For the first time that I can remember, WordPress has been rejected from the Google Summer Of Code mentor ship program. This was an unexpected move, especially considering how WordPress has been a part of the program for the past few years. As you read through the comments of the post, quite a few people have expressed disappointment. However, if the experimental approach to WordPress development that is currently taking place with 3.4 via the aspect of teams is successful, WordPress could conduct a mini Summer Of Code event with each major release of the software, minus the big paycheck. It would also eliminate the age restriction that is currently part of the Google Summer Of Code. It’s unclear as to why WordPress was rejected but the reason is expected to be given at a meeting within the next week or so.
WordPress.com Welcomes Posterous Users
It was’nt long ago when Posterous looked poised to take a big chunk of market share away from WordPress and other sites such as Tumblr. But alas, Posterous will become yet another internet memory as they’ve announced that the talent behind the service will now be apart of Twitter. While Posterous will remain online for the foreseeable future, users have already started flocking to different services such as WordPress.com, who have experienced a 250% increase in imports from Posterous accounts since the announcement.
WordPress Not The Direct Cause Of Mass Site Attacks
Sucuri has published more information regarding the compromising of at least 30,000 domains. Based on their research, they are ruling out the possibility that the attacks are taking advantage of a new vulnerability within the core of WordPress.
The first question is how are these sites getting hacked? On all the cases we analyzed, they either had outdated versions of WordPress, or of a plugin. We can safely rule out any new vulnerability on WordPress itself.
To stay on top of the latest malware threats on the web, you should subscribe to their RSS feed. Perhaps the more people that realize this stuff is happening on a daily basis, the more it will persuade them to keep sites, plugins, and themes updated.
Interesting Take From A Female Developer
This past weekend, I gave my first ever solo talk on WordPress development, with just a hint of UI love. I’ve taught classes on web/digital media and talk to/perform in front of lots of people all the time, but this was my first ever “stand up in front of a room of geeks and go”. It was awesome. I think I kicked ass. My code got the once-over and blessings of some developers that I and many others respect very, very much. And you know one of the comments I got over and over? “It’s amazing/surprising/something-allegedly-positive-but-expressing-a-contradiction-to-perception to see a female developer.” 5
Guess what.
That’s not a helpful comment
An interesting read from an Asian, female WordPress developer and how people like her shouldn’t be viewed as an anomaly.
2012 Theme Customiser In WP 3.4
As tweeted by MarkMcWilliams, some of the theme customization options for the TwentyTwelve theme have landed into WordPress 3.4.
Getting Started With Designing Your Site
BloggingPro.com has a good starter article on tips for designing your blog. Within the article, Amanda mentions that while most bloggers get the writing aspect of the job, design is another beast entirely.
When people talk about the perfect blog, they always focus on content. The content of a blog is obviously extremely important, and in most cases the content is what decides whether a blog will be successful or flop like a fish out of water. However, the design of a blog is also extremely important. Many bloggers understand the writing aspect of the job, but it’s the blog design that causes frustration. Because creating a blog involves a little bit of web development and web hosting knowledge, so many writers feel a huge weight on their shoulders. Once bloggers have WordPress and other plugins mastered, they sometimes don’t even know where to begin when it comes to design.
She’s dead on. When I first launched WPTavern.com, I felt brave enough to hack away at a theme’s layout I enjoyed and applied my colors via the CSS file for the sites first design. It came out dark, with hues of grey and blue with colorful links. Not the prettiest site on the web but as a personal preference, I liked it. Then, I started searching around at the various WordPress commercial themes and noticed quite a few that looked like they would be perfect for the site. However, when I purchased the theme and tried to apply my vision, it never seemed to work out. I think I’ve spent about three to four hundred dollars on themes that I thought would be perfect but ended up being too complicated or not what I had in mind.
I cringe at the thought of redesigning WPTavern.com by myself because I’d much rather focus on content versus the design. I’ve dipped my hand into the design area enough times to know that I’m a stones throw from creating designs that are as wacky as the world of Dr. Suess.
How many themes have you purchased to fulfill your vision but ended up putting them up on the shelf?
WP Pro Business Giving Away $9,000 Worth Of WP Stuff
This is one of the largest WordPress giveaways I’ve seen in a long time with a total value of around $9,000.00. Adam Warner formerly of WPModder.com is now concentrating his efforts on WP Pro Business which is a website aimed at providing the tools and knowledge to help propel businesses and individuals to success using WordPress. Adam explains the giveaway in a little more detail via the following video.
Adam is a good guy and did a great job with WPModder.com but if you’re wondering how he’ll use the data obtained from the giveaway, the following text can be read on the bottom of the giveaway page:
Information is collected through the supplied Rafflecopter.com widgets and (an optional) email subscription form. Entry emails are collected in accordance with Rafflecopter.com and AWeber.com terms and conditions. By entering this giveaway you agree to receive email communications from giveaway sponsors including prize notifications and new product updates.
You’ll have to decide before you enter on whether you want to go through the hassle and delete your email address from each sponsors list if you don’t win. Hopefully, it’s as simple as deleting one email address from WP Pro Business and that will cover the gamut for all future communications. Then again, you might not mind receiving an email here and there from the people sponsoring this giveaway.
Your Chance To Work With WordPress In Oslo, Norway
Ryan Hellyer who has been a long time member of the WPTavern community has given me a heads up that Metronet is currently looking for a WordPress Code Poet. Sounds like any other typical WordPress job posting right? Well, that is until you read the following lines within the job posting: “The opportunity to live and work in Norway, the best country in the world according to many surveys. Assistance with relocation and accommodation.“. So if you’re a WordPress Code Poet looking for an opportunity to work in Oslo, Norway this may be the best chance you’ll get! I’ve also learned that Ronald Huereca who wrote the book, WordPress And Ajax and who is the author of the Ajax Edit Comments plugin is a part of this development company.
If you’re interested in the job opening, you should highly consider the fact that they are only looking for people who are willing to relocate to Oslo, Norway at this point.
Phoning Home To Plugin Authors
Reading through the WordPress Hackers Mailing list, Nuno Morgadinho wanted to know how to track user engagement with a commercial plugin that is being developed. The metrics that they were most interested in were the following:
- how much time has the user spent playing with my plugin since plugin activation ; - what is the normal usage of the plugin (once a month? once a week? once a day?) ; - while navigating through the plugin does the user go back and forth a lot of does he follow a certain pattern?; - etc.
While the developer would like to use this information to improve the experience of using the plugin, I can already see the people with pitchforks lining up to take this developer out if were not done correctly. Thankfully, Eric Mann has already chimed in with words of warning about how users do not like to find out about third party tracking, especially after it’s already occurred without knowing about it up front. Personally, I have no problem with what the plugin author is trying to achieve as long as I have the option to say no aka, Opt-Out or more preferably, Opt-In. I’m willing to bet that most WordPress website owners feel the same way. If not, feel free to tell me within the comments of this post.
However, I have to point out that according to the WordPress Plugin Repository Guidelines, plugins are not allowed to “phone home” without the user’s informed consent.
No “phoning home” without user’s informed consent. This seemingly simple rule actually covers several different aspects:
No unauthorized collection of user data. For example, sending the admin’s email address back to your own servers without permission of the user is not allowed; but asking the user for an email address and collecting if they choose to submit it is fine. All actions taken in this respect MUST be of the user’s doing, not automatically done by the plugin.
All images and scripts shown should be part of the plugin. These should be loaded locally. If the plugin does require that data is loaded from an external site (such as blocklists) this should be made clear in the plugin’s admin screens or description. The point is that the user must be informed of what information is being sent where.
In general, things like banner or text link advertising should not be anywhere in a plugin, including on its settings screen. Advertising on settings screens is generally ineffective anyway, as ideally users rarely visit these screens, and the advertising is low quality because the advertising systems cannot see the page content to determine good ads. So they’re best just left off entirely. Putting links back to your own site or to your social-network of choice is fine. If the plugin does include advertising from a third party service, then it must default to completely disabled, in order to prevent tracking information from being collected from the user without their consent. This is the method commonly known as “opt-in”.
Note that if you do include what we consider to be “advertising spam”, or attempt to game somebody else’s advertising system, then we will not only remove your plugin, but also report your code to the advertising system’s abuse mechanism as well. We do not react kindly to spam. Don’t try it.
After reading those guidelines concerning phoning home, consider that WordPress itself phones home data without the user ever having a chance to make an informed decision on whether to allow it or not. If you have time and want to read a passionate and heated discussion centered around this very topic, I encourage you to read the following forum thread – WordPress And Phone Home, started in 2009 by Elpie. Within the thread are arguments on what should and shouldn’t be collected, how disclosure should be handled, what is and is not publicly available information, last but not least, reasons as to why what WordPress does and how it does it is ok. While I’m a big fan of the repository guidelines, I don’t understand why plugin authors have to phone home with informed user consent while WordPress can phone home without informed user consent. What’s the difference between the two?
If you’re interested in knowing what data is sent back from a WordPress installation back to the mothership, Eplie has laid out a detailed post showing exactly what is sent.
*UPDATE* According to Otto, Core, Theme, and Plugin update checks do not phone home to WordPress.org.
99 Different WordPress Related Websites To Watch
Are you one of those folks who can’t get enough WordPress in your RSS FeedReader? If so, WPMU.org has published their list of 99 different WordPress related websites. The list was comprised via publicly available data and is completely objective. It was cool to see WPTavern come in at number 14 but I would have been happy to see the site make it anywhere on the list. Out of those sites that have made the top ten, the only one I don’t recognize is http://bavotasan.com/. In fact, I’ve never heard of the site until reviewing this list. The only thing missing from the post is the ability to take an OPML file and import the sites directly into a FeedReader. At any rate, I’ll have a good time visiting each one of the sites that I don’t already know about and manually adding them to my list. I could always use more great articles to link to for those days where it looks like nothing is going on.