WordPress.org

Ben Dwyer on why writing code is like solving a Rubik’s cube.

WordPress has long had download counts for core WordPress, plugins, and themes.

But downloads counts are deceiving. They count downloads, but are not representative of actual active installs.

Recently — in my Club member newsletter — I noted that it is past time to get data for actual installs, versus download counts. There is a private beta program on WordPress.org that offers just that, and at least some of the new stats are launching very, very soon (edit: the initial changes are now live).

The new plugin stats pages will show four new charts, visible to plugin authors:

• New installs per day
• Updates per day
• Active installs per day
• Active versions

Most importantly, the “active installs per day” chart shows us — with much greater precision than we previously had — how many actual websites are running any plugin available on WordPress.org.

For the beta period, utilizing a non-public query string parameter, I was able to see these stats publicly for any plugin on the repo. That query string parameter has now changed, so the data is no longer publicly visible.

These stats are partially launching very shortly, to highlight the active installs for plugins as well as the breakdown of active versions. Active install counts will replace the download count in the right column.

You can see an example of what the new public stats from the WordPress Importer plugin look like, which will be visible to users. Plugin authors will see a slightly different view that contains the additional stats:

 

The most popular WordPress plugins

I took some time to look through the most popular WordPress plugins I could think of, as well as other notable plugins. What follows are some of the numbers I recorded, which were noted in the charts as being recorded February 24th.

Once this data goes live, the counts will be revised to round with less detail, and for installs over 1 million, will simply say “1 Million+”.

Plugin	Downloads	Active Installs
Contact Form 7	24.304 million	6.3+ million
Akismet	28.128 million	6.2+ million
WordPress SEO	15.928 million	3.7+ million
Jetpack	14.587 million	3.7+ million
WordPress Importer	9.635 million	3.4+ million
Google Sitemap Generator	16.477 million	3.4+ million
All In One SEO	21.853 million	3.1+ million
WP Super Cache	6.869 million	1.7+ million
Tiny MCE Advanced	4.788 million	1.4+ million
NextGen Gallery	11.991 million	1.3+ million
Google Analytics for WordPress	8.159 million	1.2+ million
WooCommerce	6.445 million	1.2+ million
Hello Dolly	510,136	1.1+ million
WP Page Navi	5.432 million	1.1+ million
W3 Total Cache	4.491 million	970,000+
WordFence	4.828 million	710,000+
Better WP Security	4.259 million	600,000+
WPTouch	6.743 million	410,000+
bbPress	1.741 million	250,000+
MailPoet	3.447 million	230,000+
The Events Calendar	1.438 million	230,000+
BuddyPress	2.647 million	150,000+
WP eCommerce	3.009 million	80,000+

As you can see, the data is incredibly insightful, especially compared to the public download stats. However, beware that there is not a guarantee of accuracy here, and in fact you should know that in some instances, the team knows the data isn’t reporting properly, especially for plugins with more installs.

Contact Form 7 and Akismet are by far the most popular WordPress plugins, with over six million active installs each. I included most of the plugins from the Popular page on the repo, plus some additional notable plugins.

There are also a number of outliers, where the discrepancy between downloads and active installs is huge. I believe this is largely due to plugins with long histories that were once immensely popular but have since faded in popularity.

The download count keeps old plugins relevant far longer than if active installs were the prominent number.

Compared to BuiltWith data

How accurate is this data? Well, one smell-test we can give it is to compare it to other potentially inaccurate data. From my research, BuiltWith is doing one of the best jobs around of accurately checking site data. Go ahead and input your domain to BuiltWith and see how accurate it is for you.

So, if we compare this same plugin list to BuiltWith data for “the entire Internet” — as they segment based on site rankings — then we can get a feel for how well the WordPress.org number and theBuiltWith number get along.

In this table, I link to the BuiltWith page so you can get more information if you like. Do note that some plugins aren’t available on BuiltWith, so are in the list but don’t have information.

Plugin	BuiltWith	Active Installs
Contact Form 7	594,677	6.3+ million
Akismet	166,791	6.2+ million
WordPress SEO	2.602 million	3.7+ million
Jetpack	1.629 million	3.7+ million
WordPress Importer	n/a	3.4+ million
Google Sitemap Generator	n/a	3.4+ million
All In One SEO	n/a	3.1+ million
WP Super Cache	991,729	1.7+ million
Tiny MCE Advanced	n/a	1.4+ million
NextGen Gallery	977,343	1.3+ million
Google Analytics for WordPress	871,144	1.2+ million
WooCommerce	685,937	1.2+ million
Hello Dolly	n/a	1.1+ million
WP Page Navi	585,809	1.1+ million
W3 Total Cache	571,864	970,000+
WordFence	n/a	710,000+
Better WP Security	n/a	600,000+
WPTouch (Pro Data only)	15,696	410,000+
bbPress	126,081	250,000+
MailPoet	149,018	230,000+
The Events Calendar	56,095	230,000+
BuddyPress	76,853	150,000+
WP eCommerce	58,115	80,000+

Data Accuracy

There are zero instances from this list where BuiltWith shows more sites than WordPress.org using a plugin. That is a confidence enhancing note, as WordPress.org should be much more fully comprehensive.

There are some instances, especially with plugins that are on the backend, or have limited front-end visibility, where the numbers don’t line up too well.

However, for the highly visible plugins, the WordPress.org data feels good to me, in comparison to BuiltWith.

The team working on the new stats has less confidence in the numbers as the numbers get higher. So for plugins with well beyond a million installs, they have reason to believe adoption may be different than what is reflected in the stats.

How stats are collected

WordPress.org collects this data via the update checks that a WordPress install performs.

There are a couple of caveats to consider for the WordPress.org data:

• The numbers could include (and therefore inflate numbers) non-public (dev and staging environments) domains. According to Andrew Nacin, the team does exclude sites with “localhost”, “.dev”, “.local” and “other telltale signs of local development and staging sites, like IP addresses.”
• The numbers don’t include websites that have, via code, turned off update checks.
• Some data is making more sense as it is collected. Now that it’s a few months old, they are able to make better determinations about what is accurate and what is not.

Keep in mind the percentage of installs that wouldn’t be included in these checks is minimal. Also, unfortunately, a large percentage of folks just don’t keep dev or local installs of their websites, so those numbers probably do not inflate the totals as much as you may think either — though I’m guessing on that front.

For the accuracy of the numbers, the team has seen some discrepancies, where one graph shows data that should also impact another, but it does not. They’re working to resolve these issues still.

This data is important

The team working on this project has been deciding on which stats pages to showcase for the general public, and which to show to plugin authors.

The active install data is important, and it needs to be public for users, in addition to plugin authors. If we can ensure that the data is even remotely accurate, it is far superior to using download counts alone.

Download counts give legacy plugins too much clout in the repo, and also make misinformation all the more likely.

A prime example is that of Slimstats, which had the recent security breach. That plugin has over 1.3 million downloads. But when I looked at the stats, there were only 100,000 or so active installs.

Yet, when tech blogs covered the security breach of the plugin, they largely cited “over a million” installs at risk. This is bad for WordPress and it’s unnecessary. We can fix it. We have the data.

Lead developer Dion Hulse also had this to say about the progress of the stats pages, when I notified him that I had access to these numbers:

The current beta stats page was put together as a trial to find what data plugin authors wanted (We’ve been in touch with a few who have provided great feedback in the past on the stats).

Based on what they have learned, they are launching the active install numbers and active version chart, and will follow up with a future launch for the plugin author only stats. The plugin author stats are going to go live with the notice that they may not be totally accurate, and they may change over time as the team continues to analyze the data.

WordPress is open source, and has absolutely massive adoption across the web, as we all know. It is therefore a source for what’s become a multi-billion dollar industry. WordPress.org and those that hold the keys to the website have great power.

Changes to the website and how themes, plugins, and any other potentially business-centric data make a difference to real businesses.

All those businesses have signed up for this (being involved with the WordPress project), and therefore any risks associated, but in my mind this data — especially of active installs — brings welcome sunlight to a murky plugin landscape.

I’m glad I was able to see this data. I’m very pleased that the active install numbers are replacing the download counts. WordPress itself will be better for it.

photo credit: packing up – (license)

I’ve used WordPress to write about WordPress for more than seven years, it’s how I make a living. Recently though, writing in WordPress feels more like being a data entry specialist. I guess in some ways, it’s not surprising considering that’s exactly what I’m doing.

The post editor is more or less a pretty user interface that enables me to add data to a database. I think the feeling is stronger if you write in WordPress every day as it’s an endless cycle of filling in text areas, fields, uploading media, and clicking the publish button. Many of these tasks take place within their own metabox which is something that detracts from a seamless experience. I don’t know about you, but I’m ready to try something different.

Many of the posts I write post consists of content blocks such as: blockquotes, media, etc. Thinking about how I create content in WordPress, the conceptual post editor proposed in 2013 makes complete sense. Instead of a full-blown TinyMCE editor, I could select from a set of established content blocks. In addition to the content block idea, some of the metaboxes are integrated into the editor.

Proposal To Revamp The Post Writing/Editing Interface

The publish, categories, and tags metaboxes are integrated into the editor. It probably wouldn’t take too much effort to add a way to feature an image. I don’t know how usable this interface is, but I’d love to give it a try for a few months. The more metaboxes that disappear, the less I feel like I’m hitting switches and turning knobs before clicking the publish button. By having some of these tasks integrated into the editor, I think it’ll provide a better publishing experience.

I probably wouldn’t be able to get rid of all the metaboxes because of the plugins I use. However, I’m most interested in an interface that consists of less scrolling, searching, etc., that gets me to the publishing stage quicker without feeling like a data entry specialist.

Despite a large amount of discussion surrounding the proposal, the concept lost steam. Although I’ve never used it, I feel like I’d prefer it over the current editor. It’s anyone’s guess if we’ll ever see the post editor undergo a major change, but if it did, this is the direction I’d like to see it go.

SIDEKICK has announced that its voice-guided WordPress training video plugin now supports WordPress Multisite. According to SIDEKICK Co-founder, Ben Fox, WordPress Multisite has been one of the most requested features from users. Users can now:

1. Easily auto activate your SIDEKICK license across all sites on your network
2. Set a Walkthrough to auto-start the first time a new user logs into any site on your network
3. Enable and disable walkthroughs and walkthrough categories network wide from one screen

SIDEKICK has a support article that goes into more detail on how to activate Multisite.

Challenges Encountered

SIDEKICK’s Chief of Technology and Product Development, Bart Dabek, describes the most challenging aspect they encountered adding Multisite support, “The biggest challenge was incorporating our API and building out the relationship between the super admin setup page and individual sites. Once that relationship was established, it was easy to pull in settings from the network settings and assign them to individual sites.”

“Some things to keep in mind with our particular situation is, keeping authentication details within the super admin account so that if our sessions expire, the system can automatically log back into our API and continue to auto activate SIDEKICK on new sites without the need for the super admin to do anything. It’s something developers will have to consider if they’re dealing with an API on this level,” Dabek said.

Free Genesis Walkthroughs

If you use SIDEKICK with the Genesis Framework by StudioPress, you’ll see 30 free Genesis walkthroughs. As long as you’re using a Genesis powered theme, you’ll see the videos appear in the SIDEKICK drawer. The walkthroughs were created by Web Savvy Marketing, a WordPress development agency that specializes in Genesis themes.

MediaTemple Learns From GoDaddy’s Mistake

The basic student plan offered by SIDEKICK priced at $5 per month, is available for free to MediaTemple customers. In addition to 30 Genesis walkthroughs,  customers gain access to 160+ WordPress walkthroughs. We’ve received a few reports from readers that SIDEKICK has been activated on every site on MediaTemple without an opt-in notice, similar to what happened to GoDaddy customers late in 2014. However, this isn’t the case.

Email send to MediaTemple Customers about SIDEKICK

MediaTemple emailed customers on February 23rd announcing the partnership and included directions on how to activate the plugin. It appears as though the company learned from GoDaddy’s mistake.

How to turn on SIDEKICK

Around the same time the email went out to customers, the company sent out a press release to the media with the same information.

MediaTemple SIDEKICK press release

Multisite support gives network administrators the ability to easily provide access to an educational tool. Through strategic partnerships with SIDEKICK, MediaTemple, and GoDaddy, customers have an easy way to learn the ins and outs of WordPress.

While some don’t like the approach taken by SIDEKICK, it’s another option to those who find it difficult to use the WordPress Codex or other educational resources.

After years of creating new content, changing themes, and adding and removing plugins, a WordPress installation can become littered with unused, orphaned, and duplicated data. Not every plugin properly extricates itself and its data from your site when you uninstall.

Lester Chan‘s new WP Sweep plugin was designed to perform housekeeping on WordPress installations. Chan is a prolific plugin developer, who created his first plugin in 2003 shortly after WordPress was forked from b2. He now has 24+ plugins listed in directory.

WP-Sweep’s distinguishing characteristic is that it uses proper WordPress delete functions as much as possible instead of running direct delete MySQL queries. This method is in direct contrast to similarly purposed plugins such as WP-Optimize, which has been downloaded more than 1.5 million times.

Looking through WP-Optimize and they are using SQL query to delete post revisions which means there will be orphaned data left behind.

— Lester Chan (@gamerz) February 23, 2015

What can WP-Sweep clean?

WP-Sweep uses WordPress delete functions, such as wp_delete_post_revision(), delete_post_meta(), wp_delete_comment(), etc. to clean up the database. It can perform sweeps of all of the following:

• Revisions
• Auto drafts
• Deleted comments
• Unapproved comments
• Spammed comments
• Deleted comments
• Orphaned post meta
• Orphaned comment meta
• Orphaned user meta
• Orphan term relationships
• Unused terms
• Duplicated post meta
• Duplicated comment meta
• Duplicated user meta
• Transient options

WP-Sweep can be found under the tools menu after you install it. It will give you a full overview of items that can be cleaned up.

Scroll further down and you’ll see reports for comments, users, terms, and options. Certain sweeps have extra instructions to consider before using, i.e unused terms: “Note that some unused terms might belong to draft posts that have not been published yet. Only sweep this when you do not have any draft posts.”

One user tested the plugin and reported a savings of 23.5% on database size. He also reported a bug, which Chan promptly fixed.

@gamerz plugin saved me 23,5% of a database size. But not everything works as expected: https://t.co/UeiDedH7Yd

— Slava UA (@slaFFik) February 25, 2015

Chan plans to continue to develop the plugin and is considering adding unused options to the sweeps in a future version. If you want to use the plugin to clean up your website, you are strongly advised to make a backup of your database first, as the actions it performs are irreversible. Check out WP-Sweep on WordPress.org and favorite it for the next time you need to do some database housekeeping.

photo credit: Artist’s Room – (license)

The new design of the WordPress Theme Directory is a welcome change on WordPress.org. Faster browsing and filtering means users can more easily sort through the thousands of available options. While the directory includes many beautiful, high quality themes, it often requires sifting through hundreds to find that diamond in the rough.

One of the reasons for the glut of lackluster and uninspired new theme submissions is a lack of design feedback from the Theme Review team. Reviews have traditionally focused primarily on the code quality of themes and often neglect major design issues with new submissions.

During the team’s meeting this week, contributors discussed ways to encourage more design feedback on submissions to the directory. WordPress.org theme author Kelly Dwan broached the topic in a recent post about ways to get designers involved during the review process:

If we tell people that they don’t need to be expert developers to review themes, and that this is a good way to learn better coding practices, why don’t we do the same with design? Good design is just as subjective as code standards (in that the basics aren’t, but people like to argue about it anyway).

The quality of code in the theme repo is improved by the review process, so we should encourage design reviews to increase the quality of design, too.

Her post included practical suggestions for updating the theme review handbook to provide better guidance on how to offer design feedback. This is one way that designers can contribute on WordPress.org, even if they’re not comfortable helping with the code review aspect of the process.

New Design Recommendation Added to the Handbook

Mel Choyce, Design Engineer at Automattic, volunteered to start filling out the design section of the Theme Review Handbook with recommendations. “Theme authors are never exposed to design guidelines before uploading their themes, unlike code guidelines,” she said. This is something the team is currently working to change.

The design recommendations so far are formatted to help the theme author think more critically about design decisions. Instead of taking a hard line about subjective aspects of design, the recommendations invite the designer to consider the theme from a user’s perspective. A few examples include:

• Can you tell if the theme has an ideal audience in mind?
• Is the type large enough to comfortably read?
• Body text should generally be 14px or larger on desktop, unless using a font with a generous x-height.
• Are the header and body fonts easy to read?
• Is there enough difference between headers and paragraphs to distinguish them from each other?
• Do paragraphs have enough line-height? If you squint your eyes, can you still see some space between lines?
• A good rule of thumb is 1.3-1.4 on headers, and 1.4-1.6 on body text.
• Is the color contrast high enough? Is the type readable against its background?
• Do the details (drop shadows, gradients, etc.) distract at all from the content?

Encouraging more design feedback is difficult without offering reviewers the tools to so with confidence. The art of offering design feedback is tricky and it requires diplomacy to do it in a way that doesn’t crush the spirit of a fledgling theme author.

A basic set of guidelines is a valuable resource that team members can refer to during the review process. If theme authors are open to the recommendations, the quality of their designs can be significantly improved for future submissions.

The new design for the official WordPress Theme Directory is live today. Contributors on the WordPress Meta team released a preview of the design in early January and worked quickly over the past month to resolve any outstanding issues related to the new plugin that powers the directory.

In addition to an updated design, the theme repository has been moved away from bbPress and into a new plugin, which includes a custom post type for the repository package and a theme uploader.

The design is likely already familiar to most users, as it was matched to the UI to the admin themes browser. Now, whether you’re behind the wheel of your WordPress site in the admin, or browsing on the official directory, the experience of searching and sorting themes is more consistent.

Konstantin Obenland, in cooperation with Samuel “Otto” Wood, spearheaded the migration to the new plugin and design, with help and feedback from other members of the meta team. The work is not yet complete, but the new directory provides a vastly improved experience for users on the hunt for a new theme. Searching and filtering are both faster and users can quickly browse through thumbnails of all the queried results via infinite scroll.

Future internationalization improvements to the directory should make it an even better resource for WordPress’ growing global audience.

“There is still a lot more work to be done, but everything that’s remaining can be added, changed, or improved with the new directory active,” Obenland said in an update earlier this week. “Most importantly we want to make it available to language sites, so that we have an internationalized theme directory, and there will be more to be done around that.”

The improved browsing experience does a much better job of showcasing the work of theme authors, many of whom spend countless hours updating and supporting their free themes as a contribution to the WordPress community. Overall, the new design is a better representation of the high quality themes available in the official directory.

photo credit: தேவையில்லை காரணங்கள், நீ எங்கே? – (license)

The WordPress admin list tables can get quite lengthy to browse if you’re relying on regular pagination, especially when you need to perform bulk actions.

As of WordPress 4.0, the grid view of the media library has beautiful support for infinite scrolling, but list tables for posts and users still rely on old-fashioned pagination. Setting the screen options to include more listings can help, but this, too, can become cumbersome.

Infinite WP List Tables is a new plugin created by WordPress developer Brady Vercher. It’s a simple extension that adds infinite scroll to several pages within the admin, i.e. posts and users. Infinite WP List Tables has no settings to configure – simply activate it and it’s working.

I tested the plugin both on a single site and on a multisite installation with thousands of sites and users. In both scenarios the plugin performed nicely to infinitely scroll admin list tables for sites, posts, and users.

It does not seem to work with comments, nor does it work with third party plugin tables such as the BuddyPress activity and groups admin listings. Integrations for plugins that display products, portfolio items, quotes, or other listings in the admin would make it even more useful, but I can see why Vercher might want to limit the plugin to core admin list tables.

Do you think something like this should be added to core, given that the media library works nicely with infinite scroll? As far as I’ve seen, no tickets currently exist on trac to propose infinite scroll for other areas of the admin. Do you prefer traditional pagination for sites, posts, users, and comment list tables?

A lot of the tech news I’ve linked here has been a bit of a downer, but today we can celebrate: FCC votes for net neutrality, a ban on paid fast lanes, and Title II. This is not an outcome I would have bet on a year ago.

It’s easy to get overwhelmed when visiting the WordPress.org plugin directory in search of a Twitter plugin, as you’ll turn up more than 3,000 Twitter-related extensions. Unless you’re running on recommendations or personal experience, it may not be easy to narrow down a quality plugin that keeps pace with changes to the Twitter API.

This week Twitter finally decided to release an official WordPress plugin to assist users in optimizing their sites for a Twitter audience. I spoke with Niall Kennedy, Developer Advocate at Twitter and contributor on its official WordPress plugin, about Twitter’s plans for the plugin. Kennedy is also listed as a contributor on both the official Facebook and Vine plugins for WordPress.

“Twitter regularly works with partners to implement Twitter features on their site,” Kennedy said. “Shipping an official plugin allows us to directly support publishers powered by WordPress and provide an example implementation of Twitter best practices for publishers on any platform.”

The plugin requires PHP 5.4 or later and offers many features that you many have already seen available via other extensions, including customization of embedded tweets, embedded Twitter videos, Tweet button for sharing content, Twitter Cards, integration with Twitter Analytics, a Follow button, and ads conversion tracking.

Many are wondering why anyone needs an official Twitter plugin, given that WordPress already has excellent oEmbed support for tweets. Kennedy confirmed that the new plugin plays nicely with the built-in oEmbed support, while building on top of it:

The Twitter plugin for WordPress enhances the oEmbed support built-in to WordPress with additional customization and functionality. We enhance the typical oEmbed response with additional integrations with WordPress APIs.

Our plugin loads Twitter’s widgets JavaScript asynchronously through wp_enqueue_script, omitting the script element typically inserted onto the page markup through the default oEmbed response.

Each embedded Tweet, added through a URL or shortcode, passes through the shortcode’s filter (shortcode_atts_tweet) for customization of embedded Tweet features across the site. The plugin handles fetching the correct oEmbed markup from Twitter’s servers and caching the unique result for the customization.

The plugin does not change MCE oEmbed handling in the admin view.

Kennedy declined to comment on why it took Twitter so long to release an official plugin, but hopes that WordPress developers will use it as a building block. Those who previously created Twitter plugins now have a solid example for how best to extend WordPress to customize Twitter’s latest features.

Designed to be Extensibile

The development team behind the plugin plans to add new features to it as they become available from Twitter. They recognize that it will not be realistic to offer every imaginable feature, but instead are prioritizing extensibility to make sure developers can easily create their own customizations.

“The plugin includes support for displaying Twitter-hosted video embeds, a new feature available to Twitter developers just in the past few weeks,” Kennedy said. “An official Twitter plugin makes it easy to roll out new features to publishers.

“We’re working with other plugin developers to integrate features through filters where any overlap may occur,” he said. Kennedy has a few ideas for the kinds of integrations that developers might want to build for the plugin using the WordPress APIs.

“Our plugin automatically generates Twitter Card markup to represent a post, making some best guesses for post formats built-in to Core,” he said. “We expect plugin developers creating more specific display experiences will be able to build on top of our base features to select the best Twitter Cards template for their content.”

Kennedy also believes the plugin can be further extended by SEO plugins to optimize content. “Some of the most popular WordPress plugins involve SEO,” he said. “We would like to integrate with SEO plugins to highlight the best titles, descriptions, and other detailed data provided by publishers to help their content stand out on Twitter.”

Additionally, he sees an opportunity for theme developers to make tweets a seamless part of a theme’s overall design. “Our embedded Tweet theming can be customized by theme authors to match the visual theme of their site,” Kennedy said. “Automatically adjusting Twitter theming components to a WordPress theme context would be pretty cool.”

If you’re looking to add the most common Twitter features to your WordPress site, you’ll be hard pressed to find a better plugin than the official one on WordPress.org. Kennedy confirmed that Twitter plans to support the plugin through its official support forums on WordPress.org and will also have an escalated support channel for managed hosting providers.

In this episode of WordPress Weekly, Marcus Couch and I take the opportunity to catch up on the latest news in the WordPress community. I share the results of our poll asking readers if they use sticky posts in WordPress. We discuss the pros and cons of content protection plugins, in which there are no pros. Marcus and I agree that the visual editor added to the latest version of the WordPress for iOS app is a nice addition. Last but not least, we run down a list of upcoming WordCamps.

Stories Discussed:

Do You Use The Sticky Posts Feature in WordPress?
Content Protection Plugins for WordPress Do More Harm Than Good
Press This Bookmarklet Generates Concerns of Copyright Infringement
WordPress for iOS 4.8 Released, Adds Visual Editor
High Risk Security Vulnerability Discovered in WP Slimstat, Update Immediately
Twitter Releases Official WordPress Plugin
Story.am Launches to Founders
Upcoming WordCamps Schedule

Plugins Picked By Marcus:

Woo Commerce Role Based Price extends the popular eCommerce plugin Woo Commerce, so that products can be offered at different prices for different customer groups.

Better Code Editor adds line numbers, error detection, and a choice of 28 different themes to use in the Plugin and Theme editors.

WPRecovery is a WordPress recovery manager, that will get your WordPress Site back up and running if it stops working correctly.

WPWeekly Meta:

Next Episode: Wednesday, March 4th 9:30 P.M. Eastern

Subscribe To WPWeekly Via Itunes: Click here to subscribe

Subscribe To WPWeekly Via RSS: Click here to subscribe

Subscribe To WPWeekly Via Stitcher Radio: Click here to subscribe

Listen To Episode #181:

As a good follow-up to the podcast with Tim the other week, I did a podcast with Matt Medeiros of the Matt Report.

photo credit: Rating – (license)

Those who host plugins in the WordPress plugin directory may have noticed a change to their plugin’s ratings. That’s because the ratings system has been reset and rebuilt by Samuel “Otto” Wood. The ratings now correspond exactly with reviews. According to Wood, the change has been two and a half years in the making:

Back when we launched the review system 2.5 years ago, we tied ratings to reviews. However, up until that point, we had existing ratings in the system. At the time, some argued that the ratings should be wiped out and everybody start fresh. I argued for the opposite, that we should leave the existing ratings in place until such time as we had enough reviews in the system to build up a good body of ratings.

A few weeks ago, Wood was checking out the ratings for the new WordPress theme directory when he noticed there were over 150K reviews. “Out of those 150K reviews, less than 10K are for themes” Wood said. This was enough to initiate the change and remove ratings not attached to a review. Since the system was rebuilt, some plugins have experienced 1 and 5 star rating swings, while plugins like WP eCommerce have seen its average rating rise from 2.9 to 3.4 stars.

That means @wpecommerce, which had been at a rating of 2.8 for years, and more recently 2.9 – is now 3.4 stars. That feels good :)

— Justin Sainton (@JS_Zao) February 26, 2015

In addition to displaying more accurate data, review spam has been neutralized. Review spam has been a serious problem for the past several years. According to Otto, this is no longer the case:

Ask any of the moderation team how many duplicate accounts they’ve seen to vote up their plugin and down those of competitors. Even though the reviews were removed, until yesterday, the ratings made by those accounts remained. This is no longer the case, and the ratings made by those spam accounts has now been effectively neutralized.

In summary, ratings and averages now reflect the most accurate data from the point in time reviews were introduced. Spam and fraudulent data hasn’t been lost or deleted but rather ignored from influencing the data set. Ratings that were added before mandatory reviews are also ignored.

By waiting two and a half years, Wood has avoided resetting the entire system which would have caused everyone to start from zero. This way, authors are able to maintain their ratings and reviews without starting from scratch. If you host a plugin on the WordPress plugin directory, let us know if your ratings changed, especially the average.

In the last year or so, WordPress.com has been experimenting with a new post editor. As a user of WordPress.com, I clicked the add new post button and was shocked to discover an entirely different interface than what I’m used to. Continuously pushing improvements across the platform with little to no announcement and measuring feedback is WordPress.com’s signature development strategy.

Shortly after its release, users created support requests to offer feedback. Dealing with change is hard, but it’s even more difficult when it goes unannounced. After receiving a ton of feedback, the team eventually added the option for users to switch back to the classic editor. Since its launch, I’ve found myself getting used to the new editor, but there are a couple of quirks that need to be addressed.

New WordPress.com Editor

Speed

Depending on when I create a new post, I’ll see a “beep beep, boop” loading message for a few seconds. The longest I’ve seen the message is around 10 seconds. The post editor is built on top of the WordPress.com REST API and depending on traffic, server resources, etc., the API calls take longer than normal to process.

Beep Beep Boop

If it takes more than a few seconds to load the editor, that’s too long. With all of the server resources that make up the WordPress.com infrastructure, I expect things to load quickly. In reality, I shouldn’t see a loading screen.

Creating Content

Since the visual editor inherits most of the features found in the self-hosted version of WordPress, writing content is generally the same experience. However, one thing I’ve noticed is that, more often than not, the text area doesn’t expand to the bottom of the page. As I fill the text area with content, it doesn’t automatically expand. A quick fix is to reload the entire page by clicking the save draft button. Once I do this, the text area expands to take up the full-height of the browser window.

Instead of having separate meta boxes for each task, some of them have been combined like categories and tags. The design of the publish meta box is a major improvement compared to the self-hosted version. It has a cleaner look and seems easier to use.

New Post Editor Meta Boxes

One of the things I like most about the new editor is that it’s distraction-free by default. The surrounding admin elements in the classic editor are gone, allowing me to concentrate on writing. Meta boxes are shown but I don’t see them as distractions. The new editor also doesn’t waste valuable screen real estate showing admin notices, that I still haven’t figured out how to dismiss.

Admin Notices That Never Go Away!

API Driven Interfaces Need to be Fast

The new editor is a real world example of an alternative publishing interface built using the WordPress.com REST API. The biggest take away for me from using the new editor is how important speed is. As work continues on the REST API project for the self-hosted version of WordPress, which will likely lead to an explosion of alternative publishing interfaces, I think it’s important for developers to consider how to make things as fast as possible. It doesn’t matter how nice the interface is if the API isn’t fast enough and ruins the user experience.

After forcing myself to use the new editor for a few months, I rarely use the classic editor. It’s definitely not the ideal interface for everyone which is why I’m glad the team decided not to make it the only interface available. It has a few quirks, but for the most part, I don’t mind using it. If you use WordPress.com, let us know what you think of the new editor in the comments.

The Roots starter theme for WordPress has rebranded as “Sage” with its 8.0.0 release today. Roots project creator Ben Word announced last year that he planned to change the theme to be framework agnostic in 2015. This release is the first step towards that goal.

Fans of the starter theme appreciate its cleaner HTML, cleaner script output, and its unique theme wrapper method for handling template markup. Version 8.0 introduces a new frontend workflow that uses Gulp instead of Grunt:

• Write stylesheets with Sass or Less
• Assets from Bower packages (CSS, JS, fonts) are automatically added to your theme assets
• JSON file based asset pipeline that allows you to customize your compiled CSS and JS files
• Replaced LiveReload with BrowserSync, making your workflow faster by synchronizing interactions across multiple devices

Version 8.0 also drops IE8 support and raises the minimum PHP version requirement of PHP 5.4+. “We’re not going to let the WordPress minimum requirement of 5.2 hold us back from using short array syntax, short echo syntax, and namespaces,” Word said.

Now that Sage 8.0 is available, Word is concentrating his efforts on developing a Yeoman generator for the starter theme, which will allow users to integrate their desired frontend framework.

“Right now you can fairly easily use Bootstrap Sass instead of Less, swap out Bootstrap for another framework, or use no framework at all,” he said. “With a Yeoman generator you’ll be able to select from options to have your starter theme built how you like it from the beginning.”

Going framework agnostic will open up the Roots user base to more developers who may have previously been turned off by using Bootstrap with their projects. The rebranding to Sage allows Word and contributors to use the Roots organization to further expand the product lineup that will eventually subsidize the continual development of the open source starter theme.

“About time” is probably what comes to mind. Twitter has announced an official WordPress plugin to support their platform. It’s available now on the WordPress plugin repo.

They just released the plugin a couple of hours ago. It’s actually taking the place of an existing plugin, which was wiped from the plugin repo two weeks ago by Otto Wood. That’s what will account for the 150,000+ downloads upon initial release. Otto has now reset the count in the database, so the numbers are more realistic.

I reached out to Otto to see how these decisions are made. Otto is one of the managers of the repo.

A twitter representative emailed us, sent us the plugin, and asked to have the “twitter” name in the directory. We reviewed the plugin as per normal, found no issues with it, and decided to give them the name because, after all, they are indeed “Twitter” and have the rights to their own name.

The previous plugin occupying that space had been inactive for a long period of time and had no real existing installations to speak of anymore. Additionally, the plugin had been closed for quite some time previous to that.

So giving them their own name is pretty much a no-brainer.

Techcrunch, and likely others, are misreporting the plugin’s immediate popularity, as those numbers were largely from the previous iteration of the plugin.

Twitter’s new plugin has a number of features, many of which have been implemented over the years by unofficial sources like Jetpack and Yoast.

For one, they have released “official” Tweet and follow buttons, along with a settings page for basic configuration.

Also, there’s a metabox on post edit that allows you to customize the predefined Tweet and Twitter cards, which is quite nice.

They also have the ability to customize the colors for embedded tweets inside WordPress content.

According to the Twitter blog announcement, there is also integration for Twitter ads and analytics tracking, which are both nice features for publishers.

The one thing I notice is not in this plugin is any authentication feature. Perhaps it’ll come in the future, but right now you wouldn’t be able to auto-tweet new posts or perform other actions that would require Twitter Apps and authentication on a per-site basis. This is the type of functionality that Jetpack has long performed, using the WordPress.com authentication.

I’m pretty happy to finally see an official Twitter plugin. The source code is on Github, and the plugin is released with the MIT license. At a very quick glance, it seems quite well done and I’m looking forward to playing with it some  more.

This week Envato published stats on how WordPress product sellers are doing within its economy. Theme authors make up the bulk of WordPress-based earnings on its marketplace and continue to dominate sales.

Inspired by his interaction with the WordPress business community at Pressnomics, Ben Chan, director of Growth and Revenue at Envato, penned an insider brief about the WordPress segment of Envato’s economy. The post makes it abundantly clear why theme authors continue to sell their products on Themeforest, despite the marketplace’s poor reputation among WordPress consultants.

Envato’s steady pipeline of traffic is the deciding factor for many commercial theme authors. “In September 2014, ThemeForest was the 88th most trafficked website in the world (according to Alexa.com), at the time ahead of Netflix,” Chan said. “The traffic it receives is more than just eyeballs; these are buyers looking to purchase a theme and many are introduced to WordPress for the first time.”

This volume has made it possible for 31 authors to sell more than $1 million dollars worth of products through Envato. “We have authors earning tens of thousands of dollars from our various product types, but it’s WordPress authors who currently dominate our Power Elite wall of fame by holding 30 of the 31 Power Elite spots.”

Competition is fierce among WordPress themes, yet even moderately competitive themes can make a decent chunk of change. Envato’s heavy traffic virtually guarantees sales for new theme authors. Chan reported average earning data for a single theme during a single month:

• 50% of all WordPress themes on ThemeForest have made at least $1,000 in a month.
• 25% of all WordPress themes on ThemeForest have made at least $2,500 in a month.
• 15% of WordPress themes have made at least $5,000 in a month.
• 7% have made at least $7,500 in a month.
• 5% have made at least $10,000 in a month.

Theme authors who make their products responsive and compatible with WooCommerce and WPML tend to have much higher earnings, which indicates that people are building WordPress sites that will be optimized for mobile traffic and global commerce.

Poor Standards Lead to Security Vulnerabilities and Loss of Data Portability

Envato remains the dominant marketplace for commercial WordPress themes, despite rampant security concerns surrounding its products on a regular basis. Last September, 1,000+ Envato products were affected by the Slider Revolution security vulnerability. This particular debacle was fueled by theme authors who were lax in patching their products, as well as Envato’s poor standards, which continue to allow authors to bundle plugins with themes.

If Envato required theme authors to adhere to industry best practices by clearly separating their theme and plugin products, the company would have had no need to publish a list of 1,000+ themes potentially affected by a vulnerability that was being actively exploited since its disclosure.

Obviously, the data presented in Chan’s insider brief was designed to convince more authors to sell on Themeforest. Several of the theme product examples he showcases are packed full of functionality that belongs in plugins, i.e. automotive listings, filterable inventory, custom categories and taxonomies, etc. The products do not clearly differentiate what functionality is included in a plugin vs. the theme itself.

Additionally, many of these top-selling themes offer accompanying plugins that are only compatible with that specific theme, a desperately myopic development practice rampant among Themeforest products that locks users into that theme/plugin package.

What would be even more fascinating to know are the stats on WordPress theme products that do not bundle any plugins whatsoever. How well are the products doing that are pure themes with a clear separation from the plugins they support? Where are the stats for themes that absolutely guarantee unobstructed data portability for customers?

Envato theme authors are making large sums of cash by selling themes that are packaged as complete solutions for online businesses, because that’s what consumers have been trained to expect – the bigger the package, the more appealing the product. This can cause serious problems with data portability for customers down the road and remains a continual source of frustration for consultants who are hired to support poorly built Envato products.

Source: Avada theme on Themeforest

The marketplace’s loose product standards allow theme product authors to thrive on selling full website solutions, as Justin Tadlock discovered in his Themeforest experiment. Envato continues to rake in the cash from products that undermine best practices designed to protect users:

ThemeForest is in the business of selling WordPress themes. Selling anything else is underhanded at best and false advertising at worst.

If you want to sell a “Web site solution” or whatever you want to call it, you’re selling on the wrong marketplace. Go create your own site and sell these applications for WordPress.

If the marketplace were to change its standards and encourage theme authors to build themes that respect WordPress’ plugin system, it would most certainly result in a loss of profit. Envato currently has little incentive to move in this direction. As with the case of GPL licensing options, the company historically drags its feet until forced to comply with most basic requirements.

The WordPress community continues to pressure Envato to hold theme and plugin authors to standards that would better ensure the security and performance of users websites, but Envato isn’t likely to enforce stricter standards anytime soon.

The company continues to parade its top sellers as incentive for new authors to bring their products into the marketplace. Changing theme product standards would require the restructuring of virtually all of its top-selling products. Envato’s bottom line will continue to drive its standards until either the market or the community force the company to change.

If you use WP Slimstat, you’ll want to make sure you’re using version 3.9.6 or later as Sucuri has discovered a severe SQL injection vulnerability in versions 3.9.5 and lower. WP Slimstat is an analytics plugin for WordPress that provides real-time monitoring, heatmaps, and other features to monitor website data. According to Sucuri, the vulnerability can be used by any visitor browsing a vulnerable website:

This bug can be used by any visitor browsing the vulnerable website. If your website uses a vulnerable version of the plugin, you’re at risk. Successful exploitation of this bug could lead to Blind SQL Injection attacks, which means an attacker could grab sensitive information from your database, including username, (hashed) passwords and, in certain configurations, WordPress Secret Keys (which could result in a total site takeover).

Although the author has patched the security vulnerability, he offers some additional advice.

If you are using a caching plugin, please flush its cache so that the tracking code can be regenerated with the new key. Also, if you are using Slimstat to track external websites, please make sure to replace the tracking code with the new one available under Settings > Advanced.

Spread the news and to be protected from the vulnerability, make sure any site using WP Slimstat is updated to the latest version.

There’s been some controversy and discussion about the fact that WordPress.com no longer support Bitcoin in our new checkout flow on signup. (It’s still there in some other flows.)

Since there has been a lot of discussion about it, I wanted to share directly some of the answers I had to Grace’s follow-up questions, since I’m not sure if they’ll be published and if they are it probably won’t be in their entirety.

In regards to your future plans for the currency, is bitcoin support definitely returning or is that just a possibility at this point?

We’re big fans of Bitcoin and hope to support it again in the future, for all of the reasons that we originally supported it in 2012, which you can read about here:

http://en.blog.wordpress.com/2012/11/15/pay-another-way-bitcoin/

Is there anything that will influence the outcome of this decision?

No, it is simply a matter of development resources, which are especially scarce for us right now as we’re trying to keep up with growth.

You mention that bitcoin has low volume compared to other payment methods, has this always been the case? Has its volume share changed over time?

The volume has been dropping since launch, in 2014 it was only used about twice a week, which is vanishingly small compared to other methods of payment we offer. We supported Bitcoin for philosophical reasons, not commercial ones.

What are the key aims of your checkout process changes?

Our goals are twofold: to refactor the code behind it which has parts that are over five years old and has grown very complex, and to make it faster and easier for people to buy our services.

When you first launched bitcoin payments WordPress’ blog post praised it as an inclusive payment method for those who cannot use PayPal. Do you worry that these people will now be excluded from the platform?

Of course, but either that number of people turned out to be smaller than we expected or they found other ways to pay. Since it’s so few people overall I’m happy to extend people’s subscription for a year, as I offered in your comments section.

What does being a ‘big believer’ in bitcoin mean to you?

I believe Bitcoin or some other blockchain-like system will be the basis of the majority of financial transactions in the future, from small remittances to multi-billion dollar corporate acquisitions. I think transaction costs should follow Moore’s law, and I don’t think we’re going to get there with the centralized gateways that currently account for the overwhelming majority of transactions. I also personally hold Bitcoin, I’m an advisor to Stellar.org, and my friends make fun of me for bringing up Bitcoin and the blockchain in unrelated conversations.

The bitcoin option still appears on the ‘WP Admin’ screen but not on ‘My Upgrades’. Is this part of the phase out, or likely to stay this way?

That’s on the old code base, and will be available for a short while if any current Bitcoin subscribers want to renew while the option is still available.

WordPress for iOS 4.8 is available on the app store and includes a few notable features. The app now sports a visual editor providing a what you see is what you get experience. Prior to 4.8, the editor was stuck in HTML mode making it hard to read and write content.

The editor contains the most commonly used formatting tools and just like the desktop version of WordPress, includes a toggle to switch between HTML and Visual editing mode. There’s also an image size selector where you can choose between Thumbnail, Medium, Large, or Full-size.

Although I struggled with adding block quotes, the visual editor is a nice departure from HTML mode. I find it convenient to format content as I’m writing versus when the post is completed. Overall, 4.8 is a nice release and I think users are going to enjoy the new visual editor. After you upgrade to 4.8, let us know what you think in the comments.

Websites come and go. With them, typically goes their data. This is often called “link rot”, when the content in question was also linked to from another source. Sometimes I don’t mind too much, because I’m not terribly invested in that content. However, there are times where content has a relevance in news matters, or as a significant historical timeline.

Sometimes, a website where I contributed content goes away or atrophies– in some form or another — and it makes me sad to see my content go down with the ship.

Three places where I contributed much of my early WordPress content have either lost data, had data corrupted, or disappeared entirely. Each makes me sad.

Some of my earliest WordPress related words were typed out on WP Tavern‘s forums, Theme Hybrid‘s (private) forums, or WPCandy. Each situation is different. WP Tavern’s forums are totally gone, though I’m told there is an offline backup, meaning they could be brought back alive. Theme Hybrid recently deleted all old forum data, though this forum was private and the most excusable of the three in my opinion. (edit: as Sami notes in the comments, the archive was kept. I just didn’t see it.) And WPCandy, while not gone, seems it could disappear any day — and I wrote something like 130-140 blog posts over there. I’d be incredibly sad to see WPCandy disappear forever.

Stories like these aren’t unique to me. All of us that write or comment or participate in online communities have similar stories. It appears that data loss is just a thing we have to live with in the modern age. I know a friend of mine, Siobhan McKeown, has many times struggled with finding old content for the History of WordPress book she is finishing writing.

Fighting link rot

Why is this important and what can we do about it? Well, there are a number of resources that can be helpful.

The first and obvious method for fighting link rot is archive.org, the project that is archiving as much of the web as possible to preserve it for future generations. Archive.org is outstanding, and it is a huge project on a grand scale. The team there makes great efforts to document important websites, and automatically attempts the rest.

The problem is, with many smaller websites it may or may not be successful, or snapshots of the website may be dated or not include everything. Furthermore, if the website isn’t structured in a certain way or is password protected, there’s not much they can do.

So, without relying on archive.org to do it for us, there are two other methods worth noting.

Manual backups

In individual communities, we can manually make the effort to backup sites that we believe are at risk. We should also contact these site owners and requests backups, even if that comes off as an affront.

When Siobhan was writing the History of WordPress book, she was worried that WPCandy could go offline — as it “was becoming particularly degraded” while she was writing — so she personally scraped a backup of the site with a tool called SiteSucker.

SiteSucker finds URLs, logs them, and backs up the source HTML. Similar work can be done with wget, for those that know how to utilize it. It’s my understanding that various individuals have done this with a number of other WordPress websites as well.

For WordPress sites, I know WP Tavern’s forums still exist offline, and Siobhan tells me she even has a backup of the old b2 forums (the software which WordPress was forked from). I’d also guess Justin Tadlock still has a backup somewhere of his forums. I’d love to see these, and other “lost” sites have a public place where the archives can be maintained.

Self-hosted backups

Another method to fight link rot is to backup linked sources as we create new content. Harvard’s Berkman Center is currently beta testing what will be a commercial tool, called Amber, to fight link rot. In the news industry specifically, the source URLs for linked content can contain significant context for a post, making link rot on old posts particularly damaging to the piece that links them, assuming additional context will be available to the reader.

Amber stores the source HTML, much like Archive.org, wget, or SiteSucker, but stores it on the host site’s servers. Meaning, if I were using it here right now, each link in this post would have an associated HTML document on my server to preserve the link and the content therein. The tool then detects 404s if the link rots in the future, and offers up a cached version from my own server.

Obviously a tool like Amber is not a small investment. It would require news organizations to have more server resources at the least, but it would be an important investment to protect the integrity of source content.

The Amber website cites that 49% of links in United States Supreme Court decisions are dead, and that over 135,000 Wikipedia source links are dead. These numbers alone are staggering, and prove a very good point. I can’t imagine what the ratios of dead links are for longstanding newspapers like The New York Times, and others.

Amber will be available for WordPress and Drupal, or most platforms that support Apache or Nginx. I’m really, really excited about this tool. I know it will cost money (in resources at least, as I’m not sure if it’ll be a commercial product), but if enough people adopt it, it could really help save a lot of future data. I’m very interested in it for Post Status, as a number of blogs and companies I cover go away if they are not successful upon launch (when I often cover them).

Why fighting link rot is important

We don’t know what items being published today will be important tomorrow.  What we do know is that future politicians, world leaders, and to-be significant individuals and organizations are publishing online today. And when these people or organizations are in significant positions, we will want to know their pasts and opinions.

Perhaps more importantly, cultures, subcultures, and events being documented online may not have any offline version. The web has a beautiful advantage over other mediums like television and newspapers, in that storage of historical data is much simpler, and easier to search. The web enables our timeframe of life on earth to be the most documented in all of human existence.

It is our responsibility as publishers to protect our own content, but also the content of others. I’m reminded how easy it is now because of how hard such efforts are on other mediums. I once read a story about Marion Stokes (also, NPR version), who recorded 35 years of TV news on her own — news that would have been lost without her monumental and perhaps compulsive efforts.

We also have a responsibility as site owners to keep our content up even past when we may hang up our hats. Within our various niche communities, we should be making efforts to document and keep the past.

In the case of WordPress, we’re cataloguing software that powers nearly 25% of the web, and growing. There are important stories being told today that may be educational to future publishers, documentarians, or simply interested individuals. You never know when our content will matter again, but it might, and therefore we should take strides to keep it.

Press This is a bookmarklet tool that was added to WordPress 2.6 in 2008. You can access the tool by browsing to the WordPress backend and select the Tools menu. It acts as a small app that runs in the browser to quickly share content on the web. Press This is in the process of being revamped in preparation for WordPress 4.2.

Press This Location

Because the bookmarklet uses content from the site being shared, it’s easy to infringe on a website’s copyrighted material. Daniel Bachhuber brought up the issue in Github where active development is taking place.

I’m not the best person to comment on this, but it seems like building a tool that automatically scrapes copyrighted materials should have an upfront discussion about said legal implications, and whether this is something we should promote.

To my knowledge, this is the first time the issue has been brought up since its inclusion into core. Stephane Daury, who is one of the project’s primary contributors explains that, the tool goes through great efforts to use values clearly defined by websites.

We also (now) make a greater effort to use values the sites have clearly defined and specified as being what they want their articles and content to be represented as when shared elsewhere, by detecting Open Graph and Twitter Cards tags, etc. This includes representations for thumbnails, embeds, etc.

Although it’s not documented in the conversation on Github, Michael Arestad reached out to Paul Sieminski, Automattic’s general legal counsel, and received word that, from a legal standpoint, Press This is fine. Richard Best of WP and Legal Stuff published a post on the issue and takes a similar stance:

It seems that a person in-the-know in Automattic has commented internally (no doubt in more detail than we see in the public online discussion) that Press This is fine. I agree. I thought it might be of interest to those following this issue to explain why.

The discussion revolves around the notion of ‘authorising’ an action that amounts to copyright infringement or ‘contributing’ to infringement (similar concepts which, in different jurisdictions, are called different things). It explains why there is no such authorisation or contribution here and why, therefore, Press This is fine.

The Press this bookmarklet is a convenient way to share content on the web, but it doesn’t prevent copyright infringement from occurring. Best makes an excellent point when he says that, it’s the end user’s responsibility to make sure they’re not infringing on anyone’s copyright:

It can, of course, also be used to infringe copyright, by copying a full article without permission or copying a full size copyright image without permission but, ultimately, Press This is simply a (pretty handy) tool of convenience. It’s the user’s responsibility to use Press This within the confines of copyright law (or run the risk of being accused of copyright infringement).

While Press This is a tool that makes it easy to share snippets of content on the web, it should not be used to re purpose entire articles or share full-size copyrighted images. As Voltaire once said, “great power comes with great responsibility.”

photo credit: Cologne – Locks – (license)

Mika Epstein, who helps oversee the WordPress plugin directory, has published a simple request to stop using copy protection. Epstein explains how copy protection degrades the user experience, makes it difficult to provide tech support, and perhaps most importantly, how they don’t work.

She suggests that photographers use a watermark and not put full-size images on the web. They should also host images on cloud based services like Amazon as PHP and large image sizes don’t get along. As a last resort, she suggests DRM as an option similar to how Getty protects their images.

As much as it pains me to say it, DRM is also a solution. So is watermarking your images. The way people like Getty protect their images is to lock it down to purchased users only. You can (fairly easily) download the smaller, sample images, but the awesome big ones are locked down.

She finishes the post by saying there’s only one way to combat content theft: don’t publish it online.

Getting Around a Copy Protection Plugin

A search for copy protection on the WordPress plugin directory generates 271 results. I installed WP Content Copy Protection as it’s one of the more popular options and it has a ton of features, including:

• Disables context menu (right click)
• Context menu is only clickable on HREFs
• Disables text selection and browser copy functions
• Disables text and image drag/drop/saving function on PC and mobile devices
• Javascript validation (displays error message when Javascript is disabled)
• Disables keyboard copy (CTRL A, C, X, U, P and S) – Windows OS
• Disables f-key command for accessing developer tools
• Uses compressed Javascript (increases load speed and reduces http requests)
• The image link URL is automatically removed and defaulted to the ‘none’ setting (basic image protection)
• No configuration, customization or coding needed.

As you can see, this plugin does a lot and should prevent me from easily stealing content. After installing and activating the plugin, I visited the front page of the testing site and discovered all of the usual suspects were disabled. I couldn’t right-click to view the page source or directly download an image. I opened up the Firebug extension in FireFox and inspected the image element.

Image Inspected With Firebug

After inspecting the image within the post, I gained access to the direct URL in Firebug’s console. I copied and pasted the URL into a new browser window which allowed me to download the full-size image. I’m also able to inspect paragraph elements and copy those as well. If the site is using the free version of WP Content Copy Protection, I can use its RSS feed to scrape content as only the pro version removes RSS feeds.

The pro version adds several features that make it much more aggressive at content protection. For instance, it has a print screen deterrent agent to prevent the use of screenshot tools to steal images. I’ve contacted the plugin author and have asked for a free trial to see if I can easily get access to protected content with the pro version. If he gives me a copy, results of the experiment will be published in a future post on the Tavern.

Although copy protection plugins or copy protection in general prevents the average website visitor from being able to steal content, they come with a lot of unnecessary baggage. In essence, they do more harm than good, especially from an accessibility stand point, as common keyboard shortcuts are disabled. If you don’t want to have your content stolen online, don’t publish it.

WordCamp Miami is one of the largest and longest-running annual WordPress events, thanks to its dedicated organizers and volunteers. Last year, the event attracted 770 WordPress enthusiasts from around the world. Co-organizer David Bisset expects that attendees will be in the range of 800 this year for its 6th edition.

The event has sold out every year, with 250 attendees on its first run in 2010 and attendance steadily increasing every year. Organizing a successful WordCamp for more than half a decade requires organizers to go with what works and always be open to introducing new formats.

Expanded Kid’s Workshop Planned

Last year’s fifth anniversary event included an experiment with hosting a kid’s workshop for ages 8-12. Organizers guided the children through the process of setting up a new blog and publishing to the internet for the first time. Bisset said the 2015 event plans to expand on kid’s workshop.

Expect it back this year based on demand, but we are also bringing something else for young ones to WordCamp Miami 2015. One of our biggest goals at WCMIA is diversity – and diversity includes young ones. They are the next generation of bloggers, developers, and coders.

Volunteering to help with the kid’s workshop is a fun way to reignite your excitement about WordPress and publishing in general. The event will likely offer more opportunities this year with an expanded workshop planned.

BuddyCamp Miami to Return for 3rd Edition

BuddyCamp Miami will return for a third year on May 29th to kick off the main event. This year the topics will be more developer-focused than previous years.

“We really don’t want people just to come and listen to talks, but actually CHAT with developers and contributors one-on-one to learn and improve their development and design skills with BuddyPress and bbPress,” Bisset said. Attending a BuddyCamp is a good way to connect with those who are involved in making BuddyPress and find out more about extending and contributing to the plugin. Attendee maximum numbers for the 2015 event will be more limited than previous years to facilitate a stronger environment for developer-focused learning.

New “How To” Track

WordCamp Miami is already a veritable smorgasbord of WordPress knowledge, but organizers plan to add several new formats this year for variety. In addition to the traditional abstract/motivational track, a practical “How To” track is in the works.

“This track will be focused on users walking into the room and walking out in that same hour with actionable insights and knowledge,” Bisset said. Sessions will take the form of mini-workshops where attendees can quickly learn new techniques and technologies.

Bisset’s announcement also hints at “Hallway Tracks,” which will unofficially welcome and recognize hallway networking. Business talks will be welcome again this year but will be refocused to provide a more practical and organized series of talks with resources for attendees.

WordCamp Miami will remain committed to furthering developer education based on feedback from the local community. Organizers plan to encourage more deeper-level developer talks at the 2015 event. “We think Miami is ready for more serious developer talks and conferences,” Bisset said. “According to feedback from local meetups and other sources, more and more advanced topics are being desired (and less of the very early or beginning level topics).”

A Call for Speakers and Volunteers

Speaker applications for WordCamp Miami opened up today, and organizers welcome first-time WordCamp speakers to join the event. Topic suggestions are available on the speaker submissions page of the event website.

An event of this magnitude requires a large crew of local volunteers. Last year the eight person coordinating team managed a crew of 30 volunteers, a few of which were even from out of town. “Volunteers literally made 2014 possible,” Bisset said. The team currently has almost a dozen coordinators in its Slack group and will be adding more in the coming weeks. If you want to get involved, there are lots of opportunities to share your knowledge and skills to help make WordCamp Miami 2015 another successful event.

Find three hobbies you love: one to make you money, one to keep you in shape, and one to be creative.

I’m not sure the provenance of this quote, but I read it and it really resonated with me, and I’ve found myself repeating it frequently.

Last year, WordPress saw a renaissance in personal blogging themes. The official WordPress.org directory received a deluge of high quality themes that served to raise the bar for commercial developers when it comes to design and simplicity.

In particular, the trend of flat, minimalist blogging themes is still running strong. Last month, theme design and development duo Mel Choyce and Kelly Dwan released Aventurine, a bold new theme for writers.

The name Aventurine was inspired by the Italian phrase a ventura, meaning by chance, but the theme’s elegant and deliberate typography choices indicate that nothing has been left to chance. Aventurine posseses a design wholeness where every element has a clear purpose, and the theme is free of cluttersome widgets and extraneous meta.

The theme’s colors are reminiscent of Choyce and Dwan’s popular Flounder theme, which has been downloaded more than 33,000 times. Aventurine’s text and headers feature Josefin Sans and Varela Round from Google Fonts.

The theme includes customizer options for setting the background and header colors. You can also upload a background image. Aventurine’s creators recommend using a repeating pattern, such as the ones offered at subtlepatterns.com.

Featured images are displayed as headers on top of posts at 900px wide for impact. The footer widget areas the only additional customizable feature. They are displayed neatly beneath posts and do not detract from the main content of the page.

Dwan and Choyce built Aventurine with accessibility in mind, particularly as it relates to best practices for interacting with keyboard and screen readers. While the theme’s default color palette does not pass accessibility guidelines, the authors made it easy for you to change some of the theme’s main colors in the customizer. Further customizations can be added to a child theme.

Aventurine has built-in support for a range of Jetpack features, including galleries, carousels, infinite scroll, and Photon. Over the past year, the Jetpack development team has been refining the plugin’s features to be more friendly to theme developers. Many newly released themes are taking advantage of this by supporting Jetpack features out of the box.

After sorting through dozens of free themes added to WordPress.org in early 2015, Aventurine is one of the few that stand out as truly original and inspiring. It’s one of the best-designed personal blogging themes of 2015 thus far. Check out the live demo on the theme’s homepage. You can download Aventurine for free from WordPress.org or install it via your admin themes browser.

I am Elon Musk, CEO/CTO of a rocket company, AMA!. This guy continues to amaze.

Hey guys! I found a good comment on Youtube. Documenting here for posterity, from vTxTobi:

Top 5 rappers:
1. Kendrick Lamar
2. K.dot
3. Guy in second verse of Control
4. Short dude in TDE
5. The good kid in a mad city

(I added the links.) The joke is all of those refer to Kendrick Lamar, so was laugh-out-loud funny. It was on Kendrick’s powerful and controversial new Blacker the Berry track. So congrats to vTxTobi for writing the only decent comment I’ve read on Youtube in years.

There’s been some interesting threads going around on Jetpack and the future of WordPress, here’s Chris Lema’s take: Is the Future Success of WordPress tied to Jetpack?.

Last week WPGlobus 1.0 beta was released on WordPress.org. The plugin offers an interesting new attempt at providing multi-language support for WordPress sites. WPGlobus allows you to configure a set of available languages and adds a dropdown language switcher to the frontend via a custom menu.

The development team behind WPGlobus is led by WordPress developer Gregory Karpinsky. He designed the tool to be used on bilingual/multilingual WordPress sites. To be clear, the plugin does not provide translations, but rather allows you to create your own translations for pages and posts in the admin.

Karpinsky quotes the venerable Capt. O.B.Vious in his reasoning behind creating the plugin: “People are a lot more likely to interact with your website if it is available in their own language.” WPGlobus was designed to make it easy for anyone to add a language switcher to their site without too much hassle.

The current version of the plugin offers the following feature highlights:

• Add multiple languages and countries to your site.
• Translate posts, pages, categories, tags and menus using a clean and simple interface.
• Switch languages at the front end using a dropdown menu with language names and country flags.
• Supports the WP-SEO titles and descriptions in multiple languages

The first step in using the plugin is to select the languages you want to be available in the frontend dropdown. WPGlobus offers different ways to customize the way the languages appear in the menu and comes with flag images pre-installed for each language. The images are also customizable, should you wish to add your own or define custom combinations of country flags and language abbreviations.

If you have a relatively small website that is quick to translate, you can paste translations for other languages directly into WPGlobus’ tabbed interface in the post editor.

The frontend dropdown menu allows visitors to switch between languages and displays them by changing the URL (/{language}/page/).

In its current state, WPGlobus was designed for simple, static sites. For example, it could be useful for an event where attendees speak a handful of different languages. In this instance, the event staff can easily translate event details on the various pages to provide information for attendees in their own languages.

For large sites and blogs, an expanded version of WPGlobus is in the works, which would integrate with multilingual plugins, such as WPML, qTranslate, or Polylang. Further down the road, Karpinsky hopes to integrate functionality that will assist e-commerce vendors:

When it comes to e-Commerce, additional challenges may arise. The Buyer, the Seller and the Site Administrator may all speak different languages. A user may have a non-trivial combination of residence, language and currency. Some countries are multilingual, so clicking on a country flag is not always enough. WPGlobus attempts to solve those problems. It’s a long way down the road but we are full of energy and optimism.

At the moment, the plugin is suitable for WordPress administrators who want to make their sites more global and are willing to provide their own translations. WPGlobus is available from WordPress.org. I tested the plugin, and, although it’s still technically in beta, it works as advertised for providing your own translations on a small website.