This weeks WordPress news – Covering The Week Commencing 2nd September 2019:
WordPress 5.2.3 Security and Maintenance Release
WordPress 5.3 Will Change How it Blocks Indexing
Anders Norén to Design Twenty Twenty Default Theme, Shipping in WordPress 5.3
WordPress Governance Project Looks for New Leadership
WordSesh EMEA Schedule Published, Registration Opens September 9
Celebrating the WordPress community: the Yoast Care fund
Plugins / Themes
New! Make WordPress Security Easy With Passwordless Logins
Ultimate Dashboard – Contact Form Widget
Toolbelt: A New Jetpack-Inspired Plugin with a Focus on Speed and Privacy
Toolset Types 3.3.5 Brings a Public Custom Field API
Elementor: Monthly Template Kit #2: Build a Beautiful Fitness Website
Deals from this week
10% off ‘UX for Everyone’ – code WPBUILDSROCKS before the 11th September 2019
The WordPress 5.2.3 Security Release Unpacked
WordPress sites are being backdoored with rogue admin users
Get paid with likes… the Like Coin with Kin Ko
Monthly UI / UX Website Reviews with Piccia Nerri
Not WordPress, but useful anyway…
Podcasts Are Getting Attacked With Negative Reviews With No Help in Sight
NetNewsWire 5.0 RSS Reader Rebuilt from Scratch, Now Free and Open Source
Google Research: 55% of Consumers Use Videos for Purchase Decisions
The WP Builds podcast is brought to you this week by…
The home of Managed WordPress hosting that includes free domain, SSL, and 24/7 support. Bundle that with the Hub by GoDaddy Pro to unlock more free benefits to manage multiple sites in one place, invoice clients, and get 30% off new purchases! Find out more at go.me/wpbuilds.
The WP Builds Deals Page
It’s like Black Friday, but everyday of the year! Search and Filter WordPress Deals! Check out the deals now…
Transcript (if available)
These transcripts are created using software, so apologies if there are errors in them.
Nathan Wrigley: 00:00 Hello, good morning and welcome to this. The WP Builds weekly WordPress newsletter. This is number 79 it covers the WordPress news for the week, commencing the 2nd of September, 2019 and it was published on Monday the 9th of September, 2019 a few things before we crack on with the news wouldn't mind getting you over to the WP Builds.com website. Use the menu at the top of the first link is the subscribe link. Over on that page you're going to find a couple of forms to get you on some email lists so that we can keep you updated about WordPress deals that come out, but also the content that we produce and also there's options for you to subscribe on your favorite podcast player. Join our Facebook group of over 2,200 wordpressers. Giving real value in that group is really great and there's links to things like our youtube channel and you can find us on Twitter at WP Builds.
Nathan Wrigley: 00:52 The other pages I want to draw your attention to are the deals page. That's WP Builds.com forward slash deals. I keep saying it's a bit like black Friday, but every day there's a whole bunch of WordPress plugins with coupon codes, so if you're in the in the mind for buying WordPress products this week, go check that out. Also, we've got a webinar over at wpbuilds.com forward slash webinars I'm speaking to Andre Gagnon from project huddle, which is a plugin which allows you to communicate easily with your clients. You can go and register for that. It's on the 12th of September, which is a Thursday, and join us and if you subscribe or register, should I say for that a Webinar but can't manage to attend, we'll send you, we'll send you a link to a videos that you can watch it after the fact. And finally WP Builds.com forward slash advertise if you would like to put your product or service in front of our word press or audience, a bit like Kinsta did.
Nathan Wrigley: 01:48 Are you tired of unreliable or slow hosting? If so, check out Kinsta, who takes manage WordPress hosting to the next level, powered by the Google cloud platform. All their plans include PHP seven ssh and 24 seven expert support and you can migrate today for free at Kinsta dot com and we really do sincerely thank all of our sponsors because it helps to keep this podcast going. Okay, let's turn our attention now to this week's news. We always divide our WordPress news up into sections and the first section is always WordPress core and over on WordPress.org we have a article entitled WordPress 5.2 0.3 security and maintenance release. There have been 29 fixes and enhancements since 5.2 0.2 and hopefully by now you have automatically or manually updated your WordPress install to this latest update. They are basically security updates. There's a whole load of cross site scripting updates, but that really is about it.
Nathan Wrigley: 02:49 There's a couple more things to do with Jquery, a older versions of jquery and so on and so forth, but largely it's to do with cross site scripting. So definitely get yourself updated if you haven't done so already because this is important. We're very much looking forward to WordPress 5.3 coming around the corner in the not too distant future. And we're getting some news about some of the changes that are going to be taking place. And I've got a couple of bits now all about indexing. The first article I linked to is on the search engine done journal entitled WordPress Five Point Three will change how it blocks indexing and there's a very similar article linked to also, and this is on WP tavern entitled WordPress 5.3 to use robots meta-tags to better discourage search engines from listing sites. You've probably in the past, um, use the settings reading screen option to discourage search engines from index indexing this site in the past, if you wanted your site to, to not be shown on Google's search results pages, well that used the robots dot text file and added a disallow option into that.
Nathan Wrigley: 03:59 And that apparently didn't work because all it's did was it prevented Google, um, crawling the page. But it didn't stop it from being able to add that page to its search engine results because it was still able to find the URL. Well in WordPress 5.3 we're going to be ditching the robot's doc text option and we're now going to be adding a Meta tag, Meta name, robots content, no index, no follow, and apparently this is a much more reliable certain way of robots not being allowed to crawl those pages and therefore not being allowed to put things on search engine results pages. So that's an interesting change coming in. WordPress 5.3 some more news about WordPress, 5.3 over on WP tavern Anders Noren to design 2020 default theme shipping in WordPress 5.3 well, like I said, we're hoping to get a 5.3 Beta tested fairly soon.
Nathan Wrigley: 05:00 It's going to start in late September, but Anders Noren is going to be designing a new thing 2020 and it's going to be the default theme here is a prodigious theme developer. He's got many, many, many themes in the WordPress repo and they have an average rating of 4.98 out of five stars have been downloaded 2.8 5 million times. So incredible. He recently showed what was capable with Gutenberg with this chaplain theme, a very, very widely applauded. Basically everybody seemed to love it. I confess, I haven't actually tried it. And he's not saying whether or not the chaplain theme is going to be the bedrock for this new 20, 20 theme or not. Anyway, it's good news. It does mean that we've got somebody at the tiller who's got a very, very credible, um, credible portfolio of developing themes, especially with Gutenberg. So this, like, it was, uh, a very good move from the team.
Nathan Wrigley: 06:01 Let's change tack slightly now and go onto the community section. And the first piece of news I've got in there is over on WP tavern entitled a WordPress governance project looks for new leadership. Well, some point last year, I think it was WordCamp Europe, 2018 the WordPress governance project was launched and it was launched by Rachel Cherry and a modern run Hendrickson. And after a period of time at the helm, they've decided to step down. What they're saying is they would like the project to continue and they've given it a start, but they basically don't have the bandwidth to carry on doing the work that needs to be done. They're still gonna maintain their involvement but not leading it. So they're looking for two chairs who will help this project to go forward. And the responsibilities include managing the vision and planning as well as managing meetings and delegating assignments in support of the vision.
Nathan Wrigley: 06:56 They also make the point that they, they feel that right at the very beginning when they launched the project, they, they made us sort of era and that era was that they didn't clearly set any expectations of what they wanted this project to do. And that has led to all sorts of people becoming involved who had different visions of what the pro, the, the whole purpose of this project was. Um, and they make the point that it isn't necessarily to get rid of, you know, the, the benevolent dictator for life model. They're saying that it's quite possible to have Matt Mullenweg in charge and to have governance, um, but they didn't set that out at the start. So this project obviously seems to, seems to be in a little bit of flux at the moment. So if you're into that, maybe it's time to, to step up and offer your services.
Nathan Wrigley: 07:48 WP Tavern wants more for an article entitled WordSesh, e m e a shed. You'll published registration opens September the ninth and word Sesh, which is a 12 hour virtual conference designed for people in the Middle East, Europe and Africa simply because of the shed dueling. And when the events are taking place has published its full shed. You'll, there's a whole bunch of people speaking. Um, there are 11, I think it is, and eight of them are from those regions. The remaining three are from the United States and there's gonna be a whole load of different sessions, uh, including things like using Gatsby image optimization, managing a business with mental health, illness problems, um, SaaS apps, building those and working with Laravel and jetpack. So there's a whole load of stuff going on. Um, and registration will be beginning today, the 9th of September, so it's virtual so you can sit at home and watch all this stuff happening, but maybe click on the link and find out where you can register and get your registration in if that's what you'd like to do.
Nathan Wrigley: 08:52 The final piece in the community section is on the yoast.com website and it's an article entitled celebrating the WordPress community. The Yoast care fund by this is really interesting. Yoast have decided each year they're going to set aside $25,000 and give it away to people who contribute to the WordPress community but contribute their time in a voluntary, on a voluntary basis. So normally you don't get paid for it and the idea is that you go and nominate other people so you're not allowed to nominate yourself. But if you, if you would like to nominate somebody, there's a link within the page that I link to on the yoast.com website where you can fill out an application form and presumably there'll be some criteria that you will need to fulfill on that person. If they're selected, we'll receive, I think it's $500. So that's great. And you never know.
Nathan Wrigley: 09:43 I presume that there'll be some um, some tooling and throwing with the person involved so that they can confirm that they would like to receive this money, but they'll also be offered an interview and which will get published on the yoast.com website. So I just think this is really nice, really nice little opportunity for people to, to tell the wider world about people that they know are contributing to WordPress and get them a financial reward in return. Fabulous. The next section is all to do with plugins and themes, although this piece could actually have gone in the security section, it's on the itms themes website and it's called new make WordPress security easy with passwordless logins. I'm not sure that WordPress security and easy are terms which necessarily go well together, but anyway, so what they've done over on ithemes, if you have their security, you plug in I theme security, there's now an option to send yourself a magic email link as they call it when you're logging in and this will send you a specific link and if you click on that link, you will automatically become logged in.
Nathan Wrigley: 10:50 This is not switched on by default. You have to go and find the passwordless login option in the it teams security settings and um, and you can decide which users can have this capability and so on and so forth. And interesting. I'm not too sure where I sit on this, the idea that somebody could log into your website simply by clicking a link. My preferred option with all these things is to have some sort of two factor authentication, which of course this is, but something which is perhaps a little bit more difficult to get access to because email hacking is a thing and the capability to to just click simply click a link and login seems seems interesting. Certainly it's very convenient but in my impression is that um, convenience is the enemy of security sometimes. So anyway, it is a, it's a nice idea.
Nathan Wrigley: 11:39 It's, you know, you have to think this one through for yourself but it's a capability that they've added. The guys over at ultimate dashboard have released a new option in their, in their plugin ultimate dashboard is a plug in which you to well customize the WP Admin area and they've added a thing called a contact form widget. And if you put this on the dashboard, basically it's a contact form and I can see this being very useful for people who want to put that on their clients' websites. And it could be a form which is emailing you support requests. So they've got a problem with their website and they, they fill it in. There's a subject field, an optional subject field, custom success error messages, custom autoresponder, admittedly admin email notifications, confirmations of emails and you can turn the logs on or off to to keep things or not to keep things.
Nathan Wrigley: 12:27 So really nice update, great oxygen. The page builder, which is becoming increasingly popular, has updated to version 3.0 they've got some three headline features. They've got deep woo commerce integration, they've got Gutenberg integration and they've also got a repeater element. You can go and read this blog post and it'll explain more about it. But the key features are global woocommerce styles 20 plus we commerce elements themeless woo commerce is here, they say, and obviously if you're using woocommerce, um, my understanding from watching the video is that this is a pretty, uh, pretty impressive update in terms of the Gutenberg integration. You've got the capability to design blocks in oxygen and then use them in Gutenberg so you can actually edit them in Gutenberg. And one nice consequence of this is that you can create, uh, blocks, Gutenberg blocks, and then your client will not need to use oxygen and they won't really have the option to fiddle with the styling necessarily.
Nathan Wrigley: 13:28 So let's say for example, you've put a heading together in oxygen with a button. Your client, you can make it such that they will only be able to alter the text of the button or the text of the heading, but they won't be able to fill with the style. So they're calling this the ultimate client mode and it looks really great. And then finally they've got the repeater element, which is drag and drop design. You can query any post type and also nicely they've got an ACF repeater integration as well as that you can use the ACF repeater field. Basically it's a way of creating your own loops within oxygen, but the capability to then query ACF repeater fields is very nice indeed. So this looks like a really impressive update from my point of view. So very, very well done. We have a nice new project over on WP tavern.
Nathan Wrigley: 14:16 They've got an article entitled tool belt, a new jet pack inspired plugin with a focus on speed and privacy plugin developer. Ben Gill banks has decided that jetpack is a little bit heavy weights for his liking. He draws attention to the fact that when he loads jetpack on some of his sites, his page speed just drops dramatically. And so he decided that as he was going to be releasing a new thing called Jarvis, he was going to create a tool that rivaled some of the functionality of jet pack because quite a lot of people would like the functionality of jet pack and he's come up with this project called tool belt and it includes features like breadcrumbs, browser, native lazy loading portfolio, custom post type related posts with images, responsive video, static social sharing and a whole bunch more. I think there are 12 modules in total.
Nathan Wrigley: 15:08 All of the modules are disabled by default, so you only turn on the ones that you need and really nicely in the the Admin area, the settings area for tool belt, it actually tells you what the the page impact will be. So for example, it tells you that if you, if you tick the box and use static social sharing, you're going to increase the page load by 4.1 kilobytes of SVG icons and not 0.7 kilobytes of inline CSS. So this is really great. Uh, he's saying that everything is super lightweight. They don't use Java script frameworks. All the Java script is completely vanilla and minified. All assets are loaded in line so that there's no requests going back and forth from other services. Um, there's no options. There's only one database option and that's an array that stores what modules are active and he really has tried to use them as minimal code as possible.
Nathan Wrigley: 16:06 Um, and also in terms of privacy, there's no phoning out, no use a tracking nothing. So this seems like a really nice initiative, um, for those people who wish to have jetpack like features but wish it to be far more performance. So maybe go and check out tool belt tool sets types has been updated two 3.3 0.5 and it brings a public custom field API. Uh, it says you can now use the brand new public API for tool set custom fields. This allows for deeper integration between tool sets and third party plugins in the future. You can also use these functions to extend tool set features into custom made solutions. As part of this new API, we're exposing new PHP interfaces that you can use to leverage in your custom code. At the moment, only the support of custom post fields is available, but it says that we'll keep extending the API based on your feedback.
Nathan Wrigley: 17:02 They've got some um, improvements and bug fixes which are mentioned on this as well. But if you're using toolset types for your custom post types and so on, then this might be something that you want to look at. One month ago we talked about the fact that the guys at elemental, we're going to be releasing these monthly template kits. Well, they have kept to their word and now we're on template kit number two. Um, it looks like it's called gym template kit. I'm not sure if that's the official name or if it's called the new element or gym template kit. Nevertheless, it is out. It's got a whole bunch of different options. Seven content pages, headers and footers. Popups, four oh four templates, single and archive templates. I'm 60 free to use CC zero images, nine icons, two well-designed contact forms and a wide range of animation than motion effects.
Nathan Wrigley: 17:52 It looks really nice. It's got some very bold colors and typographic and it's free to pro elemental users. So you might want to go and check this out because it's a whole bunch of stuff that you could deploy on client websites. I have decided to add in a new section to this newsletter and I'm going to call it deals from this week and each time I put this out from now on, I'm going to be including some of the deals that I came across during the last week. Um, this was only decided by me at some point this morning, so I haven't really got a backlog. I've only just got the one and that is to say that peach and Arie has a course called UX for everyone. She came on a live Webinar that we did this week where she reviews websites, um, of people who submit their URLs from a UI, UX point of view, you can actually register your own URL.
Nathan Wrigley: 18:42 If you go to WP Builds.com forward slash you are, you can register and Piccia is going to be doing this each and every month in our Facebook group and well all over the place to be perfectly honest. And so as a result of this, she's offering people 10% of her UX for every one course. The code is WP Builds rocks, but you've got to redeem that before the 11th of September, 2019 so click on the link in the show notes and go and redeem that. A couple of items in the security section for you. I'm going to be doing very light touch because it's a little bit complicated and difficult to describe. But over on the wordfence stock on website, we have the WordPress 5.2 0.3 security release on pact and we talked about this right at the beginning, all of these s s x security vulnerabilities and a whole bunch of other things.
Nathan Wrigley: 19:33 Well, what wordfence guys are doing is from our security point of view saying what was inside of the release. And so it's things like the Xss, vulnerabilities, validation and sanitization of URLs leading to open redirects, a reflected cross site scripting during media uploads and a whole bunch more. So go and check that out if you want to know what was inside that release. And then on the naked security dot [inaudible] dot com website, we have an article entitled WordPress sites are being backdoored with road admin users. It's quite a long piece and it's basically to say that last months of vulnerability, which was being exploited to push adverts and popups onto websites, uh, has now obviously proved to be very successful. And the, this exploit has now been upgraded if you'd like to target those websites so that they can create admin accounts and thereby take over your website.
Nathan Wrigley: 20:32 So go and read that the slightly self promotional WP Builds section. Now we had a podcast episode out, it was number 144 called get paid with likes. The light coin with Kin Co. This is such an interesting little project. It's a blockchain technology which, um, enables you to put buttons on your website. And if people click on those buttons, they will donate to you. A proportion of the money that they have set aside for donations for that month is such an interesting little project that you'll have to go and listen to figure out how it all works. But it really, really different way of getting your content monetized without having to put ads in. So on. And then also just as I mentioned a moment ago, we did have a chat to with Pictionary about UX and UI reviewing websites and I've linked to the, the post in the Facebook group.
Nathan Wrigley: 21:25 So you'll have to join the Facebook group if you want to watch that. But you know, it's a really fabulous Facebook group. Do that. That would be great. And uh, you can see her picking apart four or five websites live and it's really informative and there's lots of knowledge to be taken away. That is all the WordPress news I've got for you this week. But I was always right at the end a few articles entitled and not WordPress, but useful anyway. And the first one over on search engine journal saying, oh no, podcasts are getting attacked with negative reviews with no help in sight. And this is to say that it is possible to kind of create campaigns of negative review bombing of podcasts because there is absolutely no way of stopping this happening. If you go onto something like Amazon or Facebook and they have automated fail safe mechanisms to detect when there seems to be a campaign of negative reviews.
Nathan Wrigley: 22:17 Well for podcasts there's nothing, nothing like it. You can go and submit as many reviews and obviously set up fake accounts and this, that and the other and some podcasts are giving up. I hope nobody is going to do that about WP build. But a, it's an interesting thought. May Be, we need some kind of platform for monitoring this stuff because as, as podcasting grows as a, as a thing, maybe somebody needs to take this under their umbrella or purview and decide how it can be coordinated so that the reviews are fair, that they talk about a story where a true crime podcast, um, was slammed at more or less out of existence to the point where the podcast is just gave up. Um, because of one star ratings from some rivals who had a similar, uh, podcast because they, they kind of fallen out.
Nathan Wrigley: 23:05 So anyway, very interesting warfare in the podcasting space. This one's a bit of a blast from the past. It's over on WP tavern and entitled Net Newswire Five Point 0 RSS reader rebuilt from scratch now free and open source. I wonder how many of you are still using RSS readers? I am. I W I was using Google reader for the longest time and now I've switched over to Feedly. But way back when there was this thing called net to newswire and it was a Mac app and they've decided to resurrect it. And so this is just a nostalgic nod to the fact that it's been resurrected on the Mac. It looks really nice. I might even consider over to it. It's completely free open source and you can download it today to consume all of your RSS feeds. A bit like the WP Builds. One very final piece that I've got to you today is over on the search engine journal and it says Google Research, 55% of consumers use video for purchase decisions.
Nathan Wrigley: 24:06 I suppose this makes a certain degree of sense. I have to say when I'm shopping around and I see a link to a video where as one of the little thumbnails, I often do click on it and it turns out that 55% of shoppers do exactly that. So the recommendation would be if you have an ecommerce site or get into creating videos about your products, um, you know, things like unboxing videos are very popular. It also offers the, the ability for you to put yourself honestly and authentically in front of your audience. And, um, and it really does seem to help. So you know, ecommerce shop owners. Get your video cameras out. That is all I've got for you this week. I really appreciate you listening to me droning on about the WordPress news. It's amazing that anybody even even endeavors to listen to this. Thank you so much.
Nathan Wrigley: 24:54 The WP bill's podcast was brought to you today by Kinsta. Kinsta takes managed WordPress hosting to the next level, powered by the Google cloud platform. Your site is secured like Fort Knox and runs on speed obsessive architecture. You get access to the latest software and developer tools such as PHB seven ssh and staging environments, and the best part that expert team of WordPress engineers are available 24 seven should you need help, you can migrate today for free at Kinsta Dot Com and we thank them for supporting the WP Builds podcast. Okay, we have a Webinar this week on Thursday. Join us for that. WP Builds.com/webinars or come back on Thursday for the podcast as it comes out or we'll see you back in next Monday for this news. And don't forget, we'll always be doing our live version of the news. It's at 2:00 PM UK time on Monday, so it'll be happening today. If you're listening to this on a Monday, join us, give your, give your comments. I should be joined this week by Paul Lacey and by Pete Everett and by Jim Galiano a, assuming they can all make it, but, uh, that's all I've got for you this week. Bye Bye for now.
Support WP Builds
We put out this content as often as we can, and we hope that you like! If you do and feel like keeping the WP Builds podcast going then...