This article provides a nice overview and history of SSL certs and what Let's Encrypt brings to the table. It is nice to see Let's Encrypt doing so well.
Though WordPress is increasingly bulletproof out of the box, security is a topic that never really goes away for users. It’s not just the platform itself that you have to worry about, there’s also a much wider world out there full of potentially bad actors with a vested interest in breaking down your digital door. SSL certificates solve one part of that puzzle and have been a rock-solid way of keeping the connection between your website and the average user secure since 1996. Cost and implementation concerns, however, have long stood in the way of their widespread deployment.
In this piece, we’ll cover the recent unveiling of the Let’s Encrypt initiative, its promise of free and easily implementable SSL certificates for all, and how it looks set to radically change the online security landscape. Let’s kick things off with a bit of background.
What SSL Is And Why It’s Important
We’ll get some basics out of the way for those who might be coming at this for the first time. HTTP, the protocol we use to sling information around the web, is unencrypted by default. This means that data can potentially be intercepted and tampered with during its journey.
A quite interesting post from our own Josh Pollock about who owns what of WordPress.org
I don’t have a problem with paying for services with data. I use Gmail, knowing full well there is no way Google would provide me with such an amazing service if they didn’t use my data to create targeted ads. Similiarly, I use Facebook, Twitter, and other “free” services knowing that I am the product that these services offer to their customers. This is how I “pay” for these services. If they can’t sell ads, then they can’t make money and that, after all, is their objective.
Two WordPress plugins I use a lot, WordPress SEO by Yoast and Easy Digital Downloads, have an option for anonymous data tracking, and I always allow them to do so. I’m happier to be sending my usage data to them than I am to be sending it to Google — which I do without an option.
WordPress itself is a murkier business. I operate a few WordPress sites, all of which are regularly checking into the WordPress.org API, reporting usage stats, and getting update notifications. The ability to get plugin, theme, and core updates via WordPress.org is really convenient.
If installing and updating themes via the WordPress dashboard wasn’t so easy, WordPress wouldn’t be what it is today. I understand and appreciate this.
I wrote about WordPress plugin adoption. It's a thing! Check it out.
If you’re a plugin developer with multiple plugins in the repository, it can be hard to make sure they’re all up to date. If you aren’t regularly monitoring all of your plugins, you might get a notice like this: This plugin hasn’t been updated in over 2 years. It may no longer be maintained or supported and may have compatibility issues when used with more recent versions of WordPress
If a WordPress plugin isn’t updated regularly, it may be considered abandoned. Abandoned plugins can be a security threat and will eventually stop working as it loses compatibility.
Plugin abandonment can happen for multiple reasons:
The developer doesn’t have the time to work on it.
The developer is no longer interested in it.
Supporting a free plugin becomes difficult.
What is Plugin Adoption?
If you maintain a lot of plugins, it can hard to keep up with all of them. You may not be able to update on time or respond to support tickets, and ultimately your plugins go unmanaged and become abandoned.
After seeing a lot of abandoned plugins, the core team found a way to give them a second life. If you’re ready to let a plugin go to a new developer, use the tag “adopt-me,”
Freemius checkout looks like a super awesome way to sell WordPress plugins and themes. Check out Torque's coverage!
Freemius today announced Checkout, a new service to help developers sell WordPress products on any site by providing secure checkout, software licensing, and automatic updates. “We created Checkout to help fellow developers be able to do whatever they feel passionate about and make a living from that,” CEO and Founder of Freemius Vova Feldman told Torque.
You can register for Checkout for free clicking “Register for Beta.” You’ll subsequently be asked schedule a 15-minute demo, which according to Feldman will help ensure that each user has all the tools necessary to efficiently use Checkout.
When you have completed the demo, you will be able to go to the Freemius dashboard and start setting up your accounts. Checkout suggests prices but you can add any amount you want for Monthly, Annually, and Lifetime subscriptions. You can also select bulk pricing if you want to bundle your plugins or themes.
Once you’ve selected your pricing preferences, generate your checkout code snippet and add it to your website. You’ll get one code for the actual website and a dummy one that you can test to make sure everything is working the way you want it to.
Josh Pollock looks at the Guttenberg editor and asks about how meta boxes and other editor customizations are going to be handled. He did not get a very reassuring answer.
The new Gutenberg Editor, which is slated for inclusion in WordPress 5.0, aims to dramatically improve the editor experience in WordPress by adding easy-to-use, dynamic content blocks. While beautiful, and definitely something I could see myself creating content in, I worry about what the new editor could mean for the future of WordPress. WordPress as a Content Management System (CMS) originated as a blogging platform but has grown far beyond that, today dominating 28 percent of the entire internet. In a post sharing his first experience with the Gutenberg Editor, Chris Lema asks an important question: “Didn’t we want to tell the world that WordPress was more than just for bloggers?”
I use WordPress mainly for ecommerce these days, and most of the WordPress users I speak to use WordPress for their business site or as a way to build a unique application function by cobbling together plugins and a little bit of custom code. More often, they are building a site like this for a client.
I thought that’s what WordPress had become. I thought it has become a complex, highly customizable CMS. The Gutenberg project isn’t halting this progress necessarily, but it
Roy Sivan discusses why he got interested in BackPress and why it could be the future of WordPress. I've been lurking in all the BackPress chatter and moderating discussion here and there and I'll say that there's real merit to the idea. Worth reading and following for sure.
This year at WordCamp Miami I had the pleasure of meeting John James Jacoby, or JJJ. Many of you may know him as the man behind BuddyPress, but I got to know him for another, older project, that he used to be involved with, BackPress. The more I learned about BackPress, the more I became intrigued. That’s when JJJ and I started talking about the revival of the BackPress project.
The BackPress Back Story
BackPress started its life as the foundational library of WordPress. It was more or less the wp-includes directory, which granted access to all of the php functions that everyone knows and loves in WordPress code, without the WordPress ecosystem.
No quick, five minute install. No easy-to-use CMS dashboard. Just a library of code. Unfortunately the project died out—and without anyone to maintain it and few pieces of code ever making its way back into WordPress, it was forgotten.
How I Got Interested and Involved
In early 2013, I started to learn AngularJS, and I immediately wanted to connect it to WordPress. I managed to get my first theme up and running using my own crude API.
That year, Ryan McCue introduced the WP-API project… and I was hooked.
About one year later I started to realize
Josh Pollock talks about the Fields API, why WordPress needs it, and gives an example of its use.
Many people, including myself, have talked extensively about an API-driven future of WordPress. In the first article I wrote for Torque on the REST API, I reiterated what WordPress lead developer Andrew Nacin told the audience at WordCamp Milwaukee in 2014: the best projects for contributors to become a part of if they wanted to be a part of the future of WordPress were the REST API and what was then called the metadata project.
Part of the REST API is now in core, and the metadata project, now known as the Fields API project, has made great
Very interesting thoughts on the freemium model in the WordPress ecosystem by Josh Pollock, the founder of the rapidly growing Caldera Forms plugin.
Two years ago, I started a WordPress plugin company. I thought if we made cool stuff people would like it, and therefore buy them and we’d have a bunch of money. I was a bit naive, to say the least. This was my first time selling anything online besides my development services. However, our first month only brought in about $350, which was not exactly what I was expecting. It shouldn’t have shocked me because I wasn’t focusing on what problem my plugin could solve for people. I also didn’t know that Caldera Forms, not our Pods add-on would become our flagship product.
This was a problem because Caldera Forms was not the centerpiece of a freemium business. It was a really cool plugin with a ton of potential. Now it’s a really cool plugin that a lot of people love, but most of those people don’t need the paid add-ons for payments or list building.
It’s a great plugin for contact forms, and it’s awesome people use it for free. But putting a free plugin out there “for the good of the community” and hoping to cash in on it later isn’t a plan that is likely to lead to a sustainable business. Without cash-flow to support a plugin,
Not sure the value or the metric for determining the "best plugin of 2016" but this looks like a lot of fun.
WordPressers, get ready. On March 1, we’re launching Torque’s 2016 Plugin Madness, where the first 64 most popular WordPress plugins from the official plugin directory compete against each other for total plugin domination! Modeled after the NCAA college basketball tournament March Madness, we use a bracket-based voting system to pit plugins against one another each week. Head on over to pluginmadness.com to see which plugins are competing and check in weekly to vote on the current round.
We randomly placed the 64 plugins into four groups — The Pressers, The Wordees, The Extenders, and The Installers (watch our selection video below).
Starting March 1, you can go to pluginmadness.com to vote on which plugins will make it to the next round:
March 1: The Enchanting 64 (Round 1)
March 8: The Thrilling 32 (Round 2)
March 15: The Supreme 16 (Round 3)
March 22: The Exceptional 8 (Round 4)
March 29: The Phenomenal 4 (Semi-finals)
April 5: Championship
April 12: Winner Announced
You will have a full week to vote on your favorite plugins in each round.
Plugin bragging rights isn’t all that’s at stake. When you vote, tell the world and you could win a sweet Torque Magazine swag pack that will
About the evolvement of WordPress from a blogging tool to an independent application platform, and the huge benefits of going SaaS with your next WP plugin or theme.
The cloud concept has evolved dramatically in the last decade, and it has opened new gateways for businesses. The rapidly diversifying world of SaaS (software as a service) solutions illustrate the value of cloud technology. In fact, according to Forbes, “cloud-based business application services revenue forecasts the market growing from $13.5B in 2011 to $32.8B in 2016, attaining a 19.5 percent CAGR.”
WordPress, which currently powers more than 27 percent of the entire internet, combined with the SaaS application model, opens up an entire world of opportunity.
Using a SaaS Model for a WordPress Product
Because WordPress is open source, developers are continually working to make it better. It’s hard to believe that a simple blogging tool has emerged as an independent application platform. Using SaaS with WordPress is not a new concept. People have already tested the model with custom post types, themes, frameworks, and more.
A lot of plugins can be difficult for beginners to learn how to use. If developers opt for a SaaS solution, the onboarding process becomes easier and users of all skill levels will have a better understanding of the features offered by the plugin.
Maintenance Service industry is maturing pretty well. I thought about curating what I think are most dependable WP businesses in this space.
If you are running an online WordPress business then hiring a maintenance service agency is always a wise move. Because you cannot manage everything by yourself, these companies help you run a smooth business by focusing on what matters. If your site goes unmaintained, you may face problems like security breaches, slow page load, reduced search engine ranking, and if there is no backup — you could lose it all. Over the years, a decent number of WordPress maintenance service providers have emerged which aim to look after your website to lessen both your hassle and time spent on managing an online property.
I am going to share a few good maintenance service providers in the WordPress industry. You’ll learn about the services they offer and why you should consider hiring them.
Ingredients of a WordPress Site Maintenance
Website maintenance plays a crucial role in protecting your site from a variety of potential problems. Several site owners don’t consider maintenance as a necessity. Instead, they let it go unnoticed.
Remember — WordPress is free, managing it is not. Since you control your self-hosted site, it’s your responsibility to manage, maintain, backup,
Great write up by Josh Pollock on the decision making of using Freemius and how it enables him to focus on his product and users.
I think it’s important for WordPress companies to seek advice from those outside of the WordPress economy. While WordPress users have experience in the subject matter, an outsider’s perspective brings fresh insight. It’s one of the many reasons I participate in my local startup culture in Tallahassee. With the exception of hosting, it’s often challenging to explain your WordPress product business. This is in part because people might not see WordPress.org as an avenue to sales since it is not a marketplace. WordPress.org, however, is a great user-acquisition and delivery channel for freemium plugins and themes. Free plugin and add-ons or limited API access have worked really well for WooCommerce, Akismet, WordPress SEO by Yoast, and many other successful product companies.
But, what may seem a little off to people is that freemium plugin and theme developers are forced by the restrictions that come with distributing via WordPress.org to know very little about their users. For example, right now, I not only have very little sense of how my plugin is being used, but I don’t have a way of knowing which plugins it’s most often used with or what version of PHP and WordPress it’s being used
The REST API opens up a range of interesting new revenue routes for WordPress developers. Here's our guide to four of them.
With the WordPress REST API still staggering towards the finishing line, now is a great time to dust off the crystal ball and consider how developers might actually go about making money through its commercial use in the future. The next few years promises to bring a flood of new talent into the WordPress ecosystem, cementing the platform’s place as the dominant publishing platform online. We’re still in the early days of this next stage, but it’s already obvious that a much wider world of opportunity is potentially opening up to skilled developers.
In this piece, we’ll whet your appetite for what’s to come with a look at four exciting new revenue opportunities opened up by the REST API. All of them are still relatively unexplored and have outstanding profit potential for many years to come.
1. Creation of Niche-Specific Software as a Service Solutions
With the right mix of specific themes and plugins, WordPress has more than proven its value as a niche-specific solution over the years, and blogging is far from the only niche being served. From real estate to restaurant sites, hundreds of thousands of small businesses across the globe are already tailoring
Josh shows off cool applications of Blockchain Technology. It's a question of how, not when. Ready for the next tech leap?
Bitcoin — the first decentralized currency — has been around for over eight years now. In the past, I was dismissive of it and other cryptocurrencies. The fact that cryptocurrency like Bitcoin has the potential to radically reform banking is not lost on me but is way outside of the scope of this article. Yes, that’s exciting to me. No, I don’t think crypto is a magical cure for what is wrong with global capitalism, but that’s really not the point here.
When I started looking into things further, and I’m super excited about the technology behind Bitcoin, blockchain.
What Is A Blockchain?
My conceptual misunderstanding of Bitcoin when I first became aware of it, was I thought of coins as being awarded for doing computation. Yes, that is is how Bitcoin works, coins are distributed amongst those providing processing power to verify transactions. It’s a smart way to incentivize adding the computational resources the system needs.
While the coins are created through “mining” they can be exchanged for Dollars, Euros or other traditional currencies. This gives them value and an incentive to convert old currency into Bitcoin.
W00t W00t! A leaderboard of the top open-source frameworks for WordPress plugin & theme developers.
After the plugins review team made a statement disallowing frameworks in the repository last March, Co-founder of Freemius Vova Feldman decided to find them a new home. With help from Luca Fracassi from Addendio, Feldman and his team created IncludeWP, a hub to display all open-source frameworks for WordPress. IncludeWP uses the WordPress.org APIs and SVN to automatically identify which .org frameworks plugins and themes are using, which empowers developers to see who exactly is using their product. Moreover, it also enables them to start a new product with a strong foundation. The work behind the project is all open-source and can be found on GitHub.
As Feldman said in the release “Code reusability is awesome!” That is the whole idea behind the project. Sharing code is the foundation of WordPress.
Having foundations for a theme or plugin already available will make your workload smaller. It doesn’t make sense to continue to rewrite the same functionality over and over, so check with IncludeWP before you begin to see if there’s a framework that suits your needs.
How To Pick The Right Framework
In the release, Feldman included tips for making sure
W3Techs today released its list of 'Web Technologies of the Year' and once again WordPress earned the spot as the CMS of the year.
W3Techs today released its list of ‘Web Technologies of the Year 2016,’ and once again, for the seventh consecutive year, WordPress earned the spot as the CMS of the year. WordPress is accompanied by other leading web technologies, like Google Analytics, Ubuntu, Amazon, and CloudFlare, on the list of web technologies of the year. The list is determined by the largest increase in usage in the last year, in which W3Techs “compared the number of sites using a technology on January 1st, 2016 with the corresponding number on January 1st, 2017.” WordPress has more than doubled since it first won CMS of the year in 2010, demonstrating its unstoppable growth and dynamic ability to power digital experiences as a full-service application.
At the start of 2016, WordPress was used by 25.6 percent of all websites and by the end was used by 27.3 percent — experiencing a 1.7 percent growth. For perspective, this is more than eight times the increase of the second place CMS, Shopify, which experienced a .2 percent increase over the year.
WordPress’s user-friendliness and extensibility make it the leading choice for small and enterprise sites alike. In fact, a whopping
Vagrant is a system for creating local web servers in portable, highly-configurable virtual machines on Linux, Windows, and Mac. Though there are lots of ways to create a local testing environment for WordPress development, Vagrant is one of the most powerful and configurable options.
Vagrant is a system for creating local web servers in portable, highly-configurable virtual machines on Linux, Windows, and Mac. Though there are lots of ways to create a local testing environment for WordPress development, Vagrant is one of the most powerful and configurable options. In this article, I’ll introduce Vagrant, and I will walk you through setting up VVV, a popular WordPress vagrant setup.
The real advantage of Vagrant is that it’s totally customizable. This means you can emulate your production environment in your local development environment. When done right, this means no surprises when you go live.
Developing with the same technologies as you use on the live server can save you from running into bugs on your live site, which never happened locally since the situation that caused them doesn’t exist locally. For example, how can you know that your site has no problems with NGINX if your local web server is powered by apache? Or, how can you be sure your code is compatible with PHP 5.2 or 5.3, which many hosts still use, if you only tested it in the latest version of PHP?
What is Vagrant?
The heart of Vagrant is the vagrant file, which contains a recipe for creating and
A refresher or good info for newer developers on design patterns and architectures in PHP plus some WordPress common patterns.
Software development is about repeating yourself intelligently by using functions to encapsulate repetitve code, saving you the hassle of writing it out each time. This doesn’t just mean finding a repeatable pattern and going with it, it’s important to find the right pattern. That is where PHP design patterns come into play. While we often think of this in terms of choosing to write a function or class, or to import a library, this approach also extends to application architecture. The architecture of a framework, CMS, plugin, theme, class, or system is often described as conforming to a pattern.
Being aware of the classic software PHP design patterns and architectures as well as common patterns employed in WordPress can be very instrumental in helping us write better code.
Event Driven Vs. Model View Controller
WordPress uses an event-driven architecture, in which there are hooks in the core software and plugins and themes that act as events. When WordPress encounters a hook, it executes all code “hooked” to that event.
This loosely conforms to the publisher/subscriber pattern where WordPress or a plugin or theme “publishes” an event with apply_filters()
I feel like a Sass ambassador now. Again, if you're not using Sass — this post I wrote will help you kickstart it with NPM Scripts!
For any web developer, the word CSS is not something new. Despite the fact that CSS is an awesome programming/styling language, it comes with certain limitations which cannot be ignored. Thankfully, the CSS preprocessor languages like Syntactically Awesome Syle Sheets (Sass) and LESS have saved the day. In today’s post, I’m going to explain how you can use Sass with WordPress through NPM Scripts and provide you with an easy to use boilerplate. Let’s start with the basics.
What is Sass?
Sass is a CSS preprocessor language that helps developers write CSS in a better and more meaningful way. With Sass, you can integrate with features CSS does not support. These include basic math operators, mixins, nesting, variables, etc. Imagine using variables in CSS, for font-size, or theme colors. Sass makes that easy.
How Does Sass Works?
Being a preprocessor language, Sass performs a similar function like any such language would do. E.g. PHP preprocesses a script and generates an HTML output. So, Sass preprocesses .scss files and generates .css files as a result.
Now your CSS files can be rendered by any browser. This part remains the same while using Sass. However, the difference
This is the first, of many upcoming articles I'm writing on what changes in the planning and coding as well as the business/ client relationship when using WordPress to build an app. I'd love to know what questions everyone has that I can address as I go on, or if you have any thoughts on what's important to cover. - via Josh Pollock
At WordCamp Miami, which I attended recently, one of the most popular topics of discussion was leveraging WordPress to power mobile applications. At this point, I think everyone is an agreement that you can, in fact, use WordPress to power both web and mobile applications. Now it’s time to answer the questions “Should I use it?” and, if so, “how do I do it?” These questions don’t have one simple answer. In fact, they are highly contingent on the project, budget, requirements, and competencies of those involved.
Like every other type of project, how well you plan it is going to be one of the biggest determinants for whether or not your project will be successful. In this article, I will address the different questions that you need to answer during your planning; and then, in future articles, I’ll delve a bit deeper into them.
It’s important to note that these are only my opinions. Each project is different, and so you will have to answer these questions for yourself on a per-project basis.
Do You Know Why You’re Using WordPress To Build Your App?
Building web applications is very different than building WordPress sites, themes, or plugins, and, how you use it, may invalidate some of
The difficult 20% of a WordPress project is the customization necessary for getting the any plugin or theme to deliver on its promise. How intuitive that last 20% is, defines how “easy” or "hard" WordPress is perceived to be.
The 80/20 rule, also known as the Pareto Principle, states that “for many events, roughly 80% of the effects come from 20% of the causes.” The 80/20 rule is named after Italian economist Vilfredo Pareto, and was popularized as a business tool in the book Living the 80/20 Way, by Richard Koch. This is one of the most useful principles for finding the most important things to focus on in business marketing and development. Identifying the 20% of your efforts that have the biggest impacts is a fundamental step in maximizing your efficiency in any pursuit.
Most people with a freelance web development practice have likely come to understand that 20% of their clients generate 80% of their income. This percentage also holds true when it comes to the satisfaction and enjoyment that comes from doing the work—where 20% of clients are responsible for 80% of the overall satisfaction that freelancers get from their work.
Those who apply the 80/20 rule to their lives, eliminate the 80% of work (or clients) that don’t generate a return on investment. This allows them to focus on serving the best clients better—leading to better, more fulfilling (and more profitable) work.
This post features results from Kinsta's test with PHP 5.6, PHP 7, and HHVM. It also talks about other reasons, besides speed, to consider when deciding between PHP7 and HHVM.
As usual, there's a few nuggets of wisdom from Chris Lema. His 'hope is not a strategy' mantra shows up subtly. A short read well worth a couple of minutes.
Starting and growing a successful business requires focus, hard work, and a great deal of industry knowledge. Understanding how to select and appeal to a target market, increase efficiency, and grow revenue are just a few of the important facets that should be considered. To bridge this knowledge gap, hiring a third-party consultant to improve your company’s business strategy is a great option. For some strategic insight into business development we reached out to Chris Lema — CTO & Chief Strategist Crowdfavorite and speaker, coach, and daily blogger.
Q: How did you start?
A: From 1997 until 2006 I worked in five software startups in San Francisco. I loved startups and found myself, towards the end of that period, coaching a lot of other startups. Most of the time we were talking product strategy, team formation, and fundraising. But every one of them needed a website. Initially it would be some simple HTML, but over time I wanted to support them without supporting them. So I wanted a content management solution (CMS) that would let them edit their own site. And while I started with a product called DotNetNuke, I quickly found WordPress one weekend in 2005 and started using it. My first
Using AngularJS for your WordPress plugin's admin screen is awesome. This is known. Roy shows you how.
Before you begin, you must determine what it is you are administering on the site specifically. To keep this simple, let’s say your plugin creates a custom post type (CPT) that is hidden from the sidebar. This use case is simple — you have a CPT to store data,