This week: WP Rocket plugin, WordCamp Europe 2021, proprietary Gutenberg, serverless and WooCommerce blocks, and much more …
Leonardo Losoviz is an open source developer and technical writer, working at the intersection between GraphQL and WordPress. He is the creator of the GraphQL API for WordPress, one of the two available GraphQL servers for WordPress.
This week was an interesting one concerning security: The git.php.net server, which hosts the PHP source code, was compromised. The attacker(s) attempted to introduce backdoors, to execute arbitrary code via a special header.
Fortunately, maintainers noticed the attack and thwarted it immediately. To beef up security from now on, they have made GitHub the new canonical repository (to which all changes are pushed to), and started requiring accounts to enable two-factor authentication (2FA) in order to contribute to the repo.
Cyberattacks are proliferating, and we need to take security seriously. This involves not only tackling technical considerations in our architecture (WordPress, PHP, MySQL, Apache, Linux, and so on) but, equally important, the creation of a security culture within the team, making sure that everyone understands why security is important, and how to contribute to it continually.
Keeping our WordPress sites secure is not difficult. Simple measures, such as using strong passwords, keeping the themes and plugins always up-to-date, and enabling two-factor authentication, will already eliminate most of the attack vectors.
Secure software requires maintainers, who can devote their time and energy not only to fix vulnerabilities but, more importantly, to prevent them in first place. As open source increasingly powers our digital products and services, providing financial support to open source maintainers becomes critical, making it a win-win situation for everyone.
To understand the bigger picture of cybersecurity, I recommend reading book This is how they tell me the world ends. It is terrifying. It shows how nation states create cyber weapons to infiltrate each other, and how these weapons may be stolen and used by cybercriminals. A cyber weapons market is currently thriving, with hackers freely selling their exploits to anyone willing to pay for them.
WP Rocket’s article describes the development team behind their plugin, what changed in their plugin in 2020, and the plans for 2021.
ILoveWP shows the changes made to the One Click Demo Import plugin since the takeover by Awesome Motive as it is a model example of how things should not be done.
Carl Alexander explains why the serverless approach is perfect for WooCommerce.Why serverless is the perfect hosting solution for WooCommerce
We will meet online again in June at WordCamp Europe. The recruitment for this year’s edition’s speakers is in progress.
Eric Karkovack explains why you should create your own plugins (even small ones) that expedite managing or editing a WordPress website.
Chris Lema describes two types of clients we deal with in our work as WordPress Developers. Which would you pick?
Here’s a summary of some appealing interviews from the Matt Report podcast, which appeared in March 2021. See who showed up at Matt’s last month.
10up has shared one of its plugins – Eight Day Week – for free. Thanks to it, using WordPress, you can create a printed magazine along with editing and preparing the issue.
Sabrina Zeidan shows how to use WP REST API to prepare a search engine without using jQuery.
Recently, Gutenberg introduced block suggestions that are worth installing. For those who don’t use them, Tom J. Nowell instructs how to turn off this feature.
Shaun Andrews has mocked up the Patterns directory on wordpress.org, which looks really cool.
WPMU DEV has published a roadmap for the upcoming quarter.
On April 9, there will be a webinar that will show you how to create static pages with Buddy and Strattic.
WordCamp Greece 2021 Online will take place on 16-18.04.
On April 27-28, GoDaddyPro is organizing Expand 2021, aimed at website designers and developers.
WordSesh 2021 will take place on May 24-28.