One gap in the abilities of WP CLI at the moment is the ability to modify an already existing wp-config.php file.
v1.2 introduced the --force flag to overwrite an existing one, but that is the sledgehammer option – so I started working on it myself. I have put a very initial version on GitHub and would welcome feedback and pull-requests. Please don’t use this on a live site!
Is this something you would use? What features do you think it should have? Let me know in the comments.
VPNs and proxies are great – but almost always limited to funnelling all traffic through them. But what if you want to access only a single site/domain without affecting the rest of your browsing? Perhaps to access a staging site not publically available.
While what I discuss below could be used as a privacy measure, that’s not the focus of this blog post.
You can do clever things with Web Proxy Auto Discovery Protocol (WPAD) or browser specific tools like Firefox’s Proxy Auto-Configuration (PAC) but this isn’t exactly user friendly to setup. What I was looking for was something as near to zero-configuration as possible, so I could share it with my collegues without causing problems.
In the end I came to a zip file that contains a copy of Google Chrome Canary and an Automator script to launch and configure everything.
Why Canary? Chrome let’s me configure proxy settings when launching it from a bash script; but since many of us already use it, bundling Canary allows me to avoid any clashes.
The zip is structured like this:
– ProxyAccess.app (the Automator app)
– Resources (folder)
– – Google Chome Canary.app
The magic is really a one line command on the Automator app that opens the SOCKS proxy, then launches the browser to the destination URL, and the closes everything when you quit Canary:
This is based of Tim Weber’s work which suggested using cat and piping the commands together to create the automatically closing proxy. http://dev.site.co.uk is the URL to be opened when Canary launches, 5555 is the port to run the proxy on, and proxy.server.co.uk is the server that we are routing traffic through.
The Automator app is very simple and looks like this:
It uses Applescript to get the current working directory, then passes that to bash so it can find the bundled copy of Canary to run.
This falls in the quick and dirty category, but it gets the job done with minimal overhead or potential impact on a users machine.
Updated 02 – 05 – 18: plugins object is now returned as an array.
On a whim this May bank holiday, tucked up on the sofa watching movies, I decided to create a plugin to display my favourited plugins on WordPress.org.
After a bit of digging I found you can use the plugins_api() function and pass it a username, e.g.:
Here are my favourites as an example – the markup is basic but easy to style, with a couple of classes for targetting. I’ve kept it simpler than the layout in wp-admin or the plugin repository, but hopefully with enough info to be useful:
Autoptimize by Frank Goossens (futtta) Autoptimize speeds up your website by optimizing JS, CSS, images (incl. lazy-load), HTML and Google Fonts, asyncing JS, removing emoji cruft and more.
Broken Link Checker by WPMU DEV Check posts, pages & all content for broken links & missing images to improve SEO. Get notified when bad links are found.
Classic Editor by WordPress Contributors Enables the previous "classic" editor and the old-style Edit Post screen with TinyMCE, Meta Boxes, etc. Supports all plugins that extend this screen.
Classic Editor Addon by Pieter Bos, Greg Schoppe This free "Classic Editor Addon" plugin makes sure that the new block editor cannot be accidentally activated even while the "Classic E …
Email Address Encoder by Till Krüss A lightweight plugin that protects email addresses from email-harvesting robots, by encoding them into decimal and hexadecimal entities.
Enable Media Replace by ShortPixel Easily replace any attached image/file by simply uploading a new file in the Media Library edit view - a real time saver!
What do you think? Is there any other info you think would be useful to include? Let me know in the comments.
Just to be clear – there are no affiliate links, sponsored content or anything similar in this post.
Recently I started taking the JavaScript for WordPress course and would highly recommend it. Not long after I received an email from them promoting their affiliate system – help advertise the course and you get a kick-back. This isn’t something I’ve ever considered before – I dislike obvious and obnoxious product placement in general and have seen too much bad practice around a lack of disclaimers online. But in this case it made me stop and actually consider it. I like the course and am enthusiastically recommending it in person and online anyway. Is there anything wrong with being part of the affiliate scheme if I’m open about it? What do you think?
Clear styling
Aside from my personal decision about whether to sign-up, I thought it was worth adding a style for disclaimer boxes to this theme – I can think of all sorts of uses for this, not just related to sponsorship / affiliation. The next paragraph shows an example of the styling.
This paragraph is styled as a box, but still within the flow of content as I consider it an important part of it and relating to what comes before and or after it.
Personally I would consider that if this related to affiliation or sponsored content, it should always go at the very start of an article and not be buried at the bottom.
This method works well for blog posts (and content embedded within them), but what about other channels? This post on Bloggy Law has a good range of examples and some good guidance.
Circling back to where this post started – will using affiliate links hurt my content? If I decide to become an affiliate it won’t be because I need the income stream, and likely there would only be a single blog post containing the link with perhaps a link to the post on social media. I would only be posting the article as I believe the content could be interesting or useful to others. Being read is the point. Would you still want to read a blog post here if it contained an affiliate link? Would you view the validity of the content any differently? It would be interesting to compare the effect on readers of a disclaimer box versus an inline warning – up front honesty versus just-in-time honesty.
However when it comes down to it this is all academic for me. I may or may not go ahead with this scheme, but this dilemma would rarely come up – in fact, this could be the only time.
Fancy sending your WordPress site back (or forward) in time for a day? Thanks to the multitude of filters it only takes a few lines of code. In this example I’m just going to filter the_time(), but in a future post I will also show you how to put together a more comprehensive function that uses multiple filters (and has a more practical use).
This is fairly standard – pass the name of the filter we are using to the function add_filter(), along with the name of our custom function that is going to modify the value:
add_filter( 'the_time', 'cc_time_machine' );
However, since we need both of the arguments that the filter passes, we have to add in the optional values for ‘priority’ and ‘accepted arguments’. The default priority is ten, and as mentioned there are two arguments – so that gives us:
Now we can receive the data in our function and modify the value. None of the arguments relate to the ID of the post being dealt with, but we can use the global `$post` variable to retrieve it. Then we use the get_the_time() function to retrieve the date/time of the post in timestamp format – this makes it easy to manipulate. Let’s send everything 30 days into the past:
I recently set up a new VPS on DigitalOcean and chose to manage the web stack and sites with EasyEngine. I’m very impressed with EashEngine, but the fact it makes deploying sites so easy shows up how much overhead there is in staying on top of multiple WordPress installs.
They’re self explanatory, and with these you can find out if there are any updates available, and apply them.
Scalability
But logging in to a server, navigating to the web directory, and running potentially four commands is not exactly time saving. Especially when you need to be doing this in a daily basis to ensure critical patches are applied as soon as possible. (Monitoring the vulnerability disclosure lists is a topic for another day.)
Luckily we can easily automate this with a simple bash script with just a few essential steps:
find all WordPress installs and loop over them
navigate into their directory
run the two WP CLI commands needed to check for updates to core and plugins
repeat
Once the basics work the script can be easily extended with options such as a choice between checking for updates or doing updates.
EasyEngine hiccups
The standard way of finding a WordPress install so you can use WP CLI is to search for wp-config.php files since you can be certain it exists. Then navigate to the directory where you found it, and execute the command.
However, EasyEngine uses a security conscious directory structure with wp-config.php outside htdocs. This is very sensible, but impacts WP CLI the commands won’t run here – we need to move down into the htdocs directory. One solution is to just add a cd htdocs, but that would mean the script becomes specific to this server setup. Instead, just choose another core file / directory to search for – I went for /wp-admin.
The script
There are many ways this could be extended or customised – but this gist covers the basics and should be flexible enough to cover both EasyEngine and non-EasyEngine setups:
Why ask when you can be told
The last piece of the puzzle is combing the script with cron and mail.
Instead of logging in each day to run the script and check for updates, we can use cron to run it and email the output. This means I can wait for the server to tell me when I need to log in and run an update, and not have to constantly check.
For example, on Ubuntu you can $ sudo crontab -e then add 30 6 * * * su myuser -c '/home/myuser/wp_helper.sh | mail -s "WP Helper update checker" "myuser@domain.co.uk" # run wp_helper.sh at 0630 daily and email.' to run the script at 630 am every day and email the result. Note – this adds the cron job to the root crontab; this means that it will be run as root and so WP CLI will throw a warning. To avoid this su myuser -c runs the command as a chosen user.
I want to review changlogs and test before updating, so am only running the script in check mode. If you are happy auto-updating you could either pass the relevant arguments to the script or use the native WordPress functions.
WordPress has a handy get_terms() function that retrives a list of all the terms for a taxonomy – this is great if you are, for example, building a <select> box for filtering a custom post type listing page. But there’s one big problem, if you use this on a shared taxonomy, it will show all terms even if they aren’t used on the particular post type you are dealing with. There is a hide_empty argument that you can pass to get_terms, but this only excludes terms that aren’t used for the default “post” post type.
What to do about it
Facing this today, I ended up with this little snippet that utilises a $wpbd query along with get_terms to achieve what we want:
First it uses a nested select query to get the IDs for all posts in our custom post type, this is then immediately utilised by the outer select query to grab a list of term IDs from the term_relationships table
Then this list of IDs is passed into get_terms
Finally it’s output to build the select box
You’ll also notice in there it is being cached as a transient for 4 hours. Depending on the nature of your site and server you might not need this, or may need to adjust the duration.
The key parts to modify if you want to utilise this is post_type='cpt' on line 8 and 'taxonomy' => 'country' on line 9. These set the custom post type you want to retrive terms for, and the name of your taxonomy respectively.
Garlic.js is a great library – it uses localStorage to save the state of forms, so if your users accidentally close the tab or browser before submitting, their entry isn’t lost. This works seemlessly for almost all form elements, however WYSIWYG editors like TinyMCE present problems. Luckily it isn’t hard to fix – there’s a comment on the github repository for the project with the snippet you need to add to the init function:
setup : function(editor) {
editor.on("change keyup", function(e){
console.log('saving');
//tinyMCE.triggerSave(); // updates all instances
editor.save(); // updates this instance's textarea
$(editor.getElement()).trigger('change'); // for garlic to detect change
});
}
So far so easy. But today the challenge was a little harder as WordPress was in the mix too.
At Helpful Technology we have a training product called Crisis90 that allows users work through a scenario and compare their responses. It is built on WordPress and makes use of GravityForms to allow users to submit responses to the crisis scenarios presented (there’s also a simulated Twitter environment for practicing real-time responses). When asking users to draft a press release, for example, we provide a WYSIWYG editor – this is native to GravityForms which in turn leverages the bundled TinyMCE library in WordPress. But this means that TinyMCE is being loaded automatically without me being able to modify the init function. Luckily there is a filter for that – tiny_mce_before_init. This filter lets you modify the settings array used to initialise TinyMCE. Despite the lack of a setup item in the defaults or example, it is perfectly valid. You can use this filter in a simple plugin or in your theme’s functions.php:
As you can see, we’re just adding a setup key to the $settings array containing the snippet from above. I’ve also included a little check that we aren’t in the admin area as I only want this to apply to the instances of TinyMCE used in forms on the front-end of the site.
Now Garlic.js will function correctly with TinyMCE, and a slip of the finger won’t lead to any lost work.
There are two things that designers will throw out quite often – box grids with rows, and repeating background colours.
Sounds easy – but go and try it within the WordPress loop (or any other). It can get ugly quickly, but the solution is actually simple: Modulus. In PHP it’s the % sign.
To see what modulus is all about run this simple page:
This will output a list showing when various modulus calculations will output TRUE so you can check in an if statement. For example:
Modulus 3 is perfect for creating a 3 column grid (in this case in Bootstrap style) as we can check for when the remainder is 2 which will tell us we are on the 3rd, 6th, 9th etc item. This means we can output the very first and last <div class="row"> tags with no logic, then just use modulus to insert the inbetween </div><div class="row"> to end one row and start another where needed:
More complex example – looping background colours
This time we will use modulus 7 to loop over a list of the colours of the rainbow to set a class that will control the background colour of a div:
This illustrates how the modulus number sets the frequency that the loop repeats, and by checking for different remainders you can identify any point in that loop.
If you’ve got a good use of modulus let me know in the comments.
I decided to write a short follow up from the post from last week about the performance of this site, but framed more as a “how to quickly speed up my site”. Even if you can’t or don’t want to go down the line of changing themes (or writing your own), profiling plugins to find the fastest options, or changing hosting company, by spending 5 minutes installing these 3 plugins you can get a significant performance boost.
1. Squish those images
Images generally make up the bulk of the download weight of a site, especially in badly behaved themes. While WordPress does compress the smaller versions it creates when you upload a new one, and got better at it in version 4.5, a bit more can go a long way to speeding things up.
There are plenty of plugins to do this, both premium and free, and they fall into two camps technically – those who offload the processing to another server, and those that do it on your server. The big reason for using the external server type is to lower the resource use on yours or because yours doesn’t have the required libraries (normally cheap shared hosting). However most decent hosts will have no problems, and I prefer to keep things under my control when I can, so I’ve chosen to use Ewww Image Optimizer. Ewww has come out ahead in various comparisons but I’ll leave it to you to choose from the competition. Once you’ve installed it, any new images uploaded will be automatically optimised, both the full size originals and the smaller ones. There’s only one more step – head to Media -> Bulk Optimize and click on Start Optimizing. This will scan the media library and optimise everything previously uploaded. If your theme comes with built in images, you can also click Scan and Optimize which will catch those too.
WordPress is built on PHP and a MySQL database. While the browser needs to be sent HTML files, on the server PHP is used to generate that HTML by reading information from the database. All this takes time, and also resources. When you have more concurrent visitors then the server uses more resources, which causes it to slow down, and eventually become unable to serve them. One way around this is to buy a bigger server, but a cheaper and easier solution exists – caching. Caching is the process of grabbing the HTML that PHP generates, and saving it for a set time. Instead of each visitor going to PHP and the database to generate the HMTL, it is sent to them directly saving both time and load on the server. After a chosen time, or a trigger like publishing a new post, the saved HTML is thrown away and a fresh copy created. This ensures visitors get an up to date version. The exact impact will depend on your site and server, but as an illustration I was running a load test on a client server last month: without caching the site became unresponsive after 36 concurrent visitors, with caching it was still going strong at 1500! NB – the site in question has some very complex pages making large numbers of database queries; also, these ‘users’ all doing indentical actions at exactly the same moments which would equate to a larger number of real-world users.
This was achieved using the popular free plugin WP Super Cache. Caching is more complicated than image optimisation, but WP Super Cache strikes a good balance between its simplicity and power. Even just installing the plugin and using the default settings on the Easy screen will give your site a huge boost. But it’s worth having a read of the Advanced and Preload tabs to refine things – the settings all have good inline documentation. For most turning on all the Recommended items on the Advanced screen is a good start, as well as reviewing the Expiry Time & Garbage Collection values (the text under the setting box has good examples).
Your site will now be both quicker and able to cope with more visitors. But there’s one more thing to do.
3. Minify, compress and concatenate HTML, CSS and JavaScript
Images squished, HTML pre-generated – but there’s also CSS and JavaScript being sent to users. Have a look at your site using View Source in your browser of choice. Since most themes are fairly badly behaved you’ll likely see multiple CSS and JavaScript files relating to the theme, and on top of that there will probably be ones added by plugins. Each separate file is both adding bytes to be downloaded, and also a connection that has to be opened from the browser to the server which takes time.
The solution to this threefold:
minification – remove spaces and rewrite files to shorten the length of them.
concatenation – join files together so that fewer have to be downloaded.
compression – server the files from the server with file compression to make them smaller, and send special headers to tell the browser to cache them locally to save downloading them again.
One plugin can so all this for us – Autoptimize. Install, activate, and turn on the 3 basic options to optimise HMTL, CSS and JavaScript. This one does need a bit more care – there is potential to break JavaScript code in particular. I’d recommend giving your site a good test after this basic activation to check everything is ok. If so, feel free to enable the Advanced Settings and tweak it to squeeze a bit more performance out – it’s all well documented. One advanced setting in particular to look at is inlining CSS. If your theme is quite a light one, inlining it all is best. If your theme is more complex, inlining ‘above the fold’ CSS will drastically improve the apparent loading speed of your site. This is because the browser will have enough information to render the visible area of the site even while it is still loading the rest.
5 Minutes, that all it will take – probably less time than it took to read this ramble – and you will have netted a substantial increase in performance. If you’re still after more speed things get a bit more complex – a faster server / host or a better theme would be the next on my list. Beyond that there’s object caching, server caching, CDNs, server optimisation, code optimisation… It goes on, but the 3 simple steps here should be all that 90% of sites need. To take things further I’d highly recommend reading this detailed article on WordPress performance and bottlenecks at Smashing Mag.
