WordPress Plugin Team Revamps Guidelines, Invites Feedback on GitHub

WordPress Plugin Team Revamps Guidelines, Invites Feedback on GitHub

photo credit: pollas - cc
photo credit: pollascc

Two months ago the WordPress Plugin Directory guidelines became a heated topic of debate after the plugin team began cracking down on incentivized reviews. The most recent publicized incident involved the Sprout Invoices plugin, which was temporarily removed from the directory and all of its 5-star reviews erased after it was discovered that the author was offering a discount on the commercial version in exchange for a review. The policy forbidding incentivized reviews was enforced despite not being explicitly documented among the official guidelines.

After spending a few months re-writing the guidelines to be more clear, Mika Epstein asked the plugin team and contributors at WordCamp NYC to review the changes. She published the proposed guidelines to a repository on GitHub and is now requesting feedback from the greater community.

“If you feel a guideline’s explanation is unclear, please create an issue or a pull request with what you feel should be changed and why,” Epstein said. “All grammar/spelling corrections are greatly welcome. We’re trying to write these for all levels of developers, as well as people who may not speak English proficiently.”

The original guidelines were written by Samuel “Otto” Wood roughly five years ago and were in need of an update. Several items, which previously contained vague language and indecipherable expectations, have been rewritten to be more clear. Once the revised guidelines have had enough time to receive community feedback, they will replace the existing guidelines on WordPress.org.


WordPress Conquers NASA And Beyond

Not only does WordPress dominate more than 25 percent of the internet but it has now conquered space. NASA recently updated a blog post explaining the benefits they’ve received since launching the NASA GRC WordPress website, which first launched in July 2007.

The post highlights several of the benefits for using WordPress including ease of use, low cost, SEO, and more.

Search Engine Friendly

The basics of SEO are already built into the system. It encourages you to fill out title tags, categories, and meta descriptions.

“When a site curator posts a news-related item on a public-facing NASA WordPress site, the major search engines are automatically notified to catalog the new content; additionally, the system automatically builds XML sitemaps to help search engines correctly catalog and prioritize your content in their databases,” the post said.

Though this isn’t new, it is a great service for any site owner that doesn’t have a strong SEO background. NASA is able to deliver important news quickly.

Section 508

Section 508 is a government-wide accessibility program. It is essential that every government-sponsored website adheres to it. Luckily for NASA, WordPress does it automatically.

“Our NASA WordPress themes (the HTML/CSS design, structure and programming) is already Section 508 compliant, and new Section 508 issues are addressed as the overall theme is upgraded. Essentially, only the content (text, photos, videos) that a site curator adds will need to be verified for Section 508 compliance by the curator,” the post said.

Content Separate From Design

Another huge time saver is that content is separate from design. That means that when you change your theme, the old content will change with it. No more going through every old post or image, and making sure it lines up with the new design.

“There’s no need for wholesale, time-consuming revisions of your entire site if and when the design changes,” the post said.

When everything is done for you, you can focus on the content.

This blog post is one small step for WordPress and one giant leap for open-source software. I know that was a cheap joke, but it really illustrates the exciting role open source is beginning to take in the US government. NASA isn’t the final frontier.

The White House And Open Source

A few months ago, The White House not only announced Whitehouse.gov would be open source but asked for input from developers.

People added suggestions on GitHub to help create the federal source code policy and this month, the results were shared. From the analyzed data, custom open-source code was born.

The announcement post, titled “The People’s Code,” explains the uses of Code.gov.

“The policy, which incorporates feedback received during the public comment period, requires new custom-developed source code developed specifically by or for the Federal Government to be made available for sharing and re-use across all Federal agencies,” the announcement said.

This isn’t the first case of the US government using open source, but it takes the practices government-wide.

“By opening more of our code to the brightest minds inside and outside of government, we can enable them to work together to ensure that the code is reliable and effective in furthering our national objectives,” the announcement said.

In the coming months, Code.gov will be released and people from all over will able to share and access government code.

It’s a huge year for open-source projects. From the White House to NASA and beyond, code is being shared and collaborated on for a more transparent world.

For more NASA puns, check out Doc Pop’s News Drop, our weekly news video. 

Emily Schiola

Emily Schiola is a Staff Writer at Torque. She loves good beer, bad movies, and cats.

The post WordPress Conquers NASA And Beyond appeared first on Torque.

Jetpack 4.3 Now in Beta, Admin Interface Rebuilt Using React.js

Jetpack 4.3 Now in Beta, Admin Interface Rebuilt Using React.js


Automattic is doubling down on its commitment to using JavaScript in its products. In November 2015, the company debuted Calypso, its first React.js-based product powered by the WordPress.com REST API. Shortly after Calypso’s unveiling, Automattic CEO Matt Mullenweg declared that “JavaScript and API-driven interfaces are the future of not just WordPress but the web.”

Today the company announced the next release of Jetpack will include an admin interface that has been entirely re-written from the ground up to use React.js. After thousands of hours of development from Automattic’s engineers and designers, the upcoming release is now in the hands of beta testers.

Jetpack 4.3 admin interface rebuilt with React.js
Jetpack 4.3 admin interface rebuilt with React.js

The Jetpack team is encouraging theme and plugin developers, as well as hosting providers, to test the beta alongside their products to ensure compatibility before the official release. Anyone who wants to preview it and help find bugs can sign up to be a beta tester, which will give you immediate access to 4.3. Beta testers can report bugs by opening a new issue on Jetpack’s GitHub repository or send feedback via the online beta tester form.


Dev Chat Agenda for August 31 (4.7 week 2)

This is the agenda for the weekly dev meeting on August 31, 2016 at 20:00 UTC:

  • General reminder: as holidays or other conflicts come up, be sure to announce meeting moves or cancellations. For instance, next Monday is the US Labor Day holiday and the Monday after that is Eid al Adha.
  • Update on 4.6.1.
  • #36335: Autoloader and #37699: Globals – what could and should happen in order to be effective and move forward?
  • 4.7 project/feature proposals: who wants to work on what?
  • Triage of tickets marked early for 4.7 (milestoned and unmilestoned).

If you have anything to propose to add to the agenda, please leave a comment below. See you there!

Torque Toons: NASA’s WordPress Site Are Out Of This World

According to an updated blog post, NASA is on WordPress. I bet they have strong opinions on Jetpack.

Don’t forget to check out our other editorial toons!

Doctor Popular is an artist and musician living in San Francisco. As a full disclaimer, he is neither a doctor nor popular.

The post Torque Toons: NASA’s WordPress Site Are Out Of This World appeared first on Torque.

Lesser-Known Features in WordPress 4.6

Lesser-Known Features in WordPress 4.6 →

Drew Jaynes has a pretty neat post up about some features you may not have noticed in WordPress 4.6. I have to admit that I’d not been paying super close attentions to everyone’s release notes posts, but this stuff was almost completely new to me. The most significant to me (by far) of Drew’s list is the last:

One code change that really didn’t get a lot of play in feature announcements was that deprecating hooks is now possible in core. Add-on developers may now collectively rejoice!

No core hooks were deprecated in 4.6, but that shouldn’t stop plugin and theme developers from using it right away.

Two new global functions were added, do_action_deprecated() and apply_filters_deprecated(), along with the private helper they both use: _deprecated_hook(). All in all, deprecating hooks is pretty straightforward…

I had no idea that WordPress core team had plan to make deprecating hooks possible, but I really like the idea of making it easier for people to slowly but deliberately change and modify their code by deprecating hooks and then later removing them entirely. The ability to more smoothly refactor and modify code without leaving people scrambling is almost always a good thing, and so welcome for WordPress!

How to Set Up CloudFlare for WordPress – The Complete Guide

Page speed and security should be two issues on the mind of every WordPress site owner. We wrote a huge post about WordPress and page speed back in 2014. And since then, page speed has only gotten more important. Users want sites to load fast – 30% of people want sites to load in under one second. And if your site doesn’t, they’re probably going to go somewhere else.

The post How to Set Up CloudFlare for WordPress – The Complete Guide appeared first on WPLift.

Install Fast and Free SSL and HTTPS in cPanel with Let’s Encrypt

Let’s Encrypt is a trusted, open source certificate authority that offers free SSL certificates for as many domains as you want – and now there are easy ways to integrate it with cPanel for one-click, automated certificate installation that takes mere seconds to complete.

Installing an SSL certificate with Let’s Encrypt is already fast, but if you own a hosting business, you’re a developer who manages clients’ sites, or you want an even faster solution, then there are three Let’s Encrypt plugins you can integrate into cPanel, including an official plugin by cPanel.

In this post, I’ll cover how to install each of the three Let’s Encrypt plugins for cPanel and how you can use them to install and renew free certificates in a few seconds.

Server Requirements

To run any of the three plugins for cPanel there are a few prerequisites:

  • You need cPanel installed with a valid license
  • Root and SSH access to your server
  • The basic requirements for using Let’s Encrypt:
    • Unix-type OSes that include Python 2.6 or 2.7
  • For the official cPanel plugin:
    • cPanel and WHM versions 58.0.17 or above
  • For the plugin found on GitHub, you need:
    • A Centos five, six or seven server
    • A static IP address if you have Centos five
  • For the Let’s Encrypt for cPanel plugin, you need
    • i386 or x86_64 CentOS 6 or 7 (5 is not supported)
    • WHM 11.52 or higher (CloudLinux and LSWS compatible)
    • Remote access key has been generated (/root/.accesshash)

If you don’t have a remote access key generated but want to use the Let’s Encrypt for cPanel plugin, log into WHM and go to Clusters > Remote Access Key and click the Generate New Key button.

It may be important to note that the Let’s Encrypt for cPanel plugin is the only premium option on the list. It’s $30 and there’s a free trial available. If you would like to try it out before purchasing a license, you can install it with a trial license automatically.

If you decide to purchase a premium license after all, you can replace the trial licensee on your server with the premium license file. The details on this can be found on the Let’s Encrypt for cPanel Installation page.

Once you have all the server requirements for the plugin you want to use, you can go ahead and install it. Feel free to skip ahead to the one you want to install:

  1. Let’s Encrypt for cPanel Installation
  2. Free Let’s Encrypt cPanel GitHub Plugin
  3. Free Official cPanel Plugin

1. Let’s Encrypt for cPanel Installation

Installing the cPanel Plugin

Log into your SSH client at root level, then add the Let’s Encrypt repository with the following command:

Next, install the plugin for cPanel with line below and yum:

The installation process usually takes about a minute. If all goes well and the installation was successful, a test should run automatically.

If it renders similar messages as the example below, you’re good to go:

You can log in to your cPanel account and install your first SSL certificate.

Installing a Certificate

Once you’re logged into cPanel, you should see a Let’s Encrypt for cPanel button under Security. Click on it to access your active domains list to install a certificate.

The Let's Encrypt for cPanel button in cPanel.
Click the Let’s Encrypt for cPanel button to get started installing some SSL certificates.

Toward the bottom of the page, you should see the Issue a new certificate section. You should see a list of all your active domains including variations of them with and without a www. prefix.

You can check multiple boxes to install more than one certificate at a time or click the Issue Single link beside the domain where you want your certificate installed.

If you check multiple boxes, click one of the Issue Multiple links at the top or bottom of the list.

The Issue a new certificate section.
You can install multiple certificates at a time or just one.

Next, click the checkboxes next to the domains you don’t want to include if you selected multiple ones on the list on the previous page. Also select which domain you wish to be the primary one users are going to visit.

If you use one of the domains to access your email, also check the box labeled Install mail SMTPS/POP3S/IMAPS SSL certificate. Finally, click Issue to install your certificates.

Let's Encrypt for cPanel options.
Select which domains to include and install by clicking the Issue button.

The installation process takes about 10 seconds, but can take up to 45 seconds depending on how many certificates you have selected to issue. When the process has completed, you should see a message letting you know the installation was a success.

If something went wrong, try again. It usually works the second time around.

When you return to the main page, you should see your domains with certificates installed listed at the top of the page. You can click the Remove links to delete certificates one-by-one, or the Reinstall link to renew the certificates before the expiry date.


Ultimate WordPress security with WP Defender

Defender protects you against evil bots and hackers with automated security scans, vulnerability reports, safety recommendations, blacklist monitoring and customized hardening in just a few clicks.


2. Free Let’s Encrypt cPanel GitHub Plugin

As with any plugin installed from GitHub, it’s important that you’re aware of the inherent risks. Since regular maintenance and security isn’t guaranteed across all plugins found on GitHub, you need to be sure you trust the developer.

It’s a good practice to check out the developer of even recommended plugins from GitHub no matter who recommends them. For details about the developer of this plugin, check out the Let’s Encrypt cPanel plugin repository on GitHub.

For more details on the precautions you should consider before installing plugins from GitHub, check out one of our other posts How to Find and Install Hundreds of Free WordPress Plugins from GitHub.

Installing the cPanel Plugin

Log into the root of your server with SSH and run this command to download the plugin package to your server:

Next, go to the directory that was created for the plugin with the following line:

Finally, install the plugin by entering the command below:

Once you receive a message that says Successfully installed letsencrypt manager you’re all set to install your first SSL certificate.

Installing a Certificate

Once you’re logged into cPanel go to Security and click the Let’s Encrypt link. You’re not going to see an icon accompanied with the link. We’re not being fancy here.

On the management page, click the New SSL Certificate button.

The Let's Encrypt Manager cPanel plugin page.
Manage and install a new SSL certificate in one click.

Next, select one of your domains that you have registered to your cPanel account. Once you have made your choice, click the Submit button to start installing your certificate.

The inline pop-up to choose and install a certificate.
Choose your domain name and click the Submit button to install your certificate.

After about 10 seconds, you should be re-directed to the main page with a message letting you know the installation was a success. You should also see your domain listed on the page as well.

The success message.
Once your certificate is installed you should see a few details listed on the page for it.

Next to your domain on the list, you should see that a certificate for your domain was installed automatically for both your main domain and with a www. prefix. You should also see the date your certificate expires as well as the number of days you have left until the certificate expires.

3. Free Official cPanel Plugin

While this plugin needs to be installed to see it when you log into cPanel, there’s a chance it could come pre-installed in cPanel and WHM version 60. It’s not for certain yet only because extra testing needs to be completed by the folks behind cPanel before they can push out the change for everyone.

Installing the cPanel Plugin

For now, you can install the official Let’s Encrypt plugin for cPanel with one command:

The final installation steps need to be completed in WHM so go ahead and log in as the root user. Go to SSL/TLS > Manage AutoSSL and choose the Let’s Encrypt option under Choose an AutoSSL provider.

Next, check the boxes for I agree to these terms of service and Create a new registration with the provider. You can also click the link to review the terms of service.

The Manage AutoSSL page.
Fill out the form to finish installing the plugin.

When you have made your selections, click Save. You should see a small pop-over appear in a few seconds that lets you know the installation has completed successfully.

Installing a Certificate

It’s important to note that this feature only works if AutoSSL is enabled for the users where you want the SSL certificates installed. To enable this option for users, click the Manage Users tab, then select the Enable radio button next to the user account names where you want to install certificates.

Click the Check button to enable AutoSSL. When the process has completed, you can go back to the main Providers tab and click the Run AutoSSL For All Users button.

The Manage AutoSSL page.
Click the button to install certificates for all cPanel user accounts.

The process should only take a few seconds, but can take longer if you have many cPanel accounts and domains. Once the process is complete, all domains registed to all the cPanel accounts should have an SSL certificate installed.

Also, you won’t have to worry about renewing the certificates since that’s all setup for you automatically.

Wrapping Up

That’s a wrap! Three options you can use to install SSL certificates using your cPanel account or WHM.

Any of these options are generally great and fast but note that some plugins can be trusted more than others so be sure to exercise the appropriate amount of caution before installing any plugin for cPanel.

If you run to any troubles, feel absolutely free to contact our expert support team, night or day. We’re here for you. If you already have an active WMU DEV membership, premium support is all set and ready for you so you can open a support ticket, hop on live chat or check out the support forum for any issues you experience.

Related posts:

  1. Adding Free SSL Certificate and HTTPS to WordPress with Let’s Encrypt and Certbot Installing an SSL certificate on your domain is an essential…
  2. WordPress Multisite Masterclass: Client Sites and Domain Mapping In part four of our WordPress Multisite Masterclass, learn how…
  3. The Ultimate Guide to Domain Mapping with WordPress and Multisite Find out everything you need to know to setup domain…
  4. How to Use One SSL Certificate for Your Entire Multisite Network Securing your site with an SSL certificate should be an…

Beginner’s Guide to Troubleshooting WordPress Errors (Step by Step)

Are you encountering a common WordPress error on your site? Do you want to troubleshoot these WordPress errors on your own? Most of these errors can be solved by following easy troubleshooting steps. In this beginner’s guide, we will show you how to troubleshoot WordPress errors one step at a time.

Troubleshooting WordPress errors

1. Create a Complete Backup of Your WordPress Site

First thing you should do is to create a complete backup of your WordPress site. If you were already using a WordPress backup plugin, then make sure that you have a recent backup safely stored somewhere.

If you were not using a backup plugin, then you should start using one immediately. However, in case you don’t have access to the admin area of your WordPress site, then you will need to manually backup your database and files.

Backups allow you to restore your WordPress site easily when something goes wrong. They are your first and most important defence against security threats, hacking, and data loss.

2. Deactivate All Plugins Installed on Your Website

Most of the times errors are caused by a plugins conflicting with each other, your theme, or the WordPress core. Deactivating all WordPress plugins on your site will most likely solve the problem. You can then find out which plugin was causing the issue by activating plugins one by one on your site.

If you have access to the admin area of your WordPress site, then simply head over to the plugins page.

Select and deactivate all plugins in WordPress

First you need to select all plugins, and then select ‘Deactivate’ from ‘Bulk Actions’ drop down menu. Click on the Apply button to deactivate all selected plugins.

If you do not have access to the admin area, then you will need to use FTP or phpMyAdmin to deactivate all plugins.

Simply connect to your website using an FTP client. If you haven’t used FTP before, then you may want to see our how to use FTP to upload files to WordPress.

Navigate to the wp-content folder and rename plugins folder to “plugin.deactivate”.

Rename plugins folder using FTP

For more detailed instructions, see our article on how to deactivate all plugins when not able to access wp-admin.

3. Switch to a Default WordPress Theme

Sometimes your WordPress theme can cause issues on your site. You can easily find out if your theme is causing an issue by switching to a default WordPress theme like Twenty Sixteen or Twenty Fifteen.

Head over to Appearance » Themes page and then click on the Activate button next to a default theme.

Switch to a default WordPress theme

However, if you don’t have access to the admin area of your WordPress site, then you will need to use FTP to switch theme.

Connect to your website using an FTP client and then navigate to /wp-content/themes/ folder. Download your current active theme as a backup to your Desktop.

After that you need to delete all themes except a default WordPress theme like TwentySixteen. Since your active theme will no longer be available, WordPress will now automatically switch to using the default theme available.

If your theme was causing the issue, then you should be able to log in to your WordPress site now.

4. Refresh Permalinks

WordPress uses SEO friendly URL structure or Permalinks. Sometimes the permalink structure is not updated or configured properly, which may result in unexpected 404 errors on your site.

You can easily refresh permalinks without changing anything on your WordPress site. Visit Settings » Permalinks page and click on ‘Save Changes’ button without changing anything.

Update permalinks in WordPress

5. Backup and Delete .htaccess File

A corrupt .htaccess file is often the cause of the internal server error.

First you need to connect to your website using an FTP client. The .htaccess file is located in your site’s root directory.

Since it is a hidden file, you may need to force your FTP client to show hidden files. See our article on why you can’t find .htaccess file on your WordPress site

You need to download the .htaccess file to your computer as a backup, and then delete it from your web server.

You can now try to login to your WordPress site and go to Settings » Permalinks page. Click on the Save Changes button to refresh your permalinks and to regenerate a new .htaccess file for your site.

6. Fix WordPress Site URL

Having incorrect settings for WordPress URL and Site URL options can also cause redirect issues, 404 errors, and some other common issues.

WordPress URL and Site URL options can be changed from admin area by visiting Settings » General page.

Changing WordPress Address and Site Address options from admin area

Make sure that both URLs are exactly the same.

If you do not have access to the admin area of your WordPress site, then you can change these URLs using FTP. There are two ways to do that using FTP:

Update WordPress URL and Site URL Settings in wp-config.php File

Once connected to your website using an FTP client, locate wp-config.php file. Now you need to edit this file in a text editor like Notepad.

Go to the line that says /* That's all, stop editing! Happy blogging. */, and just before it, add this code:


Don’t forget to replace example.com with your own domain name. Now save your changes and upload the file back to your server.

Update URLs Using functions.php File

You can also update URLs using your theme’s functions.php file.

Open your FTP client and navigate to /wp-content/themes/ folder. Open your current active theme’s folder and locate functions.php file inside it. Now you will need to edit the functions.php file in a text editor like Notepad.

Simply add these lines at the bottom of the functions file:

update_option( 'siteurl', 'http://example.com' );
update_option( 'home', 'http://example.com' );

Don’t forget to change WordPress URLs from the settings page after you login to your site. Once you have added them on the settings page, you need to delete these lines from your theme’s functions file.

7. Check Reading Settings

If your newly created WordPress site is not indexed by search engines, then this is the first thing that you should do.

Login to your WordPress site and go to Settings » Reading page. Scroll down to the bottom of the page and make sure that the box next to ‘Search Engine Visibility’ is unchecked.

Search engine visibility

This option allows you to discourage search engines from showing your website in search. It is used by webmasters when they are working on a website which is not ready to be live. Sometimes you can accidentally check this setting and forget about it.

Make sure that this option is unchecked when your website is ready to go live.

8. Troubleshooting Email Issues

Many WordPress hosting providers do not have mail settings properly configured. This stops you and your users to receive emails from WordPress.

If you are using a contact form plugin, then you will not be able to receive those emails as well. You will also not receive any WordPress notifications.

See our complete step by step instructions in our article on how to fix WordPress not sending email issue.

9. Scanning for Malware and Backdoors

If you suspect that your WordPress site is affected with malware, then you should scan your website with Sucuri. It is the best website security monitoring service for WordPress site owners.

See our case study of how Sucuri helped us block 450,000 WordPress attacks in 3 months.

For more detailed instructions, see our guide on how to scan your WordPress site for potentially malicious code.

Getting Better Support

After following the above mentioned troubleshooting steps, you would be able to fix many of the most common WordPress errors. However, if the problem persists, then you can seek further support.

WordPress is a community software, so you can get help from the community by posting in WordPress support forums. Here is how to write a better support request:

  • Be polite and nice. No matter how upset or frustrated you are, do not use harsh language.
  • Mention your problem briefly.
  • Describe troubleshooting steps you have taken so far.
  • Uplaod screenshots on a cloud image sharing service, and then add the links in your support thread.

For more on this topic, take a look at our guide on how to properly ask for WordPress support and get it.

We hope this article helped you learn how to troubleshoot WordPress errors. You may also want to see our list of 14 most common WordPress errors and how to fix them.

If you liked this article, then please subscribe to our YouTube Channel for WordPress video tutorials. You can also find us on Twitter and Facebook.

The post Beginner’s Guide to Troubleshooting WordPress Errors (Step by Step) appeared first on WPBeginner.