Pagelayer Reaches 100,000+ Active WordPress Users

Pagelayer – the new easy to use website and page builder for WordPress announced on the 17th of September, 2019 that it has achieved a new milestone of reaching 100,000+ Active WordPress installs :
https://pagelayer.com/blog/pagelayer-reaches-100000-active-wordpress-users/

Pagelayer has been growing steadily and new features are being introduced really fast. The new version Pagelayer 0.9.9 was launched a week back with new features. The Pagelayer team is working hard to improve it daily and make it the best Page / Site Builder for WordPress. A premium version of Pagelayer is also soon going to be launched. The Pagelayer team has recently added more documentation on their website and are making video tutorials for users.

About Pagelayer
PageLayer is a WordPress page builder plugin. Its very easy to use and very light on the browser. Pagelayer works with any WordPress theme. Pagelayer is a real time editor and you can create beautiful web pages in a few minutes !

New security fixes in WordPress 5.2.3

New Security Fixes in WordPress 5.2.3

A short-cycle maintenance release of WordPress was presented during the last week with the latest security fixes and performance enhancements- totaling 29 in all. 

Latest Fixes and enhancements in WordPress 5.3.2

It is worth mentioning that as many as 6 issues relate to XSS vulnerabilities during different processes like post preview, URL sanitation, etc. Along with that, the previous WordPress versions have also been updated by jQuery JavaScript library updates and bug fixes. 

Details of Key updates 

·         XSS vulnerability in the post preview and post comments

·         Open redirect vulnerability during the validation process or sanitization 

·         XSS vulnerability while uploading media.

·         XSS vulnerability in shortcode preview

·         Reflected XSS in the dashboard

·         XSS threat while sanitizing URL

·         The jQuery of the previous version has also been updated

Understanding the attack terminology 

·         Reflected XSS Vulnerability:  In reflected XSS vulnerability, the inputs from post or URL are reflected on the live page without being saved. It gives attackers a chance to slyly inject their malicious code.

·         As the attacker uses trusted websites as a carrier, the browser of the end-users trust the script.  It thus starts executing the script. Once activated, the malicious script can access sensitive data saved on the end-users’ browser (like saved passwords or payment cards), cookies, etc. The advanced malicious scripts can even interfere with the original website.

·          With the help of the XSS attack, the attacker can hijack your session and perform unauthorized activities. The attacker can also steal sensitive information or perform phishing attacks.

·         Open Redirect Vulnerability: When the site redirects you to a specific webpage using your submitted link it is known as open redirection. The attackers can use the flaws/loopholes during this process and redirects the users to their desired pages (instead of designated original page).

·         For example, if you are being redirected to a submission form and the site is afflicted with open redirect vulnerability, then the attackers can exploit that vulnerability to quietly intrude and redirect you to his fake form with similar look and feel.

When you fill your sensitive information (payment cards, passwords, social security information, etc) and submit it, the entire information is sent to the attacker who can misuse the information for their vested interests. Two major ways in which open redirect vulnerability is exploited by the attackers are stealing the sensitive information to misuse it (with the help of identical forms) and redirecting you to their websites that can eventually facilitate XSS attacks.

Update your WP site to the version WordPress 5.2.3

If you have not yet updated your WP to the latest version 5.2.3, here is how you can update it now:

·         Login to your WordPress dashboard using your login credentials

·         Look for Updates menu in your admin area

·         Click the button “Update Now”

·         No other action is required. Wait until the updating process is finished. That’s all!

Conclusion

WordPress periodically introduces new and improved versions for better performance and enhanced security. Recently it introduced a security and maintenance update- WordPress version 5.2.3. The security loopholes patched in this release might not seem to be of high significance. However, in the wake of the increasing number of cyber threats and attacks, it is highly imperative to update your WP site as soon as any updated version (major or minor) is released.

Twenty Twenty Theme: Unbiased review with pros, cons and updated information

Twenty Twenty Theme

WordPress is all set to offer its users a brand new theme named Twenty Twenty. The theme is developed by Noren Chaplin and comes with some cool features and a fresh outlook.

About Twenty Twenty Theme

While it is based on an already exiting theme Chaplin (by Noren), the Twenty Twenty successfully brandish a unique personality of its own with just a subtle hint of its predecessor. Using an existing theme as a base would facilitate and speed up the development process.

Visual appeal of Twenty Twenty theme

In the online announcement post Noren displayed some pictures of the theme Twenty Twenty sporting a fresh look with bolder typography, retina friendly fonts, and a reader-friendly visual display. Some portions of the theme may also remind you of the traditional look of old newspapers.

Major features of Twenty Twenty theme

The theme is versatile and can be used for diverse purposes like creating a blog, building business sites, etc.  One of the key features of this theme is extended control over the blocks that allow the designers to quickly edit different sections of the same page while retaining the uniform appeal. In other words, it helps the designers to visually communicate their idea to the readers with better clarity.

The first default WP theme with variable fonts

Unlike other default WP themes, this theme will come with variable font version that will allow the users to have extended control over font customization for a better UX and readability. It would also save their time and efforts in choosing the different fonts from a wide selection.

For the uninformed, the variable font provides a font file comprising a massive collection of different variants of the same font.

Understanding practical benefits of variable fonts

To be more specific you might love Calibri but want it to be “little less curvaceous”. In the present default WP theme, you would have to go with the “next best” font available (like Georgia, serif, comic, etc.) that compels you to compromise with your choice.

By introducing Variable Fonts the Twenty Twenty would allow you to go beyond this creative threshold. You don’t have to look for “next best substitute” of Calibri font. The variable font file provides you hundreds of “Calibri” variants enabling you to choose just the precise Calibri variant (“less curvaceous”) you want to use for your site content. To be more precise it allows you to use your favourite Calibri font but a little straighter.

A clear improvement over Chaplin

One can see a clear improvement over its predecessor Chaplin that looked more suitable for businesses and professional sites. Though Chaplin could be customized for blogs, it lacked the relevant visual impact.

The Twenty Twenty theme can be customized to precisely suit the visual intent of business sites as well as blogs. For instance, the bloggers would love the central column for highlighting their content while the businesses can extensively customize the content placement. Besides, the users have more flexibility to add or edit design elements, insert media files, change columns, etc.

Regarding release date and availability

It is believed that the Twenty Twenty would be beta released on 23rd September (the date when the release of WordPress 5.3 version is scheduled). The official launch of steady version would require you to wait longer as the possible release date is 12th November 2019.

To have an initial practical experience of the theme you can also download its current version from Github.

Pros

·         Clean and bolder look

·         The first default WP theme to support variable font (for better control over font’s legibility)

·         Extensive block editing for more control over the visual ecosystem

·         Lightweight to promise quick page loading speed

Cons

·         The first look gives the impression that it would be primarily suitable for blogs and magazines

Key details and relevant links

·         Theme Design Leader: Andres Noren

·         Development In Charge: Ian Belanger

·         Theme review team representative: Poena

·         Github Downloading link: https://github.com/WordPress/twentytwenty

News Sources

https://make.wordpress.org/core/2019/09/06/introducing-twenty-twenty/

https://devotepress.com/wordpress-news/wordpress/twenty-twenty-new-default-theme-wordpress-5-3/

https://wptavern.com/first-look-at-twenty-twenty-new-wordpress-default-theme-based-on-chaplain

Image credits

http://make.wordpress.org/core/2019/09/06/introducing-twenty-twenty/

Pagelayer 0.9.8 Released

The Pagelayer team has released version 0.9.8.
This version has many UI and UX improvements for the Pagelayer Editor.
The following is a list of changes :

  • [Task] In the editor, improved the widget border colors for better user experience
  • [Task] Improved the right click options UI and added icons
  • [Task] The widget left bar has been improved
  • [Task] Improved the search box UI in the left bar
  • [Task] The widget properties UI has been improved
  • [Task] The editor bottom bar UI has been improved
  • [Bug Fix] Testimonial widget was not working. This is fixed.

The Pagelayer team will be launching many more changes in the upcoming version they have thanked the WordPress community as they have reached 80000+ users.

The following is a screenshot of the new 0.9.8 :

The New UI in 0.9.8

About Pagelayer
PageLayer is a WordPress page builder plugin. Its very easy to use and very light on the browser. Pagelayer works with any WordPress theme. Pagelayer is a real time editor and you can create beautiful web pages in a few minutes !

Pagelayer reaches 80000+ Active WordPress Users

Pagelayer, the new and website builder software has now achieved a new milestone of 80000+ active wordpress installs :
https://wordpress.org/plugins/pagelayer/advanced/

Pagelayer has been growing steadily and new features are being introduced really fast. Pagelayer has managed to jump from 70K installs to 80K installs in just a weeks time. Pagelayer is being used by many theme developers who are offering their themes on PopularFX and wordpress.org sites.

About Pagelayer
PageLayer is a WordPress page builder plugin. Its very easy to use and very light on the browser. Pagelayer works with any WordPress theme. Pagelayer is a real time editor and you can create beautiful web pages in a few minutes !

WordPress 5.2 Features And Bug Fixes

WordPress version 5.2 named as “Jaco” was officially released on 7th May 2019 available to download.

This version comes with lots of features such as site health check, new dashboard icons, several bug fixes and various accessibility updates.

Features included in WordPress 5.2 are listed below:

  1. Site Health Check
  2. PHP Error Protection
  3. New Emojis and Dash icons
  4. Updates For Developers

Site Health Check

Site Health Feature was introduced in WordPress version 5.1. WordPress 5.2 release includes two pages that help to debug configuration issues. It also adds space which includes debugging information for site maintainers.

PHP Error Protection

This feature will let you fix or manage fatal errors without requiring developers time. Most of the WordPress fatal errors stop users from accessing the wp-admin dashboard.

Users are then required to undo all the changes made to sites with the help of developers or FTP client.

WordPress 5.2 provides the recovery mode for administrator users in which whenever fatal error occurs you will see a message: ‘This site is experiencing technical difficulties ‘.

WordPress then send an email to the WordPress email address which includes login link. Using that link user can log into the admin dashboard. After that you can undo changes that triggered fatal error.

New Emojis and Dashicons

WordPress 5.2 has 13 new icons, including Instagram, a suite of icons for BuddyPress, and rotated Earth icons for global inclusion.

WordPress 5.2 includes following improvements for developers

Updates For Developers

Block Editor Improvements

In WordPress 5.0 the block editor( Gutenberg ) was introduced. WordPress 5.2 comes with some new features added to the block editor.

  • Image resizers are much better than before.
  • Performance improvement in terms of loading time.

PHP Version Bump

The minimum supported PHP version for WordPress installation is now 5.6.20. As of now WordPress 5.2 or greater version themes and plugins can safely take advantage of namespaces, anonymous functions, and much more.

Privacy Updates

WordPress 5.2 includes new page template that is privacy policy. Added following helpers that will make customizing the privacy policy easier.

  • Function: is_privacy_policy()
  • Template file: privacy-policy.php
  • Body class: .privacy-policy
  • Menu item class: .menu-item-privacy-policy

Improvements for Writing JavaScript

With the addition of webpack and Babel configurations in the WordPress 5.2 package, developers won’t have to worry about setting up the build tools to write modern JavaScript.

New Body Hook

WordPress 5.2 added new wp_body_open() hook, which lets themes support injecting code right at the beginning of the <body> element.

Plugin Compatibility Checks

WordPress will automatically detect if your website server’s PHP version is not compatible with the installed plugins. If installed plugins require higher version of PHP than your website is currently using, WordPress will not allow to activate your plugin.

These were all the features and bug fixes introduced in the version 5.2. Hope the article as knowledgeable.

If you need any assistance with the installation feel free to contact our support team at :
https://softaculous.deskuss.com/open.php

You may also email your query at support@wpcentral.co.

How to install WordPress?

WordPress is a most popular, easy-to-install website builder in the world. WordPress is an Open Source project, which means there are hundreds of people all over the world working on it. (More than most commercial platforms.) It also means you are free to use it for anything from your recipe site to a Fortune 500 web site without paying anyone a license fee.

Following guide will assist you to install WordPress manually.

Method 1:

Pre-requisites for installing WordPress

  1. Web browser to perform the installation
  2. Access to your web server via FTP or shell
  3. MySQL server where you can create user and database
  4. An FTP client
  5. Make sure that your web server meets the basic requirements for running the WordPress.

Process

  1. Download the latest WordPress package and unzip the same in the directory on your web server where you want to install.
    • If you want to make the installation in the root of your domain such as http://mydomain.com/ , unzip the package in the root directory of your web server.
    • If you want to make the installation in a subdirectory of your website such as http://mydomain .com/wp/ , create the ‘wp’ directory in the root of your web server and unzip the package in this directory.
  2. Create a database for your WordPress installation on your web server. Also create a MySQL user giving all the privileges to access and modify the database.
  3. Now initiate the installation process by accessing the URL in your web browser.
    • The access URL will be http://mydomain.com/ , if you uploaded the WordPress files to the root directory of your web server.
    • If you uploaded the WordPress files to a subdirectory named ‘wp’, then the access URL will be http://mydomain .com/wp/
  4. On accessing the URL, WordPress installation will begin.
WordPress Installation start page

Select the language you want for your WordPress installation and continue.

You will be notified to get the database and the database user ready. Click on Let’s Start to enter the details.

Enter Database details

After entering the database details, click on Submit. WordPress will test the database connection. If correct, main installation process will now begin.

You will be prompted to enter the basic site details such as Site Name, admin username and password, email id, etc. Fill in the details and click Install.

Enter WordPress site details

Thats it! WordPress is now installed on your domain.

Installation complete

You can now access your website or login to the website’s dashboard with the username and password entered.

Method 2:

Should you find the above process tedious, there is this simpler way to install WordPress using wpCentral in just one-click. You can find the guide to install WordPress using wpCentral here.

Note: If you install the WordPress from wpCentral panel, wpCentral plugin will be installed alongwith and also your website will be added to your wpCentral panel account. You can now manage(Plugins, Themes, Backups, Restore, etc) your website from here itself.

We hope this article was helpful to you to achieve WordPress installation. If you have any queries or suggestions, do write to us at support@wpcentral.co.

Regards,
The wpCentral Team

How to keep Classic Editor in WordPress?

WordPress 5, on its release, brought a lot of changes including a new content editor called the Gutenberg editor thus replacing the old Classic editor which has been in use for many years. The new editor brings with it a completely different approach to content editing in the form of blocks.

But some users are facing difficulty in adapting to the new editor, hence here is the guide to disable Gutenberg and continue using the Classic Editor.

Introduction to Gutenberg

Gutenberg is a new WordPress editor which completely changes the face of editing in WordPress. It uses drag and drop blocks for content writing, helping you to focus on the content instead of customizing the code. You don’t need to be an apt developer to build your custom posts and pages if you are using Gutenberg.

Gutenberg Editor User Interface – Types of blocks

Classic editor is similar to Microsoft Word with a clean writing area, whereas Gutenberg editor provides blocks for headings, paragraphs, lists, images, plugins, videos, etc. You can simply style the editor to look like the Published Page using Gutenberg.

Some writers and bloggers are finding hard time using Gutenberg due to reasons such as they find the block based editing system complex, they are unfamiliar with the new editor, etc. Fortunately, WordPress provides an easy way to disable Gutenberg and switch back to the Classic Editor.

Method 1: Activate the Classic Editor Plugin

The WordPress contributors provide a Classic Editor Plugin which we can use to switch back to the classic editor look.

Firstly, install and activate the Classic Editor Plugin. As soon as it is activated, it will disable the Gutenberg editor.

You can change the setting to switch between the editors so as to use whichever and whenever you want.

Go to WordPress admin Dashboard -> Settings -> Writing Page -> Classic Editor Settings. Select the option that is suitable for you as the default editor and select the option to switch between the editors to Yes and click on Save Changes button.

Classic Editor Settings to switch between editors.

Now when you go to Posts -> Add New, you will see the option to switch to other editor on the right side:

Switch from Classic Editor to Gutenberg(Block) Editor
Switch from Gutenberg Editor to Classic Editor

Editing the older posts can also be done using the Classic Editor. Go to Posts -> All Posts page. You will find options ‘Edit(Block Editor)’ and ‘Edit(Classic Editor)’ below the post. Click on the one suitable for you to edit the post.

Edit the existing post by selecting the suitable option.

Method 2: Use Disable Gutenberg Plugin

There is another plugin called disable Gutenberg which provides the option to select certain user roles and post types to disable the Gutenberg plugin on while still using it on other posts. Firstly install and activate this plugin.

Once you activate this plugin, you will find its settings under the Settings menu with the title ‘Disable Gutenberg’. Visit this page by clicking on the link to configure the plugin settings.

Disable Gutenberg Plugin Settings

Gutenberg will, by default, be disabled everywhere for all the users. You will find an option ‘Complete Disable’ which you need to uncheck in order to select the users and posts to disable the editor for.

Disable Gutenberg Editor for certain User Roles only.

Once you uncheck the option, page will expand to display more options for user roles, posts, post types, theme templates, etc. which you can select individually for disabling the Gutenberg on. Once selected, click on Save changes button to save the changes.

Since the Gutenberg editor is new in WordPress, there are certain themes and plugins which are not yet compatible with the Gutenberg editor and still rely on the Classic editor.

This option to selectively disable Gutenberg editor seems quite helpful in such a scenario.

We hope this article was helpful to you in switching between the Gutenberg Editor and the Classic Editor!

wpCentral Premium Launch

Softaculous team has successfully launched the premium version of
wpCentral. Go through the following article to know about the new features and bug fixes that are introduced in this version:

1) [Feature]: Added Remote Backup feature. Using Remote Backup users can manage their backups at remote locations like FTP, SFTP, FTPS and even on Google Drive and Dropbox. To know how to create the backups at these remote locations and how to add Backup Location go through the guide here.

2) [Feature]: Added Auto Backup feature which allows users to automate their website backups by scheduling them. Users can schedule backup for once a day, once a week, once a month or they can add their custom time. To Automate website Backups go through the guide here.

3) [Task]: If your website is disconnected from the wpCentral panel for some reason, you can reconnect the website using WordPress admin credentials as well. You can go through the documentation here to know how to reconnect website using WordPress admin Credentials.

4) [Bug Fix]: Install, Delete and Update of plugins and themes was not working for the websites hosted on non-suPHP servers. This is now resolved. FTP details for the websites hosted on non-suPHP servers are required to be added to proceed with the management of these websites. Follow the documentation here to configure your website domain in wpCentral panel.

Note: We have also launched wpCentral plugin version 1.4.3 in compatibility to wpCentral Premium launch. We recommend our users to update their plugins to explore the premium features without any errors.

Regards,
The wpCentral Team