Tag: SEO

Best WordPress SEO plugins Yoast vs All in one SEO

The WordPress platform is the single most effective way of sharing content across the internet. With blogging and article writing being the most popular way to communicate with your consumer, you can count on WordPress to help you generate organic traffic to your site even with little to no experience. In this article we will outline some most used SEO plugins that will help enhance your site’s search.

If you’re searching for a way to drive traffic to your site, it is important to understand SEO and how to optimize your WordPress blog. There are hundreds of SEO plug ins to download right from within the dashboard that will help augment your website for maximum performance across all search engines.

Even though, WordPress out of the box offers basic SEO functionality, SEO plug ins are a great tool to help boost your rankings and conversion rates all as a result of each plug ins unique features and options.

Most SEO plug ins focus on identifying important keywords and sentence structures that will help effect the search engines algorithms to better match up your article with other relevant content across the internet.

By using the right SEO plug ins you can extend the functionality of your WordPress Site and its SEO to get a better return on your reader base.

When conducting SEO it is important to know some of these basic tips. When creating an article on WordPress remember that to get the best out of your WordPress site, you’re going to want to pay attention to the keywords you implement into your post.

You’re going to want to have a focus keyword that will appear at least 2-3 times throughout your article that relates back to your articles title. Also, it is important to have a description for your article that focuses on your keywords but is short and precise. To long of a description or title will effect the way your article is indexed and can give your article poor visibility.

Two of the most popular plug ins within the WordPress panel are All in One SEO Pack and WordPress SEO by Yoast. With millions of downloads between each plugin, it would be safe to say that these SEO plugins make a great addition to your WordPress experience.

All In One SEO pack plugin works best to boost your websites SERP. It has a 4.4 out of 5 stars with a positive rating and review section outlining the benefits of this effective SEO program. Its great for beginner and advanced users and starts working right out of the box after install. Here is a list of some the features you can expect from All In One SEO Pack:

All In One SEO Pack Features

  • All In One SEO pack offers XML sitemap support that submits your sites content to Google and Bing search engines helping improve your SEO
  • The only plug in that offers an extensive SEO integration specifically for WordPress sites that run ecommerce
  •  Generates meta tags automatically
  •  Identifies and highlights duplicate content within the body of your post
  • Supports Google Analytics and metrics

If you’re looking for a SEO plugin that helps boost your posts by magnifying your content then SEO by Yoast is the way to go. The Yoast plugin helps you to write better content with its built in content analysis functions.

It can easily pin point and identify errors within your post, identify focus keywords and recommend configuring better sentences for better reader visibility. With over 1 million downloads and a 4.5 out of 5 stars, the SEO by Yoast plugin is the best way to attract new readers.
SEO by Yoast Features

  • It has better seo optimized Social Integration options
  • Automatically generates XML sitemaps
  • Built in content analysis function
  • Provides Snippet Preview to see what your title would look like in Google
  • Robots.txt and .htaccess are editable within the plugin
  • Permalink clean up
  • Available in 26 languages

Yoast also offers several extensions which are worthy to have if you are an advanced WP user.

When using these  SEO plugins you will be able to soon see a significant difference in your sites traffic and word press performance. In order to take advantage of all the features of these SEO plugins, it is important to remember to follow each requirement of the plug ins built in fields. These SEO plugins will help you to not only have a better optimized site but it will also help you become a better blogger as well.

PC: All in SEO Pack plugin page

WordPress SEO By Yoast Vulnerability Puts Websites At High Risk

A perilous vulnerability has been found in the very popular plugin of the WordPress content management platform (CMS) putting about tens of Millions of websites at very high risks of hacking by the attackers.

The vulnerability is in almost all versions of a WordPress plugin which is called ‘WordPress SEO by Yoast’ As per Yoast Website, this plugin has more than fourteen million downloads which makes it one of the most famous plugins of WordPress to optimize websites for various search engines (Search engine optimization or SEO).

The person who discovered this vulnerability in WordPress SEO by Yoast is the developer of ‘WPScan’ (WordPress vulnerability scanner).

According to a published advisory the versions of WordPress SEO by Yoast before 1.7.3.3 are vulnerable to a web application flaw and this is known as ‘Blind SQL Injection’.

The SQLi (SQL injections) are known to be critical vulnerabilities they can lead to database breach and also to leakage of information that is confidential. Usually, in these attacks, a SQL query that is malformed is inserted into an application through client-side input.

How Does The Yoast Vulnerability Work?

However, in this case, the outside hacker cannot trigger the vulnerability itself because the flaw in actuality is located in a file that needs authorization for access and can be accessed only by Admin, Author or Editor and privileged users of WordPress. The file is ‘admin/class-bulk-editor-list-table.php

Thus, a trigger from authorized users is required for successful exploitation of this vulnerability. The attacker can make use of social engineering to trap the authorized users and make them click on a special URL that is payload exploitable.

As explained by Ryan to Graham Cluely (security blogger), if an authorized user of WordPress falls into the trap, the exploit will be allowed to carry execution of arbitrary SQL queries on the WordPress website of the victim.

A proof-of-concept payload was also released by Ryan for Blind SQLi vulnerability in the WordPress SEO by Yoast. This is as below:

http://victim-wordpress-website.com/wp-admin/admin.php?page=wpseo_bulk-editor&
type=title&orderby=post_date%2c(select%20*%20from%20(select(sleep(10)))a)&
order=asc

Patch for the Yoast SQL injection Vulnerability
If reports are to be believed, in the latest version 1.7.4 of WordPress SEO by Yoast, the vulnerability has been patched. The developers of WordPress plugin have done this and this is also mentioned in the changed log. It reads that latest version 1.7.4 has fixed “possible CSRF and blind SQL injection vulnerabilities in bulk editor.”

Normally, it is believed that your website is not seriously complete, if you don’t have the WordPress SEO by Yoast installed. The website owners aim at increasing the traffic of their website using this plugin and this vulnerability is really serious for them.

Thus, the administrators of WordPress that do not have an auto-update feature are highly recommended to upgrade their plugin (WordPress SEO by Yoast) manually as soon as possible. They should visit the WordPress plugin repository to manually download the latest version. If you have the WordPress version 3.7 or above, it is wise to enable the fully automated update of your plugins and themes. You can do this from the tab – Manage – Plugin and Themes – Auto Updates.