Depending on how “techie” you are, this can be very uncomfortable ground. I consider myself reasonably technologically savvy but still struggle at times with these things.
The good news is that you can do this yourself. It’s easier than ever before.
But if things go wrong, you will pull your hair out. Hopefully that will never happen to you – and following the advice below based on my lessons learned will help – but just a heads-up.
Without further ado, here are the steps for getting your website ready.
Choosing a Web Host
Don’t sweat about this too much because you can always change web hosts later (though switching can be a hassle). Provided you select a web host that expressly supports WordPress, you’ll be fine.
Over the years, I have used the web hosting providers 1and1 (now 1&1 IONOS), bluehost and SiteGround. (I currently use SiteGround).
Even in the early days with 1and1, I only ever had one problem with them. It was a big, painful problem, mind you, but that’s still not too bad over the 6-year period I was with them.
1and1’s online portal and help pages could certainly be better but in terms of the important things like downtime and technical glitches they were good except the case mentioned.
My wife’s blog (not VPN-related), is hosted by bluehost. She has not been blogging for as long as me, but so far so good for her experience with bluehost. She is yet to encounter a problem with them.
Bluehost is more expensive than 1and1 and SiteGround is more expensive than bluehost, but I’d say the quality of each service matches their price levels.
- SiteGround – best quality and amazing customer service from $3.95 per month
- bluehost – good quality and fine customer service from $2.95 per month
- 1&1 (IONOS) – decent quality and bare bones customer service from $0.99 per month
Do You Need a Security Certificate (SSL) for Your Site?
Your preferred web hosting provider may offer “SSL”, usually as an add-on to your web hosting package for an additional price.
SSL simply means having a secure site. In practice this means a URL starting with https://.... (note the ‘s’). SSL is the technology that encrypts the traffic between your visitor’s web browser and the server where your web site is hosted.
I would recommend you go for it.
It's a must for ecommerce sites but is anyway good to adopt as it is increasingly becoming the norm. Plus, having SSL will give you a tiny bump up in Google’s eyes for its search engine rankings.
Obtaining an SSL certificate through your web hosting provider is ideal as this should minimize any implementation issues. You can also arrange SSL through a third party but it may not always be easy to implement with your existing web host, but they should be able to help guide you.
In either case, always remember to back up in full before making the switch to SSL as things can go off the rails during the switch. All the more reason to embrace SSL from the get-go if possible.
Eventually in Google Search Console, you should see secure URLs being crawled and indexed by Google, which nominally helps your SERP rankings.
Tips if Adopting SSL Later
If your site started out as unsecure (as mine did) and you later upgrade to an SSL certificate (as I did), remember in WordPress to change your website’s URL under Settings > General to https://www.example.com (adding an ‘s’ to the end of the ‘http’ portion).
When switching, be prepared that some of your WordPress plugins might not work. This is less of a problem that it used to be as SSL is becoming the norm, but this did happen to my social sharing buttons.
Even if your plugins continue to work, they make "break" the secure link and result in the lock icon disappearing from your visitors’ web browser, sometimes turning red in warning. This defeats the benefit of your visitors seeing the lock icon and feeling safe visiting your site.
Related, if you need to retain one or more posts or pages as unsecure, you can use 301 redirects in your WordPress settings to revert specific posts or pages to an unsecure status. You may discover that certain elements or scripts on a particular post or page do not work with SSL.
For example, my post http://www.cogipas.com/whats-my-ip/ was a non-secure page for a long time (it started with http only with no added ‘s’) because the script it relied on did not work with SSL.
Use WordPress. Full Stop.
WordPress isn’t perfect, but it is free and well supported, both for plugins (tools) and themes (the look and format of your site). Keep your life simple and use WordPress.
Rather than fill pages with basic WordPress information, I simply point you to the best resources.
For the best general WordPress guides, it’s hard to beat all the great, free information on the support pages of the official WordPress support site.
Things I Wish I’d Known about WordPress from the Start
WordPress has a few oddities that I should warn you about. Below are some things I wish I knew about using WordPress in my early days. They might help you too.
Posts vs Pages
It is important to differentiate between Posts and Pages.
When you create new written content in WordPress, you can create it as a Postor a Page (see screenshot). The difference between the two is not immediately intuitive, so let’s look at them in some detail.
Most of what you write will be Posts. Pages are intended for content that doesn't really change such as Contact Us or About pages, or landing pages you created for specific ad campaigns.
In general, Pages do not have comments enabled, are not set up for adding Categories and Tags and are not date specific.
Plugins are also set up to deal mostly with Posts and Post-related functionality (for example, to take full advantage of Categories and Tags).
When in doubt, create a Post.
I didn't appreciate this difference in the early days and found myself with a site full of Pages. This wasn't the end of the world, but my site took a big hit for some months when I converted most of my Pages to Posts so that I could benefit from Categories and Tags as well as some other cool features offered by many WordPress plugins.
Categories vs Tags
Here's the bottom line for Categories and Tags:
- each of your Posts should have one and only one Category
- each of your Posts should have one or more Tags
Generally, Categories should match items in the main menu of your website. Tags are more like index entries listed at the end of a book. Brand names of VPN services work well as Tags.
In other words, a Post belongs to one broad Category but could be described by a number of Tags. You might have a post about the best 5 VPN deals. The Category could be 'Deals' (or 'Coupons' etc) and the tags would be the 5 VPN services featured in the post.
And just because you can apply multiple Tags to a Post doesn't mean you should. There is nothing wrong with a Post having only a single Tag.
It is easy to add, delete, change and updated Categories and Tags, so don't worry about them too much provided you follow the two bullet points above.
Your “Home Page” (WordPress Front Page)
Like me, you will one day find yourself cursing WordPress while trying to find the “home page” settings. WordPress’ menus are not always intuitive and that’s especially true for this feature.
I use a static page as my home page because I want to control exactly how it looks.
A static home page (or front page in WordPress-speak) means designating an individual published Post (or Page) as your site’s default home page. In WordPress, go to Settings > Reading> then designate from the drop down the "Front page" you want.
When you want to edit your “home page”, simply edit the Post or Page you had designated here as the front page.
The other option for Front page displays, Your latest posts, is a bit old-fashioned and will simply be a list of your latest blog posts in the order, number and way you choose among the available options.
Choosing the Right WordPress Theme for your Site
Warning! You may go crazy trying to choose a theme for your website. No joke.
There are so many themes clambering for your attention (and affiliate sites touting them) that the process of choosing one can be utterly paralyzing.
When you start to do your own research, you’ll quickly see what I mean. I won’t go into the pros and cons of all the various themes as there are zillions of them.
For me, I eventually decided on ThriveThemes and soon graduated to a full-fledged monthly membership to make sure I would always have access to all of their excellent themes, visual editor and plugins. Thrive is particularly well-suited for an affiliate site (like mine) as it is super-focused on conversions.
If you run a photo- or video-heavy VPN blog, your requirements may be different, although to my mind a conversion is a conversion. For example, my wife’s travel blog is also fully Thrive-based.
Make Sure the Theme is Responsive
Whatever theme you choose, it must be “responsive” or in other words mobile-friendly. But these days it’s pretty hard to find a theme, even a free one, that is not mobile-friendly.
The point of responsiveness is that while your site might look great on your Windows desktop computer, how does it look on an iPhone versus an Android tablet? Or with a different web browser or different operating system?
Top Tip - The visual WordPress editor Thrive Architect lets you do this right in its interface where you can quickly check what your page/post looks like in desktop, tablet and mobile displays.
Remember, not everyone uses what you use. Always review your website and new posts with a number of different devices and web browsers.
You should do these checks from time to time. I'm always amazed how I later find issues, sometimes major ones, upon casually browsing my site over a morning cup of coffee or during my train commute (or, let’s be honest, during bathroom breaks).
Should You Enable Comments on Posts or Not?
Almost all themes will support visitors being able to leave Comments on your blog posts.
Whether to enable comments, is not as much of a no-brainer as you might think. Intuitively, you would think, The more interaction the better so, yes, of course, I will enable comments on my posts!
However, many comments are spammy, negative, nasty or downright hostile in nature. On my competitors’ sites, I have seen plenty of critical comments such as: "You don't know what you were talking about". On balance, I decided not to enable comments when I first started out even though that was completely contrary to the conventional wisdom.
Plus, quite apart from that consideration, posting replies to comments is time-consuming and the rate of return is quite low for the investment of your time. It's better that you invest the same time and energy in drafting new posts or tweaking underperforming posts.
Further, if you enable comments you will need a plugin like Akismet or other tool to help stop spammy or bot (automated) comments from polluting your blog.
Of course, you could simply censor comments that don’t help you, but vetting comments also takes yet more of your precious time.
Some VPN bloggers don't mind negative comments because, after all, it's still engagement that may help bring more visitors and increase your search engine rankings.
“Good or bad, as long as they're talking about you”, as the saying goes.
Eventually, I did worry I was missing out and eventually enabled comments on my posts. It hasn't been as time intensive as I was worried about, thanks in part to the Akismet plugin automatically casting aside the spammy ones.
The bigger problem is legitimate comments that contain questions I never get around to answering or which I answer only after a lot of time has passed. I think this looks bad, but I don't always have time to answer everything, let alone answer everything quickly.
Choosing the Right WordPress Plugins
If you are not familiar with WordPress plugins, the easiest way to think of them are as follows: plugins are to WordPress what apps are to your smartphone.
Plugins are important (especially as time goes on) but it is easy to go overboard. Less is more, especially in your early days. Here, I recommend only the most essential plugins you need for your WordPress site.
As you are just starting out, concentrate on free WordPress plugins (for each category below, I try to include a good free choice). Otherwise it's easy to spend a considerable amount of money before you have earned a single cent in profits from your website.
If you have a good web host, you can rely on their backup features. For example, my SiteGround web hosting plan includes daily backups and an easy-to-use backup restore tool.
To be safe, you should also use a backup plugin and I can recommend UpdraftPlus.
You might also want to perform the occasional manual WordPress backup, especially before making big changes or updates to your site.
Because your VPN affiliate website will (hopefully) be money-making, it is a prime target of wannabe hackers. So you have to take website security seriously, right from the beginning. But that doesn't mean you have to spend a lot of money or even any money.
It’s hard to go wrong with the free WordPress security plugin, Sucuri.
I especially like that it sends me an email every time anyone logs into my WordPress site or tries to log in. It also sends messages whenever anything on my website is added or modified.
This free plugin has protected me from plenty of would-be hackers.
It all started when one day I noticed almost in real time some hackers trying to get into my website. I needed a solution fast!
Many paid plugins were touting their solution but I didn't want to pay anything if I didn't have to. Securi’s free plugin solved the problem.
It limits the number of unsuccessful login attempts from any given IP address which helps prevent brute force dictionary attacks (see screenshot).
My site still gets attacked on a regular (at least weekly) basis, but no breaches so far. I wonder how many people’s sites are being attacked and they don't even know about it!
Sucuri also offers reasonably-priced premium security protection if you are interested (I’ve stuck with the free plugin so far).
Don’t Use the WordPress Default ‘Admin’ Account
With security in mind, please do not use WordPress’ default administrator account username “admin”. That makes things just that much easier for hackers.
Instead, create a new administrator account and delete (or reduce the access privileges) of the admin account. You can do this in WordPress’ Users menu item.
Social Media Sharing Buttons
There are zillions of social sharing buttons available for WordPress. Some of the best free ones are offered by Sumo.
Plus, it is likely that your WordPress theme may already come with some decent social media sharing buttons.
Search Engine Optimization (SEO)
SEO is an acronym you will hear a lot. It stands for search engine optimization. As a blogger, you will soon become very familiar with SEO. It’s the best way to attract visitors to your website for free.
An SEO plugin will help you make the most of your SEO efforts.
This is another no-brainer. Use the free WordPress plugin Yoast SEO, full stop.
This deservedly popular plugin uses an easy traffic light system (green, yellow, red) to inform you about which posts are in good shape for SEO.
It also has an easy to use URL redirect tool for when you rename or delete posts and want to direct visitors to a successor post.
The free version is just fine. However, once you start making about $1,000 per month I’d say you can take the plunge for Yoast SEO Premium. The premium version lets you optimize multiple focus keywords for a single post, imposes stricter recommendations for cornerstone post content and much more.
Broken Link Checker
The free Broken Link Checker WordPress plugin is a great and fast way to find and fix broken links on your site.
The plugin is constantly scanning your content for broken links. As soon as it finds a broken link, it sends you an email. Click on the link in the email to go right to the problem, fix it (or confirm it’s OK) and you’re done.
This helps ensure your site’s UX (user experience) stays good. This in turn helps your Google ranking as visitor bounces are reduced.
Just be careful to set the plugin’s scanning frequency not too high as this could slow down your website. The default settings are just fine.
Pretty Links is a free link shortening and cloaking WordPress plugin.
It lets you easily change long, ugly affiliate links leading to partner landing pages (or any long links for that matter) to sleek ones with your own domain name included.
In other words, instead of a link such as https://affiliate.com/buy-me?aff=cogipas+id=666, you could use a nice, clean link such as https://www.cogipas.com/good-deal.
The Pro version of Pretty Links has some additional handy features such as time-limited links which you can be set to expire (for example, after a VPN's special sale offer closes).
The Pro version also features detailed reports which you may appreciate including for double-checking how many clicks you are sending to partner VPN site landing pages.
To me, this is a must plugin for a start-up affiliate site. Many experts will recommend you use manual redirects for affiliate links (for faster page load speeds for one reason) but Pretty Links is just so darn easy to use and nearly as fast.
I may hire a developer to implement manual redirects at some point, but I still don't yet feel the need. If you think this is a BIG mistake, let me know why in the comments below.
Thrive Architect (formerly Thrive Content Builder) is a what-you-see-is-what-you-get editor to replace WordPress’ awful built-in editor. You will wonder how you ever managed without it. It’s not free, but worth every penny.
Of course, you can stick with WordPress’ built-in editor for the early months or even years of your website, as I did.
But eventually I “graduated” to Thrive Architect and use it for all of my new posts and content. There are other visual editors on the market too, including cheaper ones.
Spam Comment Blocker
The Akismet Anti-Spam plugin for WordPress will save you from having to spend time manually rejecting comments from bots and the like.
Technically, this plugin is not free, but its Personal Plan lets you pay whatever you want.
Set Up Google Analytics and Google Search Console Right Away
I strongly recommend you implement Google Analytics (GA) and Google Search Console (GSC) on your website. It is quick and easy to do so, especially if you already have a Google account such as for Gmail.
After you sign up to GA, you then paste a tiny bit of code across your website. Most WordPress themes will have an easy ‘Paste Code for Google Analytics Here’ type option (see screenshot).
Even if your WordPress theme doesn't have this feature, many good free WordPress plugins exist that let you do the same thing. ?
Once implemented, Google Analytics and Google Search Console will both keep very detailed statistics of the visits to your website.
Just one example is Google Analytics’ Traffic Flow report. This shows you where visitors arrive at your website, how many leave right away (called the "bounce rate"), the other pages they visit, how long they stay on your site, which page they leave from and sometimes even how they leave (for example, by clicking on a call to action).
If your promotional efforts are generating lots of visitors, but they quickly leave in droves then you have valuable information that your website, posts and calls to action need more work.
Google Search Console does not get the attention that Google Analytics does, but GSC has some rich data that is not available from Google Analytics.
For example, GSC’s reports can tell you which exact keyword searches people perform in Google that bring them to your website. Essential! I highly recommend you use it, especially as it is easy to set up.
You can even link your GA and GSC accounts so that some of the valuable keyword data from GSC is displayed in GA.
Why Google Analytics is So Important
For example, using GA you can see the number of visitors arriving at my landing pages and how many further interact with your calls to action (CTA).
If the numbers are disappointing, you have some insights into the landing pages and CTAs you may need to change. If visitors initiate a CTA or stay on your website (moving on to a second page), your landing pages are probably fine.
But if almost everyone quickly leaves after visiting (called “visitor bounces”), you know that those pages need more work.
GA is also essential if you run any Google Ads campaigns (see the Pay-per-click (PPC) & Google Ads section). GA can be further linked to your Google Ads account and is a handy way to see if your promotional efforts in Google Ads are paying off and attracting visitors to your website.
Admittedly, setting up your VPN website is not a lot of fun. But hopefully it went smoothly and you are now ready to start writing and publishing posts, eventually generating visitors to your site and making some money.
Do you have any tips or tricks to share for planning a VPN affiliate website? Comment below!
VPN website all set up?
Let's start writing posts