Divi, I’m trying to like you. No, no, it’s not you. It’s me!

Divi, I’m trying to like you. No, no, it’s not you. It’s me!

I want to love Divi, I do. But I’m struggling on our first date.

Dear Divi, can't you do this? The other date I had could do this.

Dear Divi, can’t you do this? The other date I had could do this. Don’t make me go back to her.

Granted, it’s our first date. Things will get better, right? I’ll give it some time, I’ll call back (I swear) and we’ll get things worked out.

I’m just going to come out and say what’s on my mind: it’s the archives. The search results, the category index pages. There are no options. If I go to this page (say, a category about traveling through Home Exchange), I want to see a nice grid or clean and easy-to-read list of the posts in that category.

Now, now, dear, I know what you’re going to say. “Just create a page and then put a module for blog posts in the travel category in there.” I understand, but I have so many categories and I don’t want a page for my categories, I just want my categories. Oh dear, is there no hope for us?

What? There’s some code? Oh yes, your forums gave me some code to kinda sorta make a grid-like option, but it doesn’t look very clean, it has the entire post’s contents (really long) and I can’t choose the number of columns or, well, can’t choose anything because I’m back to custom code and I told you when we were choosing a place to go that I was done with custom code. I want to be flexible, but I don’t want to be dumb.

Masonry Madness

I know I'm showing off, but just have a look at this masonry.

I know I’m showing off, but just have a look at this masonry. [Enfold theme]

Now I don’t like comparing and don’t want to be the guy who says, “Well, my last date was like this.” Because then she’ll get snotty and say, “Well, then just go back to her! Just leave me! I’ll be fine without you. Just fine!”

But this is just a beautiful category display. Masonry gone wild. There’s even a filter at the top with all of the categories and when you click on one, just those categories show up. I mean, sure, this is usually with a portfolio, but my sites and those of my clients often have lots of posts in lots of categories. That’s what got me into this whole conversation in the first place.

Maybe that’s it. Maybe you’re just meant for someone who doesn’t have a ton of posts and categories and content. Just a few beautifully designed pages and a few posts here and there. No search, no archives, no glut of categories.

I’ll hold on, Dearest Divi. Your background, your crew at Elegant Themes are darlings and have been for a decade. I know these hot new things on the market might be gone tomorrow and I’ll come crawling back to you, but …

Reduce security risks with automated plugin updates from WordPress.com

Reduce security risks with automated plugin updates from WordPress.com

Finally, an automated, reliable WordPress plugin updating tool.

Outdated plugins are a guilty culprit when it comes to getting your site hacked. With WordPress.com’s Jetpack automated updater, you never have to worry about updating plugins manually.

Or rather, never have to worry about getting hacked through an non-updated plugin again (which is what usually happens).

Set It and Forget It

I’m all about Set It and Forget It. If there’s a tool we can use that automates some process that we normally would have to do manually, there’s little reason to not do it.

Reduce security risks with automated plugin updates.

You should do this now. No, really.

Finally, through Jetpack, WordPress.com’s multi-featured plugin, you can choose to have certain plugins automatically updated on your WordPress site. Maybe there are some plugins that do this, but I like Jetpack and especially like that this is WordPress.com behind the scenes doing these updates. Also, the plugins will only be updated if they’re in the WP repository, so recognized and maintained and not some third-party unknowns.

If your plugin is not in the WP repository (see the fab Monarch Plugin above, because it’s a premium plugin), you’ll have to update those yourself.

Is your WordPress uploader asking for your FTP login information?

Is your WordPress uploader asking for your FTP login information?

Quite random, but it turns out there were a few lines missing from the wp-config.php file from the previous host.

When trying to upload anything or update a plugin or theme, I got the page asking for my FTP information. I knew something was wrong because I was on GoDaddy’s Managed WordPress Hosting and it’s been great and I shouldn’t need to do that kind of thing. But it was happening.

Got on the phone with help and they couldn’t find anything wrong either. In the end, they added a few lines that had to do with permissions that fixed it.

Here you go, for your head-scratching pleasure:

define( ‘FS_METHOD’, ‘direct’);
define(‘FS_CHMOD_DIR’, (0705 & ~ umask()));
define(‘FS_CHMOD_FILE’, (0604 & ~ umask()));

For the record, we had just moved hosts, so the wp-config.php file wasn’t created from scratch but was from the old hosting.

Unlimited small WordPress jobs for $79 per month.

Unlimited small WordPress jobs for $79 per month.

Does your WordPress developer struggle under all of your small WordPress jobs? Can you no longer get their attention? Do you feel unloved by your overworked WordPress developer? We have a solution.

“It’s just a little fix. Shouldn’t take more than 15 minutes, right?”

Does your correspondence with your WordPress developer go something like this when you have a small task for them?

  1. You are pretty sure it’s just a small job. You word it best you can. You even send them the WP login credentials.
  2. You email it off to your WordPress developer or designer.
  3. You don’t hear back terribly quickly with a response. At least one moon passes through the sky as you wonder where he or she might be.
  4. You follow up in the next day or so, trying to stay sweet and brief to be polite.
  5. You get a quick note that, “they’ll look into it.”
  6. You wait another day. Another moon.
  7. You try to resist the urge to write them again. You like your developer. You think they like you, too. But you also need your fix.
  8. You hem and haw and wonder what to do. You focus on your breath. In and out, in and out.
  9. You call.
  10. They say they’ll “take care of it right away” and they do.
  11. Whew, you’re glad that’s over. But you’re hesitant to ever have another issue again.
  12. You get a bill for 45 minutes of work @ $125 per hour (that math is too complicated for this post) and you pay.
  13. Repeat this process the next time you have a “little fix” on your WordPress site.

Are we having fun yet?

That’s thirteen (13) steps for a probably simple WordPress fix. WordPress isn’t rocket science, right? That’s why you chose it to begin with! Maybe your developer is just overwhelmed. Maybe they’re just inundated with small jobs like this and they’re busy with bigger jobs and would love to help, but just don’t have the bandwidth.

Heard ANY of this before?!

Imagine never having another WordPress headache.

The World’s best WordPress support.

Introducing a WordPress firm that specializes in taking care of small jobs: WP Curve. That’s all they do. They don’t create new logos or suggest you create a Facebook page for your business. They don’t care if you redesign your site or make fun of you if you want to “make your logo bigger.” They just do unlimited WordPress fixes for a flat fee per month. That’s it. But that’s a big it.

Even if they only did “unlimited small jobs,” you’d be doing cartwheels in your hallway. But wait, there’s more. They also provide:

  • An 8-hour turnaround time. That’s the time it took your developer to realize they had an email from you (doesn’t include opening it, that takes longer).
  • Detailed notes on every job. Your current developer might email something like, “Hey. It’s done.” You’re so thrilled with the detail you might print out their email and frame it.
  • 24/7 live email and chat support. Your current developer says he works on the lunar calendar and certainly not on Tuesdays after dusk.

Dear reader, I know you’re probably shaking your head, hesitant to continue reading this “propaganda” any longer as your uncle Walter always told you, “if it sounds too good to be true, it probably is.”

But it gets even better.

With their next level of service, they start offering options you shouldn’t consider not doing. This is where the value not only covers fixes and changes, but proactive security protection. Crazy, out-of-their-minds services such as:

  1. Proactive WordPress upgrades: this means you don’t have to log into your site and upgrade your WordPress. Of course, we know you do this on a regular basis anyway, but now you no longer have to.
  2. Proactive plugin and theme upgrades: outdated plugins and themes are where the real dangers lurk. Let them do these. Wait, did they say “proactive”? As in, you don’t have to ask them first? Have you signed up yet?
  3. Secure offsite backup: offsite means not on your server, not on your cousin’s hard drive, but somewhere safe. This is good practice. Of course, you do this anyway, but they’ll do it again for you for safe keeping.
  4. Monthly security scan: this is already worth the price of admission (to this nutty fun zone), but it gets even better with #5. Ready?
  5. Security guarantee: if your site breaks or gets hacked, they’ll fix it. I have recommended Sucuri in the past (and still do if your site gets hacked), but wait, now you won’t need to shell out $189 for a site fix.

If you’re to the point where you are yelling at your screen saying, “Enough already! Which plan should I sign up for!? I’d recommend the middle plan, the $99 plan.

I think I’m running out of space on this page to write more good things. Let me know in the comments if you think that going with WP Curve is a bad thing and why. I promise I’ll respond … but probably not within 8 hours.

BONUS CONTENT: For fun, ask your developer what they would charge for “unlimited small WordPress fixes” per month. I don’t recommend doing this is person as they might spit out their glazed doughnut. You can help me add to the list, but I’ve heard responses like:

  1. “I’m sorry, did you say unlimited? I thought you said inebriated.”
  2. “Client dude, I’m pretty what you just said can land you in jail. Don’t ask me that. Ever.”
  3. “Wow. OK, seriously, between you and me, that’s like slow torture by 1,000 cuts of broken glass.”
  4. “Like how small is small?”
  5. “I’m going to pretend I didn’t hear that.”
  6. “Are you smoking crack again? That’s a crack-addict question. Like, out of this world.”

Let me know what you hear in the comments. If you need to obfuscate your name, I understand.

Oh no! Brute Force Amplification Attacks Against WordPress

Oh no! Brute Force Amplification Attacks Against WordPress

Do you have any idea what that means? Either do I.

Do you care? Do you not want to know? Do you never even want to hear about these things?

Password Guessing Brute Force Attacks. Sounds scary ... because it is!

Password Guessing Brute Force Attacks. Sounds scary … because it is!

I don’t.

I don’t want to hear about these things, I don’t want to care about them, I just want them to go away.

So what do you do, dear WordPress site owner, what do you do? There are a few options.

Looking to handle WordPress security? Here are three options.

  1. DIY: stay on top of things, learn what things like “brute force attacks” mean and what you can do about them, then do them. If I use my favorite house analogy, this would be you doing everything: bars on the windows, good lighting, and then when you did get robbed, file the insurance papers and take photos.
  2. Hire Sucuri: Sucuri is a fantastic WordPress security service that will first clean your infected site, but then install a plugin that helps prevent future attacks. Then, if you are hacked again, they’ll clean it up (again). This would be like signing up for a home security service. You put up signs, they’ll come if the alarm goes off, etc. 
  3. Host with WP Engine: when you host with a good Managed WordPress Hosting like WP Engine, (that link will get you the first two months free), you won’t have to hire Sucuri because your hosting is so secure that it’s not necessary. WP Engine is mostly likely faster than your current host and it’s almost certainly more secure. With the house analogy, this is a gated community. They don’t even let the bad guys past the front gates. Oh, and if they do get in? They’ll take care of it.

What sounds best to you?

If you’re still curious about what “Brute Force Amplification Attacks Against WordPress” means and think it’s a geeky kick to tinker and configure and protect your site, go for it (and then sell your services on Elance!). But if that sounds about as fun

So you’d like to blog, then podcast about the blog, monetize the podcast with a course that has a membership component, accept PayPal and credit cards and invite affiliates to help market your services. Uh huh.

So you’d like to blog, then podcast about the blog, monetize the podcast with a course that has a membership component, accept PayPal and credit cards and invite affiliates to help market your services. Uh huh.

Oh, is that all? No problem! We can do that! Let me see, just 14 plugins, 2 WordPress installs, a half dozen other tools and you’re all set!

Unrealistic? Not so fast, Pendergrass. Here’s a note from a client letting me know exactly what she has going on (and a few comments about how that’s working out for her):

  1. Memberium – a Word Press plug in to manage paid access to courses
  2. Learn Dash – a Word Press plug in, a learning management system
  3. Infusion Soft – to manage my list and to provide a shopping cart for my digital product sales
  4. PayPal – to manage one time and subscription payments (I want to give student the option of choosing PayPal or a regular cc.)
  5. Authorize.net – to manage one time and subscription payments
  6. LeadPages – to capture leads.
  7. Go To Webinar – to manage group meetings and record content. I want to drop this. It’s too expensive and complicated.
  8. Plus This – an IS plug in to manage dynamic countdown timers within Lead Pages and emails. It’s too expensive and complicated.

What is she hoping to accomplish? To summarize, paid courses. Is that over simplifying? Maybe. Does it have to be so complex? Are there really so many plugins and SAAS tools necessary?

She goes on to say things like:

Any thoughts? Recommendations? I need help!

She’s obviously stuck and frustrated. But she’s not new to the whole game. She does say that this is an improvement over where it was:

I am still not satisfied with my tech. It is much better than before.

What else is out there? Is there life beyond WordPress? Is it time to say Thank You to our longtime WP friend and move onto … onto what? Is there a better solution out there?

Let’s see what the pros say.

I worked for an SAP consulting firm in Holland. SAP is software that’s so complicated that it requires consulting firms to implement the software. Is that still the case? Is selling a membership course so complex that it requires a team of consultants, a variety pack of tools and thousands of dollars in implementation and set up?

You want complicated? I can get your complicated. [The Settlers of Catan]

You want complicated? I can get your complicated. [The Settlers of Catan]


Pin It on Pinterest