Posts

The Weekly round up of news, tips, and information to help you create the best possible WordPress website. This is a weekly round up of WordPress news I have accumulated from across the web some old some new but always interesting. The new relates to WordPress and sometimes other areas of the web. It often has a focus on security and more.

Round up of WordPress News and Tips October 2, 2017

The Weekly round up of news, tips, and information to help you create the best possible WordPress website. This is a weekly round up of WordPress news I have accumulated from across the web some old some new but always interesting. The new relates to WordPress and sometimes other areas of the web. It often has a focus on security and more.The Weekly round up of news, tips, and information to help you create the best possible WordPress website.

This is a weekly round up of WordPress news I have accumulated from across the web some old some new but always interesting. The new relates to WordPress and sometimes other areas of the web. It often has a focus on security and more.

We try to have news here that is not only important to help you with your website as well as new from the #wpdrama scene and more to share.

Some of the news here will be of interesting links to not only articles but training materials and other sources I can find online that will help you create a better WordPress website.

 


This week we have the following news for you.

How to Use Domain Mapping When You’re Not Running Multisite

https://premium.wpmudev.org/blog/domain-mapping-without-multisite/Our Domain Mapping plugin makes mapping domains super easy in Multisite. It lets you create as many sites as you want in one WordPress installation and then make them all behave as if they’re separate sites echo on their own domain.

But sometimes you want to map a domain when you’re not running Multisite. You’ve created a site in its own WordPress installation somewhere on your server, maybe in a subdirectory, but you want to direct a domain name to it and have that show up in the browser instead of your own domain with the subfolder or subdomain showing up. Read original article here…. premium.wpmudev.org

How to Track Post Changes by Adding a History Feature to WordPress

https://www.elegantthemes.com/blog/tips-tricks/how-to-track-post-changes-by-adding-a-history-feature-to-wordpress?utm_source=Elegant+Themes&utm_campaign=b5104ca772-WordPress_Daily&utm_medium=email&utm_term=0_c886a2fc0a-b5104ca772-51249745If you’re running a website with multiple contributors, it can be hard to track post changes in WordPress itself. This can become a problem if you’re trying to identify the source of an error, or keep tabs on your writers’ activity.

Finding a way to track post changes in WordPress enables you to keep logs of practically all of the activity for your posts and pages. For this article, we’ll talk about why this functionality can help you and how to implement it in three simple steps. Let’s get to it! Read original article here…. elegantthemes.com

How to Run a Contest with WordPress (and Plugins to Help You Do It)

https://premium.wpmudev.org/blog/contest-plugins-wordpress/About a month ago, a woman named Mavis Wanczyk won a monster Powerball payout of $758.7 million. Wanczyk wasn’t the only winner that night either. In a store nearby, someone else bought a ticket worth $1 million. There were also other winners from this single Powerball play—9.4 million people (or, rather, tickets) to be exact.

Now, if that isn’t proof enough of how much people love entering contests in the hopes of winning something (no matter what sort of odds are stacked against them), I don’t know what is. Read original article here…. premium.wpmudev.org

Handling Form Submissions in WordPress with Admin-Post and Admin-Ajax

https://premium.wpmudev.org/blog/handling-form-submissions/WordPress provides incredible support for you to work with form submissions in your application. Whether you add a form in the admin or public facing areas, the built-in mechanism with the admin-post and admin-ajax scripts will allow you to handle your form requests efficiently.

In this article, I’ll show you how to handle custom form submissions using the WordPress API. I’ll walk you through the process of adding a custom form in the admin area of a plugin, handle the form submission via an HTML as well as an AJAX request, and write the form handler in PHP to validate, sanitize and process the form input. Read original article here…. premium.wpmudev.org

20 of Google’s limits you may not know exist

http://searchengineland.com/20-googles-limits-may-not-know-exist-281387Google has a lot of different tools, and while they handle massive amounts of data, even Google has its limits. Here are some of the limits you may eventually run into.

Many of the data reports within Google Search Console are limited to 1,000 rows in the interface, but you can usually download more. That’s not true of all of the reports, however (like the HTML improvements section, which doesn’t seem to have that limit).

The limit for the number submitted is higher, but you will only be shown 200. Each of those could be an index file as well, which seems to have a display limit of 400 site maps in each. You could technically add each page of a website in its own site map file and bundle those into site map index files and be able to see the individual indexation of 80,000 pages in each property… not that I recommend this. Read original article here…. searchengineland.com

 

 


This week we have the following Security News for you.

Malicious plugin installed backdoor on 200,000 WordPress websites

https://www.scmagazine.com/malicious-plugin-installed-backdoor-on-200000-wordpress-websites/article/688878/A very persistent malicious actor added a backdoor to a WordPress plugin called Display Widgets that installed backdoors on possibly 200,000 websites since June 21.

The hacker used the open-source Display Widgets plugin, which lets users control how their WordPress plugins appear on their sites, as the delivery mechanism for the backdoor. Although the number of potentially infected sites is large, what is almost as impressive is the hacker’s persistence. The infected plugin was repeatedly removed from the site by WordPress.org between June 22 and September 8 with the hacker dutifully replaced it.

It was finally removed for good on September 8. Read original article here…. scmagazine.com

60 Abandoned WordPress Plugins

https://pressable.com/blog/2017/09/14/60-abandoned-wordpress-plugins/WordPress security threats are on the rise. In some cases, hackers can gain control over WordPress sites. Now, the question arises, how can you secure your WordPress sites?

A major cause of security breaches in WordPress sites is outdated plugins and themes. These elements of a site can be particularly vulnerable to exploitation, and hackers are well aware of this. If a plugin hasn’t been updated during the past 2 years, it is categorized as an abandoned, or outdated plugin. Moreover, it may pose compatibility issues with WordPress. Read original article here…. pressable.com

7 Signs Your WordPress Website Has Been Hacked

http://domainnamewire.com/2017/08/24/7-signs-your-wordpress-website-has-been-hacked/One of the reasons WordPress is so popular as a content management system is because of its airtight security (read: it’s rare ability to be hacked). But the truth is, 136,640 attacks are happening per minute to WordPress websites across the globe.

That’s a scary thought.

In fact, weak passwords, domain or hosting level breaches, insecure themes and plugins, and even an outdated WordPress core may cause your website to become more vulnerable than normal. Read original article here…. domainnamewire.com

 

 


And now for something older in the past article collections.

How to Beat Procrastination and Get More Done on Your WordPress Site

http://www.wpexplorer.com/beat-procrastination-wordpress/Everyone procrastinates now and then, but some people suffer much more than others. If you feel that procrastination is negatively affecting your productivity, then it is time to do something about it.

In this article we will look at why people procrastinate and what you can do about it. We discuss the importance of being clear on your goals and knowing your distractions and other weaknesses. We then consider productivity tips and tricks to help you maintain motivation and keep focused. Read original article here…. wpexplorer.com

How to Become a WordPress Professional in Your Free Time

https://premium.wpmudev.org/blog/become-wordpress-professional/Getting established as a WordPress pro isn’t easy. If you want to freelance or set up a WordPress business, you’ll need to build up a list of clients and establish a reputation for yourself. And if you’re looking for a WordPress job, you’ll need to demonstrate that you’ve got experience with WordPress and can work with it at a professional level.

But all this takes time learning and preparing, which you won’t get paid for. Unless you’re lucky enough to have an employer who’ll pay for you to learn WordPress (and give you paid time to do it), or who’ll help you learn marketing and business skills (working for a startup can be helpful), you’ll need to do it in your own time. Read original article here…. premium.wpmudev.org

The Complete Guide to the WordPress Theme Customizer

https://premium.wpmudev.org/blog/wordpress-theme-customizer-guide/WordPress 4.7 was released with a ton of great new features (which you can check out here), including some user experience and user interface upgrades to the theme Customizer.

In case you’re hearing about the Customizer for the first time, it’s a feature in the WordPress admin (go to Appearance > Customize) that allows users to tweak theme settings using a WYSIWYG interface and customize a theme’s colors, fonts, text, and pretty much anything else you want to change. Read original article here…. premium.wpmudev.org

6 Steps to Building a WordPress Maintenance Business

https://www.sitepoint.com/6-steps-to-building-a-wordpress-maintenance-business/Recurring revenue is the Shangri-La for business owners. Rather than scrapping and fighting and hunting for new clients, you have the same clients coming to you again, providing you with a steady stream of income. It takes away the stress of having to dig up new streams of revenue and allows you to start planning ahead.

But if you’re a WordPress designer or developer, you may be a bit perplexed about this whole “recurring revenue” thing. You make your money when clients need something new, like a website refresh for a site that looks like it was designed when MySpace was hot. You essentially have to wait for them to decide they want to change things. The whole idea of regular income feels like a mystery. Read original article here…. sitepoint.com

Tom McFarlin to Launch Marketplace for Blogging Plugins, Finds New Maintainer for WordPress.org Plugins

https://wptavern.com/tom-mcfarlin-to-launch-marketplace-for-blogging-plugins-finds-new-maintainer-for-wordpress-org-plugins?utm_source=The+WhiP+by+WPMU+DEV&utm_campaign=dae7d0771e-The_WhiP_Lifes_Plug_It_In_Plug_It_In+_01_13_17&utm_medium=email&utm_term=0_74fb43fd55-dae7d0771e-102893693Daily blogger and plugin author Tom McFarlin has found a new maintainer for five of his WordPress.org plugins. Within two days of putting the plugins up for adoption, McFarlin announced that Philip Arthur Moore will be taking over Category Sticky Post, Comment Tweets, Single Post Message, Tag Sticky Post, and Tipsy Social Icons. Moore, who is currently working as CTO at Professional Themes, has inherited roughly 10,000 users overnight in the transfer of maintainership.

WordPress.org plugin adoption stories are few and far between. The most common scenario for an orphaned plugin is to languish in the directory until it disappears from search results (with the exception of exact matches) after two years of no updates. In McFarlin’s case, he was looking to tie up some loose ends before shifting Pressware’s focus to launching Blogging Plugins, a marketplace for extensions that streamline WordPress for regular bloggers. Read original article here…. wptavern.com

 

Well that’s a wrap for this week more next week from WP Plugins A to Z.

 

It's Episode 322 and we've got plugins for Advanced Search Forms, WordPress Security, Social Hashtag Display, Clickbank and Script Placement. It's all coming up on WordPress Plugins A-Z!

Transcript of Episode 322 WP Plugins A to Z

It's Episode 322 and we've got plugins for Advanced Search Forms, WordPress Security, Social Hashtag Display, Clickbank and Script Placement. It's all coming up on WordPress Plugins A-Z!All transcripts start from the point in the show where we head off into the meat and potatoes. They are the complete verbatim of Marcus and John’s discussion of the weekly plugins we have reviewed.

WordPress Plugins A to Z Podcast and Transcript for See complete show notes for Episode #322 here.


It’s Episode 322 and we’ve got plugins for Social Sharing, Top 10 Posts and a Thumbs Up/Down button. It’s all coming up on WordPress Plugins A-Z!


Episode #322

Marcus:           It’s Episode 322 and we’ve got plugins for advanced search forms, WordPress security, social hashtag display, click bank, and script placement. It’s all coming up next on WordPress Plugins A to Z.

[Intro]

WordPress, it’s the most popular content management and website solution on the internet. And with over 30,000 plugins to choose from, how do you separate the junk from the gems? Join John Overall and Marcus Couch for this weekly unrehearsed conversation about the latest and greatest in WordPress plugins. This is WordPress Plugins A to Z.

John:                Good morning, good afternoon, or good evening, wherever you happen to be hiding out there on the globe today. Coming to you direct from the Brewery Overlook in beautiful British Columbia Victoria, I am John Overall.

Marcus:           And from the beachside barrio in Laguna Beach, California, I’m Marcus Couch.

John:                And we are here after the wonderful eclipse and of course, let’s get started right off the top. Don’t forget, you can get all the show notes over at wppluginsatoz.com and make sure you drop in and subscribe to the show and review us over at Stitcher Radio, Google Play, and the iTunes store.

Marcus:           That’s right, and also remember, you can follow us on Twitter at @wppluginsatoz.

John:                And also check us out live with our screencast, training videos, and you can subscribe to us on YouTube. So we’re going to get right into everything as our new format is displayed and today we have our usual allotment of six great plugins. The one ding that says we’re off into the meat and potatoes for the whole show.

[Plugins lead-in music]

And starting us off today, I have in the meat the following plugin I discovered from GoDaddy. This one here I came across while I was looking for other plugins and at the back of my mind for a while, I’ve been wanting to do something. The plugin is called the GoDaddy Reseller Store. I’ve been a GoDaddy reseller for many years now and I have a few clients there, but I’ve always sort of avoided it because of the way their store works and manipulates, and it’s just a bit of a pain. I could never fully integrate it into my WordPress website.

But discovering this plugin that it looks like GoDaddy released about six or eight months ago, it doesn’t have a whole lot of users yet. It’s still sitting around only 600 installs, but I imagine that’ll start increasing soon. But what it does for you is if you’re a GoDaddy reseller, it integrates into your WordPress website, bringing in all of the products you sell in your GoDaddy reseller store, setting them up, configuring them, tweaking it so it looks like your website, so it’s well integrated into your website. So the benefits of this plugin here is you can use the advantage of WordPress to have the extra content you want to drag people in when they get to your website. They don’t have to bounce off your website to go buy the products until they’ve entered them in the cart and they go to purchase, and then it bounces them into the GoDaddy area.

But all in all, a pretty great plugin, one I’m going to be spending some time with over the next several months integrating it into my website I think as I pull in this stuff for my reseller program. But anyway, check it out: the GoDaddy Reseller Store plugin, and I gave it a 4-Dragon rating.

Marcus:           Beautiful. Yes, I also am a GoDaddy reseller, so that’s actually something that I’m going to check out, because I actually need to put some things like that on my personal site. All right, well John, I wanted to lead off with sort of a consolidation plugin. I love these kinds of plugins that actually replace three or four different plugins that I was using all at the same time on my site. In this instance, I’m using it for adding tracking scripts for inserting things like Google Tag Manager or Facebook conversion pixels, Instagram has another one, so does Snapchat – all the rest of them as far as integrating to track conversions.

Well, this plugin actually lets you put a space in for all of those different tag variants and it has custom places to put all your different tracking links, scripts, and CSS. The nice thing is it categorizes all of them so that you have a very easy way in which to find them. So just for ease of use alone and the fact that now I can get rid of two different plugins that I regularly use on my sites and use this one plugin instead, I rated this one a perfect 5 out of 5.

[Dragon roar]

John:                Yeah, that’s such a cool plugin and it looks to be very useful to combine up a lot of miscellaneous bits and pieces on your site.

Marcus:           Yeah, a lot of people forget about Google Tag Manager, which is actually a very important one to use on your site, and this enables you to do it. So check it out.

John:                All right!

Marcus:           Easy Tags.

John:                There you go! There’s the starting off of it and we’re going to jump into here – I don’t even know what it’s called, but that’s okay. If you’re having troubles with your WordPress website and you have development questions, well you can contact me, John Overall. And with 20 years’ experience online, eight of those years dealing specifically with WordPress, I can get you on your way, saving you time and money. Visit me and my website, JohnOverall.com. Call me, (818) 850-7729 or send an email to john@wppro.ca.

Marcus:           And for promotions this week, I want to talk about Smashing Magazine. If you are interested in writing about WordPress for Smashing Magazine, the largest online web publication on the internet, just go to marcuscouch.com/smashing, watch the video, fill out the form, and I’ll get back to you with all of the different rules, regulations, and how to get started. It’s not only a great way to get promotion about yourself in terms of WordPress and what you do in WordPress in the community, but you do get paid for it as well. So check it out: marcuscouch.com/smashing.

John:                Nice. And Smashing Magazine is doing quite well, I see, with the things you’re bringing forward in it.

Marcus:           Yeah, we’ve got a lot of different authors. I’ve probably recruited at least 30 or 40 different authors, hoping to get that up to about 60, and then we can get some regular content flowing. And hopefully, I’d like to get an article out every single day. That would be great and I could compete with things like WPTavern, Tork, and Post Status, and some of the other ones, s —

John:                Very cool.

Marcus:           — hopefully that’ll happen soon.

John:                So a question for you – you picked up – oh man, my brain is just skipping right off. Did you go to the podcast down there in L.A.?

Marcus:           I – well, yes and no. Yes, I picked up Dave Jackson from the airport and brought him to the event, and that’s as far as I got. [chuckling]

John:                So you didn’t check out the event then, eh?

Marcus:           No, no. I had to work, unfortunately.

John:                Ah, okay.

Marcus:           But I did see Dave Jackson, which was great.

John:                Yeah, yeah. I saw his email out today when he summarized the event, so it looked like it was quite the thing to go to.

Marcus:           Yeah.

John:                All right, well let’s move on here to our next plugin we’ve got – next set of plugins we’ve got for you. The next one I’ve got up here for you is a Clickbank Storefront for WordPress Plugin. I don’t know if you’ve ever used Clickbank. I’ve off and on used it over the years here and there. Every once in a while, I get these crazy urges to dive into affiliate marketing, and Clickbank is one of the most lucrative affiliate marketing programs out there. I’ve made – mm, not lots of money, but I’ve made bits and pieces of money from them.

But one of the things I’ve always noticed about Clickbank is it’s always a pain in the neck to promote their stuff. You have to copy, paste, bring it in, tweak it – everything else. And what’s been created here is the My CB Genie and it harnesses the power of WooCommerce and WordPress together to go out there, access the Clickbank catalogue, and via different categories or if you’re inclined, you can import the entire Clickbank catalogue to your website. It brings in all of the descriptions, all of the product images, tags in your own affiliate link code that are placed into the WooCommerce program.

It allows you to go in there and then tweak all of the descriptions to fit things that you would like to do with it. One of the nice things it does also is it’s got Cron Jobs built into it that allows it to go back and check the Clickbank catalogue from time to time to ensure that the products are still valid. And if it finds invalid products, it automatically removes them from your store for you, so you don’t have to keep track of what’s being dropped and added to the Clickbank catalogue. It seems like a pretty powerful plugin; one that I just sort of touched over briefly when I looked it up. But it’s one that I may explore when I have some free time to see if I can bring back some of that Clickbank stuff that I had once upon a time.

But if you are an affiliate marketer and looking at Clickbank, this is a plugin you might want to check out and see if it will function for you to enhance your affiliate marketing. Check it out: the ClickBank Storefront WordPress Plugin and I gave it a 4-Dragon rating.

Marcus:           Very nice! All right, the next one I’ve got is called – it’s a new security plugin – it’s actually called WP Security Coat and it’s a plugin for preventing your WordPress website from being hacked. It comes with a lot of different features for securing core functionality, preventing PHP and MySQL vulnerabilities, and also secure server stuff.

It does stuff like disallow the indexing of server files, it blocks all the fake bots, it blocks HTTP post methods from outdated versions, it can hide the WordPress version, XML RPC stuff is disabled, it disables login error messages as well, which actually that’s what hackers kind of use to keep hacking away at your password. It does a lot of REST API stuff, it stops suspicious query strings and foreign characters from preventing SQL injection hacks, and it seems like a really nice plugin. It’s not one of these that has a pro version or anything; it’s brand new. They just want you to try it out, give them feedback, and perhaps even contribute to the plugin. So I like it a lot – it’s called WP Security Coat and I rated it a 4 out of 5.

John:                Yeah, that’s a very nice looking plugin. So yeah, I would definitely give that one a checkout and I’ll give it a try on websites that I’m doing security updates on or security lockdowns on.

Marcus:           Yeah, and I didn’t notice any speed loss either, and that’s one of the big ones out there because thinks like WordFence sometimes do eat up a little bit of your system load resources —

John:                Yes.

Marcus:           — and this one didn’t seem to have any effect on it.

John:                Hmm…very nice. All right, there’s a security plugin so give it a checkout. Something to save you time and headaches.

Marcus:           Right.

John:                All right, well we’ve got some listener feedback this week from several different areas. But first off, we have a SpeakPipe and remember folks, if you want to appear here, leave us a question/comment, we like SpeakPipes. They’re very wonderful. You can go to our website, the bottom right corner, click the button for SpeakPipe, and record it either on your computer, your phone, your iPad – wherever you’ve got a microphone already ready to go – especially your phone. Really easy there.

So anyway, first off this week we got a comment from Frank Banker and it’s a question about a plugin, but we’ll let Frank it away. Off we go…

Hi, John. I am looking for a plugin to organize my blog posts. When someone goes to my blog page, I’d love to see perhaps a picture and a small blurb of every blog post, you know, based on these. Really enjoy the show. Thanks.

All right, well thanks a lot, Frank. And to answer that question, well, there’s hundreds of ways you can do it with plugins. There’s plugins that are pure widgets, there’s plugins that have shortcodes built into it. I picked one out and I’ve got it here for you. It’s called Recent Post Widget Extended and it’s one that will sort of help you with that. But mostly what I’d recommend is getting a theme that allows you to customize the blog post page, the archive pages, in a much simpler way. That’s mostly how I go about doing that these days. I don’t know – how about you, Marcus?

Marcus:           Yeah, that’s it. And, you know, depending on what theme you use, that’s basically a shortcode and then you can customize within the shortcode if something is going to have a post excerpt, the size of the thumbnail, and those kinds of things. So you can use a plugin or find a theme that actually does that natively, so you’ve got a lot of different options there.

John:                Lots of options. So thanks a lot for listening to the show, Frank, and we look forward to more comments.

Marcus:           Absolutely.

John:                All right, and we do have some comments from YouTube on the training videos that have been going up, and these are the most recent ones. These are a couple of comments on the Easy Appointments WordPress Plugin training video that I put up a few weeks ago. The first one comes from PhDNaturalMe and it was quite simple: “This has been so helpful. Thanks.”

Marcus:           Great!

John:                The second one comes from Simeone España and it said, “Great video, very helpful. Thank you.” So hey —

Marcus:           Cool!

John:                More and more people use the YouTube stuff. Please leave us comments there, ask questions. I’ve had a few people ask me questions there and I do my best to answer them. And so hey, start being interactive there if you’re getting into the YouTube videos.

Marcus:           Very nice.

John:                Okay, and we did have a contact letter today from Stephen. The letter is pretty long but I’m just going to hit a couple of key points of the letter. And one of the key things there first of course is: “Hi there, I love your podcast.” He’s from New Zealand. Currently, he’s traveling across the Continental Divide Trail and he downloaded all of our shows so he could play them out over a speaker to keep the bears away. Love him! I love that little bit there that we’re helping keep the bears away from him while he travels a 3,000-mile trail.

Marcus:           [chuckling]

John:                And anyway, he had a question about his website and about a specific type of plugin on his website. He’s looking for a costing estimator and this is something that was a bit beyond me with what you were asking here, but I will do a little research on it, Stephen, and see what I can come up with. Maybe you might have an idea, Marcus, if you do. But we will see what we can do.

Marcus:           Yeah, he wrote us a long letter and he likes to listen to the show while he’s walking like 25 miles a day, which is insane. But thank you very much for that.

John:                Yeah, and for all you listeners out there, the letter will be in the show notes, so if you want to take a look at it and help give us any ideas, we’d greatly appreciate that, too.

Marcus:           Absolutely. And that brings us up to our donations segment and this show is a value-for-value model, meaning that if you get any value out of the show, we ask that you give some value back. And in that, we would like to acknowledge all of those who’ve supported the show in the past week. All donations over $50 are read out on the show and their notes are published in the show notes. And for all those who came in below $50, they remain anonymous and we thank them very much.

This week’s donor is $50 from our regular, Jezweb Pty. Ltd., and Jeremy says, “Hi, John and Marcus. A collection of plugin reviews that you’d recommend as alternatives to the ones that WooCommerce sells could be handy for future episodes, particularly if they are good free alternatives that you like to use. Jezweb has used a number of the YITH plugins in recent years and they generally seemed to be quite well built, reliable, and supported and the subscription is not too steep. We recently completed newcastlestrippers.com.au, which helps people with topless waiters and entertainment for hen parties and buck parties,” I can only imagine, “and it’s a delicate balance to make a site like this safe for work and still fit with expectations and decently classy.”

Wow, John, on the video there…

John:                I just had to bring it up.

Marcus:           Yeah, it’s actually a really good site.

John:                It’s a really nice-looking site. It’s really quite safe for work but promotes what they have and what they allow in Australia.

Marcus:           Yes, and that’s pretty cool. I do not have much experience with the YITH plugins, Jeremy. I’m strictly a WooCommerce guy, just because I like the support and the fact that it’s, you know, kind of a native force within automatic since they’ve been acquired. So yeah, the price tag is a little steep on the WooCommerce stuff, but I have never had a problem with them.

John:                You know, I’ve used the YITH ones a few times and I rather liked them. I’ve also used free ones here and there with success on some, not success on others, and I’ve also pulled ones from Code Canyon. But we’ll see what we can do to pull in some as we run across them.

Marcus:           Absolutely.

John:                So thanks a lot, Jeremy – greatly appreciate it.

Marcus:           Yes.

John:                And of course a big thank you to those who came in under $50 and to those who have set up weekly subscriptions. The weekly subscriptions are really helpful and you can support the show by going to wppluginsatoz.com/donate where you can create a weekly subscription for as little as $2.50 a week. Hey, come on, support us for that. A little weekly subscription showing what you think of this show. And if more, there’s more options there and more options are coming for creating show subscriptions or for donating to the show.

Marcus:           Yep, absolutely and we do appreciate that. And with that, we will round out the plugins, John.

John:                Absolutely. All right, the final one I’ve got here today is a freemium/premium plugin — it’s a little of both. It was sent into us by Andrew Mark and it’s called Advanced Search Form Builder. This plugin here is a really nice advanced search for your WordPress website. It’s very fast, it’s very easy. What it does is it allows you to create a customized form that you can use to target specific search areas of your website.

One of the best examples they give in here is say you’ve got a real estate website and you want to build one of those customized forms for people to look for price range, rooms, bathrooms, etc., etc., etc. You can build it with this form plugin and then insert it via shortcode onto your post or page. Now, I experimented with it by just searching out the whole website. It is a very quick searching plugin and provides some nice stuff. The build is a little bit on the complicated side, I’ve found. Also, the free version only allows you to build one form; you’ve got to go up to their premium version to do that.

Now, a couple of problems I found with it, as soon as they notify you that, they give you a link where it says “upgrade,” but unfortunately, the upgrade link goes nowhere. So I actually had to do a little searching to find the link to Code Canyon where you can buy the plugin itself because they didn’t have that crystal clear. The original plugin you can get from WordPress.org but their upgrade, they don’t have a clear path to their upgrade for some strange reason.

At any rate, it’s a really great plugin. It will enhance your search functionality of your website and it’s one I’m going to experiment with for the WP Plugins A to Z show, because we really need a better search function there and I want to see what it can and can’t do for us. At any rate, check it out. It’s called Advanced Search Form Builder and I gave it a 4-Dragon rating.

Marcus:           Great! All right, to wrap up the plugins for this episode, I want to talk about Social Mentions. This is a new plugin that’s out there that what it does is you put in particular hashtags and it will search Twitter, Instagram, Google+, Flickr – all that – every 30 minutes using WP Cron. It comes with sort of predefined CSS classes for the output lists but you can style it yourself if you want to to match your theme and it’s pretty easy to set up. So it has a number of different API keys and things that you set up with each one of the services and then you can either have one particular page or just use a shortcode with Social Mentions and then the hashtag of whatever you want to use.

It will display the latest and greatest of all of the different images and things with that hashtag, so it’s pretty cool. A nice thing to set up; it gives people – I’d love to use this kind of in a sidebar. I think this would actually be kind of neat in a sidebar to show current new content and I rated this one a 4 out of 5.

John:                Yeah, that’s kind of cool. Yeah, you could use it to pull in current content and display it.

Marcus:           Mm-hmm, yep. Twitter stuff, Instagram, all that. That’s probably the big two that I would use.

John:                Also a great way to pull in whatever is happening for you on social media if you’ve got your own hashtag.

Marcus:           That’s correct.

John:                Which a lot of people do.

Marcus:           Right.

John:                Okay, well that’s a great one. All right, well we’ve got here a little bit of news to round out the show and we’re going to try a brief experiment to see if it works. I had a couple of news articles but I forgot to put them all in here. But we do have one news article which I think is semi-important to know a little bit about. It seems the core team at WordPress is exploring forcing upgrades for WordPress 3.7 to 3.8, and this is going to be an interesting experiment, I think.

They’re also considering forcing upgrades to 4.1 and this is one that’s kind of problematic to me in that one, it would be a good thing to force upgrades out there to clean up the mess of websites. But there are websites out there where they’re on a lower version of WordPress for compatibility issues or something else, but the sites are monitored by Webchecks, who have a reason for having a lower version, and this sort of thing could break their website so they need to make sure that there are no forced upgrades allowed in their code. But I don’t know, what do you think about this kind of thing – automatically doing that? Forcing the upgrades upon people whether they want them or not?

Marcus:           I think that they should shut down all the website of anything that’s not at least a year current and just say, “Hey, you need to upgrade this,” you know? Just put it on.

John:                It seems a little [inaudible] to me.

Marcus:           You’re gonna get hacked otherwise. I mean, that’s just —

John:                Maybe, but maybe not. It depends on what you’ve done to the site on your own, you know?

Marcus:           That’s true.

John:                Maybe you have a reason for it. That’s why it just seems a little Orwellian to me. I mean, I can see the benefits, but I also see the Orwellian issues with it when they start forcing things down your throat, even on new stuff that you don’t want, because this —

Marcus:           True!

John:                — one thing can lead to the other, unfortunately. So at any rate, make your own judgements. Hey, if you’ve got any feedback on that one, please give it to the Tavern. That’s where this article is from and let us know what you think. We’re always interested in that sort of thing, too.

Marcus:           That’s right.

John:                All right, so we’re gonna try a brief experiment here and this is something we sort of mentioned last show in that in closing out the show, we’re going to try an experiment here to install a brief impression of one of the plugins that Marcus has grabbed. I’m going to try and install and take a look at it. It’s the Easy Tags plugin.

Now, I’ve already set up some of the stuff, so it’s relatively straightforward to go to it and we’ll pop in here and bring that one back up – there we go. So we’re going to try and install it. Now, one of the things that I’m discovering here – oops – is I don’t know if you’re starting to see some of the issues when you’re looking for a new plugin in the background of WordPress, but I’m running into it more and more if you just put the title in, you can’t find the plugin sometimes in that great big list of the specific plugin you’re looking for. This is happening more and more and what I’m finding I have to do is actually add in the entire username of who created the plugin.

Marcus:           It’s reverting back to the way it used to be, where search was useless.

John:                Yeah, it’s reverting back to where the search was useless. I’ve had to go in there, like we went searching for Easy Tags there and it didn’t even show. We had to actually add the author’s name into it to get it up to show. All right, so nice and simple, straightforward. Let’s load it up, install it…activate it…and see what we get. Where does it take us? Where did it go? That’s always my big question: where did it go? Yeah, this is my sandbox where I have dozens of plugins but not all of them are turned on.

Okay, where did that plugin put its menu? Oh, Easy Tags. There it is. So using Easy Tags, straightforward. Analytics, Facebook Pixel, Photo Scripts – so all you have to do is go grab your tags and dump them in and you’re ready to go.

Marcus:           Mm-hmm.

John:                That’s sweet. Nice and easy, straightforward. Yeah, I like it. I concur with your rating. Great plugin.

Marcus:           Great.

John:                It looks like it could save some time and combine some of the things. I like the header CSS, because that’s quite useful versus the customizer CSS.

Marcus:           That’s nice.

John:                Sometimes you want something up in the head and you don’t want it in the customizer. All right, well there you go. There’s our little experiment. We’re gonna try that and see if we can refine that over time and add some more value to the show for everyone and let you judge for yourself. Give us feedback; we’d greatly appreciate it.

Marcus:           Yep.

John:                All right, so closing out this episode we’ve got plugins I covered: the GoDaddy Reseller Store plugin, which I gave a 4 to; the Clickbank Storefront plugin, which I gave a 4 to; and the Advanced Search Form Builder, which I gave a 4 to.

Marcus:           And I talked about Easy Tags, which gets a 5 out of 5; WP Security Coat, which gets a 4 out of 5; and Social Mentions, which gets a 4 out of 5.

John:                All right, and just some promotions out there to let everyone know, if you are in Canada looking for a trip, checkout the WordCamp Toronto, which is happening September 30 to October 1. There’s a link in the show notes to the website and it looks to be quite a nice WordCamp and it’s located in the center of the universe (or as Torontarians see it, anyway). But seriously, it looks to be a good time. Toronto is a nice city to visit. It’s one of the nicer cities in Canada – one of the bigger cities, anyway, and lots to do there aside from the WordCamp event. So if I had the money or I had the time, I would actually drop over there because it’s only one quick plane ride away.

Marcus:           Hmm…great!

John:                So check that out and also don’t forget to go check out our training videos which we have up on YouTube and links in the show notes to go to them. I’m going to have to create a short link to that one. I haven’t got to that one yet. And one little last bit of feedback from Jeremy about our new format, and Jeremy sent this out via Twitter which I did respond to but I did want to say thanks again and he had to say, “The new format seems fine. Keeps the pace up by chopping up the promos and the separate chunks throughout the podcast. Good choice for adjustment.” Thanks a lot, Jeremy. Appreciate it.

Okay, and that gives us up the usual reminders.

Marcus:           That’s right.

John:                Don’t forget, remember to support the show by going to wppluginsatoz.com/donate and all the show notes can be found at wppluginsatoz.com, and please stop in to the iTunes store, Stitcher Radio, Google Play – subscribe to the show there and please review us. It would be greatly appreciated. And also stop in at YouTube and watch our live screencast or come watch us live on YouTube every Monday at 10:00 a.m. when we’re doing the show and also check out our training videos we have there on YouTube. More and more are coming. There’s more coming this week.

Marcus:           All right. And contact info, John?

John:                They can reach me on my website at JohnOverall.com or send an email direct to john@wppro.ca.

Marcus:           And you can find me at my website, marcuscouch.com, on Twitter at @marcuscouch. Remember, if you’re interested in that Smashing Magazine thing, it’s marcuscouch.com/smashing, and remember to follow this show on Twitter at @wppluginsatoz.

John:               That’s all we’ve got for you now. Take care. Bye-bye.

[Outro]

Thanks for listening to the show. This show is copyright by JohnOverall.com. So until next time, have yourselves a good morning, good afternoon, or a good evening, wherever you happen to be out there on the globe today.

[Child giggling]

 

[End of Audio]

Unmasking Free Premium WordPress Plugins

 

Unmasking Free Premium WordPress Pluginshttp://xxxxsblog.sucuri.net/2014/03/unmasking-free-premium-wordpress-plugins.htmlWordPress has a large repository of free plugins (currently 30,000+) that can add almost any functionality to your blog. However, there is still a market for premium plugins. Premium plugins are especially popular when they help blogs make money: eCommerce, SEO, affiliate and customer management, and so on.

Such plugins may be really great and well worth their price, but not many webmasters are ready to pay for plugins, especially when they can find “free” or “nulled” versions of the same plugins on the Internet. All they need to do is search Google for [<plugin-name> free download].

Getting something valuable for free may sound great, however, in most cases, you won’t get what you expect. After all, you should ask yourself the question, why would someone spend their time to steal software, and then post it to various sites and forums where they can’t even count on any advertising revenue? Usually, the answer is that they expect to take advantage of the sites that install the software they post. How? By adding some undisclosed functionality to the stolen plugins like backdoors, ads, hidden links, and SPAM.

In this post, we’ll talk about “patched” malicious premium plugins. We’ll talk about what they do, how they work, and about websites that build their businesses around stolen WordPress themes and plugins. Read original article here…

CMS plugins are leaving the security door wide open

White hat hacker warns CMS plugins are leaving the security door wide open

 

White hat hacker warns CMS plugins are leaving the security door wide openhttp://xxxxswww.daniweb.com/web-development/news/485743/white-hat-hacker-warns-cms-plugins-are-leaving-the-security-door-wide-openReading between the lines, the truth of the matter is that the vast majority of holes in the CMS code base, whichever platform you look at, have been found and fixed over the years. Kolochenko actually reckons that 99% of exploitable vulnerabilities in core CMS code fall into this category. So, CMS usage is pretty safe now then? Well, yes, but not 100% so and admins are partly to blame here. Weak passwords and password reuse are right up there at the top of the insecurity tree, along with social engineering attacks against CMS administrators. The compromise crown has to be placed upon the head of XSS vulnerabilities in plugins, made effective because of both the previous weaknesses.