WordPress Automatic Upgrades

For all of us who have installed and maintained the stand alone version of WordPress since “quite some time ago”, the automatic upgrade feature was a “small step for WordPress and a giant leap for webmasters”. OK, so in the beginning and really until early 2009 all WordPress upgrades were manual. That is the new files had to be copied to a local machine and unzipped… then they were uploaded to the server to over-write the existing core files, and then the database had to be updated in many cases. Lots of work, lots of places for human error. But always exciting nevertheless.

Enter WordPress version 2.7 – Yeah !! With WordPress 2.7 in February 2009 we had automatic upgrades available for all future upgrades. (Not Automattic). So we can login to the admin Dashboard and see immediately when we have to upgrade WordPress itself, or any of our plugins.

A word to the wise is appropriate here. Please resist the urge to upgrade everything immediately when you see the notices that you can upgrade. Be sure your backup is rock solid before you start upgrading anything. You can check my backup routine or of course use your own but make sure you can restore the entire site if something goes terribly wrong during your upgrade.

To execute an automatic upgrade with WordPress or any of the plugins that support automatic upgrade, you will be challenged for login credentials like this:

And following a successful upgrade, you will be rewarded with this screen… note this does not mean your new files will work. This just means that the upgrade process appeared to have completed successfully. Immediately after any upgrade, I check to make sure my plugins are all playing properly together. But that’s another story. Cheers –

WordCamp NYC Genius Bar – Bring It On!

And you thought the so called “Apple Genius Bar” had a trademark on the phrase “Genius Bar”? No way. WordPress fans have their own version of the Genius Bar and the WordCamp NYC event will have one all day on November 15th at Baruch College. I’m working as a volunteer at the event but I’ll be bring my questions to the bar with the other WP Padawans. I’ll be asking my NJ web design buds if anyone has the courage to deliver. Steve Bruner who was the original organizer for this year’s event mentioned he wanted to have one if we had enough Geniuses to support it over a month ago. And now there are enough. There are over 50 presenters at the 2 day event and from the field we’ve managed to get enough WP Guru power to have the Genius Bar this year.

From today’s WordCamp NYC 2009 newsletter:  “The idea behind the genius bar is a place where you can come to ask your toughest (or easy) questions to members of the WordPress community and get great answers. Whether you are having a problem with your WordPress theme or want to know the best place to find a new one, have a question about a plugin or two, or just want to know the best way to get started with WordPress – we are there to help! ”

If you want to and can volunteer to work the Genius Bar, please contact Barry at http://barry.wordpress.com/contact-me/. Thanks !!

WordPress Site Review – Frugal Kiwi

I was looking at incredible food pictures on Tastespotting as I do every once in a while. An interesting picture lead me to a beautifully designed site from New Zealand by web designer and web copywriter Melanie McMinn. The Frugal Kiwi – “Live Well Spend Less”.

I exchanged a few emails with Melanie as she described her Thesis Theme WordPress website. Melanie called Thesis as “an incredibly flexible framework”. She mentioned other WP themes she’s used and she said the features and customization you can do with Thesis left the others “in the dirt”. She went on to say the price tag for developers was very reasonably priced. I was especially interested in Melanie’s report that the built in SEO options were handy.

For me the most impressive feature was that the site was so eye catching and artistically designed. It looked like it was built from an artistic composition… if you’re in the business you would just say “a comp” or a “PhotoShop Comp”. I really like the header integration with the theme and the fact that the Nav Bar is above the header and the image flows down into the context area seamlessly. The fat footer is nicely done with plenty of links to her recent posts and categories to make navigation easy and search easy. Her widgets on the right sidebar are artistic and interesting… also fitting the overall look and feel perfectly.

The Frugal Kiwi has a Google PR3 now on the homepage and a PR2 on the About Page.

I’m going to have to look more into Thesis. I’ve heard a lot about Thesis from Rae Hoffman at Sugarrae but this is the best design I’ve seen to date on Thesis. Nicely Done Melanie – cheers !!

(I have not been paid in any way by any companies or persons listed in this review – Mal Milligan)

Backing Up WordPress

Sometimes there is a right way and a wrong way to do something. In this case, there are a lot of right ways to get your Stand-Alone WordPress blog backed up. I’m going to demo my system and you can use it if you have a similar set of parameters or just get a grasp on the tasks if you have a different set of circumstances.

The official core WordPress document written to help you with backups is one you should be familiar with. It’s on the official WordPress Codex and it’s located here: http://codex.wordpress.org/WordPress_Backups

I’m running on a Unix host with a Plesk Dashboard / Control Panel.

  • Make a copy of the local folder where you keep your WordPress blog. After I copy the entire folder / directory tree, I usually rename the old one to wordpress-blog.old and then I’ll make a brand new folder (empty) for the next step.
  • Use FTP to copy the entire directory tree from your server / host down to your local folder. With the latest versions of WordPress allowing version updates and plugin updates to the server directly, you really have to make a fresh local copy of whatever you have currently on the server / host. In the past my master copy of a WordPress blog would be local, but since I use the automatic update feature constantly with updates to WP and plugins, the master is always on the host these days.
  • Backup the database. Lots of ways to go about this. The first is to do it manually. You can go to your Plesk dashboard and then access the db via phpMyAdmin. There are a staggering number of possible combinations selecting the export manually, so I just use a WordPress Plugin. The one I have been using lately is called: WordPress Database Backup and it’s located at: http://ilfilosofo.com/blog/wp-db-backup/ This plugin allows you to set it for weekly backups to the server, to an email address, or a “Johnny On The Spot” backup to your local machine.

That theoretically covers the backup portion and you will find other references on the internet for the “3 step WordPress backup” in a number of places.

You will normally restore this backup to the original location if you have to but you can also use this backup to move your WordPress installation to an entirely new location. I’ll cover that in the next post.

Why use WordPress?

There are a lot of reasons why Web Design WorkPlace builds WordPress websites instead of using the old traditional HTML designs of the past. The biggest reason is that Google loves WordPress, and that’s easy to prove.  We are firm believers that no matter how beautiful a website is, if it doesn’t rank well on Google, the business value is entirely questionable. Here is list that I can rattle off from the top of my head on why we use WordPress instead of traditional HTML.

Advantages of WordPress Websites over traditional HTML websites:

  1. Google praises WordPress. Well known Google evangelist and Anti-Spam Manager Matt Cutts has made numerous favorable comments about WordPress for a few years and he uses WordPress instead of Google Blogger for his own personal blog. In June 2009 at the San Francisco WordPress “WordCamp” Matt Cutts said [if you use WordPress] “you have all made a fantastic choice”.
  2. WordPress sites have many SEO features built in so they work automatically.
  3. Adding new pages and content to a WP site is as easy as adding a new blog post. New content keeps search engine spiders on the site more frequently. Content is King and WordPress makes it easy to build a content rich website.
  4. Admins can add content to a WP site from an iPhone or any hand held device.
  5. Adding content does not require any programming knowledge whatsoever.
  6. Since WP is built on an Open Source platform, the top developers in the world can access the core software components to fix problems and make upgrades. The old saying “two heads are better than one” was never more evident.
  7. It’s FREE
  8. WordPress is incredibly cross-browser compliant. While it takes a long time to build and fix cross-browser compatibility problems with HTML, most of that work is already done for us by the WordPress development team.
  9. Internal page linking and cross-linking with WP sites is automatic in many cases and easy to setup in others. In traditional HTML sites, internal linking usually means more hard coding with Dreamweaver.
  10. WordPress sites are insanely configurable. It’s easy to make a WordPress blog look like a traditional website with a unique artistic style all it’s own.
  11. WP sites are built around a CMS database so they take advantage of many content management system advantages natively that are hard to implement with traditional HTML sites.
  12. There are thousands of freeware “Plugins” that are software modules designed to take care of situations that would require tons of programming time to implement on a regular HTML site.
  13. Readers can make comments to new content and Admins can choose to approve or delete these comments or they can turn the comment feature completely off.
  14. The Control Panel can be updated instantly to allow guest writers or alternate admins to join and participate in the site management.
  15. The core programming framework and all the plugins can be automatically updated from a single Dashboard. Out of date software is clearly indicated from the Dashboard.
  16. The “Themes” concept allows the entire look of the website to be changed in a single click without any additional programming
  17. New Plugins can be located, evaluated, and automatically installed from the Dashboard using search commands.
  18. New security issues for WordPress sites are resolved frequently and patches are made available to emerging threats immediately.
  19. There are dozens of Premium WordPress Theme developers with large active communities.
  20. While traditional HTML sites can be nearly impossible to fix when the original programmer is not available for future changes, WordPress sites built by one developer can be fixed or updated easily by another developer. The content is kept in a MySQL database, so it’s largely independent from the core WordPress programming structure.
  21. User friendly. The world wide user community is active and vocal keeping every feature as easy to use as possible.
  22. Accessibility. There is no other website platform in the world that is more user accessible than WordPress. People will various levels of viewing capabilities can use WordPress sites without additional programming modifications.
  23. Easy to install. Most hosting packages have a feature to do a “1 click WordPress install”. Even using the traditional install method takes about 20 minutes. There are countless resources to help with WordPress installs.

Best Web Design Tools: FireBug

When I switched to developing WordPress sites exclusively, I needed a tool to help me find the places in the code where I could go to change background and text colors. That’s when I found Firebug and it became one of my “Best Web Design Tools”. I still use it every day.

Anytime you want to look under the hood of a website and see the exact lines of code that are creating the page element you are looking at, FireBug is THE tool for the job, and it’s now one of the modern classics, a tool fit for every developers bag.

OK lets get into it. When you are looking at a web page with a browser, you are actually looking at a rendition. Older programming languages were compiled… that is they were assembled and written into an executable file. Web languages are not compiled, they are rendered at the time they are displayed and they are known as markup languages. The web page you are looking at could be HTML, CSS, PHP, ASP, and a number of other popular WWW oriented programming languages, or any combination of all of the above. You can go to “View, Page Source” using FireFox to look at the code at the time it was rendered. So what you are looking at is the final combo of what could be many files… .htm, .html, .css, .php, and so forth. It’s very hard or near impossible to figure out where a line of code originated sometimes just by looking at the source in the browser. That’s where Firebug shines.

Firebug is a free add-on that bolts beautifully to the Firefox browser. Once installed, you can drag on some text on a web page, right click, and click on “inspect element” to start Firebug. There are basically 2 panes, the left one being the exact lines of code in the currently executing HTML or PHP file generally, and on the right pane you will see the styles that are currently inherited and in play from various style sheets (your .css files).

You can also use Firebug to see exactly how many pixels wide and high your layout elements are. I worked on websites for almost 10 years before I discovered a tool that could do that and Firebug is incredibly valuable just for that one feature alone.

Another bolt on that I use frequently that works in the Firebug console is a tool called YSlow from Yahoo actually. YSlow sill tell you the load size of a web page and it further breaks down the page into the individual code and image sizes so you can quickly find over sized offenders. I don’t ever go over 1.2 MB on my homepages right now to eliminate the possibility that an oversized page might not be looked at favorably by search engines.

If you work on websites try Firebug and Yslow and tell me if they are worthy of me calling them the one of the Best Web Design Tools.

WordCamp NYC 2009 November 14 & 15 – Tickets Just Went On Sale

I’m working as a volunteer for the NYC WordCamp this year and we hope this will be a great event for everyone in the web development communities in Northern NJ and New York City. We just secured a fantastic location, Baruch College: One Bernard Baruch Way (55 Lexington at 24th St), New York, NY 10010 (646) 312-1000.

It’s a 2 day event spread over 4 floors at the college with the main event scheduled for Sunday November 15th in Mason Hall at 1:30 PM. Matt Mullenweg who is the creator of WordPress and it’s chief evangelist will present and answer questions.

Tickets for the 2 day event are $40 and for just the Sunday afternoon main event $25. Buy NYC WordCamp tickets online at the 2009.newyork.wordcamp.org/tickets/address.

Sunday sessions in Mason Hall beginning at 1:30pm.   Sessions will include major announcements and Q&A with Matt Mullenweg.  Complimentary NYC WordCamp T-shirt is included in this price.

WE STILL NEED SPONSORS !! If you want to reach a crowd of 400 to perhaps over 1,000 of the most imfluential WordPress Developers and users in possibly the biggest WordCamp ever, please consider one of the many sponsor packages. Thanks !!

All Events Pass: Both Days
Entry to all training tracks and sessions on Saturday and Sunday, including main event at Mason Hall.  T-shirt and lunch on Saturday is included.
Cost $40.00

Mini Pass: Sunday Afternoon Only
This is just a main event pass to Mason Hall beginning at 1:30pm.  Q&A with Matt Mullenweg, possibly major announcements.  T-shirt is included, but no lunch.
COst $25.00

Individual Sponsorship: Both Days
NYC WordCamp web site sponsors page recognition (linked text only), in the program announcement, and during ‘thanks to individual sponsors’ announcement at the event. One(1) ticket to the event is included, along with t-shirt and lunch on Saturday.
Cost $250.00

Consultant Sponsorship: Both Days
Acknowledgment on web site sponsors page (text and/or gravatar), in the program, and during the ‘thanks to consultant sponsors’ announcement at the event. One(1) 2-day ticket to the event is included, along with a t-shirt and lunch on Saturday.
Cost $500.00

The Best WordPress Designs I’ve Ever Seen

I’ve personally built over 350 websites and I got hooked on WordPress in 2008. I had seen blogs or weblogs since they were invented, but in 2008 I stumbled on a site that was designed by Brian Gardner and it changed my game. There are a number of reasons why I do 4 out of 5 websites now on top of WordPress blogs:

  • The WP framework is simply perfect for SEO.
  • I can build a basic website in an hour and then “skin it” with a custom WP Theme and then go to town building out pages and categories.
  • Whenever I needed to add a web page I can add a blog post instead. It’s much faster and I can do it from anywhere without using Dreamweaver. I can make a website that’s 10 pages or 20, 50 or 100 pages just by adding blog posts. The more unique content, the more SE’s show their love.
  • No hassles with tables, css, and cross browser compatibility which leads to instant web building gratification. All that is taken care of by the WordPress developers – thank you !!
  • Finally, many of the things I wanted to do with the site programming wise are already done for me in the form of open source free “WP Plugins”.

I’ve looked at thousands of WP Designs over the last 2 years and I gathered a short list of the best designs I’ve discovered. This is the criteria I used to make the list:

  • The site has to be visually stunning.
  • The header and top part of the background have to wrap around and display below the top menu bar and the text area of the blog.
  • The footers and bottom part of the background have to wrap up around the bottom text area of the blog.
  • Any artistic deviation from standard menu bars and headings is greatly appreciated.
  • I give extra credit for moving images above the fold.

This is Matt Mullenweg‘s personal site. For anyone who does NOT know this is guy, he’s the founder and driving force behind WordPress.


This is one of Toronto designer Nick Las sites. Nick is one of the best Adobe Illustrator designers in the world today, and he has tons of over the top CSS tricks on the site, many of which I’ve been fortunate enough to adapt.


The Lifecruiser blog was designed by Leanne Wildermuth and it’s like looking at a painting with the functionality of a blog.


Tribal is a WP Theme by Carlos Aguaron at Gorilla Themes. It features a very artistic no scroll background and integrated MP3 player. Another nice feature… the area between content blocks is opaque and transparent. Very cool.


I don’t know who the designer was that made these but I’ll try and find out. If you’re looking for something in a WP Theme that’s super artistic and FREE, this place is like hitting the jackpot.


This is a Studio Press Theme done by KickStartMedia.org.  I think the owner is a super talented designer named John Flynn… and at one time he was on the StudioPress.com team with Brian Gardner. Anyway, his professional site is very cool and there’s a beautiful showcase to stroll through for ideas with some wow factor.


This is another Studio Press Theme. Not sure who did this one but it’s part of Brain Gardner’s showcase on Studio Press and its very creative.


The 3rd Studio Press example I put in my favorites list. This was created by Jeff Milone who is one of the moderators on the Studio Press support forum and an outstanding designer. This site was one of the sites that got me to switch to WordPress as my website framework of choice. The other was Brian Gardner’s original “Revolution” Theme.


This site is on almost every “Best WordPress Designs” list and it was done by Miguel Ripoll. When I look at the site I’m immediately hit by the artistic nature of the work. I’ve been using Photoshop professionally for 15 years but I’m more of a mechanic with style. This site was designed by an artist.


Securing your WP-Config.php

One of the key components of a WordPress blog is a file called wp-config.php and it’s used to control administrator access. WordPress blogs will not run unless the 3 critical administrator supplied fields are in the wp-config file. These are

1.) the name of the MuSql database the blog is going to run on

2.) the name of the administrator of the MySql database or “username”

3.) the password for the database administrator user

the wp-config.php looks like this:

********************************************************************

<?php
/**
* The base configurations of the WordPress.
*
* This file has the following configurations: MySQL settings, Table Prefix,
* Secret Keys, WordPress Language, and ABSPATH. You can find more information by
* visiting {@link http://codex.wordpress.org/Editing_wp-config.php Editing
* wp-config.php} Codex page. You can get the MySQL settings from your web host.
*
* This file is used by the wp-config.php creation script during the
* installation. You don’t have to use the web site, you can just copy this file
* to “wp-config.php” and fill in the values.
*
* @package WordPress
*/

// ** MySQL settings – You can get this info from your web host ** //
/** The name of the database for WordPress */
define(‘DB_NAME’, ‘putyourdbnamehere’);

/** MySQL database username */
define(‘DB_USER’, ‘usernamehere’);

/** MySQL database password */
define(‘DB_PASSWORD’, ‘yourpasswordhere’);

********************************************************************

Your implementation of the wordpress config fil might look more like this:

define(‘DB_NAME’, ‘cookiejar’);

/** MySQL database username */
define(‘DB_USER’, ‘baker’);

/** MySQL database password */
define(‘DB_PASSWORD’, ‘bakerspassword’);
********************************************************************

WP-CONFIG.PHP begins life as a file called wp-config-sample.php and it is found at the root level of your installation. You have to modify the sample file adding the 3 critical fields, rename the file to wp-config.php, and upload it to your host site before your WordPress Blog will start properly.

The problem is that unless you do a few more steps, any decent hacker can see your ID and Password and Database name, and consequently HACK YOUR SITE.

THIS IS A UNIX HOSTING SOLUTION – this will run on all APACHE LINUX Servers

To prevent bad surfers from seeing and manipulating your config file, take these protective measures.

1.) Create and upload a file called .htaccess and put it in your root directory on the host.There are thousands of variations you can put in the file but this will do for starters

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

# protect the htaccess file
<files .htaccess>
order allow,deny
deny from all
</files>

# limit file uploads to 10mb
LimitRequestBody 10240000

# protect wpconfig.php
<files wp-config.php>
order allow,deny
deny from all
</files>

# disable directory browsing
Options All -Indexes

I put this text into a file I call htaccess.txt on my local drive, I upload it to the root of the host, and then I rename it on the host to .htaccess and then it immediately disappears because it acts like a system file.

For more information and details on this subject:

Josiah Cole Dot Com – Published 7-11-07

DevLounge – Published 11-14-07 by Ronald Huereca