Select Page

WordPress 3.5.2 is here – time to update your site

WordPress 3.5.2 is here … and it’s not to be confused with the 3.6 beta releases. Being a point release, you shouldn’t expect significant changes. WordPress 3.5.2 is a security release, which means it’s critical that you update your site.

What’s in WordPress 3.5.2?

The release note for this specifically looks to address a bunch of security related issues:

  • Blocking server-side request forgery attacks, which could potentially enable an attacker to gain access to a site.
  • Disallow contributors from improperly publishing posts, or reassigning the post’s authorship.
  • An update to the SWFUpload external library to fix cross-site scripting vulnerabilities.
  • Prevention of a denial of service attack, affecting sites using password-protected posts.
  • An update to an external TinyMCE library to fix a cross-site scripting vulnerability.
  • Multiple fixes for cross-site scripting.
  • Avoid disclosing a full file path when a upload fails.

How to Update Safely

This is very easy to do from any logged in user page – but you should always follow a pre-update checklist that helps to avoid many problems.

  1. Make sure you have a current WordPress database backup. Using DBC Backup 2 makes this easy.
  2. Enable your WordPress Maintenance mode page.
  3. Disable any / all plugins
  4. Run update
  5. Update any plugins that also got updated
  6. Enable all plugins that you need
  7. Check for any new issues
  8. Disable your maintenance mode

Having Problems with this update? then read 3 steps to recover from WordPress website killers

Still Need Some Help? Then I’m available …

If you’re still stuck … get in contact and I’ll be happy to help you out.

WordPress 3.5 – Welcome! My plugins are tested and working.

In case you hadn’t noticed — WordPress 3.5 is here. This release has one great new feature – the replacement for the media library and the drag n drop uploader has changed.

WordPress 3.5 screen

My Plugins Tested are ready to go

I’ve been testing and checking my plugins over the past few months and they are all fine and ready to use 🙂

If you do spot anything or have any questions please let me know.

How to get started with WordPress Stack Exchange. Or How I got to 1000+ rep in 4 weeks

There are lots of ways to earn reputation points on WordPress Answers on Stack Exchange. If you develop or are seriously interested in WordPress then go join WP Stack Exchange immediately.


profile for Damien at WordPress, Q&A for WordPress developers and administrators

Why bother with WordPress Answers?

Well let’s just say that it’s a nice way to ‘pay it forward’ – that’s to say if you give helpful answers you’ll get helpful answers.

How to grow your reputation on WordPress Answers

Stack Exchange is much like other social network – you earn reputation points and badges for doing stuff. Here are some sure fire ways to get more reputation points

1. Complete your profile. It gets you a badge

2. try reading all the FAQ’s at http://wordpress.stackexchange.com/faq youll get a badge for that and

3. check your priveldges. http://wordpress.stackexchange.com/privileges

4. Answer questions before asking a question.

5 Be careful to not go asking questions that get you negative rep.

If you want to see who I’m helping or what I’m doing on WordPress Answers here is a link to my profile

8 points to help you choose the right WordPress e-Commerce solution

WordPress is a very versatile solution for e-commerce. There are many ways you can integrate or setup e-commerce with WordPress allowing you to sell goods and services at the same time as blogging or promoting them.

Most of the available options are just plugins, a quick scan of the WordPress plugin repo will show there are plenty of options from donation buttons for PayPal to integrations with Magento.

What WordPress E-Commerce Solutions are there?

A very good e-commerce solution should include a plugin and ‘work well’ with your theme. There are some very good ecommerce solutions for WordPress including:

WooCommerce – Free plugin and has a number premium extentions like table rate shipping, payment gateways and themes – Sth African parent company with 30+ ecommerce extensions and 90+ WP themes

Jigoshop – Free plugin and WooCommerce was forked from this – UK based company who have experience in Magento and WordPress

– WordPress ecommerce by Get Shopped is one of the best known and oldest options around. It has a free plugin and premium versions which include features like table rate shipping and other payment gateways – NZ based company

WPMU – has an annual premium membership site which includes many e-commerce and membership type options – AUS based company.

How to choose the best WordPress E-Commerce Plugin

Personally I think choice comes down to other factors (besides themes and plugins):

  1. Payment gateways (who they want to use for payment and is there an extension for them.
  2. Payment options & subscriptions (one off, monthly recurring)
  3. How technical / skilled is your customer for setting up and managing an e-commerce shop.
  4. What other marketing / sales promotions will they want (like cross linking / upselling content)
  5. Do you need to manage variations of the same product (by colour or size / weight / length)
  6. Delivery options / couriers – eg Royal Mail here in the UK, has a plugin for WooCommerce
  7. Will you need to develop extra bits to integrate it with your theme?
  8. What type of SSL and security do you need?

I can say it is likely that GetShopped or WooCommerce can do all of these so it will be a matter of adding up the cost of the premium fee and extension plugins along side your SSL and other server costs.

There are plenty of other WordPress ecommerce solutions, but many of them will not meet all 8 of these requirements

Remember Magento?

Dare I say it … you should always compare this to Magento which is also a LAMP stack / PHP / Apache / SQL based ecommerce solution.

Need some professional help with WordPress? want to setup your own e-commerce website? Got in contact now via e-mail or call +447919110638

Linkage

This originally appeared as answer of mine on Stack Exchange

Pros and Cons of Post Formats vs. WordPress Multisite

WordPress is a flexible solution for web publishing. Post Formats were introduced a couple of years back to help users and developers to create content in one WYSIWYG Editor but show it differently on the site. I’ll start by saying that there is quite a bit of press about why there is a general lack of support by theme developers for post formats (see one example below).

This is taken from an answer of mine on Stack Exchange

– If you have a theme which doesn’t support post formats (most don’t) then you can’t start this way. Developers are not adding them as Custom Post Type is the more flexible solution (for managing and displaying content of different ‘types’).

– From a development perspective, if you want to write a query to just find posts of the format Aside that is easy, but to find just standard posts you have to do a query to exclude post formats aside, quotes, etc, etc, etc). So it’s a pain to code for.

– If you wanted to have different themes, views and layouts and domains, for each content type, then that’s far easier to do with WordPress multisite network and much harder with post formats

– All post formats (asides, standard, quote, etc) are included in your WordPress loop so by default they will get included in any RSS feeds or custom WP queries, which means you end up un-necessarily, having to re-code ‘a lot’ to exclude post formats from places where you don’t want them to show.

– Which reminds me, WordPress MU Sitewide tags will allow you to agregate all content from your sites into one master blog. This is what I do if you have a look at http://wordpress.damien.co and http://damien.co

Linkage

WPMU

WordPress database backup plugin launched – DBC Backup 2

Announcing DBC Backup 2, a WordPress plugin to backup your WordPress SQL database is now available from WordPress Plugins.

DBC Backup 2 creates a SQL export and saves a compressed file to your web host server. Many web hosts provide large amounts of free space for storing your data so it makes sense to use this free space to safely store your database.

Key Features

  • Save time – set a Batch Job to run daily, weekly, monthly
  • User Control – User defined path to store backups
  • Compact – Compression of SQL exports (Gzip or Tar) saves space
  • Safe – the export folder is ‘protected’ from prying eyes or direct downloads
  • Save money – Uses web host to store export backups

Screenshot 1

Revival of DBC Backup

The plugin is a revival of a much older plugin that I have used for a couple of years now. If the original developer gets in contact, I’d be happy to share the SVN repo keys.

Installation

1. Upload the plugin dbcbackup to the `/wp-content/plugins/` directory
2. Activate the plugin through the ‘Plugins’ menu in WordPress
3. Go to the Settings page ‘DB Cron Backup’ from the main men.
4. Configure the plugin settings and you are ready. You’ll need to know your server path to a folder you want the backup saved.

* If the plugin can’t create the export directory you will have to do it manually and don’t forget to chmod 777 it.
* If you are upgrading, deactivate the plugin first and remove all old files, before starting.

Download Now

Frequently Asked Questions

Why create a server based back-up?

It makes sense to me to keep the SQL database backup where you will most likely need it if something goes wrong. Many web hosts provide a large amount of free space for you to store files. So rather than having to pay someone else for storing your database backup you can use the free space you already have.

Aren’t server based back-ups insecure?

Not really, server based back-ups are only unsafe if your server is prone to fail or poorly protected from hacking.

I want to make my backup more secure

That’s easy, the plugin creates a .htaccess file in the backup folder. You can open this file and add to this code. The backup folder is protected against browsing or direct file access.

Does The plugin takes a backup whenever I setup a specific cron job

If the time of the cron is before the current time the wp cron system is adding the cron job to run at the next page view, despite how long ago it is set.

Why don’t any compression formats appear?

Because Gzip and Bzip2 are not installed on your server.

Does this work for multisite?

Yes if you are site admin then each site can run its own version of the plugin and backups of the SQL database can be created.

Linkage

WordPress.Org DBC Backup 2