WordPress managed web hosting company Kinsta announced that it is changing how it bills its customers by not charging users for bandwidth related to unwanted bot and scraper traffic.
Daniel Pataki, CTO at Kinsta explained:
“In the past 12 months we’ve seen bot traffic rise due to the prevalence of both good and bad uses of AI. These bots can not be filtered as effectively, modifying our typical visits-to-bandwidth ratio. We’re working internally and with Cloudflare to improve bot filtering, but our top priority remains our customers’ success. Reducing bot-related costs as quickly as possible will have the greatest impact.”
Bot And Scraper Traffic Out Of Control
Anyone who’s watched their live traffic statistics can confirm that scraper and hacker bots make up a significant amount of traffic to a website, accounting for as much as half of the bandwidth costs for a website. I still remember the time I added a forum to a content site a few years ago and purposely left it without bot protection to see how long it would take to get spammed. I didn’t have to wait long; a spam bot registered itself and started posting spam within minutes.
Kinsta is providing bandwidth-based options that don’t charge for wasted bandwidth while also providing options such as caching and CDNs that help mitigate the impact of bad bot visits.
Kinsta’s announcement explains:
“Now with bandwidth-based options, Kinsta is giving customers more choice, transparency and control in how they pay for hosting: by visits or bandwidth. Customers are not locked into a single pricing model. This is consistent with Kinsta’s long-term approach of delivering quality and building trust. The new pricing option is setting the standard for hosting by giving customers the freedom to choose how they pay, in a way that reflects how the modern web actually works.”
The new feature is available to every visitor-based tier, enables the flexibility to switch between visits and bandwidth-based, and with improved usage notifications plus no charges for scrapers and bad bots the risk of unexpectedly running out of bandwidth is lower.
SEO plays a role in Automattic’s counterclaim against WP Engine. The legal document mentions search engine optimization six times and SEO once as part of counterclaims asserting that WP Engine excessively used words like “WordPress” to rank in search engines as part of an “infringement” campaign that uses WordPress trademarks in commerce. A close look at those claims shows that some of the evidence may be biased and that claims about SEO rely on outdated information.
Automattic’s Claims About SEO
Automattic’s counterclaim asserts that WP Engine used SEO to rank for WordPress-related keywords and that this is causing confusion.
The counterclaim explains:
“WP Engine also has sown confusion in recent years by dramatically increasing the number of times Counterclaimants’ Marks appear on its websites. Starting in or around 2021, WP Engine began to sharply increase its use of the WordPress Marks, and starting in or around 2022, began to sharply increase its use of the WooCommerce Marks.”
Automattic next argues that the repetition of keywords on a web page is WP Engine’s SEO strategy. Here’s where their claims become controversial to those who know how search engines rank websites.
The counterclaim asserts:
“The increased number of appearances of the WordPress Marks on WP Engine’s website is particularly likely to cause confusion in the internet context.
On information and belief, internet search engines factor in the number of times a term appears in a website’s text in assessing the “relevance” of a website to the terms a user enters into the search engine when looking for websites.
WP Engine’s decision to increase the number of times the WordPress Marks appear on WP Engine’s website appears to be a conscious “search engine optimization” strategy to ensure that when internet users look for companies that offer services related to WordPress, they will be exposed to confusingly written and formatted links that take them to WP Engine’s sites rather than WordPress.org or WordPress.com.”
They call WP Engine’s strategy aggressive:
“WP Engine’s strategy included aggressive utilization of search engine optimization to use the WordPress and WooCommerce Marks extremely frequently and confuse consumers searching for authorized providers of WordPress and WooCommerce software;”
Is The Number Of Keywords Used A Ranking Factor?
I have twenty-five years of experience in search engine optimization and have a concomitantly deep understanding of how search engines rank content. The fact is that Automattic’s claim that search engines “factor in the number of times” a keyword is used in a website’s content is incorrect. Modern search engines don’t factor in the number of times a keyword appears on a web page as a ranking factor. Google’s algorithms use models like BERT to gain a semantic understanding of the meaning and intent of the keyword phrases used in search queries and content, resulting in the ability to rank content that doesn’t even contain the user’s keywords.
Those aren’t just my opinions; Google’s web page about how search works explicitly says that content is ranked according to the user’s intent, regardless of keywords, which directly contradicts Automattic’s claim about WPE’s SEO:
“To return relevant results, we first need to establish what you’re looking for – the intent behind your query. To do this, we build language models to try to decipher how the relatively few words you enter into the search box match up to the most useful content available.
This involves steps as seemingly simple as recognizing and correcting spelling mistakes, and extends to our sophisticated synonym system that allows us to find relevant documents even if they don’t contain the exact words you used.”
If Google’s documentation is not convincing enough, take a look at the search results for the phrase “Managed WordPress Hosting.” WordPress.com ranks #2, despite the phrase being completely absent from its web page.
Screenshot Of WordPress.com In Search Results
What Is The Proof?
Automattic provides a graph comparing WP Engine’s average monthly mentions of the word “WordPress” with mentions published by 18 other web hosts. The comparison of 19 total web hosts dramatically illustrates that WP Engine mentions WordPress more often than any of the other hosting providers, by a large margin.
Screenshot Of Graph
Here’s a close-up of the graph (with the values inserted) showing that WP Engine’s monthly mentions of “WordPress” far exceed the number of times words containing WordPress are used on the web pages of the other hosts.
Screenshot Of Graph Closeup
People say that numbers don’t lie, and the graph presents compelling evidence that WP Engine is deploying an aggressive use of keywords with the word WordPress in them. Leaving aside the debunked idea that keyword-term spamming actually works, a closer look at the graph comparison shows that the evidence is not so strong because it is biased.
Automattic’s Comparison Is Arguably Biased
Automattic’s counterclaim compares eighteen web hosts against WP Engine. Of those eighteen hosts, only five (including WPE) are managed WordPress hosting platforms. The remaining fourteen are generalist hosting platforms that offer cloud hosting, VPS (virtual private servers), dedicated hosting, and domain name registrations.
The significance of this fact is that the comparison can be considered biased against WP Engine because the average mention of WordPress will naturally be lower across the entire website of a company that offers multiple services (like VPS, dedicated hosting, and domain name registrations) versus a site like WP Engine that offers only one service, managed WordPress hosting.
Two of the hosts listed in the comparison, Namecheap and GoDaddy, are primarily known as domain name registrars. Namecheap is the second biggest domain name registrar in the world. There’s no need to belabor the point that these two companies in Automattic’s comparison may be biased choices to compare against WP Engine.
Of the five hosts that offer WordPress hosting, two are plugin platforms: Elementor and WPMU Dev. Both are platforms built around their respective plugins, which means that the average number of mentions of WordPress is going to be lower because the average may be diluted by documentation and blog posts about the plugins. Those two companies are also arguably biased choices for this kind of comparison.
Of the eighteen hosts that Automattic chose to compare with WP Engine, only two of them are comparable in service to WP Engine: Kinsta and Rocket.net.
Comparison Of Managed WordPress Hosts
Automattic compares the monthly mentions of phrases with “WordPress” in them, and it’s clear that the choice of hosts in the comparison biases the results against WP Engine. A fairer comparison is to compare the top-ranked web page for the phrase “managed WordPress hosting.”
The following is a comparison of the top-ranked web page for each of the three managed WordPress hosts in Automattic’s comparison list, a straightforward one-to-one comparison. I used the phrase “managed WordPress hosting” plus the domain name appended to a search query in order to surface the top-ranked page from each website and then compared how many times the word “WordPress” is used on those pages.
Here are the results:
Rocket.net
The home page of Rocket.net ranks #1 for the phrase “rocket.net managed wordpress hosting.” The home page of Rocket.net contains the word “WordPress” 21 times.
Screenshot of Google’s Search Results
Kinsta
The top ranked Kinsta page is kinsta.com/wordpress-hosting/ and that page mentions the word “WordPress” 55 times.
WP Engine
The top ranked WP Engine web page is wpengine.com/managed-wordpress-hosting/ and that page mentions the word “WordPress” 27 times.
A fair one-to-one comparison of managed WordPress host providers, selected from Automattic’s own list, shows that WP Engine is not using the word “WordPress” more often than its competitors. Its use falls directly in the middle of a fair one-to-one comparison.
Number Of Times Page Mentions WordPress
Rocket.net: 21 times
WP Engine: 27 times
Kinsta: 55 times
What About Other Managed WordPress Hosts?
For the sake of comparison, I compared an additional five managed WordPress hosts that Automattic omitted from its comparison to see how often the word “WordPress” was mentioned on the top-ranked web pages of WP Engine’s direct competitors.
Here are the results:
WPX Hosting: 9
Flywheel: 16
InstaWP: 22
Pressable: 23
Pagely: 28
It’s apparent that WP Engine’s 27 mentions put it near the upper level in that comparison, but nowhere near the level at which Kinsta mentions “WordPress.” So far, we only see part of the story. As you’ll see, other web hosts use the word “WordPress” far more than Kinsta does, and it won’t look like such an outlier when compared to generalist web hosts.
A Comparison With Generalist Web Hosts
Next, we’ll compare the generalist web hosts listed in Automattic’s comparison.
I did the same kind of search for the generalist web hosts to surface their top-ranked pages for the query “managed WordPress hosting” plus the name of the website, which is a one-to-one comparison to WP Engine.
Other Web Hosts Compared To WP Engine:
InMotion Hosting: 101 times
Greengeeks: 97 times
Jethost: 71 times
Verpex: 52 times
GoDaddy: 49 times
Cloudways: 47 times
Namecheap: 41 times
Liquidweb: 40 times
Pair: 40 times
Hostwinds: 37 times
KnownHost: 33 times
Mochahost: 33 times
Panthen: 31 times
Siteground: 30 times
WP Engine: 27 times
Crazy, right? WP Engine uses the word “WordPress” less often than any of the other generalist web hosts. This one-to-one comparison contradicts Automattic’s graph.
And just for the record, WordPress.com’s top-ranked page wordpress.com/hosting/ uses the word “WordPress” 62 times, over twice as often as WP Engine’s web page.
Will Automattic’s SEO Claims Be Debunked?
Automattic’s claims about WP Engine’s use of SEO may be based on shaky foundations. The claims about how keywords work for SEO contradict Google’s own documentation, and the fact that WordPress.com’s own website ranks for the phrase “Managed WordPress Hosting” despite not using that exact phrase appears to debunk their assertion that search engines factor the number of times a user’s keywords are used on a web page.
The graph that Automattic presents in their counterclaim does not represent a comparison of direct competitors, which may contribute to a biased impression that WP Engine is aggressively using the “WordPress” keywords more often than competitors. However, a one-to-one comparison of the actual web pages that compete against each other for the phrase “Managed WordPress Hosting” shows that many of the web hosts in Automattic’s own list use the word “WordPress” far more often than WP Engine, which directly contradicts Automattic’s narrative.
I ran WP Engine’s Managed WordPress Hosting URL in a Keyword Density Tool, and it shows that WP Engine’s web page uses the word “WordPress” a mere 1.92% of the time, which, from an SEO point of view, could be considered a modest amount and far from excessive. It will be interesting to see how the judge decides the merits of Automattic’s SEO-related claims.
At the recent WordCamp Canada, WordPress co-founder Matt Mullenweg answered a question about how individuals and agencies could support the WordPress ecosystem against “bad actors” who don’t share the same community values. The question gave Mullenweg the opportunity to portray himself as the victim of a court that’s muzzling his free speech and to encourage the WordPress community to vote with their pocketbooks.
Question About Protecting WordPress Against Bad Actors
The person asking the question had two things on their mind:
1. How can individuals and agencies help protect WordPress’s community values from exploitative or profit-driven actors?
2. Should there be a formal certification system to identify and promote ethical contributors and agencies within the ecosystem?
The question asked reinforced that the WordPress community is divided into two sides, with those who stand with Mullenweg in his dispute with WP Engine and those on the other side who disapprove of the drama.
This is the question that was asked:
“WordPress has always thrived because of its open, community-driven ethos, but as the ecosystem grows, we’re seeing more like large, profit-driven players who don’t necessarily share the values. How can individual contributors and agencies like ours actively help protect WordPress and uphold the values and ethics that have sustained it from bad actors and people who might try to exploit the community.
And do you see room for something more formal, like a certification for individuals and agencies that define what being a good actor is to help educate clients and even the market to help kind of protect in a more proactive way from those sorts of bad actors?”
The question paints assumes a polarization in the WordPress community, with the exploitative profit-seeking bad actors on one side and the ethical WordPress supporters on the other.
No Bad Actors
Matt Mullenweg began his answer by stating that he’s not one to call anyone a bad actor.
He answered:
“So first, I’ll say, I don’t want to say that there’s bad actors. I think there might be bad actions sometimes and just temporarily bad actors who hopefully will be good in the future. So, you know, every saint has a past, every sinner has a future. So I never want to define like any company or any person is like permanently good or bad. Let’s talk about actions. “
Is This You?
It was a strange way to begin his answer because he used the phrase “bad actors” in his at last years WordCamp USA that called out WP Engine:
“I think that we also just need to call out bad actors. And you got to, the only way to fight a bully is to fight them back. If you just allow them to run rampant on the playground, they’re just going to keep terrorizing everyone.”
He followed that speech with a blog post where he went further and called WP Engine a “cancer to WordPress.”
You can hear it at the 33:48 minute mark of the recording from last year’s WordCamp
Motivating Good Behavior
Mullenweg continued his answer by discussing ways to motivate companies to give back to the WordPress community while also enforcing the GPL and protecting the WordPress trademark. Lastly, he encouraged the WordPress community to vote with their wallets by spending money on companies that that are defined as “good” and giving less to businesses who are presumably defined as a bad actors.
He continued:
“So second, I think with these actions, we can start to create incentive systems. And it’s part of what we’re doing with Five for the Future, which is basically saying you contribute back, which also implies that you’re not violating the GPL or something like that.
So we’ve got the hard stuff, like if you violate the GPL, you’re gonna get a letter, violate the trademark, that is more of a legal thing, but also the gentle stuff, like how can we encourage a good behavior by giving people higher rankings in the directory or in the showcase, for example, then finally, I’ll just say vote with your wallet.”
At this point he continued with the topic of motivating companies to do the right thing and drifted off into talking about WP Engine without actually naming WP Engine.
Mullenweg continued:
“So each one of you here has the ability to strongly influence these companies. By the way, if they’re commercially motivated, great. Let’s commercially motivate them to do the right thing by giving more business to the good companies and less business to the other companies.
This has actually been happening a lot the past year. I think I can say this. There’s a site called WordPressEngineTracker.com, which is currently tracking a number of sites that have left a certain host. It’s about to crash 100,000, about to cross 100,000, that have switched to other hosts, and over 74,000 have gone offline since September of last year.
We actually used to make all this data public. It was all the whole list was on there. They got a court order, so that way the data could be fact-checked by press or other people. There was actually a court order that made us take that down. So again, trying to muzzle free speech and transparency. But we’re allowed to keep that site up, so check it out while you can.”
Mullenweg’s comments frame spending choices as a form of moral expression within the WordPress ecosystem. By urging the community to “commercially motivate” companies, he encourages consumer spending as a way of enforcing ethical accountability, implicitly targeting WP Engine and unnamed others that fall short.
He positioned himself as the victim whose free speech is muzzled, but the court order simply required him and Automattic to stop sharing a spreadsheet of WP Engine’s customers. He also framed the whole dispute as one about ethics and morals, invoking the religious imagery of sinners and saints. WordPress is both a business and a community, but it’s not a religion. So it’s somewhat odd that those connections were made in the context of contributing money or time back into WordPress, which is a cultural obligation but not a legal (or religious) one.
10Web, an AI website-building platform, launched Vibe for WordPress, an AI-based site builder that works natively with WordPress. Vibe for WordPress aims to simplify and scale the process of creating websites.
Conversational AI WordPress Development
Vibe for WordPress enables users to build websites by explaining what they need in conversational language. It generates a working WordPress site that can be refined in chat, in the drag-and-drop visual editor, or in code mode. This process links AI-generated prototypes with WordPress’s live environment, minimizing manual setup or reliance on outside CMS tools.
Features and Integration
According to 10Web, Vibe connects to the WordPress backend, offering access to plugins, WooCommerce for e-commerce, user management, and built-in SEO tools. The hosted stack includes CDN, SSL, and backups, making each project ready for production. It is open source, so developers can modify or migrate code freely.
By combining AI-based frontend building with the WordPress backend, 10Web positions Vibe as a bridge between flexible AI creation and open-source infrastructure.
10Web describes the benefits:
“Unlimited Frontend Freedom — Build any layout, interaction, or animation—no drag-and-drop limits.
Real WordPress Backend — Plugins, auth, content models, and WooCommerce (soon) baked in.
Prompt → Website — Generate full sites from a prompt, then refine via chat or direct code.
Flexible Delivery — Use the platform today; API, self-hosted, and white-label are on the roadmap.”
Future Roadmap and Availability
Planned updates include WooCommerce support for ecommerce, Custom Post Type support, Figma or screenshot-based prompts, API, self-hosted, and the ability to white label it.
Heads up! Black Friday is almost here, and if you still haven’t prepared, it’s time to act fast. The clock is ticking, but you can still make meaningful updates that count. This article covers practical and straightforward last minute Black Friday tips to help you make quick, effective changes to your eCommerce store. Even with just a few days left, there’s still room to attract customers and make the most of the biggest shopping event of the year.
Table of contents
Key takeaways
Act quickly to implement last minute Black Friday tips for maximizing eCommerce sales
Focus on essentials such as clear offers, optimized checkout processes, and engaging email campaigns to boost conversions
Leverage social media to build anticipation, share customer stories, and create urgency with time-sensitive posts
Consider quick SEO fixes to enhance visibility, like updating meta titles and refreshing content for Black Friday
Utilize tools like Yoast SEO for enhanced performance and structured data to ensure your deals stand out in search results
Did you know?
Numbers show that Black Friday 2024 broke all records, as U.S. shoppers spent a staggering $ 10.8 billion online, representing a 10.2 percent increase from 2023. These numbers prove one thing: it is never too late to take action and grab your share of the Black Friday rush.
The must-dos (essentials you can’t miss)
The fastest way to put your Black Friday campaign on pilot mode is by focusing on a few essentials that make an immediate difference. These must-do, last minute Black Friday tips are your quick wins, helping you cover the basics, build momentum, and set up the foundation for a successful marketing campaign.
Make your offers crystal clear
When shoppers land on your website, your Black Friday deals should be impossible to miss. Highlight your best offers right on the homepage or add a static banner so visitors see them immediately. The clearer your offers are, the easier it is for customers to take action.
One of the most innovative ways to increase engagement is by using countdown timers. They build urgency, encourage faster decisions, and make shoppers feel like they’re part of something time-sensitive. The Diamond Store saw this in action when they added a live countdown clock to their 24-hour Black Friday email campaign. The result? A 400% higher conversion rate compared to their previous emails.
Forever 21 shows all the offers clearly on the homepage
For WordPress users, OptinMonster is a quick way to get started. It lets you create dynamic floating bars and banners with countdowns, all through a simple drag-and-drop builder.
If you’re using Shopify, the Essential Countdown Timer Bar app works perfectly for creating announcement bars or cart countdowns to drive urgency and prevent cart abandonment.
Check your checkout
Did you know a long or confusing checkout process is one of the biggest reasons shoppers abandon their carts, especially during high-traffic days like Black Friday? That’s the last thing you want when every second counts.
Before the rush begins, take a few minutes to go through your own checkout process on both desktop and mobile. Place a test order just like a customer would. Verify that your discount codes are applied correctly, your payment options load smoothly, and the overall flow feels quick and effortless.
Ask a few friends, family members, or even teammates to try it too. Fresh eyes often spot friction points you might miss, such as unclear buttons, confusing forms, or slow-loading pages.
Trust also plays a huge role. Ensure your checkout page displays secure payment badges and recognizable gateways, such as PayPal, Apple Pay, or Stripe. When shoppers feel confident their payment is safe, they’re far more likely to hit “Buy now.”
And one last tip: keep it simple. The fewer distractions and clicks, the smoother the path to purchase. That’s precisely what drives conversions during a last minute Black Friday rush.
Send a simple email to your list
Black Friday emails have been shown to generate 33 percent higher conversion rates than regular marketing messages. That alone makes it one of the smartest last minute Black Friday tips to focus on. When time is short, your existing customer base is your best asset. They already trust your brand and are far more likely to act quickly on your offers.
Keep your email focused and straightforward. Start with a subject line that clearly highlights your best deal or most significant discount. For example, in the screenshot below, you can see how the key offer or discount is prominently displayed in the subject line, while the body reinforces the offer with a clear call to action.
Inside the email, make your main offer impossible to miss. Emphasize the key benefits of your product or service, and include a direct call to action that takes users straight to your Black Friday sale page. Make it visually engaging by adding a countdown timer or a short GIF that brings energy and urgency to the message.
Remember, this isn’t about crafting a perfect campaign. It’s about getting the right message to the right people at the right time. A simple, well-timed email can make a real difference in your Black Friday sales.
Promote on social media channels
Social media continues to play a significant role in Black Friday success. It has seen a 7 percent year-over-year increase in traffic, now driving around 10 percent of all global mobile traffic referrals during the holiday season. Your audience is already scrolling, searching, and shopping, so this is your opportunity to be where they are.
In these last few days, your social media strategy should focus on building anticipation and trust. If you have customer review videos, testimonials, or any user-generated content, start sharing them now. Boosting these posts or running quick ad campaigns featuring real customer stories can help you build credibility fast. People are far more likely to buy when they see genuine experiences from others.
You can also collaborate with a micro-influencer or a brand advocate who already has a connection with your target audience. Even a brief post, story, or reel from them can draw attention to your sale and help you gain visibility.
If you are short on time, focus only on your most active platform, whether that is Instagram, Facebook, TikTok, or LinkedIn. Post your best offer as a pinned post or a story highlight and use countdown stickers or short video snippets to create a sense of urgency.
Lastly, remember to engage. Reply to comments, answer questions, and reshare posts from happy customers. Small interactions can make your brand feel more approachable and help you stand out during the Black Friday rush.
If you haven’t touched your SEO yet, don’t worry. There’s still time to make a few quick updates that can help your store appear in the search results. These last minute Black Friday SEO tweaks can enhance visibility, attract the right audience, and might give your deals a competitive edge.
Start with your meta titles and meta descriptions. Add words like Black Friday 2025, sale, or deal to your titles so searchers know what to expect. For example, instead of ‘Women’s handbags – Classic collection,’ you can try ‘Black Friday 2025 deals on women’s handbags.’ Keep it relevant, natural, and clear.
Next, check your product and landing pages. Make sure they’re up to date with current pricing, stock status, and offers. Highlight the discounts in your product descriptions, and, if possible, include keywords that shoppers might search for, such as ‘best Black Friday deals’ or ‘holiday gift offers.’
Another smart move is to reuse your existing content. If you already have an older Black Friday or holiday gift guide, simply refresh it for 2025 by updating the year, offers, and internal links. It’s a fast way to keep your content relevant without having to start from scratch.
Lastly, take a minute to review your page experience. A fast, mobile-friendly site can make or break your Black Friday sales. Run a quick check using Google’s PageSpeed Insights and fix anything that’s slowing your pages down. Even minor improvements can help increase conversions.
These quick wins may not replace a comprehensive Black Friday SEO strategy. However, they can still make your website more discoverable and help you capture traffic from shoppers actively seeking deals.
The nice-to-dos (if you have a little more time)
Okay, so the must-dos can help you frame a solid last minute marketing campaign. But if you’ve managed to check those off quickly and still have a little time on your hands, don’t stop there. The following few ideas may seem optional, but they can give your campaign the extra boost it needs to capture more attention, convert hesitant shoppers, and capitalize on the Black Friday rush.
Run simple retargeting ads
Don’t let potential buyers slip away after visiting your store. Retargeting ads help remind them of products they viewed or added to their carts, increasing the chances of conversion. Even a short, time-bound campaign with strong visuals and clear CTAs can make a difference during the Black Friday rush.
Bundle products or create quick gift sets
Shoppers love convenience, especially during the holidays. Bundling complementary products or creating quick gift sets can simplify decision-making and increase your average order value. Highlight these as limited-time deals to develop a sense of urgency and drive faster sales.
Add live chat or quick support options
Many customers abandon their carts when questions go unanswered. Adding a live chat feature helps resolve last minute queries instantly and keeps buyers engaged throughout the checkout process. Tools like Tidio and LiveChat integrate seamlessly with both WordPress and Shopify, making setup quick and easy.
Make your Black Friday deals shine with Yoast SEO for free!
Getting your offers in front of the right people starts with how your website appears and performs in search results. That’s where Yoast SEO can be a real game-changer during the Black Friday rush.
Here’s how:
Write SEO-friendly content
With Yoast SEO, you can create content that both readers and search engines understand. With Yoast SEO’s real-time feedback:
Get instant insights on keyword use, density, and placement
Optimize your product titles and descriptions to highlight key offers
Ensure your content maintains the right balance between keywords and readability
Improve readability
Shoppers move fast during Black Friday. Keep them engaged with content that is easy to read and skim. Yoast helps you:
Simplify long sentences and paragraphs
Use better transitions for a smoother flow
Maintain a consistent tone and structure throughout your content
Help search engines crawl your site efficiently
Visibility depends on how easily search engines can crawl and index your site. With Yoast SEO, you can:
Automatically generate XML sitemaps to guide crawlers
Use SEO-friendly breadcrumbs to create a clear site structure
Ensure your most important Black Friday pages are indexed correctly
Prepare your website for the future of search
AI-powered search is transforming the way people discover brands and deals online. The llms.txt feature in Yoast SEO helps you:
Communicate directly with AI systems, such as ChatGPT
Control how your content is accessed and cited by large language models
Enhance the likelihood of your offers being accurately represented in AI-driven summaries and recommendations
Want your Black Friday products to stand out in search with details like price, stock status, and ratings? That’s where structured data comes in. It helps search engines understand your products better and display them as rich results.
With the Yoast WooCommerce SEO plugin, this process becomes effortless. It automatically adds product-specific structured data to your pages, so your deals are clearer and more clickable in search results. This gives your listings the best chance to shine when shoppers are scanning for quick, trustworthy deals during the Black Friday rush.
Buy WooCommerce SEO now!
Unlock powerful features and much more for your online store with Yoast WooCommerce SEO!
Final thoughts: simple moves, big impact
As the countdown begins, remember that success isn’t about doing more but doing what matters most. It’s easy to get caught up in ambitious plans, such as redesigning your website, launching new products, or building influencer partnerships, but those time-intensive ideas rarely deliver quick results when the clock is ticking.
Instead, focus on achievable actions that create immediate impact. Refresh your existing content, refine your offers, and utilize tools like Yoast SEO to optimize your pages efficiently. A few smart tweaks to your product descriptions, meta titles, or site speed can often drive better conversions than a full-scale overhaul.
The key to winning Black Friday isn’t scale, it’s strategy. Work with what you already have, double down on proven tactics, and use every minute wisely. That’s how you turn last minute prep into lasting results.
Ahad Qureshi
I’m a Computer Science grad who accidentally stumbled into writing—and stayed because I fell in love with it. Over the past six years, I’ve been deep in the world of SEO and tech content, turning jargon into stories that actually make sense. When I’m not writing, you’ll probably find me lifting weights to balance my love for food (because yes, gym and biryani can coexist) or catching up with friends over a good cup of chai.
An advisory was issued for the popular WPBakery plugin that’s bundled in thousands of WordPress themes. The vulnerability enables authenticated attackers to inject malicious scripts that execute when someone visits an affected page.
WPBakery Plugin
WPBakery is a drag-and-drop page builder plugin for WordPress that enables users to easily create custom layouts and websites without writing code. WPBakery is frequently bundled with premium themes. Theme developers license it so that they can bring the power of a drag and drop page builder functionality to their WordPress themes.
WPBakery Vulnerability
The WPBakery Page Builder WordPress plugin was discovered to have insufficient input sanitization and output escaping in it’s Custom JS module.
Insufficient input sanitization and output escaping are flaws that enable attackers to upload malicious code into a website and cause the affected site to output malicious code. In general, this can lead to vulnerabilities such as Cross-Site Scripting (XSS) and SQL Injection.
Input Sanitization filters uploaded user data before it is stored or processed by the plugin.
Output Escaping converts characters that have HTML meanings into safe output before it is displayed on a web page. This prevents executable code from outputting onto a live web page and affecting users.
This flaw enables attackers with contributor-level access or higher to inject arbitrary scripts to affected websites. The vulnerability affects WPBakery plugin versions up to and including version 8.6.1.
Users of the plugin are encouraged to update to the latest version of WPBakery, which is currently version 8.7.
Featured Image by Shutterstock/3d artwork wallpaper
Two critical vulnerabilities were identified in the WP Travel Engine, travel booking plugin for WordPress that’s installed on more than 20,000 websites. Both vulnerabilities enable unauthenticated attackers to obtain virtually complete control of a website and are rated 9.8 on the CVSS scale, very close to the highest possible score for critical flaws.
WP Travel Engine
The WP Travel Engine is a popular WordPress plugin used by travel agencies to enable users to plan itineraries, select from different packages, and book any kind of vacation.
Improper Path Restriction (Path Traversal)
The first vulnerability comes from improper file path restriction in the plugin’s set_user_profile_image function
Because the plugin fails to validate file paths, unauthenticated attackers can rename or delete files anywhere on the server. Deleting a file such as wp-config.php disables the site’s configuration and can allow remote code execution. This flaw can enable an attacker to stage a remote code execution attack from the site.
Local File Inclusion via Mode Parameter
The second vulnerability comes from improper control of the mode parameter, which lets unauthenticated users include and run arbitrary .php files
This enables an attacker to run malicious code and and access sensitive data. Like the first flaw, it has a CVSS score of 9.8 and is rated as critical because it allows unauthenticated code execution that can expose or damage site data.
Recommendation
Both vulnerabilities affect versions up to and including 6.6.7. Site owners using WP Travel Engine should update the plugin to the latest version as soon as possible. Both vulnerabilities can be exploited without authentication, so prompt updating is recommended to prevent unauthorized access.
WP Engine filed a Second Amended Complaint against Automattic and Matt Mullenweg in response to the September 2025 court order that dismissed several counts but gave WP Engine an opportunity to amend and fix issues in its earlier filing. Although Mullenweg blogged last month that the ruling was a “significant milestone,” that’s somewhat of an overstatement because the court had, in fact, dismissed the counts related to antitrust and monopolization with leave to amend, allowing WP Engine to amend and refile its complaint, which it has now done.
WP Engine Versus Automattic Is Far From Over
In last month’s court order, two claims were dismissed outright because of technical issues, not because they lacked merit.
Two Claims That Were Dismissed
Count 4, Attempted Extortion: WP Engine’s lawyers cited a section of the California Penal Code for Attempted Extortion. The Penal Code is criminal law intended for use by prosecutors and cannot serve as the basis for a civil claim.
Count 16, Trademark Misuse, was also dismissed on the technical ground that trademark misuse can only be raised as a defense.
The remaining counts that were dismissed last month were dismissed with leave to amend, meaning WP Engine could correct the identified flaws and refile. WP Engine’s amended complaint shows that Automattic and Matt Mullenweg still have to respond to WP Engine’s claims and that the lawsuit is far from over.
Six Counts Refiled
WP Engine refiled six counts to cure the flaws the judge identified in the September 2025 court order, including its Computer Fraud and Abuse Act claim (Count 3).
Count 3: Computer Fraud and Abuse Act (CFAA)
Count 12: Attempted Monopolization (Sherman Act)
Count 13: Illegal Tying (Sherman Act)
Count 14: Illegal Tying (Cartwright Act)
Count 15: Lanham Act Unfair Competition
Count 16: Lanham Act False Advertising
Note: In the amended complaint, Count 16 is newly numbered; the previous Count 16 (Trademark Misuse) was dismissed without leave to amend.
How Second Amended Complaint Fixes Issues
The refiled complaint adds further allegations and examples to address the shortcomings identified by the judge in the previous ruling. One major change is the inclusion of clearer market definitions and more detailed allegations of monopoly power.
Clearer Market Definition
The September 2025 order found that WP Engine’s earlier complaint did not adequately define the relevant markets, and the judge gave WP Engine an opportunity to amend. The amended complaint dedicates about 27 pages to defining and describing multiple relevant markets.
WP Engine’s filing now identifies four markets:
Web Content Management Systems (CMS) Market: Encompassing both open-source and proprietary CMS platforms for website creation and management, with alleged monopoly power concentrated in the WordPress ecosystem.
WordPress Web Hosting Services Market: Consisting of hosting providers that specialize in WordPress websites, where Automattic is alleged to influence competition through its control of WordPress.org and trademark enforcement.
WordPress Plugin Distribution Market: Focused on the distribution of plugins through the WordPress.org repository, which WP Engine alleges Automattic controls as an essential and exclusive channel for visibility and access.
WordPress Custom Field Plugin Market: A narrower segment centered on Advanced Custom Fields (ACF) and similar plugins that provide custom field functionality, where WP Engine claims Automattic’s actions directly suppressed competition.
By defining these markets in greater detail over 27 pages, WP Engine addresses the court’s earlier finding that its market definitions were inadequately supported and insufficiently specific.
New Allegations Of Monopoly Power
The September 2025 court order found that WP Engine had not plausibly alleged Automattic’s monopoly power or exclusionary conduct, and allowed WP Engine to amend its complaint.
The amended filing adds detailed assertions intended to show Automattic’s dominance:
Automattic allegedly controls access to the official WordPress plugin and theme repositories, which are essential for visibility and functionality within the WordPress ecosystem.
Matt Mullenweg’s dual roles as Automattic’s CEO and his control over WordPress.org’s operations are alleged to enable coordinated market exclusion.
The complaint cites WordPress’s scale, powering more than 40 percent of global websites, and argues that Automattic exercises significant influence over this ecosystem through its control of WordPress.org and related trademarks.
These new assertions are meant to show that Automattic’s influence over WordPress.org translates into measurable market power, addressing the court’s finding that WP Engine had not yet made that connection.
Expanded Exclusionary Conduct Examples
The court found that WP Engine framed Automattic’s control of WordPress.org and the WordPress trademarks too vaguely to plausibly show exclusionary conduct or resulting antitrust injury.
The amended complaint addresses this by detailing how Automattic and Matt Mullenweg allegedly used threats and actions involving WordPress.org access and distribution to:
Block or restrict WP Engine’s access to WordPress.org resources and community channels.
Impose conditions on access to WordPress trademarks and resources through alleged threats and leverage.
Pressure plugin developers and partners not to collaborate or integrate with WP Engine’s products.
Establish an alleged de facto tying arrangement, linking participation in the WordPress.org ecosystem to compliance with Automattic’s control over governance and distribution.
Together, these examples illustrate how WP Engine is attempting to turn previously vague claims of control into specific allegations of exclusionary conduct.
Abundance Of Evidence
Mullenweg sounded upbeat in his response to the September 2025 ruling:
“Just got word that the court dismissed several of WP Engine and Silver Lake’s most serious claims — antitrust, monopolization, and extortion have been knocked out!”
But WP Engine’s Second Amended Complaint makes it clear that those “serious claims” were dismissed with leave to amend, have since been refiled, and are not yet knocked out.
The amended complaint is 175 pages long, perhaps reflecting the comprehensive scope necessary to address the issues the court identified in the September 2025 order. None of this means WP Engine is winning; it simply means the ball is back in play. That outcome directly contradicts Mullenweg’s earlier claim that the antitrust, monopolization, and extortion counts had been “knocked out.”
Builderius WordPress website builder announced the ability to develop sites using GraphQL together with AI. The new functionality enables developers to use the power of GraphQL with the assistance of AI.
Why GraphQL
GraphQL can be a more efficient way to fetch data than traditional approaches in WordPress, using visual query builders, PHP, or REST API. It enables websites, or in this case Builderius, a visual builder for WordPress, to fetch only the specific data they need in one request, reducing the inefficiencies of how dynamic data is typically fetched within WordPress. Unlike the WordPress REST API, which delivers fixed sets of data from multiple endpoints, GraphQL gives developers more control and efficiency by returning exactly what’s asked for in a single query.
AI-Assisted Learning Setup
Builderius provides schema documentation and setup instructions that enable AI tools (like Claude or ChatGPT) to function as teaching assistants for learning GraphQL. Users are able to learn GraphQL through step-by-step project work as the AI guides them, explaining, structuring, and improving queries. This approach helps users learn GraphQL concepts while applying them in actual WordPress projects, supporting both productivity and ongoing learning.
Builderius is providing schema documentation and configuration guides that enable AI tools to act as interactive learning partners for getting started using GraphQL within Builderius. Instead of merely generating code, the AI integration helps users understand the structure and reasoning behind queries, enabling them to apply GraphQL concepts effectively in real development work. This approach blends hands-on learning with practical application, helping developers become proficient while building dynamic WordPress sites.
According to Builderius:
“Once configured, you can simply start new conversations by asking what you want to build. The AI will remember its role and your learning progression across all chats in the project.
…Your AI will explain the relationship between built-in WordPress queries, custom GraphQL queries, and dynamic data tags. You’ll understand how data flows from your queries into your visual layouts, with concrete examples.”
Hostinger announced a new AI-agent optimization feature that makes any WordPress website AI-agent-friendly, optimizing websites to provide the best experience for humans using AI agents to compare products, plan vacations, and perform other tasks that are part of a user’s information and consumer journey.
Agentic Web
The Agentic Web is a new reality of the Internet based on reducing friction for Agentic AI. Agentic AI refers to AI bots that go out into the web to complete tasks on behalf of humans.
The original version of the web was optimized as a platform for interactions with people. The Agentic Web is optimized for interactions with AI agents. What makes the Agentic Web possible is a collection of protocols and standards that make it easy for a person’s AI agent to crawl and complete tasks on websites.
Consumers are increasingly relying on AI for their information needs, and this includes product research. Just as websites had to become mobile-friendly to keep up with how users were consuming information, informational and e-commerce websites also need to begin considering how to capture that audience comprised of AI agents working on behalf of consumers.
Hostinger’s Web2Agent
Hostinger announced a new feature called Web2Agent. Web2Agent makes WordPress websites Agentic AI friendly with a single click. Web2Agent also works on Hostinger’s proprietary website builder.
According to Hostinger:
“Web2Agent is an experimental feature developed and operated by Hostinger. It transforms your website into a fully AI-compatible agent that can be easily discovered, understood, and accessed by AI tools. It currently works best with Claude, Cursor and tools supporting MCP protocol and we’re working on integrating it with ChatGPT, Gemini, and other autonomous AI agents.
As the internet shifts toward an agent-driven future, this feature helps position your website as a first-class participant in that ecosystem – intelligent, accessible, and interoperable.”
Enabling Web2Agent makes websites ready for interaction with AI while also respecting robots.txt and conforming to LLMs.txt.
Hostinger explains that it currently works with the MCP protocol and with any other tools and apps that connect to that protocol. It will be adding more protocols in the near future.
