Customize Acceptable Upload File Types

February 21, 2011 | No Comments Yet

WordPress Garage points out that there’s a limited list of allowed file types that you can upload via the WP admin. For certain custom sites, since WordPress is being used for everything these days, that may need to be modified and Chris Meller shows us how.

As of WordPress 2.2, there are 35 allowed file types configured in the default install. While there’s no admin-based tool for editing this list (nor any plugins that I’m aware of), it’s not at all difficult to add your own…

The idea is to add a custom function inside your theme’s functions.php to be used as a filter. In that function you can then add specific file extensions and their corresponding mime types. On the other hand, to remove a file type that’s allowed by default, use the function unset().

Sounds simple and painless! Of course, keep in mind that limitations are put in place to keep WordPress secure, so tread carefully. Also, for reference, there’s a list of the accepted filetypes at the WordPress.com Support section, but that may vary on a self-hosted install.

Leave a Comment | Tags: , , , , , , , , ,

WordPress 3.0 Release Candidate 1

May 28, 2010 | 1 Comment

Quickly after WordPress turned 7 this May 27th, the first release candidate of WordPress 3.0 finally comes out.

Two of the biggest new features, custom menus and multi-site support, are in place, while as with the previous beta you’ll notice a much lighter admin area. Also visit this page to check out known issues, and report those others that aren’t on the list.

You can download WP 3.0 RC 1 here or automatically upgrade with the Beta Tester plugin.

Leave a Comment | Tags: , , , , , , , ,

WordPress Plugin: Vote for Plugins

May 18, 2010 | No Comments Yet

Vote for Plugins lets you help contribute to the WordPress.org plugin ratings without having to leave your admin panel.

The WordPress.org plugin directory has a neat rating system that lets users rate plugins both on overall quality and on compatibility with specific WP versions. However, its usefulness is stymied by poor integration with WordPress itself. To try to remedy that, I’ve created a plugin that lets you vote on plugins directly from your Dashboard.

Once installed you’ll be asked for your WP.org account details so your vote can be counted. Then at the plugins list, you can indicate whether a plugin you’re using works or is broken, and give it a rating from 0 to 5 stars.

Vote for Plugins is an easy candidate for canonical plugin or even a core feature, considering the useful information it can add to the community.

Download Vote for Plugins

Leave a Comment | Tags: , , , , , , ,

WordPress admin toolbar bookmarklet

March 19, 2010 | No Comments Yet

Tommy of iamnotagoodartist has created a nifty bookmarklet that displays all the tools in the WordPress admin right on your blog’s front page.

Using jQuery, it appends the default WordPress admin menu to whatever page you’re currently on and styles it with CSS, fixing it to the top right corner. Assuming you’re on a site that’s running WordPress (and it’s installed in the domain’s root), you now have instant access to the entire administrative back end (sans any pages from custom plugins, etc) from the front end.

You’ll still have to login to access those pages but anything that saves clicks sounds good in my book. The post also links to a GreaseMonkey script that loads the tools automatically.

One major caveat: this bookmarklet works only for WordPress sites installed at the root. Hopefully that will change soon.

Leave a Comment | Tags: , , , ,

WordPress admin cheatsheet proves it needs a sitemap of its own

March 16, 2010 | 1 Comment

Need to find your way around the WordPress administration interface? While the expanding/collapsing menus to the left may seem useful enough, perhaps you might want a view of all the pages you can visit at once. Enter the WordPress Cheatsheet by Andy Wibbels.

WordPress gets a bit more bloated with each new release and it can be overwhelming when you’re first diving in.

The existence of this cheatsheet indicates there’s something glaringly lacking from the WordPress back-end, and that’s a sitemap of its own. The developers should take note of this and add it to a future release.

Since it’s already feature freeze on WordPress 3.0 as of March 1, then the next one after that.

Download WordPress Cheatsheet

Leave a Comment | Tags: , , , ,

WordPress Plugin: Zen: Distraction-Free Writing

February 18, 2010 | 1 Comment

Zen WordPress plugin

Zen is a WordPress plugin that lets you focus on writing by eliminating all the unnecessary elements in the WordPress admin.

If you’re a fan of WriteRoom, OmmWriter, or similar tools that help you focus on your words instead of the tools you’re using, this plugin will soon make your wildest dreams come true (and give you a simple clean environment within WordPress to write to your heart’s content)! While Zen does not replace the existing Edit Post/Page screen, it provides a layer on top that will help you focus more on the quality of your words and less on the distracting fine-tuning of minuscule details.

The plugin comes with different themes from light to dark, and can be toggled with shortcut keys. Compose blog posts as you normally would in the text editor, with or without HTML. Autosaving also works with Zen.

Download Zen

Leave a Comment | Tags: , , , ,

Early look at the WordPress 3.0 Menu Management interface

January 29, 2010 | 1 Comment

Over at the WordPress Development Updates blog, there’s an alpha preview of the Menu Management user interface that will be included in WordPress 3.0. Here’s the video:

Here’s a quick preview of the new menu management admin page (still alpha stage).

It highlights the dropdown section, which is the only unfamiliar element. All the rest are borrowed from the widget management screen.

Feedback on the UI is very welcome, either here, or on the dedicated ticket: #11817.

As mentioned in the post by Scribu, the interface is similar to the Widgets page. You can select either a page or a category from its respective dropdown menus, and when clicked it gets sent to the active menu panel on the right. There you can reorder the items. You can also add specific links and the Home link.

This feature can’t come soon enough! People tend to “hack” together site navigation menus in WP themes and for ordinary users editing them is a pain. Making WordPress features more usable through new interfaces like this is always a good thing.

Got feedback or want to keep up with this upcoming WP feature? Bookmark this Trac page.

Leave a Comment | Tags: , , , , , , , ,

Plugin problems? Try these steps

November 3, 2009 | No Comments Yet

Don’t panic! Daily Blog Tips has a list of things to do when a WordPress plugin you installed suddenly stops working or breaks your site.

  1. Try to de-activate the plugin
  2. Rename the plugin via FTP
  3. Delete the plugin via FTP
  4. De-activate all the plugins via PHPMyAdmin

There are several ways to disable your plugin and it will depend on how “broken” the situation is. The higher the number the more drastic the measure. The concept should apply to themes as well—try deactivating using the WordPress admin first, then try it through your FTP client, and so on.

Good luck!

Leave a Comment | Tags: , , , , , , ,

WordPress 2.8.4

August 12, 2009 | No Comments Yet

As expected, Automattic promptly released WordPress 2.8.4, a security update to the previously mentioned remote admin password reset vulnerability.

Yesterday a vulnerability was discovered: a specially crafted URL could be requested that would allow an attacker to bypass a security check to verify a user requested a password reset. As a result, the first account without a key in the database (usually the admin account) would have its password reset and a new password would be emailed to the account owner. This doesn’t allow remote access, but it is very annoying.

Whether you’ve patched your WP installation as instructed or not, better grab this upgrade immediately. As always, backup before doing so!

Leave a Comment | Tags: , , , , , , , , ,

Remote admin password reset vulnerability issue in WP 2.8.3 and below

August 12, 2009 | 2 Comments

WordPress 2.8.3. just came out but even this doesn’t seem enough to stop this newly discovered security issue, which resets your administrator password remotely. This was reported by Laurent Gaffié in the Neohapsis mailing list a couple of days ago.

The software vulnerability has been submitted to the WordPress trac, and according to them there’s a one-liner fix: in wp-login.php, change line 190 from

if ( empty( $key ) )

to

if ( empty( $key ) || is_array( $key ) )

Sucuri Security, however, still argues that “they are still using blacklists instead of a whilelist of what should be accepted”.

Expect another security update to your WordPress install very soon. In the meantime, prepare to backup your database and files again!

Leave a Comment | Tags: , , , , ,

WordPress 2.8.1 & WordPress MU 2.8.1

July 11, 2009 | No Comments Yet

The first official release since the big WordPress 2.8 is finally out. Highlights of the new features are listed in the announcement post, but you can also view the complete list here. Lots of fixed glitches, memory improvements, and improved security:

Core Security Technologies notified us that admin pages added by certain plugins could be viewed by unprivileged users, resulting in information being leaked. Not all plugins are vulnerable to this problem, but we advise upgrading to 2.8.1 to be safe.

WordPress MU also came out with version 2.8.1 a day after. Unlike WordPress, WPMU didn’t have a version 2.8, so this is a big update for all you multi-users out there (including BuddyPress). Download it now!

You can upgrade to WP 2.8.1 by downloading it at WordPress.org or by clicking “upgrade automatically” after following the notice in your administration panel.

Leave a Comment | Tags: , , , , , , , , , ,

bbPress 1.0

July 6, 2009 | No Comments Yet

Version 1.0 (codename “Bechet”) of WordPress sister forum software bbPress has finally been released. The biggest achievement in this milestone is associating itself more closely with the WordPress family through familiar WP features we all know and love:

  • Single sign-on from WordPress 2.7/2.8 to bbPress is now supported
  • Forum posts can now receive pingbacks and trackbacks
  • Themes now support the functions.php file
  • The administration panel has been redesigned to look more like the familiar WP dashboard

If you’ve been holding back on using bbPress, there’s no better time to try it than now!

Download bbPress 1.0

Leave a Comment | Tags: , , , , , , , , , ,

Vote on the WordPress admin header and navigation design tweaks

April 30, 2009 | No Comments Yet

Several members of the WordPress community have volunteered to make tweaks to the WordPress administration panel and now it’s time for you to vote.

For those who haven’t been keeping track, read this background story.

Okay, so here’s the deal. Modifying the nav/header to be a little nicer is was a last-minute design idea, and if it can’t be worked out in the time we have left before 2.8 (which is very little), we’ll just wait until 2.9 to work on it. But! If someone comes up with something the community really likes and it doesn’t break any of the design guidelines for the rest of WordPress, we could sneak it in.

The poll will close at 8pm New York Time or 2am UTC. Here’s another chance to have a say in the development of WordPress!

Leave a Comment | Tags: , , , , , , ,

Plugins for a client-friendly WordPress CMS

February 17, 2009 | No Comments Yet

StylizedWeb lists 10 steps to making a client-friendly website that’s powered by WordPress with the help of plugins. To customize the admin, for example, check these out:

The Custom Admin Branding plugin will let you swap out logos in the administration panels for your own, or your clients (depending on how you want to brand WordPress).

WP Admin Theme Extended will let you easily adjust and tweak the color scheme of the administration panel. Again this will let you either pick your branded colors, or your clients for the administration panel.

Leave a Comment | Tags: , , , ,

10 ways to secure your WordPress administration panel

January 27, 2009 | No Comments Yet

Sergej Müller and Alex Frison on Smashing Magazine have written a 10-step guide to protecting and ensuring your WordPress admin area is as safe as can be. Here’s the list:

  1. Rename and upload the wordpress Folder
  2. Extend the file wp-config.php
  3. Move the wp-config.php file
  4. Protect the wp-config.php file
  5. Delete the admin User Account
  6. Choose strong passwords
  7. Protect the wp-admin Directory
  8. Suppress Error Feedback on the Log-In Page
  9. Restrict Erroneous Log-In Attempts
  10. Keep Software Up to Date

Read the whole thing here.

It’s best if you perform these safety measures right after installing WordPress, and add it to your routine in case you’ve got a slew of WP-powered sites.

Leave a Comment | Tags: , , , , , , ,

SEO: WordPress 2.7 comment pagination causes duplicate content

January 12, 2009 | 1 Comment

Here’s an important heads-up for all the SEO-conscious bloggers out there: the new comment pagination feature in WordPress 2.7 apparently produces duplicate content, which is frowned upon by search engines like Google. Quick Online Tips reports:

When I checked my Google Webmaster tools today, it notified me of hundreds of duplicate title tags and duplicate meta descriptions pages on our site which were not there before. A quick look at this duplicate content issue revealed it was caused by multiple comment pages.

By default, a WordPress 2.7 installation will break the comment list into multiple pages if they exceed 50 comments. You can change this setting and other comment-related options by visiting the Discussion page in the admin panel.

Leave a Comment | Tags: , , , , , , , , , ,

A history of the WordPress interface

December 16, 2008 | No Comments Yet

Now that the newest redesign to the WordPress interface is available for public consumption, here’s a nice history lesson on what past WP versions used to look like, courtesy of PlanetOzh.

Here’s the earliest write post screen:

Wordpress 0.7.1 (May 2003)

More here.

Leave a Comment | Tags: , , , ,

IntenseDebate reopens after Automattic acquisition, new WordPress plugin available

November 15, 2008 | No Comments Yet

IntenseDebate reopens after going invite-only since its acquisition by Automattic. So for those who haven’t signed up for an account, now you can.

And of course, they’ve made it especially easy to use for WordPress users with a new beta plugin, with the following features:

  • Two-Way Comment Sync (comments are saved both in your WordPress database and the IntenseDebate server)
  • Admin Panel Integration
  • Search Engine Optimization
  • Trackbacks
  • Profile Sync
  • Post Settings

And more:

Can’t wait to get hold of all the great commenting features included in WordPress 2.7? Get IntenseDebate now!

Leave a Comment | Tags: , , , , , , , , ,

WordPress 2.7 icon survey

November 14, 2008 | No Comments Yet

Once again, the Automattic team is letting the WordPress community help out with the design of the WordPress 2.7 admin interface. This time it’s about the icons that will be used in it.

So now we need to choose a direction. For each of the icon sets, we’ll show you the set itself, the designer’s introduction, and some feedback from the lead developers. After you’ve reviewed all five, place your vote for the set you think has the visual style that is the most suitable for WordPress 2.7. This will be followed by additional votes on specific icons, so if you like the specific image used in one set but like the style of another, you can vote to change the metaphor for a given icon. You’ll also be able to leave general feedback throughout the voting process. When voting has concluded, we’ll review the comments and the votes, and will declare a winner.

Aside from the survey results, the “winner” will be decided by the following people: Ryan Boren, Andrew Ozz, Mark Jaquith, Peter Westwood, Jane Wells, Matt Thomas, and Matt Mullenweg.

Be sure to look at the full-size image of the admin dashboard before proceeding, especially if you haven’t tried out the WP 2.7 beta.

Take the icon survey here. (The form will be open for only 48 hours.)

Leave a Comment | Tags: , , ,

WordPress 2.7 Beta 1

November 2, 2008 | No Comments Yet

The first beta of the much-awaited WordPress 2.7 version is out! Prepare for a completely revamped admin interface and all the new features we’ve been raving about the past few months.

Several things to note: WP 2.7 Beta 1 works best in Firefox and Safari (for now). And the final WP 2.7 release is 2 weeks behind schedule.

The downside is more waiting; the upside is the team isn’t rushing to get it out but to polish it the best way possible. It’s slated for November 10th, and while the developers are still trying their best to get it done by that date, a release candidate should be out by then. End of November seems more like the WP 2.7 final release.

Leave a Comment | Tags: , , , , , , ,

WordPress 2.5 and Crazyhorse admin panel usability report

October 29, 2008 | No Comments Yet

Jane Wells has posted a report on the usability testing of two WordPress admin panels: the one found in version 2.5 and the newer, rapidly-prototyped Crazyhorse (demo-ed in WordCamps worldwide).

Take note that this Crazyhorse is different from the WP 2.7 interface designs we’ve seen lately, which are a lot more polished. Still, you’ll see from the PDF that the redesign was a welcome change to the users, compared to the 2.5 interface.

I’m impressed at how transparent Automattic is about these things. For the casual WordPress user it may be a bit too much, but for the hardcore fans, it’s great seeing the whole story!

Leave a Comment | Tags: , , , , , ,

Favorite Actions in WordPress 2.7

October 28, 2008 | No Comments Yet

WordPress 2.7 favorite actions

planetOzh writes about a neat little feature coming in WordPress 2.7 called “favorite actions”. It gives you quick access to sections of your admin panel that you frequent the most. This dropdown menu links to “Add New Post”, “Add New Page”, and “Manage Comments” but as mentioned in the blog entry, this can theoretically be modified with a plugin.

Yet another hint of what’s to come in November!

Leave a Comment | Tags: , , , ,

WordPress 2.7 looks pretty!

October 18, 2008 | 1 Comment

Since WordPress 2.7 is all about an admin redesign, it’s high time we see what it will really look like. The wait is almost over! The WordPress development team teases us once more with a couple of screens for the new admin panel.

This week at the Automattic team’s semi-annual offsite meeting (offsite since we have no office), the visuals you have been craving were finally created and approved. We hope you like them. Mad props to Matt Thomas and Andy Peatling for their visual talents. You can expect these designs to be extended to the rest of the 2.7 screens and implemented over the coming weeks.

WordPress 2.7 – New Post screen

WordPress 2.7 new post

WordPress 2.7 – Admin Dashboard screen

WordPress 2.7 admin dashboard

I’ll be honest: I’m slightly irked that it’s got touches of the Apple look. And I kind of wished they hadn’t resorted to using rounded corners here. But if you’ve been following the saga of WordPress 2.7 admin dashboard redesign long enough, you’ll definitely agree that this design looks like the prettiest yet!

Read more about it here. Expect even more hype about the arrival of WordPress 2.7 within the coming weeks.

Leave a Comment | Tags: , ,

WordPress 2.7 on “feature freeze”

October 14, 2008 | No Comments Yet

Ryan Boren has just announced at the WP-Hackers mailing list that the upcoming version of WordPress has gone into feature freeze, meaning there will be no new features added from now on until the official release. Read more details about the new features at this blog post from Performancing.

Jeff Chandler also mentions in there that the admin panel demo by Chris Johnston is still up, so if you want to check out what WP 2.7 currently looks like without having to download and install it for yourself, just login (username: admin; password: demo).

Leave a Comment | Tags: , , , , ,

Wireframes of the WordPress 2.7 dashboard

October 2, 2008 | No Comments Yet

WordPress 2.7 Wireframes

One of the biggest things the WordPress development team is working on for the 2.7 release is the admin dashboard. And they’ve released a PDF containing wireframes of that interface.

WordPress 2.7 is a work in progress. These wireframes attempt to document the current state of or plans for the application. In some cases, elements may change as development proceeds, either because of technical issues or to address usability issues. In addition, elements may change during the visual design stage. These wireframes are a guide for development that will be updated as necessary, and are not set in stone.

We’ve seen demos of Crazyhorse before, but the PDF file explains in more depth what to expect in terms of the layout and functionality of the administration interface.

Check it out now.

Leave a Comment | Tags: , , , , , ,

WordPress Admin Dashboard to be updated in 2.7

August 26, 2008 | No Comments Yet

CrazyHorse

The admin dashboard is an essential part of what makes WordPress really work, which is why the Automattic team continues to tweak it to ultimate user interface perfection. In the upcoming version 2.7 (nicknamed “Crazyhorse”), WP FUN shares a glimpse of what the new dashboard will look like:

Each of the menu items on the left open and close as needed. Templates contains everything that is in the design tab now. Utilities features the new inbox (which seems to include notifications about WordPress and maybe new comments, but it doesn’t do anything yet) and some of the contents of the manage menu.

The recently-concluded WordCamp also demo-ed Crazyhorse. You can find more pictures here. See the “Riding the Crazyhorse” talk by Liz Danzico of Happy Cog, the company who redesigned the admin interface in WordPress 2.5.

A video courtesy of socialTNT is also embedded below:

Finally, CalinSoft has also posted an in-depth walkthrough of Crazyhorse, though unfortunately it’s in Spanish. (Try Google’s translation here.)

The dashboard is just a critical part of a blogger’s workflow, so it’s a good thing that WordPress is really working hard to continuously improve it.

Leave a Comment | Tags: , , , , , , , , ,