Tag Archives: wordpress

Best of both worlds

WordPress Migrations

As a well known WordPress hosts, we are often asked to migrate sites from WordPress.com to self-hosted wordpress. Thanks to the tools available this is a painless process, at least to copy the posts and pages. But sometimes clients want to keep the site looking exactly the same and this is not always straightforward.

WordPress.com runs on a pretty standard WordPress platform, but it offers it’s users a number of themes and plugins built in (you cannot install your own choice of theme or plugin in WordPress.com – hence the reason websites outgrow WordPress.com)

So migrating a theme or plugin functionality can be an involved process. So far I’ve found the themes that are available to WordPress.com users have an equivalent version available for hosted WordPress at wordpress.org/themes, sothis it not normally too much of a problem – just re-adding the theme specific options.

However the plugin functionality –  which users may not even realise are plugins, so well integrated are they in the WordPress.com experience – is more difficult to move.

Jetpack to the rescue!

Jetpack web page
Jetpack

This is where Jetpack comes into play. Jetpack is a plugin collection maintained by WordPress that replicates the functionality of WordPress.com. For migrations from WordPress, nothing is copied across so each function will have to be setup from scratch, and the admin usage is often different to  how users remember it in WordPress.com. We recently migrated www.cfliteraryawards.org.uk to our WordPress hosting and this involved replicating various functions that without Jetpack would have been a major headache.

WordPress Gallery Plugin

The other difficulty with using JetPack is that it is so big! It’s like a Swiss army knife of plugins, and sometimes it’s only one feature you want to replicate. In www.geolida.co.uk, we wanted to jazz up the image galleries, and the different sized tiles gallery style appealed. This style is also known as Masonry style. We also wanted the existing ease of gallery use built into WordPress to continue – many of the WordPress gallery plugins use a separate management area which we thought would be confusing to the site owner.

Jetpack holds the answer to this with Tiled Galleries. However, this was the only function of JetPack that we wanted to add to the site – not the 27 other functions! We therefore turned to this plugin, which is just did the Tiled Galleries and nothing else. This is the same code as used in Jetpack, just extracted and packaged as a single function plugin. All WordPress plugins listed on the WordPress site are GPL licences which allows and encourages reuse of code. This worked seamlessly and our client was very pleased with the result:

The only drawback is the possibility that the person who released this cut-down version of Jetpack will give up maintaining it – Jetpack is updated every now and again and as with all WordPress plugins it’s very important to kee them up to date – bad things can happen otherwise!

2020Media’s managed WordPress service is used by many of our WordPress hosting customers so they have peace of mind that their website remains safe and secure at all times.

London WordPress Meetup Report

April Meetup
April Meetup at Shoreditch Works Village Hall

The topics at this months meetup were entitled:

  • Handling WP user generated content
  • Use WP to find clients
  • WP Security
  • Cleaner themes.

User generated content

The first talk was by Graham Armfield of Coolfields, who is known as Mr Accessibility. But this month he almost managed to talk about something completely different! Accessibility came  in sideways with an aside about captchas vs logic puzzles.

Graham Armfield at April Meetup
Graham Armfield

Graham’s talk was about handling user generated content – this means input to the website via a form or upload box – without requiring a login. Grahame gave us a run down of the steps needed to take input from a form on a wordpress website, process it, allow an admin to moderate it and then publish the data on a page. He used a gig guide as an example.

If you’re interested in learning more, his slides are available here http://www.slideshare.net/coolfields/handling-user-generated-content-in-wordpress

Another useful tip was the the popular Ninjaforms plugin offers a logic puzzle anti-spam test, which is apparently much better from an accessibility point of view.

Using WordPress to find clients

The next talk was from Rob Cubbon and entitled “Using WordPress to find clients”. In practice this talk was about optimising your site or online presence to attract and then convert vistors into clients. Rob talked about carefully choosing keywords with buying intent, creating specificity in your pages, not generallity. Example being writing detailed tutorials on how to do something – a subject hopefully you are an expert and authoritative on. Creating a call to action on every page. Adding key phrases to page titles and headlines. He also recommended creating in-depth profiles on social media sites for freelancers as it’s likely prosopective clients will research these when selecting somone.

Tools to help include Google keyword tool and Google Rich Snippets.

http://www.slideshare.net/RobCubbon/using-word-press-to-find-clients

WordPress Security

Duncan Stuart gave us all a wake up call with his fascinating talk on WordPress Security. Duncan’s company works mostly for government departments or agencies and they spend a lot of time working on security. Duncan began with telling us that the well-known Jetpack plugin, has been suffering from a security weakness that allowed spammers to publish their own content on websites. He then went through a set of examples of types of attack and some well known plugins that have (in the past) had vulnerabilities that have allowed these attacks.

Duncan then gave some advice on improving WordPress security. The first point of call being the Hardening WordPress Codex page. He recommended choosing plugins carefully as these can be a very weak part of the WordPress ecosystem. Look for high numbers of downloads, recent updates and an active support forum.

He wrapped up with tips on writing a good plugin or theme so that our own work does not become part of the problem.  His company runs a free resource at https://security.dxw.com/

https://www.youtube.com/watch?v=RVRBvBUmprI

The essential Pizza
The essential Pizza

Persil.co.uk – Cleaner Themes

After a break, the final talk was from Adam Onishi. The company he works for recently built the new iteration of washing powder brand Persil. It was a great insight into a complicated build that spanned 20 countries with many competing requests from different parts of the Persil marketing departments.

Adam’s mission was to keep the site management under as tight a control as possible so that updating and changes could be made as simple and straightforward as possible. To this end, the entire global prescence of 35 websites runs from a single WordPress multisite installation.The second vital ingredient was Parent/Child themes. This has allowed extensive localisation of design and content.

Adam went through some code examples, the tools he and his team used to build the site, the most useful plugins that were used, and how he now is working alone on building out the individual country sites.

Adams’ slides

https://www.youtube.com/watch?v=XT51AidOogA

All videos of WordPress meetups are free to view and can be found here https://www.youtube.com/user/WordPressLondon

 

 

 

 

 

CMS Updates

Updates for Joomla and WordPress users.

Today, WordPress 3.9 was released.

New features include:

  • Drag and drop images right into the editor.
  • Images formatted as galleries now show up in the editor.
  • Audio and Video Playlists.
  • Improvements to Widget editor and Themes with previews

wp-newThe built in updater will NOT upgrade your WordPress site automatically, this only works within the same point release. Contact 2020Media if you’d like us to backup, upgrade and test your site, or for just £12 let us do this for you for an entire year. See www.2020media.com/managedwp for details.

Joomla 3.3 is just around the corner.

An important change is that the minimum supported version of PHP will be PHP 5.3.10. Users who are unable to update to 3.3 due to the new PHP requirements are able to use the one click-click update, once they can update to PHP 5.3.10. You can quickly check this from your Joomla System – System information menu – last PHP Information tab.

The main features/changes of Joomla 3.3 are:

  • PHP 5.3.10 and above is now required
  • stronger password hashing storage
  • microdata implementation for Joomla content opens the door to better search engine experience
  • Replaces MooTools based JavaScript with jQuery equivalents
  • new cloud storage API

Read more on the changes at the Joomla Community site.

WordPress Logging to File

I’ve been doing some Ajax development so wanted to log any errors to a file rather than screen, this is because any messages written into the return from the Ajax call can corrupt the message and the Javascript calling the function cannot interpret the data.

Logging to file could also be useful when debugging very visual things (where you don’t want extra messages) such as themes. Also background scheduled cron jobs are the same as Ajax calls and run with no user interface so you need to send the messages to file not to the screen.

Although it is possible to configure the logging modes yourself via php.ini or .htaccess, WordPress sets up some constants in the WP_CONFIG.php file which make it simpler to setup debug logging to file.

the wp-config.php file
wp-config.php

The setting first is the master control for debugging.

define('WP_DEBUG', true);

Without this setting nothing will get logged.
The next setting is

define('WP_DEBUG_LOG', true);

This tells WordPress to log everything to the /wp-content/debug.log file, if you want to log to an alternative location do not include this setting and use the settings described in the first reference below.Finally we need to turn off the display of setting to the user (or Ajax call) using the following setting

 define('WP_DEBUG_DISPLAY', false);

if you set these three settings then you should have logging to file. It’s worth turning this off once your debugging session has finished as the file can get quite large quite quickly.
Further reference

http://digwp.com/2009/07/monitor-php-errors-wordpress/
http://codex.wordpress.org/Debugging_in_WordPress
http://digwp.com/2009/07/monitor-php-errors-wordpress/

Protect your WordPress website

The WordPress brute-force login attacks show little sign of abating and we recommend all users ensure their sites are secured against this attack.

The Attack

Since spring 2013, hackers have been calling the WordPress login url with “standard” usernames (like ‘admin’) and thousands of passwords.  In our experience nearly all users have ‘admin’ as a user account so this makes them especially vulnerable.

The Solution

Well – not a solution exactly but it should protect your site being hacked.

The solution we propose is to change your username to something only you know about. If you are creating a new WordPress site, don’t use the default ‘admin’. Choose a new username.

If you have an existing site, you can’t simply delete the user ‘admin’ – therefore there are lot’s of free plugins around to change it instead. The one we’ve been using is called ‘Username Changer’. Install it, activate it, change your username and then remove it.  It’s a one off job.

2020Media can help

Additionally 2020Media would like to  see these WordPress attacks stop – realistically this is not going to happen – it’s a distributed attack from botnets, and things will change only when it’s not worth the hackers while any more.

2020Media are happy to change your login username for you plus we can add additional server-side security which will mitigate the denial-of-service aspects of the attack.

Managed WordPress

The Managed WordPress service from 2020Media is something anyone not logging in to their WordPress site on a weekly basis should seriously consider. Even if you do, get peace of mind as updates to WordPress, Themes and plugins are done for you. Read more