There were two interesting months within the WordPress ecosystem with events that are here to impact the course and development of the platform. We saw WordPress getting important security updates and a brand new design for the plugin repository and also witnessed to a significant acquisition.
With this being said, let’s dive into the summary of news, that I prepared for you.
News & Updates
It seems that security is still a sensible topic that continues to cover this beginning of 2017. Yet, we start this roundup with a good news, that according to the guys from Mozilla we now have more than 50% of page loads encrypted with HTTPS. Google has also offered some similar statistics on its latest Transparency Report, confirming that the secure browsing is growing step by step.
HTTPS is important and our recommendation is to switch your site to this if you still haven’t done this move. Looking beyond the three layers of protection, such as encryption, data integrity, and authentication, it can have lots of positive impacts on ranking within Google’s search results.
If we keep the security topic around, at the beginning of February BlogVault, the real-time backup and migration service that runs a WordPress plugin had an important issue.
They suffered a security breach that exposed important data and some of their customer sites were accessed without authorization. Fortunately, BlogVault communicated quickly with their customers to remove the malware from their site and secure data.
The new WordPress Plugin Directory went live on March 28th fully powered by WordPress, instead of bbPress. It passed almost a year since the team of contributors has started working on the project and we’ve seen its journey from prototype to open beta. The new Plugin Directory.
Though the new design of the landing page looks more fresh and clean and has a more prominent search bar displayed on top of the landing page, the changes were received with mixed feelings by WordPress users because it’s not really clear who will benefit more from them.
There is a long discussion around this topic and it’s pointless to cover them all, here. That’s why I recommend you two interesting readings:
Also, we would like to know your take on the new repo’s interface, below in the comments section.
Google launched Invisible reCaptcha for WordPress and this is the first plugin implemented with the new API, that was launched back in December 2016. With this plugin, you can now enable the protection on WordPress login and registration forms comment sections and forgot password forms. The plugin developed by Google is free on the WordPress.org Plugin Directory and it’s mission is to reduce the registration spam coming through WordPress forms.
Around these two months, WordPress released the 4.7.3 version with Security and Maintenance updates, regarding issues, such as:
- A cross-site scripting (XSS) reported via media file metadata and another via taxonomy term names.
- An issue with control characters that can trick redirect URL validation.
- Unintended files that can be deleted by administrators using the plugin deletion functionality.
- A cross-site request (CSRF) in Press This leading to excessive use of server resources.
Along with the security issues, there are other 39 minor bugs that were also solved and which can be consulted on the official list of changes from WordPress.
Here I’m gonna go back a little bit to the WordPress Plugin Directory which had the Download Statistics disable for a short amount of time, the section being active only for developers.
Meanwhile, the statistics were unavailable for other users of WordPress, a new project was born by the guys from WP Artisan, namely wpstats.me that offers public data about the download statistics within WordPress Plugin Directory, based on the plugin’s slug. I took a sneak peak decided to test it out for our Profile Builder. Here is how it looks:
And, the good news about the new WordPress.org Plugin Directory is that “Statistics are back” for everyone. They are now available on the right sidebar, at the “Advanced View” section and have a more colorful and interactive interface.
Also, on the past month, a brand new plugin has been born, SkyePress, a Social Media Auto Post and Scheduler Plugin. This is a handy plugin for Social Media marketers and not only since everyone can schedule posts, pages and any custom post type within a WordPress site.
Looking at the event with a broad overview, this was a must-attend event with many educational and networking opportunities, not to mention that it also have a special track dedicated to kids. The event started on Friday with three workshops: a BuddyCamp workshop, a Freelancer workshop, and a WP REST API workshop. You can get an overview of what happened there by following #wcmia hashtag on Twitter.
WPCampus is a place event filled with sessions and social events dedicated to the use of WordPress in Higher Education. They have announced the second edition of the event to take place between July 14 – 15 at Canisius College, in Buffalo, New York. For the ones that don’t know what is WPCampus, this is basically a biennial community gathering of students, educators with web professionals and people dedicated to WordPress in Higher Education.
Speaker submissions and the call for sponsors are open since the beginning of March, and the registration for participants will open soon. You can read more, on the official announcement on WPCampus website.
WordPress Global Translation Day Three
The team behind WordPress Polyglots has opened a call for volunteers, in order to organize the following edition of WordPress Global Translation Day that is planned to take place on September 30th, the same day as International Translation Day. These can contribute to various activities, from running communication (marketing) activities, handling graphic design, maintain the website and admin section, direct contact and outreach to potential organizers, ensure the live streaming of the content and also offer local events mentoring. More details are available on the Makers Section within WordPress.org.
At the end of the March, GoDaddy has announced the acquisition of the security company, Sucuri. Similar to the acquisition of ManageWP, both of the companies seems to inform that nothing will change for the existing customers of Sucuri, only in terms of improvements and that Sucuri will continue to work as an individual company, under GoDaddy’s umbrella.
The reactions to this news were again mixed, most of the positive ones on Twitter where people congratulated both Sucuri as a company and its founders (Tony Perez & Daniel Cid). Around the Facebook groups, the discussions were a bit longer and split between congratulation and fears that Sucuri’s service declining.
At the same time, I’ve prepared something to keep you motivated or maybe start your WordPress business right away. It’s the article we’ve published some weeks ago.
This one is dedicated to “The daily routine of 11 successful WordPress business owners“. They shared interesting insights on how they start their day, what drives their motivation and also the main preferences between coffee and tea.
Beginner’s Guides & WordPress Tutorials
Here I start this section with a great resource dedicated to The Three Core Concepts of WordPress Themes, from WPshout. As a quick roundup, they are The Template Hierarchy, The steps of processing posts with The Loop and The Topic of Adding Various Functionalities with functions.php that ensure a WordPress Theme to be up and running.
Other good ones are some tutorials from WPbeginner, Torque, WP Engine and some others:
- The Ultimate Guide to the WordPress REST API from TorqueMag and WP Engine – This is not a typical tutorial or article, it’s actually an ebook you can download from WP Engine website and which offers an in-depth overview of websites and applications developed with the WordPress REST API.
- How to Install a WordPress Child Theme – If you’ve been trying to figure out how to customize your site, this is a powerful resource where you get to know what is a child theme, how dependent is on its parent or framework and how you can use it to improve your website.
- How to Fix File and Folder Permissions Error in WordPress – In some cases, WordPress needs permissions to access your files and folders and incorrect ones can compromise the security of your site. Here comes this tutorial that tries to teach you how to fix this error and get your site up and running.
Another thing I would recommend up into this list is the interview with Aaron D. Campbell – the WordPress Security Team Lead. Among interesting insights about the activity behind the scene, Aaron shares some important lessons he learned and how would he apply them to future challenges. The interview is available, with the WPWeekly Episode 267.
Marketing Tips & Tricks
- How to Merge Two WordPress Sites Together Without Losing SEO – For those ones that don’t know, WordPress comes with some really useful tools to use when merging together two websites and we found a pretty nice tutorial. This will show you how to export content from the old website, import it to the new one and set up proper redirects, without loosing SEO.
- 10 Actionable Marketing Tactics to grow a WordPress Product – As I could confirm recently, there are developers and technical business owners that are facing some difficulties while trying to market their products. So I wanted to figure out which are the most actionable and valuable experiments that you can run and have an impact on their business. Here is the article that I published some days ago, that features.
- How to Create a Physical Marketplace Like Etsy on WordPress – If you are thinking about opening a marketplace with WordPress, there is a tutorial published by the awesome team from CodeinWP, that explain step by step what you need to do and how to set it up.
We had some quite important events here and there, around the WordPress ecosystem, especially around the hot security topic.
Please let us know what you think or share anything else that we may have missed, below in the comments section.
Subscribe to get early access
to new plugins, discounts and brief updates about what’s new with Cozmoslabs!