The Weekly round up of news, tips, and information to help you create the best possible WordPress website. This is a weekly round up of WordPress news I have accumulated from across the web some old some new but always interesting. The new relates to WordPress and sometimes other areas of the web. It often has a focus on security and more.

Round up of WordPress News and Tips October 2, 2017

The Weekly round up of news, tips, and information to help you create the best possible WordPress website. This is a weekly round up of WordPress news I have accumulated from across the web some old some new but always interesting. The new relates to WordPress and sometimes other areas of the web. It often has a focus on security and more.The Weekly round up of news, tips, and information to help you create the best possible WordPress website.

This is a weekly round up of WordPress news I have accumulated from across the web some old some new but always interesting. The new relates to WordPress and sometimes other areas of the web. It often has a focus on security and more.

We try to have news here that is not only important to help you with your website as well as new from the #wpdrama scene and more to share.

Some of the news here will be of interesting links to not only articles but training materials and other sources I can find online that will help you create a better WordPress website.


This week we have the following news for you.

How to Use Domain Mapping When You’re Not Running Multisite Domain Mapping plugin makes mapping domains super easy in Multisite. It lets you create as many sites as you want in one WordPress installation and then make them all behave as if they’re separate sites echo on their own domain.

But sometimes you want to map a domain when you’re not running Multisite. You’ve created a site in its own WordPress installation somewhere on your server, maybe in a subdirectory, but you want to direct a domain name to it and have that show up in the browser instead of your own domain with the subfolder or subdomain showing up. Read original article here….

How to Track Post Changes by Adding a History Feature to WordPress you’re running a website with multiple contributors, it can be hard to track post changes in WordPress itself. This can become a problem if you’re trying to identify the source of an error, or keep tabs on your writers’ activity.

Finding a way to track post changes in WordPress enables you to keep logs of practically all of the activity for your posts and pages. For this article, we’ll talk about why this functionality can help you and how to implement it in three simple steps. Let’s get to it! Read original article here….

How to Run a Contest with WordPress (and Plugins to Help You Do It) a month ago, a woman named Mavis Wanczyk won a monster Powerball payout of $758.7 million. Wanczyk wasn’t the only winner that night either. In a store nearby, someone else bought a ticket worth $1 million. There were also other winners from this single Powerball play—9.4 million people (or, rather, tickets) to be exact.

Now, if that isn’t proof enough of how much people love entering contests in the hopes of winning something (no matter what sort of odds are stacked against them), I don’t know what is. Read original article here….

Handling Form Submissions in WordPress with Admin-Post and Admin-Ajax provides incredible support for you to work with form submissions in your application. Whether you add a form in the admin or public facing areas, the built-in mechanism with the admin-post and admin-ajax scripts will allow you to handle your form requests efficiently.

In this article, I’ll show you how to handle custom form submissions using the WordPress API. I’ll walk you through the process of adding a custom form in the admin area of a plugin, handle the form submission via an HTML as well as an AJAX request, and write the form handler in PHP to validate, sanitize and process the form input. Read original article here….

20 of Google’s limits you may not know exist has a lot of different tools, and while they handle massive amounts of data, even Google has its limits. Here are some of the limits you may eventually run into.

Many of the data reports within Google Search Console are limited to 1,000 rows in the interface, but you can usually download more. That’s not true of all of the reports, however (like the HTML improvements section, which doesn’t seem to have that limit).

The limit for the number submitted is higher, but you will only be shown 200. Each of those could be an index file as well, which seems to have a display limit of 400 site maps in each. You could technically add each page of a website in its own site map file and bundle those into site map index files and be able to see the individual indexation of 80,000 pages in each property… not that I recommend this. Read original article here….



This week we have the following Security News for you.

Malicious plugin installed backdoor on 200,000 WordPress websites very persistent malicious actor added a backdoor to a WordPress plugin called Display Widgets that installed backdoors on possibly 200,000 websites since June 21.

The hacker used the open-source Display Widgets plugin, which lets users control how their WordPress plugins appear on their sites, as the delivery mechanism for the backdoor. Although the number of potentially infected sites is large, what is almost as impressive is the hacker’s persistence. The infected plugin was repeatedly removed from the site by between June 22 and September 8 with the hacker dutifully replaced it.

It was finally removed for good on September 8. Read original article here….

60 Abandoned WordPress Plugins security threats are on the rise. In some cases, hackers can gain control over WordPress sites. Now, the question arises, how can you secure your WordPress sites?

A major cause of security breaches in WordPress sites is outdated plugins and themes. These elements of a site can be particularly vulnerable to exploitation, and hackers are well aware of this. If a plugin hasn’t been updated during the past 2 years, it is categorized as an abandoned, or outdated plugin. Moreover, it may pose compatibility issues with WordPress. Read original article here….

7 Signs Your WordPress Website Has Been Hacked of the reasons WordPress is so popular as a content management system is because of its airtight security (read: it’s rare ability to be hacked). But the truth is, 136,640 attacks are happening per minute to WordPress websites across the globe.

That’s a scary thought.

In fact, weak passwords, domain or hosting level breaches, insecure themes and plugins, and even an outdated WordPress core may cause your website to become more vulnerable than normal. Read original article here….



And now for something older in the past article collections.

How to Beat Procrastination and Get More Done on Your WordPress Site procrastinates now and then, but some people suffer much more than others. If you feel that procrastination is negatively affecting your productivity, then it is time to do something about it.

In this article we will look at why people procrastinate and what you can do about it. We discuss the importance of being clear on your goals and knowing your distractions and other weaknesses. We then consider productivity tips and tricks to help you maintain motivation and keep focused. Read original article here….

How to Become a WordPress Professional in Your Free Time established as a WordPress pro isn’t easy. If you want to freelance or set up a WordPress business, you’ll need to build up a list of clients and establish a reputation for yourself. And if you’re looking for a WordPress job, you’ll need to demonstrate that you’ve got experience with WordPress and can work with it at a professional level.

But all this takes time learning and preparing, which you won’t get paid for. Unless you’re lucky enough to have an employer who’ll pay for you to learn WordPress (and give you paid time to do it), or who’ll help you learn marketing and business skills (working for a startup can be helpful), you’ll need to do it in your own time. Read original article here….

The Complete Guide to the WordPress Theme Customizer 4.7 was released with a ton of great new features (which you can check out here), including some user experience and user interface upgrades to the theme Customizer.

In case you’re hearing about the Customizer for the first time, it’s a feature in the WordPress admin (go to Appearance > Customize) that allows users to tweak theme settings using a WYSIWYG interface and customize a theme’s colors, fonts, text, and pretty much anything else you want to change. Read original article here….

6 Steps to Building a WordPress Maintenance Business revenue is the Shangri-La for business owners. Rather than scrapping and fighting and hunting for new clients, you have the same clients coming to you again, providing you with a steady stream of income. It takes away the stress of having to dig up new streams of revenue and allows you to start planning ahead.

But if you’re a WordPress designer or developer, you may be a bit perplexed about this whole “recurring revenue” thing. You make your money when clients need something new, like a website refresh for a site that looks like it was designed when MySpace was hot. You essentially have to wait for them to decide they want to change things. The whole idea of regular income feels like a mystery. Read original article here….

Tom McFarlin to Launch Marketplace for Blogging Plugins, Finds New Maintainer for Plugins blogger and plugin author Tom McFarlin has found a new maintainer for five of his plugins. Within two days of putting the plugins up for adoption, McFarlin announced that Philip Arthur Moore will be taking over Category Sticky Post, Comment Tweets, Single Post Message, Tag Sticky Post, and Tipsy Social Icons. Moore, who is currently working as CTO at Professional Themes, has inherited roughly 10,000 users overnight in the transfer of maintainership. plugin adoption stories are few and far between. The most common scenario for an orphaned plugin is to languish in the directory until it disappears from search results (with the exception of exact matches) after two years of no updates. In McFarlin’s case, he was looking to tie up some loose ends before shifting Pressware’s focus to launching Blogging Plugins, a marketplace for extensions that streamline WordPress for regular bloggers. Read original article here….


Well that’s a wrap for this week more next week from WP Plugins A to Z.


Transcript of Episode 220

All transcripts start from the point in the show where we head off into the meat and potatoes. They are the complete verbatim of Marcus and John’s discussion of the weekly plugins we have reviewed.

WordPress Plugins A to Z Podcast and Transcript for See complete show notes for Episode #220 here.

It’s episode 220 and we’ve got plugins for Domain Mapping, Wholesale Pricing for WooCommerce, Enhanced Comments, auditing tools for plugins, Link Titles and a tool for managing plugins on MultiSite. It’s all coming up on WordPress Plugins A-Z!

Episode #220

John:                All right, in a continuation from last episode where I’ve been talking about my massive MultiSite project, this is another premium plugin called Domain Mapping.  It’s from and is a very nice plugin.  What it does for you, whereas the last time I talked about a plugin it was for adding multiple domains.  This one allows the users of your WordPress MultiSite to map their own personal domain onto the subdomain.  Much the same way if you use and you want to buy a domain, you can map it onto your subdomain there.

This is the exact same setup and it works very, very nicely.  The plugin sets up very simply; there’s just a few technical tricks you have to know about it, so not for the faint of heart of course, but it works beautiful.  If you’re digging into WordPress MultiSite and setting it up, once it’s set up, you set up the A record for it.  All the user has to do is once they have their domain — and they may have to set an A record at their registrar.  If they don’t know what that is, have them contact you or have them contact me.  I’ll be happy to set people set —

Marcus:           You mean just like the DNS record, right?

John:                Not necessarily the DNS record — the A record.

Marcus:           Okay.

John:                You can leave your DNS there and you can set up an A record pointing to the IP address of the server.

Marcus:           So is that something that like when you own the domain, you can do that pretty easily when you’re just a regular old user, like for GoDaddy or anything like that?

John:                Yeah, and GoDaddy.  GoDaddy has a DNS edit section where you can go edit it up.

Marcus:           Perfect.

John:                You can set the record.  It’s not that hard to do.  Once it’s done, they can pump that domain into their own account and map their domain MultiSite off of your site, into your domain and it works beautiful.  I had to give this one a perfect 5-Dragon rating.

Marcus:           Awesome!  So basically — and you just took some tech guy’s job away from him having to worry about this crap.

John:                Pretty much, yeah.

Marcus:           This is just exactly like what you would do if you were using a hosting account, except you’re just pointing it to whatever that WordPress installation is.

John:                Exactly, yes.

Marcus:           Yeah, cool.  All right, I like it, John — 5 Dragons.  Way to go right out of the gate like that.  Let’s see if I can do something to top that.

This one is called Plugin Auditor, and it records the details of which user installed and activated every plugin on your website, and leaves a little notes section to explain why they installed it — or for you to explain to yourself later why you installed it.  What do you think of that?

John:                I like that.  Very nice.

Marcus:           So it’s just an audit trail.  It’s really just a trail of who did this, when did they do it, and why did they do it.  Now let’s talk practical applications of this.  Let’s just say you’re leaving a client with a website and you’re pushing his boat off into the water, into the wild, and letting his company employees do things with it.

John:                Right.

Marcus:           Sometimes you come back and if you don’t disable plugin installation, you’ll find all kinds of little Easter eggs on that site.

John:                Tons, yes.

Marcus:           All kinds — you know, WeatherBug things all over it.  This is a nice way for you to at least figure out who put this stuff on here.  “All right, who did this?”  That’s really what this plugin is all about, so I rated it also a perfect 5 out of 5.

John:                Very nice.  Yeah, that’s always good if you’ve got multiple administrators to be able to figure out who’s doing what to the website.

Marcus:           Yes.

John:                All right, and in the continuing vein here of MultiSite, the next plugin here is called MultiSite Plugin Manager.  What this does — in WordPress MultiSite, you have the ability as the God mode administrator, you’re the only one that can add plugins to the entire network.  Once you’ve added those plugins to the entire network, you can determine with this plugin which users, which websites get to use those plugins or whether they can even see those plugins in their plugin folder.

This is a very nice plugin for controlling what gets turned on and off in the site.  It’s also useful for determining, say you have a client that is special and has a special needs plugin but you don’t want this plugin to be used anywhere else through your network, but you’re going to let this one user have it.  You can install the plugin, allow that plugin to that one user, and prevent everyone else in your network from seeing that it exists.

Marcus:           Wow!

John:                So it’s a very nice feature of WordPress MultiSite.  I found the plugin to be really nice.  The problem I ran into with it is it conflicted with another plugin I was using for [inaudible: management?] and other stuff.

Marcus:           Oh!

John:                And I didn’t want to spend the time determining how to solve the conflict and since this one was a lower priority than the other management plugin, I had to push this one to the side.  But it’s still a great plugin if you don’t end up with a conflict.  I did give it a 3-Dragon rating but it’s probably worthy of a 4 because of its usability.  So check it out:  MultiSite Plugin Manager — a great little plugin.

Marcus:           Well, it looks like it hasn’t even been updated for a year, as I look at it on the repository right now.

John:                Well, that could be a problem with it, too.

Marcus:           So maybe it might help to ping Aaron Edwards, the guy who made it.  Or just pop a review in there and say, “Look, this is an awesome plugin.  We reviewed it on the show, but here’s what happened.”  Maybe it’s a simple fix?  Maybe he can bump you up?

John:                It could be.

Marcus:           All right, well we’ll keep you updated, folks.  The next one is a WooCommerce plugin.  It seems more and more I’m working with WooCommerce projects.  This one is something that I came across that I actually had an immediate need for, which there was a company that they sell used equipment.  They want to be able to sell palates of the used equipment and they want to do it with a wholesale price.

That’s not something that you would typically want to put on a front-end site or a consumer just usually buys one quantity — maybe two at the most.

John:                Right.

Marcus:           You know, you don’t want to make it go up to 2,000 and then deal with all the repercussions that happen when somebody does that.  This allows you to have specific users — specific customers — that can log in and they will see wholesale pricing for their different product ranges that you designate that yes, wholesale pricing is available on this products.  You edit the products in WooCommerce and then you can say what the wholesale pricing happens to be.

So if you’ve got a client with a need for this, you are going to be the mayor of your town or at least your block, because this has been a long time coming with WooCommerce sites out there.  This is a selling point for all of you designers and developers out there.  Go out there and find somebody that has wholesale pricing and also sells direct to consumer and say, “Hey, does your website do that?  Because I can do that for you.”

John:                You bet.

Marcus:           I guarantee you you’ll get the gig.  It was just a little clunky to set up in the product area, so I deducted one point away from it.  But otherwise, I thought this is a really slam-dunk of a plugin and I rated it a 4 out of 5.

John:                Very nice.  All right, well the final one I’ve got here today is a premium plugin and another one from WPMU Dev.  You’ll probably hear quite a few from them because I took a membership out with them as they produce a lot of MultiSite plugins — their specialty.  This one is called Comments Plus, and this plugin takes advantage of your WPMU network and this plugin can be activated network wide, so that all sites are using this added functionality.

What it does is it adds the ability across the entire network to the comments section for visitors to the website to create their comments with Facebook, Twitter, Google +, or their accounts.  It’s very simple; you do have some work to do in the back end to set it up.  You’ve got to go set up a Twitter app, a Facebook app, and a couple of other connectivity issues.  Once you’re connected to all of that, it works quite nicely.

The nice thing about it is it helps encourage the visitors to your network to leave comments on peoples’ websites without all the added work of adding an email address and everything else.  They just click — most people are usually logged into their Facebook account wherever they go online.  They just hit Facebook, it logs them in, it gives them the information, and boom, they can leave their comment.

And if they want to share, it shares it right out to their Facebook wall or shares it right out to Twitter, or shares it to Google +.  It’s very nice in that aspect, too, so a very nice little plugin.  I started giving it a 3 rating, but I’m going to have to give it a 4 rating because it’s a halfway decent plugin.  So check it out: premium plugin Comments Plus.

Marcus:           Well that’s very nice.  I like that.  Well John, with the release of 4.2 — and subsequently 4.2.1 and 4.2.2 —

John:                And 2.3 is coming soon.

Marcus:           — and 2.3, yes.

John:                There’s actually a flaw that needs to be fixed.

Marcus:           Yeah, and 2.4 soon after that.  Anyway, do you know what they did?

John:                What did they do?

Marcus:           In 4.2.0 and on, they took away the title and then no follow for links.

John:                Oh!

Marcus:           When you add a new link?

John:                I didn’t even notice that.

Marcus:           Yeah, what’s with that?  I need my SEO there — or not.  Maybe I don’t want to follow that link and put an REL no follow tag in there.  Well, they used to have all that stuff.  It used to open a new window or something like that, but that was a REL no follow, so they took that away.

Well, this plugin called Title No Follow for Links puts it back in there.

John:                Puts it back in there, okay.

Marcus:           Yep, so short, sweet, simple: 4 out of 5.

John:                Very nice.

Marcus:           Lazy!

John:                I hadn’t even noticed they had done that with 4.2.  I’m glad somebody noticed it and took care of it.

Marcus:           Oh, I did.  I did — the SEO marketing guy, I’m going to know.  They still messed up the media library, too.

John:                Yeah?

Marcus:           I need to find a plugin that changes what you can do with the images and things in there.

John:                Oh, dear.  Okay, well they fixed the security holes.  Take away some functionality.  What can we say?

Marcus:           Yeah.

John:                Give and take.

Marcus:           My function is back.

John:                But the function is back; leave the security holes patched.  All right, well that covers up in this episode, I covered Domain Mapping, which I gave a 5 to; MultiSite Plugin Manager, which got a 4; and Comments Plus, which got a 4.

Marcus:           And I talked about Plugin Auditor, which I rated a 5 out of 5; WooCommerce Wholesale Prices — go look into that, WooCommerce people.  You’re going to like it and you can get some clients out of it.  I rated that one a 4 out of 5.  And we just talked about Title and No Follow for Links, with a 4 out of 5.


[End of Audio]