WP Builds Weekly WordPress News #113 – Gutenberg here to stay, Genesis Pro and lots of security news

WP Builds Weekly WordPress News #113 – Gutenberg here to stay, Genesis Pro and lots of security news

This weeks WordPress news – Covering The Week Commencing 4th May 2020:

WordPress Core

The Future of WordPress: The Block Editor Is Here to Stay

Community

First group of #WCEU speakers – Business

Premium WordPress hosting for everyone, small or large

WP Engine Launches Genesis Pro Add-On for Customers, More Features in the Works

Find My Blocks Plugin Shows All Blocks in Use on a WordPress Site

Plugins / Themes / Blocks

Novashare – new sharing plugin from Brian Jackson

AB Split Test plugin - the fastest way to create split tests in WordPress

Toolset Blocks 1.2 is Live – Masonry, Collage, YouTube and More!

Jetpack 8.5 Adds New Podcast Player Block

ACF Blocks Provides Assortment of Blocks Built from Advanced Custom Fields Pro

Ultimate Dashboard – Admin Pages

PowerPack – Introducing WooCommerce My Account Module & Powerful Features

Deals from this week

Get the WP Builds Deals emails delivered to your inbox!
and
The WP Builds Deals Page

Security

GoDaddy Confirms Data Breach: What Customers Need To Know

Elementor Pro Security Vulnerability Discovered and Fixed With New Version
and
Combined Attack on Elementor Pro and Ultimate Addons for Elementor Puts 1 Million Sites at Risk

Nearly a Million WP Sites Targeted in Large-Scale Attacks

World Password Day 2020: Let’s Increase Your Password Security

WordPress Vulnerability News, May 2020

WP Builds

178 – Hosting clients v’s not hosting clients

AB Split Test, a new WordPress plugin to create Split Tests in a couple of minutes

Jobs

Nothing for you this week…

Not WordPress, but useful anyway…

Like Google Chrome’s dark mode? Good news: it’s about to get even darker

Nathan writes posts and creates audio about WordPress on WP Builds. He can also be found in the WP Builds Facebook group.

The WP Builds podcast is sponsored this week by…

Kinsta

and

AB Split Test – The fastest way to create Split Tests in WordPress

and

The WP Builds Deals Page

We thanks them for their support of WP Builds.

Transcript (if available)

These transcripts are created using software, so apologies if there are errors in them.

Read Full Transcript

Nathan Wrigley: [00:00:00] Hello there. Good morning and welcome to this, the WP Builds weekly WordPress news. This is number 113 it covers the WordPress news for the week, commencing the 4th of May, 2020 and it was published on Monday the 11th of May, 2020 my name's Nathan Wrigley and a few little bits of housekeeping, which I normally perform at the beginning as usual, head over to WP Builds.com that's where we keep all of our.
Content. It's mostly to do with WordPress, but we've got a podcast which comes out on a Thursday, and we've got this news, which comes out as you're listening on a Monday. And we also have the WP bills weekly WordPress live news, which is at 2:00 PM UK time, either in our Facebook group or over@wpbuilds.com forward slash live.
You can keep up to date with all of that by going to WP Builds.com forward slash subscribe. That page allows you to sign up to a newsletter so that we can keep you updated, not just about our content, but about deals as and when we hear about them over on the internet. If a deal comes up on a WordPress product, I tend to write an email about it to the people on that list.
There's also options on there to join us on your favorite podcast player. Join our Facebook group of over two and a half thousand. WordPress's is very polite and very nice indeed, and there's some other links on that page as well to keep you up to date. Another page would be WP Builds.com forward slash deals.
I keep saying this, but it's a bit like black Friday, but every day of the week, permanent coupon codes, discounts on notable WordPress products and services. So you can go over there and find, for example, 20% off this, 30% off that, and it may be you never know at this time. You want to look into that to see if there's something there that you want, searchable, filterable, all that good stuff.
WP belts.com forward slash advertise if you would like to have your product or service put in front of a WordPress specific audience. A bit like these guys have done. The WP Builds podcast is brought to you today by Kinsta. Are you tired of unreliable or slow hosting? If so, check out. Kinsta who takes managed WordPress hosting to the next level, powered by the Google cloud platform.
All their plans include PHP seven SSH and 24 seven expert support. Try a demo today for free. 60 days. You get at Kinsta dot com and AB split test. Want to set up your AB split test in record time, like in a couple of minutes. Use your existing pages and test anything against anything else. Buttons, images, headers, rows.
As I said, anything. And the best part is that it works with element or Beaver builder and the WordPress block editor. Go check it out at absplittest.com and we do thank our sponsors for helping us to put on the WP Builds weekly WordPress news. Speaking of which shall we get on with it. Our news are split up into different sections and the first section, WordPress core, we have only one piece for you this week.
It's just in Tadlock on WordPress Tavern writing a piece called the future of WordPress. The block editor is here to stay and in it, Justin is sort of saying to everybody, look, can we all just. Get used to the fact that the block editor is here, like it or not, it's going to be here. It's quite an exciting prospect and I'm using it.
I think he's probably received a little bit of pushback from people. Well, he says as much at the beginning, people who are saying, can we please on the WordPress town stopped writing about the block editor and he's saying, yeah. Well, no, they're here to stay. Blocks are actually quite a lot of fun. There's a lot of interest.
Companies are getting acquired, people are making all sorts of interesting block creations. The future looks very bright, and to be Frank, he just loves them. He says he's not been as excited about WordPress as he has been about the block editor and what it's going to do in the future. He speaks about a personal story about somebody that he knows who was finding WordPress almost impossible, and then it suddenly became a whole lot easier.
So. Anyway, looks like if you wish to continue reading the word press, WordPress Tavern, you are going to have to listen to Justin talking about Brock blocks and I say Bravo. It is indeed the future. It is what is in core and like it or not, you know, it's what we're going to be looking at in the future. Oh, our next section is entitled community, and I've got a few things for you.
The first one is over on the 20 twenty.europe.wordcamp.org website. And it's to say that the first solu of speakers for the virtual version of word camp Europe, which is happening later this year, have been announced. They're being announced slowly over the next few days, and the first tranche are speaking under the business category.
The purpose of me mentioning this really is just so that you can go and have a look. By the time that you listen to this, I'm sure that more speakers will have been announced. I think probably it will be a few each day on the different categories, but if you are intending to go, um, I don't know if the tickets, the virtual tickets have sold out.
I know they had a hard limit on that, but you can see some of the people who are going to be speaking to you. The next one is over on the WordPress Tavern, and it's really quite an interesting one. The Genesis framework, which has been around for such a long time and enormously popular. It was obviously acquired a little while ago by WP engine and the WordPress Tavern.
Under the auspices of Justin Tatlock writes, WP engine launches, Genesis pro add on for customers more features in the works. So yes, they have indeed launched something new for Genesis, and it does feel like it's been quite a quite a while since we've had a, an exciting new Genesis feature. I could be wrong, but that's my impression at least anyway.
But now if you are a WP engine user, you'll be able to subscribe to this additional service. Which is going to be $30 per month, or $360 per year. You can use Genesis pro on limited number of sites. Now, the intention is that at some point, that will become a standalone service, so you'll be able to subscribe to it and use it without the WP engine's hosting environment.
But they just decided to go with this to begin with because they knew how they could tackle the payments and they knew how they could roll it out and see what people in their own community wanted. There's a lovely little video, which explains what Genesis pro is, but. Just in very nicely sort of lays out the features for us.
There are included, there is a block library, which includes 17 custom blocks, things like testimonials and pricings. There are page layouts, 22 full layouts for product portfolio team and other pages, content sections, 38 customizable content sections. There's also interestingly a permission system, so on a block by block.
Basis. You can allow certain different user roles to have the capability of getting into that block and fiddling with it. So that could be really interesting. If you're working with a team and for example, you only want admins to be able to, to alter some aspect of the site, which is contained within a block.
And also there's the ability to customize things. It says users can create and share custom sections and layouts with content creators. So this does look really interesting. Interestingly, part of the video talks about. The the Genesis page builder, I noticed that came up on the screen at some point. So the kind of rebranding Gothenburg as the sort of Genesis page builder, I, I, again, I could have got that wrong, but it feels like that's the way it's going anyway, but it looks really wonderful.
If you're a Genesis hardcore user and you're on WP engine, then this is a. Something you should certainly be looking at, and if you're off WP engine, but like Genesis, it looks like maybe you'll have to wait a few more months. There's also a hint of a new project called project X, which is separate from the Genesis pro project, and just in talks about that, the idea is that it's going to help site creators easily managed global styles across their sites, customize and manage blocks as well as other capabilities.
So keep your ears to the ground about Genesis. Looks like exciting times. I feel like this next one could easily have come under the plugins, themes and blocks section, perhaps later on in the news. But anyway, I've put it into the community section. Um, it's WP Tavern again, but this time Sarah Gooding writing find my blocks plugin shows all blocks and use on a WordPress site.
And I just think this is going to be super useful. Again, we seem to be dominated by talking about blocks. So maybe Justin is already vindicated in the article that we mentioned earlier. But, um, it's purpose, this little plugin, it's purpose is just to show you in a nice little UI, which blocks you're actually using on your website.
And at the moment, perhaps that's trivial, easy for you to do. Maybe you're only using certain array of blocks, maybe the pre-installed ones that come with WordPress core. But maybe you've installed some third party ones as well. And it could be that you wish to get rid of some of those. Maybe you feel that there's a bit of bloating your database and you want to lighten the load on your WordPress site, but you can't.
For the life of you remember which blocks you've actually deployed. So that's the purpose of this plugin. It shows you what you've got going on, where they are and so on and so forth. And I just think it's, it's really useful. So if you feel your blocks are already getting cluttered and there's too much going on, maybe this plugin will help you and you can find the ones that you're not using.
Maybe just remove them. Right. Let's move squarely into the plugins, themes, and blocks section of the podcast today, and let's begin with Nova share, which is a brand new plugin that I'd not heard of before. And the reason for that is it is literally brand new. It came across my radar because of Brian Jackson, who formally was of Kinsta, and he's now pursuing his own.
Projects. Well, this is one of them. I think he's doing it in collaboration with some others. And you've been here before, you've gone to a blog post and you've noticed that there's the option to share it on Twitter, Instagram, Facebook, and so on and so forth. And you've thought to yourself, wow, I bet the plugin did that.
Well, this is what Nova share is for. It's about putting all of those different social sharing options right. Into handy places. You know, you might want them floating on the left on a desktop and hovering at the bottom of the viewport on a mobile phone. Well, it does all of that and they're making the point that they want this to be as fast as possible.
So they're saying a fast and lightweight social sharing plugin that won't slow down your site. Nova share was developed from the ground up with performance focused approach to increase your shares. And so there you go. It is brand new. Maybe you have a need for this. You could check it out. And you think for tool set users over on the tool set.com websites.
We have a who's been on the podcast a number of times, says he has a new image blocks, slider and gallery with grid masonry and collage. And it's exactly that. If you're a toolset user, you now have two blocks as I've just described, which allow you to display images in a beautiful way. A gallery. Which supports image grids and masonry and collage and a slider, and it's a very, very quick read.
It shows you what the UI looks like and basically it's using the sort of block editor you point click and get things all sorted out in a matter of moments under, yeah, it looks really nice. So displaying images on your tool set website should now be trivially easy and you should be able to put them in all sorts of different configurations just by clicking on a few buttons.
Nice. I wonder if this time of lockdown throughout the world has increased people's desire to listen to podcasts and also possibly make them, and if you are into making podcasts, you might be interested to know are Sarah Gooding tells us on WordPress Tavern that Jetpack 8.5 has added a new. Podcast player block intriguing stuff.
This is, so you can now configure this block. It's very simple. You enter the podcast RSS feed URL, and it automatically brings in the cover art and recent episode. So it's exactly what you'd expect. There's a whole different range of options. So for example, you can show the number of things in the RSS feed, so 12 episodes, 10 episodes, whatever you like.
You can set a primary color for its secondary color, that kind of thing, in order to tweak it and make it look a little bit more like your brand. But it is interesting that jet pack have decided that this was worth doing. Podcasting, I think is becoming a bit more of a bit more of a thing. Obviously if you're listening to this, you know all about that, and so they've decided the guys at Jetpack that that's what they're going to do.
They're going to throw this block in the mix. It also says that there are significant improvements to the new search feature, which is powered by elastic search, and it provides better indexing and a simpler onboarding experience as well. So jet pack uses, if you are using Jetpack. You can now show your podcasts.
A couple of weeks ago we mentioned a project called ACF blocks and how it was using the block editor to configure displays from your ACF data and it seems that it's had a bit of an update money. Kemal, the developer has gone over to version 2.0 and just in Tagalog on WP Tavern writes, ACF blocks provides assortment of blocks built from advanced custom fields pro.
He does. Make the point that it is coupled heavily with ACF. And so if you're an advanced custom fields pro user, then this is certainly a value. But if not, then, then it probably isn't because there doesn't seem to be any indication in the future. It will be decoupled and you can use a different way of creating those custom fields.
But it looks like a really promising project. Um, the guy, the developer, as I said, money. Put together a video. It's about three minutes long where he shows you what's possible. And Justin demonstrates the useful assortment of blocks. So for example, there's like a grid layout of images. He's showing things like the opera, the possibility to do a testimonials block, and then he goes on to list the.
18 blocks are included. So I'll just mention a few. There's a toggle block and accordion block, a photo collage block, testimonial block, and many, many more. 18 as I said in total, and quite honestly, if it was a very simple WordPress website that you were trying to throw together and you're familiar with ACF and you just want something to.
Get out the door really quickly. A nice brochure site with a few custom fields integrated into it. This could be a really quick way of throwing that site together. You know, it may even rival your page builder of choice currently experience, but only one way to find out. Go and look at the article, see what you think.
Justin's mentioned a few things that he thinks could be improved. So for example, he talks about the fact that the mat. The margin on things is, is reset to zero by default, which could push content literally to the edge of the viewport, which might be problematic, but he does seem to be inspired. That money is going to be updating things regularly and he seems to quite like it.
Yeah. A friend of the podcast, David Von Greece, who has a plugin called ultimate dashboard, which enables you to use the plugin to customize the way your WordPress admin looks. He's got a bit of an update this week and he's added the ability for you to add in admin pages. So he says he hadn't been. Pages feature allows you to create top level and sub-menu pages and add those to the WordPress.
App admin menu. So essentially if you log in, you'll be able to have a little page and it will be listed within the structure on the left hand side bar. So you know, it could be squeezed between pages and posts, that kind of thing. You have the ability to do all of this in the free edition. You can create top level pages, create sub pages, create admin pages using the block editor, remove the page title, margins, remove admin notices and whole slew of other things.
And all of that can be done for free. The interface is something that you're going to have to get used to. If you, if you don't do HTML, then you'll need to get the pro version because the pro version has the capability to use your page builder to do this. Otherwise, you're going to be looking at doing that with HTML and CSS.
But if you get the pro version, then you can use Beaver builder or element or, and you also have the ability to restrict admin pages to a specific user or a specific role. So yeah, really nice update, David. Congratulations. Well done. Speaking of Beaver builder, I'm sure many of you will have used Powerpack, which is an add on pack for Beaver builder.
While they had an update on the 6th of May, and it's entitled introducing a WooCommerce and my account module and powerful features. And so if you have got power pack, you can now. Really, really go to town on the way you would like your my account section of your WooCommerce sites too, to look. You could customize all the colors and change it around and make the buttons look this way or that way.
There's a short little video that you can check out to give you a real demo, but essentially everything that you need to do is listed. In this article, you can, for example, um, enabled or disabled tabs on the front end position and align options for tabs, highlight tabs, which are active easily extensive styling options and so on and so forth.
And there's some links to some documentation as well. So this is really nice. If you're using WooCommerce and you, you want that my accounts section of your website to be really, really colorful and different than this is the way to go. Very nice indeed. The next section is all about deals. And I mentioned at the top of the show that we have our deals email.
There's a link in the show notes that you can click onto and it will send you over to the form where you can subscribe to that deal list. And basically if I hear about a deal, I'll send out an email. I don't send them out too often and they are, they are. Fairly short and sweet, and the title lets you know straight away whether it's worth opening or not.
And of course, WP belts.com forward slash deals lists a whole bunch of WordPress specific deals just for WP Builds listeners. And then on top of that, this week, I've got a load of things, most of which are just repeats from the previous week. So it's things like WP resets. You can get that for like $49 give WP 40% off.
There's a thing called public. Which allows you to post to social channels. That's a lifetime deal. If so, looks interesting. Allows you to, with a WordPress plugin, serve up some dynamic content. So for example, if somebody comes from Facebook, show them something. If somebody comes from YouTube sucks, show them something else.
Deposit photos, royalty free images. There's a email list checker called the checker. 20% off lifter LMS, 20% of funnel packs as a whole bunch of other stuff as well. Maybe just go browse quickly through the links in the show notes and see if any of that meets your interest. This week. We touch fairly lightly each week on security, but we'll maybe do a little bit extra couple of minutes extra this week because there does seem to be so much in terms of security this week, and the first one is over on the forbes.com website.
I think I've linked to this before. Go daddy confirms data breach what customers need to know. Um, apparently 19 million customers are using GoDaddy and they're hosting 77 million domains, or at least they're managing 77 million of them. And there appears to have been some sort of suspicious activity in October last year where it would appear the SSH.
Keys were, were lost or in some way compromised because there was somebody logging in. They do make the point that it is only effective while only only affecting the actual websites themselves. So it's not a breach in terms of your personal account data. So one hopes that things like your credit card information, um, has not been taken.
But nevertheless, if you are a go daddy user, I would get yourself over there right away and start to figure out exactly what's going on. They are going to provide a free security service to those affected. Um, and that hopefully has been rolled out already and they've issued a formal statement clarifying the number of accounts impacted by this breach.
One would hope that if this had in fact happened to you, you would have heard about it. Allegedly, there was something in the region of about 28,000 customers, uh, for, for whom this was a problem. So go down to users, go check your emails ASAP. Some security news now regarding element or pro, the guys at element or have an article entitled security vulnerability solved on version 2.9 0.4 if you have a element or, and you've got the pro version and for reasons so.
For example, you've got a membership site and you needed to check the box in the settings area marked. Anyone can register. Then there is an issue in which it was possible to upload via element or icon. Um, upload zip file option. It was possible to inject a file which would cause problems. Now what they've said is they.
Issued a patch. This has now been fixed, and really what you need to do is to go into your element or setting, first of all, if not needed, certainly on tick, the only one can register option. It might all work. It might also be apropos to go and see if there are any costs on custom icon folders and look for any PHP files such as things like index dot PHP in.
Quirky places and so on and so forth. And obviously if it's creating strange users, which I think was the point of this, then go and see if there's any users in there that you don't know about that ought to be deleted. Change your password. Um, perhaps even think about looking at backups. So that was element or which has now been solved.
Go and update your element or, and also over at Wordfence, they described the exact same problem, but they also talk about ultimate ad-ons for elemental. You also, this week had a problem, um, with this problem, which has now been fixed in version 1.2 4.2, um, on, it says that attackers were able to create subscriber level users even if registration is disabled on a WordPress site.
So, yeah. Maybe go and check those out because having those two problems sort of attacking the, the same plugin, really time to update those. Uh, the next one is to say that nearly a million WP sites have recently been targeted with some large scale attacks. This is over on the word. Wordfence website. It says, our threat intelligence team has been tracking a sudden uptick in attacks targeting cross site scripting, X S S vulnerabilities, which began on the 28th of April and increased over the next few days, approximately 30 times the normal volume that we see.
So just be safe out there if you've got any. Any capability of locking things down or you haven't got any WordPress websites that have been backed up or in some way protected maybe with this giant increase, then maybe, you know, take that into hand. Another one I've got over for you on the ITMs website.
Word world password day 2020 let's increase your password security. Now this has a bit of a no brainer. This one for anybody who is like you, presumably some kind of work. Press professional. If you're listening to this podcast, I imagine that you are, but this is just one of those things. It might be a really good article to put in front of your users in because it explains why it is that you need to protect your WordPress website with a strong password.
What does a strong password look like? How can you ensure that it's strong? What kind of length is suitable? What characters should you throw in it, and what are good ways to kind of store these passwords? So that's good. And for your. For your users probably more than for you. And the last one I've got for you this week is the usual kind of summation of what's happened in the previous month.
These are done very often and this time I'm linking to the web box one right at the top. We've got the ones I've just mentioned, ultimate add on for element or the element or pro one. And then there's other ones listed as well. I like these articles cause you can just straight scroll right past and see the CD icon for Ninja.
Forms and think, Oh, hang on, I've got an Ninja forms website. Let me go and have a look at that and don't recognize that plugin. Never heard of that one. Okay. And so on and so forth. So there we go. That's the security bit for this week. They blatantly self-promotional. WP Builds bit two pieces for you this week.
The first one is to say that David Wamsley and I had a debate about hosting whether or not you should host your clients or not stay away from it or get involved in it. Is it profitable? Or is it just a bit of a headache that you don't want to get involved with? It was a really interesting debate. It threw up a lot of interesting things in terms of what's profitable, what's not profitable, what the headaches can be if you decide to go down the route of hosting.
Um, you know, we obviously have to take a position and we took, we take country positions and just sort of argue it. It's very polite, but some unexpected things were thrown up. So that was nice. And you probably have your own opinions and you'll probably be shouting at us as we, as we tell you what it is that we think and yeah, go check out that episode.
The next one is all about a new plugin. I did mention it previously because they are, have become a sponsor. It's the AB split test plugin, and I did a kind of live webinar. It went into the WP built Facebook group with Tom carless. Um, and he shows you how you can use this plugin to rapidly deploy a B split test within your WordPress website.
It uses a page builder. That page builder could be element or. It could be BeaverBuilder or it could be the block editor Guttenberg and it takes seconds to set your tests up and get them going. You essentially find some part of a page that you wish to test, duplicate it, modify one little box and click save and you're done.
And it will start to gather some data and hopefully very soon tell you which one is converting better. But you can find out all about it by watching the video that we did earlier this week. For obvious reasons. Jobs are a little bit thin on the ground at this current time, so I don't have any jobs for you this week, so we'll move right along to the very, very important non WordPress, but useful.
Anyway, section, and I've got two things for you this week. The first one, I don't really know how to frame this one, but it's all about. Dark mode, Google's Chrome dark mode. Apparently it's going to get even darker, and we're talking here about an Android device. Tech radar have an article entitled like Google Chrome's dark mode, good news.
It's about to get even darker. And so they've changed the capabilities, making it easy to toggle between the usual crisp white interface, and some. Some say it's easier on the eyes. I have to say I've enabled dark mode, and the reason I'm linking to this article is exactly this. I, I really liked dark mode, but I'm kind of finding the experience, especially in email.
I'm using Gmail on my Android phone, and the experience of using email is pretty dreadful. An awful lot of things that aren't specifically colored go dark and, and then the text. Them itself is dark. So you've got a dark background with a dark font and makes it almost unreadable. So that's really why I'm mentioning this.
I'd just be interested in the comments to see if, if you like dark matter. I know some people absolutely despise it. It's really quite useful at night, I think. And there's obviously a lot of people trying to use their phones at night and not disturb people nearby and so on. So yeah, just just, I'm linking to it for that reason.
Just I would like to know whether you'd like dark mode or not. Righty ho. That's all I've got for you this week. I hope that you enjoyed that. Please let me know in the comments. So you'd send me an email. Use WP Builds dot com forward slash contact. Fill out the contact form. Is it too long? Am I talking too much?
Maybe it's not long enough. Maybe I should be doing other things instead making different sections and so on. I'd love to know. Please reach out. The WP Builds weekly. WordPress news is brought to you today by Kinsta. Kinsta takes managed WordPress hosting to the next level, powered by the Google cloud platform.
Your site is secured like Fort Knox, and it runs on speed, obsessive architecture. You get access to the latest software and developer tools such as PHP seven SSH and staging environments, and the best part, their expert team of WordPress engineers are available 24 seven if you need help, you can try a free demo for 60 days at Kinsta dot com.
And AB split test. Do you want to set up your AB split tests in record time while the new AB split test plugin for WordPress will have you up and running in a couple of minutes? Use your existing pages and test anything against anything else. Buttons, images, headers, rows, anything. It works with elemental Beaver builder and the WordPress, a blog editor.
You can check it out@absplittest.com. And we thank our sponsors for helping us to put on the WP Builds weekly WordPress news. Okay. We'll be live at 2:00 PM UK time on Monday the 11th of May. I'm joined by some notable WordPress guests, if I'm not mistaken, it's going to be Barbara Saul, Vito Peleg and Paul Lacey.
So join us for that app. WP Builds.com forward slash live or in the WP Builds Facebook group. Bye bye for now.

RECOMMENDED STUFF

These are affiliate links and the small amount of income we derive from affiliate income allows us to pay the bills and keep the lights on