WordPress 4.5 is being released very soon, and there are some interesting end-user and developer enhancements included. Get familiar with the changes and new features so you’re prepared and aware of what to look for in this latest released of WordPress.
The information below comes from the WordPress.org field guide, edited for end-user summary review, meaning references to developer-focused specifics have been removed.
Multiple external libraries have been updated (with the two that could require attention being Backbone and Underscore).
Term Edit Page!
The term edit screen has been separated out from the term list screen.
Live Preview: Faster, Extensible, More Features!
Live Preview (also known as “The Customizer”) once again has received attention this release with the addition of new controls, some performance improvements, and two new user-facing features.
Setting-less Controls, Device Previews, and Selective Refresh are the three biggest changes you’ll find. Setting-less controls make it easier to implement complex interfaces. Device Preview is a user facing feature that allows users to adjust the preview to match the screens on various devices. Selective Refresh allows for changes to appear quicker inside the preview.
One area that selective refresh helps live preview function faster is with widgets.
Look for theme and plugin authors to update their code to implement selective refresh.
The final change to Live Preview involves a new theme feature, and that is Custom Theme Logos.
Custom Theme Logos!
Themes can now offer support for custom logos. Custom Logos add an additional way for users to customize their site and themes can customize how custom logos are displayed.
Following up on the introduction of responsive images in WordPress 4.4, WordPress 4.5 is making changes to improve image performance including improved compression settings and smarter handling of image metadata.
Iterating on embeds has led to the ability to better customize embeds by adding new templates to the template hierarchy for embeds. Embeds have also had some performance improvements for autodiscovery, the ability to embed the front page of a site, and changes to the iframe of embedded content.
The comments component has a few user-facing changes to make comments easier to moderate. Additionally, the rel=nofollow attribute and value pair will no longer be added to relative or same domain links within comment_content.
Multisite once again has seen changes with the addition of new filters around site and user creation, and a WP_Site object.
Overall, 372 bugs have been marked as fixed in WordPress 4.5 (so far). There are also dozens of new hooks and dozens of hooks that have received additional parameters.
For the full list of changes, with links to feature-specific details, view the full field guide post.
We always recommend that you keep WordPress and all your plugins up-to-date, and that means proactively understanding the changes included, what that means for your site, depending on the themes and plugins you already use, and how to handle any update issues if they break your site. To recover from an update that breaks something on your site, you will need to restore from a backup, which also means you need to have good backups being made regularly. The other thing to do is check with your theme or plugin authors regarding the latest WordPress updates.
To have us handle your WordPress updates and backups, as well as security and performance optimizations, sign up for our monthly maintenance service, starting at $25/month for complete peace-of-mind regarding your WordPress website.
Most website owners also enable server-side caching, with WordPress sites usually using W3 Total Cache, WP Super Cache, Hyper Cache, or other popular plugins. These plugins lessen the server load by serving non-dynamic flat HTML that is generated by WordPress, and requests for the same URL that is already available as HTML is served without needing it to execute any of the PHP code or MySQL database queries that are usually involved in every page load.
What most website owners don’t know is that there is a simple way built right into Cloudflare, using Page Rules, that can also cache not only static files, but the very same HTML files right on the Cloudflare CDN, so there are no requests to the web server for any number of page requests – only when refreshing the cache will Cloudflare hit the web server. This will boost your website performance even more, because it’s not dependent on any response from your web server – and shared hosting is very common to have higher first-byte response times, simply due to the number of accounts most web hosts put on a single server.
For websites running WordPress, you must create a rule that also tells Cloudflare not to cache the HTML from the /wp-admin/ administrator area, otherwise the administrator dashboard and user interface will not load.
So here’s the steps and two exact rules to add to Cloudflare’s Page Rules that we’ve tested and work great with WordPress, please enjoy and share!
- Log into Cloudflare. Next to your domain name(s), click the drop-down box, and click on Page Rules
- Now, set up as the very last rule so it runs after all other rules, the rule for caching the rest of the site. In the rule pattern box, type in “*domain.com/*” and then Custom Caching, choose “Cache Everything”. This sets Cloudflare to cache the HTML as well as usual static files. Then, set the Browser Cache Expire TTL to 30 minutes. This will allow Cloudflare to refresh the HTML cache every 30 minutes if need be. Again, be sure to set Rocket Loader to Off. Click Add Rule.
That’s it! You’ve just boosted your website performance, and virtually eliminated your web server load to near-zero, no matter how much traffic is hitting your website. Your search engine rankings could be improved, your web hosting costs could be reduced (if based on traffic/bandwidth/visits or CPU), and your visitors are more likely to stick around longer and share your content, based on your site consistently loading faster and without any delays.
If you run into any issues, remove the cache everything rule, or try adding additional rules above it (giving it a higher priority) to exclude other areas of your website, like “*domain.com/shop/*” for e-commerce areas, etc. All dynamic, always changing content areas should have exclusions added for them.
The free plan allows for up to three page rules. The Pro plan allows for up to 20 rules, and adds SSL support using their wildcard certificate, so that’s the plan for most businesses. Cloudflare also often proactively offers filtering of WordPress vulnerabilities in their Web Application Firewall (WAF), making their service even more valuable, and has a quick and easy sign up, give them a try and let us know how it works for you. These aren’t affiliate links, it’s just a highly recommended service.
We hope you enjoy and faster website, and share this tip with your friends and colleagues.
Google Analytics by Yoast v5 was a major rewrite, and had some issues that affected all sites, but was quickly patched throughout the day, ending with v5.0.5 being automatically pushed out to all sites that haven’t turned off automatic minor updates. Let’s review the updates in Google Analytics now that we’ve had a few days to play with it on a number of live sites that we manage for customers.
Google Analytics by Yoast v5 Enhancements
For Google Analytics by Yoast, the v5 update includes these new enhancements:
- Universal tracking added
- Better link tracking
- New Universal demographics feature
- New menu items in the WordPress admin menu
The big item is Universal Analytics support, which is something Google added to it’s Analytics platform back in March of 2013 but hasn’t been widely adopted by many because it wasn’t built in to most plugins, nor were it’s benefits really understood either. Now that this widely popular plugin supports it, more people will be wanting to upgrade their Google Analytics account to take advantage of it, so here’s a few points to keep in mind…
Benefits of Universal Analytics
Connect multiple devices, sessions, and engagement data with the User ID.
The User ID is a Universal Analytics feature that you can use to associate multiple sessions (and any activity within those sessions) with a unique ID. When you send an unique ID and any related engagement data to Google Analytics, all activity is attributed to one user in your reports. With the User ID, you can get a more accurate user count, analyze the signed-in user experience, and get access to the new Cross Device reports. Learn more about the User ID.
Use simplified and more accessible configuration options.
Universal Analytics gives you more configuration options that you can control from your account Admin page:
- Organic search sources
- Session and campaign timeout handling
- Referral exclusions
- Search term exclusions
Implement Enhanced Ecommerce.
Once you’ve deployed Universal Analytics, you can then tag your site with the ec.js plugin, and then use the Enhanced Ecommerce reports to analyze your users’ shopping and purchasing behavior, the success of your internal and external marketing efforts, and the economic performance of your products.
Stay up to date with new features and updates.
With Universal Analytics, you can use all of the standard Google Analytics reports and tools, but you also get access to new features.
Universal Analytics supports data collection without browser cookies.
The Universal Analytics collection methods (analytics.js and the Measurement Protocol) can be implemented and used to collect user interaction data without cookies. Learn more about how to opt-out from Google Analytics.
Warnings when using Universal Analytics
Referrals are processed differently than in in previous versions of Google Analytics.
By default, all referrals trigger a new session in Universal Analytics. For example, if a user is on your site, leaves but then immediately returns, this user has logged 2 sessions. You can, however, modify your tracking code to exclude all traffic from specific domains as referral traffic with the referral exclusions.
Data sent via a Universal Analytics collection method can only be processed by a Universal Analytics property.
It’s been over 10 years since our last rebrand, and so it’s about time, and WordPress is what we’ve been developing with over the last few years, so it makes sense to promote a WordPress focus in our brand. We’ve been Web Wizards since 1997, we briefly added a WP to become WP Web Wizards, but that was a mouthful and we want a simple, powerful brand.
So now, we’re Press Wizards, with a new matching .com domain (check out http://presswizards.com), to emphasize our WordPress focus. Nothing will change regarding our existing customer sites or configuration, so no worries there. Our priority is our amazing loyal customers, some that have been with us since the beginning, while we also market to new potential customers looking for WordPress hosting and development services.
Here’s our new logo, let me know what you think of it!
While WordPress v4.0 is just another update number after 3.9 and before 4.1, it has some new things that make it more polished than ever, with quite a few subtle enhancements they didn’t mention in their release post. It was named “Benny” in honor of jazz clarinetist and bandleader Benny Goodman. Let’s review everything below.
WordPress 4.0 major improvements
Here’s the major changes in WordPress 4.0:
- The Media Library was updated to display your uploaded files in a nice grid, with a new details preview making viewing and editing media easier.
- Embeds now embed the actual HTML in the editor, no more blank preview box.
- The editor window now keeps the editing tools in view at all times, and scrolls down as you write.
- Plugin searching was updated so it’s easier to find the right one for your needs, with new metrics and a more visual browsing experience.
There were over 275 people contributing code changes to this release, a new high. Here’s a video overview of the changes from WordPress.tv:
Additional subtle 4.0 enhancements
- WordPress 4.0 includes a language chooser. After selecting a language WordPress will download and install the language pack on the fly. The rest of the install process will then be in that language. Nice, eh?
- There are some new Customizer improvements for developers as well:
- It also has a major update to the WP_Query function:
- WordPress 4.0 comes with a redesigned plugin installer. They’ve added one of the finishing touches to this — plugin icons:
There were also over 700 development tickets closed out relating to the 4.0 release, with over 500 of them being classified as bugs, so update your sites and enjoy a much more stable WordPress:
What’s your update experience been like, any issues, or happy as can be?
We noticed today that quite a few websites were coming up with white screens all of the sudden, due to an issue with the Contact Form DB WordPress plugin. It seems there was a version released that had a fatal error in it, and was installed if automatic updates for plugins was enabled by a plugin like Advanced Automatic Updates.
We’ve updated the plugin files to the latest fixed version for any customer that had the plugin installed on their site(s).
These types of issues are very rare, but the WordPress platform makes it easy to resolve, and we still recommend auto-updating your plugins and minor versions of the core files. Major version updates (from 3.X.X to 4.0) are still suggested, but only after determining if your theme is compatible or there are any known issues in the first few days of the release.
We run auto-updates on numerous test sites running various themes to ensure we are alerted and aware of any issues so that we can be as proactive as possible in discovering any known issues.
We’re happy to announce we’ve improved outgoing email delivery from all our servers for everyone. Prior to this weekend, our email servers would accept external email for your domains, or from your web site contact forms, and based on your email address settings, would do basic scans for spam and virus, then store it in your mailbox, or forward it to your Internet Service Provider (ISP) or other outside email address you specified. The spam filtering is simple keyword scanning and score based (more spammy words equals a higher score), so worked well for most kinds of spam, but not as good when compared to commercial solutions like Postini or Google Apps (Gmail) spam filtering.
The ongoing problem was, certain ISPs would detect that spam and incorrectly block our email servers thinking we were the actual source of the spam, versus relaying it for you as they were configured.
Starting this last weekend, we’re now passing all outgoing email through an external commercial solution for spam filtering, which stops our email servers from being blocked by any ISP, ensure much more reliable email delivery, and should also result in near-zero spam emails being sent to your external email mailboxes.
This does not block spam that is stored in your mailbox, but if you’d like this level of spam filtering added to your mailbox, we’ve secured a rate of $5 per month per mailbox for incoming spam filtering. You could also just forward your email out to a free gmail account, or sign up for Google Apps for your domain, which is also $5 per user per month. We’re happy to answer any questions on which options are best for you.
We strive to offer the best performance-based web hosting, and now the best in email delivery as well.
I’m pleased to announce that Web Wizards and all our customer web sites are not affected by the Heartbleed SSL encryption bug, we never ran the affected version of the OpenSSL library that included the data leak bug.
For more details on Heartbleed and what it is, read this article:
For a quick summary of how the Heartbleed bug works, view this xkcd comic:
WordPress v3.9 is due to be released in April, and we’re bringing you a preview of the improvements and changes coming your way very soon. It includes a few major updates to the editor and media library, as well as the Customizer.
Details on the improvements to the admin dashboard include:
- Adding an updated TinyMCE, the software powering the visual editor, to the latest version. Be on the lookout for cleaner markup. Also, new paste handling — if you paste in a block of text from Microsoft Word, for example, it will no longer come out terrible. (The “Paste from Word” button you probably never noticed has been removed.)
- Adding widget management to live previews (the customizer). Also adding the ability to upload, crop, and manage header images, without needing to leave the preview.
- Adding 3.8’s beautiful new theme browsing experience to the theme installer.
- Galleries will receive a live preview in the editor.
- Adding the ability to drag-and-drop images directly onto the editor to upload them.
- Some things will get improved around editing images. It’ll be a lot easier to make changes to an image after you insert it into a post, and you’ll no longer get kicked to a new window when you need to crop or rotate an image.
- New audio/video playlists.
Here are a few screenshots we have of the new features.
There are new behind-the-scene things for developers, too:
- The load process in multisite getting rewritten.
- Will now use the MySQL Improved (mysqli) database extension if you’re running a recent version of PHP.
- Autosave will be refactored.
- Library updates, in particular Backbone 1.1 and Underscore 1.6. Also Masonry 3, PHPMailer, and Plupload.
Contact us if you have any WordPress questions, or want us to help you migrate your web site to WordPress.
We’ve been working hard on different service areas to improve security, prevent spam, upgrade our systems, and offer more value to our customers. Here’s a summary of all the recent efforts for you to review.
- Secure Control Panel Access
To improve security, our hosting Control Panel now forces you to use encrypted SSL for all visits, at https://cp.yourserver.net/ and all bookmarks with the old unencrypted URL will redirect to the new encrypted URL.
- Spam Prevention
Please update your scripts and WordPress installations (use http://wordpress.org/plugins/wp-smtp/) to use an authenticated mailbox or 3rd party service like Mandrill (free up to 12K emails a month, see https://mandrill.com/pricing/), as web scripts sending email to our mail servers rejects mail relaying unless it’s a mailbox on that mail server. It’s just too easy for spammers to inject code into a web site via automated scripts that blast our email server with millions of spam emails, and the mail server gets blacklisted, your emails are delayed or blocked, and it’s a huge amount of work to clean it all up. Sending using authentication is the only way to send out email to external servers.
- Do Email Right
We strongly recommend using Google Apps (http://www.google.com/enterprise/apps/business/) or another 3rd party service like Outlook.com (http://zd.net/1bsSy2C) for domain name email, as they offer amazing spam blocking and filtering built in to their platforms. Google has also recently announced they are now displaying images for emails in a safe way. We use Google Apps for all email hosting, but it’s especially recommended for business or e-commerce sites. Our email servers work well too if configured correctly (as discussed above), but they are no match for the global protection that these services bring you, and Outlook.com still offers free domain name hosting, so why not take advantage of that. We’d love to stick to offering the best hosting for WordPress, PHP, MySQL, and of course HTML sites, and email is something we’d love to get away from, considering the great alternatives out there.
- Hire Us for Your Web Site Needs
We’re finding that many customers don’t know we offer full WordPress and web services and consulting, including Managed Maintenance (site and plugin updates, managing site and database backups, & security hardening with malware scanning), site migrations from HTML, Drupal, Joomla, and others into WordPress, theme customizations, e-commerce consulting with WooCommerce, as well as email marketing and CRM integration. Contact us today to discuss further.
- Developers: PHP version 5.4 is an available option under Web Options – but update your MySQL passwords before you switch
PHP v5.4 will not connect to databases using users that have the old short (now considered insecure) password hashing/storing method, so you should look into changing your MySQL user’s password first, before switching to PHP v5.4. Be sure you know where to update your script’s stored password before using the MySQL tool in the Control Panel to reset the user’s password, selecting the “Long, PHP5.x-only” hash length. Then you’ll have no problems with v5.4. More technical info here.
If you’ve got any questions or concerns on any of the above, feel free to reach out to us by submitting a Trouble Ticket through the Control Panel, or contact us here.