All transcripts start from the point in the show where we head off into the meat and potatoes. They are the complete verbatim of John and Amber’s discussion of this weeks plugins that have been reviewed.
WordPress Plugins A to Z Podcast and Transcript for See complete show notes for Episode #533 here.
It’s Episode 533 – Mars Pictures, Backend File Search, Better Links, Engineering Non-Comments, Halloween Boxing, CSSing….. and ClassicPress Options. It’s all coming up on WordPress Plugins A-Z!
Episode #533
John: Alright, so ClassicPress this week. I don’t have anything new ClassicPress that I’m aware of so, but just recognize that we still cover ClassicPress when we come across that stuff I’m not working in it. So that means I’m not researching it and I had to make a choice that’s really what it boiled down to. But if you do use ClassicPress, you know, someone who is using ClassicPress, and you want to hear some stuff here on the show, send it over to us and we will get it into the show.
As for WordPress plugins, we do have those and the first one I’ve got for you this week is BIOL – Beautify Links. This is kind of a cool plug in here and although it seems like it’s old, it’s not, it’s only a year old and one of the things it does for you is when you’re making your links in your website, linking to other pages or external source and stuff, usually get the one simple way of doing it on your site, which is to create the link and it just creates the link. Well, this here enhances that, you can create your new link and then with your new link, you can go in and you can add some starting text to it, add some text color, a background color or border color, link decoration on it. It makes a little box around your link and then what it does, it may add a little box in front of your link, you could add something like must read and then what the link is and then it just sort of enhances it, makes it stand out on the page a little bit. So it’s a really cool little tool you can add to enhancing the different links in your blog posts on your site, don’t have to use it on every link but hey, can be great on lots of different links. Some of you might want to check out if you’re linking off to important stuff that people want to see or use it for your internal links to other places in your site that you want people to catch and notify about. At any rate, I thought it was pretty great plugin. Go check it out, it’s called BIOL – Beautify Links, and I give it a five dragon rating.
Amber: That actually seems like a really good idea, yeah.
John: I thought so.
Amber: So the first one I’ve got is, I’m going to murder the name Wedepohl Engineering Disable Comments. So this was sent in to us by listener Martin Wedepohl. I think I’m getting his last name kind right?
John: Just go with Wedepohl.
Amber: Okay, Wedepohl, and I’m actually going to let him explain in his own words, I have a little plugin that removes comments and hides any of the admin page stuff to do with comments. I include this in any custom plugins I developed for other clients who don’t use comments, and that is most of them so they aren’t asking questions of why is there a comments link on the admin dashboard if you aren’t using comments, check it out at the link wordpress.org plugins, we disable comments and as with all my plugins, you will have to search for it using the link above or my name since I’m just not that popular.
John: We’re working on making him more popular.
Amber: We’re working on it, so I checked this out myself, I really liked it. I also like the fact that it’s just a plug’n’play. I didn’t let it go and it is efficient, easy, definitely worth checking out. I rate it at five dragons.
John: Cool. Yeah, go check it out. Martin makes some great plugins, we’ve reviewed one of his plugins a couple of times previously, so go check it out and use it, it can help you out, if you’re not using comments, great way to turn them off in one smooth shot. Alright, the next one I have up for you here is called WP Backend File Search & Editor Tweaks Lite. Yeah, this one here is one that allows you if you’re one of those people, like I don’t do it too often anymore, but I used to use the backend editors for WordPress for editing, code, or tweaks and plugins or in theme folders and such and this is a plugin that can dramatically help you with that and what it does is when you’re editing plugins or themes, or whatever, it puts a little search function right up there at the top for you that you can search for if you like you’re looking for a key phrase and of course, there’s dozens of files and let’s take a simple plugin, it might have a dozen, two dozen files in it and you’re looking for a phrase in those files and you just don’t know where it’s at. This plugin here actually searches through that and finds that information for you and opens the appropriate folder and file for you, so it’s kind of a cool tool for helping you enhance during the process of doing your developing on the site. Also, it’ll stick line numbers in there for your code so you know what line number you’re working on the code. The other thing it helps cure is that long extended line, it’ll tack in word wrap into the editor for you and word wrap is really useful and important when you’re editing code because there’s nothing worse than a single line of code running out to 800 characters to the right and you have to scroll back and forth to see everything it gets really hard to read, so this is a very useful tool, one that I thought was really useful for any one that’s still doing their own hacking and stuff in the backend. Go check it out, it’s called WP Backend File Search & Editor Tweaks Light and I give it a four dragon rating.
Amber: Very nice. Next one I have up is Halloween Box. This is a pretty fun little Halloween plugin, it’s still working well, it hasn’t been updated for a year. You plug it and all of your posts and pages receive a Halloween edition. It can make it a little hard to read your poster page with the pumpkins being added at the bottom like this, but it definitely looks cool and it also depends on like how long your post is, and what have you. Definitely worth checking out and if you already have a dark theme, the pumpkin just adds an awesome spooky feeling to everything, so definitely go and check this out. If you’re looking for some Halloween decoration for your site, I rate this at five dragons.
John: Cool. Next week, I’ll probably bring a ton of Halloween plugins just because there’s a bunch of them and I haven’t done them in a while. Alright, the final one I’ve got here for you is Curiosity POTD or Photo of the Day. If you’d like knowing about Mars, you know, wants to know with the latest Mars, pick the Mars rover picture is and you’d like to display them up on your website. This is just a simple fun plugin, little widget that you add in, you can use their default demo key or you can go to NASA and get your own API key that you enter in here and then once you get that all entered in there, every day, when the new curiosity photo comes out, it’ll get displayed up on your website, so it’s nothing super special, but it is kind of cool looking and something to go check out and see what the latest Mars photo is and who knows, maybe you’ll get that new photo where they’ve got spaceman walking across the screen and nobody saw him yet. Go check it out; I give this one a four dragon rating.
Amber: That does seem like a pretty cool thing to have around. Last one I have is Custom CSS for Elementor. This plugin seems to essentially be the same as simple custom CSS plugin only this is specifically made for Elementor. It’s very useful if you use Elementor and need to change just a couple of things here and there. It works beautifully, so what makes this different is generally we know that Elementor has a little additional CSS area under the advanced tab, but what this does is it actually creates a corresponding CSS input field for all of the widgets or all of the little tabs there so you can actually choose. I’m not explaining it very well. I wrote it down and what I wrote down wasn’t very explanatory either. It was clear in my head, apologies for that. It essentially gives you more individual control over how each little bit looks. It’s very useful if you use CSS and also, it’s totally free and I do rate it a five dragons because it does work beautifully. If you click through that, maybe it’ll help to give a visual sorry about not being able to explain it. Yeah, so like see it actually gives you separate CSS things rather like for each
John: Each item?
Amber: Yeah.
John: Okay, each item on the page, so it creates separate IDs for everything.
Amber: There we go.
John: Okay, to answer Hemdian’s question, what does getting your own key give you? I assume he’s talking about the API key for the Curiosity one from the NASA key, with your own API key, you could then use it in your own plugin or somewhere else that the API key could be used to draw different stuff from NASA. I went over and checked it out, it doesn’t take you very long to get the key, but I don’t have much use for it myself and while I like this plugin, it’s not something I’ve figured out how to use yet aside from experimentation. Alright, well, that covers up our plugins here. We still don’t have listener feedback. Come on, folks. I know there’s at least four-five people listening to the show, so with four or five people out there listening, hey, come on, send us some questions, you know, make it some entertainment for us. Alright, and our contest, as we’ve mentioned, are on hiatus, so we’ll just leave that be. We got a couple of quick things to close out before we head into the Q&A segment with Amber closing out, I covered up the following plugins the BIOL Beautify Links which I gave a five to, the WP Backend File Search & Editor Tweaks Light, which I gave a four to, and the Curiosity POTD.
Amber: Which you rated at —
John: A four.
Amber: And I covered Halloween Box, which I rated at five, Custom CSS for Elementor which I rated at five, and it looks like I forgot to change that, sorry I’ll make sure I fix that in the notes, the other one I covered is Wedepohl Engineering Disable Comments, which I also rated at five. I had a whole five day.
John: Alright, aces high. Okay, nothing else in the reminders at the moment except if you are a developer or someone in the WordPress industry and you’d like to be in an interview show just reach out to me at john@wppro.ca or just go wppluginsatoz.com/interview and schedule an interview and that I had something else to say but my brain has locked up on it for some reason
Amber: Seems to be that kind today.
John: Yeah, well, not the end of the road. At any rate, it’s time for us to move along to…
It’s question and answer time.
John: With Amber.
Amber: First off, if anyone out there has any questions they’d like to have asked on the show feel free to send them in to mew at amber@wppro.ca and I’ll get them up here, and we’ll see what the answer is the first question we have is actually from Martin Wedepohl what he says is I regularly check the WordPress vulnerability report iThemes and noticed there seems to be a lot of cross-site scripting vulnerabilities on even simple plugins, is this because the plugin developer is trying to do much more than the basic features of the plugin?
John: Well, I don’t know. It could be they’re trying to do more than the basic features of the plugin. It could also be that they’re lazy with their code because most cross-site scripting vulnerabilities are caused by a flaw in the code or they’re asking, you know, I haven’t done this stuff in quite some time but from what I recall is they’re calling a function with a insecure question, you know, they’re using an insecure method to call a specific function and that allows for cross-site scripting vulnerabilities is the insecure method. Most of the time it’s just they’re not coding their plugins with enough security or paying attention to the standards when they’re coding it up especially like WordPress has very specific standards and I know they’ve changed many of the calls over the last, you know, five-six years there were ways that I knew how to do things that if you do it now in those ways then you actually introduce a security flaw that can be exploited through cross-site scripting, so I think it’s just a matter of paying attention to the security and the developers are not doing that or a new security flaw something that worked okay and wasn’t a security flaw, the hackers discover a way to monopolize or no that’s not monopolizing the word but they discover a way to use that flaw that wasn’t previously known and that’s what the hackers do they spend days throwing different ideas at it, you know, so much creativity in their brains and they decide to use it for evil rather than good, so that’s pretty much all I have on that one.
Amber: Alright, next question is we seem to be having a major hack issue popping up everywhere which you said before is kind of normal just as being noticed more, but my question is do you think this is going to like die off anytime soon or do you think it’s just going to keep evolving into more of a problem like what was going through at the moment I wrote that down was with everyone talking about with all the news is reporting it all the time making it big news do you think it’s going to kind of grow in popularity to become a hacker or do you think that, you know, it’ll die off and lose its popularity soon?
John: I don’t think it’ll neither die off nor increase in the 20 years I’ve been doing this. The amount of hackers has always been approximately the same in proportion to the amount of people using the computers and the internet. You’ve got more people using the internet now so you got more hackers, you know, the problem is I was talking I think we talked a little bit about it before the show, it’s an arms race, it’s literally an arms race and the arms race is the security people the White hats, they find ways to protect the systems. The black hats, the other half of the hackers because hackers are hackers. Hacker what used to be a general term and they used to be divided between white hat and black hat and then there was always the grey hats who were sometimes evil, sometimes good depending on whether they liked you or not but in that aspect there is the one on the black hat side they’re always looking for an edge, always looking for a flaw, always looking like they can look at the same piece of code over and over and couldn’t crack it and then one day they find a new minor edge in it that had a crack that wasn’t previously noticed and they pry that open and now there’s a new flaw. I mean all you gotta do is look at the flaws, look at the way WordPress was originally designed and how many hacks are found I mean every once in a while even WordPress every once in a while they’ll release a patch for a flaw that was recently discovered and it goes all and that flaw goes all the way back to version 3.2 of WordPress.
So the flaw had been there for a very long time, just nobody noticed it, so this is a problem it’s like the news media I think when they get bored they decide to pump out articles about hackers or when the hackers do something big and major like lockdown a oil pipeline system with encryption that’s when attention is drawn on everything. One of the big flaws that a lot of people don’t think about the biggest flaw in computer systems is not the code itself, it’s the id10t Error. The keyboard interface is the biggest flaw in the computer systems. I mean humans can be manipulated way easier than computer code. Penetration testers most of the time they don’t even bother trying to hack into a system what they do is they socially engineer the people who have access to those systems and get those people to give them the access and it happens all the time, so your biggest problem is your id10t Error.
Amber: Which makes sense?
John: Yeah. Alright, you have one more question you can ask it out and then we will cut it off for those of you listening here on the Podcast you’ll have to come all the way back to the YouTube channel to catch this second question.
Amber: Okay with the additional security risks that have been coming to the fore as of late do you think that the updates are going to start coming more frequently or do you think they will just keep on at the current pace we are doing?
John: That’s an interesting question. Alrighty well with that lets have my lady take us on out of here and then we will be right back.
Reminders for the show: All the show notes can be found at wppluginsatoz.com, and while you’re there, subscribe to the newsletter for more useful information delivered directly to your inbox. WP Plugins A-Z is a show that offers honest and unbiased reviews of plugins created by developers because you support the show. Help keep the show honest and unbiased by going to wppluginsatoz.com/donate and set the donation level that fits your budget.
Help us make the show better for you by subscribing and reviewing the show at Stitcher Radio, Google Play, and in the iTunes Store. You can also leave us a review on our Facebook page using wppluginsatoz.com/facebook. You can also watch the show live on YouTube, check out the screencasts and training videos, and remember to subscribe and hit the bell to get notifications of all new videos. Follow the show on Twitter @wppluginsatoz.
John can be reached at his website, JohnOverall.com, or email him directly at john@wppro.ca. Thanks for joining us and have a great day.
Thanks for listening to the show. This show is copyright by JohnOverall.com. So until next time, have yourselves a good morning, good afternoon, or a good evening, wherever you happen to be out there on the globe today.