content without paying attention to things such as tags, categories, or custom fields. This is important information that can help your visitors get more accurate search results.
Lastly, there’s no easy way to customize the built-in search. For example, if you wanted to prioritize a post’s titles over its excerpt, or exclude certain pages from WordPress search, you would need to edit the code.
With that in mind, let’s look at how you can easily fix common problems with WordPress search not working. Simply use the quick links below to jump straight to the issue you’re having with WordPress search.
While WordPress has built-in search feature, not all themes may come with a search bar design. If your theme doesn’t come with a search bar, then there are a few ways that you can create one.
You can add a Search block to any widget-ready area of your WordPress website such as the header or footer. This is a quick and easy way to show a search bar across every page of your WordPress site.
To add a Search block, simply go to Appearance » Widgets. You can then find the area where you want to add a search bar, and click on its arrow icon to expand.
Then, just click on the + icon.
In the popup that appears, type in ‘search’ and then select the Search block.
Once you’ve done that, you can customize the Search block using the row of icons that appears above the block. This includes changing the size of the search button and adding some text.
When you’re happy with how your Search block looks, go ahead and click on the ‘Update’ button. You can now visit your website to see the search bar live.
Another option is adding the Search block to a specific page or post. For example, you might just want to show a search bar on your homepage or landing page.
To do this, just open the page or post where you want to show your search bar. You can then click on the + icon and add a Search block following the same process described above.
WordPress’ ready-made Search block is an easy way to add basic search to your site. However, if you want complete control over how your search bar looks and acts, then you’ll need a page builder plugin.
SeedProd is the best drag and drop page builder for WordPress and comes with over 80 professionally-designed blocks including a Search Form block. This allows you to instantly add a search bar to any area of your WordPress website.
All you need to do is open SeedProd’s editor and then drag and drop the Search Form block into place on your website’s layout.
Once you’ve done that, you can customize it using all the settings in the left-hand menu.
Once you’ve added a search bar, you can use the SeedProd theme builder to design a completely custom search results page that perfectly matches your brand. For more information, please see our guide on how to easily create a custom WordPress theme.
How to Fix WordPress Search Showing 404 Error
When a visitor performs a search, your site may show a 404 error such as ‘This page could not be found!’
You can often fix 404 errors by regenerating your permalinks. This rebuilds and repairs the WordPress permalink structure without changing anything on your site.
This may sound complex, but WordPress does all of the hard work for you.
To regenerate your permalinks, simply go to Settings » Permalinks.
Then, scroll to the bottom of the page and click on the ‘Save Changes’ button.
That’s it. WordPress will now regenerate your permalink structure. To make sure it worked, head over to your site and try performing a search.
How to Fix WordPress Search Showing Irrelevant Results
Every time a visitor performs a search, you’ll want to show relevant search results. This helps visitors find interesting content, which will keep them on your site for longer and increase your sales and conversions.
However, the built-in WordPress search doesn’t always show the most accurate results. This is because it looks for the search term in your post’s title and content only.
With that in mind, we recommend installing an advanced search plugin.
SearchWP is the best custom search plugin for WordPress, used by over 30,000 websites. SearchWP can search every part of your site including custom fields, WooCommerce products, categories and tags, PDF files, and more.
You can use SearchWP to adjust your website’s search algorithm and make sure your most important content appears at the top of the visitor’s search results.
The first thing you need to do is install and activate the SearchWP plugin. For more details, see our step by step guide on how to install a WordPress plugin.
Upon activation, click on the new ‘SearchWP’ button in your website’s toolbar. You can then go ahead and click on ‘Activate License.’
Once you’ve done that, click on the ‘License’ tab.
You can now either paste or type your license into the ‘License’ box. You’ll find this key in the email you got when you purchased SearchWP.
After that, go ahead and click on the ‘Activate’ button.
SearchWP integrates with WordPress search automatically, so right away your site will start showing more accurate results. However, to get the best results you’ll want to customize SearchWP’s search engine settings.
Here it helps to think about the way that search engines such as Google rank their content.
These search engines use algorithms to find high-quality content that closely matches the search term. It then ranks this content to make sure the best matches appear at the top of the search results page.
With SearchWP you can build your own algorithms and set your own rules, just like Google. This can improve the visitor experience, boost your conversions, and help you make money online with WordPress.
To configure SearchWP’s settings, click on the ‘Engines’ tab.
On this screen, you’ll see sections for the different types of WordPress content such as pages and posts.
For each section, SearchWP shows the attributes it looks at when performing a search. In the following image, we can see that SearchWP searches the page’s title, content, slug, and the page’s excerpt.
There is also an ‘Applicable Attribute Relevance’ scale for each attribute. This is the weight that SearchWP gives to each attribute when ranking its search results.
In the following image, we can see that a post’s title has more weight than its URL slug.
You can make an attribute more or less relevant using its slider.
There are no settings that are guaranteed to provide accurate results for every website. With that in mind, you may want to try different relevancy settings to see what gives you the most accurate search results.
You can also add different types of content to be included in your search results. For example, you can add PDF searching and indexing in WordPress if you have PDF files you want your visitors to be able to search for.
If you have any custom taxonomies or fields, then you can also tell SearchWP to look at this content when searching your site.
To add or remove attributes, click on the ‘Add/Remove Attributes’ button.
This opens a popup. To get SearchWP to ignore an attribute, simply uncheck its box.
If you want to add an attribute, then click to check its box.
Want to include a custom field or taxonomy in your searches?
Simply type in the name of that field or taxonomy, and then select it when it appears.
Once you’re happy with your attributes, click on the ‘Done’ button.
You can now change the relevancy for your new attributes following the same process described above.
Once you’re connected to your site, you can use FTP to open the wp-content/themes/ folder.
Inside the ‘themes’ folder, find the theme you’re currently using on your WordPress website. You can then open this folder and find the search.php file.
Next simply click on the search.php file and select ‘View/Edit.’
This will open search.php in your computer’s default text editor.
Now, check this template for any queries that contain query_posts, new WP_Query, or get_posts. This usually means that your theme is performing a redundant search.
If search.php has any of these queries, then we recommend switching to an alternative WordPress theme. To help you out, we’ve created a list of the most popular and best WordPress themes.
Another option is to hire a WordPress developer who can write a new template that doesn’t perform a redundant search.
How to Fix WooCommerce Product Search Not Showing Accurate Results
Fast search helps visitors find what they’re looking for in less time. This will improve the user experience and can increase your pageviews and conversion rate.
Unfortunately, the built-in WordPress search isn’t particularly fast. As you add more content, you may notice that your site takes longer and longer to return the search results.
The good news is that there are ways to speed up your site’s search. If you’re using an advanced search plugin like SearchWP, then you’re already off to a great start.
SearchWP is designed to deliver search results, fast. It’s also fully customizable, so you can ignore some of your site’s content when performing a search. For example, you may tell SearchWP to ignore your media metadata. This can speed up your search by reducing the amount of content it has to look through.
You can also improve the search experience by adding live Ajax search to your WordPress site. This is a dropdown that guesses what visitors are searching for as they type, which can make your searches feel instant.
