How To Manage Multiple WordPress Sites

Manage Multiple Wordpress Sites

Trying to manage multiple WordPress sites can become a tall order pretty quick. First, you need to log into one site after another. Then, go through plugin updates and make sure they’re compatible with your chosen theme. Configuring plugins or customizing settings of active themes can be another routine challenge. Doing this over and over again can end up sucking all your time – an asset you can’t buy.

One Dashboard for Multiple WordPress Sites

The thought behind single-interface solutions is that they’d overcome this time-wasting process by allowing you to manage multiple WordPress sites from just one location / dashboard ( you may also read about WordPress multisite environment ). That’s why they provide the convenience of a single login. And one interface in one central location, letting you get in all your WordPress sites’ dashboards, without the big run-around.

Moreover, having a single login point helps you update plug-ins and themes. And this can be really useful if you’re managing clients’ WordPress websites. They aren’t always diligent about this kind of thing. So having overall control like this wins you back lots of precious hours.

Features of a Good WordPress Management Solution

Features of a good WordPress management solution - Plesk Multi Server Management

A good interface should be able to handle core updates as well as plug-ins – so always look for that. And you also want to be able to do offsite backups. Because hackers and malware scum are always keen to compromise your systems. Therefore, having the ability to safely back up offsite can be a lifesaver. Uptime monitoring is another useful feature because it’s a great way of showing whether your host is doing what they say they’re doing. And that your clients are getting their value for money.

Some WordPress platforms even include SEO monitoring & analysis ( read more about SEO Toolkit ) giving you access to analytics without the need to go hunting through Google Analytics. These are just a few of the essentials and extras on offer with the platforms listed below to manage multiple WordPress sites.

Reviews of Multiple WordPress Site Management Solutions

Reviews of Multiple WordPress Site Management Solutions - Plesk

1. Calypso

Calypso is Jetpack’s own offering to help you manage multiple WordPress sites. It’s for WordPress.com users, but self-hosted sites running Jetpack can also be looked after using the same dashboard.

But even more, Calypso is perfectly capable of editing a large number of WordPress.com websites from one central point. And with .com sites being such a sprawl of disparate applications, this platform offers a great way to keep them all under control. In the end, JS and the WP Rest API make it very quick – quick enough that you can watch changes you make in real-time.

Calypso Pros

  • Pages load straight away
  • Desktop UI
  • Real time working
  • Manage multiple WordPress sites
  • Take care of self-hosted and .com sites
  • Easy-to-use dashboard (some prefer it to the wp-admin panel)

Calypso Cons

  • Not yet fully-integrated with self-hosted websites
  • Not great for theme developers who build bulky panels

2. InfiniteWP

InfiniteWP has a lot to offer, which is perhaps why it’s so popular amongst those who manage multiple WordPress sites. The upgraded version gives users access to Utilities, Analytics, Maintenance, Managing, Reporting, and Security. There’s a risk-free 14-day moneyback policy. So it’s well worth taking for a test drive – no obligation to buy.

InfiniteWP Pros

  • One dashboard covers multiple WordPress sites
  • Simple staging and cloning
  • Site cloning using FTP authorizations
  • Plug-ins and core updates and management
  • Check broken links

InfiniteWP Con

It’s “freemium” so you have to pay extra for the good stuff.

3. ManageWP

When ManageWP first opened up shop in 2010 there weren’t many WordPress management tools out there, so it was quite new and exciting to have one tool that let you manage lots of different sites. By the end of their first month that tool was managing 100,000 websites, which is a pretty incredible achievement for a brand-new business. But how does it fare today? Let’s take a look.

ManageWP Pros

Reliability:

No ManageWP review is complete without considering reliability. And luckily, it remains at the top of the list of reliable multisite WordPress management tools. The free version backs up all your sites automatically once a month, but if for some weird reason you want to disable it, you can. ManageWP also lets you run performance and security checks.

The ManageWP dashboard shows you info that might help you optimize certain things. So you can see how many spam comments and site revisions you have (keeping your database manageable) and your database size. You can fix all these with one click.ManageWP also organizes your analytics, and can adequately count page views. However, you can also get more via your Google analytics account. All in all it’s pretty good, but it’s worth noting the few tantrums it’s thrown every now and then. Like breaking same demos, among other things.

Ease of use:

ManageWP is easy to use and the interfaces easy to navigate. It provides useful tooltips as you go, so every section you visit can provide explanations. In fact, everything is thoroughly documented, and we think that it’s enough to get any regular WordPress user up to speed on ManageWP pretty quickly.

Plugin management:

If a plugin needs to be updated you’ll see it on your ManageWP dashboard. If you want to tweak them individually, just head into the settings on each of your sites. This will let you activate, deactivate, and delete any plugin you choose.

A menu here lets you add new ones. It includes the WordPress.org repository, cloud storage, and ordinary URLs or ZIP files. As comprehensive as it is, ManageWP won’t let you alter each plug-in’s unique settings. But you still have your WordPress dashboard to take care of that.

Update management:

When you log in to your manage WP dashboard, you’ll receive WordPress core updates. And, you can see if your sites are running different versions on your Overview bar (left side of the screen).

ManageWP Cons

  • Add-ons: premium add-ons can get expensive (especially for enhanced backup features)
  • Not self-hosted: (some users prefer self-hosting for added security)
  • Lack of extension: not as many premium extensions as with MainWP

ManageWP gives you a lot of features considering its a freemium tool, and there’s no limit to the number of WordPress sites you can use. You’ll miss a few premium add-ons with the free version, but there’s nothing you can’t do without.

This ManageWP review commends the suite for its simplicity. Users still love the fact that its WordPress management tools are fairly easy to get to grips with.

4. MainWP

MainWP is a self-hosted solution lets you manage lots of WordPress sites. We’d recommend it because it’s easy to use and has really good support.

MainWP Pros

Comprehensive features:

As with ManageWP, MainWP gives you one-click updates, backups, cloning, uptime monitoring, SEO analysis, white labeling, and more. But, MainWP also has extensions that let you spin content across your sites – Useful if you’re looking after sites dealing with similar subjects. Plus, using and storing code snippets, and Piwik stats integration. New extensions appear all the time and MainWP also offers API hooks for developers who want to make their own extensions.

Control:

Because MainWP is installed on your server, you have full access to logs for troubleshooting any issues that might occur. You can also access MainWP on Github if you want to customize the plugins for your own use. MainWP’s clarity lets developers make the service better, which is great to know.

Costs:

This MainWP review finds that it’s great value, because you only pay for extensions that make it more functional. So say you were to buy 3 extensions at $18.99, that would still come to less than cost of running ManageWP for one month. You still get lifetime support and updates.

White labeling:

The entire WP dashboard can be white labelled, so you can easily rebrand a clients’ entire experience if you need to. The child plugin you install on client sites will retain that branding during updates. This is something that ManageWP has struggled with at times.

All in all, this part of MainWP has been great. Auto updates. With MainWP, you can configure “trusted” theme and plugin updates working across your client sites automatically. But it’s wise to do so with caution. If you just use this with the plugins you know, it won’t cause you problems. You can set it and forget it.

MainWP Cons

Installation process:

You can expect to install MainWP and a few purchased extensions in around 1 hour. And it does require some effort and some head scratching. The uptime monitoring extension was particularly tricky.

Server load:
At the moment you can’t specify a backup time, and the server load increases a lot when you do, slowing down your sites. This can be resolved by setting up separate backups for each site instead of specifying backup of every site every day, such a time-consuming job defeats the purpose.

No shared hosting: Please note that MainWP won’t work with shared hosting, or at least we haven’t found a shared host that will allow it to.

5. WordPress Toolkit by Plesk

Wordpress Toolkit

Then there’s the WordPress Toolkit, an alternative way on how to manage multiple WordPress sites.

It makes it easy to install, configure and manage multiple WordPress installations.

We must admit here that WordPress Toolkit is more suitable for experienced system administrators and developers who are passionate about having top-notch flexibility.

As well as absolute control over the infrastructure that they own.

WP Toolkit Pros

  • Easy Installation: The 1-click installer of WordPress Toolkit does all the job – WP download, database creation with a dedicated user, creation of admin account in WordPress and initializes WordPress so that it’s 100% ready for use out of the box.
  • Staging Environment: With WP Toolkit you may clone your site, create a staging environment for any experiments. As soon as all experiments are over – sync to production as soon as you polished everything.
  • Theme/Plugin Management: You may install/activate/deactivate a plugin/theme on one or several WordPress instances at the same time. Bulk removal of plugins and themes is also possible.
  • 1-Click security: It’s possible to scan multiple WordPress sites to identify and protect your core installations. Almost full absence of manual work. WP Toolkit security solution takes into consideration all latest WP Codex and WP security recommendations and practices.
  • Backup: If something goes wrong on your site because of any reason – restore points and backup will help you to restore your WordPress website(s) to previous stable state.
  • Debug Management: WP Toolkit gives ability to manage all important debug options on per-instance basis from a single interface.
  • Indexing for SEO: It is possible to control indexation of your website. Allow or disallow indexation on a per-instance basis.
  • Maintenance Mode: activate WordPress maintenance mode when updating WordPress, plugins, or themes with a single click.
  • Command Line Interface: WordPress Command line interface is easily accessible for all WordPress instances you have on board. Import a database, create a new user, update themes and plugins in a flash using WP-CLI.
  • Smart Updates: This feature for WordPress Toolkit analyzes updates and performs them without breaking the site. It also notifies you if the update is dangerous.

WP Toolkit Cons

  • Current and upcoming versions of WordPress Toolkit are fully dependent on Plesk.

WordPress Edition – a Multiple WordPress Sites Management Platform

Use Plesk WordPress Edition

Recently Plesk presented WordPress Edition, a bundle which includes all you need to run and manage WordPress-based hosting business – Plesk Onyx hosting platform, WordPress Toolkit and some other important extensions like Backup to Cloud Pro, Sucuri Security Scanner, Speed Kit , Uptime Robot and SEO Toolkit.

The Time for Multiple WordPress Site Management

The process of management multiple WordPress sites is not necessarily sophisticated, however time-consuming and requires a lot of time resources. As soon as you realize that taking care of your WordPress sites occupies significant part of your working time – it is the right moment to start using one of the solutions described above.

Every solution reviewed previously let you manage multiple WordPress sites using one central location. Each of them comes with list of extra tools that can simplify and improve your workflow. Before making a choice you need to remember that it is not only about functionality, but also about usage experience and other factors related to certain solution’s performance in perspective of  defined technical environment.

How to Optimize WordPress with Redis and Docker

Redis with WordPress

Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache and message broker. It supports various data structures and offers extensive customizations. In this article, we’re going to discuss how you can use it to optimize a WordPress website.

WordPress Cache and Redis

WordPress caches internal application objects, like breadcrumbs, menu items, and so on, in the MySQL database. It may be quite taxing since that database also handles queries for page requests. Both combined may increase website load-times.

Redis offers a caching mechanism that substitutes MySQL database. When a user visits a WordPress website, the MySQL queries necessary to generate the page come via Redis, which also caches the results. This helps to reduce loading time.

How Does WordPress and Redis Work Together?

When a user requests a WordPress page for the first time, MySQL queries are performed on the server. Redis caches the result of those queries and stores it. So, when another user requests the same page, Redis provides the information, bypassing the database.

If the query is not cached by Redis, MySQL provides the results and then adds them to Redis cache. When a particular value is updated in the database, the corresponding Redis value becomes invalid. Therefore, you avoid serving bad cache data to the user.

Running Redis with a Docker Container

To simplify the Redis installation, we’re running it in a Docker container. To install one via Plesk, go to Server Management > Docker and search for the image, then click Run (local):

Running Redis with a Docker Container

We’re using the bitnami/redis image, and the following settings (change redispassword to something else, and the IP address to IP of the container):

How to optimize WordPress with Redis - Redis and Docker

Install Redis Object Cache Plugin Via WordPress Toolkit

Now that our Redis server is running properly, we can install WordPress plugin Redis Object Cache to our WordPress instance using Plesk WordPress Toolkit:

Redis Object Cache Plugin Via WordPress Toolkit

Just search the plugin name and install:

How to optimize WordPress with Redis - Redis Object Cache Plugin

Before enabling object-cache in WordPress, you have to add the following lines in your wp-config.php file. You can do that in Plesk via File Manager.

define( 'WP_CACHE_KEY_SALT', 'example.com:' );

define( 'WP_REDIS_PASSWORD', 'redispassword' );

The first one adds a prefix to all cache keys stored in Redis. Thus, allowing you to use object-cache for multiple WordPress instances on the same server. The second protects Redis with a previously specified password.

Redis Object Cache Enabled

Then, you can enable object-cache in the plugin settings page – in WordPress. The final result will look something like the above screenshot.
Let us know if this guide was helpful to you and any feedback you may have on the topic!

WordPress User Roles Explained

WordPress User Roles

If you have a website where lots of people need to have access, so they can contribute, make edits and so on, then you can’t escape the need to give each one of them their own role. By “role” we’re not talking about what they do as such, we’re talking about the kinds of permissions that they have. WordPress features 5 pre-defined roles, which at least gives you some templates that mean you don’t have to start from scratch. Hopefully one of them will roughly correspond to the level of permissions that you want your users to have, so they’ll only be able to make the kinds of changes that you have in mind and won’t be allowed to change things that are best left to you.

The List of WordPress User Roles

Here’s a rundown describing each of the WordPress user roles:

So, as we said, you need to know what each of them allows the user to do to your precious site before you go dishing them out.

Administrator

The omnipotent administrator has the run of the site, with the ability to change anything and everything. If you own the site, then you’re given this role as standard. Administrators can delete plugins and install new ones, change themes, and wield the knife with any and all posts and pages.

They can upload new images, video, and so on, add and remove users, alter names and passwords. They can also remove other administrators.

So, it should be obvious that such a powerful role should not just be handed to anyone. Only people you trust absolutely should be given administrator access.

Editor

The editor has total control of content, including posts, pages, media, and comments. The Editor label means that this person can add, edit, publish, and delete their own posts along with other people’s. They can also do the same for comments and images.

So, the editor can do most of what the admin can do, but they can’t fiddle with site settings, plugins, themes and users. For security reasons it’s considered good practice to set your new users as editors, even if you’re the only person publishing any content.

Usually, hackers as well as site visitors can see a username under each and every post on your site. They can then use that knowledge to try what’s called a brute force attack to get access to the site. Clearly, if they gain unauthorized access as an editor then they won’t be able to do anything more than superficial damage, changing and removing content, but not changing settings

Author

The next step down the ladder is the author role. Authors can write, delete, edit, and publish their own posts only. They have no control over other people’s material. They can’t create new categories or tags, but they can assign existing ones. They can also add media files.

They don’t have permission to moderate comments and can’t change settings, plugins, themes, or user profiles, apart from their own.

Contributor

Contributors can add posts and edit them, but they can’t publish or delete them. Equally, they aren’t allowed to create new categories and tags and they don’t get to upload media files. This can be pretty annoying if you use certain contributors on a regular basis, as you’re reliant on editors or authors to add their work to the site on their behalf.

They can assign existing categories and tags to their posts, and while they can look at comments, they don’t get to moderate them.

Contributors aren’t allowed to manage the settings page, so they can’t change, upload, edit, activate or deactivate themes and plugins.

Subscriber

This is the role that each user gets by default if site registrations are enabled. It sits on the bottom rung of the permissions ladder. It only lets users access their own user profile, read content and post comments.

Subscribers can’t create posts, look at comments, manage other users or change any settings.

Special WordPress User Role – Super Admin

This is an additional role unique to site owners on the WordPress Multisite Network. The Super Admin role is like an admin role in all respects, with the addition of the ability to add and remove sites on the network.

Closing Thoughts

You can help your site’s security a lot by getting to grips with the various permissions associated with these default user roles. It helps you to keep your users organized and your sites safe. If you need extra control or want to define your own user roles with bespoke permissions that fit the requirements of your website better, you might want to try the Capability Manager Enhanced plugin. It lets you handle your current WordPress roles, edit all role permissions, add new roles, and more besides.

How Formerly Skeptical IP-Projects Turned Direct Plesk Partner

How IP-Projects Turned Direct Plesk Partner

What makes our customers and partners tick? We asked Michael Schinzel, Managing Director at IP-Projects and long-term Plesk partner about what made them choose us. Seems it was a shift of perception, proper support when in need, and open discussions about prices. 

Who are IP-Projects?

The hosting company IP-Projects focuses on personalized direct customer support and its mantra is to solve the needs of its customers. And these very customers asked specifically for Plesk. Why? Because they prefer a user interface that allows them to create and manage domains within seconds – within a single platform.

Watch Michael Schinzel tell the full story of how the “rather small or medium-sized” IP-Projects powered up with Plesk. 

So, based on a pure cost /benefit analysis, Michael says IP-Projects opened up to Plesk. But it was not an instant decision.

Initial Reservations of Plesk and Change of Perception

The start was not very optimistic, as IP-Projects was rather reserved towards using Plesk. The perception was that it was a rather confusing and complicated management panel, some time back in 2011. Therefore, Michael recalls, “until the time when our former license partner had ceased to cooperate with Plesk, we did not deal with your company intensively.”

Michael Schinzel from IP-Projects

IP-Projects go from fear to finding something special in Plesk.  

“In our experience, there is no other hosting control panel with such a diverse offer.”

size: 24pt;"> 

“Only in 2014 did we become a direct Plesk partner. From that point on, Plesk established itself as a real alternative to the free dashboard we were using.” 

Finding Solutions to Critical Issues

Plesk is an added layer over IP-Projects’ server infrastructure. Their numerous enhancements such as the SEO Tools, WordPress Toolkit and Joomla! Toolkit, are also valuable add-ons for IP-Projects customers. They discovered it to be a great choice due to our management interface. But one of the strongest arguments for using Plesk is the technical support offered free of charge for direct customers.

“[Plesk Support] created several service tickets for a range of issues. And some were not even 100% coming from the Plesk hosting panel. We always received excellent support from the customer care teams. Without any additional costs. This is how we discovered that Plesk has become a reliable partner in the recent years”

Michael Schinzel

Good Value for Money

When it comes to Plesk pricing levels, Michael Schinzel believes that startups should benefit from a pricing tier dedicated to this category.

Good value for money - Plesk Panel

“This way they would be able to offer new providers good conditions to buy Plesk licenses. For example, a special discount for 1-2 years for direct partners.” 

size: 18pt;"> 

With such a settling offer in their pockets, companies on the same range as IP-Projects could build a customer portfolio faster. And once secured, they can scale up by choosing from Plesk’s solutions portfolio. Nonetheless, IP-Projects moved smoothly past this specific initial challenge. And Plesk played a key role in this regard.

How? Plesk is always open to discuss license prices and other possibilities of cooperation with customers. IP-Projects listened to its customers, as does Plesk. They both met halfway. However, being open to price negotiation is not all.

Plesk support for direct partners is the other top differentiator. Faster and leaner operations for direct partners generate happier customers – And this provides great value for money.

Not tried Plesk yet?
See how a free 14-day trial can help your business.

Are you a reseller?
You can sign up for exclusive Plesk Partner Benefits.

The WordPress Toolkit 4.1 Update

The WordPress Toolkit 4.1 Update - Plesk

We’re thrilled to announce the public availability of WordPress Toolkit 4.1. Due to the large amount of changes under the hood, we needed more time to ensure everything works. However, good things come to those who wait because here it is now! Featuring the Remote WordPress Management Plugin, Website Quarantine and more great improvements.

Remote Management for WordPress Toolkit Plugin

Let’s start with the biggest change introduced in WordPress Toolkit 4.1: The Remote WordPress Management Plugin. The plugin is a part of the overall Remote Management functionality, which is still available as a Beta feature.

Remote WordPress Management

Many customers told us they couldn’t use the Remote Management feature because they don’t have root SSH access to the remote server. The only other (reasonable) way to connect remote WordPress sites on such servers was to use a WordPress plugin.

Once you provide access credentials to the remote WordPress site, WordPress Toolkit connects to it and installs the plugin. The Toolkit can then manage the site to the full extent of capabilities offered by the Remote Management functionality.

Connect Remote WordPress Website Automaticall

In rare cases where WordPress Toolkit for some reason cannot connect to your site and install the plugin, there is a workaround offered directly in the interface:

Connect Remote WordPress Website Manually - WordPress Toolkit 4.1 - Plesk

In short, you need to download the plugin and install it in WordPress manually. Then copy the connection data and paste it in the connection window inside WordPress Toolkit.

Remote WordPress Management Plugin - WordPress Toolkit 4.1 - Plesk
Remote WordPress Management Plugin Settings

To minimize the impact on hosters, the ability to use the plugin is limited to server administrators. The plugin will leave Beta once the whole Remote Management feature leaves Beta. Speaking of which, we’ve made a number of improvements to the Remote Management functionality based on internal testing and user feedback.

WordPress Website Quarantine

We’ve often encountered a situation where scanning the server for WordPress sites made the WordPress Toolkit completely unresponsive. After some digging, we found that, most of the time, it is malware infection on one or more WordPress sites on the server that causes this problem. This caused WordPress Toolkit not to properly access certain important files. So it was doomed to eternally wait for files, while not responding to any commands.

WordPress Toolkit 4.1 Quarantine

To address this issue, we added a reasonable timeout for certain WordPress Toolkit operations. The suspicious WordPress websites that WordPress Toolkit finds now go into quarantine mode. Then, WordPress Toolkit proceeds to working with the rest of the websites. This fix should also address several reported issues with connecting remote servers that host such websites.

Site Health Check Support for WordPress Toolkit 5.2

WordPress 5.2 has introduced a new feature called Site Health Check. This feature helps website owners get useful information about the health of their website. Unfortunately, we found out WordPress Toolkit was not working well with WordPress updates.

This was not easy to fix, but thankfully, our top-notch engineers found a good solution. The constant in wp-config.php file now contains the actual status of WordPress automatic updates. So the health check isn’t triggered by it – unless you turn off all automatic updates manually. However, WordPress Toolkit will still handle the updates, and you can get notifications and use Smart Updates as before.

WordPress Toolkit improvements, fixes and upcoming releases

WordPress Toolkit now provides more information about broken websites to help users identify the website and troubleshoot the problem. You can now find the exact path where the broken files are located.

WordPress Toolkit 4.1 - Broken Website path - Plesk

Another notable improvement was related to the Clone and Copy Data functionality. These operations can now handle absolute paths in WordPress database.

Our team has also fixed a bunch of customer-reported bugs too, which you can find in the full WordPress Toolkit 4.1 release notes. The next WordPress Toolkit release will focus on changing the way our Smart Updates work. This and several more customer requests that we’ll address. So stay tuned for news about WordPress Toolkit 4.2.

How do you like the new available WordPress Toolkit 4.1 release? Tell us in the comments.

arrow icon - Plesk

Remote WordPress Management Arrives With WordPress Toolkit 4.0 [ VIDEO ]

Remote WordPress Management

You’re about to experience a fundamental change to the world of WordPress Toolkit: the ability to manage remote WordPress sites. This feature is Remote WordPress Management – publicly available as part of the WordPress Toolkit 4.0 release. Let’s dive into the details so you can install it on your server today.

Not installed WordPress Toolkit yet? Watch the quick demo and get the new version right away.

Remote WordPress Management: Currently in Beta

As you can see from the demo above, all intended functionality is already there. But it may have bugs and few screens that need a UX polish. Since Remote WordPress Management is a beta feature, we’re providing it for free temporarily. Licensing will become available when the feature is 100% production-ready.

How to access Remote WordPress Management from WP Toolkit 4.0 - Plesk
How to add a Remote server with WP Toolkit 4.0 - Plesk

To avoid any unpleasant surprises, you’ll see the below notification the first time you open the ‘Servers’ tab. You’ll also get notified here with advance notice when licensing will be becoming available.

Remote WordPress Management Beta notice on WPTK 4.0

Remote WordPress Management Limitations

Remote WordPress Management Limitations
  • Remote Management is only available in Plesk 17.8 or later since it requires new WordPress Toolkit UI.
  • Remote servers can be Plesk, cPanel or no panel but must be Linux. Windows remote servers aren’t supported yet – but this might change depending on the amount of user requests.
  • In order to connect a remote server, you need to have root access to it. We know it’s a serious limitation, so we’re already prototyping a WordPress worker plugin you can install inside WordPress. This plugin will connect the WordPress site to a central WordPress Toolkit server, letting you manage the site without root access.
  • Installation and data copy features aren’t available yet but will be in time.
  • Since cloning isn’t available yet, Smart Updates aren’t either. This will change when cloning can also support remote sites.
  • A number of security measures that require modification of web server config aren’t available for remote installations. But we’re planning it for upcoming WordPress Toolkit updates.
  • Password protection feature is too deeply-integrated in Plesk right now, so it’s not available either.
  • Since we’re working with non-Plesk servers, nginx caching management is missing for remote installations. We’ll make it available for Plesk servers later, but non-Plesk servers may prove too difficult.
  • Database management is using a lot of Plesk-specific things, so we cannot provide it for remote sites at the moment.
  • Both File manager and Backup integration are linked to Plesk functionality. Making them available for remote sites means we need to implement both features from scratch. It’s a huge undertaking, so these two features will probably be the last to be available for remote sites.

Everything else is already there, so check out the feature, spread the word, and let us know what you think.

More WordPress Toolkit 4.0 Updates

Smart Updates

One of the problems we’ve had with the Smart Updates feature was that the update procedure itself acted like a black box for the users. Some reported staring at the screen for a half hour thinking nothing was happening, wondering if the system still worked. We have hopefully improved this now since WordPress Toolkit 4.0 displays the steps the Smart Updates procedure has taken.

Smart Updates and WordPress Toolkit 4.0

This only works for a single site update, since we’re still trying to figure out how to properly display the multi-step progress for several sites at once without making a mess in the UI. At least now you’ll know which steps are taking so long!

New User Interface is Everywhere

Now all the WordPress Toolkit functionality links in the Websites & Domains screen lead to the new interface. Because they previously were not. And yes, we’d love to show WordPress Toolkit 4.0 site cards directly on the Websites & Domains screen – we’re working on that. 😉

New User Interface in WPTK 4.0

Database Server Info added to Database Tab

Yes, although this change does improve your life, it is a small change. However, the overall product experience is comprised of these small experiences. So it’s important for us to keep the product polished and make sure it doesn’t feel sloppy.

Add database server info to database tab in WPTK 4.0

Cloning and Data Copy Improvements

You can now see the physical path of a WordPress site when you clone it or copy data from one site to another. This is useful in the rare case where your domain’s document root is pointing to another domain document root, so you need to be sure you’re not unexpectedly overwriting any data.

Cloning and data copy improvements

Also, WordPress Toolkit can now prevent users from trying to clone their WordPress site to a destination where another WordPress site already exists. Or a site into itself. We’re not exactly sure why somebody would do that, but we’re sure they won’t succeed.

Cloning in WordPress Toolkit 4.0

WordPress Toolkit 4.1 Plans

Finally, I want to thank every person who actively participated in making this release see the light of day: Alexey B, Aleksey F, Aleksei V, Vladimir B, Igor L, Sergey S, Evgeny P, Igor L, Olga K, Nikolai T, Dmitriy M, Stas M, Lana K, Natalia A, Katerina S and Evgeny B.

Our obvious focus for the next major release is to gather the feedback on the Remote Management functionality and see what users are asking for. Besides that, we’ve got a few more surprises up our sleeves, so stay tuned for the imminent April release!

Give us feedback on Remote WordPress Management in the comments below!

arrow icon - Plesk

The Admin Benefits You’re Getting with Plesk Server Control Panel

Admin Benefits of the Plesk Server Control Panel - Plesk

Web experts design hosting server control panels to help any kind of user, no matter how technically-skilled. Why? Because their goal is to help properly set up and manage websites. Instead of having to type complicated commands, users can just have a user-friendly GUI that performs actions. At the moment, the Plesk server panel is one of the most popular web hosting control panels in the world.

It has an intuitive and clear interface that everyone can find their way around. Especially true if the user has WordPress experience since the Plesk interface assumes a WordPress approach in terms of usability. Keep scrolling for details of Plesk’s core features.

Don’t have Plesk yet?

Get a Plesk Quote Try Plesk for Free

1. Easily Customizable Plesk Server Panel

Easily Customizable Plesk Server Panel - Admin Benefits of Plesk - Plesk

So why is Plesk so intuitive and simple? Because it provides the scope of all necessary tools you need to start – the right way. Essential tools that help you manage your website’s whole lifecycle. With Plesk Onyx, the latest release, you can use category pages for easy navigation while looking for the right tools.

Apart from Onyx basics, you can even customize your Server Panel with various extensions, split into categories within the menu. You’ll find the most popular ones on the main page and more extensions you may need in any of the categories. Narrow your search if you like and you can quickly add extensions in just a few clicks. Here are some favourites:

Also, you don’t have to pay for extensions you don’t need. Because Plesk designed its interface for you to only add what you use. This is how the overview is kept clean and simple within the server panel. Plesk Onyx and other latest versions also provide better support with new extensions such as Git, Node.js, Ruby, and Docker.

2. High Level Of Compatibility

High Level Of Compatibility - Admin Benefits of Plesk - Plesk

Plesk server panel supports many different operating systems, platforms and technologies. Thus multiplying its strength and contributing to the fact that most Windows Server installations use the Plesk control panel. Since cPanel and others don’t support Windows OS.

Still, the Plesk server panel isn’t limited to Windows servers only – it supports many different Linux versions too. Plesk also works with lots of different tools and platforms. Like the out-the-box WordPress Toolkit extension. This comes available and ready to use with most Plesk Onyx editions.

3. Variety of Admin Tools

Variety of Admin Tools Available - Admin Benefits of Plesk - Plesk

Administrators’ tools and extensions also include Magento, Patchman, CloudFlare CDN, and Let’s Encrypt. Compatibility with various OSs, tools, apps, and platforms allow admins to run their sites the way they see fit. Not just limiting themselves to useless or unappealing options.

Give users the ability to find what they need and add it to their control panel. You’ll ensure a clutter-free environment that’s easy to use and navigate.

4. Automation and Easy Management

Automation and simplified setup procedures are among the core benefits that Plesk brings to the table. Because server admins get to reduce the efforts and time for routine tasks when they need to.

You can install Plesk on Windows easily as it has a very intuitive GUI. It’s also easy to set up on Linux because it only requires one command to install with default settings. To set up a website using Plesk Onyx, you’ll have to go to the Domains page. First, simply click the domain name. Then choose Files > Databases > Install Apps > Install WordPress to make a brand-new website.

If you use a CMS like Drupal, Joomla or WordPress, you can create, secure and launch a site in minutes. Just drag and drop to add new content or features without having to insert a single line of code. Most extensions have one-click installation so you can set them up instantly.

You can automate server tasks by going to Tools and Resources. Then choosing Scheduled Tasks on the Tools and Settings page. Here you can schedule commands or PHP scripts too.

Moreover, you get extensions like Perfect Dashboard that give you more task automation power. For example, one-click updates for all websites on one account and automated backup integrity verifications. Or engine tests to show if any layout changes have cost you broken SEO tags, social tags, or display errors.

Who can start on Plesk Server Panel?

Various end-user groups with any level of experience can easily use the Plesk server panel. Because it has a clean and user-friendly GUI, huge compatibility potential and a large extension ecosystem. The latest Onyx release has a similar approach. Thus giving more capabilities, including tools and multi-server abilities.

Although there are administrators who still prefer working on CLI, Plesk may still save their time. And beginners get to learn quickly and get rid of the need for third-party support services.

Don’t have Plesk yet?

Get a Plesk Quote     Try Plesk for Free

Why We Took Plesk to the Nordics #WCNordic

WordCamp Nordic

WordCamp Nordic was two years in the making and we were more than excited to be a part of this very first edition in Helsinki, Finland. There were many reasons why we sponsored and joined the event. Read on to find out.

Top Reasons We Sponsored the First WordCamp Nordic

WordCamp Nordic - Plesk Team
  1. Backing Open Source Projects
    We love open source because we get exposed to new and alternative concepts, techniques and approaches to solving problems. Plus, it helps create innovation opportunities.
  2. Investing in the WordCamp Community
    Being present in a first-time location creates opportunities to meet new people in a different region. If our contribution can help provide more of these events where people can strengthen relationships and create magic – then so be it.
  3. Supporting WordCamp Nordic Values
    We wanted to actively support this very first regional Nordic WordCamp which was a door-opener for more regional medium-sized WordCamps worldwide.
  4. Learning from industry professionals
    We weren’t there just to share our knowledge, contributions and resources. But also to learn from the WordPress experts about small business woes, hosting fears, developer tips, and more. All useful info we can share with our customers for a better WordPress and ultimate online experience.

Julius Haukkasalo on top business mistakes you can avoid

Julius Haukkasalo at WordCamp Nordic

As mentioned before, we were also at WordCamp Nordic to learn. And among the many talented individuals at the event, we discovered Julius. A business owner, who had a lot of wisdom to share on running a company. Especially useful for many of our Plesk customers, who also manage businesses themselves. Here are the top three tips we took from him.

 

  1. Don’t try to do it all alone

 

It’s easy to delegate the stuff you don’t like/care about. We all tend to do the stuff we’re best at. But if somebody can do 80% of what you do – delegate! You also need to prioritize yourself, your workload and how much you can take on while still being motivated and avoiding burnout. You are the most important resource for yourself and your company.

  1. Allow employees/colleagues to fail

Julius compared leading a team with raising a family. When his kids said they “don’t know how…”, or are “not good”, or “too small”, he figures it’s because he tried to protect them too much. Let your colleagues/employees make mistakes and learn.

  1. Don’t delay solving issues

If there is a conflict to solve, go for it without any delays. Sometimes it’s difficult to distinguish when it’s about time to let your colleagues and employees do their own thing and when you are just being coward who tries to avoid conflicts.

Jonathan Sulo on WordPress plugins that hosters fear

Plesk at WordCamp NOrdic, Finland - Jonathan Sulo

One of our priorities at Plesk is speed and performance. So naturally, we had a lot of interest in Jonathan’s session – which was about plugins that drain performance and kill your database. So our hosting partners and customers would do well to stay away from plugins such as these to retain their clients.

He also suggested alternatives to use and some general usage and error-checking tips for WordPress plugins. We feel that the main point Jonathan made is that the most dangerous plugins are the ones you don’t update. Which we of course agree with 100%. Same goes for updating Plesk too.

Moreover, Jonathan believes it’s better to update and break the site than deal with the security risks of outdated software. He then went on to give us a checklist in order to add and run plugins the right way.

Adding plugins the right way

  • Think about whether you really need that plugin. Is it a must-have or nice to have?
  • Avoid plugins that “do it all”
  • Are there server-based or PHP functions or alternatives?

Running plugins the right way

  • Check out the plugin properly first
  • Only install from safe sources
  • Test before and after install
  • Activate for website or network
  • Delete plugins you don’t use
  • Scheduling: use server-based Cron (via control panel) & WP-CLI /usr/bin/php

Finally, he gave valuable advice within and outside WordPress, such as using WP-CLI and checking the error logs via your hosting provider.

Note: You can read our recommendations on WordPress plugins and backup solutions here.

Key Takeaways from our latest WordCamp Experience

Plesk at WordCamp Nordic - booth - support engineers, Francisco and Robert

Having our sales engineers, Francisco and Robert, on site was useful to gather info about the needs of the WordPress community. Plus get valuable feedback about the WordPress Toolkit and its features. A number of potential customers had technical queries about the software and its suitability for their projects – and we could easily answer.

We also seized the opportunity to connect with a few small to medium-sized partners and enhance our relationship with them. We’re looking forward to being present and doing more of this at more regional WordCamps like Latin America and SE Asia. And of course, hope for a 2020 edition of WordCamp Nordic!

All You Need to Know about the New WordPress Toolkit 3.5 [ VIDEO ]

Plesk WordPress Toolkit 3.5

Your needs come first so rest assured that we’re constantly evolving Plesk to bring you more value. Hence, the release of WordPress Toolkit 3.5, introducing an assortment of new security measures, a reimagined installation experience and more. Read on for a detailed overview of the updates you wanted, a WordPress Toolkit tour, plus WordPress Toolkit 3.6 spoilers.

Quick Tour of the updated WordPress Toolkit

Our pal Joe Casabona was one of the first to take the new WordPress Toolkit 3.5 for a spin. Here’s him demonstrating how easy it is to install and secure your WordPress, update multiple sites, clone and create a staging environment. All in just over 7 minutes!

New WordPress Toolkit Security Measures

New Plesk WordPress Toolkit 3.5 Screenshot 1-new-security-measures

First, you’ll likely see this notification pop up or find your previously secure instances suddenly marked as insecure. But don’t be alarmed – this just means you need to review and update the security status of your WordPress instances. Why? Because WordPress Toolkit 3.5 introduces 8 new security measures.

New Plesk WordPress Toolkit 3.5 Screenshot 2 - new security measures list

1.    New Hotlink Protection

Preventing other websites from displaying, linking or embedding your images (hotlinking), as this quickly drains your bandwidth and can make your site unavailable.

2.    Disable unused scripting languages

This security measure removes support for the scripting languages WordPress doesn’t use, like Python and Perl. Thus, blocking their related vulnerabilities. Available if you have the corresponding Hosting Settings management permission.

3.    New Bot Protection

Blocks bots that overload your site with unwanted requests, causing resource overuse. Note that you may want to temporarily disable this if you also use a service that scans your site for vulnerabilities, since it may also use bots.

4.    Disabled file editing in WP Dashboard

This measure prevents you from editing plugin and theme file sources directly in the WordPress interface. This is an extra protection layer for the WordPress instance in case an admin account is compromised so no malicious executable code gets into plugins or themes.

5.    Block access to sensitive files

Now you can choose to block files like wp-config.bak and wp-config.php.swp, from public access as they contain sensitive information, like connection credentials. Thus, also preventing exposure of files with info used to determine your WordPress instance. Also included are files like logs, shell scripts and other executables that may exist on your WordPress instance and whose security can be compromised.

6.    Block author scans / user ID phishing

These scans find registered usernames, especially WordPress admin, and brute-force attack your site’s login page. The above block prevents this, but note that depending on your site’s permalink configuration, you may also be preventing visitors from accessing pages that list all articles by a certain author.

7.    Block access to .htaccess and .htpasswd

Attackers who gain access to .htaccess and .htpasswd files can exploit your site to a variety of breaches. These files aren’t usually accessible by default, but sometimes they might be. This is where this security measure steps in.

8.    Disable PHP execution in cache directories

If a compromised PHP file ends up in one of the cache directories of your site, executing it can lead to compromising the whole site. So this measure disables execution of PHP files in cache directories to prevent such exploits. However, certain plugins and themes may ignore WordPress Security recommendations and store valid PHP executables in their cache anyway. So you can disable this security feature for them to work, or find a more secure alternative, as recommended.

You’re in Control of Security Updates

You should be able to supervise any website-affecting changes so WordPress Toolkit won’t automatically apply these new security measures on existing installations. So upon opening your list of WordPress instances after the WordPress Toolkit 3.5 update, you’ll see a one-time notification about this.

On that note, you’ll now see that two existing security measures are now less restrictive. First, the “Security of the wp-includes directory” checker now excludes the wp-tinymce.php file to avoid potential issues with Gutenberg and other editing  plugins. Second, the “Security of the wp-content directory” measure now prevents the execution of PHP files only in the wp-content/uploads directory.

New Plesk WordPress Toolkit 3.5 Screenshot 3 - control security updates

These checkers will be reapplied automatically for convenience and do not reduce WordPress security in any noticeable way.

New WordPress Toolkit 3.5 Installation Experience

WordPress Toolkit previously offered two installation options: Quick and Custom. Both had unfortunate shortcomings. ‘Quick’ didn’t ask you questions, but also didn’t give info on the parameters to use when installing WordPress. ‘Custom’ gave you control and displayed everything, but you had to fill out the form.

New WordPress Toolkit installation experience

Now users can make an informed choice whether to confirm defaults and install WordPress quick, or take time to change the options they want. With the new, unified WordPress installation, you can still install WordPress in one click, but you’ll always know how it’s happening. Meanwhile, you can change all relevant installation parameters when necessary.

Bonus: You now have to enable automatic updates of plugins and themes within a more streamlined form, without Search Engine Visibility and Debug Mode.

WordPress Toolkit - Automatic update settings

The final change to the WordPress installation process is the ability to install on any domain from any accessible subscription. This is available anytime you click WordPress in the left navigation panel, even if you’re a reseller or server admin. One small step for WordPress Toolkit, one giant leap for adminkind.

New Plesk WordPress Toolkit 3.5 Screenshot 6 - install on any domain from any accessible subscription

WordPress Classic Plugin anyone?

If you’re not yet ready to use Gutenberg, you have a new ‘WordPress Classic’ plugin set. It also has a sibling ‘WordPress Classic with Jetpack’. However, note that we don’t plan to add immediate support for ClassicPress.

WordPress Classic plugin

Updates to CLI

We updated the CLI command for the new WordPress installation. Specifically adding -auto-updates, -plugins-auto-updates, and -themes-auto-updates to the plesk ext wp-toolkit install command. And plesk ext wp-toolkit –clear-wpt-cache to clean WordPress Toolkit cache and handle issues with invalid cache data like corrupted WordPress distributive lists, or broken lists of languages and versions.

WordPress Toolkit 3.6 Spoilers

The Plesk team fixed a record 43 issues reported by customers and over 140 bugs reported overall. Moving forward, WordPress Toolkit 3.6 will lay foundations for the upcoming release of Remote Management for WordPress Toolkit. Plus, we’re continuing the switch to the new UI, this time redesigning the Clone and Sync procedures along with more relevant user-requested improvements. We’re also busy improving our internal process so we can deliver more high-quality stuff in less time, so stay tuned!

Are You Making Any of These 10 Website Launch Mistakes?

Website Launch Mistakes

You should consider your company website the essential bridge connecting your clients to your business. It’s the go-to platform where potential customers can find all the relevant company info, your products and services, and a way to get them. And while many businesses have now grasped the fundamental importance of investing in a proper website, there are still 10 common pitfalls that can hinder your website’s performance and success.

Vital security measures

1. Missing vital security measures

Online security has become a key factor users look out for when accessing new websites. Think of features like SSL, providing a safe, encrypted link between browser and server, or a CAPTCHA, stopping unwanted bots. Not investing in them can mean unknown sources interfering with your business website performance. In turn, poor performance will very likely result in scaring away potential clients.

Update WordPress plugins

2. Forgetting WordPress plugin updates

As with any system, the different features that make up WordPress require regular maintenance. Failing to do so can slow your website way down and even make certain functions not work properly for their users. So it’s vital for your business to find a tool to update these plugins regularly, such as the popular WordPress Toolkit. Because this lets you mass-manage instances, plugins and themes instantly and from one place. Among many WordPress Toolkit benefits, you also get a staging environment to test new features before they go live.

No scalability

3. Not planning for scalability

Any online business aims to get the biggest customer base possible. So naturally, it’s important for your website to be built in such a way that you can later scale. For example, having enough server power to handle a surge in traffic. And having efficient data backup to manage mass information flow. Note that it’s always better to account for this from the start because it will become very difficult to upgrade a website at the last minute.

Plesk’s control panel works as a scaling tool, allowing businesses to grow over time. Hosting providers can manage their clients and servers across different infrastructure setups, even tailoring it to their business needs.

Accessibility

4. Failing to account for accessibility

In an age where users can access a website from any OS, browser, or device – we all need to make sure we’re available everywhere and to everyone. It would be quite damaging if a business website is designed in such a way that it loses compatibility with, say, iOS devices. Because this essentially eliminates an entire section of potential customers interested in your services. So make sure any device, OS and browser can access your website.

Website Audit

5. Forgetting to undertake a website audit

Website audits are a full analysis of all the different issues that may impact your website’s visibility in a search engine. This is especially important when considering marketing campaigns, because a website audit can help your business uncover weak factors that impact performance.

SEO

6. Skipping SEO

Search Engine Optimization (SEO) is a process where one optimizes their websites so as to receive higher natural rankings in search engine results. And with the online market becoming increasingly more competitive, SEO is a key tool for business to stand out.

Not implementing SEO on a website relegates it to lower position on a search results page, meaning that business can miss out on a considerable number of potential customers. Since SEO can be quite extensive, we recommend that beginners install the SEO Toolkit on Plesk to get started and get found online.

Sitemap

7. Ditching the sitemap

A site map is essentially a list of pages that make up a website and is considered a tool for search engine bots to crawl your website and index it. When a page gets indexed, it makes it more easily searchable in a search engine, thereby increasing its visibility. Therefore, if you don’t submit a sitemap to a search engine, you’re effectively limiting your website’s visibility.

Marketing strategy

8. Not having a marketing strategy

Choose your content carefully as it sets the tone for your brand, but make sure it ties in well with your marketing strategy. No marketing strategy makes sales attempts messy. If your mission doesn’t make sense to your potential customers, they’ll find it difficult to engage with your brand. Meaning that ultimately, they won’t convert.

Ignoring analytics- 10 Website Launch Mistakes - Plesk

9. Ignoring Analytics

Website analytics give businesses valuable insights about their audience, like age, location, and preferences. They can also reveal visitor behaviour, like each website session’s duration, which pages are the most popular and how a visitor arrives at your site. Use this to build a complete profile of your target customer so you can cater to their needs better with your product, service and content.

Social proof

10. Forgetting your social proof

When it comes to online businesses, everyone looks for proof of its legitimacy before engaging further. These include client testimonials, means of contact, including physical addresses and actual phone numbers, and most importantly active social profiles. Businesses who focus so hard on the actual product that they forget their social community, end up losing customers to competitors. Perhaps competitors who were more engaged.

As you can see, launching a business website isn’t as simple as plugging in and hitting the ‘on’ switch. You need to plan for all of the above and more well in advance. Since they all have the potential to increase customer traffic and your overall business success.

Do you agree with all the points we mentioned above? Have we missed anything? Your opinion counts. Let us know in the comments below!

arrow icon - Plesk