Table of Contents
There were two interesting months within the WordPress ecosystem with events that are here to impact the course and development of the platform. We saw WordPress getting important security updates and a brand new design for the plugin repository and also witnessed to a significant acquisition.
With this being said, let’s dive into the summary of news, that I prepared for you.
News & Updates
It seems that security is still a sensible topic that continues to cover this beginning of 2017. Yet, we start this roundup with a good news, that according to the guys from Mozilla we now have more than 50% of page loads encrypted with HTTPS. Google has also offered some similar statistics on its latest Transparency Report, confirming that the secure browsing is growing step by step.
HTTPS is important and our recommendation is to switch your site to this if you still haven’t done this move. Looking beyond the three layers of protection, such as encryption, data integrity, and authentication, it can have lots of positive impacts on ranking within Google’s search results.
Community News
If we keep the security topic around, at the beginning of February BlogVault, the real-time backup and migration service that runs a WordPress plugin had an important issue.
They suffered a security breach that exposed important data and some of their customer sites were accessed without authorization. Fortunately, BlogVault communicated quickly with their customers to remove the malware from their site and secure data.
WordPress Updates
The new WordPress Plugin Directory went live on March 28th fully powered by WordPress, instead of bbPress. It passed almost a year since the team of contributors has started working on the project and we’ve seen its journey from prototype to open beta. The new Plugin Directory.
Though the new design of the landing page looks more fresh and clean and has a more prominent search bar displayed on top of the landing page, the changes were received with mixed feelings by WordPress users because it’s not really clear who will benefit more from them.
There is a long discussion around this topic and it’s pointless to cover them all, here. That’s why I recommend you two interesting readings:
- The New Plugin Repository: Just a Beginning, from Torque
- WordPress Plugin Redesign: Why So Many People Feel Their Feedback Was Ignored, via WP Tavern
Also, we would like to know your take on the new repo’s interface, below in the comments section.
Google launched Invisible reCaptcha for WordPress and this is the first plugin implemented with the new API, that was launched back in December 2016. With this plugin, you can now enable the protection on WordPress login and registration forms comment sections and forgot password forms. The plugin developed by Google is free on the WordPress.org Plugin Directory and it’s mission is to reduce the registration spam coming through WordPress forms.
WordPress 4.7.3
Around these two months, WordPress released the 4.7.3 version with Security and Maintenance updates, regarding issues, such as:
- A cross-site scripting (XSS) reported via media file metadata and another via taxonomy term names.
- An issue with control characters that can trick redirect URL validation.
- Unintended files that can be deleted by administrators using the plugin deletion functionality.
- A cross-site request (CSRF) in Press This leading to excessive use of server resources.
Along with the security issues, there are other 39 minor bugs that were also solved and which can be consulted on the official list of changes from WordPress.
Plugin News
Here I’m gonna go back a little bit to the WordPress Plugin Directory which had the Download Statistics disable for a short amount of time, the section being active only for developers.
Meanwhile, the statistics were unavailable for other users of WordPress, a new project was born by the guys from WP Artisan, namely wpstats.me that offers public data about the download statistics within WordPress Plugin Directory, based on the plugin’s slug. I took a sneak peak decided to test it out for our Profile Builder. Here is how it looks:
And, the good news about the new WordPress.org Plugin Directory is that “Statistics are back” for everyone. They are now available on the right sidebar, at the “Advanced View” section and have a more colorful and interactive interface.
Also, on the past month, a brand new plugin has been born, SkyePress, a Social Media Auto Post and Scheduler Plugin. This is a handy plugin for Social Media marketers and not only since everyone can schedule posts, pages and any custom post type within a WordPress site.
WordPress Events
WordCamp Miami
The 9th edition of WordCamp Miami took place between March 24 – 26 and was an edition with a pretty broad schedule, that included a JavaScript track, several AMA spots, a two-day kids camp and more than 800 attendees and 60+ international speakers. WordCamp Miami is one of the most well-organized WordPress event and it’s known for the quality of its sessions around the WordPress community.
Looking at the event with a broad overview, this was a must-attend event with many educational and networking opportunities, not to mention that it also have a special track dedicated to kids. The event started on Friday with three workshops: a BuddyCamp workshop, a Freelancer workshop, and a WP REST API workshop. You can get an overview of what happened there by following #wcmia hashtag on Twitter.
WPCampus
WPCampus is a place event filled with sessions and social events dedicated to the use of WordPress in Higher Education. They have announced the second edition of the event to take place between July 14 – 15 at Canisius College, in Buffalo, New York. For the ones that don’t know what is WPCampus, this is basically a biennial community gathering of students, educators with web professionals and people dedicated to WordPress in Higher Education.
Speaker submissions and the call for sponsors are open since the beginning of March, and the registration for participants will open soon. You can read more, on the official announcement on WPCampus website.
WordPress Global Translation Day Three
The team behind WordPress Polyglots has opened a call for volunteers, in order to organize the following edition of WordPress Global Translation Day that is planned to take place on September 30th, the same day as International Translation Day. These can contribute to various activities, from running communication (marketing) activities, handling graphic design, maintain the website and admin section, direct contact and outreach to potential organizers, ensure the live streaming of the content and also offer local events mentoring. More details are available on the Makers Section within WordPress.org.
WordPress business
At the end of the March, GoDaddy has announced the acquisition of the security company, Sucuri. Similar to the acquisition of ManageWP, both of the companies seems to inform that nothing will change for the existing customers of Sucuri, only in terms of improvements and that Sucuri will continue to work as an individual company, under GoDaddy’s umbrella.
The reactions to this news were again mixed, most of the positive ones on Twitter where people congratulated both Sucuri as a company and its founders (Tony Perez & Daniel Cid). Around the Facebook groups, the discussions were a bit longer and split between congratulation and fears that Sucuri’s service declining.
At the same time, I’ve prepared something to keep you motivated or maybe start your WordPress business right away. It’s the article we’ve published some weeks ago.
This one is dedicated to “The daily routine of 11 successful WordPress business owners“. They shared interesting insights on how they start their day, what drives their motivation and also the main preferences between coffee and tea.
WordPress Resources
Beginner’s Guides & WordPress Tutorials
Here I start this section with a great resource dedicated to The Three Core Concepts of WordPress Themes, from WPshout. As a quick roundup, they are The Template Hierarchy, The steps of processing posts with The Loop and The Topic of Adding Various Functionalities with functions.php that ensure a WordPress Theme to be up and running.
Other good ones are some tutorials from WPbeginner, Torque, WP Engine and some others:
- The JavaScript for WordPress Master Course – If you’re still thinking about Matt Mullenweg’s advice to “Learn JavaScript. Deeply.” this might me the right moment for you to improve your knowledge with a well structured and explained course. You’ll start from the ground of JavaScript with syntax, events, learn what JS frameworks and how they work, what is the WordPress API and get insights from real experts and projects.
- The Ultimate Guide to the WordPress REST API from TorqueMag and WP Engine – This is not a typical tutorial or article, it’s actually an ebook you can download from WP Engine website and which offers an in-depth overview of websites and applications developed with the WordPress REST API.
- How to Install a WordPress Child Theme – If you’ve been trying to figure out how to customize your site, this is a powerful resource where you get to know what is a child theme, how dependent is on its parent or framework and how you can use it to improve your website.
- How to Fix File and Folder Permissions Error in WordPress – In some cases, WordPress needs permissions to access your files and folders and incorrect ones can compromise the security of your site. Here comes this tutorial that tries to teach you how to fix this error and get your site up and running.
Another thing I would recommend up into this list is the interview with Aaron D. Campbell – the WordPress Security Team Lead. Among interesting insights about the activity behind the scene, Aaron shares some important lessons he learned and how would he apply them to future challenges. The interview is available, with the WPWeekly Episode 267.
Marketing Tips & Tricks
- How to Merge Two WordPress Sites Together Without Losing SEO – For those ones that don’t know, WordPress comes with some really useful tools to use when merging together two websites and we found a pretty nice tutorial. This will show you how to export content from the old website, import it to the new one and set up proper redirects, without loosing SEO.
- 10 Actionable Marketing Tactics to grow a WordPress Product – As I could confirm recently, there are developers and technical business owners that are facing some difficulties while trying to market their products. So I wanted to figure out which are the most actionable and valuable experiments that you can run and have an impact on their business. Here is the article that I published some days ago, that features.
- How to Create a Physical Marketplace Like Etsy on WordPress – If you are thinking about opening a marketplace with WordPress, there is a tutorial published by the awesome team from CodeinWP, that explain step by step what you need to do and how to set it up.
We had some quite important events here and there, around the WordPress ecosystem, especially around the hot security topic.
Please let us know what you think or share anything else that we may have missed, below in the comments section.
Related Articles
5 Best WordPress User Management Plugins
By default, WordPress lets you add different types of users to your website. However, you might be looking for a more flexible way to manage the people who interact with your content. If this is the case, you can use a WordPress user management plugin to manage authors and contributors. With an efficient user management […]
Continue ReadingHow to Customize WordPress Emails with Profile Builder Pro
Discover how to customize your WordPress emails with the Profile Builder Pro plugin by Cozmoslabs
Continue ReadingHow to Eliminate WordPress Spam Registrations (Step-by-Step Guide)
Looking for a way to cut down on WordPress spam registrations? If your WordPress site is set to allow user registration (like a membership site or WooCommerce store), then it's probably vulnerable to user registration spam from spam-bots. Finding a way to eliminate, or at least reduce, WordPress spam registrations is important so that you can focus your efforts and resources on your real users. No matter what type of site you're running, there are some tried-and-true tactics that you can apply to stop spam registrations in their tracks, and they're all available in one single plugin.
Continue Reading