“All is calm, all is bright”
From Emmanuel Baptist Fellowship’s service this evening.
Should Churches and Non-Profits Worry About Page Views?
When I’m working with clients, the topic of page views often comes up.
Page views are requests that are made to load a specific HTML page on the web. In the early days of the www, we didn’t have great metrics or analytics to measure statistics up against the more mature offline world, and page views became one of the default ways to tell if a site or page was successful. It’s a terrible metric that is easily gamed, and those of us who work in marketing know that page views are not valuable to determine a site’s health.
Yet, we continue to fixate on them from terrible “clickbait” Buzzfeed headlines to Communication Ministers constantly checking a site dashboard to see if the latest Christmas Cantata podcast post has more links than last year’s version.
Ev Williams, founder of Blogger and Twitter and now Medium, has an interesting point for churches and non-profits to ponder as we head into the new year…
I would rather have fewer people stop by and read something for five minutes that makes them think than a million people stop by for five seconds because of a catchy headline.
The optimistic part of the message is that advertisers get this too. Brand advertising has never worked on the Internet anyways, because banner ads don’t work. So whatever the form factor is, people have to be actually engaged in something for it to be meaningful.
via Q&A with Evan Williams, co-founder of Medium and Twitter.
Or as Cory Haik writes,
Purely chasing pageviews is a fool’s errand. In the short term, it gets you a bigger comScore number. But those calories are empty.
The clients I like to work with are groups that have a mission to make the world a better place in some fashion. For those clients, I like to keep reminding them that thousands or millions of page views mean next-to-nothing compared to actually engaging a few people and impacting their lives. So the answer to my question in the title of this post would be a flat out “No.”
As the web continues to mature and change, we’ll certainly move away from the page view as the venerable metric of a site’s success. Attention, engagement, sharing… those are much better metrics. Particularly for the types of clients that want to change the world.
Don’t Use Admin As Your WordPress Username
We create, host, and manage a number of sites for churches, non-profits, community groups, and businesses. As a part of that, we also spend a good deal of time “behind the scenes” keeping these websites safe and secure. Our clients often don’t realize how much work that entails in 2014 / 2015 with the ongoing proliferation of sophistication and the sheer numbers of bots and bad folks looking to exploit poorly constructed sites or social media accounts to use for other nefarious purposes (nor should they).
Setting up a WordPress site on your own is not hard to do. You have to find a host, click a few selections for your server, then run through the install. It’s gotten tremendously easier over the years. However, if you’re setting up a self-hosted WordPress site, you have to take security seriously.
For example, the screenshot above is just a small sampling of the attempts to “brute force” access to this site from this morning. There are hundreds of these everyday for this site and I see thousands daily for some of our larger clients. You’ll notice the attempts are all trying to gain access to the site with the username “admin.” Before WordPress 3.0, the default for new site installs was to use “admin” as the username. Combine that with the terrible passwords that most people online use, and it’s not hard to see that with enough permutations, the math is there. It’s fairly easy to buy a list of the most commonly used passwords on the web if you know the dark parts of the web to look, as well.
Here are my surface level and generic recommendations if you do decide to set up a WordPress site for your church, group, or business after about a decade of working in this area…
1) Don’t use admin as your login username for WordPress or for any other account whether it will just be you logging in or a team of people.
2) Don’t use a short or “dictionary” phrase password. Use something unique to you and combine numbers, letters, etc as much as you can. That’s not fool proof and there’s research showing that doing so isn’t as effective as it was previously, but it’s still a good practice. Even if you’re “bad at passwords” as most humans claim to be, figure out system for a stronger password. It’s worth your time and it’s important no matter how small or large your site or social media account will be.
3) Use a good plugin such as Sucuri to keep track of security audits, reviews, and monitoring. Again, it’s worth your time and easy to set up email alerts for certain events.
4) Keep track of installed plugins and make sure that no one has installed a plugin that is actually a piece of malware or using your WordPress install for nefarious purposes. This is important especially if you are working with a number of people on a WordPress site and sharing a common user account rather than setting up various users (which you should do for a number of reasons).
5) Update, update, update. Keep your WordPress version, plugins, and themes as updated as possible. That usually means at least a couple of times a month.
Of course, there are many other things to consider but I get this question frequently and wanted to make my initial thoughts easy for others to find. Setting up a WordPress site is a great idea and it’s not terribly difficult. However, do it the right way and make sure you are keeping your brand, visitors, and users free from any potential threats that you can avoid with a little time investment.