Summary of discussions
What’s Been Happening in the WordPress World Last Month
- Emails can be easily faked, never trust them. All secure information will be within your account on the relevant platform, always go directly to that website without clicking on any links. Email deliverability is also not great on many systems, a good analogy provided was that email is like writing a letter and throwing it out of the window and hoping it gets there. Sometimes it does, sometimes it get lots in the post. For business use, if you want things to work, use Microsoft Exchange or Google Business Emails and here’s why, https://www.contradodigital.com/really-simple-guide-business-email-addresses/, https://gsuite.google.com/pricing.html
- Over 4 million websites using CloudFlare may have been compromised and may have revealed usernames and passwords for user accounts on those websites. A full list can be found here if interested, https://github.com/pirate/sites-using-cloudflare, most importantly, it’s good password practice to use a unique password for every service, use a long pass phrase (i.e. the quick brown fox jumped over the lazy dog on 01-02-2017!@20:20) – This password is crazy strong now and is virtually impossible to crack. Better yet, use a password manager and make sure your main password is super strong.
- Amazon Web Services had a bit outage recently which may have impacted you. AWS can be a great option to scale computing power as needed if you have the skills to set this up as needed, it’s rather challenging if you aren’t very technical, https://aws.amazon.com/
- To view the latest WordCamp schedules see here, https://central.wordcamp.org/schedule/
- Google Manufacturer Centre has opened to everyone to self sign up, https://adwords.googleblog.com/2017/02/google-manufacturer-center-opens-self.html – It’s important to see where this is all heading with a technology/marketing aspect
- Something always worth reiterating is that whenever you are doing planned maintenance on your website, make sure your website is showing a 503 error to Google as this will avoid losing search rankings if Google indexes your website when it isn’t there. Full information can be found here, https://webmasters.googleblog.com/2017/02/closing-down-for-day.html
- Google is experimenting with using machine learning to include more swear words in online conversations to become more real, https://blog.google/topics/machine-learning/when-computers-learn-swear-using-machine-learning-better-online-conversations/
- WooCommerce now powers over 42% of ecommerce stores which is awesome, https://automattic.com/year-in-review-2016/
- WordPress has been ranked as the fastest growing Content Management System (CMS) in 2016, https://w3techs.com/blog/entry/web_technologies_of_the_year_2016
- Let’s Encrypt, the free certificate authority has passed 20 million installs, https://letsencrypt.org/2017/01/06/le-2016-in-review.html. If you aren’t using an SSL certificate, you need to be, see here for guides on how to set this up yourself, https://www.contradodigital.com/2016/09/01/claim-your-free-ssl-certificates-for-https/ and with more than 50% of website traffic now running over HTTPS, you can’t afford to wait around to migrate, https://twitter.com/letsencrypt/status/786977436109934592
- Using Accelerated Mobile Pages plugin for WordPress and the AMP Analytics plugin for WordPress are a super simple way to speed up your website and win some brownie points from Google, https://www.contradodigital.com/2016/05/09/wordpress-accelerated-mobile-pages-amp-speed-test/ and since Google has updated AMP to allow sharing of the Canonical URL this shows the importance of getting this set up, https://wptavern.com/google-updates-amp-to-allow-sharing-of-canonical-url
- WP Super Cache has patched multiple XSS vulnerabilities, https://wptavern.com/wp-super-cache-1-4-9-patches-multiple-xss-vulnerabilities, so as always, make sure you’re keeping all your WordPress Core files, Themes and Plugins up to date, https://wptavern.com/wp-super-cache-1-4-9-patches-multiple-xss-vulnerabilities. On a similar vein, NextGEN Gallery also patched a critical SQL Injection vulnerability which could allow attackers to delete the entire database, https://wptavern.com/nextgen-gallery-patches-critical-sql-injection-vulnerability
- Google Search Console (aka. Google Webmaster Tools) has started to inform website owners when their WordPress websites are out of date, https://www.contradodigital.com/2017/02/09/google-search-console-informing-webmasters-about-wordpress-security-updates/, it’s important to not rely on this though as there are many vulnerabilities that could be present that Google would not make you aware of.
- Over 200,000 websites have been impacted by the latest REST API vulnerability https://wptavern.com/wordpress-rest-api-vulnerability-exploits-continue, so update your WordPress core to the latest version to avoid your website being next
- Make sure to sign up to the BeeWUG newsletter on this page so you can keep up to date with what is happening.
Following on from the handy session to collate a list of recommended quality Themes and Plugins, here is the starting point of discussions, https://beewug.uk/resources/recommended-wordpress-plugins-themes/
The next meetup is on Wednesday 5th April, full details here, https://www.meetup.com/Blackburn-WordPress-Meetup/events/238093976/