Since our last roundup, we’ve had the pleasure of attending ExpressionEngine Conference and meeting up with all of our friends, old and new alike, in the EE Community. We were also proud to have the opportunity to speak at this year’s event, slides of which we have shared at the bottom of this post. Now, if you follow us on Twitter, Facebook, and Google+, you’ll you know that in addition to ExpressionEngine content, we also like to share the best Magento and WordPress articles that we find each month. Here are the best from September and October. Enjoy and let us know if we missed anything important in the comment section.
WordPress professionals work with the world’s favorite content management system every day and develop an intimate knowledge of the best way to build and manage WordPress sites. We wanted to understand how the most sophisticated WordPress users approach creating a great experience for their clients, so we asked some of our favorite WordPress professionals about their secret formula for creating the ideal WordPress experience.
The answers were varied: some focused on the technology, some on creating an elegant user experience, and some on the finer details of content management. In this article, we’d like to share a collection of the most insightful responses we received.
I’m sure that we’ve all experienced issues that deal with file lock (flock) contention. More often than not, within the Nexcess tech community, we see this occuring in Magento (typically the sessions files). As such, I figured I’d put throw together something that will allow you to troubleshooting what’s going on more efficiently. Firstly, lets review the two basic types of locks:
Data visualization and data journalism are becoming increasingly important to the modern media landscape. More data is available for public analysis than ever before. Data-focused journalists like Nate Silver and Ezra Klein have made a name for themselves with reporting based on hard-nosed analysis of empirical data sets. Both are in the early stages of establishing new media outlets, FiveThirtyEight and Vox respectively, that promise to take a different approach to reporting from traditional media.
The massive availability of data is a great opportunity for bloggers and businesses to delve into serious analysis, but making the most of data journalism involves data visualization. No one want to pore through massive tables of data and walls of dry text.
Law offices tend to be fairly conservative when it comes to technology. I know some who haven’t changed their content management system for years. “If it works, don’t fix it” is a great philosophy, but wrestling with ancient content management systems is a frustrating and unrewarding task — it certainly doens’t encourage busy lawyers to keep their sites’ fresh with new content.
Many lawyers see the advantage of writing a legal blog. It’s a powerful way to demonstrate expertise and understanding of client issues, as well as build a loyal audience, particularly among potential clients with interests that correspond to a lawyer’s area of specialization. Legal blogs are also, of course, an excellent way to capture search traffic — those who don’t blog are putting themselves at a disadvantage and failing to exploit the full potential of their website.
WordPress is without a doubt the most popular content management system. But that doesn’t necessarily mean that WordPress is the right solution for lawyers. In this article, I’d like to explain why I advise lawyers who seek my advice to use self-hosted WordPress.
All of our managed servers were patched for CVE-2014-6271 (the “shellshock” bug affecting the Bash shell used on most Linux- and Unix-based systems) on the September 24, 2014. As that was later found to be incomplete (resulting in bug CVE-2014-7169, or “Aftershock”), a second patch was applied today (September 26, 2014). If you’d like to read more about the bug, please see the Wikpedia entry at http://en.wikipedia.org/wiki/Shellshock_(software_bug).
As always, if you have any questions or concerns, feel free to contact us at email@example.com.
The Heartbleed bug was one of the worst online security vulnerabilities in recent memory, allowing an attacker to read chunks of a server’s memory that might contain private keys, authentication credentials, and other sensitive data. In the wake of Heartbleed, it’s a good time for WordPress site owners to audit their security procedures and implement mechanisms for keeping their site and its users safe. Two-factor authentication is one easy-to-implement security strategy that makes life more difficult for hackers.
The normal username / password combination can be thought of as one-factor authentication. There is one secret token that will grant access to the site. Two-factor authentication adds another token, which can be generated in various ways: most commonly by using an application to provide a one-time password, a physical token like a Yubikey, or a biometric factor like a fingerprint.
Knowing it’s hard to keep up with all the great content around the web, each month we gather up the best Magento, ExpressionEngine, and WordPress articles for your convenience. If you’re new here, these posts feature a mix of news (i.e. the release of WordPress 4.0 “Benny”), helpful articles, and just generally interesting industry happenings. Looking ahead, this month we will be attending Meet Magento New York and well as ExpressionEngine Conference at the beginning of October. If you’re at either of these events, make sure to stop by and say hello. If you’d like more great content on a day-to-day basis, follow us on Twitter, Facebook, and Google+. Enjoy and let us know if we missed anything important in the comment section. Otherwise, here’s the best from August and September.
Nofollow tags are frequently misunderstood. In this article we look at nofollow tags, their rationale, and how to nofollow (or “dofollow”) links on WordPress.
Google’s success as a search engine was largely based on its founders’ development of an algorithm that used incoming links as a signal of a page’s quality. The idea is that the more people who choose to link to a page, the more valuable the page is likely to be to other people. Although Google and the other search engine operators have increased the complexity of their algorithms considerably since the early days, links still play a fundamental role in determining search engine ranking.
However, not all links are trustworthy for the purposes of determining a page’s quality and value. They are only useful if they are “editorial” links — links that are created because the value of the content is what motivated the link. Because there are various other reasons that a page might be linked to, Google decided to provide a mechanism to signal that links should not be followed by search engine crawlers. That mechanism is the nofollow meta tag, which looks like this:
Most WordPress users knows that WordPress plugins should be updated. Updates frequently include patches that fix security vulnerabilities. Part of every WordPress user’s routine should include regular plugin and core updates. But there’s another source of potential vulnerability that WordPress users may not be aware of: many themes include bundled plugins and those plugins are not part of the WordPress update interface.
It was recently discovered that some versions of the Slider Revolution plugin contained a critical vulnerability. This vulnerability is a particular problem because Slider Revolution is included in hundreds of premium themes, which means WordPress users are reliant on theme developers to update the version included in their themes.
In fact, the vulnerability was fixed back in February and it only became widely publicized in the last few days. The plugin’s developers quietly patched the plugin, mentioned the fix briefly in their release notes, but didn’t disclose any details. Unfortunately, the vulnerability was known to hackers, but its seriousness was not revealed to theme developers or WordPress users. That result is that many WordPress sites using themes that bundled the plugin are vulnerable. WordPress users should check their themes and ensure that bundled versions of the Slider Revolution plugin have been updated to 4.2 or later.