Wordpress Planet

Subscribe to Wordpress Planet feed
WordPress Planet - http://planet.wordpress.org/
Updated: 1 hour 26 min ago

WPTavern: Watch WordCamp Miami 2018 Via Free Livestream

Fri, 03/16/2018 - 16:18

Tickets for the event may be sold out, but you can watch the event from anywhere thanks to a free livestream. The stream starts today and covers both the E-Commerce and developers workshops. The stream begins tomorrow at 8:30AM EDT with separate links to morning and afternoon sessions.

WPTavern: Let’s Encrypt Wildcard Certificates Are Now Available

Thu, 03/15/2018 - 17:23

In July of last year, Let's Encrypt announced that it would begin issuing Wildcard certificates for free in January of 2018. Although a little late, the organization has announced that Wildcard certificate support is now live.

In addition to these certificates, the organization has updated its ACME protocol to version 2.0. ACMEv2 is required for clients that want to use Wildcard certificates.

Wildcard certificates enable site administrators to secure all sub domains with a single certificate. This can be especially convenient for WordPress Multi-site networks.

Let's Encrypt is working on transitioning all clients and subscribers to ACMEv2, though it hasn't set a time table on when it will expire the ACMEv1 API.

In July of 2017, Let's Encrypt was securing 47 million domains. Today, the organization is securing nearly 70 million domains with 54 million certificates. In the United States, nearly 80% of sites loaded in Firefox are through HTTPS.

Let's Encrypt is an open certificate authority that's part of the non-profit Internet Security Research Group. It's mission is to make 100% of the web HTTPS. Operations are financed through sponsors and donations. If this is a mission you believe in, please consider donating to the project.

WPTavern: WPWeekly Episode 308 – Wildcard SSL Certificates For All

Thu, 03/15/2018 - 01:09

In this episode, John James Jacoby and I discuss the news of the week including the results from the 2018 Stack Overflow survey, Tech Crunch’s rebuild, and Let’s Encrypt adding support for wildcard certificates. We also talk about Google working towards AMP or parts of it becoming official web standards. I ranted about how the mobile experience on the web sucks, and we end the show with some event news.

Stories Discussed:

Stack Overflow Survey Respondents Still Rank WordPress Among the Most Dreadful Platforms
Inside Google’s plan to make the whole web as fast as AMP
ACME v2 and Wildcard Certificate Support is Live
TechCrunch rebuilt using the REST API
WPCampus Scheduled for July 12-14 in St. Louis, MO

Picks of the Week:

Designing Themes with Gutenberg Blocks and Sketch

DDJ-1000 The 4-channel professional performance DJ controller for rekordbox dj

WPWeekly Meta:

Next Episode: Wednesday, March 21st 3:00 P.M. Eastern

Subscribe to WordPress Weekly via Itunes

Subscribe to WordPress Weekly via RSS

Subscribe to WordPress Weekly via Stitcher Radio

Subscribe to WordPress Weekly via Google Play

Listen To Episode #308:

HeroPress: A look back: Tamsin Taylor, Freedom Through Blogging

Wed, 03/14/2018 - 12:46

In August of 2016 I saw a WordCamp talk on WordPress.tv called “A Hero’s Journey”, and I thought that seemed like something I should know a lot more about.  A short time later I was speaking with Tamsin Taylor on Slack.

I love telling stories, but I love hearing them more. Tamsin told me a story grief and loss, and how WordPress provided an outlet for those feelings. I hope her story resonates with you as well.

The Bumpy Journey of Becoming

The post A look back: Tamsin Taylor, Freedom Through Blogging appeared first on HeroPress.

WPTavern: Stack Overflow Survey Respondents Still Rank WordPress Among the Most Dreadful Platforms

Wed, 03/14/2018 - 10:08

Stack Overflow, a Q&A community for developers, has published the results of its 2018 developer survey. The survey was held between January 8th through the 28th and includes responses from 101,592 software developers from 183 countries across the world. This is nearly twice the amount of responses compared to last year’s survey.

Last year, WordPress was the third most dreaded software platform behind Salesforce and SharePoint. This year, WordPress has moved up in the rankings and is the sixth most dreaded platform. Respondents found Windows Phone, Mainframe, Salesforce, Drupal, and SharePoint to be more dreadful.

WordPress is the sixth most dreaded software platform

Despite making headway, WordPress has consistently ranked near the top in Stack Overflow’s survey for most dreadful platform. Asking developers why is probably akin to opening Pandora’s box.

JavaScript was once again the most popular technology with HTML, CSS, and SQL following closely behind. Among the various JavaScript frameworks and libraries that exist, Node.js is the most commonly used followed by Angular and React.

The survey introduced a few new topics this year, including questions about artificial intelligence and ethics. When posed with a hypothetical situation in which a developer was asked if they would write code for unethical purposes, more than half of the respondents said no. Also of note is that less than half of the respondents say they contribute to open source.

There are a lot of interesting data points in the survey. I encourage you to check out the results and let me know in the comments what sticks out to you.

WPTavern: WPCampus Scheduled for July 12-14 in St. Louis, MO

Tue, 03/13/2018 - 00:12

WPCampus, an in-person conference dedicated to WordPress in higher education has announced its third annual event will be held July 12-14 at Washington University in St. Louis, MO. The call for speakers is open until April 7th. The event is two months before WordCamp St. Louis which will also be held at Washington University.

WPCampus held its first event in 2016 in Sarasota, FL, and its second in 2017 in Buffalo, NY. The schedule is not yet finalized but to get an idea on what to expect, check out the video presentations from previous events. Organizers expect about 200 attendees and are accepting sponsorship inquiries.

Tickets are not yet available but those interested in attending can sign up to the WPCampus mailing list where ticket information will be distributed first.

Post Status: Network effects and WordPress — Draft podcast

Sat, 03/10/2018 - 20:18

Welcome to the Post Status Draft podcast, which you can find on iTunes, Google Play, Stitcher, and via RSS for your favorite podcatcher. Post Status Draft is hosted by Brian Krogsgard and co-host Brian Richards.

In this episode, Brian and Brian discuss the power of network effects and how they relate to WordPress’ increasing market share and maturity. WordPress has recently hit two major milestones, turning 15 years old and reaching 30% market share of the top 10 million websites, and we spend this episode reflecting on the innovations that brought us here and where innovations are likely to occur over the next 10 years.

We’ve come quite a long way in these 15 years. From the famous 5-minute install to being entirely pre-installed. From a supportive band of volunteers and vast ecosystem of free software to the commercially supported and highly-polished products that exist today. There is a lot about WordPress to be thankful for, and a lot of great things that will exist in the future because of it. And you can hear a bit about all of that on this episode of the Post Status Draft podcast.

Links Sponsor: Yoast

Yoast SEO Premium gives you 24/7 support from a great support team and extra features such as a redirect manager, recommended internal links, tutorial videos and integration with Google Webmaster Tools! Check out Yoast SEO Premium.

WPTavern: Yoast Launches Fund to Increase Speaker Diversity at Tech Conferences

Fri, 03/09/2018 - 03:20

In an effort to increase speaker diversity at conferences worldwide, the team at Yoast SEO has launched a diversity fund. The fund will pledge a minimum of €25,000 each year. Its purpose is to remove the financial burdens that can cause minorities or underrepresented groups to speak at conferences.

“There are WordCamps throughout the world, these are conferences about, by and for the WordPress community,” Joost de Valk said.

“While we already sponsor a lot of them, they tend to not have the budget to pay for speakers’ travel and accommodation cost. The same applies to other conferences about open source, certainly those that are not commercially run. We want to take away that particular reason for not having a diverse conference.”

Eligible candidates will be reimbursed €1,000 for travel and accommodations per event. In order to qualify for the fund, speakers must meet the following requirements:

  • Is a part of – or identifies as part of – a typically underrepresented group.
  • The conference is not commercial.
  • The conference targets either the WordPress, Magento, or TYPO3 community.
  • Has been accepted as a speaker to the conference.

To submit an application, email diversity-fund at yoast.com where applications are reviewed within a week.

WPTavern: WPWeekly Episode 307 – Thirty Percent of the Web

Thu, 03/08/2018 - 03:39

In this episode, John James Jacoby and I start with a continued discussion of AMP from last week. We cover the big releases of the week including Jetpack, Genesis, Yoast SEO, and Gutenberg. We discuss a new project that aims to determine Gutenberg compatible plugins, debate the terminology used to describe WordPress’ market share, and a new plugin that makes WordPress updates more secure.

Stories Discussed:

Gutenberg 2.3, Now With Nested Blocks
Genesis 2.6
Yoast SEO 7.0
Jetpack 5.9
4,500 Plugins Need Your Help in Determining Gutenberg Compatibility
New Plugin Makes WordPress Core Updates More Secure by Requiring Cryptographic Signature Verification
WordPress Now Used on 30% of the Top 10 Million Sites

Picks of the Week:

Mel Choyce’s presentation on Customizing the Future at LoopConf.

Felix Arntz’s presentation on a Global Admin, a deep dive into multi-network organization at LoopConf.

WPWeekly Meta:

Next Episode: Wednesday, February 14th 3:00 P.M. Eastern

Subscribe to WordPress Weekly via Itunes

Subscribe to WordPress Weekly via RSS

Subscribe to WordPress Weekly via Stitcher Radio

Subscribe to WordPress Weekly via Google Play

Listen To Episode #307:

Matt: Back to Blogging

Wed, 03/07/2018 - 22:59

WPTavern: Conceptual Ideas on How the Customizer Could Integrate With Gutenberg

Wed, 03/07/2018 - 10:17

While the initial focus of Gutenberg is the editor, the second focus is the Customization experience in WordPress. Mel Choyce, Product Designer at Automattic, recently spoke at LoopConf, on the past, present, and future of the customizer.

Choyce begins the presentation by describing when and how the customizer was added to WordPress. Fun fact, the customizer or what was known as the Theme Customizer at the time, was added to WordPress 3.4 “Green” in June 2012.

The session continues with Choyce showcasing new features and enhancements that have been made to the customizer since 2012. Near the 23 minute mark, Choyce shows conceptual images of what the customization experience could be like when implemented with Gutenberg.

In the experimental images, you can see options to choose page templates or layouts, live previewing changes to blocks, global site styles, and a standard set of user interface patterns. The ideas presented are concepts and likely to change.

Because the session was recorded with a picture-in-picture, I’m not able to provide high quality screen captures of the conceptual images. To see those items in detail, I recommend viewing the video in full-screen 1080p. You can full all of the LoopConf sessions for free via their YouTube channel.

HeroPress: Building A New Life

Wed, 03/07/2018 - 08:00

This is the story of how I co-founded Barn2 Media with my husband Andy, and scaled it from a startup to one of the UK’s best known WordPress agencies – all while working part-time.

I’ll tell you about the challenges I faced in building a WordPress business that is compatible with a good work-life balance. I’ll share what I did each time the growing business started to threaten my lifestyle, and how you can do the same.

The Beginning

I had a traditional full-time job throughout my 20’s. I enjoyed building my career and earning a regular salary, but didn’t like the lack of flexibility that came with it.

I didn’t like having to arrive at work by a fixed time, or being unable to choose when I worked. As a hard-working person, it felt counter-productive to be forced to work set hours when I may not be at my best.

My daily commute was anything from 25-50 minutes (which I realise is less than many people). It felt like a waste of time as I could work just as well from home, not to mention the environmental impact of driving so far just to sit in an office. Day-to-day tasks such as ordering items for home delivery became a big deal, as I wasn’t home during the day.

As a result, I spent most of my 20’s simultaneously building my career in a traditional job, while dreaming about running my own business and working for myself. Andy felt the same about his own job as a senior software developer.

I think that most people want a better lifestyle, but not many actually do anything about it. I thought I was one of those people.

Andy and I would talk endlessly about different business ideas (most of them terrible!) and even experimented with building a few websites that were never launched. However, we didn’t have the drive to make it happen and launch a business in the real world.

Starting a Business

In late 2009, Andy had finally had enough of his job and we agreed that it was time for him to quit. We decided to start a web design business together. He would work solely on the new business, while I would support it alongside my main job (which I didn’t hate, even though I didn’t like the lifestyle).

We started by building WordPress websites for small local businesses. Andy built the websites and I was responsible for copywriting and marketing. We approached local tradespeople who didn’t already have a website – back in 2010, there were still a lot of these! Our first clients were local plumbers, electricians, a washing machine repair shop, etc.

These early projects were quite low budget. The average hourly rate was quite low because we were still learning and hadn’t perfected our processes yet. We wasted a lot of time on projects where we had under-quoted but were committed to honoring the agreed price.

We made a lot of mistakes, and learned from them all!

By Year 2, the business was making the equivalent of a fairly low salary for one person. However, we had to work a lot for a relatively small income. This encouraged us to work more hours, and it wasn’t bringing the lifestyle benefits I was looking for.

Lifestyle Tip #1: Learn to Specialize

In late 2010, it occurred to me that we were building all our websites in WordPress but not advertising ourself as a WordPress company. I wondered whether people were actually searching for WordPress experts and whether this could be a good way to advertise. That may seem obvious in 2018 now WordPress is the world’s biggest web platform – but it was a genuine question back in 2010.

On a whim, I invested $100 in Google AdWords targeting keywords such as ‘WordPress web design’ and ‘WordPress developer’. Amazingly, we were overwhelmed with enquiries and quickly brought in over $4,000 of business – not a bad return on investment! The work came from medium sized companies who had never used our services before, with higher budgets.

Positioning ourselves as WordPress specialists completely changed the profile of our client base, as well as the budgets we were working with.

This vastly increased our average hourly income, so we were making more money without having to work more hours. Finally, it felt like a proper business with a better work-life balance.

Lifestyle Tip #2: Build a (virtual) team

The business grew quickly under its new identity as a specialist WordPress agency. By mid-2011, we had more work than we could manage ourselves. I also had a baby and increased my hours on the business while on maternity leave – eventually not returning to my old job. We still needed to increase the company’s income, while working towards the lifestyle we wanted.

We grew the business to the next level by building a virtual team.

I felt quite strongly that I didn’t want to become a traditional employer with a team of staff, all working together in an office. That would bring me back to the lifestyle I started with!

Instead, I decided to recruit a team of freelancers.

It took time to find the right freelancers, but the good news is that you can try someone out on a single project with no further commitment. If it doesn’t work out, then you don’t have to work with them again. Through trial and error, I built a team of freelancers with different WordPress-related skills. This increased capacity and allowed us to take on more projects without having to work more hours.

I was still managing all the projects, but could take a step back and wasn’t directly building the websites. Finally, it felt like a proper WordPress agency.

Lifestyle Tip #3: Selling WordPress products

By building a distributed team, the business became more and more successful. We were taking on more and more projects, and I was managing all of them. By the time we were running 20 projects at once, I had reached the limits of my capacity and was having to work a lot of hours.

From 2014-15, I experimented with working with freelance project managers, but had to give up because quality was dropping and our clients were less happy. I realised that with the current business model, I could only continue growing the business by working more and more hours. This wasn’t what I had been working towards!

It was time for Andy and I to pursue our other dream: selling WordPress products. We’d been talking about this since the early days of the business, but the client projects had kept us so busy that we’d never done anything about it.

In early 2016, Andy stepped out of the client business and started writing WordPress and WooCommerce plugins to sell. I continued managing client projects for the next 6 months, until the plugins were making enough money to stop taking on new projects and I could spend all my time marketing and supporting the plugins.

Selling WordPress plugins has been very successful because we already knew the market inside out from our years of developing WordPress sites.

We knew where the gaps were and what plugin customers want. We knew where other plugin companies get it wrong, and could learn from their mistakes without making the same mistakes ourselves!

By launching several plugins, we could listen to what our customers were asking for and build even more. In October 2016, we launched our WooCommerce Product Table plugin because so many people asked for a way to list products in a table with add to cart buttons. This immediately became our bestselling plugin and has sold more than all our other plugins combined. Since then, the plugin business has gone from strength to strength.

I have found that selling WordPress products brings a much better work-life balance than providing WordPress services.

We receive (many) plugin support requests every day, but each one takes relatively little time and is less pressured than fixing problems for web design clients. The whole business feels much more relaxed, and I don’t feel guilty about taking time off.

Between the two of us, we spend a couple of hours a day on plugin support. We continue improving the plugins, marketing, adding features and building the business on top of that. However, all of this is optional and can easily be done while working part-time.

Snow Day! Putting It Into Practice

Before we finish, I’ll tell you about my week. Today is Friday. At 10.30am on Wednesday, I received a text that my daughter’s school had closed for the rest of the week because of the unusual snow here in the UK.

The parents with traditional jobs panicked and had to quickly arrange childcare or time-off work. Some of them were stuck in cars on snowed-in roads as they tried to return to the village. No one could get to work the next day. A lot of people lost a lot of money.

Andy and I simply stopped work, put on our snow gear, walked the 10 minutes to the school, and then went sledging. Since then, we’ve been sharing the childcare in between responding to plugin support requests (and writing this article!). We’ve had 37 plugin sales on our website since the school closed, even though we’ve been working less hours than usual. Now, that’s what I’ve been working towards!


I’ve worked hard and have been extremely committed to building Barn2 Media. However, this has always been on the condition that it wouldn’t sacrifice my lifestyle goals.

For me, the ideal business is measured against a combination of financial success and lifestyle benefits. If the founders are working 70 hours a week to keep the money coming in, then it’s not a successful business!

You can do the same. Design a WordPress business that will give you the lifestyle you want, as well as making money. If you love working with people, build a team and provide WordPress services (WordPress design and development are good for this). If you want to travel, choose work that you can do remotely from different time zones (WordPress products are good for this). Plan your business around what matters to you.

WordPress is such a huge ecosystem that it comes with many opportunities to build a successful business. With a bit of extra thought and planning, you can build a WordPress business that is successful AND lets you life the lifestyle you’ve always wanted. That is the true measure of success.

The post Building A New Life appeared first on HeroPress.

WPTavern: WordPress Now Used on 30% of the Top 10 Million Sites

Tue, 03/06/2018 - 10:22

W3Techs, a survey company that monitors usage of various web technologies, is reporting that WordPress has reached 30% usage or 60.2% market share of all the websites whose content management systems it knows about. This represents a 0.6% increase since February 1st and 13.1% over the last seven years.

Just five days ago, Matt Mullenweg, co-creator of WordPress, brought attention to the approaching milestone.


— Matt Mullenweg (@photomatt) March 2, 2018

When it comes to WordPress’ market share numbers, W3Techs is the most cited source. While some say that WordPress now powers 30% of the web, technically, it is used by 30% of the top 10 million sites based on traffic according to Alexa. All sub-domains on WordPress.com and WordPress.org count as one site.

All the subdomains of https://t.co/37ETZ4JMFf and https://t.co/YtO6Msd90U do indeed only count as one site. Sites that are hosted by Automattic under their own domain do count if they have significant traffic on that domain. These are 0.4%, 29.5% are hosted somewhere else.

— W3Techs (@W3Techs) March 2, 2018

The internet is larger than the top 10 million sites. According to Internet live stats, there are close to 2 billion sites on the internet although a majority of them are inactive.

W3Techs’ numbers show that WordPress’ use is growing on sites that receive a lot of traffic and shows no signs of slowing down as it makes its way towards 50%.

WPTavern: New Plugin Makes WordPress Core Updates More Secure by Requiring Cryptographic Signature Verification

Sat, 03/03/2018 - 00:56

In 2016, WordFence published their findings of a vulnerability that could have compromised the servers that are used to send out WordPress updates. It turned out to be a complex, obscure vulnerability that ignited a conversation surrounding the security of api.wordpress.org and what could happen if the servers were compromised.

One idea that was brought forth is to digitally sign WordPress core, theme, and plugin updates. For at least five years, a trac ticket has laid semi-dormant with this idea in mind.

Fifteen months ago, Scott Arciszewski, Chief Development Officer for Paragon Initiative Enterprises, who is most widely known for his cryptography engineering work, published an article that has since been taken down, expressing his strong desire for Matt Mullenweg to make secure cryptographic signatures a priority. Mullenweg responded to his post with one of his own stating that although WordPress update signing is important, it’s not a high priority.

“We will at some point; as said above it’s a good idea — can’t hurt, might help,” Mullenweg responded when asked if WordPress was ever going to do update signing. “There are, however, some more important security issues in front of it, that impact millions of sites in the real world, so we are prioritizing those issues above a nice-to-have, defense in-depth effort.”

Eric Mann Launches Secure WordPress Updates Plugin

While WordPress does not digitally sign updates, Eric Mann, founder of Displace Technologies, LLC, has created and released a new plugin that adds code signing to WordPress core updates. It’s called DGXPCO or Digital Guarantees for eXplicitly Permitted Core Operations. You’ll find it on the plugin directory by searching for DGXPCO.

When installed and activated, the plugin integrates with the core updater and requires that any core update must have a valid signature before it can be installed. The signature provides a secondary source of truth that confirms the integrity of the files. The signatures are created using a Ed25519 public/private keypair and Libsodium to sign the files’ contents.

Mann keeps the private key offline and has published the public key online. The public key will not change and if a core update is signed by a different key, it is a red flag and the update should be avoided. In addition, commits made to the release hashes repository on GitHub are signed with Mann’s PGP key to verify that he is the one who added new code.

Mann admits that the solution is not fool-proof and is working towards improving it. In future versions, the plugin will only notify the user of a WordPress core update if a digital signature is available. Plugins and themes are on the roadmap as well with the ability to opt-in.

Although he is the only person allowed to digitally sign packages, the model is not sustainable.

“As I prove out the update system, I’ll also begin adding sets of public keys that are scoped to specific sets of packages,” Mann said. “This will, for example, allow me to whitelist a small number of trusted developers to also sign core packages. It might also empower plugin developers to sign their own releases (but not anyone else’s).”

Mann is seeking feedback and is hoping the project provides evidence that something like it can be added to WordPress core.

Post Status: Marketing and positioning WordPress products — Draft podcast

Fri, 03/02/2018 - 20:24

Welcome to the Post Status Draft podcast, which you can find on iTunes, Google Play, Stitcher, and via RSS for your favorite podcatcher. Post Status Draft is hosted by Brian Krogsgard and co-host Brian Richards.

This week BK and BR discuss a number of different aspects surrounding marketing and selling WordPress products and services. The conversation flows from selling benefits vs features, to social proof, to marketing and conversion funnels, to understanding and reacting to the problem space, to customer support, and many things in between. Whether you’re already selling products or services, about to sell something, or routinely buy things, there’s likely something for you in this episode.

Links Sponsor: SiteGround

SiteGround is engineered for speed, built for security, and crafted for WordPress. They offer feature-rich managed WordPress hosting with premium support, and are officially recommended by WordPress.org. Check out SiteGround’s website for a special deal for Post Status listeners, and thanks to SiteGround for being a Post Status partner.

WPTavern: 4,500 Plugins Need Your Help in Determining Gutenberg Compatibility

Fri, 03/02/2018 - 00:57

One of the keys to a successful roll out of Gutenberg is plugin compatibility. Without it, users will experience unnecessary frustration and hamper enthusiasm of the new editor. In an effort to figure out what plugins are already compatible with Gutenberg, Daniel Bachhuber has created a Gutenberg Plugin Compatibility Database.

Gutenberg Plugin Compatibility Database

The database contains 5,000 plugins that represent more than 90% of the total active install count. Plugins are compatible with Gutenberg if they meet the following two requirements.

  • A WordPress user can perform the same functional task with Gutenberg active. For instance, if the plugin includes an ‘Add Media’ button, it’s considered Gutenberg-compatible when it has a block registered for the Gutenberg inserter.
  • There are no (obvious) errors when the WordPress plugin is active alongside Gutenberg.

In order to participate in the testing process, you’ll need to register an account on the site. Once approved, testers will be able to create a fresh sandboxed WordPress install on the site and test randomly selected plugins. After a manual review is complete, plugins will be marked as is_compatible=yes or is_compatible=no.

Some plugins are already classified with is_compatible=likely_yes or is_compatible=likely_. As reports are completed, two pie charts that display compatibility results at the bottom of the site update automatically.

Bachhuber estimates that if each plugin takes about a minute to test, they’ll need roughly 75 person-hours to get through the remaining 4,500 plugins in the database. This project is a great opportunity for individuals and businesses to contribute back to WordPress via the Five for The Future initiative.

Ideal testers are those who can review dozens of plugins, but even reviewing a few will help the project. If you’re interested in contributing, check out the project’s GitHub page to learn what’s involved in the testing process. Alternatively, visitors can watch the following YouTube video.

Dev Blog: The Month in WordPress: February 2018

Thu, 03/01/2018 - 08:41

Judging by the flurry of activity across the WordPress project throughout February, it looks like everyone is really getting into the swing of things for 2018. There have been a lot of interesting new developments, so read on to see what the community has been up to for the past month.

WordPress 4.9.3 & 4.9.4

Early in the month, version 4.9.3 of WordPress was released, including a number of important bug fixes. Unfortunately it introduced a bug that prevented many sites from automatically updating to future releases. To remedy this issue, version 4.9.4 was released the following day requiring many people to manually update their sites.

While this kind of issue is always regrettable, the good thing is that it was fixed quickly, and that not all sites had updated to 4.9.3 yet, which meant they bypassed the bug in that version.

You can find out more technical information about this issue on the Core development blog.

The WordCamp Incubator is Back

In 2016, the Global Community Team ran an experimental program to help spread WordPress to underserved areas by providing more significant organizing support for their first WordCamp event. This program was dubbed the WordCamp Incubator, and it was so successful in the three cities where it ran that the program is back for 2018.

Right now, the Community Team is looking for cities to be a part of this year’s incubator by taking applications. Additionally, each incubator community will need an experienced WordCamp organizer to assist them as a co-lead organizer for their event — if that sounds interesting to you, then you can fill in the application form for co-leads.

You can find out further information about the WordCamp Incubator on the Community Team blog.

WordPress Meetup Roundtables scheduled for March

In order to assist local WordPress meetup organizers with running their meetup groups, some members of the Community Team have organized weekly meetup roundtable discussions through the month of March.

These will be run as video chats at 16:00 UTC every Wednesday this month and will be a great place for meetup organizers to come together and help each other out with practical ideas and advice.

If you are not already in the WordPress meetup program and would like to join, you can find out more information in the WordPress Meetup Organizer Handbook.

GDPR Compliance in WordPress Core

The General Data Protection Regulation (GDPR) is an upcoming regulation that will affect all online services across Europe. In order to prepare for this, a working group has been formed to make sure that WordPress is compliant with the GDPR regulations.

Aside from the fact that this will be a requirement for the project going forward, it will also have an important and significant impact on the privacy and security of WordPress as a whole. The working group has posted their proposed roadmap for this project and it looks very promising.

To get involved in building WordPress Core, jump into the #gdpr-compliance channel in the Making WordPress Slack group, and follow the Core team blog.

Further Reading:

If you have a story we should consider including in the next “Month in WordPress” post, please submit it here.

WPTavern: WPWeekly Episode 306 – AMP, GDPR, and Brewing Beer At The Boss’ House

Thu, 03/01/2018 - 02:19

In this episode, John James Jacoby joins me live from Hutchinson, KS, to talk about the news of the week. We started off the show discussing the GDPR and the number of things that need to be considered surrounding the right to be forgotten.

We also have a lengthy conversation about AMP, the open web, and Automattic’s relationship with Google. Last but not least, we discussed Automattic’s recent hiring of Kinsey Wilson to be president of the company.

Stories Discussed:

Matt Cromwell Hosts Matt Mullenweg in Q&A Gutenberg Interview
New Team Forms to Facilitate GDPR Compliance in WordPress Core
For one-time NPR and NYT digital chief, a new adventure: WordPress

WPWeekly Meta:

Next Episode: Wednesday, March 7th 3:00 P.M. Eastern

Subscribe to WordPress Weekly via Itunes

Subscribe to WordPress Weekly via RSS

Subscribe to WordPress Weekly via Stitcher Radio

Subscribe to WordPress Weekly via Google Play

Listen To Episode #306:

HeroPress: Changes Coming To HeroPress

Wed, 02/28/2018 - 12:00

Over the last few months, I’ve been having some deep talks with my HeroPress partner about what the future of HeroPress looks like. We came up with some changes that feel deeply satisfying. Changes we think should help HeroPress, help readers, and help us as content producers. So here we go.

Financial Changes

At various times in the past people have told me that the time I spend on HeroPress is worth compensation. When I first started it as a blog, I had no intention of getting money from it. However, being compensated for my time helped ease the burden on my family.

With that in mind, last fall I test-drove a donation page based on interest from some in the community.

It was a good idea, and I’m thankful for the support I received, but for now it’s not the right path.

So, I’ve pulled the donation page from the site and am no longer accepting site sponsors. You’ll notice I do have a Sponsorship page, but it lists organizations that have made material contributions like hosting, plugins, etc.

Content Changes

We’ve been publishing every Wednesday for several years now. Over time, readership has climbed quite a bit. That’s great, but it means that many current readers have never seen the earlier content, which remains quite evergreen.

To address this, we’re going to do new HeroPress essays once a month. The other weeks of the month will be replays of earlier essays.

This allows for some breathing room in gathering new contributors and brings back some really great content that shouldn’t be forgotten.

It also opens up my time to explore the community more. To see if there are new ways that people, particularly on the fringe, can be helped. Sharing stories is useful, but are there other opportunities and needs we’re missing?

The Future

So HeroPress will continue. I still love doing it. At various times we’ve discussed making it bigger, doing grand things. But not now. For now we’re going to let it grow organically and continue letting it serve its purpose: to give voice to WordPress stories, to make them known, to inspire.

The post Changes Coming To HeroPress appeared first on HeroPress.

WPTavern: New Team Forms to Facilitate GDPR Compliance in WordPress Core

Tue, 02/27/2018 - 23:20

As May 25th, the enforcement date for the General Data Protection Regulation (GDPR) draws near, individuals and businesses are scrambling to make sure they’re compliant. I’ve read a number of blog posts throughout the WordPress community explaining the GDPR and what needs to be done for compliance and it’s a tough thing to grasp.

The EU GDPR was designed to harmonize data privacy laws across Europe, protect and empower European citizens data privacy, and reshape the way organizations across the region approach data privacy. In reading the regulation and various blog posts, the terminology makes it appear that the changes are geared towards large, international businesses that process personal data.

However, according to Heather Burns, a digital law specialist in Glasgow, Scotland, the GDPR affects sites large and small.

GDPR applies to all businesses, organizations, sectors, situations, and scenarios, regardless of a business’s size, head count, or financial turnover. A small app studio is every bit as beholden to these rules as a large corporation.

Determining if your site needs to be compliant and how to accomplish it can be overwhelming. If you do business in Europe or collect data from European users, you must protect that data in accordance with the GDPR as if you were in Europe. For example, if you operate a blog with a contact form that saves entries to the database from people who live in Europe, you must make your site GDPR compliant.

There are a lot of aspects to the GDPR and while an excerpt can not fully explain it at a glance, there are a few themes that stick out to me.

  • Be upfront and concise about what data is stored, sent, and used on the site or form.
  • Give the user a chance to consent without automatically opting them in.
  • Collect the least amount of data possible for legitimate business purposes.
  • Provide a way for users to download or access their data and remove it.

Many of these are common sense practices that are not implemented on many sites, WP Tavern included. How often do you visit a site’s contact form and see an explanation as to why those fields are required, where the data is stored, where it goes, and what is done with it? This is something I’ll be working on in the next few weeks.

Making WordPress Core GDPR Compliant

Earlier this month, a number of volunteers gathered to discuss GDPR compliance in WordPress core. The meeting took place in a newly created channel #gdpr-compliance that’s accessible to anyone with a SlackHQ account.

The team created a proposed roadmap to add privacy tools to core. The plan includes the following ideas:

  • Add notices for registered users and commenters on what data is collected in core by default and explain why.
  • Create guidelines for plugins on how to become GDPR compliant.
  • Create and add tools to facilitate compliance and privacy in general.
  • Add documentation and help for site owners to learn how to use these tools.

Earlier today, the team met and created a GitHub folder that houses the roadmap, knowledge base, trac ticket list, and other items associated with the project. There was also some discussion on whether the interface provided by the GDPR for WordPress project is a good foundation for core and plugins to report personal data. The GDPR Compliance Slack channel is also a good place to ask questions and discuss data privacy in general.

Popular form plugins such as GravityForms and NinjaForms have documentation available that explains GDPR compliance and how it applies to their products. For those who use the Contact Form module in Jetpack which saves entries to the database by default, you’ll need to wait for further updates. WooCommerce and Automattic have announced that they expect their products will be GDPR compliant by the time it goes into effect later this year.

GDPR Resources

If you’re like me, reading about the GDPR and its policies can make your head spin. It’s important to keep in mind that at the heart of the GDPR are common sense behaviors for handling personal data. If you’d like to learn more about the GDPR, check out the following resources.