A while ago we recognized that release testing our plugins was becoming a huge time suck and a horrible burden on our developers. As a consequence we decided to have a go at automating our acceptance tests with Codeception and Docker. Read the behind-the-scenes post.
Have you ever had the joy of carrying out acceptance tests? For our team at Delicious Brains, testing our releases, in the past, has been one of the most dreaded tasks on the to-do list. We hold our plugins to a high quality standard so it’s a must but manual tests are brain-numbingly tedious and can take hours of expensive developer time. Recently, we decided it was high-time to fix that.
Enter, me + my beginnings of automating the acceptance testing process.
Will it work? Will it save us from hours of brain-numbing manual tests? Will we be better off? Will it all be a fruitless effort?
Read on for more about how the automation of testing our plugins ahead of release is shaping up – including how we manually tested in the past and a look at some of the automated acceptance tests we’ve already implemented.
Be warned, this is not a tutorial! Acceptance testing can be quite a complex thing, so while I’ll show some code it is far from complete and primarily here to give you a taste of how we set things up.
What is Acceptance Testing?
So what the devil is acceptance testing and why do we do it?
For Delicious Brains, acceptance testing is the process of testing the
Wordfence reports that they are seeing a new type of WordPress attack. It encrypts your site files, tries to get you to pay a ransom, but cannot decrypt the files.
Great effort to clarify what WordPress is! Could be a good place to send users to in case they got confused about the .org / .com dilemma. :-)
The domain ending .com is not optional as it is usually—it is a key differentiator. Omitting “.com” when you mean to refer to WordPress.com is as inaccurate as omitting “wash” when you mean to refer to “car wash”. The two are not the same.
WordPress is a Free Software project
WordPress lives and grows on WordPress.org.
Thousands of volunteers contribute to its development, translation, community events, and many other aspects. The software itself is licensed under the GNU General Public License and comes with Four Freedoms.
WordPress is yours for the making
WordPress, the software, can be downloaded and customised.
You can download a .zip file from the home of WordPress, extract what is inside, install it on a web server, and make a website with it—free of charge. You will have to pay a fee to a third-party hosting provider of your choice for your own domain and server space. Your data is always yours.
WordPress is a trademark
The use of “WordPress”, the trademark, is overseen and protected by the WordPress Foundation.
No one is allowed to use the term “WordPress” for any commercial purposes without explicit permission
DreamHost is sharing here how they are dealing with a Search Warrant by Department of Justice about their hosted website disruptj20.org. They are working closely with legal counsel and also supported by the Electronic Frontier Foundation.
For the past several months, DreamHost has been working with the Department of Justice to comply with legal process, including a Search Warrant (PDF) seeking information about one of our customers’ websites. At the center of the requests is disruptj20.org, a website that organized participants of political protests against the current United States administration. While we have no insight into the affidavit for the search warrant (those records are sealed), the DOJ has recently asked DreamHost to provide all information available to us about this website, its owner, and, more importantly, its visitors.
DreamHost, like many online service providers, is approached by law enforcement regularly to provide information about customers who may be the subject of criminal investigations. These types of requests are not uncommon; our legal department reviews and scrutinizes each request and, when necessary, rejects and challenges vague or faulty orders.
You would be shocked to see just how many of these challenges we’re obligated to mount every year!
Chris Ghazarian, our General Counsel, has taken issue with this particular search warrant for being a highly untargeted
Many web hosts have WP-CLI installed. This post is a short tutorial by Tom McFarlin about how to prepare to use WP-CLI on your web host.
At this point, I think most people who develop solutions WordPress on a regular basis are familiar with using WP-CLI. Installing it locally on your system is one thing, using it on your host is another (but it’s all the same once you’re connected). Case in point: Lately, I’ve been spending a few evenings and times during the weekends working on this site and trying to get it ready for the upcoming redesign. Part of doing that includes using WP-CLI.
If you’re someone on SiteGround (or any host that support WP-CLI, really) and are looking for how to get started using WP-CLI on your host, here’s a quick primer that should provide you everything you need to know to get up and running.
Using WP-CLI on Your Host
Though the steps below are meant to be used whenever you’re looking to use WP-CLI on your host (and any host, at that), I should be clear that I assume the following:
The host has WP-CLI pre-installed. Most modern WordPress hosts do. Even if they don’t, it’s not difficult to install, but that’s beyond the scope of this post.
I assume that you’re familiar with SSH keys. If you’re not, that’s okay as I’m going
Rodrigo Escobar goes a good job showing off some techniques and provide in-depth technical knowledge on how to decode an advanced piece of malware.
When cleaning websites, one of the most complicated parts of our job is ensuring we find all backdoors. Most of the time, attackers inject code into different locations to increase the chances of reinfecting the site and maintaining access for as long as possible. Our research finds that in 67% of the websites we clean, there is at least one backdoor variant. Although we have hundreds of posts on backdoors and their effects, today we want to discuss a few techniques and provide in-depth technical knowledge on how to decode an advanced piece of malware.
This particular infection isn’t new but over the past few months, we have seen an increase in attacks against WordPress & Joomla using a related variant.
After compromising a website, attackers may inject backdoors, web shells, add bogus admin users, and more. A very common characteristic is that either one or more of the following techniques are employed to hide their code – encoding, encryption, and obfuscation.
In the following snippet, attackers added pretty much all three techniques. Let’s go step-by-step through the process of decoding it.
Simplifying the Code
When decoding, it’s very important
Even though this is not about WordPress, many WordPress website owners do ask if they should have a SSL certificate and there are many opinions. Hopefully this answers your question, at Neil Patel's expense. Definitely worth reading if you own a WordPress website and not sure if you should implement SSL or not.
As best I understand it, one of the most effective SEO things you can do is to repeat all the important words on your site down the bottom of the page. To save it from looking weird, you make the text the same colour as the background so people can't actually see it, but the search engines pick it up. Job done, profit! I think this is the way we did it in 1999. I don't know, I can't recall exactly, but I know I don't know and I'll happily admit to being consciously incompetent in the ways of SEO. But that's cool, I know the things I understand well and those I don't and when I get the latter wrong (and believe me, that happens regularly!) I'm happy to be told so.
Which brings me to SEO experts and psychics, neither of which I would imagine are particularly well-equipped to offer security advice. But I've seen a bit of a pattern lately which seems to fly in the face of this wisdom and it dawned on me yesterday when my friend and fellow Microsoft MVP pinged me:
When an SEO expert says you don't need an SSL certificate ... so you quote @troyhunt at him.
— Sonia Cuff (@Cuff_S) August 9, 2017
Naturally, I was curious and upon prompting, Sonia directed me over to a Facebook post by
Want to play blocks again? This is a nice tutorial by John Hughes who shows how to use the Gutenberg Boilerplate (written by Ahmad Awais) to get started making editor blocks.
In this article, we will introduce you to the Gutenberg project and its block-based approach, then discuss the Gutenberg Boilerplate project. Finally, we will teach you how to set up your first Hello World block in five steps. Let’s jump in!
An Introduction to WordPress’ New Gutenberg Blocks
is a project heavily supported by Matt Mullenweg, as the hopeful replacement for the current WordPress editor. The difference lies in how it treats content as blocks, rather than as a single long stream of content. At the time of this writing, the Gutenberg project is moving along
Seems like an oxymoron, but this is how to learn regex the easy way
What is Regular Expression?
Regular expression is a group of characters or symbols which is used to find a specific pattern from a text.
A regular expression is a pattern that is matched against a subject string from left to right. The word "Regular expression" is a mouthful, you will usually find the term abbreviated as "regex" or "regexp". Regular expression is used for replacing a text within a string, validating form, extract a substring from a string based upon a pattern match, and so much more.
Imagine you are writing an application and you want to set the rules for when a user chooses their username. We want to allow the username to contain letters, numbers, underscores and hyphens. We also want to limit the number of characters in username so it does not look ugly. We use the following regular expression to validate a username:
Above regular expression can accept the strings john_doe, jo-hn_doe and john12_as. It does not match Jo because that string contains uppercase letter and also it is too short.
Table of Contents
Negated character set
I've spent the last two years working as a "regular" freelancer and I recently made the transition to digital nomad so I thought it would be fun to compare my income between the two.
A little over a month ago (towards the end of June) I’d officially made my transition from full-time freelancer to digital nomad. Then, not too long after that (in early August) I found myself celebrating my second anniversary as a WordPress developer for Codeable. And that got me to thinking… Can digital nomads earn as much as “regular” freelancers?
I’m here today to try and help answer this question once and for all.
I’ve got real-world experience as both a freelancer and digital nomad, plus I’ve kept detailed income reports all along the way, so I figure it shouldn’t be too tough for me to help answer this question… Well, at least from the perspective of a WordPress developer.
So, first things first, let’s take a look at my income during my first full month as a digital nomad;
Next, let’s compare that income against the 23-months I spent freelancing at home;
^ One note about this data: From August 2015 through March 2016 I was not participating in any affiliate programs, hence why my passive income shows $0.00 for these months. So,
Short but sweet discussion on selling themes without a marketplace
I sold premium themes from my own site for several years, I highly recommend it over using a marketplace. It takes longer to build your brand, but you are in full control.
Go after a niche
If you are going to start a new shop I’d recommend going after a niche. The theme business is over saturated, and it’s hard to make money. It will be easier if you go after a niche (Photographers, Restaurants, eCommerce shops, etc.) because you will have less competition and more focus.
Start a blog
Start a blog and begin writing about your niche. For example, if you are going after Photography, write articles about how to create a Photography website, Photography themes and plugins, etc.
Create free or upsell themes
Creating free themes and distributing them on wp.org is a great way to get more people to know about you.
You can create free themes or upsell themes, either way it can drive traffic to your site and create more brand recognition.
I’d recommend creating a WordPress site and installing Easy Digital Downloads (free). You can use their software licensing add-on to allow automatic updates to your customers. WooCommerce does not work as well for selling themes and
Introducing the minimum MySQL version chart. Historical chart displaying the minimum MySQL version required to run each WordPress version.
Introducing the Minimum MySQL Version chart. Historical chart displaying the minimum MySQL version required to run each major WordPress version. Source
The official requirements are available on the “Requirements” page on WordPress.org. In addition, the required MySQL version is defined in the version.php file.
With the release of WordPress 2.0 in 2005, the minimum required versions set to MySQL 3.23.23. In 2007, when WordPress 2.1 was released, MySQL 3 was abandoned in favor of MySQL 4.0. At the end of 2009 with the release of WordPress 2.9 the minimum version was updated again to MySQL 4.1.2. The last update happened in 2011 when WordPress 3.2 abandoned MySQL 4.x in favor of MySQL 5.0.15.
The minimum required MySQL version was upgraded 4 times, each time 4 year apart (2005, 2007, 2009 and 2011). Just like the last PHP upgrade, the last MySQL minimum requirement upgrade was 6 years ago. The current minimum MySQL version has already reached EOL (End of Life) and it is no longer supported.
Have any insights? Share them in the comments area below.
I'm an entrepreneur, a web developer and a blogger. I’ve contributed code to each and every release since
A summary of where the advice is the same, and where it is different. In general, OWASP locks you down tighter than the WordPress recommendations.
We show you how to implement advice from the gold standards of WordPress Security: The WordPress Codex and OWASP. These best practices are the cornerstone of our tutorials and the service we give to our customers. The WordPress Codex is the online user manual published by the makers of WordPress. It really doesn’t get any more fundamental than this. The section on WordPress Security is here. OWASP – the Open Web Application Security Project – is similarly regarded for standards of internet security. They provide best practices for all types of web applications (including WordPress), as well as advice and training for security professionals. Their specific WordPress recommendations are here.
Besides being well-respected experts, these sources are trustworthy for another reason: they aren’t selling anything. It’s hard to trust people with advice that are also selling solutions. Their product does all the right things, the other products don’t, etc. That’s why we base our practice on independent advice.
Reading through those two pages can be a bit overwhelming. They have a lot of recommendations. What is not obvious is that most recommendations
Check out this interview with Charlie Livingston of aThemes; a freemium model WordPress theme shop since 2014. "Some people, no matter how good your free version is, will not be happy. Press on." -- Charlie
You can find Charlie on LinkedIn or Twitter. This is our recent interview with him, as part of our Kinsta Kingpin series. Q1: What is your background, & how did you first get involved with WordPress?
My background is in law, which I studied at university, and publishing, which I pursued as a career for a couple of years before deciding I wanted to do something else. That something else turned out to be wanting to do something entrepreneurial, though at the time I wasn’t sure exactly what. I had this idea that I could make money online and so I created a site with WordPress that was about the strategies I was using to try and win prizes on a penny auction site. The site became relatively popular but never really made any money (not until years later, and even then not much).
But what it did do is introduce me to WordPress. That with my non-technical background I was even able to make and edit a site at all kind of blew me away. I was using the Twenty Eleven theme and enjoyed hacking around with things like editing the header so I could add social sharing buttons to it, things like that. Doesn’t sound like much but it was a big deal to me.
I made a few more sites, none
Interesting article talking about problems with Contact Form plugins in WordPress. Points discussed are very valid and I found it a constructive discussion.
Contact Form is one of the first three plugins that you install besides Hello Dolly! You cannot think about a website that does not have any contact form at all. It would be a shame if the readers or users couldn’t contact the site owner or make some queries. Apart from that, contact forms have many benefits that make your site stand out in the crowd. There are tons of contact form plugins in the market both free and pro. However, it is quite hard to find the right one for your requirements. Thus, you may face many problems and cannot find proper solutions. You are not alone, there are thousands of people like you, who are not satisfied with the contact form plugins they are using.
Today, we are here to discuss the problems that you may face while using a contact form plugin for your WordPress site. Let’s find out then, what’s wrong with the contact form plugins on WordPress!
Problems with Contact Form Plugins
Too Simplistic with Less Features
There are many contact form plugins that do not have enough features to fulfill the requirements of the users. They may be popular and may have millions of download, but still, they rely on basic HTML format. This can be a great
One of the top design writers, Nick Babich, wrote an in-depth tutorial about mastering image design in Elementor. Great read for all levels
When users come to your page, they’ll have some kind of reaction. Whether it’s positive or negative, in large part, is determined by what they see. Since vision is the strongest human sense, images are one of the fastest ways to grab a user’s attention. Visual communication has the supreme power of directly connecting with a user in a flash: bold, graphic, and intentional imagery helps to engage the user.
In this article, we’ll walk you step-by-step through the process of adding, setting up and customizing images using 2 widgets available in Elementor: Image and Image Box. Also, in the final section, we’ll find out how to add a text overlay over the image.
For the purpose of this tutorial we’ll create a simple layout for a page which contains 5 images:
1 primary image (hero image) located at the top
3 secondary images with descriptions and links to the site’s section
1 marketing image with a text overlay
The purpose of this page is to tell a story about augmented & virtual reality and prepare viewers for the next steps. The wireframe for our page will look like this:
The top area of the page is dedicated to the main image. The main image
Like the last point. I am still not sure whether the problem is in finding the right theme or being able to customize the chosen theme.
I wasn't sure how to title this one. I went to the WordPress NYC "Help Desk" meet-up on Wednesday and learned a lot about things users of WordPress are struggling with. So I guess in some ways it is random thoughts on me learning more. The biggest thing people struggle with is themes they bought off Theme Forest. Most of them are hard to configure and include so many damn options that it's easy to screw up a site and get lost trying to fix it.
One of the worst parts of these themes is that when there is an issue, I can't just open up the source from everywhere in the world and trouble shoot. If they used themes from WordPress.org, I could help them.
The first question someone asked me about related to Gutenberg. People are paying attention to it. I don't know if this is a good or a bad thing.
I was referred to as a WordPress Celebrity and it was a bit off putting. The people that make and contribute to WordPress are just people. Some of us have the privilege of contributing to WordPress. Others have the privilege of maintaining WordPress. But both come from points of privilege as they require time, energy, and money (for a computer, internet access, etc.), but ultimately we
Had a great conversation with Josh Pollock about his legitimate concerns with Gutenberg. We covered all sides pretty well. There's definitely a need for clearer direction with the project. For the un-intiated this is a helpful starter into the complexities of what Gutenberg means for WordPress in general.
I love WordPress, and I think that the proposed “Gutenberg” editor for WordPress 5.0 is very cool, but like many, I have a lot of concerns with it. When I wrote a post for Torque in June ago, I was pretty critical of early beta. When I was working on the post I asked my friend Matt from Give to review the post and he disagreed. In our conversation, I kept saying, “I want to be wrong.” I want to be wrong about Gutenberg.
In my post for Torque, I said I was very worried about what the intent and design priorities of Gutenberg meant for the future of WordPress. I’ve had a lot of conversations about this that go to bad places and again, I want to be wrong. So, here are my top 5 ways I want to be proven wrong about Gutenberg.
I recently recorded a discussion about this with Matt, along with <a href=”https://twitter.com/kevinwhoffman”>Kevin
Great tutorial from Beka on moving WooCommerce orders between sites while keeping the order number the same between them.
"Within the WordPress community, there’s long been a notion that “more users on WordPress” is universally good. Until now, that’s been difficult to argue...WordPress.com’s Business Plan now feels like it’s oriented towards cannibalizing users from elsewhere within that ecosystem...which is objectively a step backwards for the WordPress community"
The Curious Conundrum of the new WordPress.com Business Plan Automattic updated its WordPress.com Business plan offering today to support custom plugins and themes, further obfuscating the difference between WordPress.com and WordPress.org for the casual user and cannibalizing both the upper- and lower-end of the managed WordPress hosting space in a single bound. Though the WordPress managed hosting space is already quite saturated, with names like Dreamhost and Bluehost at the bottom end, Pressable and WPEngine in the middle, Page.ly and Pantheon as you continue, and WordPress.com VIP at the top end, the WordPress.com Business Plan’s pricing structure serves to undermine many of these offerings. At less than $25 per month, it’s quite affordable, too.
Some Background: The WordPress.com Wall
WordPress.com has long been the easiest way to create a new WordPress site, particularly for non-technical users. A site with a `.wordpress.com` web address has always been free, and an offering very much in line with the needs of the typical personal blogger or small business (no ads, custom domain, modest customization via CSS) has always been available for less than $9 per month.
Short story on SaaS in WordPress, echoing recent WooCommerce moove.
SaaS (Software as a Service) solutions have been very popular for the past decade. Surprisingly, WordPress seemed to be relatively underpenetrated compared to the rest of the industry. However, the recent WooCommerce move to a straight renewal process might be the first sign of growing trend in the WordPress universe. It’s been more than a year since we founded and launched Weglot, a new SaaS plugin for multilingual in WordPress and I wanted to share some thoughts and views on this topic.
SaaS is a way of delivering applications via the cloud, as a service, paying a monthly or yearly fee for it. Users do not need to install and maintain software, they simply access it via the Internet. Instead of selling software as a good, it shifted to services, freeing users from implementing and maintaining it.
SaaS solutions are currently used in almost all business areas, (HR, Support, Accounting, CRM, Management, Financials, etc.). Famous examples include popular and successful solutions like Salesforce (CRM), Box (online workspace storage) or Zendesk (support).
If you’re looking at existing SaaS solutions in WordPress, you’ll mainly find them at each end of the chain
Sometimes i like a good backstory on a product, and Cory Miller provides an interesting behind the scenes.
Everything we do at iThemes has meaning (our mission is to Make People’s Lives Awesome), and often a deep meaning that many simply do not know. Some of the best stories we hold as a team are how we came to build and launch the products we have since 2008.
For instance, how we came about releasing our hit WordPress backup plugin, BackupBuddy (tl;dr: two servers crashes with no backups and of course Dustin Bolton), or our WordPress security plugin, iThemes Security (how I found Better WP Security and met Chris Wiegman), or our WordPress theme framework iThemes Builder (you guys wanted unlimited page layout options and so Chris Jean built it for you).
But there are many more. And they are very special stories to us and to me … because in this grand experiment called iThemes, as we’ve continued to innovate by simply solving problems for you, there is so much more going on behind the scenes.… because in this grand experiment called iThemes, as we’ve continued to innovate by simply solving problems for you, there is so much more going on behind the scenes.
So I wanted to take a moment and share a recent meaningful story publicly … about our newest product
Copycats turned the early success of Primož Cigler's WordPress business into a liability. Read how he's rebounded by changing his strategy — and even his role.
Hello! What's your background, and what are you working on? Hi, my name is Primož Cigler.
My co-founder Jaka Šmid and I run ProteusThemes, a theme shop for niche, local business WordPress themes. Our clients are people who build and maintain WordPress-based websites for small- to medium-sized businesses.
Today, ProteusThemes is making around $16,000 per month, but it has been a chaotic roller coaster for the last 4 years. We were hitting over $40,000 per month as early as 2013, but changes in the industry pushed us back to where we are today.
Nevertheless, the foundations are now stronger than they were when we experienced those revenue highs.
What motivated you to get started with ProteusThemes?
ProteusThemes goes back to August 2012. I was just about to enter my last year of study of astrophysics, so I had some spare time, and I was ready to start a new side project.
I've always been a better engineer than a designer, so I emailed Jaka (whom I met on a local webmaster forum) requesting that we join forces to create a WordPress theme and sell it as a digital product. He was interested. I still occasionally look at that email with lots of joy and nostalgia. We were students with
The Managed WordPress ecosystem now includes Automattic and Tony Perez talks about how this effect the hosting scene.
The Managed WordPress ecosystem welcomes a new entrant – Automattic. Today they officially announced that WordPress.com Business now supports plugins and third-party themes. I am fascinated by the move because of what I believe to be the obvious impacts to the Managed WordPress ecosystem. In the interest of full disclosure, I work in the security division for one of the largest Managed WordPress hosts – GoDaddy – via my affiliation with Sucuri.
The Implications are Gravest to Hosts
If you’re anyone but a host, the impacts will likely revolve around “confusion” when speaking to the difference between .com and .org, but that’s an issue that’s been around for years. This move only compounds the problem.
One interesting observation from my buddy Scott is that it introduces a new channel (i.e., new opportunity) for plugin and theme developers. That’s actually a very astute observation, and while the specifics of how it’d work are unclear I would wager that there is some truth to that sentiment.
The biggest impacts however are likely to be towards those hosting companies that have invested resources (both people and dollars) into