programmer

Simple Methods of Adding SSL to Your WordPress Website

Posted on by Mario

SSL WORDPRESS

People choose SSL mostly because it provides more secure information and gives more benefits, especially from a user’s perspective, as any information they share with your site via a form, shopping cart, etc. is encrypted – it is safe from the third party. However, few web developers that know the very same principles also apply to site administrators.

In fact, running the WordPress admin in https also brings huge benefit, since you can secure all the sensitive information you input daily inside of WordPress. All of this information needs protection; therefore, it is essential for every WordPress website out there to renew the certificate in every three months.

If you are in a tight budget, you can opt on the market for low-cost certificates that do the job nicely in most cases. Remember that ecommerce sites might be better off with higher level certificates that offer features like identity validation which allows customer to know you better.

This makes us have no reason for not giving a little time and money to understand and apply an SSL certificate. So, if you are committed to integrating SSL with a WordPress installation, now it’s time to discover the ways.

HTTPS Your WordPress

Before, we setup WordPress to utilize an HTTPS connection; you have to make sure that you already have an SSL certificate installed on your server. Actually, it is quite simple to setup WordPress to utilize an https connection, as follows:

  • Back up the site
  • Change the Site URL
  • Ensure all internal links and attachments use https
  • Run the WordPress admin in https
  • Automatically forward http requests to https

Change the Site URL

First, navigate over to settings > General inside the WordPress administration area since you’ll want to change the WordPress Address (URL) and Site Address (URL) from ‘http://www.yourdomain.com’ to ‘https://www.yourdomain.com’. Scroll down to the bottom and save the changes when you’re done and then, WordPress will automatically log you out. If you want to log back, you can use the newly-secured URL.

Make Sure All Internal Links/Attachments Use HTTPS

Even though you change the URL, image or attachment URL throughout WordPress, it will not suddenly switch your website into HTTPS. In order to discover ways to change the URL site, you can conduct a search and replace area of your database. One thing for sure, you need to back up your site to prevent anything from going wrong.

Nowadays, you can find many searches and replace plugins available for WordPress, but you can give a try to Velvet Blues Update URLs, as it can be an effective solution. Furthermore, this plugin only touches the areas of the database that need changes, so you will not mistakenly change the right thing. In fact, you can update URLs to get started once you’ve installed and activated the plugin, head over to tools > Update URLs to get started.

Don’t worry as using plugin is as simple as adding the old and new URLs for your site. All you need to do is make sure that all the settings look are correct then click “Update URLs Now” when you’re ready and let the plugin take care of the rest. You’ll see a report on the screen that says how many URLs are changed and where the plugin found them, once the URLs have been replaced.

Run the WordPress Admin in HTTPS

In order to ensure that there will be HTTPS in the WordPress back end, you should grab the latest version of your site’s wp-config.php file and add the following line just above “/* That’s all, stop editing! Happy blogging. */”:


Now, you can save and upload the file to your server.

Automatically Forward http Requests to Https

The last step is to make sure that you only use https URLs for your site. First, you need to download the latest copy of your site’s .htaccess file and add the following just underneath the line “RewriteEngine On”:

Then save and upload the file to your server. You can try and enter an http URL for your site in a browser to test it. If you do it right, it should automatically forward you to the https version. Bear in mind that every server has been set up differently, so you should find other ways to make this work. Feel free to contact your web host for suggestions.

Troubleshooting a ‘Broken’ Lock

Discover if there are any broken padlock icons in your browser’s address bar and/or mixed content warnings. If you find any, then something is trying to load in from an http address. Usually, it is caused by a script or other outside resource being called from your site’s theme or CSS. As a solution, you can refresh the page and see if that clears up the issue.

If the problem is still going on, you can visit “Why No Padlock?” and input your URL that you want to analyze. The site will scan and analyze it for you.

Conclusion

Keeping user’s information private is an important thing, especially if you are doing a business in digital world. By seeing the green padlock in your site’s address, users will think that your business takes their personal information seriously. This will surely increase their trust and interest to buy something from you or even fill out a simple contact form.

Knowing What’s Missing in WordPress Functionality

Posted on by Mario

WORDPRESS’-MISSING-FUNCTIONALITY-(AND-HOW-TO-FIND-IT)_ywf

WordPress has become one of the most well-known website platforms in the world. Many people love this platform because of its flexibility, security and ranges of plugins that one can install to provide additional functionality. However, with many benefits that it offers, WordPress still lacks with many things. If you are a web developer, the information below can be beneficial for you. Here are a few requests for the missing functionality in WordPress; and some workarounds for the meantime.

Ability to Duplicate Posts

WordPress is equipped with completely redo settings to get the desired output which can be unnecessarily time consuming. This functionality on WordPress is limited to the use of a plugin: Duplicate Post.

With a duplicate post plugin, you can “clone” a post or “create a new draft”. The latter copies the post and opens it in a new window for editing. On the other hand, the former creates a new post entirely.

Moreover, you can also edit settings that let you do things like copying with this plugin:

  • Original date,
  • Original status (saved to draft, published, pending),
  • Original excerpt; original attachments,
  • Children of the original page,
  • Taxonomies/custom fields.

You are also able to work with custom post types in this plugin. Unfortunately, not all plugins are compatible and doesn’t necessarily call out these incompatibilities on the front end. As a result, it can cause worst scenario, such as complication from using this plugin can crash your website, so it is important for you to have a backup.

Bundle Settings and Plugins for New Installs

If you are planning to create multiple sites in WordPress, it would be particularly helpful to have some functionality that combines all the desired features into a file that could be uploaded to the site you’re building. If you work with clients in a similar industry, you will see that many WordPress websites have the same base features. However, installing /activating the launch list plugins one by one is tedious, so as a solution, you can install WordPress Install Profiles plugins. Once installed and activated, Go to Plugins > Bulk Install Profiles.

Furthermore, you can easily add or remove plugins from the list with a default list of plugins. Use the name on the plugin’s URL to add a new plugin, after that, give the list profile a name and download it to your computer.

You’ll need to have the WordPress Install Profiles plugin installed and activated on that site, then import the profile you want to install on another website. However, since this plugin hasn’t been updated in many years, there may be compatibility or security issues associated with its use.

SITE CACHING

Site caching supports your site to load faster by storing the website processes in an HTML file to be loaded as needed. That is why page loading is a major factor for ranking in technical SEO. To avoid any server calls, developers wish that WordPress had site caching.

Even though you cannot find site caching built into the platform, there are many plugins that can initiate this process, like W3 Total Cache and WP Super Cache. Actually, there are some WordPress hosting companies that offer site caching. However, many find that site caching offered through a web host is more efficient than these plugins, so if that’s an option, don’t install a caching plugin.

Built-In Form Builder

You can find a lot of form builder plugins, but since most businesses use forms anyway, why not add this functionality to the WordPress core code? Rather than waiting for this functionality missing in WordPress, try an all-purpose contact form plugin like Contact Form 7. With contact Form 7, you can manage multiple contact forms, and you can easily customize form and email content with simple markup. Besides, Contact Form 7 supports Ajax-powered submitting, CAPTCHA, Akismet spam filtering, and other important security factors. Another benefit that you can get is the simplicity to set-up, flexible, as well as it offers customizable default messages, and easily-defined mail messages.

Improved Theming System

In terms of the theming system, WordPress still needs lots of improvement. There are still “sloppy code” and “disastrous mix of business and display logic”. In the current version, you can see that template hierarchy does not take plugins into account. As a result, the plugin has to override the template system, or create a workaround to provide a default template for displaying this custom post type if you have a plugin with a custom post type for movies.

The more complex the code base, there is a greater opportunity to improve code practices, eliminate short codes, and fix template hierarchy for a more efficient base theme.

Custom User Permissions

In general, WordPress serves its users with 5 roles:

  • Administrator
  • Editor
  • Author
  • Contributor
  • Writer

In terms of managing tasks, each of these roles has their own specific limits. Many developers suggest it, so that WordPress could allow users to set, specify, or limit what each individual user can do, especially for a multi-author/user site.

To overcome this functionality missing, you can use Advanced Access Manager plugin; which manages both frontend and backend access.

File Browsing Interface

Even though you can find various plugins available, you have to be careful in choosing the right plugin for your website, since certain plugins may cause your website to slow down. By having an error code, you can identify this, but when it does not, then you have to manually deactivate all files, and then reactivate them one by one in the admin area to determine what is causing the error. However, you have to use a File Transfer protocol (FTP) like Firezilla to backup all plugin files if the error does not allow access to the admin area.

Besides, developers can quickly fix issues without needing cPanel/FTP access since you can access files directly from WordPress.

Nowadays, WordPress is still the most powerful platform on its own. No wonder there are various plugins that have been developed to support the functionality missing in WordPress, even though many developers are still hoping that the issues will immediately get built-in solutions.

Ways to Make your Apps Serverless

Posted on by Mario

How-to-make-your-apps-serverless_ywf

The rise of a new buzzword has made many people think that servers no longer exist, but the fact is, a server is still needed somewhere. This is why the “serverless” term may mislead many people. What makes “serverless” term is that you can successfully build your applications without deploying code to your own servers. Therefore, as a web developer your dream of spending less time worrying about servers and more time for building software will come true.

Serverless in Action

When your site serves many readers a month, it means that the traffic that comes to our scale is significant and sudden, as articles can go viral at any moment. As a result, you may have trouble keeping up and our engineers are spending too much time on operations. Therefore, as a solution, you can take a look at serverless platforms which offer you a complete success of your projects, such as more maintainable, easier to operate, and cheaper.

Amazon Web Services

Serverless has a close relationship with Amazon Web Services (AWS). In fact, AWS is the answer for one critical question; where does the custom code go? The concept of using third-party services and platform is not new, with database, you can push notifications, caching, and many other layers of an application have all been available ‘as a service’ for a while, but they sat on the edge of your application. Therefore, a server is still needed as a place for core application code, which is usually a server responding to external requests. Through AWS Lambda and AWS API Gateway, you can deploy custom application code without the overhead of managing your own servers.

AWS Lambda

Applying Lambda is quite simple, you only need to write code and upload it. Lambda is Amazon’s version of functions-as-a-service (FaaS). Then, as a response to events including HTTP requests, S3 uploads, DynamoDB updates, Kinesis streams, and many others, AWS will run the code. Since scaling happens automatically, you are only charged when your functions are running.

None of these features are strictly a requirement for serverless, but AWS has certainly set the bar high. Any serverless platform will likely to have a stateless FaaS offering with very granular billing because of the precedent set by AWS.

Other Platforms

Right now, Amazon may still be the first competitor in the arena, but other providers are showing up quickly. All the major cloud platforms have recently launched services targeted at serverless applications. Here are a few of them:

  • Google Cloud Functions: Still in alpha, having almost the same functionality to AWS Lambda and can also be triggered by HTTP requests.
  • Azure Functions: This platform is still relatively new and similar to Lambda. Other benefits are Azure has a pleasant UI and makes it easy to expose functions over HTTP without needing a separate routing service.
  • IBM OpenWhisk: This is the only open source platform. You will want to investigate this, if you are interested in deploying your own serverless platform or just curious with how they work under the hood.

Challenges

If you think serverless is the solution of every problem, you might be wrong, for serverless does not come without its challenges. In fact, the community is still discovering best practices, especially when it comes to operations as the space is new and as such. In fact, this platform still requires tools for deploying, maintaining and monitoring our applications. However, many believe that there will be many new startups’ third party services targeted at solving these problems for serverless developers.

Tools

With lots of open source community, it is possible to manually build and deploy serverless applications yourself, but we suggest that you use the existed frameworks, since a few endpoints, building, packaging, zipping, uploading and versioning all become difficult to manage. Here are some frameworks that you might want to consider:

  • Serverless framework: This framework has a robust plugin system and integrates with many community developed plugins with many community developed plugins. Its stated goal is to eventually support deployment to any of the major cloud platforms.
  • Apex: Even though it is written in Go, it supports Python, Node.js and Java runtime languages. Furthermore, the inventor of this tool, TJ Holowaychuk, is a well-known fixture in the open source community and has a great sense of what makes for good developer tools.
  • Chalice: it is the only framework created and maintained by AWS and currently supports Python.
  • Shep: If you are looking for framework that can be used for all our production services, Bustles’ own open source framework can be a great choice. It focuses on the Node.js runtime and strives to be opinionated about how you should structure, build, and deploy applications.

 It seems that in 2017 “serverless” technology will keep growing and you will see rapid adoption from startups to fortune 500 companies. This is because many developers have realized that the serverless movement is the best way to build better software.