Don’t be fooled by this Github scam when hiring a developer

When we’re on the prowl for new developers to join our team or help out as freelancers, there’s a common scam we’ve run across multiple times in the past few months. It’s easy to fall for, and letting this slip by can mean hiring someone that doesn’t actually have the skills they portray.

One of the first things we request during the application process is their Github repo. This gives us lots of insights about them:

  • Range of coding languages they can write in
  • How they tackle complex problems through code
  • Formatting and cleanliness, styling
  • Interests and side projects
  • Willingness to share code with the community (open source rocks)
  • Experience with the platforms we’re working with (WordPress & ActiveCampaign)

Recently, we’ve been seeing a trend of developers using a Github feature to trick people into believing they have written and managed code that is not their own. In most cases, the use of this feature is not malicious, but it’s worth spreading the word to bring awareness to some bad apples that are out there using this as a scam.

A Github feature is being used as a scammy sales tactic. Click To Tweet

Continue reading “Don’t be fooled by this Github scam when hiring a developer”

[Knowledge Nugget] Using progressive disclosure to improve web user experience

Crafting a seamless user experience for an interface takes a certain level of genius and creativity. One technique is called progressive disclosure – the concept of showing the right interface at the right time in context.

At WordCamp Orange County 2016, our Lead Design Partner, Michelle Schulp, demonstrated this technique used in an event management plugin.

Video Transcript:

Another one that’s one of my favorites is the concept of progressive disclosure and that’s basically where you show only the content that you absolutely need at first and then show more to the user as needed.

This is different than a wizard because in a wizard, you are shown this screen and then this screen and then this screen. With progressive disclosure, you’re shown one thing and then the next thing in the context and then the next thing in the context. So at the end, you’ve got a whole bunch of information. I have got an example here. So here is like a recurring events interface, right? So recurring events are complicated, there’s a lot going on. But the first thing you see is, this is a recurring event, what date did it start? What time is it? Once you pick that you like, I want to add a rule. Cool. Now this is how I want it to be every day at the same time ending on this thing. All right. I got this, I’ve said it. If I change my mind about the start date, its right there. I can still go back and change it. OK I want to change this to be a different time, this rule is going to be different time and that time. So now I see this new stuff, I can change the time. At any given time, I could still go back and change my mind about any of it I can reset it it’s all there in context.

Now I want to add another rule. Also I want this to be weekly at this time. Now if I would have seen all of this right at the beginning, like right when I showed up, I would’ve been like what am I even doing right now? Right? But because I was able to go through the steps, I’m able to do it fairly easily. And yet I still know where I came from and where

I’m going and I can change my mind about any of it at any given time. So I’m a big fan of progressive disclosure when it comes to displaying complex content. Especially in admin interfaces, I think it’s wonderful.

Your responsibilities as a site owner and the liabilities if you are hacked

We’ve all seen the headlines. “Yahoo confirms major breach — 500k accounts affected” … “JPMorgan Chase hacking affects 76 million households” … “Hackers selling 117 million LinkedIn passwords” … and the list goes on. Hackers are out there, scouring the web and looking for sensitive information they can use or sell for profit.

Even with these well-known companies being hacked, many site owners don’t take the steps to protect their own systems to thwart intruders. Many business owners may not consider the potential liabilities if a security breach does occur.

Every site is a target

There’s a common misconception that hackers only target sites with lots of traffic. Continue reading “Your responsibilities as a site owner and the liabilities if you are hacked”

Tearing down the child theme misconception – they needs updates, too!

photo-1453133451515-5ff7c1d0d63c

If you have a WordPress website and are using a theme purchased from ThemeForest or another theme marketplace, the best practice is to use a child theme for your customizations. This allows you to update your theme in the future without overwriting the custom code that adds additional features and functionality. However, there’s a growing misconception regarding child themes and this post will help clarify the situation.

Recently, both Easy Digital Downloads and WooCommerce came out with new versions that changed how code should be written to change functionality within the shopping experiences. We started receiving messages from site owners who had placed code within their child themes and were wondering why the updates would have affected them if they used a child theme.

Some believe that if you place code within a child theme, that means it will always be compatible with future “updates”. This may be true when it comes to theme updates (depending on how much your theme’s developer cares about backwards compatibility), but there is no guarantee that your code will work with future plugin or WordPress core updates. This is a huge difference. Plugin developers are under no obligation to make their plugins work with previous code snippets that placed in a child theme – and it’s likely that any custom PHP code you place there will need to be updated due to a WordPress or plugin update in the future.

'A child theme keeps you compatible with future theme updates - not plugin or WordPress updates' Click To Tweet

In short, if you place PHP code within your child theme, test your site when new plugin or WordPress updates are released to make sure everything is still compatible and know that you may need to tweak the code in the future to keep your functionality alive.


Did your site’s functionality break due to a recent plugin update – and you need some help getting back in shape? We can help get your site back to normal and maintain it regularly so this doesn’t happen again. Contact us here.

Build it and they will come: an (untrue) story

photo-1458130713137-8b7237fb3648

The barbecue conundrum

You’ve spent a week planning the perfect barbecue. The location is a prime spot on the beach, the weather at the 1PM kickoff will be sunny and warm, the food is purchased and ready for cooking, and the speaker setup will be absolutely killer. When the time arrives, you pack up your things and head to the spot.

When 1PM rolls around, none of your friends have arrived but you start cooking the food. The hamburgers are ready at 1:15PM, but there’s still no one in sight. At 1:30PM, you realize your mistake.

You never invited your friends. You didn’t tell anyone about the BBQ. You spent all that money, put in all that time, and nobody showed up because they didn’t even know it was happening.

Websites are like barbecues

The scenario above seems implausible, but it happens with websites all the time. Business owners and entrepreneurs with “the next big thing” burn through thousands of dollars developing their next great idea and forget about marketing, how they will attract and retain visitors, and how they’ll make money to sustain.

You can prepare the best BBQ ever, but if you don’t tell anyone about it, it’s worthless.

'You can prepare the best BBQ ever, but if you don't tell anyone about it, it's worthless.' Click To Tweet

Continue reading “Build it and they will come: an (untrue) story”

How to report technical issues to your development team

 

There are two ways to write error-free programs; only the third one works. (Alan J. Perlis)

 

Your computer’s software was written by some of the smartest minds in the world. Yet, it has bugs. Errors. Security holes. That’s why your computer prompts you  to update all the time- new patches and fixes are introduced to take care of bugs that are uncovered.

Websites are compromised of software, as well. And just like computers, they can have bugs that affect their performance or usability. But how are bugs discovered and patched?

Uncovering the bugs

photo-1452555099503-3985696e7c0a

When code for a website is written, it goes through a QA (quality assurance) process by the development team. This means someone is performing each task on the site – adding a product to the cart, going through checkout, writing a review, etc – and ensuring that it’s working as expected. QA will also cover testing on different screen sizes and browsers. A great number of bugs – especially showstoppers that prevent core features from working at all – are found during this phase. This means that the majority of issues never make it to the live server.

However, some bugs manage to get past QA. There’s a multitude of different tests that can be tried during the QA process, but bugs can be discovered when something new or different is attempted. Here’s a short list of things that can affect websites:
Continue reading “How to report technical issues to your development team”

The difference between a web consultant and web developer

photo-1465429108843-b037568eb231

A tale of two business owners

Two competing business owners, Luther and Eileen, are looking to grow their companies with a new marketing platform on the web.  They both have the same vision in their head about how the platform should look and what results they should expect over the next few years.

Luther finds a web developer online who charges $20/hour. After explaining his vision for the platform, the developer gets to work right away with great enthusiasm. Just a few weeks later, the platform is launched and Luther is only out $2,500.

Eileen asks her friend for a referral and is recommended to speak with a web consultant. After listening to her concept, the consultant comes back with a list of ideas for alternative approaches to the platform and how it can be more readily adopted by customers. The platform project has turned into a marketing + sales tool that will take $10,000 to build. Eileen approves the project. Continue reading “The difference between a web consultant and web developer”

How to change your WordPress username

Maybe you were zipping through the WordPress setup process and misspelled your username. Or maybe your username is ‘admin’ and you just learned how that’s a huge security risk. Whatever the reason may be, WordPress doesn’t have a built-in way to change your WordPress username. If you go to your profile in the Dashboard, you’ll see a note that says, “Usernames cannot be changed.”

But… there is a way to make it happen!

Steps for changing your WordPress username

Before you begin, note that you will need to be an admin (or have an admin complete these steps).

  1. In the WordPress Dashboard, go to Users > My Profile
  2. Add a letter to the beginning of your email address then scroll down and hit “Update Profile” (e.g. [email protected] should be [email protected]) — this frees up your email address to be used in a new account
  3. In the sidebar, go to Users > Add New then type in your desired username, your email address, and choose the Admin role (or whatever the current role is for the account you’re changing)
  4. Hit the “Add New User” button
  5. Log out of WordPress then log back in as the new WordPress user
  6. Go to Users > All Users
  7. Hover over your old username and press “Delete”
  8. Important – on the next screen, press the radio button for “Attribute all content to” and select your new username in the dropdown
  9. Press “Confirm Deletion”

You’re now free to roam about the WordPress with your new username. Don’t gloss over step eight or else you will lose all of your posts, pages, and other content that was created under your old account. Happy WordPressing!

Form submissions from Gmail users will start failing soon… Here’s the fix.

Dakirby309-Simply-Styled-GmailWhen a potential customer fills out your contact form, how important is it that you get notified? How much money could you potentially lose if you don’t receive one important email notification from your site? An upcoming change from Gmail could affect your site very soon.

Following in the footsteps of AOL & Yahoo, Gmail will soon change a policy that will stop contact form submissions and other emails from “looking like” they are coming from a Gmail email address. In short, if your contact form uses the submitter’s email address in the “TO” field for the notification, it will fail and won’t ever hit your inbox.

AOL already made this change for AOL email addresses in 2014, as did Yahoo. As such, you may want to check your contact form plugin’s entries list and see if you missed some important notifications…

What’s the fix?

The policy change – or, in technical terms, the “DMARC policy being updated to ‘reject'” – means your automated emails must be coming from a different domain besides @gmail.com, @yahoo.com, or @aol.com.

To prevent the emails from failing, set the “TO” address in your contact form to [email protected] or simply set it to your own email address.

gmail-dmarc-policy

Bonus tip: to make life easier when you’re responding to the email notification, set the “Reply To” to the submitter’s email. When you hit the reply button in your email app, it’ll be set up to reply to the submitter rather than the noreply email address.