This weeks WordPress news – Covering The Week Commencing 28th October 2019:
Plugins / Themes
Deals from this week
Nothing this week, but remember that you can contact me at wpbuilds.com/contact if you have one!
Not WordPress, but useful anyway…
Transcript (if available)
These transcripts are created using software, so apologies if there are errors in them.
Hello there. Good morning, and welcome to this the WP Builds weekly WordPress newsletter. This newsletter is number 87 and it covers the WordPress news for the week commencing the 28th of October 2019 and it was published on Monday the 4th of November 20 19. My name is Nathan Wrigley from picture and word dot co dot uk a small web development agency based in the north of England and very quickly just before we begin a few links to mention head over to WP bills.com forward slash subscribe.
Over there there's two forms as a gray ones that you can find out when we release content and there's a blue one, which I would really recommend you get yourself signed up to in the run-up to Black Friday because it's our alerts email and I send you a very short pithy plain text email every time I hear about a WordPress deal and they'll be coming thick and fast in the next weeks to come.
So that's WP Builds.com forward slash subscribe. You'll also be able to. Sign up to us on your favorite podcast player. Join our Facebook group of over. 2,300 WordPress has it's very polite and very nice group indeed. And also I would recommend heading over to WP bills.com /black because that page is my constantly updated list of offerings.
We had a whole bunch which are still live from from the Halloween giveaways that we've had over the last few days. Some of them are still going so. WP Builds.com /black to check those out and I'll be updating all of the deals as I hear them coming in over the weeks to come many of the Black Friday ones are already posted and they're marked as pending if you click on the Yellow Barn at the top you can filter and if you filter in the pending ones or filter them out, you'll be able to see the ones that are coming up in the days and weeks to come.
Also, I would suggest going over to WP Builds.com forward slash advertise. If you have a product or service and you would like it putting front and center in front of a WordPress specific audience a bit like these guys have done. The WP Builds news is brought to you today by Kinsta. Are you tired of unreliable or slow hosting?
If so, check out Kinsta who takes managed WordPress hosting to the next level powered by the Google Cloud platform all their plans include PHP 7 SSH and 24/7 expert support and you can migrate for free today at Kinsta.com. And Page Builder Cloud work faster in your page builder of Choice by reusing your Cloud save templates Import and Export any layout to any of your WordPress websites page builder Cloud works with elemental Beaver Builder Brizy Gutenberg and many more you can get a free trial up and running today at Page Builder cloud.com.
And we thank all of our sponsors for helping us put on the wp builds news. Right? Let's get stuck into the new shall we. Every week we group our WordPress news into various different sections. And the first one is always WordPress core to articles for you today on that section. First one is over at wordpress.org and it's WordPress 5.3 release candidate 3.
We're now only about nine days away until WordPress 5.3 can be released and release candidate 3. We're very very much towards the end of the release candidate stage. But there are a few bugs that have been ironed out in this release and hopefully they'll be less, you know in the next seven days discovered.
But if you do like beta testing now is very much the time to do it make sure we get all of those bugs properly ironed out the ones that were found this time around were for bugs in the block editor that have been fixed three date time related Boggs a regression in. Date underscore i18n has been fixed and an accessibility color contrast regression for primary buttons has also been fixed.
So, you know, we've down from a very long list down to just four in this case and maybe you never know. There will be very very few in the week or so to come but we do want 5.3 to come around and with that in mind over on the talk mag dot IO website we have a. An article entitled A Simple Guide to help you prepare for WordPress 5.3.
If you're a seasoned WordPress and you've been around for a long time, you will know all of this stuff already, but if you're fairly new to Wordpress things like Point releases might terrify you a little bit or worry you. And this article is fairly short, but it explains what you can expect from the update process.
We've got a new theme new default theme 2020. We've got group blocking column and table block improvements large image handling site health checks, in fact all the things that I've been talking about over the last. Two or three months and then the article goes on to explain really what you should be doing in order to prepare for that update.
So for example, it talks about things like backing up and making sure that you've got a good modern up-to-date version of PHP installed and so on and so forth. So seasoned WordPress has you don't need to look at that one. But if you're new to Wordpress as many of our audience seemed to be then maybe go and check that one out before you click the update button.
The next section is called community, and I've got four posts in that section first warm-up 2020 dot Europe dot wordcamp dot-org entitled call for workshops now in Berlin wordcamp Europe 2019. They put on these things called workshops, which is slightly different. Normally if you attend a workout you go to a talk and you are literally listening to something akin to a lecture somebody talks for 45 minutes or so and you listen.
Workshops are a different approach. You take your laptop along and the idea is that you try things out. So the speaker at the front is there to demonstrate and at the same time as they're demonstrating you're supposed to be trying things out. They're going to be 90 minutes and a hundred and eighty minutes long and the subjects that they're hoping get to hit people.
Talking about our accessibility Business Development content design and ux development security SEO and starting with WordPress. So if you feel that you've got the chops to do that now is the time to apply so that you can you can you know, spend some time thinking about what you're going to talk about.
And yeah, I like this approach this seems like a really great way of bringing WordPress knowledge into the 21st century. The next one is on the cloud weighs.com blog. It's entitled better insights with application performance monitoring feature. So one of the priorities for cloud ways this year is to make their support much much better.
And actually they had a really long Post in the wp builds Facebook group explaining this week what it is that they're trying to do but upside from that. They're also trying to make their customer. Feedback in their control panel a little bit more easy to understand. So they've got this thing called application performance monitoring now not being a cloud weighs user really not going to try and explain exactly how it works.
But needless to say if you are a cloud weighs user you've now got this feature where you can go in you go to server management monitoring. And then application why is details and you'll be able to expand a whole range of things? So for example, it will give you information about what what website what application on your server is consuming the resources.
So it's things like traffic. It's things like bottlenecks in PHP. It's things like what your database is doing and what? Causing queries to be slow and so on and so forth. What cron jobs have you got running? So really nice. I don't know how more advanced this was than previous iterations or if they had anything like this before but if you're a cloud weighs, you'll no doubt be delighted that this update has been made.
Just for a bit of fun this week over on the elemental website. We have an article entitled hilarious web design stories of nightmare clients. And these are actually really funny. It's interactions on email or chat. So between clients and web designers or website Builders and some of them are just really funny.
So for example, the client says why don't the icons animate when I hover my finger them over them on mobile and the designer replies as discussed in my first email. That technology simply doesn't exist. Actually that technology probably does exist with radar and pixel for but yeah, nothing to implement.
They're just really funny go and check them out. Some of them make you chuckle because of the inanity of the the client expectation and the fact that they really don't have a handle on what is technically possible or feasible. The final piece of news in our community section is over on WP Tavern entitled Jason Schuller launches D.
SK o Discovery Network for creators and Brands. So if you head over to the post, there is a link to the DS KO website, which is a dsk ODOT app and the idea really here is that if you are a creator of. Content I suppose a bit like I am Jason has it in mind that you will use this website to sort of dump all of your credentials all of your login URL set of things like your Twitter handle your Facebook group your.
YouTube channel and so on you can post a video on there and you can post an image and it's going to be a very simple way to keep updated all of the the bits and pieces that you're you're kind of content creation network has to it. The reason it's got to do with WordPress has that Jason Shula launched many many many years ago a company called press 75.
He was one of the first theme shops and. Had incredible success at the beginning because as he says in his article, he simply built the themes and people bought them. Now, of course, that's not the case. WordPress has become much more competitive. And so he moved away from that in 2014. But this whole entire website is built upon WordPress.
It's all custom code except for one plug-in which he's used. It's quite interesting the way that you log in you there is no mechanism of. To signing up for an account you simply click a button enter your email address and it sends you a token, which you log in from your email and then next time you wish to log in the same process.
So obviously if your email address Got Hijacked this would this would be slightly catastrophic but I suppose a reset password link would do exactly the same thing, but it's really interesting. So. Have a look at it. You can't see WordPress anywhere at all and you are interacting and creating content seamlessly in a WordPress environment, but you wouldn't know that it was WordPress.
Anyway, if you are a content creator, this might be a place that you want to go and post all of your your social networks stuff. Right. Let's move on to the plug-in section. Now, the first piece of news that we've got is over on the toolset website entitled toolset and divvy for issues. Well, it turns out that with the recent release of divvy for the toolset views plug-in no longer works.
The reason is because the Divi Builder is modifying the post in the loop variable and this basically breaks its compatibility with views from toolset. So they say that. In touch with the Divi team to see exactly why they've done this therefore seeing that it will probably throw up problems with other plugins as well.
But if you are using Divi and you've got toolset their advising, well, the guys at toolset are advising stay on div III for now until this problem is resolved. It was about 6 months ago. Now that Google release their beta version of the WordPress plugin. They were calling it the site kit WordPress plugin this of course allows you to install in your WP admin dashboard.
The suite of Google products. So for example, you have access to Google search console console Google analytics page speed insights and AdSense. Well, it's now out of beta it's on version 1.0 their advising that you look at this probably once a week to get a meaningful data from it there also advising.
Probably it's really for a professional on what they mean by that I think is if you're handing this over to clients, there may be a certain disconnect, you know, they would need to understand the data that they're looking at but it should be ready to go. It's completely free to install and really I see you going forward to this will be the kind of plug-in that makes a lot of people's.
Cot for the the initial things that they put in a website from now on so maybe go and get this on some of your client websites, especially if they've got care plans because everything will be all in their WordPress admin area. Just want to give a little shout-out to Chris use from WP mint. He's a very valued member of the wp bills Facebook group and the community at large.
He's producing article this week entitled WP user front-end Pro review and it's a very. Very exhaustive long-form. Look at the plug in my understanding is that it's still available on appsumo. So you may want to go and check it out there. But yeah, just a hat tip to Chris and his enormously impressive reviewing of plugins skills.
So yeah, if you want to go and check that out. I've got a link in the show notes. This next one is completely new to me and quite interesting. It's called keypress DNS manager. I could have actually put this in the deal section because they've got a lifetime deal on at the moment for $199. Anyway, this is a plug-in you require an Amazon Route 53 or.
Cloud DNS subscription essentially and then you'll be able to handle all of your clients DNS records from inside the wp-admin now, I'm not entirely sure personally how Amazon Route 53 or Cloud DNS works this. Has there's a part of me which kind of worries about putting the DNS inside WordPress, but presumably the Amazon Route 53 and Cloud DNS solution will take care of those problems.
And then you can automate it also that the point being that you'll no longer have to make those horrible phone calls when certain parts of your infrastructure or. Whatever it might be or something that your client changes on the DNS side of things. Maybe they change registrar or something like that.
You can now do it all from the WordPress. Admin. There are some screenshots. It'll take about 4 seconds to read this article those of you who are using WP Ultimo. Apparently it completely automate the whole process of setting WP Ultimo up so that might be a perfectly good reason to go and check it out.
But yeah, this is key press DNS manager. Next one is about wpm. You devs Defender plug in the article is entitled how to add security headers plus more new Defender features. Defender has reached version 2.2 and the standouts from this release our HTTP security headers the prevention of user enumeration and the ability to block the WordPress.
Rest API. So quite a long article and it talks about the the new feature, too. Prevent security headers from being misused their the options are X content type option headers feature policy headers, refer a policy headers strict Transport Security headers X frame options and xss. Protection header as well.
They're also going to be adding as I said the ability to block the WordPress rest API and they're going to block the ability for people to just do a Brute Force attack whilst enumerating users. So the example being they could wreak redirect query author equals 1/2 author forward slash user name /m and they're going to prevent that from happening.
So yeah some nice options. They're basically. Point-and-click Solutions, you just tick boxes to enable those things and in most cases. I can't see why you wouldn't wish to do that. A little while ago. I themes introduced something called ithemes security Pros password lets login. Well, they've got an article saying that they've made some amendments to this so that you can now use woocommerce Easy Digital downloads and lift.
Our LMS. The idea of the password lets login is that it would allow you to require users to use strong passwords and two-factor Authentication. Without them ever needing to enter a password or an extra thent occation code. Well, if you go into the settings area now and click on password, let's login.
You've got some tick boxes where you can enable woocommerce lift LMS and Easy Digital downloads. So it's just another way. If you're using those plugins your users rather than having to use username and passwords can use this system. It does strike me as an interesting one. I think you'd have to educate your users for this to become useful, but.
Nevertheless they had now have this capability for those three popular plugins? I run WP Tavern this week. We have an article by Justin tughlaq entitled automatic image, alt Tags and More with image SEO. So there's a new plug-in called the image SEO plugin. It actually connects your WordPress website with a paid for SAS solution.
So it reminds me a little bit of something like WP compress or something like that, which allows you to kind of. Compress your images on the cloud and then re-upload them to your server. This has a sort of different purpose though in that. It uses a i to try and figure out what's in your images and then provide the alt tags and so on and so forth.
So in other words the SEO. Tags that that you might want to do just in makes the point that in some cases it was it was very accurate and in some cases it wasn't and by that I mean is it literally looks at the image. So if you upload a picture of a cat in a bucket, for example, the idea is that it would come back and.
Pre-fill in your alt tags and so on with this is a picture of a cat a gray cat in a blue bucket or something like that which which is fine. Now in many situations somebody like me, I'm completely control of the website and I do that stuff myself and you probably have taught your clients to do the same.
But maybe this would be something that's very useful for big teams where that's sort of the combined SEO strategy. Somehow gets lost in the mix and some people adhere to it and some people don't at the moment. He says it's fairly accurate. It's not entirely accurate for example shows a picture of two people at the end of a dark Corridor and it just says very dark water, which is not what it is at all, but I can forgive it for thinking.
That it is that because the tiles do look a bit like ripples on the water. Anyway, interesting idea kind of feels like the first iteration of something like this and maybe something that will get more and more accurate over time. Guess it depends how much you value your SEO whether you wish to pay the SAS subscription fee.
Each week. We do a whole bunch of deals, but I've just for this purposes of this week and probably in the weeks up-and-coming this stick this section might be a little bit longer because of Black Friday coming up but it's significantly shorter this week because I'm just going to point you at one URL.
It's WP builds.com /black. I didn't mention it earlier and over there. We've got a bug several surprisingly large amount of deals for Halloween. I don't remember Halloween being this big of a thing. It seems that all the plug-in and theme developers have sort of jumped on it the deals at this time tend to last only for a few days.
So go to WP builds.com /black. There's a yellow button at the top and you can use it to search and filter. There's all sorts on their they will largely have disappeared by the first of November, but from that sorry not the first there's many that go on to about the third or the fourth or the fifth of November.
But from that point, you'll probably get cleaned out that page and I'll start adding in the Black Friday deals as and when they come so, yeah. WP belts.com forward slash black. All right. Let's go to our security section. I often say that we don't deal with security in any great depth simply because there isn't the time in a in a general new section like this, but I will mention that if you're a chrome user, please please please go and get your browser updated.
There is a zero-day vulnerability the current version you should be looking for is seventy eight point zero point three nine. Oh 4.87. On a Mac. I don't know how it works on a PC. But on a Mac, it kind of automatically updates itself. But if that doesn't work on a PC, you just go into the about Google Chrome menu and check for the latest update and uninstall it.
I apparently the in the Facebook group that WP builds Facebook group. Some people were saying that it doesn't work in that way on Windows and you have to do it yourself. So go and check that out. Because it's a zero-day vulnerability and because of the fact that Chrome is installed in literally billions of machines throughout the world.
Google are keeping fairly tight lipped about this. They're not giving the technical details away, but they said that there's two issues are now use after free of vulnerabilities and these kind of vulnerabilities allow memory corruption and if that corruption. It's successful. They can modify data in memory.
And thereby. They can do things like allow themselves to escalate in privilege which could affect the system or you know, the whole OS so really go and update your install of chrome right away. Also if you're using give David, Give WP to take donations there have been multiple issues this week on authenticated plug-in settings change authenticated plugins settings change in proper validation of untrusted data in headers used to retrieve the users IP address.
So get those checked out also quite interestingly on the main WP website this week. We had an article entitled quick way to remove broken link Checker plugin from your child sites. I'm a I'm a user of main WP but usually I use. Primarily to update plugins. I've never really used it to uninstall or deactivate but with main WP and no doubt with other similar Solutions like managed WP you can you can isolate things like particular plugin by search by name you can then disable it and then you can then delete it of course and that's exactly what I did this week using banged up.
P I had this installed on two or three sites and there has been a vulnerability a couple of weeks ago so I use main WP to bulk on install it and bulk delete it to other summations of the WordPress security news this week over on the web arcsight. We've got the the vulnerability round up for October 2019 and I things do something very similar only theirs is not for the whole month.
It's for the latter two weeks. So the part 2 October round. And they're both very nice summations because you can scroll through quickly. Look at the iconography and very quickly determine. I recognize these plugins. So for example, there has been a plug-in vulnerability in Groundhog. There's been a plug-in vulnerability in open redirect in Bridge theme and so on and so forth and you can just see it very very quickly.
So go and use either of those they both seem to do a very similar job. They blatantly self-promotional WP build bit. We always mention what we've been doing during the week and this week. We released a podcast article entitled riding a jolly long way for the WordPress Community with Dan maybe and Carol Olinger and this was me talking about Dan's and carols and my.
Bike ride which were going to be doing in May next year from Berlin all the way to Porto in Portugal. We're starting at the estriol hotel, which was the location of wordcamp Europe in 2019, and we're riding 3,000 kilometers to the location for the wordcamp Europe 2020. Porto in Portugal and it's all about why we're doing it how we're trying to raise money and encouraging you to donate if you feel that way inclined what the project entails and it's a lot more than you might imagine.
So go and listen to that episode. The last section is always non WordPress, but useful anyway, and this week we start with a a complete rival to Wordpress. It's called ghost and they've arrived at ghost 3.0. It's a sort of stripped down. And as as of this moment a much less widely installed kind of blogging platform.
It's called ghost and it's reached 3.0. I confess I've never used. The website looks very impressive allows you to create websites in the same way that that WordPress doesn't you know, it's always nice to go and check these things out if you're a web developer, so maybe have a look at the update to ghost 3.0.
TechCrunch this week have an article entitled the slow death of flash continues as Google begins to remove it from search. Now, we know for the longest time that flash has been unusable. Should we say you shouldn't really be building anything in Flash. Hopefully you haven't discovered anything using flash over the last.
Several years but there's still a lot of content out there and still a lot of content which is being indexed by Google. Well no more by the end of this year. They're going to remove any reference to content held in a Flash container. So for example, if you have a game or a video description or anything like that inside of flash Google's crawlers will skip it.
It won't affect the rest of your site. If you've got other content wrapped around your flash content. Well, that's going to be fine. But it's time to move on time to make sure that the flash is no more. It was it was fun while it lasted but it's time for Google to do this and we can all we can all forget about Flash.
I've run the Bruce schneier.com website, which is entitled schneier on security. We learn that nor the VPN was breached. Now, it's breached quite a while ago. It would appear that a good length of time has gone 19 months apparently since they were discussed since the breach happened and it's only just been disclosed.
We don't know exactly what this means. But if you are a Nord VPN user. Maybe this is something that you really need to check out depending on what it is that you're doing whilst you are cloaked under your VPN. But yeah a breach has occurred. They're based in Panama. Apparently in Bruce goes on to say what do we really know about Panama and their their their auspices to trust them and so on.
But anyway, it has been breached and maybe this is a story that you should be following if you're an odd VPN. Perhaps you've heard of the dot new domains. So for example, if you go to Doc dot new or sheet doc new you instead of reaching a website. It's actually kind of like a command to launch a new Google doc or a new Google sheet based upon the currently logged in user.
So Google who owns all of this has decided that going to start selling it off two major players in the in the. In the text space. So for example, they're getting on people like bitly and stripe and so on and Microsoft Word, so for example in the future, you'll be able to type in not just doc dot new be able to type in word in you and if you do that, you'll get a new word document if you type in playlist.
Dalton you will be able to get a new Spotify playlist strikes me as really like a really interesting area canva dot new we'll get you a new design in canva reservation dot new we'll get you a new reservation in the Open Table application link dot new. We'll get you a new bitly link API new will get you a node.js API endpoint.
Coded arm you will get you a new code of sheet music dot new will get you created a personal song artwork for OVO soundless that's quite obscure and repoed on you will get you a new GitHub repo. I mean, I cannot see me ever using any of these but interesting nevertheless. I think it might be the very first time I've linked to a Wikipedia article.
This is a link entitled see privacy regulation European Union. It's been updated a whole variety of times but you know, the E privacy regulation of the epr is something that if you are in any way shape or form, well, I'll quote the scope of the Privacy regulation. Fly to any business that provides any form of online communication services using online tracking Technologies or engages in electronic direct marketing raise your hand at just about anybody listening to this podcast.
I would imagine and this is the proposal which will become law at some point. But the there's a whole load of things that we need to be thinking about. But possibly the most interesting one is in the future. There's going to be simple rules for cookies. It says I quote the cookie provision which has resulted in an overload of consent request for internet users will be streamlined.
The new rule will be more user-friendly as browser settings will provide for an easy way to accept or refuse tracking cookies and other identifiers and it goes on so, this is quite interesting it will obviously in the future be something that will be handled on the browser level. And it's being enshrined in European law.
The last piece of news I got for you. This week is on TechCrunch. It's entitled Google brings in Burt to improve its search results. And there's a nice picture of Bert and Ernie from Sesame Street. Well Google obviously the big market share in search has updated its algorithms and now they are well SEO people take a take a sit down.
It's going to affect one in ten results so that. Ten percent of all searches in the u.s. In English to begin with will will go through a whole new processing system a neural network technique, which is entitled but it's an acronym and it stands for bi-directional encoder representations from Transformers.
Nice and easy to remember let's go for BERT. Shall we and they say that it's going to be really good for longer query. So more conversational query. So for example things like can I get medicine from this Pharmacy things like that will work better. So obviously Google is trying to make the results more friendly and.
And you know with their with their home devices the idea is that you can talk to it and ask it directs questions. And so they're now going to be putting this stuff into their search results pages. So like I said SEO people you need to be you need to be stocking up on the coffee. I would imagine and staying up and figuring out how this affects you righty.
Ho that's all the news I've got for you this week. I hope you found it useful. Let us know on WP Builds.com forward slash contact if you did or if you didn't I suppose. The WP Builds news was brought to you today by Kinsta. Kinsta takes managed WordPress hosting to the next level powered by the Google Cloud platform. Your site is secured like Fort Knox and runs on speed obsessive architecture you get access to the latest software and developer tools such as PHP 7 SSH and staging environments and the best part their expert team of Wordpress Engineers are available 24/7 if you need help you can migrate today for free at Kinsta.com.
And the page builder Cloud if you want to dramatically speed up your WordPress website workflow, then checkout page builder Cloud. It's securely saves all your templates to your own cloud. You can then reuse them with any other website in seconds page builder Cloud works with Elementor Brizy Beaver Builder Gutenberg and many more.
But it's not just for page Builders. You can save your contact forms ACF layouts and so on get a free trial today at Page Builder cloud.com, and we thank both of those companies for helping put on the WP Buildspodcast. Okay, join us next Thursday for the podcast which we release every Thursday come back next Monday when we will be doing the live news.
Well the regular news and we'll be doing the live news at 2 p.m. Every Monday as well where myself and some some WordPress has will be going on a Facebook and YouTube live. You can access that at WP WP Builds /live, and I hope to see some of you there. Okay. Bye. Bye for now.