This article provides a nice overview and history of SSL certs and what Let's Encrypt brings to the table. It is nice to see Let's Encrypt doing so well.
Though WordPress is increasingly bulletproof out of the box, security is a topic that never really goes away for users. It’s not just the platform itself that you have to worry about, there’s also a much wider world out there full of potentially bad actors with a vested interest in breaking down your digital door. SSL certificates solve one part of that puzzle and have been a rock-solid way of keeping the connection between your website and the average user secure since 1996. Cost and implementation concerns, however, have long stood in the way of their widespread deployment.
In this piece, we’ll cover the recent unveiling of the Let’s Encrypt initiative, its promise of free and easily implementable SSL certificates for all, and how it looks set to radically change the online security landscape. Let’s kick things off with a bit of background.
What SSL Is And Why It’s Important
We’ll get some basics out of the way for those who might be coming at this for the first time. HTTP, the protocol we use to sling information around the web, is unencrypted by default. This means that data can potentially be intercepted and tampered with during its journey.
A quite interesting post from our own Josh Pollock about who owns what of WordPress.org
I don’t have a problem with paying for services with data. I use Gmail, knowing full well there is no way Google would provide me with such an amazing service if they didn’t use my data to create targeted ads. Similiarly, I use Facebook, Twitter, and other “free” services knowing that I am the product that these services offer to their customers. This is how I “pay” for these services. If they can’t sell ads, then they can’t make money and that, after all, is their objective.
Two WordPress plugins I use a lot, WordPress SEO by Yoast and Easy Digital Downloads, have an option for anonymous data tracking, and I always allow them to do so. I’m happier to be sending my usage data to them than I am to be sending it to Google — which I do without an option.
WordPress itself is a murkier business. I operate a few WordPress sites, all of which are regularly checking into the WordPress.org API, reporting usage stats, and getting update notifications. The ability to get plugin, theme, and core updates via WordPress.org is really convenient.
If installing and updating themes via the WordPress dashboard wasn’t so easy, WordPress wouldn’t be what it is today. I understand and appreciate this.
Freemius checkout looks like a super awesome way to sell WordPress plugins and themes. Check out Torque's coverage!
Freemius today announced Checkout, a new service to help developers sell WordPress products on any site by providing secure checkout, software licensing, and automatic updates. “We created Checkout to help fellow developers be able to do whatever they feel passionate about and make a living from that,” CEO and Founder of Freemius Vova Feldman told Torque.
You can register for Checkout for free clicking “Register for Beta.” You’ll subsequently be asked schedule a 15-minute demo, which according to Feldman will help ensure that each user has all the tools necessary to efficiently use Checkout.
When you have completed the demo, you will be able to go to the Freemius dashboard and start setting up your accounts. Checkout suggests prices but you can add any amount you want for Monthly, Annually, and Lifetime subscriptions. You can also select bulk pricing if you want to bundle your plugins or themes.
Once you’ve selected your pricing preferences, generate your checkout code snippet and add it to your website. You’ll get one code for the actual website and a dummy one that you can test to make sure everything is working the way you want it to.
Roy Sivan discusses why he got interested in BackPress and why it could be the future of WordPress. I've been lurking in all the BackPress chatter and moderating discussion here and there and I'll say that there's real merit to the idea. Worth reading and following for sure.
This year at WordCamp Miami I had the pleasure of meeting John James Jacoby, or JJJ. Many of you may know him as the man behind BuddyPress, but I got to know him for another, older project, that he used to be involved with, BackPress. The more I learned about BackPress, the more I became intrigued. That’s when JJJ and I started talking about the revival of the BackPress project.
The BackPress Back Story
BackPress started its life as the foundational library of WordPress. It was more or less the wp-includes directory, which granted access to all of the php functions that everyone knows and loves in WordPress code, without the WordPress ecosystem.
No quick, five minute install. No easy-to-use CMS dashboard. Just a library of code. Unfortunately the project died out—and without anyone to maintain it and few pieces of code ever making its way back into WordPress, it was forgotten.
How I Got Interested and Involved
In early 2013, I started to learn AngularJS, and I immediately wanted to connect it to WordPress. I managed to get my first theme up and running using my own crude API.
That year, Ryan McCue introduced the WP-API project… and I was hooked.
About one year later I started to realize
Josh Pollock talks about the Fields API, why WordPress needs it, and gives an example of its use.
Many people, including myself, have talked extensively about an API-driven future of WordPress. In the first article I wrote for Torque on the REST API, I reiterated what WordPress lead developer Andrew Nacin told the audience at WordCamp Milwaukee in 2014: the best projects for contributors to become a part of if they wanted to be a part of the future of WordPress were the REST API and what was then called the metadata project.
Part of the REST API is now in core, and the metadata project, now known as the Fields API project, has made great
Not sure the value or the metric for determining the "best plugin of 2016" but this looks like a lot of fun.
WordPressers, get ready. On March 1, we’re launching Torque’s 2016 Plugin Madness, where the first 64 most popular WordPress plugins from the official plugin directory compete against each other for total plugin domination! Modeled after the NCAA college basketball tournament March Madness, we use a bracket-based voting system to pit plugins against one another each week. Head on over to pluginmadness.com to see which plugins are competing and check in weekly to vote on the current round.
We randomly placed the 64 plugins into four groups — The Pressers, The Wordees, The Extenders, and The Installers (watch our selection video below).
Starting March 1, you can go to pluginmadness.com to vote on which plugins will make it to the next round:
March 1: The Enchanting 64 (Round 1)
March 8: The Thrilling 32 (Round 2)
March 15: The Supreme 16 (Round 3)
March 22: The Exceptional 8 (Round 4)
March 29: The Phenomenal 4 (Semi-finals)
April 5: Championship
April 12: Winner Announced
You will have a full week to vote on your favorite plugins in each round.
Plugin bragging rights isn’t all that’s at stake. When you vote, tell the world and you could win a sweet Torque Magazine swag pack that will
I wrote about WordPress plugin adoption. It's a thing! Check it out.
If you’re a plugin developer with multiple plugins in the repository, it can be hard to make sure they’re all up to date. If you aren’t regularly monitoring all of your plugins, you might get a notice like this: This plugin hasn’t been updated in over 2 years. It may no longer be maintained or supported and may have compatibility issues when used with more recent versions of WordPress
If a WordPress plugin isn’t updated regularly, it may be considered abandoned. Abandoned plugins can be a security threat and will eventually stop working as it loses compatibility.
Plugin abandonment can happen for multiple reasons:
The developer doesn’t have the time to work on it.
The developer is no longer interested in it.
Supporting a free plugin becomes difficult.
What is Plugin Adoption?
If you maintain a lot of plugins, it can hard to keep up with all of them. You may not be able to update on time or respond to support tickets, and ultimately your plugins go unmanaged and become abandoned.
After seeing a lot of abandoned plugins, the core team found a way to give them a second life. If you’re ready to let a plugin go to a new developer, use the tag “adopt-me,”
Vagrant is a system for creating local web servers in portable, highly-configurable virtual machines on Linux, Windows, and Mac. Though there are lots of ways to create a local testing environment for WordPress development, Vagrant is one of the most powerful and configurable options.
Vagrant is a system for creating local web servers in portable, highly-configurable virtual machines on Linux, Windows, and Mac. Though there are lots of ways to create a local testing environment for WordPress development, Vagrant is one of the most powerful and configurable options. In this article, I’ll introduce Vagrant, and I will walk you through setting up VVV, a popular WordPress vagrant setup.
The real advantage of Vagrant is that it’s totally customizable. This means you can emulate your production environment in your local development environment. When done right, this means no surprises when you go live.
Developing with the same technologies as you use on the live server can save you from running into bugs on your live site, which never happened locally since the situation that caused them doesn’t exist locally. For example, how can you know that your site has no problems with NGINX if your local web server is powered by apache? Or, how can you be sure your code is compatible with PHP 5.2 or 5.3, which many hosts still use, if you only tested it in the latest version of PHP?
What is Vagrant?
The heart of Vagrant is the vagrant file, which contains a recipe for creating and
This is the first, of many upcoming articles I'm writing on what changes in the planning and coding as well as the business/ client relationship when using WordPress to build an app. I'd love to know what questions everyone has that I can address as I go on, or if you have any thoughts on what's important to cover. - via Josh Pollock
At WordCamp Miami, which I attended recently, one of the most popular topics of discussion was leveraging WordPress to power mobile applications. At this point, I think everyone is an agreement that you can, in fact, use WordPress to power both web and mobile applications. Now it’s time to answer the questions “Should I use it?” and, if so, “how do I do it?” These questions don’t have one simple answer. In fact, they are highly contingent on the project, budget, requirements, and competencies of those involved.
Like every other type of project, how well you plan it is going to be one of the biggest determinants for whether or not your project will be successful. In this article, I will address the different questions that you need to answer during your planning; and then, in future articles, I’ll delve a bit deeper into them.
It’s important to note that these are only my opinions. Each project is different, and so you will have to answer these questions for yourself on a per-project basis.
Do You Know Why You’re Using WordPress To Build Your App?
Building web applications is very different than building WordPress sites, themes, or plugins, and, how you use it, may invalidate some of
The REST API opens up a range of interesting new revenue routes for WordPress developers. Here's our guide to four of them.
With the WordPress REST API still staggering towards the finishing line, now is a great time to dust off the crystal ball and consider how developers might actually go about making money through its commercial use in the future. The next few years promises to bring a flood of new talent into the WordPress ecosystem, cementing the platform’s place as the dominant publishing platform online. We’re still in the early days of this next stage, but it’s already obvious that a much wider world of opportunity is potentially opening up to skilled developers.
In this piece, we’ll whet your appetite for what’s to come with a look at four exciting new revenue opportunities opened up by the REST API. All of them are still relatively unexplored and have outstanding profit potential for many years to come.
1. Creation of Niche-Specific Software as a Service Solutions
With the right mix of specific themes and plugins, WordPress has more than proven its value as a niche-specific solution over the years, and blogging is far from the only niche being served. From real estate to restaurant sites, hundreds of thousands of small businesses across the globe are already tailoring
Great write up by Josh Pollock on the decision making of using Freemius and how it enables him to focus on his product and users.
I think it’s important for WordPress companies to seek advice from those outside of the WordPress economy. While WordPress users have experience in the subject matter, an outsider’s perspective brings fresh insight. It’s one of the many reasons I participate in my local startup culture in Tallahassee. With the exception of hosting, it’s often challenging to explain your WordPress product business. This is in part because people might not see WordPress.org as an avenue to sales since it is not a marketplace. WordPress.org, however, is a great user-acquisition and delivery channel for freemium plugins and themes. Free plugin and add-ons or limited API access have worked really well for WooCommerce, Akismet, WordPress SEO by Yoast, and many other successful product companies.
But, what may seem a little off to people is that freemium plugin and theme developers are forced by the restrictions that come with distributing via WordPress.org to know very little about their users. For example, right now, I not only have very little sense of how my plugin is being used, but I don’t have a way of knowing which plugins it’s most often used with or what version of PHP and WordPress it’s being used
A refresher or good info for newer developers on design patterns and architectures in PHP plus some WordPress common patterns.
Software development is about repeating yourself intelligently by using functions to encapsulate repetitve code, saving you the hassle of writing it out each time. This doesn’t just mean finding a repeatable pattern and going with it, it’s important to find the right pattern. That is where PHP design patterns come into play. While we often think of this in terms of choosing to write a function or class, or to import a library, this approach also extends to application architecture. The architecture of a framework, CMS, plugin, theme, class, or system is often described as conforming to a pattern.
Being aware of the classic software PHP design patterns and architectures as well as common patterns employed in WordPress can be very instrumental in helping us write better code.
Event Driven Vs. Model View Controller
WordPress uses an event-driven architecture, in which there are hooks in the core software and plugins and themes that act as events. When WordPress encounters a hook, it executes all code “hooked” to that event.
This loosely conforms to the publisher/subscriber pattern where WordPress or a plugin or theme “publishes” an event with apply_filters()
The difficult 20% of a WordPress project is the customization necessary for getting the any plugin or theme to deliver on its promise. How intuitive that last 20% is, defines how “easy” or "hard" WordPress is perceived to be.
The 80/20 rule, also known as the Pareto Principle, states that “for many events, roughly 80% of the effects come from 20% of the causes.” The 80/20 rule is named after Italian economist Vilfredo Pareto, and was popularized as a business tool in the book Living the 80/20 Way, by Richard Koch. This is one of the most useful principles for finding the most important things to focus on in business marketing and development. Identifying the 20% of your efforts that have the biggest impacts is a fundamental step in maximizing your efficiency in any pursuit.
Most people with a freelance web development practice have likely come to understand that 20% of their clients generate 80% of their income. This percentage also holds true when it comes to the satisfaction and enjoyment that comes from doing the work—where 20% of clients are responsible for 80% of the overall satisfaction that freelancers get from their work.
Those who apply the 80/20 rule to their lives, eliminate the 80% of work (or clients) that don’t generate a return on investment. This allows them to focus on serving the best clients better—leading to better, more fulfilling (and more profitable) work.
Very interesting thoughts on the freemium model in the WordPress ecosystem by Josh Pollock, the founder of the rapidly growing Caldera Forms plugin.
Two years ago, I started a WordPress plugin company. I thought if we made cool stuff people would like it, and therefore buy them and we’d have a bunch of money. I was a bit naive, to say the least. This was my first time selling anything online besides my development services. However, our first month only brought in about $350, which was not exactly what I was expecting. It shouldn’t have shocked me because I wasn’t focusing on what problem my plugin could solve for people. I also didn’t know that Caldera Forms, not our Pods add-on would become our flagship product.
This was a problem because Caldera Forms was not the centerpiece of a freemium business. It was a really cool plugin with a ton of potential. Now it’s a really cool plugin that a lot of people love, but most of those people don’t need the paid add-ons for payments or list building.
It’s a great plugin for contact forms, and it’s awesome people use it for free. But putting a free plugin out there “for the good of the community” and hoping to cash in on it later isn’t a plan that is likely to lead to a sustainable business. Without cash-flow to support a plugin,
W3Techs today released its list of 'Web Technologies of the Year' and once again WordPress earned the spot as the CMS of the year.
W3Techs today released its list of ‘Web Technologies of the Year 2016,’ and once again, for the seventh consecutive year, WordPress earned the spot as the CMS of the year. WordPress is accompanied by other leading web technologies, like Google Analytics, Ubuntu, Amazon, and CloudFlare, on the list of web technologies of the year. The list is determined by the largest increase in usage in the last year, in which W3Techs “compared the number of sites using a technology on January 1st, 2016 with the corresponding number on January 1st, 2017.” WordPress has more than doubled since it first won CMS of the year in 2010, demonstrating its unstoppable growth and dynamic ability to power digital experiences as a full-service application.
At the start of 2016, WordPress was used by 25.6 percent of all websites and by the end was used by 27.3 percent — experiencing a 1.7 percent growth. For perspective, this is more than eight times the increase of the second place CMS, Shopify, which experienced a .2 percent increase over the year.
WordPress’s user-friendliness and extensibility make it the leading choice for small and enterprise sites alike. In fact, a whopping
W00t W00t! A leaderboard of the top open-source frameworks for WordPress plugin & theme developers.
After the plugins review team made a statement disallowing frameworks in the repository last March, Co-founder of Freemius Vova Feldman decided to find them a new home. With help from Luca Fracassi from Addendio, Feldman and his team created IncludeWP, a hub to display all open-source frameworks for WordPress. IncludeWP uses the WordPress.org APIs and SVN to automatically identify which .org frameworks plugins and themes are using, which empowers developers to see who exactly is using their product. Moreover, it also enables them to start a new product with a strong foundation. The work behind the project is all open-source and can be found on GitHub.
As Feldman said in the release “Code reusability is awesome!” That is the whole idea behind the project. Sharing code is the foundation of WordPress.
Having foundations for a theme or plugin already available will make your workload smaller. It doesn’t make sense to continue to rewrite the same functionality over and over, so check with IncludeWP before you begin to see if there’s a framework that suits your needs.
How To Pick The Right Framework
In the release, Feldman included tips for making sure
Using AngularJS for your WordPress plugin's admin screen is awesome. This is known. Roy shows you how.
Before you begin, you must determine what it is you are administering on the site specifically. To keep this simple, let’s say your plugin creates a custom post type (CPT) that is hidden from the sidebar. This use case is simple — you have a CPT to store data,
As usual, there's a few nuggets of wisdom from Chris Lema. His 'hope is not a strategy' mantra shows up subtly. A short read well worth a couple of minutes.
Starting and growing a successful business requires focus, hard work, and a great deal of industry knowledge. Understanding how to select and appeal to a target market, increase efficiency, and grow revenue are just a few of the important facets that should be considered. To bridge this knowledge gap, hiring a third-party consultant to improve your company’s business strategy is a great option. For some strategic insight into business development we reached out to Chris Lema — CTO & Chief Strategist Crowdfavorite and speaker, coach, and daily blogger.
Q: How did you start?
A: From 1997 until 2006 I worked in five software startups in San Francisco. I loved startups and found myself, towards the end of that period, coaching a lot of other startups. Most of the time we were talking product strategy, team formation, and fundraising. But every one of them needed a website. Initially it would be some simple HTML, but over time I wanted to support them without supporting them. So I wanted a content management solution (CMS) that would let them edit their own site. And while I started with a product called DotNetNuke, I quickly found WordPress one weekend in 2005 and started using it. My first
One of the most controversial companies in the WordPress ecosystem is Envato, the company that owns the theme and template marketplace, ThemeForest.
One of the most controversial companies in the WordPress ecosystem is Envato, the company that owns the theme and template marketplace, ThemeForest. ThemeForest’s best selling product category is WordPress themes, and they are a behemoth in this space. As Envato’s blog states: “In September 2014, ThemeForest was the 88th most trafficked website in the world (according to Alexa.com), at the time ahead of Netflix.”
But in a poll run by Jeff Chandler of WPTavern.com, only twenty-eight percent of respondents said “ThemeForest is a great place to find a variety of good looking themes.” Fifty percent said “it is a marketplace with good looking themes but are poorly coded.” And twenty-two percent said “stay as far away as possible.”
So, did Envato find a hole in the marketplace, and build a business to provide customers what they want? And are all the developers who complain about it just whining? Or is ThemeForest really a marketplace for bad themes?
Like many things, the answer is not a simple yes or no. So let me present both sides of the argument.
The case for ThemeForest
Here are the arguments in support of ThemeForest.
1. ThemeForest gives consumers what they want
It’s become rather
Josh Pollock looks at the Guttenberg editor and asks about how meta boxes and other editor customizations are going to be handled. He did not get a very reassuring answer.
The new Gutenberg Editor, which is slated for inclusion in WordPress 5.0, aims to dramatically improve the editor experience in WordPress by adding easy-to-use, dynamic content blocks. While beautiful, and definitely something I could see myself creating content in, I worry about what the new editor could mean for the future of WordPress. WordPress as a Content Management System (CMS) originated as a blogging platform but has grown far beyond that, today dominating 28 percent of the entire internet. In a post sharing his first experience with the Gutenberg Editor, Chris Lema asks an important question: “Didn’t we want to tell the world that WordPress was more than just for bloggers?”
I use WordPress mainly for ecommerce these days, and most of the WordPress users I speak to use WordPress for their business site or as a way to build a unique application function by cobbling together plugins and a little bit of custom code. More often, they are building a site like this for a client.
I thought that’s what WordPress had become. I thought it has become a complex, highly customizable CMS. The Gutenberg project isn’t halting this progress necessarily, but it
This post features results from Kinsta's test with PHP 5.6, PHP 7, and HHVM. It also talks about other reasons, besides speed, to consider when deciding between PHP7 and HHVM.
A case for why to use some of the most important, and easy to use tools that PHP gives us, that WordPress developers avoid due to extreme-backwards compatibility requirements of WordPress core. Namespacing, and autoloaders are two complementary features that make it easier to use small, more manageable, and more easily reusable classes and write better code.
Chris Aprea recently wrote a great post on why WordPress’ (continued) support of unsupported versions of PHP, especially PHP 5.2, is preventing WordPress developers from taking full advantage of the way the language has evolved over the last 8 years or so. Two of the best features in PHP, which WordPress developers have generally shied away from since they are not supported by PHP 5.2, are SPL autoloaders and namespacing. These two complementary features make it easier to use small, more manageable, and more easily reusable classes.
Understanding how namespacing and autoloaders work will help you get comfortable working with PHP libraries that were not written for WordPress, but do follow the established PHP standards. You can, however, use autoloaders without namespaces or without following the latest standards. For example, Carl Alexander discusses how to build an autoloader that follows the standards for class naming used in WordPress core in one of his excellent tutorials.
In this article, I will discuss how to follow the PSR-4 standard for class and file naming. By doing so, you’ll find that this standard not only makes it very easy to use a class autoloader, but it also makes
Read the story of Founder of this amazing platform, ManageWP. More than 7+ years of experience with WordPress, Vladimir is a big name in the industry due to his contributions in WordPress communtiy.
The growing number of plugins is part of what makes WordPress so appealing. There’s literally a WordPress plugin for everything; from contact forms, to security, to holiday snow. That being said, entering into the world of WordPress plugins may be challenging, particularly if you haven’t already established yourself as a leading plugin author. Today, Vladimir Prelovac, the brains behind ManageWP, announced the release of the Plugin Discovery Tool on ManageWP.org, a tool that will increase the discoverability of new plugins and plugin authors.
Torque reached out to Vladimir Prelovac to learn more about his journey, his new plugin discovery tool, and future initiatives for ManageWP.
Torque: How did you first get involved with WordPress?
Vladimir: It was in 2007, and I was eager to get entrepreneurial. I decided I needed a blog and after trying a couple of options I opted for WordPress. A fateful decision as it turns out.
As a developer, I quickly became a part of the community and started building a name for myself by creating useful WordPress plugins, writing about WordPress and eventually writing a book on WordPress development.
Torque: What was your objective when you first founded
If you also missed WordCamp Europe, this post covers the Q&A session with Matt Mullenweg by Brian Krogsgard, Editor of Post Status. It covers few popular topic including WordPress Vs. Medium discussion. Take a look.
At WordCamp Europe Yesterday in Vienna WordPress co-founder Matt Mullenweg took the stage for a live interview and Q&A on WordPress. The interview was conducted by Editor of Post Status Brian Krogsgard and covered everything from how WordPress stacks up to other platforms like Medium to the REST API, the future of WordPress, and more. Amazing crowd before going on stage at #WCEU earlier https://t.co/dYLpv8kKzV pic.twitter.com/SSzJ4dNVMk
— Matt Mullenweg (@photomatt) June 24, 2016
A Day In the life of Matt Mullenweg
Mullenweg doesn’t subscribe to the typical work-life balance mantra, but rather to the idea that your work and personal life should harmonize.
At work, he tries to make good use of his time by devoting roughly one-third to hiring people, one-third to product, and the other third on dealing with the fire of the day. Because Mullenweg’s attention is drawn in several different directions, he tries to devote his attention to issues that only he can deal with.
WordPress Vs. Medium
Krogsgard inquired about WordPress’s position against Medium, referencing ringer.com’s recent announcement to move to the platform. Mullenweg noted that ringer.com and