Use Transient to speed up WordPress

One of the features of WordPress is the ease of applying dropdown menus with access to posts & pages.

Applying menus in the header is a simply matter of including the following lines of code in header.php

wp_nav_menu(array(
‘items_wrap’ => ‘%3$s’,
‘depth’ => 3,
‘theme_location’ => ‘header-menu’,
‘container’ => false ));

However, this simple routine is pretty slow for complex or crowded menus and can result in a bottleneck as the page loads.
One solution is to cache the menus (which we presume chane infrequently), using WordPress’s “transient” command.

Effectively we test to see if we have a copy of the menu or whatever element in the cache.
If not, we add it to the cache, however if it does exist in the cache we grab it from there rather than creating it.

$cached_menu=get_transient(‘the_header_menu’);
if(false === $cached_menu){         
      $cached_menu =  wp_nav_menu(array( ‘items_wrap’ => ‘%3$s’, ‘depth’ => 3, ‘theme_location’ => ‘header-menu’, ‘container’ => false, ‘echo’ => false ));                 
set_transient(‘the_header_menu’, $cached_menu, 3600*5);    

    echo $cached_menu; 

 

Sample reset css file for web project

For developers working on projects, it can be frustrating to find odd and unexpected behaviour on the part of various html elements.

The best way to ensure you as the developer has complete control over all elements is to apply a base set of rules from which you can build your own set of rules.

Here is one example of a reset.css file that handle such instructions.

/* http://meyerweb.com/eric/tools/css/reset/
v2.0 | 20110126
License: none (public domain)
*/

html, body, div, span, applet, object, iframe,
h1, h2, h3, h4, h5, h6, p, blockquote, pre,
a, abbr, acronym, address, big, cite, code,
del, dfn, em, img, ins, kbd, q, s, samp,
small, strike, strong, sub, sup, tt, var,
b, u, i, center,
dl, dt, dd, ol, ul, li,
fieldset, form, label, legend,
table, caption, tbody, tfoot, thead, tr, th, td,
article, aside, canvas, details, embed,
figure, figcaption, footer, header, hgroup,
menu, nav, output, ruby, section, summary,
time, mark, audio, video {
margin: 0;
padding: 0;
border: 0;
font-size: 100%;
font: inherit;
vertical-align: baseline;
}
/* HTML5 display-role reset for older browsers */
article, aside, details, figcaption, figure,
footer, header, hgroup, menu, nav, section {
display: block;
}
body {
line-height: 1;
}
ol, ul {
list-style: none;
}
blockquote, q {
quotes: none;
}
blockquote:before, blockquote:after,
q:before, q:after {
content: ”;
content: none;
}
table {
border-collapse: collapse;
border-spacing: 0;
}

How important is https for my website

Google has been heavily promoting the fact that they want website owners to switch from http to the secure https protocol.  They have announced that they will name & shame sites that don’t support https, by displaying a message when clients try to use their online forms or showing a warning icon in the url bar.  
This is scary stuff for website owners.   To use https requires them to obtain an SSL certificate which can cost up to $1,500 a year, although there are actually free versions available.
So, if there are free versions available that Google recognises, one must wonder just how much security an SSL key and https in general offer websites.
The reality appears to be that on Google, should the search engine identify two compositionally identical pages, it will favour the one with the SSL key transmitted over https.
This secure transportation of data happens at a cost of speed, so in theory your superior page may be penalised for speed, then bumped.

My website doesn’t have a form or secure data
For the vast majority of sites, data is not intended to be secure and there is no technical requirement to have an SSL key, other than Googles warning.  

Paypal doesn’t require you to use https to make a payment
If you direct people to PayPal to make a payment you don’t need an SSL key.  The key is only necessary if you have an application that expects PayPal to return data to the application so it can run an event such as automated downloads or membership registration.
Of course, some people may prefer to work with sites that do show SSL certification, but given that you can obtain them online for FREE from sites such as LetsEncrypt, what exactly is their purpose anymore.

But what if you’re using secure PayPal as a payment gateway? Why do you have to wear the derogatory “Scarlet Letter” on your site’s address bar? Why does a site that’s collecting zero information from anyone need an SSL certificate? It makes no sense at all. If your web site doesn’t have financial transactions, why do you need an SSL certificate?
HTTPS  simply doesn’t care what’s transmitted. Infected websites distribute malware. HTTPS doesn’t do anything to ensure displayed information’s integrity. HTTPS will also deliver manipulated information to unsuspecting website visitors. Installing a Secure Socket Layer certificate prevents man-in-the-middle attacks, it doesn’t help if the original data was suspicious.

Conclusion?
Given that you can obtain an SSL key for free, perhaps it’s a good idea to use one.  However, there will be a speed issue and data is encrypted and unencrypted at both end and who knows what Google’s ultimate endgame is.
However, be aware that an SSL makes your website not more secure from an attack that previously.

 

Modify the admin menu bar in WordPress

Recently we were asked by a client to simplify the presentation of the WordPress menu bar.

There are some nice plugins that you can use to achieve this such as “Admin Menu Editor Pro”.  This wonderful plugin offers lots of functionality, however, some of it’s best features are only available on the paid version of the site.

If you’re not in a position to buy a paid version, he is one way to manipulate the menu.
In this instance, the client had trouble remembering where to find the option to change the order of menu items on the front end of their site.  This is normally located at a submenu item of “appearance”.

We wanted to move it to the main menu so it would be easier to find  (less support for us).
So we added this routine to the “functions.php” file.

Please remember to back up this file before you every modify it, as even the slightest syntax error will cause your website to fail.

function change_menus_position() {

//   remove the menu item from the theme altogether
remove_submenu_page( ‘themes.php’, ‘nav-menus.php’ );

//  add it back to the main menu.
add_menu_page(
     ‘Menus’,
     ‘Menus’,
     ‘edit_theme_options’,
     ‘nav-menus.php’,
     ”,
     ‘dashicons-list-view’,
     68
     );
}

 

WS FTP Pro – Failed SSH Key Exchange

At Blue Lily Studios we use WS_FTP Pro to upload files to our webservers.
We’ve used the same product for over 10 years and stand by it as a wonderful tool.

Recently we found that due to a change in webserver configuration we could no longer connect to the server using secure SSH connections.

We encountered the following error
Expected GEX Group packet from server instead of packet type 3
Failed SSH Key Exchange

To resolve this issue, open the ssh-algos.txt file which is located in 
c:\users\<username>\appdata\roaming\ipswitch\ws_ftp

In the top ===ssh-kex section, move diffie-hellman-group-exchange-sha1 to the bottom of the list of kex algos, so the new list would look like:

diffie-hellman-group1-sha1
diffie-hellman-group14-sha1
diffie-hellman-group-exchange-sha1