This is a weekly round up of WordPress news I have accumulated from across the web some old some new but always interesting. The new relates to WordPress and sometimes other areas of the web. It often has a focus on security and more.
We try to have news here that is not only important to help you with your website as well as new from the #wpdrama scene and more to share.
Some of the news here will be of interesting links to not only articles but training materials and other sources I can find online that will help you create a better WordPress website.
This week we have the following news for you.
Allot of articles have been written on how to secure your WordPress website and the importance of doing that, yet here is another one to help you keep your site secure.
10 Ways to Protect Your WordPress Site You Didn’t Know About
Security is a myth
Do you own a WordPress site? Congratulations, the advanced security features of the platform will protect you for life…or so you’d like to think. Unlike ready SaaS solutions, online website builders with centralized managements, WordPress is a popular open-source CMS with open code with lots of security vulnerabilities. And believe me, these vulnerabilities can be easily used to bring harm to your website and business. You need to defend yourself, and the best way to do so is add reinforcements. I know what you’re thinking – plugins! However, plugins aren’t a 100 percent foolproof. In fact, it’s now being said that the more plugins, themes, and custom codes you add to your WordPress blog, the higher the likelihood of getting hacked. No, what you need to do is secure your site’s administrator. Betcha didn’t know about that! To know how to find out below. Read original article here…. hackread.com
Then again you never know are the tales of WordPress insecurity overbloan and a myth. TYhis article take a look at that and presents it opnion on that.
Tales of WordPress Plugin Insecurity Overblown, Researchers Say
The insecurity of WordPress plugins has been well documented, especially over the last year, but in the grand scheme of things, it’s not as bad as it seems, experts claim.
Hendrik Buchwald, a researcher and cofounder of RIPS, a German firm that performs static source code analysis, recently combed through tens of thousands of WordPress plugins to see just how vulnerable they are. As part of their investigation, the company used a tool to search for vulnerabilities in PHP scripts. It downloaded all 47,959 official plugins from WordPress’ repository and reviewed each plugin that had at least one PHP file, roughly 44,705 plugins.
Buchwald said that from there, researchers with the firm looked at larger plugins – plugins with more than 500 lines of code – about 10,523 in all. About half of the plugins – 4,559, or 43 percent – had at least one medium-severity security issue. Read original article here…. threatpost.com
Have you ever tried to score 100 on the Google page speed check well this article says to not even bothger it cna’t be done, contrary to the artcle we presented last week which said it could be done.
Why Trying to Get a 100 Score on Google PageSpeed Insights for WordPress Is Never Going to Happen – WPMU DEV
I’m a woman obsessed. So once I decided I wanted to get that perfect 100 score from Google PageSpeed Insights, I went for it and wouldn’t. Let. Go.
I challenged myself to make it happen with a larger site because, well, you gotta just go for it sometimes! I figured it would be easy given all the tools I had at my disposal, including WP Checkup, Hummingbird and WP Smush Pro.
I can definitely say with no confidence at all that I achieved my goal. (FYI: That’s my way of making myself feel better.)
Today, I’ll explain what I learned instead: Every site can’t get a perfect score and Google PageSpeed Insights isn’t actually the best benchmark for site speed, but it’s still worth using. Why Trying to Get a 100 Score on Google PageSpeed Insights for WordPress Is Never Going to Happen – WPMU DEV
How much does it really cost nto create a WordPress website and are developers undercharging or shortchanging themselves check this article to find out more about what a WordPress website really costs.
How much should a custom WordPress website cost?
Eventually, you have to talk about cost.
These questions are important. The answers are important. Gauging the client is important. Every interaction I have with the client helps me learn more about them and the project at hand, and affects what the cost will be.
Cost often also depends on market and location. I’m assuming I’m talking to an American audience in US dollars. What follows may translate well or poorly depending on your location and culture.
So in short: it always depends.
An estimate takes time. Whether that time is in a paid discovery or a sunk cost I (the consultant) bring on myself is a different matter. Either way, estimates are expensive because they are time consuming. And I promise you if I spend a week on an estimate or proposal I’m putting that cost into the proposal, somewhere. Read original article here…. poststatus.com
This article has a great toungue in cheek take on why so many clients think anything developed in WordPress should be dirt cheepo or even free.
The $15 WordPress gig – Mario Peshev on WordPress Development
Three weeks ago I received the following message on LinkedIn:
Hello, I’m looking for someone who could customize a WordPress plugin we bought. It’s a car reservation system, we need to change the pricing model and add a few extra SQL tables that would operate with the plugin.
The contact is a manager of some small agency, in his 50s, so I replied with my usual template for people who get in touch with me as I do dozens of WordPress things here and don’t look like scam – that I can forward that to my peers and share it in the relevant group if he has a post or at least a detailed project description, where scope, deadline and budget would highly increase the chance of finding a decent candidate. What I got as a response was quite stunning:
Thanks, the plugin costs $25 so I estimate the change would probably cost around $15. Read original article here…. devwp.eu
And now for something older in the past article collections.
WordCamp Milwaukee September 17-18 to Be Themed After the 1950s – WordPress Tavern
WordCamp Milwaukee is set to take place September 17-18 at the University of Wisconsin-Milwaukee School of Continuing Education. More than 170 tickets are still available at $40 each and provide access to both days of the event, including the after party.
The event’s second round of speakers were recently announced and according to Marc Benzakein, lead organizer for WordCamp Milwaukee, diversity of topics was an important part of the selection process. “This year, we had a wide range of topics submitted,” Benzakein told the Tavern. WordCamp Milwaukee September 17-18 to Be Themed After the 1950s – WordPress Tavern
Security lessons learned from WordPress attacks
I traveled from VMworld to the lab last Wednesday, and during that time, something infected two websites I control.
I suspect the servers were used as part of a Syn Flood attack. The servers, both using WordPress, would come up and serve their web pages, but then they would quickly run out of cache by processes that were difficult to track.
They initially made contact with some IPs located conveniently in Russia, then lots of syn traffic, and interesting session waits and listens. It took about two minutes before the sites cratered from resource drainage, and the errantly injected processes dominated then effectively cratered the servers from their intended use. Read original article here…. networkworld.com
When WordPress’ Freedom Kills Your Business—Compatibility Issues
Last week one of our customers opened a support ticket describing a weird issue—when he tried to use our plugin, its UI was broken, rendering it completely unusable. Since I’m the one who usually takes care of incoming issues, I’m quite familiar with the problems our customers face… but this was the first time I heard about “a broken UI that makes our plugin unusable” Indeed, a weird issue.
What the heck?! Our customer was completely right—our plugin can’t be used at all! Just look at the previous screenshot: the editor’s toolbar is over the dialog, the dialog’s layout is completely off, the look and feel is changed (who added this orange bar?)… Read original article here…. neliosoftware.com
How to Easily Import and Export WordPress Users
Do you want to import and export WordPress users from one site to another? This could be really helpful when you are merging sites and want to automatically add all users from existing websites. In this article, we will show you how to easily import and export users in WordPress.
While there are several use-cases for importing and exporting WordPress users, the three most common scenarios when you need to import / export users are:
On large multi-author sites or a membership site in WordPress, each user profile has tons of useful data (like profile photo, bio information, social links, and more). Read original article here…. wpbeginner.com
Well that’s a wrap for this week more next week from WP Plugins A to Z.