All transcripts start from the point in the show where we head off into the meat and potatoes. They are the complete verbatim of John and Amber’s discussion of this weeks plugins that have been reviewed.
WordPress Plugins A to Z Podcast and Transcript for See complete show notes for Episode #523 here.
It’s Episode 523 – We have plugins for WooCommerce Rewards, Creating Notes, Stop Fullscreen, Plugins checks, Moderate comments, Sales Funnels … and ClassicPress Options. It’s all coming up on WordPress Plugins A-Z!
Episode #523
John: All right, starting off, ClassicPress options. We do have an article from ClassicPress here if I can find it — and okay, I was told there was an article in the ClassicPress options area.
Amber: I thought there was.
John: I see the ClassicPress 1.3, so updates on the ClassicPress blog, must have plugin list, the ClassicPress repository — and that’s it. I do not see it. Maybe I’m just blind, but I guess I can’t show the article — because I didn’t go look at notes after I was told that I just sort of assumed it would be there. All right, we’ll come back to that later. Next week, we’ll bring that in. So other than that, we got the standard ClassicPress stuff.
All right, let’s talk a little bit about WordPress plugins. The first one I have for you this week is Disable WordPress Block Editor FullScreen Mode. Now, I know I’ve done this one once before, but I felt I needed to do it again, one, because I had to use it again recently — and I couldn’t remember what the name was. So I had to go through our show notes, and it was something like 20 episodes back. So I had to go through our show notes to find this so that I could remember the name. And then, of course, when I went to install it into the site, I did a search for the exact plugin name, and it didn’t want to come up. I had to add the author’s name to it to get it to show up when I was searching for it in the repository. It’s almost like WordPress is hiding this plugin, Black Shadowbanning it or something. I don’t know. Anyway —
Amber: I think .
John: Well, it is everywhere. At any rate, this is a really great plugin. I know the guy who made it. He’s a local here in the Victoria area, I think. At any rate — and it’s a really great plugin because what it does is it shuts off that automatic setting in a brand new WordPress install, that the moment you go to a page to edit it, it pops it into full-screen mode. Now, some people like the full-screen mode. I can’t stand it because I need all the other information to help frame everything for me and I like to turn it off. And they’ve also made it very hard to turn off full-screen mode. You got to go find the little dot, dot, dot thing, you click that and then go down and finally turn off full-screen mode, and then it doesn’t always stay turned off to make it even worse. So, at any rate, this one here turns it off, stays turned off. It’s a great plugin, very simple. It’s free, keeps it turned off for you. Go check it out. Disable WordPress Block Editor FullScreen Mode, and I give it a five dragon rating.
Amber: I’m one of those people who need to have all the other information there as well. I don’t like the full screen. Why all of a sudden they’re going to try to get rid of — really to get rid of the ability to get rid of the full screen.
John: I don’t know, man. That should have been an option to turn on for people that actually want it because while most people just adjust to whatever is put in front of them, those of us that rebel automatically — just on instinct to automatically rebel.
Amber: Yeah, there’s a label for that now, the Odd syndrome oppositional defiance disorder.
John: Yes, oppositional defiance disorder. Yes, it’s being listed as a disorder now. I realize. It’s like that.
Amber: You’re odd.
John: I am odd, always have been odd, even before it had a term.
Amber: All right, so my first plugin today is Slippy. I was actually searching for a different plugin, but this name caught my eye. I just think it’s a fun name, makes me think of slipping slide waterslides. This plugin is designed to have the ability to take notes within WordPress in the style of slip box or Zettelkasten. I honestly don’t know what either of those is, but I’m sure someone out there who usually sees wishes they could do the same thing within WordPress, and now you can. Once you install it, it’s quite a nice little setup, just go to Slip Notes on the left-hand menu and add a note. It looks just like a typical WordPress layout kind of page for the note area, at least that’s how I saw it. And you can change the view from default to full, create categories, tags, and filters. So if you’re looking for easy note-taker for WordPress, check this one out. It’s also totally free. I rate it at five dragons.
John: Cool. It looks like it can be useful, looks like it even works — looks like in search up notes inside the post dashboard, so if there’s notes there for what dealing with things you might have forgot how to do, or could be a way to write up notes for your users to remember how to do things.
Amber: Hey, that’s an idea. .
John: It seems like there’s lots of good uses for that. All right, the next one I have for you here today is called Funnel Builder by CartFlows – Create High Converting Sales Funnels For WordPress.
Amber: .
John: Yeah, I know, I seem to be choosing really long names these days. At any rate, Funnels are when people come to your e-commerce website, you want to funnel them through to do certain things, and eventually, pay you money. And this is a funnel builder plugin. It’s a freemium version plugin, but the free version gives you a whole lot of tools that you can use to start building funnels. So when they hit a landing page, you funnel them down, and they eventually pay you money. And there are lots of things you can do. It starts with some templates. It works with your Page Builder, Elementor, Divi, Gutenberg, whatever. It’s been tested in many ways. It’s a really good tool. And there’s some out there that I’ve run into such as Salesforce and others, and those are very expensive tools to have each and every month if you’re not making any money off them. This one here, you can set up start using as the free version. Once you start making money, you can then move on to the premium version, and add in a few other items that are available for it. The premium version has several other things, and it’s got one-click upsells, down sells, quantity changes, and more in the premium version. On the whole, a really great plugin, but as it is a freemium plugin, we got to tick off one point for it because I haven’t tested the Pro version. So, at any rate, go check this out. It is the Funnel Builder by CartFlows – Create High Converting Sales Funnels For WordPress. And I give it a four-dragon rating.
Amber: That seems like it’d be really cool. I like it when plugins give you what you actually need in the free version.
John: Yeah, like they give you what’s just enough of what you need. There’s probably a couple of things you’d really really want that aren’t there, but it does give you enough to be able to do something with it to determine whether or not you want to fork over the money for the big one.
Amber: I’ve come across a few plugins now that — they tell you all these things they do, but they only give you like just a couple of the things you need in order to actually make the plugin useful for you in a free version –, everything — their list was actually in the premium, so I don’t like those ones.
John: Well, it’s a tough balance for the developers of freemium plugins to, like, how much do I give away so that I get them to come over and pay me money. If I give too much away, they won’t show up. If I don’t give enough away, they get a bad review, such as the one you just gave for whatever plugins.
Amber: The next plugin I have is Comment Moderation Role. This is a super easy plugin to use, fantastic for those who are just getting the hang of this. You plug it in, head on over to the users menu option, select your user, change their role to WPB Comment Moderator. That’s it. Unlike other content moderator plugins, this one does require you to have edit with realistic capabilities, and this way you can secure the rest of your site because when they log in, they’ll only be able to access the comments in order to moderate them.
John: Oh, that’s useful. I said that’s useful, keep talking.
Amber: There are filters available, and WPBeginner, which is the creator this plugin puts out the most common ones right there on the page on the info page. There is nothing to set up, nothing to do, except choose the correct role per user. And it seems like it’s totally free, no adverse or anything that I could see. It almost feels like a plugin that’s too good and too nice to be totally free, but it does seem like it’s totally free. So, definitely worth checking out. This is something that you’re looking for. I rate this at five dragons.
John: Absolutely, does sound like useful, I like that. Okay, I’m going to pause here on my — before I hit the last plug-in I’ve got just to deal with this comments are handy and made on the GDPR. This flows into the article we had. And his comment, “In theory, GDPR non-compliance can be used to shut down smaller web sites the EU doesn’t like, but since compliance isn’t that hard, why voluntarily put your neck on the chopping block. You got a couple more to follow up plus a lot of GDPR stuff or things you should be doing anyway really. And GDPR isn’t just for shops; it’s for any organization that collects personal data.” One of my sites is not a shop, but has a MailChimp signup and allows comments on posts, does need GDPR. Yes, you’re right in some aspects, but the problem is, is that the rules are so vague in GDPR like I spent a lot of time learning to comply with GDPR, and it was such a big hassle that it’s really easy to mess up. And they could come after you for any messes up. See these major corporations have made their best to attempt to do it, and then, they keep changing. They’ve changed the rules a couple of times from what I hear, and I haven’t paid that much attention to it because I still have it. It’s a lot more than just the cookie compliance, and it also boils down to, you know, if you do collect the data, you’ve got to be able to — you have to have them signed off. There’s a whole lot that goes into this. I’m just not going to go into it all. But yeah, it’s like, no, you don’t want to stick your head on a chopping block if you don’t have to, but the compliance on it isn’t always as easy and straightforward as they make it seem, at least not from everything I’ve encountered with it and seen on it. And it is for anybody that collects any type of information. In fact, set some points, even just showing up on a website means you have to — like if you got cookies on your website — it’s like you had the list off all third-party cookies that are on your website, too. And do you know how many third-party cookies there are on a WordPress website? It’s insane. So, at any rate, there’s a lot that goes into it.
So, at any rate, let’s pile on here to my last plugin for the day. And the last one I’ve got for you is Points and Rewards for WooCommerce plugin. This is a great way to gamify your e-commerce store, and gamification is a great way to help increase sales. It’s been proven over and over and time and time again, why do you think, you know, grocery store is not just for tracking they offer you points or membership cards or other things. It’s all about giving, making people feel rewarded while paying more for everything. And this is a really interesting thing that happens here with this one. It’s a great plugin, and what it allows you to do is set up a points and rewards system on your site where you can offer rewards for people showing up and signing up for referrals they send out, for sales that they buy, purchases that they make, and then you can set up to allow them to purchase or redeem those awards as discounts on products or for free products or for membership extensions, or anything along that line. So it is a great tool you could add to your WooCommerce website to help gamify your site and help increase sales and other things on your site. So if you’re looking to help something, maybe give it that little extra boost, go check this plugin out. It is a freemium plugin again, and so, but it does give you enough stuff so you can actually get going with it and do something useful. Go check it out. It is Points and Rewards for WooCommerce, and I give it a four-dragon rating. Are you back yet?
Amber: Yes, I’m back. Sorry.
John: I talked that out as long as I could.
Amber: You did good. Our mail lady stopped by to say hi. She’s a very loud individual.
John: Yeah.
Amber: I love talking with her. You can hear all the way across Street.
John: Yeah, well, so be it.
Amber: So the last one I have for today is Vendi Abandoned Plugin Check. I think that this is one that Hemdian mentioned in a previous show, but what this does is it reaches out to the wordpress.org servers as a background tap to figure out the last time the SVM was updated. There’s no interface, nothing to set up, just plug it in and let her rip. One downside though – it counts in days, which can kind of make a timeline of two months seem like a much bigger deal since you don’t read two months, you read 60 days. But once I plugged this in, within a few minutes, I had a ‘Christmas Tree’ all down my plugins page. There was plugins that were in red and green. Red is bad. It has been a very long time since the plugins SVM was updated by the author. Green is acceptable, seems to stay in green so long as the author has updated within the last, I think, 400 days.
John: No probably.
Amber: I was still on the green on a plugin with 348 days, but I was in the red with 460 days, so somewhere between 348 and 460 is where the cutoff used to be. Very useful for those who like to know when a plugin was last updated, and I think it might be a great yellow Canary kind of thing regarding plugin, but also older plugin doesn’t necessarily mean that the plugin is no good though. It could be a warning, maybe not, totally free, and I rate it at five dragons.
John: Absolutely. As Hemdian said, he learned of this from this show. It’s probably something I covered way-way back.
Amber: Okay, all right.
John: Yeah, it is a pretty old plugin, and I have used it so — yeah, and it is great and it does help you. It does help you instantly to see in your list, but you got to remember, as every time you go to a plugin to install it, you look at the details. Most people don’t look at the details too clearly, but there’s always a last updated date of the plugin right there at the top. And that’s one of the first things I look at now.
Amber: You know, the Christmas Tree writing is so much easier.
John: Yes, it is. People are very visual, and it makes it very easy for them to deal with it. All right, we don’t have any listener feedback. We’re waiting, folks, for listener feedback. I’m waiting for the same way that, you know, we’re waiting for a ship to come in, but at any rate, let’s wander along and dive into our contest.
John: Absolutely, thanks, Steve, Goodtime, Brant Matthews for that jingle. I really appreciate it. And our plugins are powered by the simple giveaways plugin. Those guys were kind enough to give us a premium version of the plugin to run. I did pay for it for a couple of years, but now they donate it to us, so it’s really great, much appreciated. A great plugin. If you want to run contests on your site, this plugin does a fantastic job of doing that. All right — and this is where I do like to thank Charlie for helping the show out, donating his time to the show, and getting our contest going. He’s the one that reaches out to the developers, gets us all these fantastic licenses that we give away. We give away some amazing licenses in these contests, folks. These licenses are oftentimes licenses you couldn’t even buy if you tried. Some of them have been lifetime Pro licenses et cetera.
At any rate, the one we’ve got this week here, we’ve got the Advanced Database Pro Cleaner or Database Cleaner Pro. This is a database cleaner plugin with the starter lifetime license, meaning, it’s good for one website, and it allows you to go in and clean up your website, and it’s got all the Pro features you need such as clean revisions, optimize your database, find Orphan tables and orphan options and get rid of all the crap in your database. Of course, before you use it, make sure you make a backup of your database. Always backup before you do anything that will change stuff, just in case it changes something you really want it or you hit the wrong button because you probably could do damage with this. Wait, no, you can’t do damage with this plugin. So, at any rate, it’s a great plugin. This is a really nice license, virtually everyone can use this. So go on over to wppluginsatoz.com/contest to enter the contest and win the starter lifetime license. The contest is going for one more week. We’ll be wrapping it up next week, and we may put a pause on the contest again for a little while. We’ve had several in a row now. I think we might want to put a pause on them for a little while. People are not participating as you should, get out there and participate. It takes just a moment. We’re trying to make it easier to find it. You can just go to the front page and there’s a big giveaway button that you can hit to take you directly to the contest. All right, so that’s all we have there and cover up another quick things here before we move into the Q&A segment. Plugins I covered in this show, Points and Rewards for WooCommerce, which I gave a four to, the Funnel Builder by CartFlows Create High Converting Sales Funnels For WordPress, which I gave a four to, and the Disable WordPress Block Editor Fullscreen Mode, which I gave a five to.
Amber: And I covered Slippy, which I rated at five, Comment Moderation Role, which I rated at five, and Vendi Abandoned Plugin Check, which I also rated at five.
John: All right. And reminders, there’s nothing really to talk to folks about, but if you’re not getting enough of Amber and I, come join us over on the tavern, come join us for talking shit at the Tavern, Tuesday evenings, eight o’clock, pacific time, over at the roguestavern.com/live. Know the YouTube channel to sign up for, just go and subscribe, folks. All right, it is time for us to pile into…
It’s question and answer time.
John: With Amber.
Amber: So if anyone out there has any questions that they’d like to have us ask on the show, send them in to me at amber@wppro.ca, and I will get them up here and answered to the best of our ability. My first question for you is how do you know when and how a site has been compromised?
John: That’s two questions.
Amber: Well, it’s one. I mean, it is one. It’s just two versions.
John: How do you know when a site is compromised? And how do you know how a site has been compromised? That’s two questions.
Amber: Yeah, that’s what I was — it can work as two questions, but it works as one question too because I say so.
John: Oh, okay. So how do you know when a site is compromised? Well, when it doesn’t work, that’s when you absolutely know. Sometimes they continue to work and they just are extremely slow. They’re just not running right, you hit stuff and it just it’s sort of oddball glitchy like something’s wrong, and that’s how you know generally. Because unless it’s a really good hack — and there are some good hacks that I’ve run into that you really don’t even know that it’s compromised until you do a scan on the site and find that has been compromised. And how a site has been compromised, that’s a whole another can of worms. It could have been a plugin. They could have found a flaw in the core files. They could have found a flaw in your server. They could have found a flaw in one of the websites that are adjacent to you. I mean, there are so many ways that they can compromise sites, but — and —
Amber: What are the different methods you can use to figure out how it’s been compromised?
John: Okay, one is after a couple of years of looking at the WordPress files, when you’re uploading and going through FTP, you get to know which files belong in the site. And one is to scan through the files and look for files that don’t belong. And a lot of times, the hackers are not overly creative. They create file names like abcdefj or some odd rambling, scrambled letters and numbers, and you go, okay, that doesn’t belong. And then when you look at the file, you find out, oh, that’s code that shouldn’t be there. So that’s one way. The other is through scans, and there’s lots of scanning plugins out there — or not plugins, well, they’re scanning plugins too like Wordfence is a pretty good scanning plugin that scans your site. There are sites that you can use to scan your sites like security scan and a few others that’ll come in and scan your site. There used to be a couple of really great tools online, but in the last six months, the guys who maintain those tools quit doing it and they’ve been taken offline, which is really sad, because I went to use them not too long ago for a site, and it’s like, oh, my God, this tool is gone. Oh, this sucks. That means I’m going to have to work a little harder than I did before. So there’s lots of methods out there for it, you know, the servers — my servers have scanners that run and monitor stuff. The biggest way that most of the time is done now is through scans, scanning through the system to see what’s there.
Amber: Hemdian said, “Using FTP, I found fake sites installed in the directory structure of my non-WordPress site.”
John: Yes, yes, that means they found a way to upload files to your site, and once they did that, they were able to just bypass you entirely.
Amber: Oh okay, I’m going to get spam. I sometimes trace back the links and find fake sites on other people’s sites and alert the owner via the, “Who is contact” though.
John: Yep, I’ve done that, too. I used to be very diligent about when I got the spam-like that, I would find out where — what website it was going to, and then I would notify the owner that their site has been compromised in case they didn’t know. It’s not as easy as it used to be for the hackers to get in and set up the fake sites and subdirectories and other directories on your WordPress website, but it still happens. It used to be a whole lot easier, but security has gotten better over the last few years, but of course, it’s just a nuclear arms race. Every time the hackers get good, the defenders get good, and then the hackers get better, and the defenders get better, and then the hackers get better. It’s an arms race that’s continuously one up. All right, you got two other questions. We’ll ask you to read out these other two questions, and we’ll split it right here.
Amber: All right. How much would you say a person has to know about cybersecurity in order to keep their site safe? And what would be the first thing you would suggest a person learn if they’re wanting to do upkeep on their own site?
John: All right, those are some very good questions, and we will answer those after this.
Reminders for the show: All the show notes can be found at wppluginsatoz.com, and while you’re there, subscribe to the newsletter for more useful information delivered directly to your inbox. WP Plugins A-Z is a show that offers honest and unbiased reviews of plugins created by developers because you support the show. Help keep the show honest and unbiased by going to wppluginsatoz.com/donate and set the donation level that fits your budget.
Help us make the show better for you by subscribing and reviewing the show at Stitcher Radio, Google Play, and in the iTunes Store. You can also leave us a review on our Facebook page using wppluginsatoz.com/facebook. You can also watch the show live on YouTube, check out the screencasts and training videos, and remember to subscribe and hit the bell to get notifications of all new videos. Follow the show on Twitter @wppluginsatoz.
John can also be reached at his website, JohnOverall.com, or email him directly at john@wppro.ca. Thanks for joining us and have a great day.
Thanks for listening to the show. This show is copyright by JohnOverall.com. So until next time, have yourselves a good morning, good afternoon, or a good evening, wherever you happen to be out there on the globe today.
←SEE LATEST EPISODE
Transcript of Episode 523 WP Plugins A to Z
All transcripts start from the point in the show where we head off into the meat and potatoes. They are the complete verbatim of John and Amber’s discussion of this weeks plugins that have been reviewed.
WordPress Plugins A to Z Podcast and Transcript for See complete show notes for Episode #523 here.
It’s Episode 523 – We have plugins for WooCommerce Rewards, Creating Notes, Stop Fullscreen, Plugins checks, Moderate comments, Sales Funnels … and ClassicPress Options. It’s all coming up on WordPress Plugins A-Z!
Episode #523
John: All right, starting off, ClassicPress options. We do have an article from ClassicPress here if I can find it — and okay, I was told there was an article in the ClassicPress options area.
Amber: I thought there was.
John: I see the ClassicPress 1.3, so updates on the ClassicPress blog, must have plugin list, the ClassicPress repository — and that’s it. I do not see it. Maybe I’m just blind, but I guess I can’t show the article — because I didn’t go look at notes after I was told that I just sort of assumed it would be there. All right, we’ll come back to that later. Next week, we’ll bring that in. So other than that, we got the standard ClassicPress stuff.
All right, let’s talk a little bit about WordPress plugins. The first one I have for you this week is Disable WordPress Block Editor FullScreen Mode. Now, I know I’ve done this one once before, but I felt I needed to do it again, one, because I had to use it again recently — and I couldn’t remember what the name was. So I had to go through our show notes, and it was something like 20 episodes back. So I had to go through our show notes to find this so that I could remember the name. And then, of course, when I went to install it into the site, I did a search for the exact plugin name, and it didn’t want to come up. I had to add the author’s name to it to get it to show up when I was searching for it in the repository. It’s almost like WordPress is hiding this plugin, Black Shadowbanning it or something. I don’t know. Anyway —
Amber: I think .
John: Well, it is everywhere. At any rate, this is a really great plugin. I know the guy who made it. He’s a local here in the Victoria area, I think. At any rate — and it’s a really great plugin because what it does is it shuts off that automatic setting in a brand new WordPress install, that the moment you go to a page to edit it, it pops it into full-screen mode. Now, some people like the full-screen mode. I can’t stand it because I need all the other information to help frame everything for me and I like to turn it off. And they’ve also made it very hard to turn off full-screen mode. You got to go find the little dot, dot, dot thing, you click that and then go down and finally turn off full-screen mode, and then it doesn’t always stay turned off to make it even worse. So, at any rate, this one here turns it off, stays turned off. It’s a great plugin, very simple. It’s free, keeps it turned off for you. Go check it out. Disable WordPress Block Editor FullScreen Mode, and I give it a five dragon rating.
Amber: I’m one of those people who need to have all the other information there as well. I don’t like the full screen. Why all of a sudden they’re going to try to get rid of — really to get rid of the ability to get rid of the full screen.
John: I don’t know, man. That should have been an option to turn on for people that actually want it because while most people just adjust to whatever is put in front of them, those of us that rebel automatically — just on instinct to automatically rebel.
Amber: Yeah, there’s a label for that now, the Odd syndrome oppositional defiance disorder.
John: Yes, oppositional defiance disorder. Yes, it’s being listed as a disorder now. I realize. It’s like that.
Amber: You’re odd.
John: I am odd, always have been odd, even before it had a term.
Amber: All right, so my first plugin today is Slippy. I was actually searching for a different plugin, but this name caught my eye. I just think it’s a fun name, makes me think of slipping slide waterslides. This plugin is designed to have the ability to take notes within WordPress in the style of slip box or Zettelkasten. I honestly don’t know what either of those is, but I’m sure someone out there who usually sees wishes they could do the same thing within WordPress, and now you can. Once you install it, it’s quite a nice little setup, just go to Slip Notes on the left-hand menu and add a note. It looks just like a typical WordPress layout kind of page for the note area, at least that’s how I saw it. And you can change the view from default to full, create categories, tags, and filters. So if you’re looking for easy note-taker for WordPress, check this one out. It’s also totally free. I rate it at five dragons.
John: Cool. It looks like it can be useful, looks like it even works — looks like in search up notes inside the post dashboard, so if there’s notes there for what dealing with things you might have forgot how to do, or could be a way to write up notes for your users to remember how to do things.
Amber: Hey, that’s an idea. .
John: It seems like there’s lots of good uses for that. All right, the next one I have for you here today is called Funnel Builder by CartFlows – Create High Converting Sales Funnels For WordPress.
Amber: .
John: Yeah, I know, I seem to be choosing really long names these days. At any rate, Funnels are when people come to your e-commerce website, you want to funnel them through to do certain things, and eventually, pay you money. And this is a funnel builder plugin. It’s a freemium version plugin, but the free version gives you a whole lot of tools that you can use to start building funnels. So when they hit a landing page, you funnel them down, and they eventually pay you money. And there are lots of things you can do. It starts with some templates. It works with your Page Builder, Elementor, Divi, Gutenberg, whatever. It’s been tested in many ways. It’s a really good tool. And there’s some out there that I’ve run into such as Salesforce and others, and those are very expensive tools to have each and every month if you’re not making any money off them. This one here, you can set up start using as the free version. Once you start making money, you can then move on to the premium version, and add in a few other items that are available for it. The premium version has several other things, and it’s got one-click upsells, down sells, quantity changes, and more in the premium version. On the whole, a really great plugin, but as it is a freemium plugin, we got to tick off one point for it because I haven’t tested the Pro version. So, at any rate, go check this out. It is the Funnel Builder by CartFlows – Create High Converting Sales Funnels For WordPress. And I give it a four-dragon rating.
Amber: That seems like it’d be really cool. I like it when plugins give you what you actually need in the free version.
John: Yeah, like they give you what’s just enough of what you need. There’s probably a couple of things you’d really really want that aren’t there, but it does give you enough to be able to do something with it to determine whether or not you want to fork over the money for the big one.
Amber: I’ve come across a few plugins now that — they tell you all these things they do, but they only give you like just a couple of the things you need in order to actually make the plugin useful for you in a free version –, everything — their list was actually in the premium, so I don’t like those ones.
John: Well, it’s a tough balance for the developers of freemium plugins to, like, how much do I give away so that I get them to come over and pay me money. If I give too much away, they won’t show up. If I don’t give enough away, they get a bad review, such as the one you just gave for whatever plugins.
Amber: The next plugin I have is Comment Moderation Role. This is a super easy plugin to use, fantastic for those who are just getting the hang of this. You plug it in, head on over to the users menu option, select your user, change their role to WPB Comment Moderator. That’s it. Unlike other content moderator plugins, this one does require you to have edit with realistic capabilities, and this way you can secure the rest of your site because when they log in, they’ll only be able to access the comments in order to moderate them.
John: Oh, that’s useful. I said that’s useful, keep talking.
Amber: There are filters available, and WPBeginner, which is the creator this plugin puts out the most common ones right there on the page on the info page. There is nothing to set up, nothing to do, except choose the correct role per user. And it seems like it’s totally free, no adverse or anything that I could see. It almost feels like a plugin that’s too good and too nice to be totally free, but it does seem like it’s totally free. So, definitely worth checking out. This is something that you’re looking for. I rate this at five dragons.
John: Absolutely, does sound like useful, I like that. Okay, I’m going to pause here on my — before I hit the last plug-in I’ve got just to deal with this comments are handy and made on the GDPR. This flows into the article we had. And his comment, “In theory, GDPR non-compliance can be used to shut down smaller web sites the EU doesn’t like, but since compliance isn’t that hard, why voluntarily put your neck on the chopping block. You got a couple more to follow up plus a lot of GDPR stuff or things you should be doing anyway really. And GDPR isn’t just for shops; it’s for any organization that collects personal data.” One of my sites is not a shop, but has a MailChimp signup and allows comments on posts, does need GDPR. Yes, you’re right in some aspects, but the problem is, is that the rules are so vague in GDPR like I spent a lot of time learning to comply with GDPR, and it was such a big hassle that it’s really easy to mess up. And they could come after you for any messes up. See these major corporations have made their best to attempt to do it, and then, they keep changing. They’ve changed the rules a couple of times from what I hear, and I haven’t paid that much attention to it because I still have it. It’s a lot more than just the cookie compliance, and it also boils down to, you know, if you do collect the data, you’ve got to be able to — you have to have them signed off. There’s a whole lot that goes into this. I’m just not going to go into it all. But yeah, it’s like, no, you don’t want to stick your head on a chopping block if you don’t have to, but the compliance on it isn’t always as easy and straightforward as they make it seem, at least not from everything I’ve encountered with it and seen on it. And it is for anybody that collects any type of information. In fact, set some points, even just showing up on a website means you have to — like if you got cookies on your website — it’s like you had the list off all third-party cookies that are on your website, too. And do you know how many third-party cookies there are on a WordPress website? It’s insane. So, at any rate, there’s a lot that goes into it.
So, at any rate, let’s pile on here to my last plugin for the day. And the last one I’ve got for you is Points and Rewards for WooCommerce plugin. This is a great way to gamify your e-commerce store, and gamification is a great way to help increase sales. It’s been proven over and over and time and time again, why do you think, you know, grocery store is not just for tracking they offer you points or membership cards or other things. It’s all about giving, making people feel rewarded while paying more for everything. And this is a really interesting thing that happens here with this one. It’s a great plugin, and what it allows you to do is set up a points and rewards system on your site where you can offer rewards for people showing up and signing up for referrals they send out, for sales that they buy, purchases that they make, and then you can set up to allow them to purchase or redeem those awards as discounts on products or for free products or for membership extensions, or anything along that line. So it is a great tool you could add to your WooCommerce website to help gamify your site and help increase sales and other things on your site. So if you’re looking to help something, maybe give it that little extra boost, go check this plugin out. It is a freemium plugin again, and so, but it does give you enough stuff so you can actually get going with it and do something useful. Go check it out. It is Points and Rewards for WooCommerce, and I give it a four-dragon rating. Are you back yet?
Amber: Yes, I’m back. Sorry.
John: I talked that out as long as I could.
Amber: You did good. Our mail lady stopped by to say hi. She’s a very loud individual.
John: Yeah.
Amber: I love talking with her. You can hear all the way across Street.
John: Yeah, well, so be it.
Amber: So the last one I have for today is Vendi Abandoned Plugin Check. I think that this is one that Hemdian mentioned in a previous show, but what this does is it reaches out to the wordpress.org servers as a background tap to figure out the last time the SVM was updated. There’s no interface, nothing to set up, just plug it in and let her rip. One downside though – it counts in days, which can kind of make a timeline of two months seem like a much bigger deal since you don’t read two months, you read 60 days. But once I plugged this in, within a few minutes, I had a ‘Christmas Tree’ all down my plugins page. There was plugins that were in red and green. Red is bad. It has been a very long time since the plugins SVM was updated by the author. Green is acceptable, seems to stay in green so long as the author has updated within the last, I think, 400 days.
John: No probably.
Amber: I was still on the green on a plugin with 348 days, but I was in the red with 460 days, so somewhere between 348 and 460 is where the cutoff used to be. Very useful for those who like to know when a plugin was last updated, and I think it might be a great yellow Canary kind of thing regarding plugin, but also older plugin doesn’t necessarily mean that the plugin is no good though. It could be a warning, maybe not, totally free, and I rate it at five dragons.
John: Absolutely. As Hemdian said, he learned of this from this show. It’s probably something I covered way-way back.
Amber: Okay, all right.
John: Yeah, it is a pretty old plugin, and I have used it so — yeah, and it is great and it does help you. It does help you instantly to see in your list, but you got to remember, as every time you go to a plugin to install it, you look at the details. Most people don’t look at the details too clearly, but there’s always a last updated date of the plugin right there at the top. And that’s one of the first things I look at now.
Amber: You know, the Christmas Tree writing is so much easier.
John: Yes, it is. People are very visual, and it makes it very easy for them to deal with it. All right, we don’t have any listener feedback. We’re waiting, folks, for listener feedback. I’m waiting for the same way that, you know, we’re waiting for a ship to come in, but at any rate, let’s wander along and dive into our contest.
John: Absolutely, thanks, Steve, Goodtime, Brant Matthews for that jingle. I really appreciate it. And our plugins are powered by the simple giveaways plugin. Those guys were kind enough to give us a premium version of the plugin to run. I did pay for it for a couple of years, but now they donate it to us, so it’s really great, much appreciated. A great plugin. If you want to run contests on your site, this plugin does a fantastic job of doing that. All right — and this is where I do like to thank Charlie for helping the show out, donating his time to the show, and getting our contest going. He’s the one that reaches out to the developers, gets us all these fantastic licenses that we give away. We give away some amazing licenses in these contests, folks. These licenses are oftentimes licenses you couldn’t even buy if you tried. Some of them have been lifetime Pro licenses et cetera.
At any rate, the one we’ve got this week here, we’ve got the Advanced Database Pro Cleaner or Database Cleaner Pro. This is a database cleaner plugin with the starter lifetime license, meaning, it’s good for one website, and it allows you to go in and clean up your website, and it’s got all the Pro features you need such as clean revisions, optimize your database, find Orphan tables and orphan options and get rid of all the crap in your database. Of course, before you use it, make sure you make a backup of your database. Always backup before you do anything that will change stuff, just in case it changes something you really want it or you hit the wrong button because you probably could do damage with this. Wait, no, you can’t do damage with this plugin. So, at any rate, it’s a great plugin. This is a really nice license, virtually everyone can use this. So go on over to wppluginsatoz.com/contest to enter the contest and win the starter lifetime license. The contest is going for one more week. We’ll be wrapping it up next week, and we may put a pause on the contest again for a little while. We’ve had several in a row now. I think we might want to put a pause on them for a little while. People are not participating as you should, get out there and participate. It takes just a moment. We’re trying to make it easier to find it. You can just go to the front page and there’s a big giveaway button that you can hit to take you directly to the contest. All right, so that’s all we have there and cover up another quick things here before we move into the Q&A segment. Plugins I covered in this show, Points and Rewards for WooCommerce, which I gave a four to, the Funnel Builder by CartFlows Create High Converting Sales Funnels For WordPress, which I gave a four to, and the Disable WordPress Block Editor Fullscreen Mode, which I gave a five to.
Amber: And I covered Slippy, which I rated at five, Comment Moderation Role, which I rated at five, and Vendi Abandoned Plugin Check, which I also rated at five.
John: All right. And reminders, there’s nothing really to talk to folks about, but if you’re not getting enough of Amber and I, come join us over on the tavern, come join us for talking shit at the Tavern, Tuesday evenings, eight o’clock, pacific time, over at the roguestavern.com/live. Know the YouTube channel to sign up for, just go and subscribe, folks. All right, it is time for us to pile into…
It’s question and answer time.
John: With Amber.
Amber: So if anyone out there has any questions that they’d like to have us ask on the show, send them in to me at amber@wppro.ca, and I will get them up here and answered to the best of our ability. My first question for you is how do you know when and how a site has been compromised?
John: That’s two questions.
Amber: Well, it’s one. I mean, it is one. It’s just two versions.
John: How do you know when a site is compromised? And how do you know how a site has been compromised? That’s two questions.
Amber: Yeah, that’s what I was — it can work as two questions, but it works as one question too because I say so.
John: Oh, okay. So how do you know when a site is compromised? Well, when it doesn’t work, that’s when you absolutely know. Sometimes they continue to work and they just are extremely slow. They’re just not running right, you hit stuff and it just it’s sort of oddball glitchy like something’s wrong, and that’s how you know generally. Because unless it’s a really good hack — and there are some good hacks that I’ve run into that you really don’t even know that it’s compromised until you do a scan on the site and find that has been compromised. And how a site has been compromised, that’s a whole another can of worms. It could have been a plugin. They could have found a flaw in the core files. They could have found a flaw in your server. They could have found a flaw in one of the websites that are adjacent to you. I mean, there are so many ways that they can compromise sites, but — and —
Amber: What are the different methods you can use to figure out how it’s been compromised?
John: Okay, one is after a couple of years of looking at the WordPress files, when you’re uploading and going through FTP, you get to know which files belong in the site. And one is to scan through the files and look for files that don’t belong. And a lot of times, the hackers are not overly creative. They create file names like abcdefj or some odd rambling, scrambled letters and numbers, and you go, okay, that doesn’t belong. And then when you look at the file, you find out, oh, that’s code that shouldn’t be there. So that’s one way. The other is through scans, and there’s lots of scanning plugins out there — or not plugins, well, they’re scanning plugins too like Wordfence is a pretty good scanning plugin that scans your site. There are sites that you can use to scan your sites like security scan and a few others that’ll come in and scan your site. There used to be a couple of really great tools online, but in the last six months, the guys who maintain those tools quit doing it and they’ve been taken offline, which is really sad, because I went to use them not too long ago for a site, and it’s like, oh, my God, this tool is gone. Oh, this sucks. That means I’m going to have to work a little harder than I did before. So there’s lots of methods out there for it, you know, the servers — my servers have scanners that run and monitor stuff. The biggest way that most of the time is done now is through scans, scanning through the system to see what’s there.
Amber: Hemdian said, “Using FTP, I found fake sites installed in the directory structure of my non-WordPress site.”
John: Yes, yes, that means they found a way to upload files to your site, and once they did that, they were able to just bypass you entirely.
Amber: Oh okay, I’m going to get spam. I sometimes trace back the links and find fake sites on other people’s sites and alert the owner via the, “Who is contact” though.
John: Yep, I’ve done that, too. I used to be very diligent about when I got the spam-like that, I would find out where — what website it was going to, and then I would notify the owner that their site has been compromised in case they didn’t know. It’s not as easy as it used to be for the hackers to get in and set up the fake sites and subdirectories and other directories on your WordPress website, but it still happens. It used to be a whole lot easier, but security has gotten better over the last few years, but of course, it’s just a nuclear arms race. Every time the hackers get good, the defenders get good, and then the hackers get better, and the defenders get better, and then the hackers get better. It’s an arms race that’s continuously one up. All right, you got two other questions. We’ll ask you to read out these other two questions, and we’ll split it right here.
Amber: All right. How much would you say a person has to know about cybersecurity in order to keep their site safe? And what would be the first thing you would suggest a person learn if they’re wanting to do upkeep on their own site?
John: All right, those are some very good questions, and we will answer those after this.
Reminders for the show: All the show notes can be found at wppluginsatoz.com, and while you’re there, subscribe to the newsletter for more useful information delivered directly to your inbox. WP Plugins A-Z is a show that offers honest and unbiased reviews of plugins created by developers because you support the show. Help keep the show honest and unbiased by going to wppluginsatoz.com/donate and set the donation level that fits your budget.
Help us make the show better for you by subscribing and reviewing the show at Stitcher Radio, Google Play, and in the iTunes Store. You can also leave us a review on our Facebook page using wppluginsatoz.com/facebook. You can also watch the show live on YouTube, check out the screencasts and training videos, and remember to subscribe and hit the bell to get notifications of all new videos. Follow the show on Twitter @wppluginsatoz.
John can also be reached at his website, JohnOverall.com, or email him directly at john@wppro.ca. Thanks for joining us and have a great day.
Thanks for listening to the show. This show is copyright by JohnOverall.com. So until next time, have yourselves a good morning, good afternoon, or a good evening, wherever you happen to be out there on the globe today.