PACS WordPress SIG

A Special Interest Group of the Philadelphia Area Computer Society

You are here: Home / WordPress SIG / Continuation of Talking about your WordPress backend

Continuation of Talking about your WordPress backend

by

Not this backend …

Tools to help simplify the WordPress backend

Introduction

At our December meeting, we began a discussion on a few tools we can use to simplify the management of the backend of our WordPress website. We took a look at two plugins, Temporary Login Without Password and a Contact Form 7 addon Flamingo, which enables you to save form entries to your database. In January, we focus on getting better deliverability for emails sent from our website.

In December we introduced a new segment “Topics from the trenches” which seemed to appeal to everyone. It came back in January and all expectations are that it will continue through the remainder of our PACS year.

Announcements in January included:

  • WordPress 5.8.3 was released in early January. It had been delayed a bit from the initial scheduled date. No problems were noted by anyone updating.
  • WordPress 5.9 is scheduled to be released Jan 25 – Its all about block themes. I am eager to take a look at it on a local development site using the new block based theme TwentyTwentyTwo.
  • I brought up the suggestion to change the time of our SIG from 11am to 12 noon. The primary reason is to not overlap Rob’s Windows SIG which runs from 10a to Noon. Noone had any push-back. Nor was there any input since that meeting. And so it will be – in February we will meet at noon.

Topics from the Trenches

John Davey –

John asks about how to keep his website secure. He is using a managed WordPress hosting plan from GoDaddy but does he need any additional security plugins, like Wordfence?

  • GoDaddy’s Managed WordPress hosting provides malware scans using the Sucuri service. GoDaddy purchased Sucuri in 2017. It is incorporated with all their managed WordPress hosting.
  • GoDaddy does recommends using Sucuri plugin on your website for additional protection with its firewall, blacklists, and DOS attacks.
    • GoDaddy’s Managed WordPress hosting provides a free SSL certificate, protecting the connection between your visitor’s browser and the website.
  • Your SIG leader feels these are minimum features. Adding Wordfence, iThemes Security, or the Sucuri plugin would increase the security components markedly.

Ron Stolof

Ron asks about how he can control spam submissions on his website’s forms and in the blog post comments.

  • The website is using WP Forms to manage its forms. Spam form submissions are an industry wide problem. Fortunately, WPForms has integrated a basic anti-SPAM token that can be enabled on the form settings. They have a detailed explanation in the documentation on their website.
  • Taking the SPAM protection a step further would be to activate reCAPTCHA from Google. It is a bit more involved, but it offers a much better experience for your visitors and will greatly reduce the time spent in form SPAM cleanup.
  • Spam on the post comments is minimal at this point, but activting Akismet on your website will really reduce the spam comments. Personal blogs can use a free account (it does require an activation key), but commercial sites should use a paid plan. Akismet offers a ‘Name Your Price‘ option starting as low as $12/year.

The Tools For Backend – continued from last month

3. WP Mail SMTP & Post SMTP

Email is always a challenge when it comes to your website. For a website to send email it generally needs to spoof your email address in order to send an email from your website on your behalf. IF you don’t configure the email from settings, many form plugins will use the default WordPress email address which is wordpress@. Depending on what email address this message is being sent to, it may very likely be tagged as spam, or worst yet, not delivered at all.

Fortunately, the WP Mail SMTP plugin enables you to resolve this problem. It reconfigures the email function that WordPress uses to send email – the wp_mail function using PHP mail – to send an authenticated email. Authenticated email is sent by proving that you are authorized to send through the email address you are using as the from address. Using the WP Mail SMTP plugin you can send email through Gmail or Sendingblue, or any basic SMTP service, or with its premium version ($99/yr), send through other SMTP servers – outlook.com, office 365, Zoho Mail, Amazon SES.

The plugin has awesome user guides for setting up the connections – complete with screenshots of what to expect and troubleshooting. I’ve used it more times than I can count.

Bloggers and small business website owners don’t want to use third-party SMTP services. You can use your Gmail or Google Workspace (also known as G Suite/Google Apps) account for SMTP emails.

Some integrations include Sendinblue SMTP, Mailgun SMTP, SendGrid SMTP, Postmark SMTP, Gmail SMTP (Gmail, Google Workspace, G Suite), Microsoft Outlook.com and Office 365 Pro, Amazon SES SMTP Pro, and Zoho Mail SMTP Pro.

My preference is Post SMTP primarily since it includes an email log function out of the box in the free version.

At this point, time was exhausted. In February we will finish up this topic area by hitting on post & page duplication on your site and multiple website management for everyone.

Source Post: Simplify WordPress Backend from GoDaddy’s Garage

Notes & Questions

N.B. Unfortunately, I again forgot to turn on the recording for our Google Meet virtual gathering. I was most disappointed, but life goes on. Hopefully next time I will remember this.

In February we will push our meeting time back to 12:00 noon. See you then.

Featured Image Photo Credit – https://aamplugin.com/