This is just a heads up that I’ll be recording a live show of WordPress Weekly on Saturday, November 6th which is tomorrow. I’ll try to cover the news of the week if I can figure out what it is. I’ll also be updating everyone as to what I’ve been up to the past few months. Last but not least, we’ll catch up with Brad Williams of WebDevStudios.com to see what he’s been up to lately.
WordPress Mobile Users Grow To 1 Million
What a great milestone for the WordPress ecosystem. On November 3rd, Isaac Keyet used the WordPress.com announcement blog to let us know that the userbase for the various WordPress mobile apps had reached 1 million. In addition to that announcement, there is now a WordPress application for Nokia phones both newer, and older devices. If you’re a Nokia phone user, be sure to follower @WPNokia on Twitter to keep abreast of any new developments regarding the application.
This announcement means that WordPress is now available on BlackBerry, Android, the Apple iPhone, and now Nokia phones. Congrats to Matt and those involved with spearheading the individual open-source projects that make up the phone applications. Speaking of open-source, if you want to get involved with the Nokia application project, visit the WordPress For Nokia Development page on the Codex.
Protecting WordPress Login Credentials From FireSheep
There’s been a lot of hype around a new tool that was released not too long ago called FireSheep. In a nutshell, FireSheep is an extension for FireFox that monitors the airwaves of public Wi-Fi to sniff out login credentials to popular websites such as WordPress.com, self-hosted WordPress installations, Twitter, Facebook, and more. Once those credentials have been located, FireSheep makes it easy for you to use them in order to gain access to someones account. In all actuality, this vulnerability is nothing new and has been around since the days wireless access was created. The only way to protect yourself from this vulnerability is to use an encrypted connection between your machine and the web server. This is typically handled via SSL.
If you want to protect your credentials for your self hosted WordPress installation, the following Codex article, Administration Over SSL is a good start. I’ve also learned thanks to Otto that the WordPress app for iPhone is also at risk from having credentials sniffed out because the app uses the XML-RPC protocol. Even using the app over 3G instead of Wi-Fi does not protect the data from sniffing.
We have a thread ongoing within the Tavern forum talking about FireSheep and data sniffing in general. As Otto points out, when in doubt, use encryption.
Plugin Authors And The Activation Hook
This post is an FYI to plugin developers. According to Scribu who posted on the WordPress development update blog, If you were using register_activation_hook() to also handle updates from older versions of your plugins, you will not be able to do so any more in WP 3.1: [16012]The activation hook is now fired only when the user activates the plugin and not when an automatic plugin update occurs. This is consistent with how the deactivation hook works.. There is a proposal for a register_update_hook instead within ticket 14912.
All plugin authors should read the post and the associated tickets to make sure your plugin will check for updates properly after WordPress 3.1 is released.
WordPress Projects Still In Huge Demand
The largest search engine for work-from-home and freelance jobs DoNanza has released their quarterly State of the Work-From-Home and Freelancing Economy trends report. Based on their findings, WordPress is still the king when it comes to demand for use in projects as it had six times the amount of projects when compared with Joomla and Drupal. However, the report also shows that while Drupal has the least demand, project developers earn the most with an average project cost of $915.00. Joomla projects average $473.00 while WordPress averages $455.00.
One of the more fascinating statistics from this report is the site development as % of the total project. WordPress is the lowest at 18%, Joomla at 23% and Drupal with 31%. This means that Drupal users are looking for freelance support and development work from the get go as opposed to WordPress where users are attempting to build their sites themselves without outside development. This is a great stat for WordPress as it really shows how easy it is to work with the platform. It’s also a good sign of the rich third party community established around the platform where there is usually a theme or plugin that fits the needs of an individual.
On the flip side, there is the 3rd party development as % of total projects. Joomla leads the pack at 29%, Drupal at 20% and WordPress with 16%. According to DoNanza CEO Liran Kotzer,
“This proves that Joomla has a very active market allowing people to create and sell the third party extensions they have created for other Joomla platform users”
Being a former Joomla user myself, the Joomla community had a pretty good commercial market 3-4 years ago. In fact, it was so good that I felt as though if I wanted to do anything cool with Joomla, I had to pay for it. Thankfully, it doesn’t seem to be that way anymore but their commercial market is maturing. WordPress on the other hand is still in it’s infancy when we look at the commercial plugin/theme landscape. Sure, commercial themes have been offered for a few years and perhaps even a few plugins but the biggest difference between WordPress and Joomla when it comes to commercial offerings is that, the WordPress userbase has been accustomed to FREE. Free themes, free plugins, free GPL, the mind share in the WordPress community is all about free. However, during the course of this year and into the future, there will be an explosion of commercial plugins, themes and services centered around WordPress as that mind share barrier begins to erode. It’s a good thing to because there are some kick ass commercial products available for WordPress, such as GravityForms.
The report goes on to show that PHP, Translation, and HTML are still the top three requested skill sets. WordPress increased it’s rank by 1 at the number 7 spot.
I know that a large amount of consultants read WPTavern.com. What do you think of these trend results by DoNanza? Do they match well with what you’re seeing or do you think they have missed the boat?
Should Easter Eggs In WordPress Be Removed?
Once again, the discussion of WordPress and Easter eggs has popped up on the WP-Hackers mailing list. This time, it was a story shared by Eric Mann regarding a client of his who thought their website was hacked after accidentally triggering the Easter egg where you compare a revision to itself. The question Eric asked was whether or not there was a way he could turn it off to shelter clients from experiencing that behaviour. The discussion then turned into the best way to turn off Easter eggs in WordPress either through a define via the WP-Config file or an EasterEggs.php file but there was also a solution using Javascript that was shared later on in the thread.
After reading the discussion I always find it hilarious imagining someone stumbling across the Matrix Has You Easter Egg and then freaking out as if their site had been hacked. But after giving it some thought, I think this is one of those Easter Eggs that is too easily accessible for common folks to trigger. If people think there is an ANY key on a keyboard, it’s quite possible then to think this Easter Egg scares people. Over the course of the past year, the discussion of WordPress and Easter Eggs, more specifically the Matrix one has been discussed multiple times, each without a solution.
I don’t want to see Easter Eggs in WordPress disappear but I also don’t want end users accidentally doing something that causes them to flip out. I think the fun involved with the Matrix Easter egg has run its course and the revision compared against itself should instead show a warning or an error. So with that, I have a poll question for you to vote on. I’m also interested in your comments regarding WordPress and the Easter Egg situation.
Should Easter Eggs In WordPress Be Removed?
- An Easy Way To Disable Them (38%, 53 Votes)
- No (31%, 43 Votes)
- Yes (25%, 35 Votes)
- Just Remove The Revision Comparison Easter Egg (6%, 8 Votes)
Total Voters: 139
Loading ...
Getting Started With WordPress Starter Kits By Max Foundry
I received an email a few weeks ago giving me the heads up on a cool concept called WordPress Starter kits by Max Foundry. Max Foundry is in the business of of making themes, plugins, and starter kits for WordPress. While they currently don’t have any themes available for purchase or download, they do have three starter kits.
Each starter kit is free but requires you to give Max Foundry your email address before you can get access to the starter kit download links. You can choose whether or not to receive information from them in the future which is a good thing if all you really want is access to the starter kits. I decided to give the kit using the default WordPress commenting system a try. While there are three kits available with the same bundled plugins and themes, the main difference between them all is the commenting system which can be the default one in WordPress, Disqus, or IntenseDebate. On the Max Foundry website, I found the following text:
There’s no need to worry about using an old version. We’re always keeping our blog starter kits up-to-date with the latest versions of the included themes and plugins.
This was my biggest concern as in the past when plugins have been bundled with WordPress or a theme, they have been out of date. I’m happy to report that after installing the default commenting system starter kit, all of the plugins were up to date. One of the caveats however to using any of the kits available is that they install WordPress into a sub-directory called WordPress. You may be able to get around this with some finagling but I didn’t go to that extreme. I have a feeling that the sub-directory requirement may put a lot of people off since in most cases, WordPress is installed in the root directory.
While the starter kits are a nice idea, it still doesn’t get us to the holy grail of specific installation profiles. However, the starter kits are a nice way of getting a user up and running with WordPress with a selection of decent plugins to play around with as long as they don’t mind giving up their email address.
Recorded Sessions From WordCamp Detroit
I’d like to take this opportunity to thank the folks over at PollDaddy.com for sponsoring my trip to WordCamp Detroit. Without their support, I would not have been able to attend. If you’re looking for an easy to use service to poll your readers or conduct surveys, definitely give them a try. I suggest taking a look at their brand new product: PollDaddy Quizzes which is great for teachers, marketers, or trainers.During day one of WordCamp Detroit, I was able to successfully record six different sessions. Here they are for your listening pleasure. Do your best to imagine the slides that were presented during each presentation or, you can find links to most of the slides for their presentations on the WordCamp Detroit schedule page.
Todd J. List – Whats in a theme? – Todd has a unique strategy for finding the right theme for your WordPress blog. Here he will open his ideas to you. Download the MP3 here.
Anthony Montalbano – Theres a Plugin for That – Anthony will be sharing a library of plugins to make your WordPress blog do virtually anything you can imagine. Download the MP3 here.
Justin Popovic – SEO and Social Media for WordPress – Justin will share his expertise and game plan for taking a hold of your SEO and social media efforts on your WordPress site. Download the MP3 here.
Ross Johnson – 10 ways to speed up WordPres – Ross will walk you through the many ways you can increase the performance of your WordPress site. Download the MP3 here.
Shayne Sanderson – PHP/CSS for Beginners – Shayne will be giving us a basic overview on how easy it is to edit your WordPress sites by modifying PHP and CSS. It’s easier than you think! Download the MP3 here.
Ryan Imel – Understanding WordPress Multisite – WordPress Multisite (previously WordPress MU) is receiving more attention since the release of 3.0 than ever before. Learn how to use Multisite to improve your development practices and build out networks intelligently. Download the MP3 here.
Interview With Two WordCamp Detroit Attendees
During the conference, I randomly pulled two people aside attending the event to get their take on how things were progressing. I wanted to know if they had learned anything new and what they thought of the event overall. The attendees are Rick McGrath and Ana Kelly both whom work for Resonate Web Marketing. During the interview, we get to hear about their experience using WordPress as well as their favorite features of the software.
WordPress, Disqus, And Spam Comments
By Jeffro on November 5, 2010
Within the comments of the post, Daniel Ha who represents Disqus confirmed the behaviour and noted that it would probably be fixed in the next release of the plugin.
Share this:
Posted in News | Tagged comments, disqus, spam | 5 Responses