On the other hand, if you only want to move products, then this tutorial will help you learn how to properly export and import WooCommerce products with images and other product data.
We’ll show you two methods, you can choose one that works best for you.
Method 1. Import & Export WooCommerce Products without a Plugin
WooCommerce comes with built-in functionality to easily import and export products with images, but without using any additional plugins.
First, you need to visit the Products » All Products page in your WordPress admin area. There, you will see two buttons at the top to ‘Import’ or ‘Export’ products.
Let’s first check out how the export feature works.
Exporting WooCommerce Products without Using a Plugin
Simply click on the ‘Export’ button at the top to continue.
On the next screen, you’ll see a bunch of options to choose what data you want to export.
For instance, you can choose to only export certain columns from product data. You can also choose to export specific product types or products in specific categories.
To export all products with images and all other data, you can leave these options unchecked.
Optionally, you can check the ‘Export custom meta.’ If you are unsure, then it’s better to check it so that you have the data.
Go ahead and click on the ‘Generate CSV’ button to continue.
WooCommerce will now prepare a CSV file and download it to your computer.
What is a CSV File?
CSV is short for Comma Separated Values, and it is file type of plain text that separates different columns or fields of data with a comma.
You can open it with any spreadsheet software like Google Sheets or Microsoft Excel. Here is how it would look:
Importing WooCommerce Products without Using a Plugin
Simply go to the Products » All Products page and click on the Import button at the top.
If your WooCommerce store is empty, then instead of the buttons at the top, you will see buttons at the center of the page.
Click on the ‘Start Import’ button to begin the import.
This will bring up the import wizard.
First, you need to click on the ‘Choose File’ button to select the WooCommerce export CSV file you downloaded earlier.
Click on the continue button to upload the CSV file.
WooCommerce will now check to see if your CSV file is in a compatible format. After that, it will ask you to map that data to existing WooCommerce product data.
The default settings here will work for most WooCommerce stores.
However, you still need to review and if a column is missing, and then click on the drop-down menu next to it and select a matching field if available.
Particularly, if you are using variations attribute for products, then make sure to scroll down to the attributes columns and match fields.
This will allow you to ensure that the fields in your CSV file match the corresponding WooCommerce fields.
Click on the ‘Run’ the Importer button to begin.
WooCommerce will now start importing data from CSV file. It will also download any images attached to your products.
Once finished, you can visit the Products » All Products page to see the imported products.
Make sure to visit your shop and product pages to check that everything is working as expected.
Method 2. Import & Export WooCommerce Products with a Plugin
For this method, we’ll be using a plugin to import and export WooCommerce products.
The advantage of this method is that it offers more flexible options and also allows you to export / import product reviews.
Plus, it allows you to import / export WooCommerce products in batches which comes in handy if you have a large store with many products and images.
After that, go to the Webtoffee Import Export (Pro) » Import page and select ‘Product’ as the post type you want to import.
Click on the ‘Step 2: Select import method’ button to continue.
Next, you need to select an import method and upload the exported file you downloaded earlier to your computer.
Click on the ‘Step 3: Map and Import Columns’ button to continue.
On the next screen, you’ll see a list of fields and the matching fields from your import file. If you see an empty field, you can choose a matching field for it in the next column.
If you are using product variations like sizes and colors, then make sure to click on the Attributes tab to match attribute fields.
However, if you are not using any products with variations or custom attributes then you can use the default settings.
Click on the ‘Step 4: Advanced Options / Batch Import’ button to continue.
On the final screen, you’ll see advanced options. For instance, you can choose to match products by ID or SKU, choose what to do if a product already exists, and more.
If you are importing products into an empty WooCommere store, then you can use the default settings.
Finally, click on the ‘Import’ button to run the product import process.
You’ll see the progress of the import on screen. Once finished, you can click on ‘View Products’ to check if everything has been imported correctly.
The plugin also allows you to import and export Product Reviews.
If you want to import or export the product reviews too, then simply choose ‘Product Reviews’ post type on the import or export page.
Improve Your WooCommerce Store with Automations
If you find yourself doing a lot of manual work around your WooCommerce store and want to save time, then we recommend using Uncanny Automator for workflow automation.
Uncanny Automator helps you connect over 100+ plugins and apps with a simple no-code visual builder. You can use it to create automated workflows for things that you normally do without writing any code.
There’s a free version that you can try out, and it’s already used by over 20,000 websites.
Aside from workflow automation, if you’re looking for a marketing automation tool for WooCommerce, then we recommend using FunnelKit Automation. It will help you grow your sales and improve conversions without the high costs.
A sneaky new credit card stealer has been discovered hiding in places that are difficult to scan, and thus managing to steal payment (opens in new tab) information without triggering any alarms.
A report from cybersecurity experts Sucuri notes how it stumbled upon the malware when called in to investigate an “unusual infection” at one of its clients’ payment endpoints.
As it turns out, the malware was hiding in the site’s WooCommerce payment gateway module called Authorize.net, which process payment details on checkout. As this module works after the user submits data at checkout, cybersecurity solutions have a harder time detecting potentially malicious code hiding within.
No vulnerabilities
Usually, threat actors would inject malicious code into the HTML of the store of customer checkout pages. The code would then grab the data being inputted during checkout – giving hackers access to sensitive data such as full credit card numbers, CVV numbers, expiration dates, phone numbers, email addresses, and other important information.
But today’s cybersecurity solutions can scan the HTML code for malware and thus keep the ecommerce sites safe.
That’s why this creative malware developer turned to the Authorize.net payment processing system. Apparently, it is currently being used by more than 400,000 merchants all over the world.
But the WordPress ecommerce plugin WooCommerce, or the Authorize.net payment gateway, are not flawed, and do not carry any vulnerabilities, Sucuri stressed.
“Overall they are both robust and secure payment platforms that are perfectly safe to use. Instead, this article highlights the importance of maintaining good security posture and keeping environments locked down to prevent tampering from threat actors.”
“Just like any other piece of software, if malicious actors compromise an environment they can tamper with existing controls,” they concluded.
To remain secure, businesses are advised to leverage file integrity monitoring, keep a close eye on modified files, and urged to “take every possible avenue to keep the attackers at bay.”
A new credit card stealing hacking campaign is doing things differently than we have seen in the past by hiding their malicious code inside the ‘Authorize.net’ payment gateway module for WooCommcerce, allowing the breach to evade detection by security scans.
Historically, when threat actors breach a commerce site like Magenta or WordPress running WooCommerce, they inject malicious JavaScript into the HTML of the store or customer checkout pages.
These scripts will then steal inputted customer information on checkout, such as credit card numbers, expiration dates, CVV numbers, addresses, phone numbers, and email addresses.
However, many online merchants now work with security software companies that scan the HTML of public-facing eCommerce sites to find malicious scripts, making it harder for threat actors to stay hidden.
To evade detection, the threat actors are now injecting malicious scripts directly into the site’s payment gateway modules used to process credit card payments on checkout.
As these extensions are usually only called after a user submits their credit card details and checks out at the store, it may be harder to detect by cybersecurity solutions.
The campaign was discovered by website security experts at Sucuri after being called in to investigate an unusual infection on one of their client’s systems.
Targeting payment gateways
WooCommerce is a popular eCommerce platform for WordPress used by roughly 40% of all online stores.
To accept credit cards on the site, stores utilize a payment processing system, such as Authorize.net, a popular processor used by 440,000 merchants worldwide.
On the compromised site, Sucuri discovered that threat actors modified the “class-wc-authorize-net-cim.php” file, one of Authorize.net’s files supporting the payment gateway’s integration to WooCommerce environments.
The code injected at the bottom of the file checks if the HTTP request body contains the “wc-authorize-net-cim-credit-card-account-number” string, which means it carries payment data after a user checks out their cart on the store.
If it does, the code generates a random password, encrypts the victim’s payment details with AES-128-CBC, and stores it in an image file that the attackers later retrieve.
Malware code added at the bottom of the file(Sucuri)
A second injection performed by the attackers is on “wc-authorize-net-cim.min.js,” also an Authorize.net file.
The injected code captures additional payment details from input form elements on the infected website, aiming to intercept the victim’s name, shipping address, phone number, and zip/postal code.
Evading detection
Another notable aspect of this campaign is the stealthiness of the skimmer and its functions, which make it particularly hard to discover and uproot, leading to extended periods of data exfiltration.
First, the malicious code was injected in legitimate payment gateway files, so regular inspections that scan websites’ public HTML or look for suspicious file additions wouldn’t yield any results.
Secondly, saving stolen credit card details on an image file isn’t a new tactic, but strong encryption is a novel element that helps attackers evade detection. In past cases, threat actors stored stolen data in plaintext form, used weak, base64 encoding, or simply transferred the stolen information to the attackers during checkout.
Thirdly, the threat actors abuse WordPress’s Heartbeat API to emulate regular traffic and mix it with the victims’ payment data during exfiltration, which helps them evade detection from security tools monitoring for unauthorized data exfiltration.
Abusing Heartbeat API when exfiltrating victim data(Sucuri)
As MageCart actors evolve their tactics and increasingly target WooCommerce and WordPress sites, it is essential for website owners and administrators to stay vigilant and enforce robust security measures.
This recent campaign discovered by Sukuri highlights the growing sophistication of credit card skimming attacks and the attackers’ ingenuity in bypassing security.
Are you looking for the best practices to maximize the SEO benefits of internal links?
Internal links play an important role in search engine optimization (SEO). They help search engines discover your content and rank them higher in search results.
In this article, we’ll list the best practices to use for internal linking for SEO.
How Does Internal Linking Improve SEO in WordPress?
Internal links are links between posts on your own website. Having internal links is important for your WordPress SEO. They help search engines like Google crawl your website and discover new content to index and rank.
Generally, the more links a page has pointing to it, the more likely it is to rank higher in search results. That means that you can use internal links to point to important pages on your site as a way to increase their traffic.
That being said, let’s take a look at the best practices for improving SEO by adding internal links in WordPress. Since this is a comprehensive guide, we have included a table of contents for easier navigation.
We recommend that you make a habit of linking to your older articles from your new articles.
It’s a great way to develop a contextual relationship between your new and old posts. It also allows you to pass relevant link juice to your older articles.
Because internal links play such an important role in SEO, we have even made it part of our pre-publish blog post checklist for WPBeginner writers.
You can also edit your older articles to add links to your newer content whenever you publish. Many successful bloggers dedicate time to adding internal links that point to new articles on a weekly or monthly basis.
This will help you boost your pageviews, increase the time users spend on your site, and ultimately will improve the SEO score of your individual blog posts and pages.
WordPress makes it easy to search for your old posts right inside the post editor. Simply select the text you want to link and click on the link button in the toolbar that appears.
A text pop-up will appear below your highlighted words. Then, you can start typing to search for the older articles you want to link to.
2. Monitor Your Internal Link Performance in WordPress
It’s helpful to see your website’s SEO performance in terms of links by using a tool such as the Links Report in Google Search Console. This is a helpful starting point for working out how to improve internal linking on your site.
The Links Report will show you how many pages are linking to this page. You can compare it with other pages and see whether pages with more internal links are ranking higher than posts with many internal links.
Just make sure you are only linking to the article when it makes sense. Adding links where they don’t make sense creates a bad user experience.
Another way to monitor the impact of internal linking is to see which keywords are gaining or losing position. All in One SEO makes this extremely easy with the Search Statistics feature.
Once you connect the plugin with Google Search Console, All in One SEO will fetch your Google Search Console data and present it under All in One SEO » Search Statistics.
The keyword positions chart shows a graph of your site’s keyword positions.
Below this, you’ll see the Keyword Rankings overview box. This shows your top 10 keywords, and if you use them for internal links they are very likely to be clicked.
3. Improve Your WordPress Site’s Internal Linking With a Plugin
If you’re not sure which posts you want to link to, then you will often find it faster to add internal links in WordPress using an internal linking plugin.
We recommend using All in One SEO. It includes a unique Link Assistant feature that lets you add links to your old and new content without having to open up the post. Plus, it provides link recommendations, detailed link reports, and much more.
Link Assistant will crawl every link on your website and then show a comprehensive list report.
The report will show you an overview of the links with total counts for internal, external, and affiliate links. It will also show you the number of orphaned posts that have not yet been linked to from another post or page.
You can switch to the Links Report tab for detailed information on all your links. Here you’ll see a list of all your posts and pages with columns for internal, external, and affiliate links.
It will also show a number of suggestions where you can add links.
For more details, you can click on the right arrow button next to a post or page. This will show all links organized in different tabs. From the suggestions tab, you can quickly view link suggestions and add links without directly editing a post or page.
Link Assistant also helps you discover more internal linking opportunities.
You can switch to the ‘Linking Opportunities’ tab to see suggestions about how to improve the internal linking on your website, and also see the list of orphaned posts so you can add links to them.
Another plugin useful for internal linking is Semrush SEO Writing Assistant because it can help you keep track of links inside your article.
For example, it lets you know when your article has too many or too few internal links and also suggests ways you can improve your links.
This tool also comes in handy if you have other authors working on articles. Editors can quickly see if the article includes internal links to other posts on your website.
4. Display a List of Your Most Popular Posts in WordPress
You can use a WordPress popular posts plugin to point users toward the articles that other users have already found helpful. These plugins automatically create a list of internal links to your most popular content.
Popular posts are usually your most successful content, which means they are more likely to increase user engagement, conversions, and sales. They are also a good opportunity for internal linking to your other less popular articles.
For example, MonsterInsights has a feature that allows you to show your popular articles anywhere on your WordPress site. You can use also use inline popular posts to show articles inside your content.
If you want to show articles in the sidebar or at the end of your content, then you can select the Popular Post Widget. MonsterInsights even lets you display your top-performing products anywhere on your eCommerce store.
5. Create List Posts That Roundup Other Articles in WordPress
Another way to increase the number of internal links on your WordPress blog is to create roundups of your existing content. You do this by creating a new post that mentions your best articles on a certain subject to give a detailed overview of the topic.
In fact, you’re reading a post like that now.
Luckily, there are some plugins that make this job easy. For example, WP Tasty Roundups allows you to quickly repurpose your existing content into beautiful roundup posts that rank in search results.
All you need to do is type one or two keywords into the built-in search functionality, and the plugin will automatically pull images, titles, descriptions, and links from relevant posts into your roundup list.
6. Get Google Sitelinks for Your WordPress Site
Sitelinks are a feature on Google search engine results pages (SERPs) where additional sub-pages appear under a website in the search results.
These are often internal links to the most popular pages of that website.
The top 3 spots on Google get the most clicks. When sitelinks are shown for a website, it takes up the same amount of space as three regular search listings.
Having this much screen space dedicated to your site significantly increases your overall click-through rate. Simply put, more visitors will visit your website from the keyword.
While there is no guaranteed way to get Google to show sitelinks for your website, it certainly helps to create lots of internal links to your most important posts and pages.
7. Preload Links in WordPress for Faster Loading Speeds
Link preloading is a browser technology that will load links in the background before a site visitor clicks them. This makes your website seem faster, which can improve SEO.
Because loading speed is one of the top indicators for search engine rankings and user engagement, when your internal pages are preloaded, your visitors are more likely to stay on your website longer.
They are more likely to view more pages because they’re loading instantly.
The easiest way to preload links is by using the Flying Pages plugin. It simply adds intelligent preloading to make sure preloading won’t crash your site or even slow it down.
Broken links are bad for your website’s SEO. Search engine crawlers find new content on your website by following internal links, so a broken link can stop them from indexing a new post.
They also negatively impact user experience because broken links will return a 404 error. If a visitor clicks on a link and is unable to find a page they’re looking for, then they may leave.
AIOSEO offers a powerful redirection manager that helps track 404 errors on your website and lets you set up permanent 301 redirects to fix broken links.
9. Update Internal Link URLs When Moving a Site to a New Domain
If you ever move your WordPress site to a new domain name, then it is important to update all internal link URLs. Otherwise, you will have lots of broken links.
You should start by changing the WordPress address and site URL by visiting the Settings » General page from your WordPress dashboard.
But you will also need to change the URLs of every internal link added to your posts and pages.
10. Use MediaWiki Syntax to Quickly Add Internal Links to WordPress
If you want to make internal linking a habit, then it helps to use the most efficient method. Since WordPress 6.0, WordPress has supported standard MediaWiki syntax to quickly add internal links when creating or editing a post.
You can now quickly add links by adding two square brackets followed by the post title. The animated gif below shows you how easy this feature is to use inside WordPress.
The link will automatically add the correct URL to the post, and use the post title as an anchor link.
If you know the title of a post (or even just part of it), then using the double square bracket method is the fastest way of creating an internal link.
11. Track Which Internal Links Are Clicked in WordPress
One of the best ways to uncover how users interact with your website is to track which internal links your visitors are clicking. Tools such as MonsterInsights can help you see which internal links your visitors are the most interested in.
You can then use these insights to improve the way you add internal links to your posts and pages.
You can also use All in One SEO to enable breadcrumbs for your WooCommerce products. For details, see the fifth tip in our guide on WooCommerce SEO made easy.