On WP Engine’s homepage, they promise “Unmatched performance, automated updates, and bulletproof security ensure your sites thrive.”
WP Engine was well aware that we could remove access when they chose to ignore our efforts to resolve our differences and enter into a commercial licensing agreement. Heather Brunner, Lee Wittlinger, and their Board chose to take this risk. WPE was also aware that they were placing this risk directly on WPE customers. You could assume that WPE has a workaround ready, or they were simply reckless in supporting their customers. Silver Lake and WP Engine put their customers at risk, not me.
We have lifted the blocks of their servers from accessing ours, until October 1, UTC 00:00. Hopefully this helps them spin up their mirrors of all of www.ads-software.com’s resources that they were using for free while not paying, and making legal threats against us.
]]>WP Engine needs a trademark license, they don’t have one. I won’t bore you with the story of how WP Engine broke thousands of customer sites yesterday in their haphazard attempt to block our attempts to inform the wider WordPress community regarding their disabling and locking down a WordPress core feature in order to extract profit.
What I will tell you is that, pending their legal claims and litigation against www.ads-software.com, WP Engine no longer has free access to www.ads-software.com’s resources.
WP Engine wants to control your WordPress experience, they need to run their own user login system, update servers, plugin directory, theme directory, pattern directory, block directory, translations, photo directory, job board, meetups, conferences, bug tracker, forums, Slack, Ping-o-matic, and showcase. Their servers can no longer access our servers for free.
The reason WordPress sites don’t get hacked as much anymore is we work with hosts to block vulnerabilities at the network layer, WP Engine will need to replicate that security research on their own.
Why should www.ads-software.com provide these services to WP Engine for free, given their attacks on us?
WP Engine is free to offer their hacked up, bastardized simulacra of WordPress’s GPL code to their customers, and they can experience WordPress as WP Engine envisions it, with them getting all of the profits and providing all of the services.
If you want to experience WordPress, use any other host in the world besides WP Engine. WP Engine is not WordPress.
]]>How fast a web page loads, how quickly a page reacts when you click a button, or how smoothly it scrolls can all significantly impact the end-user experience. A more performant site can lead to higher reader engagement and more conversions. Thankfully, over the past few years, the WordPress project has made major performance improvements across the board for the core platform, plugins, and themes.
Many enhancements are available out of the box, with no configuration required. They improve the website frontend’s performance—the part visitors see—and various parts of the administrative experience, such as the editor.
Here’s a partial list of performance upgrades from the past year:
In addition to the Core enhancements listed above, the WordPress project continues to work on several efforts that indirectly benefit the ecosystem’s performance.
For instance, WordPress Core leverages automated tooling for continuously monitoring its performance, covering every product update. This helps measure new features’ performance improvements and enables contributors to detect potential performance problems during the development of a new feature or release so any issues can be proactively addressed long before end users are affected. A project is currently underway to make the same tooling used by WordPress Core developers available to plugin and theme authors as well.
Additionally, the new WordPress plugin checker allows checking any plugin for performance best practices, among other requirements and recommendations. The plugin checker should lead to more performance awareness in plugin authors and, eventually, faster plugins. If you develop plugins, consider integrating this tool into your development and testing workflow.
Last but not least, WordPress 6.5 introduced the Interactivity API, which is a technical foundation that facilitates more performant user interactions. This new infrastructure drastically simplifies the implementation of interactive website features and can even centrally control certain aspects of performance, keeping multiple independent plugins operating efficiently.
These performance updates result from a collaborative effort from all corners of the community, including the WordPress Performance Team. This team, founded in 2021, underscores the WordPress project’s commitment to performance. And the results are substantial: Compared to a year ago, 8% more WordPress sites deliver good load time performance at scale—significantly better than the overall web’s 5.5% load time improvement. The web is getting more performant, and WordPress is leading the way.
WordPress contributors are determined to continue this trend by working on further performance iterations. Whether you’re a WordPress end user, administrator, site builder, or developer, you can contribute to this effort. Anyone can test the performance features before being released in Core through individual feature plugins. Each feature can be tested via the Performance Lab plugin, so please try them! Testing features early helps the team assess their impact and collect valuable feedback.
Are you eager for more WordPress performance news and updates? Then check out the 2024 performance roadmap. Thanks to the entire community for your hard work. Not only does it ensure WordPress’ continued improvement and growth, but it benefits the entire open web.
Thank you to @annezazu @clarkeemily @tweetythierry @swissspidy @westonruter @adamsilverstein @joemcgill for content review and @provenself @dansoschin for editorial review.
]]>The WordPress Security Team will never email you requesting that you install a plugin or theme on your site, and will never ask for an administrator username and password.
If you receive an unsolicited email claiming to be from WordPress with instructions similar to those described above, please disregard the emails and indicate that the email is a scam to your email provider.
These emails link to a phishing site that appears to be the WordPress plugin repository on a domain that is not owned by WordPress or an associated entity. Both Patchstack and Wordfence have written articles that go in to further detail.
Official emails from the WordPress project will always:
@www.ads-software.com
or @wordpress.net
domain.The WordPress Security Team will only communicate with WordPress users in the following locations:
The WordPress Plugin team will never communicate directly with a plugin’s users but may email plugin support staff, owners and contributors. These emails will be sent from [email protected] and be signed as indicated above.
The official WordPress plugin repository is located at www.ads-software.com/plugins with internationalized versions on subdomains, such as fr.www.ads-software.com/plugins, en-au.www.ads-software.com/plugins, etc. A subdomain may contain a hyphen, however a dot will always appear before www.ads-software.com.
A WordPress site’s administrators can also access the plugin repository via the plugins menu in the WordPress dashboard.
As WordPress is the most used CMS, these types of phishing scams will happen occasionally. Please be vigilant for unexpected emails asking you to install a theme, plugin or linking to a login form.
The Scamwatch website has some tips for identifying emails and text messages that are likely to be scams.
As always, if you believe that you have discovered a security vulnerability in WordPress, please follow the project’s Security policies by privately and responsibly disclosing the issue directly to the WordPress Security team through the project’s official HackerOne page.
Thank you Aaron Jorbin, Otto, Dion Hulse, Josepha Haden Chomphosy, and Jonathan Desrosiers for their collaboration on and review of this post.
]]>This blog is the culmination of a community effort that began last year. Formed by experienced WordPress community members and developers, the editorial group has since worked on a wide range of content already available—from theme and block development tutorials to tips and tricks for leveraging WordPress in the site editing era.
As a complementary resource to the WordPress documentation, the Developer Blog aims to provide a shared space to stay informed of development-related updates, keep up with ongoing discussions and ideas, and explore cutting-edge use cases.
In other words, consider it as a central hub for developers and extenders of different backgrounds and skill levels to learn with quality content from reliable sources, share knowledge, and drive WordPress development forward.
True to the open source way, the blog will likely evolve. As its editors and readers learn and create more content, it will adapt in response to the needs of community members like you.
Everyone is welcome to chime in on-topic discussions, share ideas or contribute. Learn more about how to get involved.
Content on the WordPress Developer Blog covers many topics, including tutorials on theme development, plugins, and block development. You can also expect posts on WordPress APIs, best practices for working with WordPress, updates on upcoming releases, and learning resources for beginners and seasoned developers.
These articles offer a good hint at what’s already in store for you:
Subscribe to the Developer Blog to keep up with the latest content in the WordPress development space.
Props for content and peer review @chanthaboune @rmartinezduque @mburridge @marybaum @bph @greenshady @webcommsat.
]]>These versions of WordPress were first released eight or more years ago so the vast majority of WordPress installations run a more recent version of WordPress. The chances this will affect your site, or sites, is very small.
If you are unsure if you are running an up-to-date version of WordPress, please log in to your site’s dashboard. Out of date versions of WordPress will display a notice that looks like this:
In WordPress versions 3.8 – 4.0, the version you are running is displayed in the bottom of the “At a Glance” section of the dashboard. In WordPress 3.7 this section is titled “Right Now”.
The Make WordPress Security blog has further details about the process to end support.
]]>Everyone is welcome to watch these events live on YouTube and to share their translation stories which will be featured during the celebrations and beyond. The global events will be in English and include presentations on how and why to you should join the thousands of translators in the project, tips and tools, interviews, and much more.
There are now 205 locales translating in what is a remarkable open source effort, bringing the opportunities of the software and its community to people in their own native languages.
We will start the global events with a panel featuring the latest update on what is happening in the world of WordPress polyglots. Panellists will include translators and polyglot supporters Petya Raykovska and Erica Varlese. There will be a video demonstration on how to translate WordPress, a short presentation on translation statistics, a run down of upcoming events, and more.
Watch the event live on YouTube (or click on the play button below) – sign-up for notifications in the video stream right now so you don’t miss it when it goes live!
Right after the livestream, there will be a ‘drop-in’ translation sprint on Zoom video-conferencing, open to all. You can join and hang out virtually with your Polyglots friends from all around the world and translate WordPress in your own language! RSVP for the session now and get joining links!
Panel on Polyglots Tools
Join Jesús Amieiro, Peter Smits, Vlad Timotei, and Vibgy Joseph to talk about the tools they’ve contributed to or developed to help translators and translation editors.
Panel on Open Source Translation Communities (YouTube link – opens in a new tab)
Join Zé Fontainhas (WordPress), Ali Darwich (WordPress), Michal Stanke (Mozilla), and Satomi Tsujita (Hyperledger Fabric) to learn about nurturing translation communities.
Finale Event – Why do you translate?
Our finale event for 2021 with emcee Abha Thakor and a panel from the WordPress Translation Day Team. It will feature highlights from some of the local and global events during the month and a selection of results. Some of the nominees for this year’s polyglots appreciation will join the livestream to share their stories.
The livestream will be followed by an after party celebration for anyone who has taken part in the event or is a WordPress polyglot. Book now for the session on Zoom.
There’s lots of ways to take part – discover this list of ideas.
You can also nominate translation contributors to be featured in this year’s celebrations.
For more information on the 2021 WordPress Translation Day celebrations, visit the WordPress Translation Day website.
Props to @webcommsat, @harishanker, @lmurillom, @oglekler, @meher, @nalininonstopnewsuk, @evarlese for contributing to this story.
]]>Still, if you’ve been putting off using the block editor,?this is an excellent time to give it another shot. Since it first appeared in 2018, hundreds of WordPress contributors have made a lot of updates based on user feedback. You will be pleasantly surprised at how far it’s come!
Big thanks to everyone who has been working on WordPress, Gutenberg, and the Classic Editor plugin. And thank you to every WordPress user and tester who has provided the feedback we need to make the software even better.
~ Josepha
Returning to the block editor for the first time in a long time? You can give feedback early in the process by joining the outreach program! Looking at it for the first time ever? Get your bearings with some workshops or check out this demo!
]]>Which means it makes sense to change our theme.
Earlier this year, Matt requested a new design from Beatriz Fialho (who also created the State of the Word slides for 2020). The design keeps a clean, white-space friendly format while incorporating a more jazzy, playful feeling with a refreshed color palette.
More detail on this modern exploration have been posted on make.www.ads-software.com/design. I encourage you to stop by and read more about the thoughts behind the coming updates; and keep an eye out for the new look here and across www.ads-software.com!
]]>This cross-team initiative is part of the www.ads-software.com network and features content from contributors from the global community. It will be updated weekly and will help connect new and existing WordPress users with the broader community while they learn.
On Learn WordPress you can find a range of material and opportunities to use at the time which works for you.
Workshops are practical, skills-based videos that show viewers how to do new things with WordPress, whether you publish, manage, develop with, or contribute to WordPress. Most workshops include quizzes for you to test your newly gained knowledge.
Discussion groups provide an opportunity for further collaborative learning with participants meeting together to discuss the workshop content – they take place online, either in video calls or Slack and accommodate all time zones.
Lesson plans are guides for facilitators to use while presenting at events or within educational environments. Facilitators will find learning objectives (telling people what they are going to learn), any prerequisite skills, assets such as screenshots and slide decks, and learning assessments.
Courses are a series of interconnected lesson plans to be presented by a facilitator that will strategically focus on defined learning outcomes. Participants can go through these courses individually or as part of a group. After completing the learning, attendees should be able to apply their skills in the real world.
In addition to the wealth of valuable content available on Learn WordPress, the platform provides an opportunity for individuals to learn alongside other community members and become connected with a global network of WordPress users, developers, and contributors.
Why you should use Learn WordPress – videos from our community.
Learn WordPress is an open-source platform available for anyone to contribute content in any areas mentioned above. Find out more about how you can get involved with this initiative.
Take part in our fun promotion campaigns on social and with your local community.
Hundreds of people spanning a number of years have contributed to the development of learning materials. Thanks to everyone who worked so hard to make Learn WordPress a reality.
Particular thanks to:
Training: @courane01, @azhiyadev, @geheren, @webtechpooja, @jessecowens, @onealtr, @rastaban, @evarlese, @manzwebdesigns
Meta: @coreymckrill, @dufresnesteven, @jonoaldersonwp
Community: @hlashbrooke, @camikaos, @harishanker, @angelasjin, @nao, @courtneypk, @andreamiddleton, @rmarks, @sippis
Marketing: @webcommsat,? @oglekler, @lmurillom, @yvettesonneveld, @meher, @nalininonstopnewsuk, @megphillips91, @marks99, @marybaum, @antialiasfactory, @herculespekkas, @chaion07
Design: @melchoyce?
For a fuller list of the contributors who have been involved in training and Learn WordPress, visit the initial beta launch post. Thanks to everyone who has been involved to date and will be in the future.
]]>