So, we took a deep dive this morning, and looks like they were storing sFTP (which is just SSH) creds as plaintext, or at the very least in a reversible format. Which is kind of terrifying. Also the impact is really that 1.2 million sites had their filesystems and DBs breached, which has a much wider impact than "1.2 million customers" because it is a breach for the customers of those customers. This is huge. My colleague /u/ramgall was just commenting that we're going to see the after effects of this for years.
https://www.wordfence.com/blog/2021/11/godaddy-breach-plaintext-passwords/
It is not uncommon for larger companies to monitor these lists to see if any of their customers are affected.
I would guess that it is probably legit, but as others have said, don't click the link - go directly to https://wordpress.com/ and check it out for yourself.
And then go to https://haveibeenpwned.com and see if there has been a recent breach affecting you - it may be time to change some passwords.
I would use WordFence Pro for any client that is extra concerned about security. Their team is actively looking for vulnerabilities across the WordPress landscape. Maybe include the security audit as part of your proposal.
Your client's IT dept will geek out over the real time threat defense feed and live traffic monitoring.
A few inaccuracies... when you have a Business plan with wordpress.com you can install any theme you like, can install most plugins too. The minimum plan to use your own domain name is the Personal plan, which does not cost $70
You have some code on your system using PHP Sessions. These files will keep generating forever as long as you're using Sessions. You can delete them on a regular basis, or ignore them entirely, or modify the PHP.INI to put them in somewhere like a /tmp folder, or something else.
WordPress does not use PHP Sessions by default. So something else you're running is doing this. Look for "session_start()" in any of your plugins or themes.
Now, note that PHP will clean up sessions by itself, on a random basis. Essentially, when session_start() is called, there is a random chance for the cleanup function to be called. The probability of this happening is defined by the session.gc_probability and session.gc_divisor settings. This defaults to a 1/100 chance.
When the garbage collector is called, it will cleanup any session files older than session.gc_maxlifetime, which defaults to 1440 seconds, or 24 minutes.
More info on the INI settings here: http://php.net/manual/en/session.configuration.php#ini.session.gc-probability
You may be able to override these with your own PHP.INI settings, but how to do this depends on your hosting service. Ask them how to do it.
To tack on to that if you use single quotes around the code you are echoing PHP will not attempt to parse anything inside of them and will save a fraction of a millisecond of processing and you can keep your double quotes on your class, which is how I prefer it.
<?php if (in_category(5)) { echo '<div class="aircraftinfo"></div>';}?>
Let's Encrypt is great. Cloudflare is terrible.
Here are some reasons not to use Cloudflare: * It's not really free. It's like a drug dealer "First ones free". * Shared SSL certificates * Forced to use Comodo for SSL * Can't use Let's Encrypt for SSL * Can't use your own SSL * Decrypts SSL traffic, breaking End-To-End Encryption. * Cooperates with tyrannical governments * Provides services to terrorists, child pornographers, and so on * Has no "vetting" process for new customers * Does not protect your website from hacking * Doesn't provide any value to 99% of websites * Cloudflare's CEO is an ego-maniac who believes he controls the entire internet.
> Keyless SSL requires that Cloudflare decrypt, inspect and re-encrypt traffic for transmission back to a customer’s origin.
Source: https://www.cloudflare.com/ssl/keyless-ssl/
By doing that, Cloudflare is violating the trust between users and server operators and making the SSL certificate itself worthless. A website cannot be considered "Secure" if the traffic is decrypted by a man in the middle.
So to answer your question, ditch Cloudflare and use Let's Encrypt.
Gooootdamn thank you, fuck. Well gonna work on undoing that, thank you so much for such a quick reply, definitely the noobiest move. I will have to figure out how to move from .com to .org.
I got my domain and my site is being hosted by wordpress.com because that's what I paid for eagerly like a dumbass, i think.
Thanks again and if you have tips on how to undo my whoopsie I will be more than happy to hear
Free for SEO: https://moz.com/beginners-guide-to-seo (they also have training you pay for)
Agree with post above that it’s never ending hard work. Make sure your boss understands SEO doesn’t normally yield immediate results... more of a long term solution. Good luck!
90% of the time when I see this it's either images or video are far too large, as in: not optimized for web use, or lots of plugins loading extra JS and CSS for random features.
Check out google page speed insights:
https://developers.google.com/speed/pagespeed/insights/
Should be a good starting point for you.
Zillow isn't just a website, it's a full blown application that involves everything from cloud infrastructure, horizontal database scaling, reverse proxies/load balancers, caching, microservices, and so much more.
If you look up zillow.com on https://builtwith.com you will see everything from wordpress, Next.js, expressjs, adobe cloud, java EE and more. That's because it's not built on one technology, it's built using all of those technologies.
Honestly, I've run my own WordPress websites for the better part of 10 years now. Having comments open sucks. It's just too much trouble these days. Too much spam, too many trolls. That's why you rarely see them anymore on major news sites.
If you feel like you must have comments, use a system like Disqus. I don't like Disqus, but at least it provides a barrier. It allows users to sign in using their social media or WordPress.com accounts, and you get less of that drive by link dropping crap that will drive you crazy because it is relentless.
There are many other comments plug ins. I haven't looked for one in a while so I can't recommend anything.
I would choose another way to engage with your true fans:
Anything other than website comments.
Your banner section has a background color #2e2e2e and the image has its opacity set to 0.5. The grey you see is a combination of both.
Set the image opacity to 1 - https://elementor.com/blog/add-filter-effects-to-images/
I heard ya'll into starter themes so here's a tldr'ish list of all the best Wordpress starter themes. For those looking for a simple list, here's a table showing all the starter themes.
Let me know if I've missed something or there's incorrect information.
Wordpress.com is kind of awful. Basically, they are a hosting provider that will absolutely use your personal info for advertising or however they see fit.
Wordpress.org is the actual WordPress platform, which is free to use on any hosting you wish. The platform itself does not collect any info about you, though plugins you use on your site may. I've never had to provide a phone# for operating any of my or my client sites.
Generally speaking, and especially if you are concerned about privacy, RUN away from wordpress.com
Wordpress is open source and is free. You are probably thinking of wordpress.com. Which provides hosted wordpress solution. I see absolutely no reason to use it. Go for wordpress.org instead.
As for the theme, I know Divi for example gives you unlimited sites license. Some themes and plugins might restrict usage to a number of sites only.
Keep in mind that themes in wordpress have less to do with design and layouts and more to do with functionality. I am saying this because coming from wix you would probably think a theme determines how your site should look like, but that's not necessarily the case with wordpress. In wordpress, themes give you different functionality, different performance, and different wordpress experience in general.
If you are just starting out, Elemenator or will do. Keep in mind that the more functionality a theme gives you, the more bloated it is and might hurt your site's performance.
Hey guys. Wordfence Founder/CEO here.
We've posted a blog entry here: https://www.wordfence.com/blog/2016/10/removing-falcon-cache-wordfence-heres-need-know/
We're going to give our customers at least 4 weeks to migrate off Falcon to something else. If you need longer, let us know. But we can't make it indefinite.
Long story short, it's what twinsea said: We're focusing on one thing: Security. It's what we know and it's what we're really good at. Caching actually comes with some down-sides and we detail it in the blog post.
Let me know if you have any questions, I'll be visiting here every few hours when I can.
~Mark
My procedure is:
When doing updates: 1. Grab the latest copy of the database and pull that down to my local install, I'll often also grab the wp-content folder if I know there have been changes that need looking at. 2. Update the core and the plugins as required on my local install 3. Push that back out to the dev server for testing (including my local - now up to date database) 4. If everything is good then push to production.
This is generally pretty good but I still have to manually move the database back and forth and I may have to put a busy site into maintenance mode when moving the database around but it usually ensures that broken changes don't go out to the public.
I'm still well on my way to being full stack, but here's what I've learned.
I started in a startup making small business WordPress sites for clients. Usually we just took existing themes and tweaked them a bit to fit the clients needs. I didn't know anything past the WP theme editor and FTP. Soon I began to learn how to build themes from scratch using underscores and learned better CSS techniques. I was still using Windows however I found Sublime Text and it became my main editor of choice. Eventually I found tutorials on Gulp and learned how to code with SASS and automatically minify my CSS. From here I took an interest in Linux and installed Ubuntu. I picked up some basic Git and used that on my WP Theme files, we slowly began to get bigger and bigger projects since I could now do things like responsive design and other cool stuff. I distro hopped from Ubuntu to XUbuntu to Linux Mint to Manjaro, back to XUbuntu and finally rested on Arch. I began to notice that WordPress wasn't the center of the earth and branched out a little to learn programming design and began watching Laracasts videos for learning Laravel. Laravel is now my go to choice for nearly every project except for small business stuff which is handled better with WordPress.
If I could give advice it would be this:
jetbrains php storm is the best ide for php projects (opinion :) and has a lot of first-class support for wordpress. It's free if you're a student and ~$100 otherwise (well worth it) but you can also do a trial or download the beta copy. I've used it to develop themes and it offers a lot of really useful stuff (like autocompleting wp functions and auto indenting based on wp formatting styles). Be Awesome in PHPStorm is a good intro to some of PHP storm's features.
Performance is great for me. I haven't used a pre-built image from their app directory. I get a blank Ubuntu install and use ServerPilot to setup the LEMP (+ Apache) stack. It's so fast that I host multiple sites on a $10 VPS without issue. ServerPilot is kinda like CPanel as you use it to set up your sites, databases, SSL certs (free w/ Lets Encrypt) and more. I can send you a code to get some free usage if you want to try it
I got my websit running wordpress up to 99 (seems to fluctuate between 97 & 99 for some reason)
The first thing I did was go through the stuff google suggested on https://developers.google.com/speed/pagespeed/insights/ and do pretty much all of it.
The next part is harder. I went though all the resources (fonts, scripts, etc) and determined if they were actually needed or not. If they weren't required, I removed them.
After that, I checked to see how much of each thing was actually being used and removed/replaced anything that wasn't pulling it's weight. For example, the theme was pulling in font-awesome, which is huge, for 1 (ONE!) glyph.
I removed FA and replaced it with a small image of the glyph.
I also installed Frank Goossens Autooptimize. There are other autooptimize plugins and I didn't test them all, but this one seems to work nicely.
Far Future Expiration Plugin also helped quite a bit. It just tells the web server to extend the expiration on resources that don't change frequently.
Also I'm hosting on Linode and don't share the processor or bandwidth with anybody. They give you what you pay for.
Sorry, I don't have any idea about WooCommerce, since I don't use it.
It's Google Page Speed Insights, it doesn't actually check page speed, but provide suggestions on ways you could improve your page speed. If you want an accurate measurement of page speed I would recommend GTMetrix instead.
The scores alone are quite meaningless. How does it compare with some sites that you frequent. For example Reddit is at 60/76 for the test.
I'm hoping some other people can recommend some plugins, but I think the common ones used are W3 Cache and WP Rocket.
I host most of my WP sites on DigitalOcean. They have excellent customer service, very simple to use dashboard, decent pricing, super fast servers, and one click installs for common stacks. (This includes WP)
You can really do this with any theme with a single css style. You need to identify the element responsible for the background color, then just add a vertical css linear gradient to it, with the start being your day color, and the end being your night color.
If you want to make a complicated multi-step gradient (to have a sunset effect or something), you can visually generate the gradient using colorzilla's gradient editor
Here is a more complicated example (I didn't bother making the demo responsive, so view fullscreen to get the full effect), that shows off the other sorts of things you can do with color change on scroll, including a basic javascript detect for scroll position, that you can tie to other styles on the page, if necessary. (for example, you may need to change text colors, if you switch from day to night for your background)
The basic Javascript in that second example could also be used to change the background color as a whole, if you prefer to change the entire color of the background at once, rather than using a gradient. You would just have to replace the center section to match your needed logic (where it says // here is where you do any style changes your page needs
).
Jetpack is connected to WordPress.com. They are run by the same group, Automattic Inc. If you install Jetpack on your self hosted site it will connect it to your wordpress.com account.
Wordpress.org (self-hosted) and wordpress.com are completely different. You don't pay for features with self hosted. Avoid BlueHost - they are trash (along with GoDaddy).
Remember to create a swapfile, even if you use the 1-click install, it doesn't create the sawpfile for you.
Your site will crash when you start getting a decent traffic and all ram gets used. Swapfile is an important emergency net and will save you a lot of headaches.
Edit: On this page, takes you step by step how to create one.
This excellent guide by /u/ded1cated was linked to from here a few days ago.
It gets a bit technical, but is very good.
There may be a plugin for something like this, but you're probably better off just learning to style with CSS.
Although this is a list, styling the number of an OL can be very difficult. Better to use a list with various divs and images that you can style.
Here's a fiddle to get you started.
Good luck!
Update: We received confirmation from GoDaddy that the breach also affects tsoHost, Media Temple, 123Reg, Domain Factory, Heart Internet, and Host Europe.
> AND is bundled with Visual Composer and Revolution Slider.
Fuck those 2 plugins man. I wished I knew how bloated those 2 are before using it.
Bought the theme because it's like Top 10 best selling theme.
Used it once and their page builder is soooo slow and messy. There are way too many customization, creating huge room for errors.
Now, I'm settling with the theme from Wordpress.com. I think they are reviewed more tightly. As a bonus, most of them has matching styling between Gutenberg editor and front-end.
Unrelated to W3 Total Cache, I run a high-traffic Wordpress site (~13million monthly unique)..
I actively encourage WP Super Cache + (Varnish if you can) + CloudFlare Pro ( read about optimizations here )
Fake as in licences not working, or what? The problem is you may have now malware if those installed plugins are "nulled", or the fiverr guy added some backdoor, etc., and no level of "reset" is going to help you here, but start fresh somewhere else.
Try restoring from a backup from before the fiverr guy, and scan your site for malware with gotmls/Wordfence and hope for the best.
I created a theme based on Skeleton (http://www.getskeleton.com) that has a lot of my favorite functions ready and primed to go. It's SUPER bare bones so I can make it look however I want. I set that up as a parent theme, then create a child theme for the client to use.
Hi,
This template has been made with https://craftcms.com/ So if you want the exact same layout without much effort, you should look over there.
As much as this Subreddit exists to help people, it is not possible to do the work for the people asking for help.
Your post ask how to design a similar layout, without pointing to any problem you faced. I'll be assuming you've not even started a thing (i.e. you played with a plugin/theme trying to only see if you were able to replicate as is).
Building a website isn't about replicating another one, it's about creating your own getting inspired by other websites you saw.
Maybe if you explain what is important for you in this layout, people will be able to help a bit and advise a builder/theme/plugin that could match your need.
since nobody has mentioned it, I use this tool provided by google;
https://developers.google.com/speed/pagespeed/insights/
Hope this helps!
If he doesn't have phpmyadmin access, he can use the upload manager, or the theme editor to add adminer to his site to access the database to make his own user an admin, or to reset the admin password. He could also use any number of back up plugins to completely pull down a full copy of the site that he could launch elsewhere.
Performance is a factor. Since Disqus or LiveFyer use their own servers and only require a javscript embed https://disqus.com/admin/universalcode/ this allows you to cache the entire page in varnish, nginx, or cloudflare etc
Your content doesnt change often, but comments are very dynamic and can change frequently. This less time you have to hit wordpress/php the more better your server is, the more requests/sec you can handle or more sites on a single server etc
Use a proper, dedicated app for this -- there are tons of easy-to-manage and free options. I use Nextcloud to share files with friends, clients, etc. and it works great. With their installer, you can get it up and running in 5 minutes.
The answer to this is dependent on who is providing your Wordpress site. If you're paying wordpress.com, it's a lot like Wix, and generally you should be able to get in touch with someone there who can help, they likely have a procedure for this. Even if they don't eventually the card you're paying for it with will expire, and once the money runs out, that company will eventually take the site down permenantly.
If it's a self-hosted Wordpress install, wordpress.org, this complicates things initially but does make things easier to get into. You would need to find out where your website is hosted and obtain the account log in information for their control panel. If you're paying for it, they should be able to verify you and get you in eventually. From there, you'll need to access your wordpress database through a tool, usually called phpMyAdmin - in there you'll find the "wp_users" table, and a list of all the users, including the administrators.
If you need to reset a user (or admin) password and don't have their email address, just locate their name here, select the password field, then edit it to be what you want. Before you're done, make sure you select the "MD5" option from the dropdown menu that's nearby. From there, your password will then take effect and you should be able to log in to the site and make the changes you need.
Did you update your nameservers to point to bluehost?
This article might help you : https://wordpress.com/support/move-domain/change-name-servers/
BTW bluehost is trash, you can read reviews on here from users
Looks like NextGen Gallery to me.
I'm basing this off the fact that they're loading a stylesheet with the ID "ngg-custom-gallery-style-css" (minified stylesheet) and Googling that ID led me to a bunch of results regarding NextGen customization.
The hero/header doesn't load for me. It's just a red box.
Get the site on Cloudflare asap.. It's free and should help a lot.
Your images are huge. Huge huge.
Also, use google page insights.
https://developers.google.com/speed/pagespeed/insights/?url=https%3A%2F%2Fericexplains.com%2F
It will give you a list of what is making your site slow. This heavily affects SEO. Your page might have the worst results I've ever seen on it.
Nevermind, I figured it out. Leaving this up to shame myself. Here are the instructions for future bozos like myself: https://wordpress.com/support/move-domain/transfer-domain-registration/
You can either...
A) use Google Analytics to set up an experiment (that's what they call A/B testing). Go to Behaviour -> Experiments.
B) Use Optimizely. I've started using recently and it makes creating the alternative pages a load easier.
There's your choice.... A... or B... heh -_-
If you're planning on accepting credit cards to fund the accounts, finding a payment processor to work with might be difficult. This business model would be against the ToS for almost all the mainstream processors. You'd likely have to apply for a line of credit and go through an underwriting process with a specialized company. There is a massive amount of risk that goes with storing currency.
See: "virtual currency or stored value" https://stripe.com/us/prohibited-businesses
See: "quasi-cash or stored value" https://www.braintreepayments.com/legal/acceptable-use-policy
Not to be biased, but cPanel has a whole software platform built around the capability to section off "accounts" that can be resold, all managed by a root (or similar super user) level account:
https://documentation.cpanel.net/display/CKB/Guide+to+Reseller+Accounts
If you have questions or want to know more, feel free to shoot me a PM.
EDIT: There's also WHMCS which can automate the whole process!
Chrome 45 has a rendering bug. There is a ticket open on Chrome's bug tracker about this issue, hopefully they will fix it soon. It currently has priority 1, blocking beta. This is a good sign.
In the meantime, here is a workaround to eliminate the issue in Chrome.
When you're done, the final result should look like this: https://cloudup.com/cddYghY8fBd
This will disable the problem code in Chrome and allow the menus to render normally.
The plugin solutions being given are for special cases only. They are hacks. Workarounds. They should not be relied on, and removed once Chrome is fixed. Only use the CSS solution if you need to fix a single site for many people. This is a Chrome issue, not a WordPress issue.
You can also explore https://www.bookstackapp.com/ , it should work on any popular PHP hosting. This is if you want to write a book using it.
If you want to build a website / blog around your book then Wordpress is good.
As Wordfence says, the file isn't part of WordPress, and shouldn't be there, especially as it allows people to manipulate the WordPress database. I would definitely delete the file, and if you didn't put it there yourself, it indicates there's a vulnerability somewhere allowing files to be uploaded.
There are more details at: https://www.wordfence.com/blog/2017/07/searchreplacedb2-security/
It would be worthwhile knowing that it's pretty easy to make it look like you're coming from the US... but a bad guy would need to figure out that's what you were looking for first.
I prefer to lock out ip addresses after 5 failed attempts. I use wp-fail2ban (in conjunction with fail2ban) to achieve this.
You need full-blown examples on the first page. Right now it conveys no information - I don't even know what this was until I read your reddit comment. Take a look at how LESS have done it and replicate that - http://lesscss.org/
Why are you not hosting through Wordpress.org? I immediately reject free plugins that aren't available through there because it makes updates a huge hassle, especially considering this is "alpha" and will need lots of updates.
Your top menu changes when click on Themes. This is confusing as the page looks the same and you can't find your way back to the main page or the about page, for example. Stay with just one menu.
If you want something in the middle ground you could go with Cloudways or ServerPilot. They will deploy a lemp stack to Digital Ocean for you and provide some support on it. Cloudways was doing $30 free credit for Black Friday/ Cyber Monday.
Convert it to a WordPress theme. It's not terribly complicated to do, but it will probably take you a while the first time to get it all right.
You might not want to use "ethical" to describe what you're looking for, since it puts an implicit "unethical" tag on every other piece of software, which really isn't fair. In Open Source communities you often hear the phrase "free as in software, not free as in beer". There is nothing about Open Source that prevents people from making a profit. It's about sharing intellectual property, not suppressing business.
As for "Free as in beer" solutions I recommend using OceanWP and Elementor. Both of these products offer very full-featured free versions, that offer more features than most paid theme/builder combos.
They both do offer paid versions, but i have developed many great-looking sites without needing those additional features. If you do need the additional features, the price is more than reasonable.
You should definitely be using the WordPress-bundled jQuery. There is a very high likelihood of you installing plugins that also depend on it. If you bundle your own, you'll end up loading jQuery twice. You could tell WordPress to use a CDN or something for its version, and incompatibilities will likely be slim-to-none, but the WordPress-bundled copy offers the least risk.
​
And you can actually configure Webpack to consider that a library, like jQuery, was loaded outside your bundled scripts and should be available. It's called externals.
One great tool you can use is a Chrome browser extension called Wappalyzer. This will tell you the tech stack that just about any website is running. The quick and dirty way though is to just open up the browser dev tools and search the source code for either the string 'wp-content/themes' 'wp-content' as most themes/sites will still be using the default theme directories. Another little trick you can try is searching the source code for the term "Yoast" as most Wordpress websites are going to be using Yoast SEO for search engine optimization.
Agreed..If you are building client sites on wordpress.com without explicit instructions from the client to do so you are not a professional. Make your own installation on a dedicated server when building for a business customer. If they can't afford that they should not be in business. Yes, Jetpack sucks. Use Woocommerce.
You can use Web.dev, webpagetest or gtmetrix to troubleshoot speed issues. Here's a GTMetrix result for your site.
Top priorities:
A lot of this probably stems from your AJax page loading. Don't try to put everything on your homepage at once. Instead, plan a site structure that helps visitors find what they need.
>Elementor/elementor pro
https://onlinemediamasters.com/slow-elementor-website/
It's pretty easy to get a fast elementor site if you know how to optimize it.
Here are my gtmetrix results of my site:
https://gtmetrix.com/reports/www.lonecbd.com/yZiPHaKe/
It's totally possible and very easy to achieve the same results. It's faster than pretty much any site i've ever tested.
I'd be happy to write up a small guide to all my optimization plugins used if you're interested.
Your definition of clean and objectionable is going to be different to another persons view.
If this WordPress instance is hosted on WordPress.com, then maybe contact them directly. If it's hosted elsewhere, which even looking the source would show WordPress folder like you pointed out, then contact the hosting service, and then they can deem whether the hosted content violates the customer's Terms Of Service.
Keeping Open Source clean, isn't about the content that is hosted or being used by an Open Source Project, it's about making sure Bugs are fixed, and the code doesn't contain malware, or violate people's rights. If you think it means something else, then you need to do some research into what Open Source is, and what each license entails.
The short answer is don't use WordPress.com.
Get a hosting service for your site, install the free WordPress software on that instead. Then you can do as you like. Get the software from wordpress.org.
You could try out cloudflare's free plan; https://www.cloudflare.com/plans/
I believe their plugin can help with cache clearing on site updates too; https://www.cloudflare.com/integrations/wordpress/
I always feel like WordPress.com is a scam because I almost fell for it thinking it was the only way I could get WordPress in the internet without being a dev, the only thing that kept me away was me questioning "but wordpress isn't opensource?" until I researched a lot and understood that there are infinite ways to host WordPress, even in my own pc for learning purpose.
When you register a domain or transfer it to another registrar, the domain will be locked for 60 days. During this period the domain cannot be transferred. It is part of the transfer policy from ICANN and applies to all registrars.
You can to use wordpress.com to point your DNS to your new host. Then after 60 days you can transfer it to a new domain registrar if you want.
If you need help getting file system over to USB, follow this guide
http://www.raspberrypi.org/forums/viewtopic.php?f=29&t=44177
Super easy and works every time. You will get better performance from a powered drive though. Thumb drive will work, but will be slower than if was a powered drive.
Edit : I have not confirmed for myself, but supposedly USB 3 thumb drives are quicker, even though pi only has 2.0
Look into Let's Encrypt for no cost certificates.
Certificates are one per domain, they're no cost so, there isn't a reason not to use certs.
I recently installed their software "certbot" on my Debian VM and it works. Setup is a breeze. It only takes a few minutes, literally.
Since I was also configuring nginx to serve HTTP2 requests and ssl is required for HTTP2.
You have 14 font files to start with...
If you're looking for cheap hosting, than Servebolt is not your cup of tea. But, if you're looking for faster than fast, great built-in scaling then keep reading :))
There's a yearly hosting review done completely independent and without bias called WP Hosting Benchmarks. In those reviews, Servebolt comes out on top and has done so for the last couple of years. You can read up on what they test, how they test and how Servebolt scored here: https://servebolt.com/articles/wp-hosting-benchmarks-awards-servebolt-only-top-tiers/
So sure, not the cheapest, but I'm also certain your bare metal option with whatever you add to it, won't be faster than Servebolt. Why? Because that's the type of clients we onboard constantly. Yes, I work at Servebolt.
We offer free testing for 60 days, so come check us out and see for yourself.
I believe the Futura font is licensed, so you won't be able to use it on your site. You can find something close with this Google Fonts plugin.
If Futura is a must, you could use Typekit to license it.
/u/endlessly_curious , came here to ask this. Without knowing your base level of experience, it's hard to tell you where to start.
You at a minimum need to know HTML, at least basic CSS, and some PHP, and possibly some JavaScript or jQuery, depending on whether you want to go theme intensive or plugin intensive. If you are new to PHP or need a refresher, I like to recommend this free Udemy course for the basics. https://udemy.com/code-dynamic-websites/
I administer a WordPress site on Linode, and I used the Linode StackScripts to do it. You shouldn't really need to worry about firewalls and all that because the linode data centers take care of that on their end. Here's a stackscript that I recommend which will set everything up for you. https://www.linode.com/stackscripts/view/12
The state of commercialized SSL/TLS is horrid these days. LetsEncrypt is the absolute best option, but most hosts don't support them. Do not pay an arm and a leg for a certificate. Even if that means switching hosts to someone who does support LetsEncrypt.
I like that Google and Mozilla are starting to crack down on sites without SSL, but it's unfortunate that it's causing a lot of people to waste money on big name certificate authorities.
they're constantly changing and every network is different...
slowness is caused by the latency of the social media sites servers and the fact that they often load 30+ images, cookies, etc. for that stupid little button...
best thing to do is make your own (with async scripts) or use something like http://www.addthis.com/
You should really dig into versioning (like GIT) to set up staging environments. That way you push changes when they are ready to your 'stable' branche. You choose a deployment tool which takes these changes and push them to your server.
There are many tools around like * http://deploybot.com/ * https://ftploy.com/
You can push/pull DB changes with a plugin like DB Migrate Pro :)
Hosting (Would recommend - getflywheel, A small orange, Vultr, Digital Ocean)
Server (Nginx)
CDN ( Fastly, MaxCDN)
Minifying code
Compressing Images (Jpegmini give the smallest lossless jpeg size i can find and for png use tinypng again i cant find anything thats better than these 2 without making my images look dreadful).
Enabling GZIP
Cut Down on HTTP Requests
Attach Cloudflare to speed up file delivery and protect the site alittle
Caching (Getflywheel does this, if not use a caching plugin)
Choosing a well coded theme / Framework (X-theme, _S, Sage/roots) + same for plugins
Use this tool to found out what plugins may be slowing down your website.
Remove Query Strings
Delete Post Revisions / Clean up the database.
Right Image Format - in almost all cases jpeg will give you a smaller filesize than PNG. Use PNG if you need a transparent background.
Specify your image widths (if you set everything to 100% the browser has to work out how big it needs to display the image. if you do this <img src="image.jpg" width="1000" height="500" alt="Image Alt Text" /> the browser will just go ahead and display the picture at that size instead of working it out.)
Move CSS to the top and JS files to the Bottom.
I'd also take a look at YellowLabTools its free but dosent seem to work with SSL / HTTPS sites yet, but it allow you to see in depth where things may be slow.
Hope this helps.
Seconded. If I were OP and wanted to optimize the website, I would wait until I have a site set up, measure the cost of the bits in question, and have determined that there is a clear need to have those bits removed/refactored. If/when that is determined, I would make a pull request to have it included in the WP core.
If OP is talking about public facing, downloaded assets like CSS, JS, or images, it is likely that any cost associated with those bits that you are concerned about will likely be mitigated by including a caching layer like Varnish or a CDN.
If OP are talking about limiting backend functionality, then there are likely other approved and standard ways to do it.
Forking WordPress could be a interesting academic side project but there's going to be so much additional work and upkeep that I would never consider it for any production website.
I have no experience with either of those plugins, however I'm using the free version of W3 Total Cache and I'm really happy with it.
Considering the website I manage is very small (couple dozen pages and ~100 pageviews per day) this may not be the best metric. But given that it's on a low-budget shared host (limited to 1 GB RAM, 1k IOPS and 1 MB/s bandwidth) I was pretty stoked to see the website's score on Google's PageSpeed Insights improve from around 50 to a consistent 90-100.
There's a lot of stuff you can do to speed it up. "Premium" themes often have way to much stuff in them making the site slow out of the box.
View you Google PageSpeed score here: https://developers.google.com/speed/pagespeed/insights/?url=http%3A%2F%2Fdendearts.com%2F&tab=desktop
Your main problem is, what your super cache tells instantly: "Dynamic page generated in 2.762 seconds."
Basically this is the time the php builds your site, and its quite slow (although I don't think it's extremely slow). First I would install a plugin profiler, which can tell you which of your plugins adds time for this.
Oh and you could use some kind of minify plugin too for packing the included js and css files into one, that could help reducing the load on the server, but won't lower that 3sec php runtime.
The Google PageSpeed tool could be helpfull too: https://developers.google.com/speed/pagespeed/insights/?url=www.toleratedcinematics.com&tab=desktop
You are correct, MAMP is only for Mac computers. Since you are on Windows, I suggest WAMP http://www.wampserver.com/. I'm actually in the process of writing a book on WordPress for beginners and one of the chapters deal with installing WordPress locally. As soon as I finish writing it (should be done in a few days) I am going to be giving it away as a free chapter.
Also, you can also just google "install wordpress locally windows" and you should get some good results.
Nothing against codecademy, but I started my web dev journey with freecodecamp.org. Not only are the courses up-to-date and useful, there is a great community of other campers who are a great resource for learning and making friends.
<code>add_filter</code> to wp_title
and use php's <code>strip_tags</code>, or one-off in a template:
$title = wp_title( '', false ); $title = strip_tags( $title ); echo $title;
Article is basically just quotes from WordPress and the standard "WordPress powers 25% of the web [..]" paragraph. Jump straight to
I got the same email, and it appears to be legit. The link was JUST to WordPress (https://wordpress.com/ <-- copied from the email, it's the main link), the email was actually WordPress. I personally clicked the link as soon as I ascertained the URL was normal.
When it prompts you to change your password, it asks you to enter only your email address or username (I did username), then sends the password reset to that email. So, it's legit. Good call on the haveibeenpwned.
If you don't know your own email address, then there's probably very little that they can actually do for you.
When you go to the login page here: https://wordpress.com/wp-login.php
There's a link that says "Lost your password?". Click that.
Next, there is another link on that page which says "Need more help?". Click that.
On this new "Account Recovery" page, there is a form you can fill out with what information you do know. You will need to give them an email to have them be able to contact you. But essentially, you need to prove that you are the person who created this site, somehow. If you can't do that, then no, you're probably not getting back into it.
The purpose of usernames and passwords is simple: To prove your identity. They can't simply hand over control of a site to you without some kind of proof, because if they did that, then anybody would be able to fool their process and take over any site they liked.
So, you losing your username and password, pretty commonplace. But you losing your email address, well, that's highly unusual. It doesn't make much sense. Email addresses are something you generally use often, daily, and you pretty much keep the same one for your whole life, or close to it. So, yeah. That makes it rather hard to prove the site is yours.
But bottom line: Without some kind of proof or at least evidence of some kind, then you're screwed. Sorry.
That's a wake up call. Classic Editor will end. It's a good time to look into migrating to ClassicPress. Gutenberg can be good in certain projects, but it's a whole lot easier to work with original editor in ClassicPress. It's a great option for anyone needing headless CMS.
A lot of users who needed accessable editor switched to ClassicPress.
The GT Metrix Page tells you what is wrong. To the right of each of the top issues is a down arrow which you can click and a section will appear with quick suggestions, and there is also a a blue "learn how to resolve this" button you can click for generalized information on the topic. For example. hereis how to eliminate render blocking resources, which is something you should do to improve performance.
As far as other things you can do, honestly, not hosting with GoDaddy is a start. They're not known for the fastest websites around. Who your web host is also has a lot to do with performance, their servers could run slow as turtles and some hosts specialize in high performance stuff.
Your site doesn't seem slow, about 3 seconds. https://gtmetrix.com/reports/www.functionallyrestorativefitness.com/QSL6D0ze
Biggest issue is to reduce image sizes.
The way WordPress and themes work, it's nearly impossible to eliminate render blocking elements. But, that's not a huge issue. I'm majority of cases you can get 1-2sec speeds with render blocking elements.
When working with any caching plugins like W3TC or Autoptimize, you have to test various settings to find what works for your setup. Every WordPress site is different, loads different assets, so you need to find settings that work for your site without breaking it.
I would also ditch Jetpack. It can slow down your site.
My WooCommerce site's index page loads in under 2 seconds.
I use the Storefront theme with several dozen plugins.
https://gtmetrix.com/reports/alijammusic.com/1DbbeuBU
I could probably spend hours tweaking it more, and I made a mistake by not using a cookieless CDN.
The two things that improved my score the most:
Autoptimize. This did more than anything else.
Excellent, not-cheap hosting. I use TMD Hosting, have one of the pricier VPS plans, and am very happy.
I generated a report over at gtmetrix for you. Basically tells you what to improve: https://gtmetrix.com/reports/www.toleratedcinematics.com/AMmAMzQX
Specify image dimensions is what you should be doing for a start. You also have a lot of HTTP requests. Minification can help with that. But I can also see these are coming from external resources, so you might not want to combine them but put them into the footer OR use a lazy loading script.
Otherwise it has good speed here in germany.
Yes, it is a built-in feature to do multistep forms.
And.
https://codecanyon.net/item/gravity-forms-salesforce-crm-integration/20174431
https://zapier.com/apps/gravity-forms/integrations/salesforce
Did you bother to use the old googler?
You could send by email. Most carriers have a
address.
Here's a list for the U.S.:
https://lifehacker.com/5506326/how-can-i-send-an-email-via-text-message
How is your OOP? Constructors? Getters? Setters?
React and other declarative frameworks / libraries are hard to wrap your head around until you've had the misfortune of working inside of some big vanilla javascript apps. You might ask yourself something like "Why do I need to write all of this code just to keep track of some simple state?" and you would be right.
You have to write a lot of extra code in React, but the benefits outweigh the costs at scale. The encapsulated state of components will allow you to write your own components and not have to worry too much how it affects the others. Here is a small example: https://reactjs.org/docs/state-and-lifecycle.html
But if you look at that code and think "goddamn that's complicated" - you would be correct. React is hard.
I would recommend you working through the basic Javascript tuorials on https://www.freecodecamp.org/ and progress to the Javascript OOP tutorials. Then progress to React tutorials. You'll need the foundations for them to make any real sense.
WordPress isn't counterintuitive, you're just not used to how a MVC functions it would seem. MVC's seems counterintuitive because we start out development by not having layers in the logic, and all of sudden there's layers to follow.
​
You note something about buying a Pro version, is your mothers website hosted on Wordpress.com by any chance?
If there is no other payment gateway you can get on your plan like PayPal you can hire a developer from codeable.io but I would also recommend to switch from wordpress.com to a website hosted by somebody outside of Wordpress.com. It will save you the money of having to hire somebody because you can simply install one of those plugins, it will be less than the $300/year Wordpress wants, and it will be better for your site in the long run.
Yes, as the other commenter mentioned, there is often a confusion between wordpress.org and wordpress.com -- .org is software, and .com is a service that runs the software.
Definitely go with .org. Get a cheap hosting plan on namecheap or something and you can install it pretty easily.
If you're getting 500 errors, there's a problem somewhere in your LAMP install.
First test, create a file, let's call it test.php and in there put just
<?php phpinfo(); ?>
If that doesn't run or gives errors, then PHP isn't set up correctly.
I use this guide to set up my CentOS installs. Once everything is running correctly, then installing WordPress from the command line is easy. Use this guide: http://code.tutsplus.com/articles/download-and-install-wordpress-via-the-shell-over-ssh--wp-24403
Wordpress.com is not true Wordpress. It's a crippled, pay-for-feature version with limits. Want to use a plugin? You pay extra. Want FTP access? You pay extra.
If you want control over your website, you need to use wordpress.org.