Using Google Analytics for WordPress helps you understand how visitors interact with your site and content. Google Analytics is a free web analytics service that allows you to track traffic, behavior, conversions and more on your website. In this post, you’ll learn how to set up Google Analytics in the WordPress dashboard. Also, you’ll get a few introduction techniques for measuring valuable data from your traffic. Google Analytics can help you understand: Who visits your website. Where they are coming from. What they do on your site once they are there. How successful your content and user funnels are. And much more. Installing Google Analytics in WordPress First, you need to set up your Google Analytics (GA) account. Click this link where you can either sign into an existing Google account or create a new one. If you already have a Google Analytics account, then skip to the next section. If not, follow these steps: Enter the phone number or email address associated with your Google account or click the “more options” button to create a new account. Once you hit “next,” enter your password. Once you’ve successfully logged in, you’ll see a screen like the one, below. This screen shows you the three-step step process for installing WordPress onto your website. Click “sign up.” New account holders need to enter details about their website. Giving this information to Google helps produce the tracking code necessary for everything to work together seamlessly. Once you’ve filled in the details and clicked the “get tracking ID” button, you should receive your tracking code. You’ll also be prompted to agree or disagree to the GA terms and conditions. If you want to use the service, click “I agree.” Below is an image of a tracking code. You’ll want to copy and paste it somewhere safe, as you’ll be using it in the next steps. Once you’ve set up your GA account, it’s time to connect it to your website. Here are the three main ways to do this: Manually Manually through a plugin Using a dedicated WordPress plugin Completely manually requires more time and leaves more room for error, so in this guide, you’ll find out about number two and three. Manually Through a Plugin In this method, you’ll want to download the plugin, Addfunc head and footer code. If you’re unsure how to do that, use our guide here. Once you’ve installed the plugin, go to Settings >> Header and Footer code. Copy and paste the tracking code you saved from before into the “site-wide Footer Code.” Once you hit “Save changes,” your site will now be connected to Google Analytics and you can start collecting data. Key point: It may take some time for your data to begin tracking. Don’t be alarmed if you see no traffic on your Google Analytics account. Using a Dedicated WordPress Plugin A common Google Analytics for WordPress plugin is MonsterInsights. With a whole plethora of tools built right into the plugin, you can look at most of the basic stats without even having to leave WordPress. There is a free and a paid version. The paid version for those who want to use the advanced features of Google Analytics. Here’s how to set it up: First, install the Monster Insights plugin. Once you’ve installed and activated it, hover over the Insights section on the left-hand side admin panel in your WordPress dashboard and click “settings.” Click the “Authenticate with your Google account” button. You should then see a screen that looks like this: Click “Next.” You will need to get a unique code from Google. When you click that button, you’ll see another screen that will prompt you to sign in with your Google account. Click allow and you’ll be presented with a code like the one below. Copy this code and return to your WordPress window you had open before. Enter the code you copied. Choose an Analytics profile. If you only have one site, that’s the one that will appear. Choose the site you want to connect your WordPress with and click “next.” Using Google Analytics with WordPress Now you’ve installed Google Analytics, it’s time to start diving into the data. Key point: If you’re using a plugin tool for WordPress, like Monster Insights, you can find this data within WordPress. On the left-hand panel, you will be able to access a number of different reports, including: Audience tab: Shows you data about your users. Acquisition tab: Show where your users have come from. Behavior tab: Shows what your users do once they arrive on your site. Conversion tab: Show how well you are doing against the goals you’ve set for yourself. Key point: If you’re unsure what any of the metrics mean whilst you’re browsing through Google Analytics, you can hover over the name. Ready for the next step? Learn how to build effective Google Analytics dashboards. Conclusion Google Analytics is one of the most powerful free web analytics tools at your disposal. For WordPress users of all levels, syncing your Analytics with WordPress will enable you to consistently improve the way your website performs. Do you have specific questions on how to do something in Google Analytics? Just ask in the comments section below.
<p align="justify">This article covers our public notifications related to major security issues our clients and the WordPress community should know about. We are always focused on <a href="https://pagely.com/solutions/secure-wordpress-hosting/">prevention and the mitigation of risk to our clients</a>, and keeping you updated here is part of that process.<!--more--></p> <h3 align="justify">List of Vulnerable Plugins During This Month</h3> <p style="text-align: center"><style type="text/css" name="visualizer-custom-css" id="customcss-visualizer-21824"></style><div id="visualizer-21824-1479541464"class="visualizer-front visualizer-front-21824"></div><!-- Not showing structured data for chart 21824 because title is empty --></p> <h3>Plugins Closed by WordPress Security</h3> <p style="text-align: center"><style type="text/css" name="visualizer-custom-css" id="customcss-visualizer-21828"></style><div id="visualizer-21828-291326524"class="visualizer-front visualizer-front-21828"></div><!-- Not showing structured data for chart 21828 because title is empty --></p> <p align="justify">WordPress security team decides to close a plugin when a security issue is found and the developer doesn’t release a patch in a timely manner. You can read more about this <a href="https://developer.wordpress.org/plugins/wordpress-org/alerts-and-warnings/" target="_blank" rel="noopener noreferrer">here</a>.</p> <h3 align="justify">Relevant Vulnerabilities</h3> <p align="justify"><a href="https://wpscan.com/vulnerability/10478" target="_blank" rel="noopener noreferrer">secure-file-manager</a>:<br /> <b>Authenticated File Upload</b></p> <p align="justify"><a href="https://wpscan.com/vulnerability/10471" target="_blank" rel="noopener noreferrer">ait-csv-import-export</a>:<br /> <b>Unauthenticated File Upload</b></p> <p align="justify"><a href="https://wpscan.com/vulnerability/10457" target="_blank" rel="noopener noreferrer">augmented-reality</a>:<br /> <b>Unauthenticated File Upload</b></p> <p align="justify">These plugins have critical vulnerabilities that when exploited would give an attacker complete control over your website. All of them are closed, which means no new installs are allowed but old installs will work without any issues, thus, please check if you have any of them installed <i>(</i><b><i>even if it’s not activated</i></b>) and remove them from your plugins folder.</p> <p align="justify"><a href="https://wpscan.com/vulnerability/10479" target="_blank" rel="noopener noreferrer">woocommerce-anti-fraud</a>:<br /> <b>Unauthenticated Order Status Manipulation</b></p> <p align="justify">Versions < 3.3 of this plugin have a bug that when exploited could cause unnecessary damage to your online store. An unauthenticated attacker would be able to change the status of all the orders making it difficult to handle them since the data will not be reliable. On <strong>November 23</strong> the developer released a <a href="https://dzv365zjfbd8v.cloudfront.net/changelogs/woocommerce-anti-fraud/changelog.txt" target="_blank" rel="noopener noreferrer">new version</a>.</p>
This article covers our public notifications related to major security issues our clients and the WordPress community should know about. We are always focused on prevention and the mitigation of risk to our clients, and keeping you updated here is part of that process. List of Vulnerable Plugins During This Month Plugins Removed From the Repository WordPress security team decides to close a plugin when a security issue is found and the developer doesn’t release a patch in a timely manner. You can read more about this here. If you are using one or more of the above plugins we recommend deactivating them until the developer releases a patch for the mentioned vulnerability or consider a more reliable alternative. Relevant Vulnerabilities Ti-woocommerce-wishlist : Authenticated WP Options Change A critical vulnerability was found in this plugin that when exploited allows an attacker to: Change the site options Create malicious redirects Escalate privileges (login as an administrator) This issue was resolved in the free version 1.21.12 on October 16, however when checking the premium version we noticed it was still vulnerable and was finally resolved on October 28 after we reported it. More details here. WPBakery Page Builder : Authenticated Stored XSS WPbakery Page Builder former Visual Composer had a medium vulnerability in versions before 6.4.1 that was only exploitable by high privilege users. Nevertheless we recommend all its users to update to the latest version. Loginizer : Unauthenticated SQL Injection Loginizer had an unauthenticated SQL Injection in versions before 1.6.4 caused by a lack of filtering before executing a database query. An attacker just had to craft a request with a malicious username. More information here.