Feb 2017 Q & A: Directories, Security, Languages, and Genesis

There were lots of question at the February 2017 East Bay WordPress meetup. Here they are with their answers.

What’s the Best Directory Structure for WordPress?

If you are planning to have multiple WordPress installs on your hosting account, or to install both WordPress and other apps on a single domain, it’s a good idea to put WordPress in its own directory.

There are also other occasions when you might want to create a separate directory or subdomain. (WordCamps move the previous year’s WordCamp info onto a subdomain so that the main domain always shows the current year’s information.)

And then there’s the question of whether to use a subdomain or subfolder structure for WordPress Multisite.

The WordPress Codex is the best place to start:

Note that we will be having a meetup about WordPress Multisite in May.

What are Some Best Practices for WordPress Security?

There are many posts about this (most of them covering the same points), but again, it’s helpful to start with the WordPress Codex article “Hardening WordPress.”

Among the most fundamental suggestions are

  • Keep WordPress, plugins, and themes updated
  • Use a good username (not “admin”!) and password
  • Don’t re-use passwords across multiple sites
  • Don’t use an admin account to publish content
  • Make sure your user id is not “1”
  • Use an antivirus on your computer to prevent infections spreading to your website.

It’s easy to start using strong passwords by installing a password management app. LastPass is free for 1 device and $12/year to install on all devices. It generates and stores strong passwords and syncs them between your phone(s) and computer(s).

What’s the Best Tool for Publishing a Site in Multiple Languages?

You (or your clients) may have a multi-lingual readership, and sometimes an on-the-fly mechanical translator like GTranslate doesn’t cut it. The most-established (though by no means easiest) plugin is WPML, which Sonja London recommends. Polylang and Weglot are two others.

Note that if one of these plugins doesn’t work with your theme, the problem might be the theme.

Those plugins address the front end of the site (what visitors see). The Polyglots team is in charge of translating the WordPress admin and settings pages for themes and plugins. Plugin and theme authors are encouraged to make their extensions translation-ready. There’s an Admin Language Per User plugin so each author on your site can interact with WordPress in his or her own language.

Where Can I Find a Good Genesis Starter Theme?

If you use (or want to start using) the Genesis Theme Framework, sign up for the GenesisWP Slack team, where you’ll find a large and helpful group of Genesis developers.

StudioPress provides a free Genesis Sample child theme, but it’s not everyone’s ideal starting point. Tonya Mork over at Know the Code will teach you how to build your own Genesis Starter Theme.

Here are a few other options:

July 2016 Handout: Accessibility Resources

The good news about web accessibility is that there are a lot of resources out there for developers who want to build accessible websites. Here are a few of the ones I’ve bookmarked.

These are not the result of a comprehensive search, which I’m sure would turn up many more resources, but rather articles I have come across in my regular WordPress and web development reading.

WordPress Accessibility Handbook

Rian Rietveld’s State of Accessibility Presentation from WordCamp Europe

Elise Roy’s TED Talk: When We Design for Accessibility, We All Benefit

Web Accessibility Basics from Marco Zehe

Free Web Accessibility Course from Udacity

WordPress.org Accessibility Support Forum

WordPress > Support > Accessibility

The A11y Project

ChromeLens

Tota11y Accessibility Visualization Kit

WAVE Web Accessibility Evaluation Tool

Enter your URL to check the accessibility of your website.

Yoast’s Must-Read Accessibility Posts (A11y and SEO)

Carrie Dils: An Intro to Accessible WordPress Themes

7 Things Every Designer Needs to Know about Accessibility

Article on Medium by Jesse Hausler from Salesforce. Doesn’t want to do the content card thing.

Color Safe WCAG Palette Generator

Presentation by Michael Beil: How do I know if my web project is accessible?

More WordCamp Accessibility Videos

tuts+ Accessibility Learning Guide

How to Make Your Website More Accessible (WPMU DEV)

PageGauge: Quickly Assess Your Website’s Usability

www.pagegauge.io www.pagegauge.io

How to Create More Accessible Content

WP Accessibility Plugin

May 2016 Q & A: Content Audits, 301 Redirects, and Dev Tools

Here are some of the things that came up during our general discussion at the May 2016 Meetup.

What Is a Content Audit?

Sallie mentioned being in the middle of a content audit for a very long site, and someone asked what that was. A content audit is when you review every single piece of content in a site and rate it based on such criteria as

  • Is it current?
  • Is it relevant?
  • Is it on-message?
  • Are there any broken links?
  • What type of content is it? (For example, should this be a press release instead of a blog post?)
  • Does it have a featured image?
  • Does it have an SEO-friendly title?
  • Does it have an SEO-friendly meta description?

On a small site, this can be done in a few hours. You want to do a content audit before building a new site, in order to know what to keep, what to get rid of, how many custom post types you need to create, and what new assets the client needs to provide. You’ll also need that list of URLs so you can set up the redirects.

301 Redirects

When you build a new website for a client–especially one that already has a lot of inbound links and a good Google ranking–you need to set up 301 (moved permanently) redirects from the old URLs to the new URLs. You can also use redirects to make sure that everyone uses www.domain.com instead of domain.com (or the other way around), or https:// instead of http://

Redirects are normally set up in your .htaccess file, but there are also WordPress plugins like Redirection and Quick Page/Post Redirect.

If the old site has structured its content logically with pages and sub-pages, you can use regular expressions (regex) to map groups of URLS, e.g, everything with the structure www.domain.com/company/ should go under www.domain.com/about/.

In some cases that won’t be possible (because not everything that’s under /blog/ on the old site belongs under /blog/ on the new site, for instance), so you end up with a very long list of old and new URLs in that content audit spreadsheet.

In that case, you’re faced with translating your spreadsheet into the proper format to put in your .htaccess file, which could get ugly.

Fortunately, there’s a Batch Rewrite Rule Generator provided by Donat Studios. Paste your spreadsheet columns into the box and get 301s or Rewrite Rules.

Fixing Mixed Content

Once you’ve set up your Let’s Encrypt certificate, you’ll want to install the Really Simple SSL plugin to fixed mixed content issues. (Basically it puts a few lines in your wp-config.php file, which you can do yourself if you prefer.)

Browse with HTTPS

Install the HTTPS Everywhere browser extension from the Electronic Frontier Fonudation to ensure that you get the HTTPS version of every website you visit (if one is available). Works on Chrome, Firefox, and Opera.

Local Dev Environment: AMPPS

Ted was having problems with MAMP, so he switched to using AMPPS. It’s like MAMP with Python and Softaculous included. All those Softaculous apps seem like a lot to include in a package you’re only using for WordPress development, but if you work on multiple platforms, it could be happy.

Local Dev Environment: Vagrant

Daniel was also having trouble with MAMP, so he switched to using Vagrant, a tool for deploying local dev environments. Requires some use of the command line.

Workflow Tool: Yeoman

If you’re already a happy user of the command line, you can save yourself time with Yeoman, though you will have to take some time to use it. If you aren’t working with the command line, figuring this out will probably take you longer than doing things the way you normally do.

Database: MariaDB

Daniel has started using MariaDB combined with PHP 7 for faster, better-performing sites. MariaDB works fine with WordPress without a lot of tinkering. Of course, it’s easier to set up in a local environment or on a dedicated server. If you’re on shared hosting and your host doesn’t provide it, you’re out of luck.

So What’s Wrong with GoDaddy’s Managed WordPress Hosting?

On the plus side, GoDaddy’s Managed WordPress Hosting is a lot better for WordPress than their shared hosting, and it’s competitively priced.

On the minus side, it uses an old version of PHP and there’s no way to upgrade it. There have been issues with staging -> production migration. Some of us find that the WordPress admin is amazingly slow and generally under-resourced: simple things like plugin upgrades can time out, never mind BackupBuddy backups.

The few dollars you save versus SiteGround or A2 are probably not worth it. If you need inexpensive WP hosting you can try Tap, which is $5/month for the pro plan.

April 2016 Meetup Notes

Here are some links and notes from the open Q & A part of the April 2016 East Bay WordPress Meetup.

Analytics for Landing Pages

SumoMe provides an awesome suite of analytics tools. There are WordPress plugins, but you can use SumoMe on any website. There’s a free version, a $40/month version, and a $100/month version.

For A/B testing, try Unbounce, which lets you build landing pages as well as testing them. Plans start at $49/month. 30-day free trial.

Opinions on Visual Composer

Page building tools like Visual Composer can add a lot of overhead to your site and decrease performance. They’re also not wonderful for SEO. If you deactivate Visual Composer, all that’s left of your content for those pages will be a collection of shortcodes. And there may be times when it’s actually a lot faster to write code than to build something with Visual Composer.

That said, Visual Composer is very popular and it can help non-coders to create different page layouts quickly. If you are going to use it, make sure you install it as a separate plugin rather than having it bundled into a theme. Plugins that have been bundled into themes can’t be updated separately and pose a security risk.

Creating your own SEO-friendly HTML output

If something like Visual Composer is giving you trouble with managing your on-page SEO, have a look at Rendera from Heroku.
Type in your HTML code and see it rendered in realtime. Then style it with CSS. You can use any of the HTML5 or CSS3 tags your browser supports.

How to tell bots to go crawl themselves

(A nice trick courtesy of SiteGround support, explained in more detail on the WP Fangirl blog.)

# BEGIN Tell bots to go crawl themselves
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTP_USER_AGENT} ^$ [OR]
RewriteCond %{HTTP_USER_AGENT} (bot|crawl|robot)
RewriteCond %{HTTP_USER_AGENT} !(bing|Google|msn|MSR|Twitter) [NC]
RewriteRule ^/?.*$ "http\:\/\/127\.0\.0\.1" [R,L]
</IfModule>
# END Tell bots to go crawl themselves

Mac tool for creating diagrams

Omnigraffle is for creating precise, beautiful graphics. Like website wireframes, an electrical system design, a family tree, or mapping out software classes. For artists, designers, casual data-mappers, and everyone in-between.

Mac desktop: $99
iOS: $49

The East Bay WordPress Meetup has a new location

Tech Liminal has been the venue for the East Bay WordPress Meetup since late 2009. In 2012, Tech Liminal moved from 14th Street to the Ask.com building at 11th and Clay. Now Tech Liminal has moved again, to The Port Workspaces in the Kaiser Mall at 344 Thomas L. Berkley Way (a.k.a. 20th St).

What you need to know about the new location

Access to the building is by key card only. There will be someone at the 20th Street entrance (the one under the big “344”, next to CVS) to let you in. If you’re late and no one is at the door, contact Anca or Cindy.

floor plan for Port Workspaces

The parking garage is closed on Sundays, but it’s not too difficult to find street parking. (You probably didn’t want to pay for the garage anyway.)

The escalator doesn’t run on weekends, so you need to take the lift elevator to the third floor. Walk straight through the lobby and you’ll find the elevator on your right just before the escalator appears on the left.

The roof garden is also closed weekends, but there’s an outdoor patio next to the space we’ve been using to meet.

Our exact meeting location may change depending on the number of RSVPs. Right now we’re on the third floor, past the bar, next to the outdoor patio.

We’re still getting pizza thanks to A2 hosting.