The Dragon Roars with Fearsome WordPress Plugins
It's Episode 555 and we have plugins for Disabling Bloat, Managing Emergencies, Login Without Password, Query Looky-Loo, Worthless Plugin, Pranking WordPress… and ClassicPress Options. It's all coming up on WordPress Plugins A-Z!
Disable WooCommerce Bloat, Emergency Management, Temporary Login Without Password, Query Monitor, Worthless Plugin, WP Pranks……. and ClassicPress options on Episode 555.
This is a value for value show and I look forward to everyone providing some value back.
Before I get started, you will want to hang around to the end of the show for our Q & A segment with Amber…. and to those listening on the podcast, you may want to check out the YouTube version which has some great discussions before the show starts…
This is #15 of 52 episodes for 2022! So many 5's today! 5 is an interesting number in numerology – 5 is a master of change, able to go with the flow and adapt itself to thrive in different environments and social situations. People with the life-path number 5 tend to have a hard time settling down or sticking to routine, as people with 5 tend to crave new, fresh experiences – once something feels like routine these people tend to move on.
On another note – happy early April Fools! I think we should really just call it Loki Day – generally my youngest sets up about 20 different little harmless pranks at this time of year, so I can't help but wonder what she will do this year! I hope everyone has a lot of fun this year, and that you are able to get outside and enjoy the early Spring weather!
Rinse and repeat as often as needed.
We have some news from the world of WordPress for you today as well as some great plugins.
News this week:
WordPress Vulnerability Report – March 30, 2022 – Only 7 to worry about this week – don't forget to go through this list each week to see if a plugin you have deactivated in the past has been patched and is good to go now!
EXMAGE, Good & Bad Comments, Thank me Later, Page Security & Membership, Autolinks, Amministrazione Aperta, Ad Injection. If you have these in your site, deactivate and keep an eye out for updates!
Performance Team proposes enabling WebP by default in WordPress 6.0 – If this proposal is approved, version 6.0 will generate WebP images by default for new JPEG uploads and will use WebP images by default for website content. I could see this being very useful, as WordPress would auto convert JPEG uploads to the WebP in the background, and use them on your website.
Text Selection across multiple blocks is coming to WordPress – Ella van Durpe merged a feature into Gutenberg plugin, allowing users to select and modify text across multiple rich text blocks. This should land in 13.0 of the plugin, and WordPress 6.0 in May. I'll bet this will make life easier across the board for Gutenberg users!
WordCamp Asia 2023 tentatively set for February 17-19 in Bangkok, Thailand – Great news! WordCamp Asia is tentatively back on schedule for in-person WordPress events with these new dates – February 17-19, 2023. Read on to find out more!
The WordPress.org pattern creator now open to the public – The WordPress pattern directory has finally opened its gates wide to the entire community as of March 25th!! This means that anybody with a WordPress.org account can log in, go to the pattern creator, and start designing!! Read on to find out more!
WooCommerce Store API now stable, provides better support for custom frontends – They announced on March 25 that their new Store API is now stable after two years of being in development. It powers the plugin's new block-based cart and checkout experience as well as all products blocks! This is great news! Read on to find out more!
Weglot raises €45M from Partech Partners – This is the first time the Paris based company has taken outside capital since it 2017! They have expanded its offerings to include more translations and integrations for other platforms as well. Weglot also has a Gutenberg block available. Read on to find out more!
Snow Monkey Editor Plugin adds custom styles to WordPress Core Blocks – This is a great plugin to know about if you build in blocks. Most Block Plugins allow you to create your own custom blocks and add them – Snow Monkey allows you to add personalization to the blocks already in your site, and they have added more!
Random Fun Note: Scientists think there could be alien life on one of Jupiter's moons – Yes, you read that correctly! One of Jupiter's moons named Europa has Water, Nutrients, and Oxygen. The oxygen and water are separated by a thick sheet of ice – but thanks to a lot of conjecture and a paper, there is a working theory on how the oxygen could penetrate Europa's ice shell and reach the water beneath – thus allowing for life! Totally worth taking the time to read this!
This is the extra news stuff that someone out there might find interesting. To read more, you can head on over to the show notes or newsletter and check it out! If you find something to add for next show, send me a link at firstname.lastname@example.org
Research: The Great Resignation has not improved the career paths of workers – Some got better pay, but others are coping with high inflation and minimal wage growth. This article does a deep dive into everything regarding this topic, and is well written.
The not-so-secret secret to successful flexible work strategies – Give your people what they want. This is a great article going through the effect that the Great Resignation has had on the work force, and how people looking for jobs are now searching for flexible work schedules rather than 9-5 office hours.
Hackers Hijack email reply chains on unpatched exchange servers to spread malware – A new email phishing campaign has been spotted!! This one uses the tactic of conversation hijacking, delivering the IcedID info-stealing malware onto infected machines by making use of unpatched and publicly-exposed Microsoft Exchange servers. Read on to find out more!
White House issued a cybersecurity list – but forgot these vital steps – The White House issued a press briefing with a list of cybersecurity steps – though they left out some crucial steps. They also didn't entirely define the steps they did give. This is a great fleshing out of the steps given by the White House, and also adds some things that were missed in the list.
Google caught collecting more of your personal data – changes are coming! – By this point, we all know our data is scooped up and used for the company's benefit – despite the many proclamations of Google and other tech giants regarding Privacy Concerns, and how they are meeting these. Here we see them caught with their bots in the cookies yet again, and Google response. Read on to find out the nitty gritty details!
North Korean hackers exploit Chrome zero-day weeks before patch – The zero-day in question here is ‘remote code execution vulnerability in Google Chrome web browser'. This was used in attacks that targeted news media, IT companies, cryptocurrency, and fintech organizations. Read on to find out more about what went on!
Behold! A password phishing site that can trick even savvy users!! – Enter: BitB. BitB stands for Broswer in Browser. This removes the telltale signs in the address bar that people generally look for, like google.evildomain.com or substitute letters such as g00gle.com. It uses a fake browser window inside of a real browser window to spoof an OAuth page. Read on to find out more about how BitB works!
Critical Sophos Firewall vulnerability allows remote code execution – Sophos has fixed this this now, though still good to know what happened. There was an authentication bypass vulnerability in the User Portal and the Webadmin areas of Sophos Firewall that allowed remote code executions to be conducted. Read on to find out more about this and how it worked!
New Malware Loader ‘Verblecon' infects hacked PCs with cryptocurrency miners – Translation: an unidentified threat is employing ‘complex and powerful' malware with the ultimate objective of deploying cryptocurrency miners on compromised systems, and potentially facilitating the theft of Discord Tokens. First noticed 2 months ago, the real worry here is if the malware falls into the hands of someone who realizes the potential use of such sophisticated malware. Read on my friends!
New hacking campaign by Transparent Tribe Hackers targeting Indian Officials – Believed to be of Pakistani origin, this is designed to backdoor targets of interest with a Windows-based remote access trojan named CrimsonRAT; this has been going on since at least June 2021. Last month, the threat expanded into Android devices with the backdoor name CapraRAT. Read on to find out more on how this thing works and what it's doing!
CISA warns of ongoing cyber attacks targeting internet-connected UPS devices – US Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Energy (DoE) are working together on this one; uninterruptible power supply (UPS) devices are being attacked by means of default usernames and passwords. This is why putting in your own passwords is so essential… Read on to find out more about this investigation, and what they are currently doing!
The hall of shame via Automattic:
Matt's Famous Quotes
Support the show
This Show will not work without you, the producers, as it is a Value for Value model, meaning if you're getting any value out of it then give some value back and help the show out.
Start by subscribing to the newsletter for additional information and get out there round them up and rope them all in, belly up to the bar and enjoy. Spread the word about WP Plugins A to Z and catch it live every Thursday at noon PST on our YouTube Channel.
We'd like to acknowledge all the producers who have supported the show in the various ways over the last week.
This weeks show Art Work comes from:
Greg's Graphics (Greg Holdsworth) — https://gregsgraphics.com
To Submit Artwork go here https://wppluginsatoz.com/artwork/
Check out all the art work at https://wppluginsatoz.com/show-art-submitted/
This week's Executive Producer/'s are:
Nobody this week, maybe next week!!
A big thank you to all the Producers who came in under $50 and to those who have set up weekly subscriptions they will remain anonymous and I thank you very much.
All these small subscriptions really help the show out.
A big thank you to those who have hired me because of the Podcast, thank you that is as good as donating to the show.
You can Support the Show by:
Donating money to help the show Donations of $50 and over are credited with an Executive Producer Credit in the Show Notes, and their note is read out on the show.
You can also create a monthly donation at Patreon
Or something I may not have thought of…
If you would like to send something to WP Plugins A to Z you can send to the following address:
WP Plugins A to Z
C/O John Overall
20-754 E Fairview Rd.
Victoria, BC V9A 5T9
Off we go into the meat and potatoes, Into the depths of plugin depravity…..
ClassicPress is growing really well, but we just don't have the time to add reviews on ClassicPress myself. We are always open to reviews sent in by listeners, though unless there is a review sent into us on ClassicPress, we am not going to do more than mention that ClassicPress is a thing. Here are some resources, we hope some listeners out there find this information useful!
One thing we are looking forward to in the ClassicPress World is the expansion of the number of ClassicPress specific plugins and their own repository. There are a few plugins specifically for ClassicPress and all plugins for WordPress 4.9.9 work well on it. We do believe it has a future, we just don't have the time to help them in getting it out there right now.
No new updates this week – though we have a Tutorial!
If you're looking to learn how to use ClassicPress check out the tutorials on their site.
For some up to date news on ClassicPress check out the ClassicPress Blog.
“Must Have” Plugins List
You can check out the ClassicPress repository here https://directory.classicpress.net/plugins They now have 84 plugins (and counting!) available.
ClassicPress Information – The information that will keep, and help you on your way to understanding and using ClassicPress!
Find out more about ClassicPress 1.4.0 rc2 https://forums.classicpress.net/t/classicpress-1-4-0-rc2-release-notes/3785?fbclid=IwAR3wGK5IW8ssJ-XC4k7IiZMBtSjUTVN2pexk6ATCRvuMN-Fn-McOy-XJJv8
Are you looking for some great newly released plugins? Check out this link:
Disable WooCommerce Bloat
Disable unnecessary WooCommerce features and make your shop faster and cleaner. If you don’t like or don’t need the new bloatware features, use this plugin and forget about them forever.
It may be a good idea for small shops to disable the features that are slowing your page down. Simplify your WooCommerce admin panel. Use good, old, clean, fast WooCommerce!
Rating 5 Dragons
This is a plugin made for developers – it is a developer tool panel for WordPress. This enables debugging of database queries, PHP errors, hooks and actions, block editor blocks, enqueued scripts and stylesheets, HTTP API class, and more!
You will find ‘settings' under the plugin on the plugin page; click on that and it will bring up the whole list of things it pulls for you! Going through it I found it to be very easy to read, understand, and I can see how very useful it will be when working on a site!
Rating 5 Dragons
Provides means to reset all or selectable passwords (roles, users) and/or to delete (the related) sessions, to define a role-based password expiry, to renew your security KEYs & SALTs and to define & monitor your required password complexity/strength.
Upon password reset, the related users will be informed by eMail. The eMail text can be edited easily through this plugin.
When the password expiry function is set, users with the related roles will be required to renew their password upon login, once expired.
Rating 5 Dragons
A fun plugin that you plug and play, it throws up random notices in your dashboard that are totally useless but rather entertaining – mostly for the one who added the plugin!
The notifications are things like: ‘Don't click on my face!' with a picture of the dude's face, or ‘This notification…'
I think this is some good clean, harmless entertainment. 😀
Rating 5 Dragons
Temporary Login Without Password
Using the “Temporary Login Without Password” plugin you can create a self-expiring account for someone and give them a special link with which they can login to your WordPress without needing a username and password.
You can choose when the login expires, as well as the role of the temporary account.
Really useful when you need to give admin access to a developer for support or for performing routine tasks.
Rating 5 Dragons
This plugin has not been updated since I brought it last year – when it was already a year out of date – but it still works!!
You get to choose from the following pranks for your site:
- turn website black and white
- turning everything upside down
- hiding all odd numbered paragraphs
- turning everything blurry
- adding a poop emoji to the upper left of the page
- turning all text into Comic Sans font
- Making all fonts INSANELY large!!
I think this is a great one to throw on for April Fools!
Rating 5 Dragons
Random links for plugins
WordPress plugins crafted from love and experience
Listener Feedback / Audio Clips
Remember: Feel Free sending in your thoughts to us – The Good, The Bad, The Ugly – we'll take them all!
Hi Amber and John,
Love the show! I need to upload photos to my site and I know that changing the size by inches or centimeters doesn't actually change the size (3.92 MB). I read I should change the pixel size. What is the best way and best pixel size to have on your website? Are there rules of thumb to follow?
Not Photo Savy
Remember, there's no such thing as a stupid question!
Deadline is April 6th – Winner Announced on April 7th!!! Don't Forget!
Lifetime Single Domain License with Interactive Geo Maps, Valued at $49.99!
Let your friends know about the giveaway!
Remember to share this contest with friends to earn extra entries to the contest.
Visit http://WPPluginsAtoZ.com/contests for more info.
For all developers who would like to support the show. You can donate a premium license to be used in a future contest please go toWPPluginsAtoZ.com/PluginContest
The plugins we covered were:
John’s Plugins: Disable WooCommerce Bloat – 5, Emergency Management – 5, Temporary Login Without Password – 5
Amber's Plugins: Query Monitor – 5, Worthless Plugin – 5, WP Pranks – 5
Matt's Famous Quotes
Reminders / Commercial / Promotions:
Meetup Has Been Planned For June 25th!! Keep tabs on the date at: https://wppluginsatoz.com/meetup – keep an eye to make sure that the date doesn't change on you for any reason (like zombies or wet ninja cats being herded through catnip fields flooding the valley or anything..)
Would you like to be on an interview show? Simply connect at https://wppluginsatoz.com/interview
If you have suggestions on plugins you would like to have reviewed please submit them on the website at https://wppluginsatoz.com/submit-plugin-review/
Q & A Time with Amber ——– Catch this info on our YouTube Channel
If you have questions you would like to have asked on the show, send them in to me at Amber@WPPro.ca and we will answer to the best of our ability!
- What do you do if you are 3 months or more behind in updates? Is there a way to take care that you don't break your site?
- What would be the best course of action to take in upgrading a site 8-15 months out of date?
- Is there a way to check a site's security to see where it stands before you upgrade, or do you need to upgrade everything before you can actually tell where they stand?
Closing out this Episode
Just some reminders:
Be sure and subscribe to our Newsletter.
You can support the show at wppluginsatoz.com/donate
All the show notes can be found at: WPPluginsAtoZ.com
Subscribe and review the show at:
Follow the show on Twitter @wppluginsatoz
Join Us on Our Facebook Page
Subscribe and Check out our Training Videos, Screencasts and Watch us Live on YouTube every Thursday at Noon PDT
How to Contact Us:
John can be contacted at:
- on my website @ http://www.johnoverall.com/
- WordPress Emergency Support http://wppro.ca/wpemergency
- email: email@example.com
Amber can be contacted at:
- email: firstname.lastname@example.org