WordPress Planet

October 04, 2015

Post Status: How WordPress core development happens — Draft podcast

Welcome to the Post Status Draft podcast, which you can find on iTunes and via RSS for your favorite podcatcher. Brian and his guest co-host, Brad Williams discuss some of today’s hottest, current WordPress news.

This week Brian and Brad talk about how to get involved in WordPress core, what to expect when you do, how to navigate the waters of core development. They also discuss term meta, its use cases, how it works, and why it’s a great feature for WordPress 4.4.

Brad is guest hosting this week, as Joe is out. He’s the co-founder of WebDevStudios, a co-organizer for WordCamp US, and wrote Professional WordPress Design & Development  (my go-to book on WordPress development). You can follow Brad on Twitter @williamsba.


Direct Download


WordPress core development process:

Term meta:

by Katie Richards at October 04, 2015 12:55 AM under Everyone

October 03, 2015

WPTavern: WP101 Founded by Shawn Hesketh Turns 7 Years Old

Earlier this week, WordPress video training site WP101, founded by Shawn Hesketh, turned seven years old. Since launching in 2008, Hesketh’s videos have been viewed more than a million times by over 500k people. He’s also re-recorded the videos that make up the WP101 series 17 times. With seven years of experience under his belt, I asked Hesketh what he would have done differently in the beginning.

“From a technical standpoint, I wish I’d picked a solid membership plugin that would have enabled us to grow. We’re planning a costly migration in the coming months, and a better membership plugin might have saved us the considerable hassle and cost,” Hesketh told the Tavern.

Technical issues aside, Hesketh believes his business’ success is largely due to his focus on serving people, “It’s one thing to create an online course and hope people discover it. But it takes much more dedication to actually engage people on a daily basis, take the time to understand their goals, and then help them get clear on how to accomplish those goals,” he said.

Hesketh doesn’t have any regrets but wishes he launched the question and answer forum on the first day, “Its given me the opportunity to answer questions that may not be covered in our videos. That’s the real value that WP101 brings to the table, real people helping others,” he said.

WP101 launched around the same time as a lot of commercial theme shops such as iThemes, StudioPress, and WooThemes. Although WP101 doesn’t sell commercial themes or plugins, Hesketh has carved out a space in the WordPress ecosystem that enables him to make a living. If you use WP101 or have in the past, I’d love to hear what you think of his videos in the comments.

by Jeff Chandler at October 03, 2015 01:33 AM under wp101

October 02, 2015

WPTavern: The Top 100 Active WordPress Themes and Plugins on GoDaddy’s Hosting Network

It was a warm, sunny afternoon in Tempe, AZ as I walked with a group of GoDaddy employees on our way to lunch during Pressnomics 3 earlier this year. It’s the first time I met Mendel Kurland, Christopher Carfi, and Kurt Payne in person. During lunch, we discussed a number of topics from the efforts made to change the company’s image, to ideas that help the WordPress community.

I suggested to the team that GoDaddy create a billboard chart that shows the most popular themes and plugins used across its network. Not only would the information be beneficial to the company, it would also give the WordPress community valuable insight into what plugins and themes are used on a webhosting network with millions of customers.

Nine months after our discussion, GoDaddy turned the idea into reality with the Hot 100.

Top 100 Plugins and Themes of The WeekTop 100 Plugins and Themes of The Week

GoDaddy tracks which themes and plugins are activated across the millions of sites it hosts and puts the 100 most popular of each into a list. The list is generated each week and places the previous week of results into an archive allowing you to monitor trends.

Similar to the Billboard Hot 100, you can see the current rank of a plugin or theme, whether it’s moved up or down, and what its rank was the previous week. With an influential list like the Hot 100, it would be easy to accept paid listings. Carfi, confirms it’s not possible to purchase placement.

How the Lists Are Generated

The Hot 100 is determined by ranking the net change in the number of active installs of WordPress plugins and themes in aggregate across GoDaddy’s hosting network. It looks at plugins and themes that are active at the time of the analysis and does not include plugins or themes that are deactivated.

Instead of using the total number of active installs, the Hot 100 looks at the week-over-week change in active installs. This enables the list to determine which plugins and themes are hot or part of a rising trend. It also prevents bias towards plugins that already have a large install base such as Jetpack.

Interestingly, themes on the list that are non-GPL are specifically noted and link to the Hot 100 instead of their corresponding theme page. In a post published to the Advanced WordPress Facebook group, Jeff King, Senior Vice President of Hosting at GoDaddy explains why.

One great recommendation and valuable bit of feedback we received is that, since the community embraces GPL, we should reflect that ethos in the Hot 100 list. While some non-GPL themes or plugins may occasionally show up in the list due to the fact that some non-GPL items still exist in the ecosystem, we don’t necessarily need to link to them. As of next week, we’ll be removing links to non-GPL themes and plugins.

The Hot 100 Is a Valuable Resource

Although WordPress.org provides stats for plugin and theme authors, you can’t determine where they’re being used. The GoDaddy Hot 100 gives the public and developers of popular plugins and themes an opportunity to see how well they’re doing on one of the largest webhosts in the industry. While Jetpack and Akismet are the two most active plugins and seven default themes make up the top 10 themes, it’s the 25th-100th rankings that I find interesting.

For example, Hello Dolly which ships with WordPress and is activated by default after installation is ranked 27th this week. Last week, it ranked 38th meaning a lot of new installs of WordPress have taken place. This indicates that even though a lot of customers disable the plugin at some point after installation, it remains active on many sites hosted by GoDaddy.

One of the largest jumps I’ve seen so far is the Image Widget plugin by Modern Tribe. It was ranked 95th last week and 31st this week. It would be interesting to know why a lot of new WordPress installs are activating this plugin on GoDaddy hosted sites this week versus last week.

The Hot 100 is a valuable resource and I encourage you to see if your favorite plugins and themes made the list. Although it’s specific to GoDaddy, do you think the data is valuable? Would you like to see other large webhosting companies provide a glimpse into the most active WordPress themes and plugins used across their network?

by Jeff Chandler at October 02, 2015 06:51 PM under trends

WPTavern: Jetpack 3.7.2 Patches Two Security Vulnerabilities

Jetpack 3.7.2 is available for download and patches two security vulnerabilities. The first is a cross-site scripting vulnerability in the contact form due to improper input sanitation that affects Jetpack 3.7.0 and below. Marc-Alexandre Montpas of Sucuri is credited with responsibly disclosing the vulnerability.

The second is an information disclosure vulnerability present in certain hosting configurations responsibly disclosed by Jaime Delgado Horna of Listae. In addition to patching the vulnerabilities, 3.7.2 also fixes an error with the REST API that creates multiple drafts and published posts. Other notable fixes includes:

  • Updating the Google+ logo in our sharing buttons.
  • Adding custom capabilities for module management for multisite installs.
  • Fixing a bug that was sending the contact form response fields in the wrong order.

Montpas has additional information on the cross-site scripting vulnerability discovered in Jetpack on the Sucuri blog, including a timeline of events. Please update to Jetpack 3.7.2 as soon as possible to protect your sites.

by Jeff Chandler at October 02, 2015 04:12 PM under xss

October 01, 2015

WPTavern: WPWeekly Episode 208 – A Nod to the King

In this episode of WordPress Weekly, Marcus Couch and I discuss the death of Alex King who was a pillar of the WordPress project. King passed away a few days ago from colon cancer. We share stories of meeting and discussing WordPress topics with King and describe his many contributions to WordPress. King will be dearly missed by the WordPress community.

During the second half of the show, we discuss upcoming changes in WordPress 4.4, the lessons I learned moderating comments on WP Tavern, and WordCampus renaming to WPCampus.

Stories Discussed:

Alex King, Founder of Crowd Favorite Passes Away
Alex King’s Final Request
WP Super Cache 1.4.5 Patches XSS Vulnerability
Lessons I Learned Moderating Comments in WordPress
WordCampus Renames Event to WPCampus
WordPress 4.4 to Possibly Rearrange Fields to the Comment Form
WordPress 4.4 Removes the View Post and Get Shortlink Buttons From the Post Editor

Plugins Picked By Marcus:

Contact Form 7 Customizer allows you to alter items like spacing and button size of the contact form using the customizer.

View Admin As lets you simulate what a site looks like from a user with a specific role or capability.

Grayscale Images converts images to gray-scale and displays the colored image hovered over.

WPWeekly Meta:

Next Episode: Wednesday, October 7th 9:30 P.M. Eastern

Subscribe To WPWeekly Via Itunes: Click here to subscribe

Subscribe To WPWeekly Via RSS: Click here to subscribe

Subscribe To WPWeekly Via Stitcher Radio: Click here to subscribe

Listen To Episode #208:

by Jeff Chandler at October 01, 2015 09:25 AM under wpcampus

WPTavern: 6 WordPress Plugins That Take Native Comments to the Next Level

Last week, I shared the lessons I learned and the drawbacks to moderating comments in WordPress. In this post, I highlight six plugins that solve a problem I encountered or enhance comments for both readers and site administrators. All of the plugins are free of charge and available from the WordPress plugin directory.

Problem Solvers

Crowd Control

Crowd Control Plugin BannerI discovered that not all comments need to be moderated. Crowd Control, by Postmatic, gives readers the ability to report comments they feel don’t adhere to a site’s commenting policy.

When enabled, a new option is displayed on the General – Discussion settings page. You can configure how many reports a comment needs before it’s sent to the moderation queue and whether administrators should be notified when it happens.

Crowd Control SettingsCrowd Control Settings

If an administrator approves a comment that’s in moderation due to hitting the threshold, it won’t end up back in the moderation queue. This gives administrators the last word on whether a comment is acceptable or not.

Crowd Control in ActionCrowd Control in Action

If you think a comment needs an administrator’s attention or does not adhere to the WP Tavern commenting policy, hover over the comment and click the report button. A new column is added to edit-comments.php that displays how many reports a comment has. It’s important to note that detailed information of who reported the comment is not saved to the database.

Reported Comments ColumnReported Comments Column

The system is open for abuse but I trust that the Tavern readership will use it responsibly.

Show Parent Comment

Comments that are pending moderation in the WordPress backend that are in response to another comment are hard to moderate. Show Parent Comment, developed by Stephen Cronin, adds a Show More dropdown to the edit-comments.php screen that allows administrators to see the text of the comment that a person is responding too.

Click to view slideshow.
I’ve used this plugin for more than two weeks and I enjoy the user interface. It looks and acts as if it’s a natural part of WordPress. Chris Christoff created a ticket in Trac with the suggestion that a user interface element like the one in Cronin’s plugin be added to core. If you have feedback on the best way to accomplish this, please add it to the ticket.

Enhancements to Native Comments


Epoch Plugin BannerEpoch is a plugin developed by Postmatic and a few other contributors that enhances WordPress’ comment system. Unlike services such as Disqus or Livefyre that replace the comment system, Epoch adds features to WordPress’ native comments. This allows you to keep comments within your database at all times without relying on a third-party.

Epoch applies a series of visual enhancements to the comment form. Replies from the post author are a different color from regular responses and the date and time the comment is written is displayed at the top. Epoch also uses Ajax to send and receive comments which eliminates the need to refresh the page.

Click to view slideshow.

Epoch has a front end moderation capability that allows site administrators to approve, trash, or spam comments. Unlike the native comment form, Epoch doesn’t load the comments unless the browser reaches a certain point on a post or is accessed via a direct link.

In most instances, the comment form loads quickly but on certain mobile devices, the lack of speed is noticeable. The team is aware of the performance issues and is attacking the problem with a three stage approach.

Epoch relies on JavaScript to function so if a visitor browsing your site has JavaScript disabled, the comments don’t load. Again, the team is aware of this issue and is creating a fallback to WordPress’ native comment system if the files can’t be retrieved from its CDN or JavaScript is disabled.

Basic Comment Quicktags

Basic Comment Quicktag Plugin BannerIn WordPress 4.3, the allowed HTML tags text displayed near the comment form was removed. The tags were removed because they’re note relevant and confusing to most users. While I agree that the text is not relevant, I think the comment form should have basic text formatting buttons so readers don’t have to remember and manually type HTML tags.

Basic Comment Quicktags in ActionBasic Comment Quicktags in Action

Once Basic Comment Quicktags is installed, navigate to Settings – Discussion and check the box to enable them for comments. When enabled, the comment text area will have Bold, Italic, Link and Quote buttons. The best part of this plugin is that it exposes a built-in core feature using the Quicktags API added to WordPress 3.3. Text formatting buttons in the comment area is a courtesy I’d like more site owners to give to readers.

Simple Comment Editing

Simple Comment Editing Plugin BannerSimple Comment Editing, developed by Ronald Huereca, adds the ability for readers to edit their comments in a limited time frame. By default, readers have five minutes to edit their comment once it’s submitted. Although no configuration is necessary, you can alter the time and behavior of the plugin by using actions and filters. I’ve changed the time limit to 15 minutes on the Tavern to make sure readers have plenty of time to make edits.

Simple Comment Editing Countdown TimerSimple Comment Editing Countdown Timer

With Simple Comment Editing installed, the amount of contact form submissions and requests to edit a comment have gone down considerably.


Postmatic Plugin BannerPostmatic is a plugin that ties into a service and has a number of features. Readers can subscribe to posts or to comments and receive updates via email. Postmatic has a beautiful email template that shows the most recent reply, the commenter’s Gravatar, and a recap of the post and conversation.

Postmatic Comment Email TemplatePostmatic Comment Email Template

Readers can respond to comments via email without having to visit the comment form. Site administrators can reply, trash, or submit comments to Akismet via email. It’s important to note that Postmatic is not a third-party commenting service. Instead, it uses the native comment system in WordPress allowing you to keep and own your data at all times.

While I moderate comments from the WordPress mobile app or the WordPress backend, Postmatic is a great fallback. I also think the email template looks great and offers a better user experience than the comment notification emails provided by WordPress. Postmatic does a lot more than what I describe above but for the purpose of this article, I focused on the comment portion of the service.

Postmatic is a new addition to the Tavern that I encourage you to try. After trying it out, please tell me about your experience. I especially wany to know if it’s easier to keep track of and take part in conversations.

Notifications That a Comment in Moderation is Approved

One of the problems I’ve yet to solve is being addressed by a number of WordPress contributors in ticket 33717. If all goes well, it’s possible this feature will be added to WordPress 4.4. Once added, readers whose comments end up in the moderation queue will automatically be notified by WordPress when it’s approved.

It’s Not Perfect but It’s an Improvement

Even with all the features these plugins provide, I don’t think the comment system in WordPress or the form on WP Tavern is perfect. I’m not sure if perfection of either can be achieved. However, I think both are improvements over the previous iterations. If there’s a plugin you use to improve WordPress’ native comments or its moderation system, let me know about it in the comments.

by Jeff Chandler at October 01, 2015 08:28 AM under simple comment editing

September 29, 2015

Donncha: The Web Won’t Forget Alex King

If you use a WordPress site, either as a visitor or owner, you’re using code that Alex King, one of the original developers of WordPress, worked on.

He passed away after fighting cancer for 2 years but his online presence lives on in the form of his blog with it’s deep archive of posts going back years, and in so much code that it’s humbling to look at his projects page. Looking through the svn log of WordPress trunk shows he still had a hand in helping the WordPress project until relatively recently:

trunk$ svn log|grep alexkingorg
props alexkingorg for the initial, long-suffering patch.
props alexkingorg. fixes #24162.
Props alexkingorg
`wp.media` instead of just `media`. props alexkingorg, see #22676.
Add $post_ID context to the pre_ping filter. props alexkingorg, devesine. fixes #18506.
Add filter so the users can select custom image sizes added by themes and plugins, props alexkingorg, fixes #18520
esc_textarea() and application for obvious textarea escaping. props alexkingorg. fixes #15454
Escape links by default. Props alexkingorg. see #13051
Safely include class-json.php, class-simplepie.php and class-snoopy.php, props alexkingorg, fixes #11827
Fix user creation from admin after changes for #10751. Fixes #10811 props alexkingorg.
Hooks needed to allow alternate category admin inteface. Props alexkingorg. fixes #3408
Wrap cat name in CDATA. props alexkingorg. fixes #3252

I’m sorry I never met Alex, however I remember working virtually with him and Adam Tow on AllThingsD which seems like a lifetime away now. Adam has a great article on Alex on his blog, as does Matt who went into detail about Alex’s involvement with WordPress going back to the days of b2. I had completely forgotten the CSS competition he mentioned!

Alex, your legacy lives on.

Related Posts

by Donncha at September 29, 2015 08:44 PM under Alex King

WPTavern: WordPress 4.4 Removes the View Post and Get Shortlink Buttons From the Post Editor

In WordPress 4.4, the View Post button in the post editor is disappearing in favor of a clickable permalink. Four years ago, Scribu, who is a former WordPress contributor, created ticket #18306. In the ticket, Scribu explains that the View Post button is redundant functionality and suggests that it be removed in favor of a clickable permalink.

Here are two screenshots of the post editor. The first is WordPress 4.3 and the second is WordPress 4.4. Clicking the permalink allows you to preview the post in its current state. Notice the slug part of the URL is in bold. You need to click the Edit button to edit the permalink.

WordPress 4.3 Post EditorWordPress 4.3 Post Editor WordPress 4.4 Post EditorWordPress 4.4 Post Editor

Not only does this change remove redundant functionality, it removes a UI element from the page. Enhancements like these are a huge win for WordPress because it makes the interface simpler without permanently removing the button’s purpose.

In addition to the View Post button, the Get Shortlink button is also removed. The button shows up if you’re using a custom shortlink and can be re-enabled using code or a plugin. For most users, the Edit button is the only one they’ll see between the post title and content box.

I expect some users will be frustrated as they go through the process of changing their workflow but overall, I think it’s a great improvement. What do you think?

If you’re using the WordPress beta testing plugin by Peter Westwood, I encourage you to set it to bleeding edge nightlies and update your site. You’ll be able to test this change and others during the WordPress 4.4 development cycle.

by Jeff Chandler at September 29, 2015 07:22 PM under wordpress 4.4

Matt: Remembering Alex King

Alex speaking at WordCamp SF 2009One of the original WordPress developers, Alex King, has passed from cancer at far too young an age. Alex actually got involved with b2 in 2002 and was active in the forums and the “hacks” community there.

Alex had a background as a designer before he learned development, and I think that really came through as he was one of those rare people who thought about the design and usability of his code, the opposite of most development that drifts toward entropy and complexity. One of my favorite things about Alex was how darn tasteful he was. He would think about every aspect of something he built, every place someone could click, every path they could go down, and gave a thoughtfulness to these paths that I still admire and envy today.

As an example look at his project page (essentially a category archive) for the Post Formats Admin UI, isn’t that clever and intuitive how the posts connect together, and when more time passes in the thread it’s shown as a break. It’s classic Alex: something simple and thoughtful that in hindsight is so gobsmackingly obvious you wonder why everything doesn’t work that way, but you never would have imagined it beforehand. And Alex wouldn’t just imagine it and do it for himself, he released his best work as open source, as a gift to the community and the world, over and over and over again.

Back when WordPress was getting started Alex was a celebrity of the b2 world, his hacks (plugins before plugins) were some of the coolest ones around. We had a ton of overlapping interests in web standards, photography, development, and gadgets so we frequently read and commented on each other’s blogs. I would never miss a post on his site, and that’s back when we were both doing one or more posts a day. To get a sense of Alex it’s worth exploring his blog — he was a clear thinker and therefore a clear writer. The straightforward nature Alex wrote with was something I always admired about him.

We discussed WordPress early on, Alex signed up to help with what later became the plugin directory, and his CSS competition (look at those prizes! and notice it’s all GPL) was hugely influential on the path to themes, and he officially became a contributing developer in August of 2003.

The list of what Alex was one of the first to do in the WordPress community is long, and in hindsight seems gobsmackingly obvious, which is the sign of innovation. I smile when I think of how he moved from the Bay area to Denver before it was cool, or his love of scare quotes. Once there was something going on in WordPress and he called me to talk about it, I was so surprised, he said the number was right on my contact page (and it was) but even though it had been there for years no one had ever called it before, but that was just the type of person Alex was, always reaching out and connecting.

Adam Tow, myself, Barry Abrahamson, Alex King; Photo from Adam Tow’s post.

I’m not sure how to include this next part: I couldn’t write last night — I was too tired. After falling asleep I had one of those super vivid dreams that you can’t tell are dreams. There had been some sort of mix-up on Twitter and Alex was still alive, I visited Colorado with my sister and saw him surrounded by family at a picnic table, all the rooms were taken so they put me on a floor mattress where I slept. Tons of his friends were around and we took pictures together, he was excited about the better front camera on the 6s+. (Alex understood mobile all the way back to the Treo days.) It was all very ordinary and in a group setting, until we decided to walk alongside a small highway, past some grain silos, to meet the group at a bar. The walk was just the two of us and we talked and laughed about the big mix-up and he asked about this post, what was going to be in it. He got most excited and emphatic with the part about him being a developer with great taste, and a clear writer William Zinsser would be proud of, so I like to think that those were two things he was proud of. The overwhelming emotion I remember was joy. Waking up was disconcerting, part of me wants to believe part of Alex’s spirit was there, where another more logical part thinks my mind was just going through the denial stage of grief. Regardless I know that Alex will stay in the minds of people who knew him for many years to come.

Code that Alex wrote still runs billions of times a day across millions of websites, and long after that code evolves or gets refactored the ideas and philosophy he embedded in WordPress will continue to be part of who we are. Alex believed so deeply in open source, and was one of the few people from a design background who did. (Every time you see the share icon on the web or in Android you should think of him.) I like the idea that part of his work will continue in software for decades to come, but I’d rather have him here, thinking outside the box and challenging us to do better, to be more obvious, and work harder for our users. He never gave up.

by Matt at September 29, 2015 05:57 PM under Asides

WPTavern: Alex King, Founder of Crowd Favorite Passes Away

Alex King with his daughter HeatherAlex King with his daughter Caitlin

Alex King, who founded web development agency Crowd Favorite, and author of several WordPress themes and plugins passed away last night at his home. In January 2013, King was diagnosed with stage four colon cancer. He used his blog to tell the story of his fight to stay alive.

On August 24th, King finished the first cycle of a new clinical trial that he says went well.

I’m nearly through my first cycle of the new clinical trial and overall I think it’s gone pretty well. I was able to get the 6 pills/day (3 in the morning, 3 in the evening) without too much concern. That said, by the end of the 5 days taking the pills I would basically sleep for the day.

On the same day, he published what would be his final request to the WordPress community. King requested that anyone with memories of him and his career to submit them to his wife.

One of the things my wife and I are trying to do is put together some information about my career that will hopefully give my 6 year-old daughter a better sense of who I was as an adult. She knows me as “dad”, but when she gets older she’ll be curious about who I was to my peers and colleagues.

If you have any memories of King, please honor his request and submit them to his wife.

Outpouring of Support

As the news of King’s death spread throughout the community, many shared grief on Twitter while others reflected on his accomplishments in WordPress.

In addition to Twitter, many published their thoughts and memories of King on their site.

King’s Impact on WordPress Early On

King is one of a handful of people who witnessed the transition from b2 to WordPress. He’s one of the earliest WordPress developers and is largely credited with motivating developers to build themes using the template engine in WordPress 1.5.

Alex King wrote a CSS Style Switcher hack, which came with three CSS stylesheets. Not everyone who had a WordPress blog wanted to create their own stylesheet, and many didn’t know how. Users needed a pool of stylesheets to choose from. To grow the number of stylesheets available, Alex ran a WordPress CSS Style competition. Prizes, donated by members of the community, were offered for the top three stylesheets; $70, $35, and $10 respectively. – WordPress History Book

In the first contest, King received 38 submissions with Pink Lillies by Naoko Takano winning first place.

Pink Lillies Wins First Design ContestPink Lillies Wins First Design Contest

Each sylesheet submitted to the contest was available to the public. In essence, King’s website was an early version of the WordPress theme directory. In the second contest, he received over 100 submissions. In total, King hosted 138 themes on his site. He decided not to host the competition again in 2006 due to the sheer amount of work required.


King appeared on several different WordPress podcasts and spoke at a number of WordCamps. Here are links to a few of them.

My Memorable Experience With Alex King

The last time I spoke to King in person was at WordCamp San Francisco 2013. A group of us rode together in a party limo complete with blinking lights inside. I sat across from him and asked a few questions related to his health. I also asked him about the early days of WordPress. King was a soft-spoken man who at times is hard to hear but it turned out to be a great and memorable conversation.

The WordPress community has lost an inspirational person and a pillar of the WordPress project. My deepest condolences go out to his friends and family. King is survived by his wife Heather and his daughter Caitlin.

by Jeff Chandler at September 29, 2015 02:42 AM under crowd favorite

September 28, 2015

Post Status: Rest in peace, Alex King

The prototypical WordPress developer and blogger, Alex King was a tremendously influential member of the WordPress ecosystem.

He was one of a very small group of people involved during the transition of b2 to WordPress. He helped to create the website that would become the first WordPress.com VIP client. He started the first WordPress-centric consulting agency. He was fundamental to the development and direction of dozens of WordPress features. He even created a small icon that would go on to become the ubiquitous “share icon”.

Alex was a selfless contributor, a driven entrepreneur, and a friend to many. He was also a husband to Heather and a father to Caitlin.

In addition to web work, Alex loved golf and photography. His blog is an outstanding example of the art, where he logged his story, his passions, and his challenges. I could not possibly tell his story better than he himself can.

Following are more valuable links to help remember Alex:

Today is a sad day for the WordPress community, and Alex King will be missed. May he rest in peace.

by Brian Krogsgard at September 28, 2015 08:29 PM under Everyone

September 27, 2015

WPTavern: WordPress 4.4 to Possibly Rearrange Fields to the Comment Form

WordPress plugin and theme developers need to take note of an important change in WordPress 4.4 that rearranges the comment form. In WordPress 4.4, the comment form is arranged so that the text area is displayed first followed by the name, email, and website fields.

Comment Text Area is FirstComment Text Area is First

According to Aaron Jorbin, WordPress core developer, the change improves navigation when using the keyboard to toggle through fields. It also makes it easier for users to leave comments.

Since the change requires filters and actions to run in a different order, the HTML output by comment_form will be different. Jorbin explains that if developers use any of the hooks inside comment_form, especially comment_form_field_comment and comment_form_after_fields, developers should test their themes and plugins using WordPress 4.4 nightlies.

If you run into any problems or inconsistencies, please report them to ticket #29974. What do you think of the change? Do you think readers want to write their comment first instead of filling out the other three fields?

by Jeff Chandler at September 27, 2015 07:02 PM under wordpress 4.4

WPTavern: WordCampus Renames Event to WPCampus

WPCampus Featured ImageWhen WordCampus was announced, some of our readers expressed concern that the event’s name is too similar to WordCamp US and would cause confusion.

There was also concern that without being officially sanctioned by WordCamp Central, the event would infringe the WordCamp trademark that is owned and protected by the WordPress Foundation. To alleviate these concerns, the organizing group changed the name from WordCampus to WPCampus.

Rachel Carden, one of the event’s primary organizers, says the team had a backup plan from day one, “While most of the community agreed that the name WordCampus was spot on, the possibility of changing our name was proposed from day one as WordCampus was being confused with WordCamp US,” Carden said.

“As much as we love WordCampus, we didn’t want it to get in the way of what we hope to achieve, so the topic was passionately discussed at a planning meeting. The entire community cast their votes for a new name and WPCampus was selected as the clear winner,” Carden told the Tavern.

More than 250 people have expressed interest in WPCampus. If you’re interested in speaking, sponsoring, or attending the event, please fill out the survey.

by Jeff Chandler at September 27, 2015 05:25 PM under wpcampus

September 26, 2015

Matt: Cars should be Open Source

“The reality is that more and more decisions, including decisions about life and death, are being made by software,” Thomas Dullien, a well-known security researcher and reverse engineer who goes by the Twitter handle Halvar Flake, said in an email. “But for the vast majority of software you interact with, you are not allowed to examine how it functions,” he said.

The Times has a great look at hacker and car manufacturer mishaps and makes the case over and over again for Open Source. It’s great to see more of the world waking up to the importance of open source.

by Matt at September 26, 2015 06:18 PM under Asides

September 25, 2015

WPTavern: Freenode to Purge Inactive Nicks, Channels, and Accounts on October 2nd

photo credit: 13Moya 十三磨牙 - ccphoto credit: 13Moya 十三磨牙cc

Freenode, the IRC network responsible for hosting communication servers for WordPress and many other open source projects will be performing maintenance on or around October 2nd. Freenode will remove expired nicks, channels, and accounts.

Although a lot of people have switched to SlackHQ from IRC to communicate in real-time, the WordPress support channel with hundreds of users still exists on Freenode with no plans to move it to Slack.

If you have a registered account on Freenode and have not identified with the service in 120 days or more, you must authenticate your account before October 2nd. You can do this by connecting to Freenode and using the /msg nickserv identify command, then enter your password.

If you’ve forgotten your password, use the /msg nickserv sendpass command to recover lost passwords. Alternatively, use the /msg nickserv help sendpass command to receive help recovering your password.

It’s especially important for users who have registered channels on Freenode to authenticate or else the username and channels associated with it will be removed.

by Jeff Chandler at September 25, 2015 06:57 PM under irc

Donncha: WP Super Cache 1.4.5

WP Super Cache is a fast caching plugin for WordPress. It will help your site run faster and serve more traffic.

This is a security and bugfix release.

  • Some servers display a directory index when no index.html is found in a directory. That may reveal the filenames of cache files.
  • There were issues in the settings page that might allow an attacker to browse or delete files named index.html.
  • PHP Object Injection could occur if an attacker managed to inject malicious code into the legacy cache meta files.

When you upgrade, your “legacy cache” files for logged in users will be deleted. This may have an impact on your site:

  • If your site is slow at generating new pages.
  • If you have many known users (logged in users or people who comment).

Your site will suddenly have to generate new cache files for all visiting known users.

Relying on caching like this is not recommended for these types of users as it’s very inefficient. Each user has a separate cache file that must be checked whenever the plugin does administration work like cleaning up stale cache files.

If most of your traffic is anonymous users who don’t comment you don’t need to worry about this.

Directory Listings

If a server is configured to show directory listings it will show files and directories in the cache directory to visitors who access those directories directly through their browser. This might reveal private posts, and in the case where legacy caching is enabled for known users the login cookie was stored in “.meta” files that could be downloaded.


Files named “index.html” were added to the main cache directories to stop remote users viewing the contents of the cache directories. Unfortunately it’s not possible to add empty index.html files to the supercache directories because those files could be served by accident to legitimate visitors of the site. However, the plugin will also add a directive that disables directory listings to the file cache/.htaccess. You can now also change the location of the cache directory on the Advanced Settings page of the plugin. If you can’t disable directory indexing on your server and you have private posts you should change this location and use PHP mode to serve cache files.


If a directory index is found in the cache directory it will show a warning like this to administrators:

index.html warnings

Clicking the logout link will log everyone out, except the user who clicks it, but it guarantees that the login cookies are updated, just in case someone has copied the cookie from an old meta file.

Directory Traversal and File Deletion

User input in the settings page wasn’t properly sanitised. The code that sanitised directory paths when deleting cache files wasn’t secure and might allow an attacker to view or delete files named index.html. Deletes are protected by a nonce, limiting the useful lifetime of the URL however.

PHP Object Injection

The plugin used serialize and unserialize to store data in “legacy cache” meta files. This might be used to perform a PHP object injection attack. Serialised data is now stored as JSON data.

The format of legacy cached files has changed. The files in the meta directory no longer have a .meta extension. They are .php files now and each file has a “die()” command to stop anyone loading them.
The data stored in those files is now stored as JSON serialised data. The login cookie is an MD5 hash now as well.
When you upgrade the plugin your existing legacy cache files will be deleted and regenerated as visitors use your site.

Apart from those security fixes there have been a number of enhancements and bugfixes:

  • Disabling the plugin no longer deletes the configuration file. Uninstalling will do that however.
  • Enhancement: Only preload public post types. Props webaware.
  • It’s now possible to deactivate the plugin without visiting the settings page.
  • Fixed the cache rebuild system. Rebuild files were deleted immediately but now survive up to 10 seconds longer than the request that generate them.
  • Minor optimisations: prune_super_cache() exits immediately if the file doesn’t exist.
  • The output of wp_cache_get_cookies_values() is now cached per visit.
  • Added PHP pid to the debug log to aid debugging.
  • Various small bug fixes.
  • Fixed reset of expiry time and GC settings when updating advanced settings.
  • Removed CacheMeta class to avoid APC errors. It’s not used any more.
  • Fixed reset of advanced settings when using “easy” settings page.

This release wouldn’t be possible without the help of Brandon Kraft, Dane Odekirk, Ben Bidner, Jouko Pynnönen and Scrutinizer. Thank you all!

Related Posts

by Donncha at September 25, 2015 05:19 PM under wp-super-cache

WPTavern: Lessons I Learned Moderating Comments in WordPress

In the past 4-5 weeks, I’ve moderated every comment submitted to WP Tavern. Not only was it an experiment to see what would happen but a new way for me to use WordPress. The experiment introduced me to several drawbacks in WordPress’ comment moderation system.

Lack of Context

Comments that are pending moderation in the WordPress backend that are in response to another comment are hard to moderate. Take the following screenshot for example. This comment is in response to a comment submitted by Norcross. Unless I open Norcross’ comment in a new browser tab or window, I have no idea what the context of the conversation is. Pending notifications in the WordPress mobile app also don’t show text from the parent comment.

WordPress 4.3 Comment Content AreaWordPress 4.3 Comment Content Area

I propose that WordPress core adds the text from parent comments to replies in the backend so I know what people are responding too. This also helps when replying to comments from the backend as I’ll know the context of the conversation.

Lack of Notifications That a Comment in Moderation is Approved

WordPress does not send an email notification when a comment is approved from moderation. However, there are a lot of people working to add this feature to WordPress 4.4.

A Whitelisting System for Anonymous Comments

The biggest drawback to comment moderation is that not every comment needs to be moderated. A whitelisting system can lessen the burden of having to moderate each comment.

WordPress provides the ability to blacklist comments. You can also configure a set of parameters to determine when a comment goes into the moderation queue such as, number of links, content within the comment, and if the comment author has a previously approved comment. None of these configurations are useful if WordPress is configured to send every comment to moderation.

WP Tavern does not have open registration and allows comments from anonymous people. This makes whitelisting difficult since the IP address, name, URL, and email address of a commenter can easily change or be imitated. The whitelisting component of WordPress becomes more useful if you can tie it to a registered user account.

I’m unsure if WordPress can improve this area of the moderation system or if it’s an assumed risk administrators take when accepting anonymous comments.

A Major Time Suck

Moderating every comment is a pain and sucks up time that can be spent doing something else. During my vacation last week, I continued to moderate comments from the WordPress mobile app because if I didn’t, the conversation stopped. I’ve concluded that by accepting anonymous comments, there needs to be a way for the audience to help moderate instead of doing it on my own.

In a future post, I’m going to list a few WordPress plugins I’ve discovered that takes the commenting system to the next level. Many of the plugins solve one or most of the problems listed above.

by Jeff Chandler at September 25, 2015 03:52 PM under moderation

WPTavern: WP Super Cache 1.4.5 Patches XSS Vulnerability

If you use WP Super Cache, you should immediately update to version 1.4.5 as it patches a XSS vulnerability in the settings page. This version also prevents PHP object injections. In addition to security patches, 1.4.5 contains a number of bug fixes. Make sure to update your sites as soon as possible to patch the vulnerability. You can find more details on this release on Donncha Ó Caoimh’s website.

by Jeff Chandler at September 25, 2015 02:37 PM under xss

Post Status: All about the WordPress REST API and its current state — Draft podcast

Welcome to the Post Status Draft podcast, which you can find on iTunes and via RSS for your favorite podcatcher. Brian and his co-host, Joe Hoyle, a co-founder and the CTO of Human Made, discuss some of today’s hottest, current WordPress news.

This week, Joe and Brian go into depth discussing all aspects of the WordPress REST API, and the state of the API today.

With the recent merge proposal, there is a good chance it will be included in WordPress core via a two stage process in the WordPress 4.4 and 4.5 releases. The first release would be the core infrastructure and the second release would include the endpoints. This is our longest podcast, but we go in depth on one of WordPress’s most anticipated features in years.


Direct Download


  • Brief overview: what is the REST API?
  • Why is the REST API important, and why are people excited about it?
  • REST API proposal
  • Reviews from the core team
  • New REST API core component
  • Trac Ticket
  • Comparison’s to Drupal’s REST API
  • Customizer roadmap in regards to the API
  • Authentication and future REST API projects


by Brian Krogsgard at September 25, 2015 05:21 AM under Developers

September 24, 2015

WPTavern: WPWeekly Episode 207 – Going Postmatic

In this episode of WordPress Weekly, Marcus Couch and I are joined by Jason Lemieux and Dylan Kuhn of Postmatic. During the show, we learn the company’s history and how it started. We discuss what the service offers and how people can take advantage of it.

Last but not least, we learn what the company has in store for version 2.0. If you’ve thought about using Postmatic or want to learn more about the company, this episode is for you.

Stories Discussed:

The WordPress REST API Is One Major Step Closer to Being Merged Into Core
The Impacts HeroPress Is Having on WordPress Communities in India
Jeff Yablon and the WordPress Foundation Settle Out of Court
The Ultimate Guide to the WordPress REST API by Josh Pollock

Plugins Picked By Marcus:

WP User Activity logs activity in WordPress. Activities can be sorted, filtered, and viewed per-user, along with session data for logged in users, IP addresses, and user-agents.

Wishlist for WooCommerce lets customers save the items they want to purchase in the future.

Database to Excel allows you to export a MySQL database table to a Microsoft Excel file. It also allows you to show all of the values within a database table with an export to Excel option.

WPWeekly Meta:

Next Episode: Wednesday, September 30th 9:30 P.M. Eastern

Subscribe To WPWeekly Via Itunes: Click here to subscribe

Subscribe To WPWeekly Via RSS: Click here to subscribe

Subscribe To WPWeekly Via Stitcher Radio: Click here to subscribe

Listen To Episode #207:

by Jeff Chandler at September 24, 2015 06:31 PM under wordpress foundation

Akismet: Akismet WordPress Plugin 3.1.4

Version 3.1.4 of the Akismet plugin for WordPress is now available.

This update clarifies the error messages that Akismet uses so that they’re easier to understand, and it enables link previews in the admin for all links in a comment — not just the author’s website link. A fix is also included for a bug that could have caused comment moderation emails to be sent for some comments that were caught as spam. For a full list of the changes in this release, see the revision log.

To upgrade, visit the Updates page of your WordPress dashboard and follow the instructions. If you need to download the plugin zip file directly, links to all versions are available in the WordPress plugins directory.

by Christopher Finke at September 24, 2015 05:35 PM under WordPress

September 23, 2015

WPTavern: WP Comment Humility Relocates the Comments Top-level Menu Item to the Posts Menu

One of the key features in WordPress 4.3 is that comments on pages are disabled by default. If you only enable comments for posts, you may be interested in WP Comment Humility, a new plugin created by John James Jacoby that moves the top-level Comments menu item to the Posts menu. The following screenshot better illustrates what it does.

Comment Humility in ActionComment Humility in Action

If a site enables comments for posts only, this location for the menu item makes sense. What if you’re using Custom Post Types? According the plugin’s FAQ, the user experience might be weird, “If you have a post type other than post that supports comments, it may make more sense to not use this plugin,” Jacoby said. He suggests giving it a try and if the user experience doesn’t feel right, to disable it.

Documentation is located on GitHub where you can also submit Pull Requests. WP Comment Humility works out-of-the-box without any configuration options on WordPress 4.3 and is available for free in the WordPress plugin directory.

by Jeff Chandler at September 23, 2015 11:19 PM under wp comment humility

WPTavern: Highlights From Matt Mullenweg’s Q&A Session on Product Hunt

On September 22nd, Matt Mullenweg participated in a question and answer session on Product Hunt. Product Hunt is a site that lets users share and discover new products. In the session, Mullenweg answers questions like what advice he’d give to his 20 and 25-year-old self and how he combats burn out. Here are a few highlights from the session.

Nikhil V – Hello Matt, with the upcoming release of the WP REST API in WordPress core, what do you hope to most see built with its capabilities?

Matt Mullenweg – I’m hugely excited about the REST API! Once the infrastructure is in, I think we’ll see really widespread adoption from plugins that right now are creating their endpoints in very ad-hoc ways. Once we iterate a bit more on the core content endpoints and authentication I think we’ll see a lot more specialized interfaces built on WP as like a content kernel, an engine powering a wide array of applications and interfaces you’d never imagine having WordPress behind them today.

Erik Torenberg – If you could go back in time and give advice for your, say, 20-year-old self, what would you tell yourself? How about 25?

Matt Mullenweg – To my 20-year-old self I would say to be okay with things building up over time. Something I didn’t appreciate until recently is that there any many productive decades ahead with which to build the things that I feel need to exist in the world. One of the best things I did then was avoid any press or capitalization on my age (to the extent I could) because youth is an ephemeral asset and just a novelty in business.

To my 25-year-old self I would tell him to slow down and think about health more, I burned the candle at both ends that year. I would also say to not get as caught up in mailing list and IRC arguments and discussions, just focus on building.

Sydney Liu – In the early days of WordPress, what was the 20% that got you the 80% of the results?

Matt Mullenweg – There’s no simple answer there, if I had to pick one thing it would be luck.

Kristof Bernaert – How do you see WP about 5 years, or how do you want it to see?

Matt Mullenweg – In 5 years I think that WP will be infinitely easier to use for both power-users, developers, and newbies. You will be able to have a full experience of core, plugins, themes, docs, and support in several dozen languages that will be as large or larger than English. There will be over a million people making their living on top of the platform. Most people will be creating from touch devices, and their content will mostly not come from keyboards (virtual or physical) as an input device.

Tys Bradford – Your accomplishments with WordPress have literally changed the face of the internet and enabled people without programming skills to make beautiful and functional websites. Do you think this could be replicated ever with mobile applications (iOS/Android)? I have seen a few companies try, but none have come close to delivering in the way WordPress is able to.

Matt Mullenweg – Thank you! The ecosystems and app stores for iOS and Android right now are too locked down, and the discoverability and overhead of apps is too distorted, for an approach like WordPress’ to work for mobile applications. The environment for the foreseeable future there is going to favor more centralized apps, my only hope is that at least a few get really successful (including ours) that aren’t advertising-driven.

My Question Was Not Answered

Unfortunately, my question was not answered. However, I’m going to ask it in this post with the hope that he’ll answer it in the comments.

You’ve spent a lot of time, money, and energy trying to create a great mobile experience in WordPress via dedicated apps. As more of the WordPress backend becomes responsive, how will this affect (if any) the priority level of developing the mobile apps versus putting that time and effort into a 100% responsive WordPress backend?

Mullenweg answers a lot more questions than what’s listed above but those are the ones that stand out to me. You can read the entire session on the Product Hunt site.

by Jeff Chandler at September 23, 2015 08:46 PM under product hunt

WPTavern: The WordPress REST API Is One Major Step Closer to Being Merged Into Core

After more than three years of development, the WordPress REST API is one major step closer to getting merged into core. Ryan McCue, a lead contributor to the project, published the first official proposal to merge the API into WordPress. The proposal explains what the REST API is, why it’s needed, an integration plan, and what happens after the merge. The plan is to integrate the API in two stages, infrastructure and endpoints.

Two Part Plan

The infrastructure is the code responsible for routing requests and handling the meta layer of the API, including JSON serialization/deserialization, linking, embedding, and REST best practices. Merging the infrastructure first allows developers to start building upon it and to migrate from existing custom code. The plan is to merge the infrastructure portion of the API in WordPress 4.4.

Endpoints are considered the more complex of the two as they’re responsible for mapping data from the external JSON format to the internal data structures and vice versa. In other words, endpoints are the bridges of communication between WordPress and external applications. To provide more time for core committers to review the code, endpoints will be merged in WordPress 4.5.

Development of the API takes place on GitHub but core WordPress development takes place on Subversion and Trac. When the API is merged into core, it will no longer be developed as a separate project. McCue proposes that the best of GitHub and Trac be integrated so developers comfortable with GitHub can continue to contribute to the project:

Given the team’s experience with GitHub as well as Trac, we can bring the best of both worlds by helping integrate the two. This would also improve contributions to WordPress as a whole, and benefit the whole community. This will be especially important as we encourage more contributions from the wider community (client authors, for example). We think we can make good progress here, and we’d love to try to help improve the process.

Although there’s a GitHub repository for WordPress that’s synced to its Subversion counterpart, it does not accept pull requests. If integrating GitHub and Trac proves to be successful, it could open the door for WordPress to accept pull requests or contributions through GitHub.

The plan to merge the API into core is not finalized and the team needs your comments, questions, and opinions. I encourage you to read the full proposal and the comments as McCue answers additional questions related to the merge. How happy are you to see this merge proposal?

by Jeff Chandler at September 23, 2015 06:55 PM under wordpress rest API

September 22, 2015

Matt: Product Hunt AMA Today

In about half an hour I’m doing an AMA (ask me anything) on Product Hunt, please join and ask some questions on any topic that tickles your fancy.

by Matt at September 22, 2015 06:39 PM under Asides

WPTavern: The Impacts HeroPress Is Having on WordPress Communities in India

Topher DeRosia, who recently attended WordCamp Pune, India, published a post on the HeroPress blog that describes the subtle impacts the project is having on people.

Saurabh Shukla, lead organizer for WordCamp Pune, says the site inspired not only their speaker selection but their presentations as well, “We wanted people to derive at least a level of inspiration from the speakers and decided that stories make more sense than presentations,” Shukla said.

Examples of inspiring presentations at WordCamp Pune include, a workshop where people could experience accessibility issues for themselves, WordPress for activism, and building education products for South Asia.

WordCamp Pune ClassroomsPresentation in a Classroom at WordCamp Pune

According to DeRosia, many Indians feel like their WordPress communities are not getting the respect they deserve. DeRosia believes the amount of excitement expressed by Indians for HeroPress is because their work is noticed and appreciated.

“That is why India is excited about HeroPress. They’re getting respect. Not just from me, but from thousands of readers around the world,” DeRosia said.

Although DeRosia says he’d be content with the impacts the site has had if HeroPress ended today, I would be sad to see it go because it’s a great addition to the WordPress community. Thankfully, DeRosia says people are requesting more essays, exchanges of knowledge, shared wisdom, shared respect, and more of the HeroPress spirit.

If an essay published on HeroPress or the project’s mission has inspired you in any way, please let us know in the comments.

by Jeff Chandler at September 22, 2015 05:50 PM under india

Matt: Interview, and Complementing Slack

I had a conversation with Tony Conrad at the StrictlyVC event in San Francisco last week, following a dizzyingly talented line-up of Chamath Palihapitiya and Steve Jurvetson.

Techcrunch has a good write-up with a number of the relevant quotes from the event. The only thing I’d like to respond to, because it wasn’t a direct quote, is the headline “Move Over Slack? Automattic Mulls Commercializing Its Own Internal Messaging Product.”

The first problem is the headline missed the obvious alliteration of “Mullenweg Mulls,” 😀but more importantly… Slack has become a really key tool for both Automattic and WordPress.org and anything we do with the evolution of P2 (some of which we already have running internally) will be complementary to Slack, not competitive with it.

by Matt at September 22, 2015 04:26 AM under Asides

WPTavern: Jeff Yablon and the WordPress Foundation Settle Out of Court

Earlier this year, the WordPress Foundation sued Jeff Yablon for trademark infringement. The Foundation wanted Yablon to stop using its trademarks, dismiss the opposition proceeding, pay the foundation for any profits related to use of the WordPress trademarks, pay up to $100,000 per infringing domain name, transfer the domains and pay other fees and damages.

Timeline of Events

On June 22nd, Yablon filed a request for default judgement. On June 29th, the Foundation responded to Yablon by asking the Trademark Trial and Appeal Board to deny Yablon’s request for default judgement.

On September 9th, David Mermelstein, Administrative Trademark Judge, filed a response that not only denied Yablon’s motion for default judgment, but also suspended proceedings until the civil case was complete.

With proceedings suspended, Yablon could no longer file motions or requests with the TTAB. The only option left was to proceed through court.

The Settlement Between Yablon and The Foundation

On September 21st, Yablon and the WordPress Foundation settled out of court (PDF).

Sample of SettlementSample of Settlement

Yablon’s Obligations

According to the settlement, by no later than October 15th, Yablon agrees to cease any and all use of the WordPress name, logos, trademarks, and any other name or mark confusingly similar to the term WordPress or its logo.

He also has to cease any and all use of the WordPress Marks, standing alone or in combination with other words or designs, including but not limited to:

  • Use in any company name
  • Meta-tags
  • Domain names
  • Personalized URLs
  • Keyword Advertising on Yablon’s websites
  • Social media handles or account names
  • Indoor outdoor store signage
  • Letterhead
  • Stationary
  • Business cards

Yablon must also comply with the terms of the WordPress trademark and domain name policies.

No later than five days after the effective date (Oct 15th), Yablon has to transfer all of the domains he owns that incorporate the WordPress Mark to the Foundation.

Last but not least, Yablon acknowledges that the Foundation owns and has the exclusive rights in and to the WordPress marks in connection with the goods and services identified in each of WordPress’ registrations.

Yablon can no longer do anything inconsistent with the Foundation’s ownership of its WordPress Marks and registrations thereof, including but not limited to, contesting the Foundation’s title to or the validity of the WordPress marks or the trademark registrations thereof.

WordPress Foundation’s Obligations

Once Yablon transfers the domains to the Foundation and does not breach the terms of the agreement, the Foundation will redirect the domains to a domain of Yablon’s choosing for 6 months from the effective date or April 1, 2016, whichever comes later.

Within 10 days of the domains being transferred, the Foundation will file a stipulated request to withdrawal its U.S. Opposition Proceeding No. 91221895 without prejudice and Case 3:15-cv02745 in the United States District Court for the Northern District of California, without prejudice.

As long as Yablon does not breach the agreement, the Foundation agrees not to sue for violating its trademarks prior to the effective date.

The Foundation will not object to Yablon’s use of the WordPress Marks as part of any subdomains or subdirectories associated with any second level domain name registered to and controlled exclusively by Yablon.

Examples include but are not limited to, wordpress.answerguy.com or answerguy.com/wordpress in connection with services that involve use of the WordPress platform, support the WordPress brand services, and that do not otherwise violate the rights of the Foundation.

In Summary

Both parties agree to bear their own attorney’s fees and costs, if any were incurred through the effective date.

When I spoke to Yablon on the phone in June shortly after the lawsuit was filed, he sounded like he knew what he was getting into and the complexities involved with U.S. Trademarks. Yablon strongly believed he had enough evidence to pursue the matter and to see it through the court system.

Instead of seeing the court case all the way through, he chose to give up which in the court system, is not the same thing as losing, as losing or winning sets a precedent.

While Yablon didn’t lose the case, the WordPress Foundation didn’t win either. It’s a reminder that the Foundation will aggressively defend its trademarks in the court system if other means prove unsuccessful.

Do you think Yablon’s mission to defend his use of WordPress in a top-level domain name and potentially open the door for others to do the same, was in the best interest of the WordPress community as a whole?

by Jeff Chandler at September 22, 2015 01:59 AM under wordpress foundation

September 19, 2015

Post Status: Local WordPress development strategies and transparency in business — Draft podcast

Welcome to the Post Status Draft podcast, which you can find on iTunes and via RSS for your favorite podcatcher. Brian and his co-host, Joe Hoyle, a co-founder and the CTO of Human Made, discuss some of today’s hottest, current WordPress news.

Direct Download

Links and stories discussed:

Working locally



Nomadbase.io launch

by Katie Richards at September 19, 2015 05:58 PM under Everyone

September 17, 2015

Matt: Winning Remote Work Culture

Top 10 companies winning at remote work culture and their secrets.

by Matt at September 17, 2015 05:41 PM under Asides

WordPress Planet

This is an aggregation of blogs talking about WordPress from around the world. If you think your blog should be part of this send an email to Matt.

Official Blog

For official WP news, check out the WordPress Dev Blog.


Last updated:

October 04, 2015 07:30 PM
All times are UTC.