Workarounds for the Page Template Bug in WordPress 4.9

WordPress 4.9 “Tipton” was released last week and although it’s largely trouble-free, there is one particular issue users and developers are running into that’s causing frustration. In 4.9, custom page templates that are created fail to display in the Template drop-down menu. The issue is related to changes made to the file editor.

Previous versions of WordPress listed files 2-levels deep in the editor. In 4.9, the entire directory tree for a theme is listed regardless of its depth. Caching was added to help limit the performance impacts of loading large WordPress themes. “An unintended side effect of the caching is that the same directory listing function get_files is used both for the theme editor and for gathering page templates,” Weston Ruter, Co-Release Lead for WordPress 4.9 said.

Within the trac ticket, developers suggests that a button be added that flushes all caches or disabling the cache if WP_DEBUG is set to true. Neither suggestion turned into a patch committed to core. Instead, Ruter has released a plugin as a workaround that flushes the template cache. Other workarounds include, bumping the theme’s version, running the wp cache flush command in WP CLI, or waiting 60 minutes for the cache to expire.

The ticket is marked as a high priority but because of the upcoming holidays in the US and WordCamp US next weekend, it could be at least a few weeks before WordPress 4.9.1 is released.

Tide Project Aims to Audit and Score WordPress Themes and Plugins based on Code Quality

Last week XWP dropped an intriguing preview of a new project called Tide that aims to improve code quality across the WordPress plugin and theme ecosystems. The company has been working with the support of Google, Automattic, and WP Engine, on creating a new service that will help users make better plugin decisions and assist developers in writing better code.

XWP’s marketing manager Rob Stinson summarized the project’s direction so far:

Tide is a service, consisting of an API, Audit Server, and Sync Server, working in tandem to run a series of automated tests against the plugin and theme directories. Through the Tide plugin, the results of these tests are delivered as an aggregated score in the WordPress admin that represents the overall code quality of the plugin or theme. A comprehensive report is generated, equipping developers to better understand how they can increase the quality of their code.

The XWP announcement also included a screenshot of how this data might be presented in the WordPress plugin directory:

XWP plans to unveil the service at WordCamp US in Nashville at the Google booth where they will be inviting the community to get involved. Naturally, a project with the potential to have this much impact on the plugin ecosystem raises many questions about who is behind the vision and what kind of metrics will be used.

I contacted Rob Stinson and Luke Carbis at XWP, who are both contributors to the project, to get an inside look at how it started and where they anticipate it going.

“Tide was started at XWP about 12 months ago when one of our service teams pulled together the idea, followed up by a proof of concept, of a tool that ran a series of code quality tests against a package of code (WordPress plugin) and returned the results via an API,” Stinson said. “We shortly after came up with the name Tide, inspired by the proverb ‘A rising tide lifts all boats,’ thinking that if a tool like this could lower the barrier of entry to good quality code for enough developers, it could lift the quality of code across the whole WordPress ecosystem.”

Stinson said XWP ramped up its efforts on Tide during the last few months after beginning to see its potential and sharing the vision with partners.

“Google, Automattic and WP Engine have all helped resource (funds, infrastructure, developer time, advice etc) the project recently as well,” Stinson said. “Their support has really helped us build momentum. Google have been a big part of this since about August. We had been working with them on other projects and when we shared with them the vision for Tide, they loved it and saw how in line it is with the vision they have for a better performant web.”

The Tide service is not currently active but a beta version will launch at WordCamp US with a WordPress plugin to follow shortly thereafter. Stinson said the team designed the first version to present the possibilities of Tide and encourage feedback and contribution from the community.

“We realize that Tide will be its best if its open sourced,” he said. “There are many moving parts to it and we recognize that the larger the input from the community, the better it will represent and solve the needs of the community around code quality.”

At this phase of the project, nothing has been set in stone. The Tide team is continuing to experiment with different ways of making the plugin audit data available, as well as refining how that data is weighed when delivering a Tide score.

“The star rating is just an idea we have been playing with,” Stinson said. “The purpose of it will be to aggregate the full report that is produced by Tide into a simple and easy to understand metric that WordPress users can refer to when making decisions about plugins and themes. We know we haven’t got this metric and how it is displayed quite right. We’ve had some great feedback from the community already.”

The service is not just designed to output scores but also to make it easy for developers to identify weaknesses in their code and learn how to fix them.

“Lowering the barrier of entry to writing good code was the original inspiration for the idea,” Stinson said.

Tide Project Team Plans to Refine Metrics Used for Audit Score based on Community Feedback

The Tide project website,, will launch at WordCamp US and will provide developers with scores, including specifics like line numbers and descriptions of failed sniffs. Plugin developers will be able to use the site to improve their code and WordPress users will be able to quickly check the quality of a plugin. XWP product manager Luke Carbis explained how the Tide score is currently calculated.

“Right now, Tide runs a series of code sniffs across a plugin / theme, takes the results, applies some weighting (potential security issues are more important than tabs vs. spaces), and then averages the results per line of code,” Carbis said. “The output of this is a score out of 100, which is a great indicator of the quality of a plugin or theme. The ‘algorithm’ that determines the score is basically just a series of weightings.”

The weightings the service is currently using were selected as a starting point, but Carbis said the team hopes the WordPress community will help them to refine it.

“If it makes sense, maybe one day this score could be surfaced in the WordPress admin (on the add new plugin page),” Carbis said. “Or maybe it could influence the search results (higher rated plugins ranked first). Or maybe it just stays on That’s really up to the community to decide.”

In addition to running codesniffs, the Tide service will run two other scans. A Lighthouse scan, using Google’s open-source, automated tool for improving the quality of web pages, will be performed on themes, which Carbis says is a “huge technological accomplishment.”

“For every theme in the directory, we’re spinning up a temporary WordPress install, and running a Lighthouse audit in a headless chrome instance,” Carbis said. “This means we get a detailed report of the theme’s front end output quality, not just the code that powers it.”

The second scan Tide will perform measures PHP compatibility and will apply to both plugins and themes.

“Tide can tell which versions of PHP a plugin or theme will work with,” Carbis said. “For users, this means we could potentially hide results that we know won’t work with their WordPress install (or at least show a warning). For hosts, this means they can easily check the PHP compatibility before upgrading an install to PHP 7 (we think this will cause many more installs to be upgraded – the net effect being a noticeable speed increase, which we find really exciting and motivating).”

Carbis said that the team is currently working in the short term to get the PHP Compatibility piece into the API, which he says could start influencing search results without any changes to WordPress core.

“We’d also like to start engaging with the community to find out whether surfacing a Code Quality score to WordPress users is helpful, and if it is, what does that look like? (e.g. score out of 100, 5 star rating, A/B/C/D, etc.),” Carbis said. “We will release our suggestion for what this could look like as a plugin shortly after WordCamp US.”

More specific information about the metrics Tide is currently using and how it applies to plugins and themes will be available after the service launches in beta. If you are attending WordCamp US and have some suggestions or feedback to offer the team, make sure to stop by the Google sponsorship booth.

Ask Yoast: changing URL structure and rankings

If you started your website as a newbie to all things internet, chances are that your site’s URLs aren’t pretty. Perhaps the URLs contain the post-ID, or the date when it was first published. URLs like that don’t say much about the content of a page and look cluttered. If you want to change your URL structure for this reason, or whatever other reason, it could affect your rankings. In this Ask Yoast, I discuss to what extent changing your URL structure will have an impact on your rankings, and if it’s still worth the effort.

Chris asked us a question on this subject:

We are changing our URL structure to make it look cleaner (by leaving out numbers etc.). When we launch our new site, will this new URL structure negatively affect our existing Google rankings?

Watch the video or read the transcript further down the page for my answer!

Optimize your site for search & social media and keep it optimized with Yoast SEO Premium »

Yoast SEO: the #1 WordPress SEO plugin Info

The impact of changing your URL structure on rankings

Well, if you launch a new site and you have new URLs, you’ll need to redirect all the old URLs to the new URLs and it’ll take some time for Google to pick up that those URLs have changed. If you’re staying on the same domain name, your traffic will probably stay the same, but you will need to redirect all those URLs and it might take some time.

You might lose some traffic for a while, up to even six months and then after that everything should be fine. It’s probably worth it if your URLs look really bad though, so it’s a trade-off but I’d probably still go for it. Good luck!

Ask Yoast

In the series Ask Yoast we answer SEO questions from our readers. Have an SEO-related question? Let us help you out! Send an email to
(note: please check our blog and knowledge base first, the answer to your question may already be out there! For urgent questions, for example about our plugin not working properly, we’d like to refer you to our support page.)

Read more: ‘The perfect WordPress SEO permalink structure’ »

The post Ask Yoast: changing URL structure and rankings appeared first on Yoast.

Consultants Are WordPress’ Boots on the Ground

A business can’t survive without strong sales & customer service, two competencies that are arguably the lifeblood of a company.

Many of you reading this fill that exact gap for the open source WordPress project. I don’t mean this as a slight to the thousands of wonderful people who build the software, document it, and support it in the forums, but that consultants (doing it right or wrong) are also fueling this locomotive too.

There are no official sales or customer service channels at and us consultants bear the brunt of it — for better or worse — and that’s where our job comes in. Just as you trust a core contributor to spot-check her code and ensure that we’ve sanitized all the things!

Consultants are the boots on the ground, and as you’ll see below in my feedback section, represent a disproportionate ratio of launching many more websites than an individual website owner. – Matt Medeiros

From The blue-collar WordPress worker and the 2,500+ websites built to grow the CMS.

WordPress 4.9 Released with Major Improvements to Customizer Workflow, Updated Code Editors, and New Core Gallery Widget

WordPress 4.9 “Tipton” was released today, named for Oklahoma-born jazz musician William Lee Tipton, a gifted pianist and saxophonist. This update introduces major improvements to the design and collaboration workflow in the Customizer, improves WordPress’ built-in code editor, and enhances core text and media widgets.

Draft, Schedule, and Preview Changes in the Customizer

Prior to 4.9, users could get a live preview of their sites in the Customizer but any changes they made would need to be saved immediately or discarded. This update makes it possible to draft and schedule changes in the Customizer, and even share a preview link to collaborate on changes before making them live. Users can now stage content, such as new pages, a new set of widgets, a different combination of menu items, and schedule it all to publish at a future date.

This release also brings the ability to search, browse, and preview themes directly in the Customizer. The search interface includes filters for subject, features, and layout, just like the ones on the “Add Themes” screen in wp-admin. It does not yet include the featured, popular, latest, or favorites tabs, so users will need to navigate back to the admin if they want to browse those categories.

The menu creation process has also been updated in the Customizer to be less confusing with a rethink of the UI and revised copy.

Syntax Highlighting and Error Checking Added to the Code Editors

WordPress 4.9 brings syntax highlighting, linting, and auto-completion to the built-in code editors by incorporating the CodeMirror library. These long-awaited improvements are now available in the theme and plugin editors as well as the custom HTML widget and additional CSS box in the Customizer. The feature comes with prominent warnings about directly editing themes and plugins and protection against saving code that would cause a fatal error.

New Core Gallery Widget and Support for Shortcodes and Embedded Media in the Text Widget

WordPress 4.9 adds a new gallery widget to the collection of core media widgets (audio, image, and video) that were introduced in 4.8. It brings the same gallery-creation features to widgets that have long been available in the post and page editors.

These incremental changes will help users get ready for Gutenberg’s block-based interface. The plan is to eventually transition widgets over to blocks after Gutenberg is in core and the plugin already has support for a gallery block, as well as a Custom HTML block.

As of 4.9, users can now embed media in the Text widget, including images, video, and audio by clicking the “Add Media” button. In order to make this possible, WordPress contributors also needed to add shortcode support to widgets, a feature that users have requested for nearly a decade. With this now built into core, hundreds of thousands of WordPress sites will no longer need additional code from plugins and themes to use shortcodes in widgets.

Widgets have also been improved to offer a better migration experience with updated logic for mapping widgets between two themes’ widget areas.

On Towards Gutenberg

WordPress 4.9 also includes a notice in the about.php page of the admin, inviting users to help test or contribute to Gutenberg. It is the first time a feature plugin has been highlighted so prominently on the page users see after they update to the latest version.

The Gutenberg project has been getting a lot of attention over the past few months as the WordPress community looks ahead to the 5.0 release that will introduce the new editor to the world. Meanwhile, contributors to 4.9 have been working in tandem to make significant improvements to existing features, enabling users to do more with widgets and overall site design than ever before. This release was led by Weston Ruter and Mel Choyce with help from 443 contributors, 42% (185) of them contributing to WordPress for the first time.

How to Fix Secure Connection Error in WordPress

Are you seeing ‘Unable to establish secure connection error’ in WordPress? It is a common WordPress error and usually occurs when you are trying to install or update a WordPress plugin or theme from official directory. In this article, we will show you why this error occurs and how to easily fix secure connection error in WordPress.

Fixing secure connection error in WordPress

What Causes Unable to Establish Secure Connection Error in WordPress?

WordPress comes with a built-in system to manage updates. This system regularly checks for updates and show notifications for you to install plugin / theme updates.

However, it needs to connect to the website in order to check for updates or install them. Due to some misconfiguration on your WordPress hosting server, your website may fail to connect with website.

This will result in a secure connection error, and you will see an error message like this:

An unexpected error occurred. Something may be wrong with or this server’s configuration. If you continue to have problems, please try the support forums. (WordPress could not establish a secure connection to Please contact your server administrator.) in /home/username/public_html/wp-admin/includes/update.php on line 122

Secure connection error in WordPress

That being said, let’s see how to easily fix secure connection error in WordPress.

Fixing Secure Connection Error in WordPress

There are multiple ways to fix the unexpected secure connection error in WordPress. You can try one of the following solutions based on your situation.

Hosting and Server Related Issues

If your shared hosting server is under DDoS attack, then it is likely that the connection to will timeout causing the secure connection error.

In that case, you can wait for a few minutes and try again. If the error persists, then you need to reach out to your web hosting company’s support team.

Cloud or VPS Server Connectivity Issue

If you are on a cloud or VPS hosting, then it is possible that your server is unable to connect to due to some DNS issues.

In that case, you can point your server directly to servers. You will need to connect to your server using SSH.

SSH is short for secure shell which is an encrypted protocol that allows you to connect to your server using command line tools.

Windows users can use a tool called PuTTy whereas Mac / Linux users can use the terminal app.

You will need login credentials for the account with shell access to your hosting account. You can get this information from your hosting account’s cPanel dashboard or ask your web hosting server provider.

In the terminal, you can connect to your server like this:


Don’t forget to replace username with your own username and with your own domain name.

Once connected, you need to run the following command:

sudo nano /etc/hosts

This will open a file, and you will need to add the following code at the bottom of the file:

You can now save your changes and exit the the editor. Visit your website to see if this resolved the error.

Fixing WordPress Secure Connection Error on Localhost

If you are running WordPress on your own computer (localhost), then you may not have cURL extension enabled for PHP. This extension is required to access for updates.

You will need to edit the php.ini file on your computer. This file is usually located in the PHP folder of your Mamp, Xampp, or WAMP folder.

If you are on a Windows computer, then look for the following line:


Mac and Linux users would have to look for this line:


Now you need to remove the semicolon before the text to enable the extension. Don’t forget to save your php.ini file.

Lastly, don’t forget to restart the Apache server for changes to take affect.

Check Open Ports in Firewall

If cURL extension is properly installed on your local server, then the next step is to check your internet connection firewall.

Your computer’s firewall may be blocking outgoing connections from local server to If you are on Windows, then press the start button and search for Windows Firewall. Mac users can find firewall settings in System Preferences » Security & Privacy

You need to add Apache to your firewall’s allowed programs and allow both incoming and outgoing connections.

Firewall Apache

You will need to restart Apache for changes to take effect.

We hope this article helped you solve the WordPress secure connection error. You may also want to see our ultimate step by step WordPress security guide for beginners.

If you liked this article, then please subscribe to our YouTube Channel for WordPress video tutorials. You can also find us on Twitter and Facebook.

The post How to Fix Secure Connection Error in WordPress appeared first on WPBeginner.

How to Remove v=XXXX string from WordPress URLs

Are you seeing strange v=xxxx string in your WordPress URLs? Recently, one of our readers asked us how to get rid of v=xxxx string from their WordPress URLs. This string is made up of seemingly random letter and numbers added as a parameter to your permalinks. In this article, we will show you how to easily remove v=xxxx string from your WordPress URLs.

How to Remove v=xxxx string from WordPress URLs

Why Are You Seeing v=XXXX String in Your WordPress URLs?

This string appears on websites running an online store using WooCommerce. It is not a bug or an error, but an actual feature of the plugin.

String with letters and numbers added to WordPress URLs by WooCommerce

The purpose of this string is to help WooCommerce calculate tax and shipping based on a user’s geographic location. The string helps make the feature compatible with WordPress caching plugins like WP Super Cache or W3 Total Cache.

However, if you don’t need to calculate shipping and taxes based on different locations, then you probably accidentally enabled this feature.

Let’s take a look at how to easily disable it and remove the random v=xxxxxx strings from your WordPress URLs.

Removing v=xxxx String from WordPress URLs

First you need to login to your WordPress admin area and head over to the WooCommerce » Settings page.

Under the General tab, you need to scroll down to ‘Default customer location’ option.

Disable Geolocation

It would be set to ‘Geolocate (with page caching support)’. You need to change it to either ‘No location by default’ or ‘Shop base address’.

Don’t forget to click on the save changes button to store your settings.

If you are using a caching plugin, then you will need to clear your WordPress cache. After that you can visit your website, and the geolocation string will disappear from your WordPress URLs.


How to GeoLocate Default Location Without the URL String?

You can do that by selecting the ‘Geolocate’ option in the ‘Default customer location’ setting.

Geolocate without caching

However, this option is not compatible with static caching plugins, and it will show incorrect shipping and tax information to users due to previously cached page.

Running WooCommerce without caching is not recommended because it will slow down your site’s speed and performance.

If you must use Geolocate to calculate shipping and taxes on the fly, then for the time being you will have to tolerate the ugly v=xxxx string in your WordPress URLs.

We hope this article helped you learn how to remove v=xxxx string from your WordPress URLs. You may also want to see our ultimate list of the most common WordPress errors and how to fix them.

If you liked this article, then please subscribe to our YouTube Channel for WordPress video tutorials. You can also find us on Twitter and Facebook.

The post How to Remove v=XXXX string from WordPress URLs appeared first on WPBeginner.

Gutenberg Contributors Explore Alternative to Using iframes for Meta Boxes

The discussion surrounding the use of iframes for meta boxes in Gutenberg became more heated over the weekend, as concerned developers implored the team to consider the detriments of the current approach. Responses from Gutenberg’s leadership initially deflected concerns, presenting the iframe implementation as an experiment that “works ‘for now'” but isn’t what the team would ship.

Instead of getting a response to the specific concerns about performance and accessibility of the iframes approach, Kevin Hoffman was urged to think about the future of meta boxes and “the cases (if any) that would not be converted to blocks.” When the developer community is repeatedly asked to test and offer feedback but is met with deflection on issues that are critical to sites using WordPress as a CMS, the GitHub discussions begin to get more heated.

“People are worried, and getting frustrated and it seems to me that they have every right to do so because the perception is that the team working on Gutenberg has little understanding of how meta boxes are being used, little concern for what the impact will be, and is going to move forward with their vision no matter what,” Jimmy Smutek, lead developer at the office of external affairs at Johns Hopkins, said in response to a Gutenberg collaborators’ admission to having been dismissive of feedback.

After several rounds of developers joining the thread to debunk the notion that iframes for meta boxes “work for now,” Gutenberg lead developer Matias Ventura joined the discussion yesterday and confirmed that the experiment is likely to be dropped fairly soon.

“I’m glad the conversation refocused in the end to the topic’s issue: is the current approach to meta-boxes in an iframe viable? With the answer being no,” Ventura said. “The iframes are an implementation detail I think we can drop relatively easy. So let’s focus on that.”

He also addressed the popular opinion that WordPress should make iterative enhancements to the editor itself (and not the full page) before proceeding with overhauling meta boxes.

“What some people have called as the pragmatic approach is not concomitant with the design direction this project has had from the start — heading towards full site customization — and what has dictated our decisions so far,” Ventura said. “Nothing here has to be a final solution, we are exploring what is possible within the design premises and putting it out there for testing.”

Ventura said that not making changes to the other aspects of the edit screen would certainly be the simplest path for Gutenberg to take but that it “would not be fair to the goals of the project and the long term users of WordPress.”

WordPress developer Gary Jones contended that pursuing a more iterative approach would not change the goals of the project but would make it possible for more sites to come along during the process.

“Going one step at a time does not, in any way, compromise the goals of the project,” Jones said. “You can still head to full-size customization if that’s the goal, but by doing it in a stepped way, you’ll bring the rest of the developer community along with you.” Jones cited the Customizer as an example of a feature within WordPress with a concept that is being realized over time with many iterations.

Ventura responded with clarification on the Gutenberg team’s approach to iterating on the project, a paradigm shift that supports block-based content creation from the outset.

“We have proposed a staged approach, from Matt’s original new focuses post, it just considers the steps differently,” Ventura said. “There are generally three stages for the Gutenberg project: from the post editor, to page templates, to site building. What is primordial is that the paradigm is one where the content is a single area, with the block as the primary concept, and where the outcome can be visually represented with clarity and without excessive abstractions.”

Ventura also assured those following along on the discussion that the project will not be dropping support for meta boxes but needs more time to experiment with different interface options.

“WordPress always moves with the user, and we take the burden of figuring out development paths to ease transitions for our existing code,” he said. “As a project, we have said before that we were not dropping support for meta-boxes from WordPress, but also that we had to explore what interface decisions we would have to make within the new paradigm, including the possibility of loading the classic editor when we detect meta-boxes we cannot handle or that directly conflict with an editor that seeks to more clearly delineate what is content and what is meta-data.”

He also said the team plans to create more mechanisms to handle incompatibilities as well as “allowing more things to be opt-in (say if you are comfortable with your meta-boxes showing in Gutenberg you could declare support for it, or vice versa.”

A new approach to rendering meta boxes without using iframes is currently underway. Riad Benguella has created a pull request that attempts to undo the iframes and implement a suggestion that Tom Nowell offered during the discussion:

Instead of loading Gutenberg on a settings page, lets load it into the main classic editors page, load metaboxes in their native environment, then hoist their container DOM node into a component via JS.

We then use a different kind of toggle to make sure the classic editor can still be used. This way:

– we avoid the iframe nonsense
– metaboxes work as they always have done as far as registration is concerned
– the existing JS works as expected, and no hacks are necessary to make things work on the PHP end

The new approach has the advantage of no problems with links, modals, duplicate stylesheets, and the other drawbacks to using iframes.

The Gutenberg Team Needs a New Communication Strategy

The discussion regarding the long-term viability of using iframes for meta boxes has highlighted a lack of a unified message or communication strategy among Gutenberg leads. Collaborators on the project have grown impatient with the community for not grasping the vision, but communication is scattered across various blogs, comments, Slack channels, and GitHub discussions.

Morten Rand-Hendriksen has opened a new issue requesting a centralized resource that can serve as a plain language outline of Gutenberg’s scope, direction, and goals.

“My observation is the community is struggling to see the wider scope of the Gutenberg project due to lack of a single authoritative plain language resource containing this information,” Rand-Hendriksen said. “This creates a high degree of speculation, miscommunication, and frustration from all parties and the project suffers as a consequence.”

Gutenberg does have a documentation hub, but so far those documents are more technical and lack a practical roadmap for how the team is aiming to accomplish its goals. The FAQ section of the current docs is the closest thing to the plain language resource that Rand-Hendriksen is requesting in his ticket. The readme.txt files for both Gutenberg’s GitHub repository and the plugin give the impression that the project is simply updating the current editor to be block-based, not overhauling the entire editor screen.

“Due to the fractured nature of this information it is challenging for anyone to get a clear picture of the entire project, and though Matias and Matt’s posts do a good job at explaining the grand vision of the project, they lack concrete plain language breakdowns of the essentials the community need to get a firm understanding of what this project is and where it’s headed,” Rand-Hendriksen said. “They also exist as independent satellites of information circling the project rather than core parts of the project itself.”

The community is chiming in on the GitHub issue with questions they would like to see answered in a more transparent plain language product roadmap. A document like this might help the Gutenberg team to better communicate the goals of the project and avoid sending mixed messages that cause unnecessary confusion.

Thoughts on Gutenberg

There has been lots of discussion about the new WordPress "Gutenberg" project. Some people love it, some hate it, and most WP users probably have no idea about it. And that's too bad, because it means many changes will be required for thousands of WordPress plugins and themes. We're talking about MANY collective work hours to make it happen, even in a best-case rollout scenario.


How to Track User Engagement in WordPress with Google Analytics

Are you properly tracking user engagement on your WordPress site? User engagement is one of the most important metric to track because it helps you strategically plan for growth. In this article, we will show you how to track user engagement in WordPress with Google Analytics.

Tracking User Engagement

Why Track User Engagement with Google Analytics

Generally, website owners consider traffic and pageviews as the most important indicators of their website’s performance. They assume that higher traffic will result into more conversions and sales.

While that is true, you can get even better results by tracking and optimizing user engagement.

User engagement shows you what users do when they arrive on your website. It helps you identify patterns of highly engaged user behavior which leads to more conversions and sales.

For example, you may realize that users visiting a specific page are 10X more likely to make a purchase vs any other visitor on your website. You can use this insight to redirect more user’s attention to that page.

To track user engagement on our websites, we use Google Analytics in combination with the popular MonsterInsights plugin.

If you haven’t already signed up for Google Analytics, then you can follow the instructions in our guide on how to install Google Analytics in WordPress.

Next, you need to install and activate the MonsterInsights plugin. We recommend getting the Pro plan of this plugin.

Now most people ask us why install a plugin, when you can just paste the Google Analytics script in the footer of the website.

The reason is that by simply pasting a link in the footer, you miss out on key user engagement data. You won’t know which outbound links are users clicking, which forms have the highest conversions, which products in your online store has the best conversions, which affiliate links or ads are getting the most clicks, etc.

MonsterInsights plugin automatically handles all of that and more for you. It automates the process of pasting different analytics code and event tracking scripts in the footer, so you don’t have to deal with the hassle of code and configuration.

Once you have setup Google Analytics with MonsterInsights, let’s take a look at how to track different user engagement metrics for your site.

1. Tracking Your Most Popular Content

The first thing you want to figure out is which blog posts and pages are the most popular amongst your users? These are the pages and posts on your website getting the most traffic.

Figuring out what your users like on your site can help you plan a content strategy that expands on what’s already working.

MonsterInsights makes it really simple. You just need to visit Insights » Reports page in your WordPress admin area.

You will find your most popular content under the ‘Top posts and pages’ section.

Most popular content

Next to it, you’ll also see your top traffic sources. This gives you a general idea of where your traffic is coming from.

On most websites, 90% of their traffic goes to 10% of the top pages. Once you find these top pages, you can optimize them for maximum conversions by adding content upgrades or targeted lead magnets on these posts.

We find that by adding content upgrades can help you boost your conversions by as high as 845%. Our founder Syed Balkhi has a blog post sharing the case study results.

2. Tracking How Users Engage with Forms on Your Website

Most websites rely on contact forms to collect user leads and feedback. Sadly most contact form plugins don’t give you accurate tracking and conversions data.

MonsterInsights lets you leverage Google Analytics’ events tracking feature to see how many times your forms are viewed and submitted.

To enable forms tracking, you need to visit Insights » Addons page. On this page, you will need to install and activate the Forms addon.

Install Forms Addon for MonsterInsights

Once you have activated the Forms addon, MonsterInsights will automatically start tracking all forms on your website.

It automatically works with popular contact form plugins like WPForms, Ninja Forms, Formidable, and others. MonsterInsights also track your website comment form, user registration forms, and more.

To see how your forms are doing, you will need to visit your Google Analytics account. In the Google Analytics dashboard, click on Behavior » Events » Overview page and then under ‘Event Category’ click on ‘form’.

Form tracking in Google Analytics

Next, you need to click on the ‘Event Label’ to see stats for different forms on your website.

Sort by form label

From there, you can click on any form to see your impressions and conversions.

Form impressions and conversions

3. Tracking Ecommerce Stores in Google Analytics

Google Analytics offer many features specifically for eCommerce websites. However these features are not turned on by default, and most users don’t even know that they exist.

Enhanced Ecommerce tracking lets you see shopping behavior, checkout behavior, product lists performance, sales performance, and so much more. The best part is that you can combine this data with your overall website traffic to gather better insights.

MonsterInsights eCommerce tracking for WordPress works with both WooCommerce and Easy Digital Downloads.

First, you will need to enable eCommerce tracking in Google Analytics. Head over to your Google Analytics account and switch to the admin page.

Google Analytics admin

Next, you need to click on the ‘Ecommerce Settings’.

Ecommerce settings

Now click the slider under the first step, Enable Ecommerce, to turn it on. You need to click on the Next Step button to continue.

Enable eCommerce tracking

We also recommend that you turn on the Enhanced Ecommerce settings.

Enhanced ecommerce

Once you are done, click on the submit button to store your settings.

Next, you need to switch to your WordPress admin area. Go to Insights » Addons page and install and activate the ‘Ecommerce Addon’.

MonsterInsights ecommerce addon

After that you can head over to Insights » Settings page and click on the tracking tab. Next, click on the Ecommerce section to continue.

Enhanced eCommerce tracking

On this tab, you need to check the box next to ‘Use Enhanced eCommerce’ and then click on ‘Save changes’ button to store your settings.

To view your ecommerce tracking reports, you need to visit your Google Analytics account and go to Conversions » Ecommerce page.

Ecommerce tracking

Here are a few powerful reports you get by enabling Enhanced eCommerce tracking on your store:

  • Shopping Behavior
  • Checkout Behavior
  • Product Lists Performance
  • Sales Performance

For more details on each of these reports, see this article on adding Google Analytics enhanced ecommerce to your website.

4. Tracking Who’s Clicking on Your Ads with Google Analytics

Many websites rely on ads to make money online while creating useful content. Advertising platforms like Google AdSense provide you some reports on ad impressions and clicks.

However, with MonsterInsights and Google Analytics you can actually see how users interact with ads on your site. You’ll be able to:

  • Track how many clicks each ad is receiving
  • Discover which ads your audience are ignoring
  • Identify the most effective ad placements
  • And more…

First you will need to visit Insights » Addons page on your WordPress site. Now install and activate the ‘Ads Tracking’ addon.

Ads tracking addon

Next, you need to integrate Google Analytics to your Google Adsense account.

Head over to your Google Analytics dashboard and click on the ‘Admin’ button located at the bottom left corner of the screen.

Switch to the Google Analytics Admin section

On the admin page, click on ‘AdSense linking’ under the property column.

Linking AdSense

Next, you need to click the +New AdSense Link button and then select AdSense property that you want to link with your Analytics property.

Select and link AdSense property

After that, click on the continue button to move forward.

Next, you need to select the Analytics view in which you want your AdSense data to be available. Once you select that click Enable Link and then click Done.

Adsense link setup

After you have configured everything in Google Analytics, you need to head over to your WordPress site and go to Insights » Settings page. Switch to the ‘Tracking’ tab and then click on the Ads section.

You need to Enable Google Adsense tracking in MonsterInsights.

Enable Adsense tracking in Google Analytics with MonsterInsights

To view your AdSense performance reports, go to your Google Analytics account and visit Behavior » Publisher page.

Adsense reports

The overview report gives you a high-level summary of key AdSense metrics. You can also find the Publisher Pages and Publisher Referrers report in Google Analytics.

5. Tracking Your Affiliate Links in Google Analytics

Most affiliate marketers use plugins to manage and cloak affiliate links. This makes your affiliate links look more user-friendly. Here is an example of a cloaked affiliate link:

MonsterInsights allows you to track those affiliate links in Google Analytics. This helps you figure out which affiliate products are doing well, which pages are generating more affiliate revenue, and more.

To enable Affiliate link tracking, you need to visit Insights » Settings page. Switch to the tracking tab and then click on ‘Affiliate links’ section.

Affiliate link tracking in MonsterInsights

First you need to enter the slug you use for your affiliate links. After that, you need to provide a label you would like to use for those links in your Google Analytics reports.

Next, click on the save changes button to store your settings.

MonsterInsights lets you track affiliate clicks as events in Google Analytics.

To find an overview of your affiliate link clicks report, you can go to Behavior » Events » Overview page. Your affiliate link clicks will be shown with the label you chose earlier.

Affiliate link reports

For more detailed instructions, see our guide on how to track outbound links in WordPress.

Note: most WordPress affiliate plugins may promise to give you link stats. We have found most of those stats to be highly inaccurate because most WordPress based analytics tracking breaks due to caching. Google Analytics is the only way to properly track analytics.

6. Tracking Bounce Rate in Google Analytics

Bounce rate is the percentage of users who land on your website and decide to leave without going to a second page.

To check your website’s bounce rate, you need to login to your Google Analytics dashboard and then go to Audience » Overview page.

Checking bounce rate in Google Analytics

Want to see an individual page’s bounce rate? Head over to Behavior » Site Content » All Pages to see all pages from your website.

Checking bounce rate for individual pages

You can sort the pages by higher or lower bounce rate to see which pages are not performing.

Higher bounce rate indicates that you were unable to convince the user to visit other pages. Users can leave your website by clicking on the back button in their browser, clicking on an outgoing link, or by closing the window.

Bounce rates are completely normal. However higher bounce rates indicate problems with your website affecting user experience and causing low conversions / engagement.

What should be the acceptable bounce rate for your website?

Here is a general breakdown of bounce rate from good to bad.

An excellent bounce rate is between 30% and 50%. However, most websites fall between 50% and 70% bounce rate which is an acceptable average. Bounce rates higher than 70% are considered poor for most websites.

Not all websites are the same which means average bounce rate vary depending on different kind of websites.

Take a look at the chart below to see an average bounce rate by industry:

Bounce rate average by industry

For more on this topic, see this article with tips to reduce bounce rate on your website.

7. Tracking Time Spent on Your Website

Another indicator that shows user engagement is session duration or time users spend on your site.

If users are abandoning your site without spending enough time to look at it, then something is wrong that needs to be fixed.

Google Analytics can show you the average time users spend on your site per session. Simply go to Audience » Overview page, and you will see it among other stats.

Average time spend per session

It can also show you how much time users spend when viewing individual pages. You can check it by visiting Behavior » Site Content » All Pages page in Google Analytics.

Time spent on individual pages

To learn how to improve session durations, take a look at this article with practical tips to increase time users spend on your website.

8. Tracking Page Views Per Visit with Google Analytics

Page views per visit is another great indicator of how engaged your users are. More page views per session also increases time users spend on your site and decreases bounce rates.

Google Analytics will show you the total page views for a given period on Audience » Overview page. However, to track user engagement you also want to see page views per session.

Tracking page views in Google Analytics

You can also break down page views per session by source and channel by visiting Acquisation » All Traffic » Channels page.

Pages per session by channel

This helps you see which traffic channels are converting the best for your website, so you can focus your efforts on areas that are actually driving results.

We hope this article helped you track user engagement in WordPress with Google Analytics. You may also want to see our ultimate step by step WordPress SEO guide and email marketing 101 guide for beginners.

If you liked this article, then please subscribe to our YouTube Channel for WordPress video tutorials. You can also find us on Twitter and Facebook.

The post How to Track User Engagement in WordPress with Google Analytics appeared first on WPBeginner.

New WordPress Security Plugin: Host Header Injection Fix

[ HHIF (Host Header Injection Fix) ] Since version 2.3, WordPress has been vulnerable to a Host Header Injection attack in certain server environments. Over the years, there has been some discussion about fixing the vulnerability, but as of WP 4.9 (beta) nothing has been implemented. So to help those in the WP community who may be concerned (including myself), I developed a new security plugin that fixes the issue: Host Header Injection Fix (HHIF).

“Set it and forget it” security fix

How it works

The HHIF plugin enables you to choose the “From”, “Name”, and “Return-Path” headers for all WP notification emails. In doing so, it fixes a long-standing security vulnerability, whereby an attacker can intercept sensitive email notifications (like password reset, user registration, et al). More specifically, this simple plugin does three things:

  1. Sets custom From, Name, and Return-Path for WP notifications
  2. Fixes a security vulnerability in sending WP notifications
  3. Fixes a bug where invalid email addresses may be generated

To accomplish this, the plugin provides the following options:

  • Disable fix and let WordPress decide
  • Use “Email Address” from WP General Settings
  • Use a custom name and address

Plus there is an option to use the specified From address as the Return-Path header.

Here is a screenshot to give you a better idea:

[ HHIF Settings ]

As you can see, the plugin is very simple. Install, activate, choose your “fix”, and done. From there, you can relax knowing that your site no longer is vulnerable to the lingering host-header injection attack. HHIF works silently behind the scenes to make sure all WP email notifications are safe and secure.


The security issue fixed by this plugin has been known about since way back in WordPress version 2.3. There has been some talk about fixing, but nothing has been implemented. While the issue does not affect all sites, it does affect a good percentage of them, including some of my own projects. So, not wanting to get hacked, I decided to write my own solution. Hopefully this issue gets fixed in a future version of WordPress, and this plugin will become unnecessary.

As a bonus, setting an explicit From address resolves a long-standing bug whereby an invalid email address is generated under the following conditions:

  • A “From” address is not set,
  • And the $_SERVER['SERVER_NAME'] is empty

So by explicitly setting a “From” address, we prevent this bug from happening.

More infos

What is the security issue addressed by this plugin? Follows is a quick summary. To learn more in-depth, check out the resources linked in the next section.

  • WP uses $_SERVER['SERVER_NAME'] to set the “From” header in email notifications
  • This includes sensitive email notifications like password resets and user registration
  • In some cases, an attacker could modify the “From” header and intercept the email
  • Using the intercepted email, an attacker could gain access to your site

Again, this security vulnerability is well-known and has been around for a looong time. To learn more, check out these articles:

To learn more about the plugin and download, check out Host Header Injection Fix at the WordPress Plugin Directory.

Tip: If installing the plugin from inside of the WP Admin Area, try searching for “HHIF”, should be the first result :)

Concept: A Developer Dashboard

One of the ideas that came from WCEU was a centralized dashboard for plugin developers. A place they could go to see all their plugins, and the current status on these plugins. What follows is concept art of what that kind of dashboard may look like.

This is something I dreamed up in Nacin’s talk about the government. This idea has no code backing behind it.

So why am I posting it? I’d like to hear people’s thoughts on this. What do you think would work or won’t work? Too much automation or not enough? Do you actually already HAVE this code written and want to share? Here is a zip of the Balsamiq Mockup: – You know the drill. Edits welcome!

Concept Art


  • Make a centralized location for developers to manage their plugins

That’s really it. Making this public means a question of moving the ‘advanced’ tab to this page, and would it be duplicating data unnecessarily? In a way, it would move the developer page here as well, leaving only that which is controlled by the readme left on the readme. But then again, jumping between urls could be a mess. I don’t know. That’s why it’s a concept.

Also it should be easier for a developer to contact the plugin team when they have issues. And yes, the communication would be public, unless a comment is flagged as ‘security.’ Again, no code at all exists to make this a reality.

What’s Missing

There’s no contact form for a closed plugin. There should be. But this is really just concept art and starting to get an idea of what may work.

There’s also a dearth of data on the main dashboard page. That could lift from plugins like WP Dev Dashboard or WP Developers Homepage to fill in data. That’s the same general concept of what we’d want on the Support page (which you’ll notice is also left missing).

Misc. Thoughts

One of the stated goals we have is to allow everyone to leave a review on a plugin, with regards to the reviews before approval. In doing so, those reviews and all discussions about a plugin would need to be public. This is not necessarily a bad thing, though it will lead to some developers thinking long and hard about how they address issues in public. My concerns are that people who continually make the same error or neglect to fix something will be publicly embarrassed, but also that a free-for-all with reviews would lead to developers not wanting to host code here due to public backlash.

However, it’s been pointed out to me that coddling developers as much as we do may be causing them more harm in the long run. We do spend an inordinate amount of time hand-holding people who don’t want to take the time to read and think through a debugging process. Certainly we don’t mind helping out people who are brand new, or who aren’t native English speakers. But they’re vastly the minority of people who act the goat in our emails. And generally, they’re very respectful and nice.

Right now, my gut feeling is that there should still be a private way to talk about security issues.

But behavioural ones? They can be handled in public. It may stop people from some of the name-calling.

Gutenberg Contributors Discuss the Drawbacks of Using iframes for Meta Boxes

photo credit: Closed square box, variation(license)

A lively and productive discussion regarding Gutenberg’s use of iframes for meta boxes is happening on GitHub. Yesterday, WordPress developer Kevin Hoffman created an issue titled “Are iframes a viable long-term solution for meta boxes?

Gutenberg 1.5 introduced initial support for meta boxes. Hoffman identified several issues with iframes that have been popping up as developers have begun testing the current meta box implementation. He did some performance testing that revealed Gutenberg’s use of iframes triples the number of asset requests, as it enqueues all of the CSS and JS assets in the parent window as well as in all the iframes.

image credit: Kevin Hoffman

“Generally speaking, iframes have been discouraged in web development for many years for reasons that are well-documented,” Hoffman said, before citing a litany of issues that plugin developers have already discovered in testing Gutenberg’s meta box support. “Can these issues be addressed without requiring modification of the theme or plugin that generates the meta box? We have to consider that third-party code that has powered meta boxes for years may not have the luxury of being updated in order to be compatible within an iframe.”

Gutenberg design lead Tammie Lister responded to Hoffman’s concerns, indicating that the current implementation of meta boxes is simply an experiment and not necessarily what would land in WordPress 5.0:

It’s good to think a little that what we have today for meta boxes in Gutenberg is an experiment, in many respects it’s a holding pattern as the project works out the direction to take. In saying that it’s one that works ‘for now’ but isn’t what we would ship with.

All the above said, I think it’s important to look at what in the future metaboxes will be used for. What are the cases (if any) that would not be converted to blocks? Do all metaboxes have to work on mobile? Is there even an alternative interface that we haven’t explored? I bet there is. Right now, it’s about looking at those possibilities and getting on a road that works for the state right now and the future state.

The presentation of this implementation as an experiment that “works for now” (but would not be shipped) comes as a surprise after Gutenberg 1.5 arrived with the announcement that “this release includes long awaited meta-boxes support (needs testing!)”

Hoffman contends that the iframe approach doesn’t even work ‘for now,’ as the issue was opened in order to cite several major ways where it is broken. If Gutenberg moves forward with the current approach, it would require many plugins to be modified in order to be compatible with WordPress 5.0, which Hoffman said would defeat the whole purpose of supporting legacy meta boxes.

“I have not seen any evidence to date that suggests meta boxes will continue working with Gutenberg,” Hoffman said. “If the answer is no, then we ought to stop pretending that 5.0 will be just another WordPress release and start being honest about breaking backwards compatibility.”

Edwin Cromley, a collaborator on the project, said that the team anticipates that certain themes and plugins will be broken and that it is not possible to accommodate every possible use case. He admitted that the iframe solution may not meet the project’s goals. Instead, he advocates creating the best experience for the vast majority of users.

However, the current approach would adversely affect many sites out there that use WordPress primarily as a CMS with meta boxes. WordPress core committer Scott Taylor expressed concerns about custom post types, many of which do not make use of the traditional “content” section in favor of meta boxes only.

“In this current iteration, meta box support is an add-on, when in many people’s reality, meta boxes ARE the UI, the API, the mechanism they use to compose their CMS,” Taylor said. “iframes are the gulag.

“And we are forgetting the values WP has been built on forever: I should be able to update to the latest version of WP, and have to rewrite nothing. I have so many projects in the wild on WP that I will never touch again. Can I be confident that some of them won’t break wildly with this change?”

Hoffman advocated scaling back the scope of the project to focus on the editor component, a popular opinion that many plugin developers share and one that was illustrated in detail in Yoast’s post proposing an alternative approach to Gutenberg. This approach stages out the changes to the edit screen, giving developers more time to update their plugins, as well as allowing the Gutenberg team to find an adequate solution for meta boxes.

“I think that goal would be a lot more achievable if Gutenberg stuck to overhauling the editor rather than taking over the entire page,” Hoffman said. “Then we could leave the existing hooks in place and meta boxes could continue to communicate with each other as they do now. Also, asset enqueuing would be a non-issue since it would work as it does today.

“I’m in strong agreement with this concept put forth by Yoast, which seems to me like it would maintain much of the work already done while scaling back the scope of the project to focus on the editor component.”

Gutenberg engineer Riad Benguella indicated the team is not too keen on working towards this concept.

“Reusing Gutenberg pieces to build this concept is relatively doable, but this is not the UX we want to optimize for, we want to build the best possible editor first and make it available for people without backwards compatibility concerns (fresh installs, no metaboxes…),” Benguella said.

“When we think the ideal vision of Gutenberg is ready to ship, we’ll have time to discuss upgrade path strategies, a concept like this one is an option for an upgrade path, but definitely not as the final product. Other upgrade paths are also possible.”

The WordPress developer community is not, however, in favor of delaying this discussion once again. Many are eager to finally answer the question of how meta boxes will fit into the context of the Gutenberg editor so they know how to prepare. Given the numerous issues with the iframes approach, rendering legacy PHP meta boxes under the new editor will require more experimentation and possibly an alternative solution.

“Why devote thousands of hours into developing the ideal editor if it cannot be made compatible with existing sites?” Hoffman said. “If the first impression is that it breaks the UI they depend on, users will never experience the ideal editor in the first place.”

“I think it may be a mistake to put this off too far,” WordPress core committer Aaron Jorbin said. “Especially since many organizations are going to need at least 1-2 quarters to prepare.”

Mark Kaplun suggests the Gutenberg team use a popular plugin as a gauge for the success of current and future meta box support experiments.

“My productive suggestion, is to not declare meta boxes ready, as long as Yoast SEO does not properly work in it,” Kaplun said. “It is both slightly complex in terms of interactions and it is installed on shit loads of sites. If Gutenberg cannot work with it, probably no one is going to use it.”

Greg Schoppe, who has tested and written extensively on Gutenberg’s ongoing development, joined the conversation to advocate for Yoast’s alternative approach to the project as well.

“I highly support Yoast’s view of Gutenberg,” Schoppe said. “It is unclear to me how ‘upgrade the visual editor’ was reinterpreted to be ‘replace the entire post edit interface’ by the Gutenberg team, but it seems directly at odds with the so-called ‘Ship of Theseus.’

“In this case, the lack of clear direction and support for the existing standard workflows is actively hurting developers now. How can I move forward building a project, without a trusted set of hooks and tools that I can rely on? It is unconscionable to think that such a large software project would entirely upend the standard workflow for developers in a single update. and it is insane that these conversations are just happening now, in November, when the plan is to have a merge approved at the beginning of the year.”

The discussion regarding the iframes approach to meta boxes was opened yesterday is still relatively new, but so far the Gutenberg team’s responses have failed to adequately address the concerns of the developer community in this thread. Finding an approach to meta boxes that preserves WordPress’ powerful CMS capabilities, without alienating users and developers, is one of the Gutenberg team’s greatest challenges. They are still aiming at producing a merge proposal early next year, but with meta boxes still in the experimentation stage, the team’s anticipated timetable continues to put the project at odds with the WordPress developer community.

Ask Yoast: how to get sitelinks

As a site owner, you want to come across as an authoritative result, as well as stand out in the search results. Even if you’re already ranking nr. 1. Sitelinks can help you achieve that. These links appear under the main search result, highlighting subpages of a website. Sitelinks can push down the pages of your competitors on the results pages, and provide potential visitors more options to navigate to your site and find what they’re looking for. Of course, this could be beneficial to your traffic. You’ve probably seen sitelinks in the search result pages at some point, but how do you get Google to add them to your site? As it happens, getting sitelinks isn’t for just anyone. In this Ask Yoast, we’ll get into that.

Optimize your site for search & social media and keep it optimized with Yoast SEO Premium »

Yoast SEO: the #1 WordPress SEO plugin Info

Sergiu Tere sent us this question:

I see that some sites have sitelinks, but not from Google AdWords. How do they do that?

Watch the video or read the transcript further down the page for my answer!

Getting sitelinks

 Well, it’s very easy. Sitelinks are given to you. It’s not something that you can put in somewhere. Google will give you site links if it thinks you are very ‘authoritative’ for that query, so if you’re a very important result for that query. In that case, it will add site links from your site, based on how people browse your site and how they use your site.

So, it’s not something that you can change; it’s not something that you can opt in for, it’s not something that you can do specific SEO for. You just have to become very important for that specific query.
Good luck!

Ask Yoast

In the series Ask Yoast we answer SEO questions from our readers. Have an SEO-related question? Let us help you out! Send an email to
(note: please check our blog and knowledge base first, the answer to your question may already be out there! For urgent questions, for example about our plugin not working properly, we’d like to refer you to our support page.)

Read more: ‘Google’s sitelinks searchbox & Yoast’ »

The post Ask Yoast: how to get sitelinks appeared first on Yoast.

How to Find Leads for a WordPress Development Company?

In order to grow as a professional WordPress developer, you have to work with businesses that believe in expert development and value the long-term results. More often than not, business owners are fooled by the media and marketing collateral online explaining how easy development is, solutions sold for $20 – $100 or site builders that would supposedly “revolutionize your business online”.

Here are some tips that would steadily grow your value and bring some business to you.

1. Perfect Your Skills

When I switched to full-time freelancing, I’ve already had a 5-year technical college degree, 4 years of full-time development experience and various pet projects, small gigs for clients and several websites that we’ve launched as side projects.

Sadly, that was not enough. I’ve realized that I had so much more to learn – not only everything around marketing, sales, management, client negotiations, accounting, legal and other areas of running a business, but from a technical standpoint as well.

I’ve struggled for a while and took me another couple of years or so building several large platforms until I got confident and truly experienced in my craft. Nowadays, I can solve a large set of problems 5–15 times faster than what I was able to accomplish when I’ve started. Given that I’ve been working on over 100 open source projects, clients can roughly relate that to the tens of thousands of programming hours spent to date:

Becoming proficient in your field is important in order to offer professional services to your clients. Spend more time programming and solving real problems in different environments – such as learning stored procedures for database engines, familiarize yourself with different frameworks, understand how ORMs work behind the scenes and how the platform interacts with the underlying layers (the operating systems, interoperability between different servers, computer resources, data layers etc.)

When your expertise covers a large set of components, you will face fewer challenges when building solutions, be able to solve more problems in a shorter amount of time, and charge properly for your services.

2. Build Your Portfolio

Prospects want to see sample results and solutions that relate to their needs. An online portfolio is required in order to showcase your skills and understanding in both web development, and solving business problems.

Reach out to previous clients and ask whether you can feature their websites in your portfolio. Some may disagree but others would be open to receiving an extra link and promotion to their businesses.

Also, work on side projects for your friends and family or other activities related to tools that you would use yourself. A simple project or task management app, a time tracker or a simple clone of an existing system would be worth listing in your portfolio and improve your skills at the same time.

3. Sign Up For Freelance Networks

Some folks passionately say that freelance networks don’t work. Back in 2011, I’ve landed a 6-figure project from Upwork that started as a batch of changes, a slight rebuild of the front-end layer, and a few refactoring tasks for existing plugins. It turned out that the client owned a reputable marketing agency and was looking for a dedicated team that would provide ongoing services and building some of the most outstanding projects that we’ve created to date.

While competition is tough and there are plenty of folks who would underbid big time, you can land some gigs on the way, generate some 5-star reviews, and increase your hourly rates as well. On top of that you can test different client pitches and proposals and see what works better in your case.

Also, there are certain professional freelance networks like – #1 outsourcing service for WordPress that pay $60/hr for development work after carefully vetting talent. That’s not the only network out there looking for experts and once you refine your skills and build your portfolio, this is a viable business opportunity for web development online.

4. Start a Pet Project

I’ve started Offer Calc as a pet project

Is there a tool or a service that you would definitely use and doesn’t exist online with the feature set that you would use yourself?

Building and maintaining a pet project is one of my favorite tips of advice I share with my students and junior programmers. Starting something from scratch that you’re passionate about and would develop as a real-world product will teach you a lot. It requires perseverance and maintaining a codebase over the course of years.

Once you launch the product, some users may hook up and start interacting with your platform. Now you will still need to maintain your product and add additional features without breaking the live platform and ruin the experience of your peers. This would help out with refining your skills and learn about backward compatibility, increase your exposure in the industry, and add something massive to your portfolio.

5. Contact Small Businesses in Your Area

There are plenty of small businesses in your area that may need a new web platform, a redesign, or a small project that would automate areas in their business. Find some peers or talk to managers at the places that you go to – coffee shops, restaurants, stores.

A local offline store may be looking for increasing their exposure online or start selling through eCommerce. Engage in friendly conversations and see if there’s a match for potential business partnerships. I’ve tested that numerous times and occasionally there’s a good opportunity ahead.

6. Specialize in a Given Niche

Being a niche expert is invaluable and can position you higher than other generalist fellows who offer web development services in your area.

Niche expertise can branch out into two different areas:

  1. Building expertise in a technical niche (a platform or so)
  2. Providing expert consulting for a certain business vertical

The first group focuses on profiling in a certain framework or toolset. Specializing in Laravel would let you provide “generic” solutions for people who simply look for a website but you will rank higher for prospects who search for Laravel professionals in particular.

If you tackle web solutions on top of a popular platform such as WordPress, there are large plugin communities that require building extensions or scale platforms using said plugins. Good examples are WooCommerce, Easy Digital Downloads, Gravity Forms, LearnDash and other powerful plugins.

We work with businesses that specialize in extension development and building high-scale platforms leveraging these plugins. If a customer is looking to power a massive online shop, they will prioritize WooCommerce developers higher than WordPress developers given their niche expertise.

The second element is specializing in a given business vertical – such as building several solid projects for lawyers, dentists, coffee shops or any other niche. Adding several projects in a given vertical to your portfolio would bring you closer during sales negotiations and showcase expertise in the business.

7. Attend Local Events

Local meetups and conferences often gather other industry experts or customers in a need of web development solutions.

This includes development conferences and business events. The first group may help you learn more about the latest technological trends or find agencies that are looking for talent. The second group would solely focus on specific business problems that you may be capable of solving – and charging for the service.

8. Focus On Building Your Brand Online

There are tens of millions of web developers out there. What makes you special?

Finding the right web developer or an agency for a business is a challenging task for clients as well. Some of them rely on word of mouth, others browse freelance networks, search for recommendations online, look for practical advice in blogs, or look within their local community.

Working on your brand online through content marketing, guest posting, maintaining a GitHub portfolio of open source code, engaging in community conversations, sharing insights on social networks and participating in different groups will grow your network and help out with promotion and organic traffic back to your website.

It will also build credibility for prospects who want to do a background check and make sure that you’re “legit” before initiating a business conversation with you. Reputable developers have a lot to lose unless they provide outstanding quality and clients know that.

9. Contact Agencies For Outsourcing Opportunities

Small agencies are often looking for outsourcing opportunities when they are overloaded with incoming leads. Hiring someone in-house is time-consuming and takes a while for onboarding and proper initial training. It’s not feasible when you get 10 potential gigs in your inbox asking for quotes and the ability to handle the workload given enough manpower.

Freelancers are a good “way out” in terms of complimenting the agency’s services for a while, or building a business relationship for a specific set of skills (such as the niche experience mentioned above).

You can do some targeted email outreach to local agencies or developers that you’ve interacted with online. Moreover, those folks often attend local events and join the “after party” dinners.

10. Reach Out to Larger Businesses

Once you’ve gained enough expertise and built some smaller projects on the way, you can contact larger businesses. Some are looking for side projects that would automate internal processes or showcase a certain niche service that they offer. Others may look for long-term work and maintenance on their existing infrastructure.

The more online exposure and the larger your portfolio, the easier would it be to work with larger businesses or even reach the enterprise-grade corporations.

11. Partner Up With Other Freelancers And Agencies

In addition to asking agencies for their immediate needs, consider partnership opportunities with smaller agencies and other freelancers.

If you profile in a certain niche, it’s likely that you lack skills in other areas – such as web design, SEO, marketing, server management or something else. Finding other peers who can deliver the work around your skill set would help you land larger projects, share work with your inner circle, and land larger and more lucrative projects that would require long-term maintenance and development.

As long as you’re persistent and work hard, it’s all about refining your experience and building your portfolio. The longer you profile in your field, the easier would it be to pitch businesses and receive referrals from happy clients.

The post How to Find Leads for a WordPress Development Company? appeared first on Mario Peshev.

WordPress 4.8.3, A Security Release Six Weeks in the Making

WordPress 4.8.3 is available and is a security release for 4.8.2 and all previous versions. This release addresses an issue with $wpdb->prepare() that could lead to a potential SQL injection. While WordPress core is not vulnerable, hardening has been added to prevent plugins and themes from inadvertently causing a vulnerability.

If you’re experiencing a bit of déjà vu, it’s because WordPress 4.8.2 attempted to solve the same problem. According to Anthony Ferrara who reported and disclosed the vulnerability, the patch in 4.8.2 didn’t solve the underlying problem and broke many sites.

Ferrara says he reported the issue immediately after 4.8.2 was released and was ignored by the WordPress security team for several weeks.

“When I got the attention of the team, they wanted to fix a subset of the issue I reported,” he said. “It became clear to me that releasing a partial fix was worse than no fix (for many reasons). So I decided the only way to make the team realize the full extent was to Full Disclosure the issue.”

Full Disclosure is the process of publicly sharing technical details of a vulnerability so that the public knows the same amount of information about it as hackers. The threat of full disclosure is typically used to pressure businesses and software creators to act swiftly and release patches as soon as possible.

On October 26th, Ferrara used his Twitter account to notify the public that WordPress contained a serious SQLi vulnerability and that because he lacked confidence in the team, fully disclosing it was his only option. His message was retweeted 562 times and liked by 484 people.

The amount of publicity his Tweet received had an impact as on October 27th, Ferrara reported that constructive discussions resumed with the team and that he would delay the disclosure until October 31st.

On October 27th, Ferrara spoke to a member of the WordPress security team who provided a fresh set of eyes to the problem, “A security team member who hadn’t yet participated in the thread went back to the beginning of the thread and re-read every post,” he said.

“He (correctly I may add) summarized the entirety of the issues, as well as asked a few clarifying questions. He also asked for a little more time but gave me a target of Tuesday, October 31st so it wasn’t wide open. This was the response I was looking for the entire time.”

Both parties collaborated on a patch that fixed the issue and WordPress 4.8.3 was released. Although his experience started out frustrating, Ferrara is hopeful that the team will do better with future reports.

“I get that there are competing priorities,” he said. “But show attention. Show that you’ve read what’s written. And if someone tells you it seems like you don’t understand something, stop and get clarification. And ask for help. Overall, I hope the WP security team moves forward from this. I do honestly see hope.”

Aaron Campbell, WordPress Security Team Lead, says that although there were some rough patches in working with Ferrara, they were able to work together to get a fix released in the end. While the threat of full disclosure didn’t have a huge impact on getting the vulnerability patched, it may have been the catalyst to get a new person involved in the process.

“A threat of disclosure certainly adds pressure and possibly stress, but doesn’t actually change the overall equation that much.” Campbell said. “An issue isn’t more severe because it’s going to be disclosed, but it can become more rushed (meaning a higher likelihood of mistakes).

In this case, I actually think the threat of disclosure ended up coinciding with one of the people from our security team joining in to help out. The new person was much better at communicating with Anthony, and it really turned things around.”

In the official release post, the WordPress Security Team thanked Ferrara for practicing Responsible Disclosure. This generated some conversation on Twitter on whether responsible disclosure should be renamed to coordinated disclosure.

“I’m not sure I know what the terminology change would be aiming to accomplish,” Campbell said. “I do see that some places use this particular phrasing, but honestly I don’t see how it conveys anything that’s not already generally understood with responsible disclosure.”

Users are encouraged to update their sites to 4.8.3 as soon as possible. Since this release changes the behavior of esc_sql(), developers are highly encouraged to read this dev note on the Make WordPress Core site.

How to Fix Destination Folder Already Exists Error in WordPress

Are you seeing ‘Destination folder already exists’ error in WordPress? This error usually occurs during the installation of a theme or a plugin which prevents you from finishing the installation process. In this article, we will show you how to fix destination folder already exists error in WordPress.

 How to Fix Destination Folder Already Exists Error in WordPress

What Causes Destination Folder Already Exists Error in WordPress?

This error occurs when you are trying to install a WordPress theme or plugin. WordPress extracts your plugin or theme’s zip file into a folder named after the file itself.

If a folder with the same name already exists, then WordPress aborts the installation with the following error message:

Destination folder already exists. /home/user/

Plugin install failed.

Destination folder already exists error

The first thing that you should do is visit your themes or plugins page to see if you have it already installed on your site.

If it isn’t already installed, then this could mean two things:

1. A previous attempt to delete the plugin or theme didn’t succeed, and it left the plugin / theme folder behind.

2. A previous installation attempt was interrupted and left an empty destination folder.

In either case, there is a folder with the same name as the theme or plugin you are trying to install. This folder is stopping WordPress from completing the installation.

That being said, let’s take a look at how to easily solve destination folder already exists error in WordPress.

Fixing Destination Folder Already Exists Error in WordPress

First you will need to connect to your WordPress site using an FTP client or cPanel File Manager.

Once connected, you need to go to the /wp-content/plugins/ or /wp-content/themes/ folder (depending on what you were trying to install).

Now, look for the folder named after the plugin or theme that you were trying to install and then delete it.

Delete folder

You can now go back to your WordPress admin area and retry installing the plugin or theme like you would normally do.

You should be able to install your WordPress plugin or theme without any error.

We hope this article helped you learn how to easily fix destination folder already exists error in WordPress. You may also want to see our ultimate list of the most common WordPress errors and how to fix them.

If you liked this article, then please subscribe to our YouTube Channel for WordPress video tutorials. You can also find us on Twitter and Facebook.

The post How to Fix Destination Folder Already Exists Error in WordPress appeared first on WPBeginner.

Gutenberg: Concepts for integrating Yoast SEO

Gutenberg is the new editing experience coming to WordPress. We’ve talked about it before. While we have some hesitations, we do see Gutenberg as a major step forward and are thinking about how we will integrate Yoast SEO into Gutenberg. In this post, we’ll share some of the ideas we’re excited about.

Gutenberg introduces new concepts, like blocks, and new places where we could potentially integrate. The premise behind our integration is that we need to give you feedback as soon as we can, in the right spot. Feedback is most helpful when you can actually do something with it immediately.

Inline is where it’s happening

We started by breaking down all our features, and seeing where we could integrate them into Gutenberg. We don’t think holding on to a single, massive box below the editor will best serve our customers. We’d much rather integrate right where the action happens, and Gutenberg offers us that chance. Let’s take a closer look at what we mean.

For instance, if you don’t fill out an alt text for an image you included, we don’t want to show that bullet point way down below in our metabox, in a long list of possible improvements. No, we want to show it to you right below the field where you can input the alt text.

Same for the featured image. Say you upload an image that is too small for Facebook to accept – you don’t want to have to find out about that when the whole post is finished, and you happen to wander into our social media preview editor. No, we tell you right then and there.

Connecting cause and effect

By working inline as much as we can, we’ll create a tighter connection between what you do and what effect that has on SEO. You’ll get actionable feedback in context. You don’t have to scroll down to a meta box to see the advice and scroll up again to the place where you should implement it. If we give feedback per block, you will get a better understanding of all the factors that influence SEO. And you’ll be able to anticipate them in advance once you’ve been working this way for a while.

Here’s another example: our primary category selection, of course, will be right there in the categories meta box.

The primary category, from Yoast SEO, integrated into Gutenberg

And another: the readability analysis, at the block level – just another section in the paragraph block settings, naturally.

The concept of blocks, in general, will allow us to give much more fine-grained feedback. For instance, you won’t have to look for the best place to add a link; we can scan all the blocks for you and let you know exactly which one is best for a certain link. Link suggestions don’t even have to live in a separate meta box. We can just insert them in the inline suggestions that the link UI offers.

Internal linking suggestion in the link popup

But what if we dream a little bigger?

Some people are working on bringing collaboration to Gutenberg. If it pans out, you won’t need Google Docs or something else to draft articles and leave editorial feedback; you can do it all from within WordPress. Of course, an essential part of a collaborative workflow is a commenting system. But we’d like to think that not all comments have to come from humans, per se.

Something we’ve been exploring is adding our SEO and readability feedback as comments to text. That would put our biggest feature inline as well, right where you need it. You can immediately identify problem areas, respond to feedback with your own comments, or dismiss the ones you don’t want to fix. It becomes an interactive and fun process. We won’t have to use sweeping statements like “50% of your sentences are too long”, no, we can break it down for you block per block.

We know you may not always want instant feedback on every word you type, so you could filter out the comments that Yoast SEO generates. This way, you can keep the writing and editing processes separate.

Working off of that idea, we might even build a full SEO mode into Gutenberg. What it will do exactly is something we are still thinking about, but it could take the shape of a site-wide wizard that guides you through all the relevant SEO optimization steps in an actionable and customizable way. More on that soon.

Yoast SEO + Gutenberg = ?

Gutenberg offers lots of opportunities to take our plugins to the next level. The great thing is: all WordPress plugin developers will be able to do that too. It’s a brave new frontier for all of us, and we’re very much looking forward to it!

What sort of features would you love to see us make for Gutenberg, or for an SEO mode in general? Let us know in the comments.

The post Gutenberg: Concepts for integrating Yoast SEO appeared first on Yoast.

How to Properly Move WordPress From Subdomain to Root Domain

Do you want to move a WordPress site from subdomain to root domain? The process is fairly easy to follow, and there is a way to save your SEO rankings as well. In this article, we will show you how to easily move WordPress from subdomain to root domain with step by step instructions.

Moving a WordPress site from subdomain to root domain

Transferring WordPress from Subdomain to Root Domain

A subdomain is an extension of your root domain name. For example, is a subdomain of In this case, is the root domain.

Search engines consider subdomain to be a totally different website. This is why you need to make sure that you properly redirect search engines to the root domain after the transfer. This will help you preserve search rankings after moving your website.

Unlike moving a WordPress site to new host or a new domain name, moving a site to root domain is a bit easier.

Primarily because both are usually hosted with the same web hosting company. This allows you to skip a few steps.

Let’s take a look at how to move a WordPress site from subdomain to root domain.

Step 1. Create a Complete Backup of Your Website

You should always keep a backup solution installed on your website for automated backups. There are plenty of WordPress backup plugins that you can use to keep your WordPress content safe.

Now if you already have a backup plugin installed, then you may be thinking that you can skip this step.

This step is to remind you that even if you have automated backups of your website, you still need to create a complete backup of your site. This includes a database backup as well as a backup of all your WordPress files and folders.

Once you have created a complete backup, make sure that you store it on a remote location or on your computer.

Step 2. Moving Your WordPress Files From Subdomain to Root Folder

First you need to connect to your website using a FTP client or cPanel’s file manager. Once connected, go to your subfolder location and download all your WordPress files to your computer.

Download WordPress files

Next, open the public_html folder of your root domain. Depending on how your WordPress hosting environment is setup, this folder could also be named www or after your domain name.

Now, you need to upload all WordPress files you downloaded earlier to the root directory.

Upload WordPress files to root domain

Step 3. Change WordPress URL and Site URL Settings

Once you move the WordPress files, you will not be able to access the WordPress admin area on the root domain. Trying to login to the root website will send you back to the subdomain website’s admin area.

To fix this, switch to the FTP client and go to the root directory of your domain name. Next, you need to edit the wp-config.php file and add the following lines just before the line ‘That’s all, stop editing! Happy blogging’.


Don’t forget to replace with your own domain name. If you want your root website to use www then you will need to enter the URLs with www prefix.

Save your changes and upload the wp-config.php file back to your website.

You can now visit your WordPress site’s admin area on the root domain name.

Step 4. Update URLs

Your WordPress site has moved to the root domain, but there will be links inside your WordPress database pointing to the subdomain.

Let’s fix that.

You will need to install and activate the Velvet Blues Update URLs plugin. For more details, see our step by step guide on how to install a WordPress plugin.

Upon activation, you need to visit Tools » Update URLs page.

Update URLs

On this page, you need to enter your subdomain url next to the Old URL option and add your root domain as the new URL. Next, under the ‘Choose which URLs should be updated’ area, you need to check all options except ‘All GUIDs’.

Once you are done, click on the ‘Update URLs Now’ button to continue.

The plugin will now update all URLs in your WordPress database. This may take some time. Once finished, you will see a success message.

Step 5. Redirect All Subdomain Traffic to The Root Domain

Now that you have moved WordPress files, let’s make sure that your subdomain traffic is redirected to the root domain name.

Go to your subdomain folder and make sure that hidden files are forced to be visible.

Your FTP client settings have an option to always show hidden files. In FileZilla, it is located under ‘Server > Force Showing Hidden Files’ option.

Show hidden files

If you are using cPanel File Manager, then click on the Settings button at the top right corner of the screen. This will bring up the preferences popup. You need to select ‘Show hidden files’ and then click on the save button.

Show hidden files in cPanel file manager

If your subdomain folder already has a .htaccess file, then you can delete it and create a new one. Inside the new .htaccess file, you need to copy and paste the following code:

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} ^$ [NC]
RewriteRule ^(.*)$ "$1" [R=301,L]

Don’t forget to replace yoursubdomain with your actual subdomain, and with your domain name.

Please note that the RewriteRule line uses a non-www URL. If you want to use www in your root domain, then you will need to add your URL with a www prefix.

Save your changes and upload your .htaccess file to the server.

That’s all, you have successfully moved your site from subdomain to root domain. You can now visit your website to see it in action. Test out your website to make sure that everything is working fine.

We hope this article helped you move your site from subdomain to root domain. You may also want to see our ultimate WordPress SEO guide for beginners.

If you liked this article, then please subscribe to our YouTube Channel for WordPress video tutorials. You can also find us on Twitter and Facebook.

The post How to Properly Move WordPress From Subdomain to Root Domain appeared first on WPBeginner.

WordPress 4.9 Will Support Shortcodes and Embedded Media in the Text Widget

WordPress 4.8 brought TinyMCE to the core Text widget, along with brand new Image, Video, and Audio media widgets. The upcoming 4.9 release builds on this progress and will introduce some long-awaited improvements to Text widget. Users will finally be able to use shortcodes in the Text widget without the help of additional code from plugins or themes.

This new feature is the answer to an eight-year-old ticket requesting shortcode support inside the Text widget. Weston Ruter broke down the technical details in the dev note for the feature, explaining why it took so long to find a solution:

One reason for the long delay with adding shortcode support in Text widgets was due to many shortcodes looking for a global $post when they run. Since the global $post varies depending on whatever the query is, the shortcodes in a Text widget could render wildly different on different templates of a site. The solution worked out was to temporarily nullify the global $post before doing the shortcodes so that they will consistently have the same global state, with this global $post then restored after the shortcodes are done.

Hundreds of thousands of WordPress installations currently use a plugin to add shortcode support to widgets. Contributors to 4.9 have taken this into account so that updating will not cause unexpected issues.

“If a plugin has added do_shortcode() to widget_text then this filter will be suspended while the widget runs to prevent shortcodes from being applied twice,” Ruter said.

In addition to the new core gallery widget landing in 4.9, this release will also allow users to embed media in the Text widget. A new “Add Media” button is available, making it easy for users to insert images, audio, galleries, and videos, along with text and other content. WordPress 4.9 also adds support for oEmbeds in the Text widget and the Video widget has been updated with expanded support for any oEmbed provider for video.

Little enhancements like these make it easier for users to update their own websites without having to hire a developer or add extra plugins for things that should be simple. The improvements to widgets have also been implemented in such a way that users will be more prepared for how Gutenberg will handle media.

“The media-specific widgets are closely aligned with blocks in Gutenberg; the existence of media inside the Text widget will align with eventual nested blocks in Gutenberg, and would be treated as Classic Text blocks in any future migration from widgets to blocks,” Ruter said.

WordPress 4.9 will improve the experience of switching between themes by including logic that is better at mapping widgets between two themes’ widget areas. This release will also improve the UI for updating and saving widgets in the admin screen. It adds an indicator that shows whether or not widget changes have been saved, as well as a notice if the user attempts to leave the page with unsaved changes.

WordPress 4.9 Beta 4 Removes ‘Try Gutenberg’ Call to Action

WordPress beta releases typically don’t generate controversy but in WordPress 4.9 Beta 3, a call to action was added to the dashboard that encouraged users to install and activate Gutenberg.

Try Gutenberg Call to Action
Try Gutenberg Call to Action

Members of the WordPress community raised concerns that clients may install Gutenberg and shared ways to hide the prompt from users. The negative reaction inspired some developers to create plugins that hide the prompt.

One of the primary concerns is that Gutenberg is in a high state of flux and encouraging users to create content inside of it on live sites may cause compatibility issues or adversely affect saved content in the future.

“Any change to the integrity of published content and its formatting that results from changes during continued development and evolution would be unacceptable from the point that we encourage users this directly to install it on live sites,” Nick Halsey said.

“On the other hand, this could require core to take on significant technical debt to maintain compatibility for earlier iterations of the editor as a plugin.

“There should be a make/core post addressing this issue, at a minimum, along with a compatibility plan for the next stage of development as a plugin. Before core encourages millions of sites to use the plugin and rely on it functioning a certain way.”

Other members of the community advocated for the call to action saying it would lead to a larger test sample.

The call to action was removed after the core team discussed it with Matt Mullenweg, “I like the idea of the Gutenberg promo, but want things to be a bit further along before we really open the doors to try to get as many users as possible,” Mullenweg said. “If we can flag off or remove the promo, we can always bring it back in 4.9.1 or another time when things are more ready.”

‘Try Gutenberg’ Dashboard Prompt Will Set A New Precedent

There have been many WordPress features in core that started off as plugins first, MP6 being one of the most memorable. However, to the best of my knowledge, there has never been a dashboard prompt encouraging users to install and activate a beta plugin on a live site.

Although the call to action is focused on raising awareness of Gutenberg, John James Jacoby suggests that the meta block be rewritten so that it can be recycled for other features or plugins to use in the future.

“My concern is that the current approach is not scalable to future feature developments beyond Gutenberg,” Jacoby said. “For example, when a new codenamed feature comes along for WordPress 5.2, cloning this same approach does not seem ideal.”

He suggests that the dashboard widget become a standard part of the dashboard. “This way, we can hype the new hotness on an as-needed basis, and plugins that want to hide it forever can reliably do so one time in a plugin,” Jacoby said.

When Is the Right Time to Hype Gutenberg to the Masses?

Gutenberg is actively installed on more than 3K sites with nearly half of installations running version 1.4. This is a far cry from the 100K active installs Mullenweg would like to see before merging it into core.

I don’t think advertising Gutenberg in the dashboard to millions of users as the new editing experience should be considered until a merge proposal has been published on the Make Core WordPress site. By this time, many of its quirks and how it handles meta data, meta blocks, and preventing data loss will likely be solved.

I am one of the people who raised their eyebrows at the idea of advertising Gutenberg at its current stage of development to the masses. My primary concern is that it’s not ready yet. At the same time, I wonder when or if there is a right or responsible time to advertise installing beta software onto a live site. What do you think?

Writing WP Super Cache Plugins

WP Super Cache is a full page caching plugin for WordPress. When a page is cached almost all of WordPress is skipped and the page is sent to the browser with the minimum amount of code executed. This makes the page load much faster.

Unfortunately if you want to run code on every page load you’re out of luck as regular WordPress plugins are not loaded or executed. You’ll need to write a WP Super Cache plugin. This short introduction will not teach you how to write plugins but the example plugins that ship with WP Super Cache will get you a long way towards understanding how they work.

Screen Shot 2017-10-25 at 16.49.10

WP Super Cache ships with some example plugins in wp-super-cache/plugins/. Some of them even do useful tasks like help with domain mapping and Jetpack integration. There’s one called “awaitingmoderation.php” which removes the text “Your comment is awaiting moderation.” when someone writes a moderated comment.
There’s also dynamic-cache-test.php which is a complicated beast but it’s heavily commented. It allows you to add template tags to your site that are replaced when the cached page is loaded.

Before you get started writing a plugin you should be aware that you should not use the wp-super-cache/plugins/ directory. Every time WP Super Cache is updated this directory is deleted. So, edit your wp-config.php and set $wp_cache_plugins_dir to another directory where you’ll put your plugin.

These plugins run before most of WordPress has loaded. That means you can’t rely on some of the nice features of WordPress such as filters and actions. However, WP Super Cache has it’s own action/filter system that is similar to actions and filters in WordPress:

  • add_cacheaction( $action, $func )
  • do_cacheaction( $action, $value = ” )

A cacheaction is also a filter. If you hook on to a cache action that has a parameter, you must return that parameter at the end of the function like you would with a WordPress filter.

Screen Shot 2017-10-25 at 16.52.59

If you need to hook into a WordPress filter use the imaginatively named cache action “add_cacheaction”. That runs on “init” so the function that is executed can use add_action() or add_filter(). You can see this in action in the plugins/dynamic-cache-test.php or plugins/awaitingmoderation.php scripts.

Two very useful filters are the WordPress filter, “wpsupercache_buffer” (in wp-cache-phase2.php) that is used to modify the page before it is cached and the cache action “wpsc_cachedata” (in wp-cache-phase1.php) is used to modify the cached page just before it’s served.

Related Posts


The beginner’s guide to Yoast SEO

Suppose you know nothing about SEO but have heard about this little gem called Yoast SEO. People told you that it is a very convenient tool to optimize your site and its pages for Google, Bing, and Yandex. It’s effortless. You want to use it. You install the Yoast SEO plugin or the Yoast SEO extension and simply follow the advice given in that plugin. Within a week, your website will be topping the charts in Google. Or not? No, to be honest. It’s not that simple.

Optimize your site for search & social media and keep it optimized with Yoast SEO Premium »

Yoast SEO: the #1 WordPress SEO plugin Info

Our plugin helps you to optimize your website for search engines. And it does that well, but it needs your input. In this beginner’s guide to Yoast SEO, I’ll try to explain the basics of SEO that our plugin guides you in. I’ll take you through the steps that every user, who tries our plugin for the first time takes, and help you optimize your site in the process.

It’s a beginner‘s guide to Yoast SEO

Before we start, I should point out that this isn’t a beginner’s guide to every single detail of our plugin. I’d just like to show you some things I think you should use or configure. As our plugin has quite some settings, it’s good to know which features to configure first.

The Yoast SEO configuration wizard

Our Yoast SEO configuration wizard is a great place to start. You can find the configuration wizard at SEO > Dashboard > General:

Beginner's guide to Yoast SEO: Where to find the Yoast SEO configuration wizard

In that configuration wizard, we will guide you through twelve steps that help you configure our plugin, specifically for your site. Even if you have a website that is already a year or so old, I encourage you to use the wizard and see if there are some things that you might have missed. Each step includes some questions; your answers will determine specific settings. In the wizard, we have also included video material to show you even more options.

Read more: ‘The Yoast SEO configuration wizard and why you should use it’ »

But there is so much more in this SEO section of Yoast SEO!?

Unquestionably, as there are many aspects to SEO. With the help of your answers in the configuration wizard and our own SEO knowledge, we can configure most of the general settings of our plugin for you. As a result of this, you can focus on your content!

SEO analysis

When you start writing a post or page, you will find our analyses. In WordPress, our so-called meta box is right below the larger text area where you write your content:

Beginner's guide to Yoast SEO: the meta box

For you, as a user, this Yoast SEO box will prove very valuable. As you can see, there are a couple of tabs here.

  • One tab where you can insert the keyword you want to optimize the page for (focus keyword), in this case: “beginner’s guide to Yoast SEO.”
  • One tab that says Readability and I’ll get into that one later.

On the tab where you can insert that focus keyword, we’ll tell you if you have used that focus keyword the right way in that specific post.

What we analyze in our SEO analysis

At present, we perform these checks in our SEO analysis:

A beginner's guide to Yoast SEO: SEO analysis

Following the image, as shown above, we analyze these characteristics of your text (from top to bottom):

  • If you want your page to rank for a specific keyword, you must write at least 300 words about it. Otherwise, it may be considered a ‘thin content’ page by Google, and you want to avoid that.
  • Add a meta description; it will invite visitors in Google to your website.
  • You want to make clear right from the start what the page is about, so start adding the focus keyword from the beginning.
  • Add images to create a vivid experience for your users. Use the focus keyword in the ALT text so that Google can relate that image to the keyword.
  • To set up a proper site structure, link to at least one other related page on your site. It keeps visitors on your site and shows them more (background) information.
  • We want sites to link to other websites as well, as this opens up the web. Point people to the websites where you get your information. It’ll tell Google what websites relate to each other on what subjects.
  • A short page title allows you to add a trigger for a visitor in Google to click to your website.
  • If you add that focus keyword at the beginning of your title, it will have the most value. Also, it will immediately stand out when your post is shared
  • Repeat your focus keyword in your URL. As a result, even without context, it will be clear what clicking that link will bring you. Furthermore, Google also likes having it in there.
  • You optimize a page for a certain keyword – not a website. Prevent competing pages! Yoast SEO will warn you if you write more than one post about the same keyword. When this happens, use a variation, or a long tail keyword.

    New to SEO? Learn the Basics of SEO in our Basic SEO course »

    Basic SEO training Info

What’s more: Cornerstone content and snippet preview

If your page is the main page for a topic/keyword in a group of pages you plan to write, you could mark it as cornerstone content here. Not sure if that is a subject for a beginner’s guide to Yoast SEO, by the way. It might be wise to take our basic SEO course first :)

Besides all the checks, we provide an editable snippet preview, which tells you how our plugin displays your website to Google and other search engines.

Readability analysis

Since SEO is one of those areas where content is indeed king, we also provide a convenient readability analysis for you. The thing is: not all people have the same skills to process certain texts. I laughed out loud when I found out someone thought it would be wise to use our readability analysis to analyze the readability of books like Hamlet’s First Soliloquy by William Shakespeare. Oh, the time wasted! If Hemingway would have a blog, he’d probably love our readability analysis. It would allow him to translate his offline writing to a nice readable online text.

Online vs. offline

Please understand that online and offline writing are two different stories. While we take the time to read, digest and daydream about all the great stories we read in books, we tend to scan, process and use (in any way) the things we read online. Where we follow the old man on his journey over sea, struggling with that marlin for days, feel his frustration, motivation, you probably scanned this beginner’s guide to Yoast SEO to see if there’s something here you didn’t know already.

This post isn’t a page in a book. It’s information for you to process like most online pages are. With that purpose in mind, we wrote our readability analysis.

Government rulings

Our Dutch government has ruled that the text on all government websites should be at B2: Upper intermediate level. It’s a rule that makes sure that every citizen, regardless of the level of education, can read and understand the information on these websites. We aim to help them with that. Our readability analysis works for websites in English, Spanish, Dutch, French, and German, by the way.

The readability analysis itself

Let’s see what’s in our readability analysis:

A beginner's guide to Yoast SEO: Readability analysis

We analyze these things:

  • Use subheadings so that people can scan your pages faster. It helps you group topics, which makes it easier to process them.
  • The Flesh Reading Ease test makes sure every reader can understand your texts. If you are writing for a more educated audience, a lower score is acceptable – it’s a guideline, you decide how strict to follow it.
  • Transition words help to improve the ‘flow’ of your page. To put it another way, they send a signal to your visitors that something is coming up, prepare them for the next sentence. You’ll find that the recommendation of using transition words in 30% of your sentences isn’t that hard to achieve.
  • Long paragraphs in an online article are more difficult to understand. You’ll find yourself lost in all the words. Bite-sized chunks are easier to process.
  • While in a book you can stretch a sentence over half a page, shorter sentences are that much easier to read online. We use 20 words as a target length.
  • Passive voice results in distant writing. Active voice is much more engaging. It’s almost impossible to write a ‘natural’ text without any passive voice at all (IMHO), and we ‘allow’ 10% passive voice in our analysis.

If you want more insight into how we decided on all these target numbers, please read the article Content analysis: methodological choices explained.

The last step of this beginner’s guide to Yoast SEO is an advanced one

When you first install Yoast SEO, we hide all advanced settings. We don’t want to bother you with these and have set them up to our standards. But I’d like you to check just two of the settings in there. Go to SEO > Dashboard > Features. Toggle the switch as in the image below to enable the advanced settings. Don’t worry; we’ll close these advanced settings right after this section.

beginner's guide to Yoast SEO: advanced settings pages

Titles and Metas

If you set that switch to “enable” and click the “Save settings” button, your menu, which used to look like the menu on the left, (this example is in WordPress) will expand to the one on the right. You’ll now have access to the way we set up, for instance, your titles and metas for you. I want you to check that section for me. No need to alter anything, by the way. I just want you to know it’s there and realize what you can configure here.

Become a technical SEO expert with our Technical SEO 1 training! »

Technical SEO 1 training Info

At “post types,” you will find the default template we use for your post titles:
%%title%% %%page%% %%sep%% %%sitename%%

This simply means we will use the page/post title you use when writing posts, and add the page number if your post is divided over multiple pages. Then we add a separator, like a dash, and then the site name you have set when creating your site. The outcome for this Beginner’s guide to Yoast SEO could be:
Beginner's guide to Yoast SEO: page titlesNote that this example doesn’t include a page number after the page title, as this post is just one page. This is the setup we recommend. It’s focused on the page title (“Beginner’s guide to Yoast SEO”) and has proper branding at the end (“Yoast”).

The purpose of me showing you this is that I want you to know it’s there, so you don’t have to look for it in the future. It explains why your titles are shown this way in Google.

Keep reading: ‘Titles and meta variables in Yoast SEO’ »

Google Search Console

You can find the search console settings a bit further down the SEO menu. Now if you have completed our configuration wizard, you most probably connected Google Search Console to our plugin already. If you haven’t done that yet, you can do it at any time using the Search Console section here.

If you’re happy with the way these two are set up, please go back to the features tab in our dashboard and disable the advanced setting pages again.

That concludes our beginner’s guide to Yoast SEO. I trust your website is ready for Google now, so please add awesome content!

Read on: ‘Why every website needs Yoast SEO’ »

The post The beginner’s guide to Yoast SEO appeared first on Yoast.

Gutenberg 1.5 Adds Initial Support for Meta Boxes, Makes Gutenberg the Default Editor

Gutenberg 1.5 was released this morning and introduces several major changes to the plugin. This version takes the new editor off the back burner and makes it the default for creating new posts. The team has also included a way for users to create posts with the Classic Editor, but this requires knowing where to go to access the dropdown (All Posts » Add New).

Version 1.5 adds initial support for meta boxes in an Extended Settings panel beneath the post content. Users won’t see this bottom panel unless they have a plugin installed that includes meta boxes. The sidebar Settings panel must already be toggled open for the bottom panel to appear.

The Extended Settings panel slides up to reveal accordion toggles for plugins that have meta box settings available. The design could use some improvement, especially for navigating back to the post editor. The panel takes over the entire section. On installations with lots of legacy meta boxes it is easy to get lost in all the open/closed toggles.

Gutenberg design lead Tammie Lister said this is the first step towards supporting meta boxes and that there will be iterations to follow. She also warned that it is possible some advanced meta box uses will not work as expected. The Gutenberg team is eager to receive feedback on these cases and will work to find solutions for them. Testers who discover issues with meta box support can post an issue on GitHub or via the plugin’s feedback form, describing the setup and how to reproduce what is breaking.

Version 1.5 also adds a new inserter button between blocks, which Gutenberg engineer Matias Ventura demonstrated with an animated gif in the release post:

This release adds a dropdown to the Publish button. It currently supports visibility and post scheduling features.

There was a great deal of discussion on GitHub surrounding the UI for the publish button, whether it should be a split button dropdown or a single button that provides slightly more friction to prevent accidental publishing. The general consensus was that introducing a bit more friction is desirable, as contributor Davide Casali noted there are many cascading actions that are often tied to the Publish button:

“Some automated publishing actions are irreversible: pings gets sent, emails get sent, Facebook and Twitter gets updates, etc.,” Casali said. “This is very very important for a lot of people and businesses, and nobody wants to send out such actions by accident.”

Contributors are looking for feedback on this implementation and are willing to explore some alternate design options as well. They agreed that it is more important to make the Publish button area pluggable and to work on adapting it based on feedback.

For those who want to completely disable Gutenberg, a new plugin called Classic Editor is available on and ready for testing. It requires WordPress 4.9-beta2 or newer and Gutenberg version 1.5+. Classic Editor comes with two modes that give users the option to fully replace Gutenberg or allow access to both the old and new editors:

  • Fully replaces the Gutenberg editor and restores the Edit Post template.
  • Adds alternate “Edit” links to the Posts and Pages screens, on the toolbar at the top of the screen, and in the admin menu. Using these links will open the corresponding post or page in the Classic Editor.

A setting for switching between the modes is available at Settings » Writing. Other plugins for turning Gutenberg off will likely pop up the closer the it gets to being included in core, but Classic Editor is the official one recommended by core contributors.

The timeline for the merge proposal is not yet set in stone but the Gutenberg team aims to get it more widely tested before writing the proposal. The plugin is currently active on approximately 3,000 WordPress sites.

“The plan is to still have the plugin ready by December, but with holidays the actual merge proposal might be next year,” Tammie Lister said. “It’s important that we get as many users and as much feedback as possible at this point. All of that impacts what happens going forward.”

One At A Time

As of last week, plugin uploads are restricted to one at a time.

That means if you have a plugin in the queue, be it submitted for review, in review, or pending your reply, you may not submit a second plugin. You have to finish your first one (or ask us to reject it) before you can move on.

This is not for the same reason that Themes does it. To whit, you’re not restricted to keep the queue low (ours is usually only a 3 to 7 day backlog anyway). You’re all being restricted because people aren’t finishing reviews, and it’s become a drain on resources.

We have over 700 reviews waiting on the developer to get back to us.

Now some of those are cases where people lost the email, or missed it somehow. Other people get the email and don’t know what to do or decide it’s too much work to fix all the things. And worse, some people decided that they’d get the review and never use the directory. In order to prevent this sort of abuse, and the disrespect to everyone else who actually finishes a review and uses the hosting we provide, everyone’s being restricted.

This should not be onerous. We have a tiny backlog. To the point that some people get rather rude when they don’t get a reply in 36 hours. And yes, that’s exactly as annoying as you think it is.

One review at a time. One plugin at a time. Please give us at least 5 business days to reply to emails.

By the way. If you’ve submitted a plugin within the last 7 days and haven’t gotten a reply, check your spam because I promise, we ended Friday with an empty queue.