Removing Buttons from TinyMCE

Recently I was asked how to "prevent my clients from messing up the look and feel of the site because the client loved to combine crazy colors in the text"?  This opens up two different avenues of response.  The first solution is to enhance your "training opportunities" for your clients.  This can be done in a number of ways:

  • You can record a number of "getting started" videos and grant access to each of your clients.
  • You can deliver a document/PDF/booklet/etc that contains instructions on how to use their site you built for them.
  • You could include one-on-one training options as part of an ongoing maintenance package/plan.

While all of these above options may encourage your clients NOT to use their creative color patterns and font sizing within their blog (which many times may cause issues with site layout and such).  One of the easiest ways to cut these issues off at the pass would be to remove the "offending" buttons from WordPress' TinyMCE editor bar.

Shortcode for Mobile Content

Recently it was asked if there was an easy way to use a WordPress shortcode to easily hide or show wrapped content on mobile devices.  While there are numerous plugins and even a few themes that offer this functionality out of the box, there can be issues when you change a plugin or theme.  So I put together some basic code that can be placed in either the active theme's functions.php file or placed in a plugin you may use on your WordPress website.

The two pieces of code below will enable two shortcodes to be used on your WordPress sites:

[hide_from_mobile]This is the content you want hidden from mobile browsers.[/hide_from_mobile]

&

[show_if_mobile]This is the content you will only show on mobile browsers.[/show_if_mobile]

The two pieces of code are as follows:

and

If you have any questions, you can ask them below.

Cloudflare Security Precaution Alert

Good web security requires a constant eye on things that happen on the internet.  Cloudflare revealed yesterday that a buffer overflow / leakage occurred last week that may have affected around 0.00003% of their HTTP requests.  Due to the nature of this bug, I recommend that anyone who uses the Cloudflare services (be it DoS protection, DNS management, Flexible SSL, etc) take the opportunity to consider updating your security credentials:

  • Change your password
  • Change your two-factor authentication (normally this requires deactivating then reactivating to get a new "key set")
  • If you use any APIs through Cloudflare, I would encourage you to generate a new set of keys.

For WordPress users, any easy way to log everyone out of your sites and require them to all re-login to the WordPress site is to change the SALT keys in the wp-config.php file.  All you have to do is find the code pictured below (with your own version of random characters) in your wp-config.php file.

Then replace it with an auto-generated new set of keys found at: https://api.wordpress.org/secret-key/1.1/salt/

This may also be a great opportunity to encourage people to put in place a security plan for your WordPress sites and/or client sites that you manage.  One suggestion would be to expire all passwords your clients use to access their sites every 90-120 days.  If and when clients push back on this security enhancement it can open the door for you to introduce password managers like LastPass, Dashlane, 1Password to your clients that can help keep them safer online.

Only Allow Administrators Access to Admin Area

For many WordPress developers, building a website where there is only a content producer who is going to access the Admin area of WordPress is fairly easy.  You know before hand which users will have access and you can prepare and lock down the site accordingly.  The "fun" begins with you begin allowing visitors / users / customers / clients to register for accounts on the WordPress site.

That's when THIS begins to happen for users...

Why should your subscribers even be allowed to see the "underbelly" of WordPress (as described by my older neighbor).  Yes, you probably want to offer the ability to update profile information for subscribers, but most developers are going to do that on the front end of the site, in an area that is much easier to style.  And while most "front end user profile" WordPress plugins may redirect logged in users to their new better looking profile/account pages, many of them don't block access to the Admin area.

This is where the good stuff happens. The following code does two things. It first checks to make sure the current user is NOT an Administrator and checks to see if that current user is trying to access any of the Admin pages in WordPress (essentially the <em>/wp-admin/</em> folder). If the code decides you shouldn't have access it simply redirects the page load to go to the homepage.

You can adjust the "location" of the redirection by changing the home_url() to a different URL.

This is an excellent code snippet to save and/or use for all your sites that you are working to "lockdown" and protect your users from having access to the admin areas of WordPress.

And so it begins...

Today is an exciting day for me. It is the day I can begin to reveal a few of my plans. There is a lot more announcements coming but I wanted to take a moment to talk about the Pre-Launch "Founders" Membership deal.

Over the past eight years I have been known as The Professor at WebDesign.com & iThemes.  Creating and educating people all over the world with over 1,000 hours of live training.  But I recognized that something was happening.  As more and more individuals started growing in their skill level they became more and more isolated as freelance developers.  It's hard to continually educate yourself on the latest design and code skills while still focusing your attention on taking care of your clients.

And that's when it hit me...

Freelancers need a community where they can be in control of what they learn.  They need to be able to feel they have an avenue to reach out to others.  They need and WANT a support system of link-minded freelancers.

Over many years I've seen that there are specific types of tools that freelancers, specifically who are working with clients, have a desperate need in their toolbox.  And while some plugins and/or themes might exist that do the work there aren't any training or customization ways of getting it JUST the way a freelancer wants.

So here's the deal...

  • The new WPStudio Community has access to my live and interactive training events.  But it gets even better.  Community members have the ability to vote on the training they want to receive. So while the growing library of useful training is always available to members you also have the power to influence the direction the training goes. (More on this later).
  • I've been developing a ton of different utility and solution-based WordPress plugins for a while now.  These all get updated and provided to all WPStudio Community members.  Plus, members get to also influence the direction of development for all current AND future plugins.  That's right... if you need a plugin to be forked due to wanting a different feature set or your "must-use" plugin that you need to continue your business, you can bring it before the community and we'll vote to see if we want to fork the plugin and bring it into the WPStudio stable of plugins. (More on this later).
  • Sometimes you just need to know someone is "on the other side of the table".  WPStudio Community members get access to a custom Slack channel as well as Founder Members get direct chat access to me. (More on this later).
  • For the past 8 years, I created and taught 16 different WordPress Developer Courses at WebDesign.com/iThemes.com. Those that have been a part of those week long intensive training events have said it was their favorite part of training.  Now as part of WPStudio, I am excited to let you in on a little secret.  Members of WPStudio Community will have access to the upcoming WP Dev Camps.

And I saved the BEST for last...

As a special deal for those looking to join the WPStudio Community as Founder Members (there are ONLY 50 places) I'm offering a mini-coaching session (2 part) with each of the Founder Members.

If you are wanting to be a part of this new community and gain access to a group of tools, training, and like-minded individuals, you DON'T want to miss this opportunity.

There will ONLY be 50 Founder Members memberships sold.  Once they are sold, the price will return to the full membership prices.

If you have any questions about the new community or about me and my training, plugins, and themes, please reach out and ask.  You can even use this form to make it easier.

I look forward over the next week of walking through a number of benefits that come with the WPStudio Community.