WordPress 4.7.3 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately.

WordPress versions 4.7.2 and earlier are affected by six security issues:

  1. Cross-site scripting (XSS) via media file metadata.  Reported by Chris Andrè Dale, Yorick Koster, and Simon P. Briggs.
  2. Control characters can trick redirect URL validation.  Reported by Daniel Chatfield.
  3. Unintended files can be deleted by administrators using the plugin deletion functionality.  Reported by xuliang.
  4. Cross-site scripting (XSS) via video URL in YouTube embeds.  Reported by Marc Montpas.
  5. Cross-site scripting (XSS) via taxonomy term names.  Reported by Delta.
  6. Cross-site request forgery (CSRF) in Press This leading to excessive use of server resources.  Reported by Sipke Mellema.

Thank you to the reporters for practicing responsible disclosure.

In addition to the security issues above, WordPress 4.7.3 contains 39 maintenance fixes to the 4.7 release series. For more information, see the release notes or consult the list of changes.

Download WordPress 4.7.3 or venture over to Dashboard → Updates and simply click “Update Now.” Sites that support automatic background updates are already beginning to update to WordPress 4.7.3.

Thanks to everyone who contributed to 4.7.3: Aaron D. Campbell, Adam Silverstein, Alex Concha, Andrea Fercia, Andrew Ozz, asalce, blobfolio, bonger, Boone Gorges, Boro Sitnikovski, Brady Vercher, Brandon Lavigne, Bunty, ccprog, chetansatasiya, David A. Kennedy, David Herrera, Dhanendran, Dion Hulse, Dominik Schilling (ocean90), Drivingralle, Ella Van Dorpe, Gary Pendergast, Ian Dunn, Ipstenu (Mika Epstein), James Nylen, jazbek, Jeremy Felt, Jeremy Pry, Joe Hoyle, Joe McGill, John Blackbourn, John James Jacoby, Jonathan Desrosiers, Kelly Dwan, Marko Heijnen, MatheusGimenez, Mike Nelson, Mike Schroder, Muhammet Arslan, Nick Halsey, Pascal Birchler, Paul Bearne, pavelevap, Peter Wilson, Rachel Baker, reldev, Robert O’Rourke, Ryan Welcher, Sanket Parmar, Sean Hayes, Sergey Biryukov, Stephen Edgar, triplejumper12, Weston Ruter, and wpfo.

In this post I explain why Yoast SEO will soon warn people whose website runs on an older, unsupported, version of PHP to upgrade their PHP version. We’re doing this mainly to improve the security and speed of those websites.

This post is long, but I’ll explain:

  • what the problem is;
  • why we want to fix it;
  • why we burden the user with it;
  • and how web hosts can work with us.

PHP? Versions? What are you talking about?

WordPress, (like Yoast SEO), is built in large part in a programming language called PHP. This language, as WordPress itself, has gradually improved over time. Web developers all over the world are enjoying the new features that newer versions of PHP have brought. Also, more importantly, everyone all over the world enjoys the increased security these new versions bring. Unfortunately, WordPress developers do not get to join in.

Compared to WordPress, PHP has a rather aggressive update path. PHP 5.6 will receive security patches for just under two more years, but nothing else, and no other PHP 5 version receives security updates. PHP 7 is the future (and boy is it nice and fast).

Ever since July 2011, the minimum PHP required for WordPress is PHP version 5.2. Here at Yoast, we think it’s time for WordPress to move that requirement up to PHP 5.6.

Why do you care so much?

At Yoast we care about a lot of things, but two things in a very particular order: user happiness first, developer happiness second. A user is happy when he or she has a fast, easy to install, secure content management system like WordPress to build a site in. A developer is happy when he or she can use a modern language and modern tooling to build software with.

Security

The single most important reason for us to want to increase the minimum requirement is security: PHP versions 5.2 through to 5.5, while still actively in use on millions of sites, no longer get security updates. Some Linux branches and web hosts still backport security fixes from newer PHP versions to older versions, but that’s not something we, as a community, should rely on.

This security concern is not a theoretical concern. We have seen time and time again that the number one reason sites get hacked is because of outdated software. The last release of PHP 5.2 is 6 years old, and several major security issues have been found in it since. WordPress has automatic updates for security updates built-in for exactly this reason. Why would we push people to update WordPress and its plugins regularly, but let the PHP version fall behind?

Speed

Another big issue is speed. WordPress is sometimes said to be slow, but it actually doesn’t have to be slow at all. If it’s running on old versions of PHP however it is, most certainly, slow. PHP 5.2 is more than 100% slower than PHP 5.6, and a whopping 400% slower than PHP 7 (source). If you’re getting a bad reputation because you’re allowing old stuff to stay around, maybe we shouldn’t allow the old stuff to stay around so much?

Modern programming language

PHP 5.2, which was released November 2nd 2006, is no longer a modern language. This makes developers unhappy because they’re missing many of the cool features every other modern language has.

As WordPress is gaining popularity, something else is happening because of this: more and more developers are turning their back on WordPress because it’s moving too slowly. Developing themes or plugins for WordPress, where PHP 5.2 is required, is a hassle and thus not as much fun. This is becoming a problem: we’re literally losing good developers. Those developers could benefit the entire community, but we’re missing out because we’re not getting with the times. Over time, losing developers means other products will move faster, and WordPress will lose marketshare.

Why isn’t WordPress simply upping the requirements to PHP 5.6?

There is a long and ongoing discussion in the WordPress community about upping the requirements for PHP to 5.6. The problem lies therein, that for a user, upgrading their PHP version is non-trivial in a lot of cases. It’s not something we want to burden a user with. So we’ve been waiting and waiting for web hosts to do their work. We’ve been waiting, literally, for years. Unfortunately, it turns out, not all web hosts are created equal. Not all of them pro-actively upgrade their customers to newer PHP versions.

As I type this, the WordPress stats page says 5.6% of websites is using PHP 5.2, 15.6% is using PHP 5.3, 23% is using PHP 5.4 and 15.4% is using PHP 5.5. That means almost 60% of WordPress installs is running on an unsupported version of PHP. So much for web hosts doing their work.

Because web hosts are not upgrading PHP, we have decided to start pushing this from within plugins.

Why don’t web hosts update PHP?

When you’ve seen all the above, you’re probably wondering why web hosts don’t pro-actively update their customers PHP versions. Well the good news is: lots of them do. If you’re on one of those hosts, and you’re running PHP 5.6 or higher: good on you! Other hosts though, seem to be intent on doing as little as possible while still keeping the customer.

We’ve heard all sorts of reasons from hosts to not want to upgrade PHP. The only one we understand to a certain extent is that they don’t want to break your site. Some software running on the same server as your site may not support newer PHP versions, probably because that software needs to be upgraded too. But in all honesty: you shouldn’t have to worry about that. We think a host should upgrade your PHP for you.

What is Yoast going to do?

Combined, all of the above reasons make us very intent on moving WordPress forward. Unfortunately, we don’t have the power to decide on minimum requirements. So we’ve decided to throw our weight behind this in a different way.

As of Yoast SEO 4.5 we will start showing a notice on the WordPress dashboard to administrators of sites running on PHP 5.2.  This notice will be big, ugly, and non-dismissible. In this notice we will explain why the administrator should upgrade the PHP version of the site.

If a web host integrates with our project, which we’ve called WHIP, the host can add some information about how to upgrade right within the notice. See the Github repo for info about how to integrate.

The notice will also encourage people to contact their host if they don’t know how to upgrade their PHP. Yes, this could be painful for some hosts. This notice is deliberately intended to make them work.

As a last resort, if a users host does not cooperate, we recommend the user to change to better hosting. We will provide a link to a page we’re building right now here at Yoast, with hosts that we’ve vetted. When we say we’ve vetted them, we mean it: we have verified that Yoast SEO works well on their servers and that they put new customers on modern PHP versions. The page isn’t ready yet, but it’ll be cool and we will not be using affiliate links on that page. This isn’t about money.

Does this stop with PHP 5.2?

This most probably does not stop with PHP 5.2. We will release it and watch closely what’s happening. If it works, we will start pushing the same notice for PHP 5.3 a few weeks later, and so on. We fully intend to see if we can get the minimum version up to 5.6.

I’m a theme / plugin developer, can I join?

You can of course join this endeavour! Our WHIP package is open source and very easy to implement. Put it in your code following the instructions on the repository and you too will be part of this move forward! Of course your feedback is highly appreciated on that repository too.

For developers that want to integrate WHIP into their plugin, we will make it possible to link to the WordPress.org hosting page. Those hosts are all PHP7 ready too.

Why are you telling us now?

We’re telling you all this now because we fully hope that we have to show this notice to as few people as possible. Upgrade your PHP versions. If you’re a host, integrate with our messaging system and start proactively upgrading your customers PHP versions. With 6.5 million active installs of Yoast SEO, you’re bound to have a lot of customers that are going to start asking for help. You might as well get started.

Once your website starts growing and you continue writing blog posts, you’ll eventually end up with archive pages. These archive pages can be based on taxonomies, categories, custom post types and even dates. WordPress has built-in support for these archive pages, however there are some small drawbacks. In this post, I’ll explain to you how you can use these archive pages in a better way and ensure they actually add value to your blog.

Default archive pages

WordPress supports automatic creation of archive pages. This ensures that you don’t have to think about making them by hand. Sadly, these pages tend to only consist of a list of posts based on a category / taxonomy / post type without any further introduction. This means that your visitors are left stranded on a page without much explanation about what they’re looking at. The chances of your visitors finding what it is they’re looking for are terribly slim in this case and usually visitors will decide to leave that page immediately.

A simple solution to this problem: Add an “introduction” of some sorts to the page. A clear header can already greatly help out your visitors, but for extra important pages we recommend adding a description as well to better highlight the content that can be found on that archive page.

Before avidly writing these introductions, lets ensure they are properly displayed on the pages.

Learn how to structure your site well with our Site structure training! »

Site structure training$ 99 - Buy now » Info

Adding the introduction

Category, tag and custom taxonomy archives

If you want to add an introduction to a category, tag or custom taxonomy archive, you can easily create a custom template file to override the default ones. For example, you can create a `category.php` file in your theme to override the default template file. If you want more information on how the templating hierarchy works in WordPress, just look at this infographic before continuing.

In your newly created `category.php` template file, add the following snippet above the WordPress loop:

if ( ! get_query_var( 'paged' ) ) {
  echo wpautop( term_description() );
}

If you want to support shortcodes, try this instead:

if ( ! get_query_var( 'paged' ) ) {
  echo wpautop( apply_filters( 'the_content', term_description() ) );
}

The above code takes the title and description that you added in the WordPress backend for the category and displays it on the category archive page. This method also applies to tag and custom taxonomy archives.

If you use the Genesis theme, you won’t have to do any of the above alterations. Luckily, Genesis already has built-in support for this type of thing, so it’s as easy as ticking two checkboxes in the theme settings.

Genesis Archive Settings

Or if that doesn’t work, you can just add this to your Genesis child theme’s functions.php:

function yoast_term_archive_intro() {
 if ( ( ! is_category() && ! is_tag() && ! is_tax() ) || get_query_var( 'paged' ) ) {
   return;
 }

 echo '<h1 class="entry-title">' . single_term_title('', false) . '</h1>';
 echo '<div class="entry-content">' . wpautop( term_description() ) . '</div>';
}

add_action( 'genesis_before_loop', 'yoast_term_archive_intro', 20 );

Of course, you are free to expand the above function to add some more CSS classes to further style the output.

Custom Post Type archives

Altering custom post type archives is a bit trickier than overriding default tags, categories and taxonomies. You can add a new file called `archive-{posttype}.php` where you replace the `{posttype}` portion with the name of your custom post type. By then adding the following code to said file, you can achieve a similar result:

if ( ! get_query_var( 'paged' ) ) {
  $post_type = get_post_type_object( get_post_type() );
  echo '<h1>' . $post_type->labels->name . '</h1>';
}

Now for the hard part. Because custom post types don’t have any type of form in the WordPress backend, it is impossible to easily add a description to these custom types nor is there a recommended way of storing the data. One method you can use when you use a child theme in Genesis, is by expanding the `functions.php` file with the following code:

function yoast_cpt_intro() {
  if ( ! is_post_type_archive() || get_query_var( 'paged' ) ) {
    return;
  }

  $post_type = get_post_type();
  
  if ( genesis_get_option( $post_type . '-title', 'child-settings' ) ) {
    echo '<h1>' . genesis_get_option( $post_type . '-title', 'child-settings' ) . '</h1>';
    echo wpautop( genesis_get_option( $post_type . '-intro', 'child-settings' ) );
  }
}

add_action( 'genesis_before_loop', 'yoast_cpt_intro', 20 );

As you may have noticed, the code example uses two custom genesis options: `$post_type . ‘-title’` and `$post_type . ‘-intro’`. These can be defined in your Genesis child theme. You can read how to do that over here.

Preventing duplicate content issues

To avoid duplicate content issues, the previous code snippets make use of a simple check to ensure we’re not on a paginated page. The `get_query_var( ‘paged’ )` function call determines whether or not we’re on a paginated page.
If it detects the query variable `paged`, we can assume that this page is one in a series of multiple pages and thus should not display the description.

Since the introduction of rel=”next” and rel=”previous”, websites that have paginated archives and whom have properly implemented the `rel=”next”` and `rel=”previous”` attributes, will be receiving more visitors on the first page in the series. Nevertheless, you should not solely rely on this, but use it in conjunction with the `get_query_var( ‘paged’ )` option.

Styling the archive introduction text

To ensure that people actually read the introduction text, it’s very important to add proper styling to the page. After all, these introductions need to be made with humans in mind first, SEO second. Don’t fall in the trap of styling it the same way as your posts as this might result in visitors not understanding that the text is actually something entirely different from your content. A good example can be seen in the following screenshot:

Conclusion

Based on the information shared in this post, you should be able to make clear archive pages that help your visitors understand the content they are looking at. Additionally, you should be able to create these archive pages for custom post types. We look forward to seeing some of your beautifully styled archive pages.

Read more: ‘Site structure: the ultimate guide’ »

If you have a local business, selling products or services, you have to think about the local ranking of your website. Local optimization will help you surface for related search queries in your area. As Google shows local results first in a lot of cases, you need to make sure Google understands where you are located. In this article, we’ll go over all the things you can do to improve Google’s understanding of your location, which obviously improves your chances to rank locally.

Google itself talks about local ranking factors in terms of:

  • Relevance: are you the relevant result for the user? Does your website match what the user is looking for?
  • Distance: how far away are you located? If you are relevant and near, you’ll get a good ranking.
  • Prominence: this is about how well your business is known. More on that at the end of this article.

Let’s start with your address details

If you have a local business and serve mostly local customers, at least add your address in the right way. The right way to do this is using schema.org, either by adding LocalBusiness schema.org tags around your address details or via JSON-LD. Especially when using JSON-LD, you are serving your address details to a search engine in the most convenient way.

Our Local SEO plugin makes adding that LocalBusiness schema to your pages a breeze.

This is very much about what Google calls distance. If you are the closest result for the user, your business will surface sooner.

Google My Business

For your local ranking in Google, you can’t do without a proper Google My Business listing. You need to enlist, add all your locations, verify these and share some photos. Google My Business allows for customer reviews as well, and you should really aim to get some of those for your listing. Positive reviews (simply ask satisfied customers to leave a review) help the way Google and it’s visitors regard your business. This is pretty much like on your local market. If people talk positively about your groceries, more people will be inclined to come to your grocery stand.

Getting reviews is one. You can keep the conversation going by responding to these reviews and, as Google puts it, be a friend, not a salesperson.

Your site’s NAP need to be exactly the same as your Google My Business listing’s NAP

Even if your business has multiple locations, make sure to match the main NAP (name, address, phone number) on your website with the Google My Business NAP. That is the only way to make sure Google makes the right connection between the two. Add the main address on every page (you are a local business so your address is important enough to mention on every page). For all the other locations, set up a page and list all the addresses of your branches.

Facebook listing and reviews

What goes for Google My Business, goes for Facebook as well. Add your company as a page for a local business to Facebook here. People search a lot on Facebook as well, so you’d better make sure your listing on Facebook is in order.

Facebook also allows for reviews, like here for the Apple Store on Fifth Av. Note that this really is a local review, as the Fifth Avenue store scores a 4.6 average rating and the Amsterdam store just scores a 2.9 at the moment…

Make sure your customers find your shop! Optimize your site with our Local SEO plugin and show you opening hours, locations, map and much more! »

Local SEO for WordPress pluginBuy now » Info

City and state in title

The obvious one: for a local ranking, adding city and (in the US) state to your <title> helps. Read this article (2014), as Arjan sheds some more light on other aspects of local SEO as well. And please keep in mind that the effect of adding your city to your titles might be a lot less for your local ranking than adding your business details to Google My Business, but it won’t hurt for sure.

Local directories help your local ranking

Next to your Google My Business listing, Google uses the local Yelps and other local directories to determine just how important and local you are. Where we usually recommend against putting your link on a page with a gazillion unrelated links, the common ground for a local listings page is, indeed, the location. And these links actually do help your local rankings.

So get your web team to work, find the most important local directory pages and get your details up there. I’m specifically writing details and not just link. Citations work in confirming the address to both Google and visitors. If a local, relevant website lists addresses, get yours up there as well. And while you are at it, get some positive reviews on sites like Yelp as well, obviously!

Links from related, local businesses

Following how directories help your local ranking, it also pays off to exchange a link with related local businesses. If you work together in the same supply chain or sell related products, feel free to exchange links. Don’t just exchange links with any business you know, as these, in most cases, will be low-quality links for your website (because they’re usually unrelated).

Social mentions from local tweeps

Again, there’s a local marketplace online as well. People talk about business, new developments, products on Twitter, Instagram, Facebook and more. All these social mentions find their way to Google’s sensors as well. The search engine will pick up on positive or negative vibes and use these to help them rank your local business. If a lot of people talk about your business and/or link to your website, you must be relevant. Monitor these mentions and engage.

Some say links, from other websites, directories and social media, are the key factor for local rankings. As always, we believe it’s the sum of all efforts that makes you stand out from the crowd. Not just optimizing one aspect. Take your time and make sure your Google My Business profile is right, schema.org details are on your site and you have the right links to your site, and the right people talking about you on for instance Twitter. And please don’t forget to do proper keyword research and simply make sure the right content is on your website:

Optimize your content for better local rankings

Google won’t rank your site for a keyword if that keyword isn’t on your website. It’s as simple as that. If your business is in city X, you probably have a reason why you are located there. Write about that reason. And note that these may vary:

  • You are born there or just love the locals and local habits
  • There is a river which is needed for transport
  • Your local network makes sure you can deliver just-in-time or provide extra services
  • The city has a regional function and your business thrives by that
  • There are 6 other businesses like yours, you’re obviously the best, and you all serve a certain percentage of people, so your business fits perfectly in that area.

These are just random reasons to help you write about your business in relation to your location. They differ (a lot) per company. Make sure your location/city/area is clearly mentioned on your website and not just in your footer at your address details!

Read more: ‘Tips for your local content strategy’ »

One more thing: Google also uses prominence as a local ranking factor

Prominence means that when Google can serve a result first from a well-known brand or business, they actually will. And despite all your efforts to improve your local ranking, this might get in the way of that number one position. It just means you have to step up your game, keep on doing the great work you do and trust that eventually, Google will notice this as well. And as a result, Google might allow you to rank on that number one position for that local keyword!

Keep reading: ‘Grow your business with ratings and reviews’ »

Metadata is all the information about a page that you send to a search engine that isn’t visible to your visitors. There seems to be some misunderstanding about this, as most of the articles I read about SEO metadata seem to imply that it’s just the title, description, keywords and robots declaration in the <head> of your website. Others feel social media declarations like Open Graph tags should be considered metadata as well. W3C states that “The <meta> element represents various kinds of metadata that cannot be expressed using the title, base, link, style, and script elements.” Literally, that means all these elements from meta to link and script are in fact metadata.

All these elements like link and meta might be metadata, but that does definitely not mean all that metadata is relevant for your SEO. In this article, and two articles about metadata that will follow soon, we’ll go over those metadata elements that do influence your rankings. In this first post we’ll focus on the metadata in the <head> of your website.

The obvious metadata elements

There are a couple of elements that obviously are metadata elements. Even if you know just a tad bit about SEO, you have heard of these.

Meta title

The title element is the main title of a page, represented by the <title> element.

Metadata: the title element

This is probably the most important element for SEO. Adding the right title to your pages can still have a direct influence on your ranking. Make sure to include the main keyword (or: focus keyword) at the beginning, and end your <title> with your company or website name for branding. The preferred length of your <title> might vary based on the most-used device people use to view your website, but a rule of thumb is that we have to keep a viewable limit in mind these days. An example: if you have lots of mobile visitors, go for a shorter title. It’s as simple as that.

Meta description

The meta description used to be the short description or summary of the page at hand.

Metadata: the meta description

In the old days, it helped Google to tell what the page was about in a heart beat. These days, Google simply ‘reads’ the entire page and the meta description has become a suggestion for the text displayed in Google’s search result pages. For this specific page and meta description, Google is for instance showing:

Metadata: search result pages

That example immediately emphasizes that the meta description is just a suggestion. Ours isn’t shown in the search result pages for this specific query. I used [WordPress SEO definitive guide]. That for sure doesn’t mean you should forget about it. It’s the invitation for your page you send to Google. It just might happen that Google prefers another snippet from your page to match a specific search query.

Become a technical SEO expert with our Technical SEO 1 training! »

Technical SEO 1 training$ 179 - Buy now » Info

Meta keywords

Forget about meta keywords now. They’re really just used for tags on some social sites, but meta keywords can easily backfire in Bing, for instance. Bing is said to use meta keywords the other way around: if you’ve heavily optimized your meta keywords, for instance by stuffing it with your focus keyword and a dozen synonyms, Bing will consider this spammy. I can relate to that. If you’re serious about SEO, you’ll by now know that the influence of meta keywords has become close to zero (and zero for Google).

Meta robots

Use the meta robots tag to tell Google how to treat the page. Do you want Google to index the page, or follow links on the page? Is Google allowed to get a summary from DMOZ or do you want it do consider the meta description and never use ‘third-party’ summaries? We have written an awesome ultimate guide to the robots meta tag that you should read to learn more about this particular metadata element.

Treat the meta robots tag with care, as the meta robots tag is respected a lot more than your robots.txt declarations by Google. If you want to learn more about robots.txt and the meta robots tag, you should check out our Technical SEO 1 training. In this training we explain how to assess and improve the crawlability of your site, one of the basic technical requirements for good SEO.

The other meta tags in your <head> section

There are more meta tags that can be included in your <head> section, but not all have an effect on SEO. I’d like to go over a number of the ones that might.

Meta refresh

If you pride yourself for being on the internet since Altavista, you know the meta refresh tag. It allows you to redirect a page after a given time to another page. Unless you have a very good reason to use this tag, I recommend using a HTTP status code, like a 301 redirect (or other redirect code) instead. That also means that if you find one on your website, you should consider changing it. An HTTP status code sends a much clearer signal to a search engine, as the meta refresh returns a 200 OK code. This means the webpage is OK to visit and index.

The meta refresh tag looks like this:

Metadata: refresh

It tells the browser to wait for 30 seconds and then simply go to yoast.com. The only logical reason to use this these days is to show a splash screen (a welcoming page) for your website, for instance with a notice or ad, and go on to your regular homepage after a certain number of seconds. But hey, there are nicer solutions for that.

Meta google

You read that right: Google also accepts some ‘personal metadata’. The ones they mention themselves are these two:

<meta name="google" content="nositelinkssearchbox" />

This one prevents Google from adding a site search box right in their search results like this:

Metadata: Sitesearch

This means people can’t search your site directly from Google. Sites like Amazon use this tag to make sure people actually use the search option on their own website. Among other things, this will make sure people see more and more related products, which might trigger more or higher sales.

The other one has to do with translations. If you don’t want Google Translate to ask a visitor to translate your site in whatever language, you can use this tag:

<meta name="google" content="notranslate" />

It’s named google but really doesn’t influence SEO that much. I wouldn’t use it, but instead, let my visitor decide.

A third Google related meta tag is the google-site-verification tag that is really only used to verify your site for Google Search Console. We recommend adding it to your site and keeping it added, so Google is able to verify whenever they want. For Yoast SEO for WordPress users: you can add it right in our plugin at SEO › Dashboard › Webmaster Tools. Here’s a video explaining how to verify your site to Google using our plugin.

Optimize your site for search & social media and keep it optimized with Yoast SEO Premium »

Yoast SEO for WordPress pluginBuy now » Info

Meta viewport

The meta viewport is used to determine for instance the zoom of the page. A common use of the viewport tag is:

Metadata: viewport

Makes sense, right? The width of the page should be the width of the device, and the initial scale of the page should be 1 (default). There are reasons to think of why you’d like to change these settings, but I have seen that gone wrong a couple of times, ruining a website’s responsiveness (for instance). That’s the one reason I’m adding this one to the list, as a bad user experience could influence SEO. For more information on meta viewports, check CSSWG.org. There is obviously a lot more to consider if you want to optimize your mobile site. Be sure to read our article on how to improve your mobile site.

Is this all?

These are the meta tags that influence SEO one way or the other. But that’s not all there is when it comes to metadata. There is more hidden under the hood that you’d want to take care of. In next week’s post about metadata, we’ll elaborate on how to use link rel metadata to instruct your browser and Google. So stay tuned!

Read more: ‘The ultimate guide to the meta robots tag’ »

Today marks the release of the next version of our flagship WordPress plugin: Yoast SEO 4.4. In Yoast SEO 4.4 you’ll find many small changes and a couple of new features that make it even easier to work with the plugin. In this release post, we’ll give a brief overview of the changes that we’ve made, starting with Yoast SEO Premium.

New features in Yoast SEO Premium

If you’re an avid user of Yoast SEO and Google Search Console, you’ve probably connected these together so that they can work in tandem. Your crawl errors will show up in Yoast SEO so you can work on them from there. It was always possible to redirect 404 error pages using a 301, but with Yoast SEO 4.4 you can now use every type of redirect that Yoast SEO supports. These include 301, 302, 307, plus the 410 and 451 redirects. This makes it even easier to tell crawl bots exactly what should be done with the specific content.

You can find the second cool new feature in the internal linking tool. Yoast SEO Premium shows you the links that have already been added to the text. You can quickly discern the different links because they have a different icon, namely a checkmark. Of course, you’re still free to copy that link if you need to add it to the text again.

Optimize your site for search & social media and keep it optimized with Yoast SEO Premium »

Yoast SEO for WordPress pluginBuy now » Info

Changes in Yoast SEO 4.4

Besides fixing a number of bugs, we’ve been working on some enhancements to improve the flow of the plugin. To start off, we’ve improved the styling of tables, so they are viewable on mobile. In addition to that, we’ve moved the option to disable the keyword and content analysis from the general tab to the features tab.

The newest release of Yoast SEO is now live, so head on to your WordPress install and hit that update button. We hope you enjoy this new release. If you need more information on this release, you can check out the changelog on WordPress.org. Thanks!

Read more: ‘Why every website needs Yoast SEO’ »

If you own a blog, you have to deal with the opinions, questions, and feedback from your blog’s visitors. Mostly you receive comments related to your post, but sometimes you might receive off-topic comments. How do you respond properly? And, more importantly, do off-topic comments on your blog post hurt your SEO? In this Ask Yoast we’ll explain if off-topic comments hurt your SEO and how you can respond to them.

Gerencer Thomas emailed us asking:

“Do off-topic comments on my blog post hurt my SEO?”

Check out the video or read the answer below!

Our SEO for WordPress eBook guides you through every aspect of Search Engine Optimization »

SEO for WordPress$ 25 - Buy now » Info

Do off-topic comments hurt SEO?

Check out the video or read the answer below!

Well yes, they can. If someone has a very long comment on your post that does not relate to the topic of your blog post, then you should probably delete that comment. Not only for SEO reasons, but also for your own sanity.

It’s very easy to just reach out to someone if he or she is saying something completely unrelated. Just email that person and say, “Hey, you said this and this. I can respond to that, but it’s not really related to the blog post, so I have deleted your comment, but here’s my reaction.” That’s a friendly reaction to the person leaving the comment on your blog, but it’s also keeping your blog post intact and on topic.

So, yes it can hurt your SEO; delete them if you can. Good luck!

Ask Yoast

In the series Ask Yoast we answer SEO questions from followers. Need some advice about SEO? Let us help you out! Send your question to ask@yoast.com.

Read more: ‘How to handle comments on your blog’ »

When talking with customers about Google Analytics, you often hear the same thing: “I’m not really using Google Analytics because I don’t know what I’m looking at. It’s just too much”. And that’s a pity because you can learn a whole lot about your website and your audience with Google Analytics’ data. So, is there a simple way to use Google Analytics without getting lost? There might be, by using segments.

What’s a segment?

In Google Analytics a segment is a way to specify the data you’re seeing in every standard view. Google Analytics just throws it all in there, on one big pile of data. This means that when you’re looking at a standard view in Google Analytics you see: ‘all sessions of all visitors’, you see: total revenue, all pages, average time on page of all users, the landing pages of all visitors.

You might recognize this: You’re in the Acquisition section and you’re all happy, because you’ve created the perfect table. You’ve used the advanced filter option to include the Medium: “Organic” and you’re seeing the data you want to see. Then you think: “I’m curious to see which pages these visitors looked at, let’s take these filters to the next section of Google Analytics.” You hit the Behavior section and Poof! your filter is gone. Oh, the frustration!!!

If you want to know which pages people coming from organic search visit, you need to find another way. A segment helps you to narrow down the aggregated data Google Analytics shows, into data you want to see and need, to answer a specific question you have. You can use that segment throughout the sections, the segment doesn’t get lost when switching between sections. For instance, if we want to know which source customers who bought an eBook came from, we can create a segment of people who bought an eBook. By applying that segment and looking at the Acquisition – Source/Medium section, we can conclude that most of our eBook customers came from a newsletter. Goodbye frustration!

Become a technical SEO expert with our Technical SEO 1 training! »

Technical SEO 1 training$ 179 - Buy now » Info

Why do you need segments?

Without segmentation, all data you see is aggregated. This makes it really hard to draw conclusions. As Avinash Kaushik once said: “All data in aggregate is crap.” And I certainly agree with him. If you want to draw a valid conclusion, you need to specify your data.

For example, you can’t just say that most of your visitors visit your site around noon. Well okay, you can. But what does it mean? This data is so aggregated that you can’t build a strategy on it, it doesn’t provide any insight. Based on this data you might conclude that promoting a new product around noon is the way to go. But what if a large amount of your non-paying visitors visit your site around noon, but your high-potential visitors visit your site in the evening? Then you could’ve made the wrong decision based on non-specific aggregated data. So with a segment, you can zoom in on a specific part of your data. And if you do that right, you can make important business decisions that help your business move forward.

How to create a segment in Google Analytics?

First of all, creating a segment in Google Analytics isn’t dangerous. You can edit your segments, you can delete your segments, but you won’t delete the actual data you have. For me this was an important realization, because it meant that I could just ‘play’ with segments without any consequences.

The first step is thinking about what kind of segment you need. Which question do you want answered? What’s important for your business? And where can you find the data to create that segment? Do you want to segment on demographics of the user? And/or, the behavior of the user? Or, the technology the user uses to visit your website? And so on. Knowing what it’s called what you’re looking for in Google Analytics really helps when creating segments.

The second step is adding the actual segment. You can find the segment section at the top of the page in every view from Audience down to Conversions.

add a segment in Google Analytics

This means that if you’re in Dashboards, Shortcuts, Intelligence Events or Real-Time section, you can’t see the segment section.

System segments

Google Analytics offers ‘fixed’ segments which you can find in the ‘System’ section. A lot of these segments are pretty darn useful. For example, there’s an Organic Traffic segment that groups all visitors that came from an organic search result to your site. Very useful, if you want to know which landing pages these users visit. Another example: There’s a Mobile Traffic segment, that groups users that use a mobile device to visit your site. Very helpful as well, for example to find out if the ‘time on page’ is what it should be, this might say something about the mobile friendliness of your site.

Custom segments

There are more segments to think of than the system segments Google Analytics offers. For instance, you can create a segment that filters out all visitors that spend less than half a minute on your site. Or you can create a segment that focuses on the organic traffic from all visitors from the Netherlands. Or, as mentioned before, create a segment based on the products visitors bought or a certain amount of revenue a visitor yielded.

I found this video on YouTube that explains creating a custom segment pretty well:

For me, a couple of segments are really useful. I have segments for every country that’s important for our business, for every product and for every product page. And I have a segment for every medium like Organic, Newsletter and in our case: plugin traffic.

Compare segments

A nifty feature in Google Analytics is the ability to add more than one segment for the same view of data. This means you can compare different segments. For instance, if you created a segment of visitors that stayed longer than 5 minutes on your website and created a segment of visitors that stayed less than 1 minute on your website, you can compare the two and find out more about the behavior of these two groups and in which aspects these two groups differ.

Conclusion

If you want to know what you’re looking at, when clicking your way through Google Analytics, segmentation is the way to go. If you have questions like, “how do the visitors from California behave on my site?” Or, “what are my newsletter visitors doing on my site?” “How’s my campaign going?” Creating a segment is the easiest way to go. It’s a way to dissect your data and actually know what you’re looking at, when looking at all the different sections in Google Analytics. Say farewell to your Google Analytics frustration!

Read more: ‘Facebook Page Insights explained’ »

As an SEO or site owner, you are bound to run into redirects. Whenever you delete a page, change your URL structure or switch to a new domain, you are going to have to redirect your URLs. You have to tell search engine robots that there has been a change in your URLs and that they have to go somewhere else, temporarily or permanently. Choosing a particular redirect might impact your SEO, so be careful what you pick. In this article, we’ll give a brief of which redirect you could use.

Reasons to use redirects?

If you’re maintaining your site on a regular basis, your tasks include the redirection of URLs. There are many cases when you might use a redirect, but the following will pop-up often. You’ll need a redirect when you:

  • Delete a page or post
  • Transfer your site to a new domain
  • No longer want to use www in your domain
  • Enable permalinks in WordPress
  • Merge websites
  • Change your CMS
  • Change your URL structure
  • etc.

Become a technical SEO expert with our Technical SEO 1 training! »

Technical SEO 1 training$ 179 - Buy now » Info

HTTP status codes

To understand how redirects work and how you can influence what a server returns to a browser, you need to know about HTTP status codes. A HTTP status code is a set number that a server sends to a browser following a particular request for a page. These codes may include 200, 301, 404 and 503, for instance. All codes serve a particular purpose. A 404, for instance, indicates that a page has not been found. A 503 means that the server is temporarily offline for maintenance.

If you want to maintain your site without fault, you need to know your HTTP status codes. Read up on them in the article HTTP status codes and what they mean for SEO.

Types of redirects

There are a couple of redirects that you’ll run into on a daily basis. These are the ones you should remember:

  • 301 Permanent redirect
  • 302 Found
  • 307 Temporary redirect

Not really redirects, but useful nonetheless:

  • 410 Content deleted
  • 451 Content unavailable for legal reasons

301 Permanent redirect

The 301 is one of the most common redirects; use this if you permanently want to redirect a deleted or moved page, or if you’ve changed something in your permalink structure. Using this redirect, you’ll tell search engine robots that this page is no longer available in this location and that it should no longer be indexed. If you don’t set a redirect correctly, chances are your visitors – and crawl bots – will see 404 error messages. That’s not something you want happening.

Since a 301 permanently leads visitors from the old URL to a new one, you should only use this if you’re sure that you’ll never use the old URL again. If you want to use the URL again, you need a temporary redirect. A 301 passes all the link value a discarded URL has accumulated over the years over to the new URL, thus making sure the new URL gains or retains value. If you want to learn how to implement your 301 redirects with WordPress, you can read this post by Jimmy or just use the redirects manager of Yoast SEO Premium.

302 Found

A 302 is a fairly ambiguous redirect and is often used to make a temporary redirect. The code means that the requested content is found, but it lives under a different location. Why? It doesn’t say. If you want to make sure visitors get to an alternative page when visiting this particular page, and you want to reuse the URL in the future, you can use a 302.

Since this is a temporary redirect, it doesn’t pass link value. Thus, it’s possible to reclaim the URL with its value intact. Don’t use it when moving a site to a new domain or when you’re doing other large-scale renovations on your site.

307 Temporary redirect

302s are often used to create temporary redirects, but with the advent of HTTP1.1 307 has taken its place as a valid temporary redirect. A 307 explicitly states that the requested URL has been moved to a temporary location and will be back in a while. Since this request can change in the future, the request has to keep being made with the original URL. Use this redirect if you’re sure that the move is temporary and that you’ll still need the original URL later on.

Not really redirects, but still

Besides the traditional redirects, you’ll find two more that don’t really redirect. However, these are still relevant for your day-to-day maintenance work on your site. You could see 410 and 451 as a message from your server saying: Hey, there used to be something here, but not anymore.

410 Content deleted

One of the biggest problems on sites is the amount of 404 error pages. If you look at your readouts in Google Search Console, you are bound to run into a few. These must be fixed as fast as possible because no-one likes these errors: Google sees them as a sign of bad maintenance, and visitors get confused by them. 404 errors often occur when the requested page or post was deleted from the site.

You could use a 301 to redirect the page with the 404 to a relevant page, or the homepage, but there might be a different way: tell search engines this page was correctly deleted with a 410 redirect. This way, they know that the page won’t return and can, therefore, delete the page from the index.

451 Content unavailable for legal reasons

Should you ever be ordered by a judge to delete a page or in case you get a notice and takedown request, you should give this page a 451 header. This way, you tell search engines that there was a post here and that you wanted to fulfill this request, but some legal reason told you not to do so. Find out how and why to make a 451 header, should you ever find yourself in that situation.

REGEX redirects

If you are an expert SEO and you need to do complex redirections, you may need to use REGEX redirects. With normal redirects, you specify a single source URL and a destination URL. With REGEX – regular expressions – redirects, you can, for instance, make a single redirect to move entire groups of URLs with a keyword to a new location. This could save you a ton of time while working on a massive SEO project. However, you should only use REGEX redirects if you know what you are doing because they can break your site.

Optimize your site for search & social media and keep it optimized with Yoast SEO Premium »

Yoast SEO for WordPress pluginBuy now » Info

Manage redirects with Yoast SEO Premium

Now, in all fairness: you are free to fix your redirects on the server or use other tools to help you. However, if you are a user of Yoast SEO Premium, you have the best possible tool to work with redirects at your disposal. The redirects manager of Yoast SEO Premium helps you to set the correct redirect. Whenever you delete or move a page, Yoast SEO will ask you how to treat this page: should it get a 301 or a 410? Or maybe a 451? The redirects manager supports 301, 302, 307, 410 and 451 redirects, all in an easy to manage workflow.

Working with redirects

Working with redirects is a daily job for many SEOs. In this article, you’ve discovered the different options to redirect pages and learned how and when to use these. Be careful when choosing your redirect, for instance, you don’t want to 302 your entire site when you’re moving to a new domain. This will lead to serious problems down the line. Think about what you want to accomplish and pick the most appropriate redirect method.

Read more: ‘How to properly delete a page from your site’ »

If you own an eCommerce site, you might wonder how to optimize your category pages and your product pages. Could you have the same content on your category page and your product pages? If you have the same content on multiple pages of your website, would Google know what to rank first? Or would it cause duplicate content issues? This Ask Yoast is about the optimization of category and product pages of your online shop. Hear what I have to say about this!

Jeroen Custers from Maastricht, the Netherlands, has emailed us, asking:

“My product pages and category pages have 99% the same description, except for the color. Although the category page gets all the links, one product page ranks. Does Google see my pages as duplicate content?”

Check out the video or read the answer below!

Want to outrank your competitor and get more sales? Read our Shop SEO eBook! »

Shop SEO$ 25 - Buy now » Info

Duplicate content on your shop?

Check out the video or read the answer below!

The answer is simple: Yes. So what should you do is optimize your category page for the product. And only optimize the sub pages, the product pages for the individual product colors, and then make sure that the category page gets all the links for that product. So you should improve your internal linking structure so that when you mention the product, you link to the category page and not to the specific color page underneath that.

If you improve that category structure in the right way, then that should fix it. If it doesn’t, then noindex the product pages and “canonical” all of them back to the category, so that Google really knows that the category is the main thing. That’s what you want people to land on. Most people want to see that you have more than one option.

If they search for the specific product and you do not noindex it, so if you choose for the first option, then Google should send them to the right page. So try that first. If that doesn’t work, noindex as product page and then “canonicalize” them back to the category.

Good luck!

Ask Yoast

In the series Ask Yoast we answer SEO questions from followers. Need help with SEO? Let us help you out! Send your question to ask@yoast.com.

Read more: ‘Crafting the perfect shop category page’ »