web
analytics

WordPress and SSL images in WPv4.4

By Matt Adams on March 29th, 2016

Responsive images became the new standard in WordPress 4.4, released in December 2015. One major issue is sites that run SSL full time. Having that green secure lock in the browser bar is important. It’s good for security, required for online transactions, and adds a great deal of credibility to the site.

With WP 4.4 out of the box, you may find your site looking like it has a lot of broken images. Turns out that featured images in WP 4.4 still load as HTTP. With out the https, the users browser will block any resource that is unsecured.

So we have a small patch for this.

Using the following code in your functions file.

add_filter('wp_get_attachment_image_attributes', function($attr) {
    if (isset($attr['sizes'])) unset($attr['sizes']);
    if (isset($attr['srcset'])) unset($attr['srcset']);
    return $attr;
}, PHP_INT_MAX);
add_filter('wp_calculate_image_sizes', '__return_false', PHP_INT_MAX);
add_filter('wp_calculate_image_srcset', '__return_false', PHP_INT_MAX);
remove_filter('the_content', 'wp_make_content_images_responsive');

Okay so the code above actually disables WP 4.4 responsive images feature from running. So while yes you wont have that new 4.4 feature, a site built to be responsive will still load fine.

This should be fixed in WP 4.4.2, but we are still seeing a few sites with the issue, so for now this is the best fix to keep your WordPress site running in full SSL mode.


Trusting your site to WordPress

By Matt Adams on February 22nd, 2016

We often get asked about how secure WordPress is. I can tell you hands down, at the core, it is as secure as anything can be. We recently found a site we made a custom theme for 8 years ago. It was still running WP version 2.5. It has never been updated. This site had zero plugins, and since the theme was custom, there were no un-needed javascript files.

So for 7 – 8 years, this site sat there, getting traffic, doing it’s job, and zero issues. Zero. Now this is a pretty unique case. It’s on a dedicated server with strict security, no plugins, no e-commerce, etc. Granted as soon as we found this relic we updated it ASAP. But I honestly think it could have gone on longer, barring any server changes like PHP upgrades that would have conflicted with the core.

Whats the big take away here?

WordPress powers 50% of all sites (2015 stats for world wide usage), this means it can be a huge target for hackers. The thing is, these hackers get in through known exploits. Most of the site compromises we see, are plugin or do-it-all premium themes. These are full of fancy little bells and whistles, that get hacked.

Doesn’t Factor1 use plugins?

Yes, we do. But we try to keep them to the bare minimum, and only use trusted plugins. We know the plugins we use well, and we build our sites in such a way that we are not dependent on a plugin to function. If tomorrow a plugin needed to be removed, we could drop it in a heart beat and the site would be fine 98% of the time.

The moral of the story.

You get what you pay for. If you spend $50 on a theme, even $100, and load it up with a few plugins, security needs to be the highest risk in your mind. I’d run daily backups, security scans, and tight settings on Wordfence or similar plugin. I’d also run all theme and plugin updates weekly at a minimum.

 


What is a WordPress strategic partner and why you need one

By Matt Adams on January 26th, 2016

So it’s the new year, and you are working on a new site. Maybe it’s for your company, or maybe it’s something you are working on for a client and you are shaping the content and creative for them. We all know WordPress is amazing, powers 50% of the websites out there today, and offers a very deep resource pool of free or low cost add ons.

Fast forward a few months, and you are all done. But it’s not the dream project you had envisioned. The journey to this point was long, and had a lot of bumps in the road. The theme needed more work to customize than you thought,. You now have a ton of plugins, widgets, and options to round out the gaps in the theme. The comments to the developers support forum took 2 weeks to get a sub par reply. Now moving the site from staging to production is a daunting task.

We hear stories like this almost daily. That $59 theme is now all the sudden getting more expensive with the hours you put into it, and the lost ROI with launch delays. All those bells and whistles from the feature list now look more like a long list of things to manage instead of great benefits.

4postImages_1

Enter the WordPress strategic partner.

 

Let’s tell a different story here. You have an idea for a new site, and even some great examples of the end goal. Working closely with the admin team, designers, and project managers, together we craft the needs, features, user experiences, timeline and budget. As the designs go through the wireframe process, and later full design comps, our development team is reviewing & discussing options. Options and ideas to achieve the designed goal, outlining potential hurdles that may arise with the feature, timeline, budget, or end administration of content.

Together we go through several rounds of this. Finally landing on an amazing stack of designs that work across multiple devices sizes, with clarity on expected functions, content management, and performance. Our team dives into the code. Using our 11+ years of experience with CMS tools, we craft a custom WordPress theme that meets the goals and objectives planned, with a very specific task of making the design and the administration work together with unity and grace. No goofy plugins, widgets, short codes, or worse, code in the editor panel.

You are now left with a site custom built to meet the exact specifications, features and planned outcome of the site, and a design that matches up perfectly to an administration experience. This eliminates the need for manuals, training sessions, or guesswork. Our quality assurance process has checked the site on a wide array of physical tablets, smart phones and laptops for the ultimate test in compatibility, as well as optimized the site for speed and SEO. Fast forward 3 years, and the site is still running great. Maybe a few plugin updates here and there, but nothing that risks crashing the site, since we coded in the critical functions, leaving a few plugins to handle auxiliary things less critical to the site.

4postImages_look

What to look for in a strategic WordPress partner?

 

With any long term project, relationship is key. We have had some of our clients over 10 years with many sites together because relationships win. When you have a partner, you have someone to call when things aren’t working right. You learn to get comfortable with details like finances and project risks. It’s a 2 way street. Our partners pay our invoices in a timely fashion, know what is critical versus important, they know that good work takes a little time, and they know to listen to our advice. Not in negative, don’t challenge our opinion, but in a respectful, purposeful, intentional way. The best partners are on a journey, together.

Look for agencies that have credibility, i.e. have they been actively developing for WordPress for a few years, and know how to make custom themes. Look to chat with long term clients. We are always more than happy to have a potential client call up a partner for a reference. Finally notice what they ask about you. Do they care about your bigger business goals and how they fit in, are they happy to share resources and ideas to help you get there?

4postImages_costs

What about the costs?

 

Can’t beat around this bush. You get what you pay for and good works costs time and money. But if you are looking for a partner to go to the next level in your business, know that it’s going to take some time, effort, and funding. We do our best to always be upfront, and clear with how much something costs. If that’s too high, say so, and share what you can work within. A good partner will help find solutions.

4postImages_agency

How does a strategic WordPress partner work with agencies?

 

Working with an agency who finds and manages the client relationship is tricky. We know that these relationships can go two ways. The first way, the developers are behind the scenes, white labeled, and never talking to the client. These are tricky, there ends up being a “telephone game” of communication, where the developer and client never talk, leaving designers and project managers in the middle to translate. Sometimes this leads to a mess when it comes to technical discussions. Additionally, this can leave clients feeling a lack of trust if (more like when) they figure out the developers are not staff, damaging all relationships along the way.

On the opposite end, sits the strategic partner. With transparency, we work together to craft a proposal, project features, and it’s well known that Factor1 is your WordPress strategic partner for this project. Shaping the conversation from the beginning that you are the branding and design experts, and we are the WordPress experts needed to launch this critical project. We work mainly behind the scenes, but when things get hard, or ready to launch, the client, your team, and our teams can comfortable jump on a call with no concerns about who is who.


Down with the rockstars and ninjas

By Matt Adams on April 23rd, 2015

Every day I see or hear companies touting they are design rockstars, or only hire WordPress ninjas. Can we stop with that as a work culture in general. I know I for one do not want to hire a rockstar accountant, or a plumbing ninja. It’s just not the kind of people I like to do business with.

Think about it with me.

When you think rockstar, do you think of dependable, in the office before 8am, quick to follow up, and someone who is eager to solve your problems? I know I don’t. I’m sure there are some really great rockstars out there that are super nice stable people, but that’s not my first expectation by any means.

What about ninjas? They are often well trained with years of experience, so far so good. But next thing you know they are stealthy, rarely seen or heard from. Not what I want from my web designer or developer thats for sure.

So maybe we just don’t have catchy names? Maybe we just embrace honesty and humility. Factor1 is a staff of real people, no ninjas, rockstars, or vikings (what, that’s not a thing?). We have our strengths and weaknesses like you. We enjoy being creative, building solutions and pop-tarts. Sometimes we get distracted by shiny things or ramble on a little too long about our weekend. At the end of the day we care. We want what’s best for the client.

I’m not sure about you, but I’ll take that any day over a rockstar or ninja.


Mobile friendly for better SEO

By Matt Adams on February 17th, 2015

While we have been long pushing mobile responsive sites for our projects over the last few years, google is making much bolder moves. We here at factor1 think the user experience on all devices adds up to a positive interaction with your brand. We see the reports that more and more people every month use their mobile devices to surf the web.

Mobile friendly is getting a lot more critical. In a recent update with google’s search algorithms, SEO experts are seeing either positive search ranking changes for their mobile friendly sites, and very negative results on non mobile sites. Google even sent out a warning to its webmaster tools users that they may see a decrease in their rankings. While google has not commented on the algorithm change, the results are pretty clear.

Mobile matters.

Google search results now show a small green label next to search results indicating a site is mobile friendly when you search from a touch device. To earn a mobile-friendly label your site needs to pass a set of criteria. You can find out if your site meet’s Google’s standards or not by using the mobile-friendly site testing tool.

What now?

So your site is not mobile responsive, and maybe failed the test above. Making a site mobile responsive after the initial build can be difficult. We have done it a few times, and the costs may be higher than building a new site with mobile in mind. It’s best to talk to your web designer and developer about your options and go from there. We’re happy to chat with you about it. Fill out our contact form and one of us will get back to you asap.


Our take on site speed metrics

By Matt Adams on January 26th, 2015

So there is a large focus on sites being fast. Google rewards sites that load quickly and meet their speed criteria. Go ahead, run your site through googles page insight tool.

https://developers.google.com/speed/pagespeed/insights/

What grade did you get? Was it under 50/100 on desktop? You won’t be alone. That’s actually pretty normal.

We have had this issue pop up many times in the last few months. So we spend a few hours tweaking the site. We minify it(compressed HTML, CSS & JS), cache it, and gzip it for the browser. This will usually bring up the speeds and scoring a bit. So thats the good news here.

This leaves us with images. We are almost always getting terrible scores because we are serving users retina images. This means the pixel density is tight, resulting in crisp, sharp images on all devices, and especially on retina screens. Unfortunately the fix for this is to basically stop serving retina images. These scoring tools are usually based on old tech. The ONLY way to serve the high res image is to compress it to the containing box. So a 400 x 400 image inside a 200 x 200 box = 2x the pixel density. But this method is a giant red F on site scoring tools because in the olden days, this was considered “wrong”.

In comparison we ran big sites like CNN, CharityWater, Vox.com, IGN.com, Mic.com, etc. And in our quick research, any nice, modern, retina ready site got about the same score as us. We used a few tools to check it. Want to know one site that ranked well? Google, yes google ranked great. See by offering few to no images, text only, and very little style, you should achieve an A rating.

So this brings me to our goals with any site. We want to serve your visitors a robust site that highlights great information, infographics and photographs that tell a story. Can we do that with low res images, sure, but thats not the direction of technology. All iPads, iPhones, most laptops over $1000 and many android phones and tablets are retina / HD displays. This means that a low res image would look worse than normal. they tend to look blurry or fuzzy.

So my two cents: We take our D+ speed rating and know that we have razor sharp images, graphics and are meeting current technology trends with ease.

 


10 years

By Matt Adams on August 26th, 2014

If feels like just yesterday I convinced my very supportive wife I should quit a well paying easy job to start something new. Feels like yesterday, but it was actually 10 years ago. Oh I should also mention what a leap of faith factor1 was. At the time she had been laid off from a downsizing retailer and was not having a ton of luck with finding a new job, and we had little saved being so young. Yeah, we were that crazy.

The last 10 years have been amazing. We have grown a lot, both in size, great clients, partnerships, knowledge and experience. We have had a many of our current clients almost as long as we have been a company, and that’s saying something I think.

We stayed small, nimble, bold, courageous. We know the more people on the elevator the more work it takes to go up, so we kept our staff to a handful. We embraced the slow cooker model, and have grown slowly  year after year by word of mouth from great relationships and hard work. I am super thankful we haven’t lost any of these traits that made us who we are. I am also very proud of the work we get to produce here, and the work our employees produce on a daily basis.

I want to say thanks. Thanks to all our awesome friends, clients, partners, staff — past and and present. So much of where we have been and where we are going is because of our relationships with you and I thank you.

So what does the future hold? Not sure to be perfectly honest. We are going to keep doing many of the same things. The technology may change, the tools will get updates. We all know adobe acrobat will update 3x a week. But we are going to keep doing the best work we possibly can. We are going to ask the hard questions, provide bold strategies that push our clients and ourselves. We are going to keep the pace that finishes the long race with passion and character.


The History of Typography

By Matt Adams on May 6th, 2013

We spend a lot of time working on the right font pairings in our projects. We try not to get super geeky on you, but sometimes we do want to share the process, get your feedback, or just communicate why we did something.

This is a great short animation on the history of type, showing great key points for anyone.

Also a great read is Seth Godin’s Simple typography for non-professionals (who is Seth Godin you ask?)
(more…)


Change the rules

By Matt Adams on April 24th, 2013

Sometimes systems and industries get big. The way its always been done grows bigger and bigger as time and more players join. The cost of entry becomes higher and the reward is smaller.

I love what Actor / Writer / Director Zach Braff is doing on Kickstarter. The film industry has a broken model of funding. Zach highlights it really really well by outlining the issues. The money guys have too much say in the production, casting, etc. And I totally get why they want a say, but they are also investing for the wrong reasons.

Radiohead changed the game with their last 2 albums being self released and a “pay what you want” model. A price point that did really really well for them. Nine Inch Nails, and many others have tried this model and found great success.

When you change the rules, you change the game, and who the winner is. When the winner is the customer, trust me, I think everyone wins.


Hackers Point Large Botnet At WordPress Sites

By Matt Adams on April 15th, 2013

Are you using wordpress for your website content management system or blogging platform? If so you need to read this.

In recent news over the last few days, hackers have been targeting and sucessfully gaining access to wordpress admin panels by brute force. The most common issue is out of date plugins / wordpress files, and simple dictionary based passwords.

So what do you do?

4 easy steps to keep your site secure

  1. Stop using ADMIN as the username.
    If you are using admin, login, create a new user with full admin rights. Then logout as admin, and in as your new user. Delete the old admin username, and assign all posts, content and pages to your new user.
  2. Use secure passwords
    8 – 12 characters long, with upper, lower case letters as well as a number. Using names, birthdays and uniqe spellings can help. Like Thom@s1198 would be secure.
  3. Keep WP and all plugins up to date.
    WP makes this process pretty easy. Regular updates should not take long, and are usually pretty painless. In your apperence > Plugins screen you will see which plugins need updated. And WP core can be updated from the dashboard home screen. Be sure you have a recent database backup before doing these updates.
  4. Avoid using too many plugins.
    Yes, there is always an app for that. There are 100k+ plugins for wordpress. Anyone can write a plugin. Often plugins can leave security holes and cause a drain on the server. Remove any and all unused plugins, and always check the plugin reviews before installing.

Need Assistance?

Factor1 members: We’ll do this for you automatically. We do these checks often, but will make a special effort this week to keep your site secure.

Not a member? We can perform a full site security scan, which includes a database back up, run all WP core and plugin updates, evaluate all user logins, and remove any and all issues we find. We have a one time fee of $50.