PIE Press News - September 2024

Welcome to the 4th edition of our PIE Press, our WordPress & WooCommerce Newsletter!

With the key development updates, valuable tips, and expert insights from the WordPress and WooCommerce community.

Whether you’re an experienced developer, a business owner, or just beginning your journey, our newsletter is your trusted resource for the latest trends, plugin updates, security advice, and best practices to elevate your WordPress and WooCommerce experience.

Stay up-to-date and ahead of the game with PiePress!

WordPress demanded an 8% cut of WP Engine's revenue...

In the latest news from the tech world, Automattic, the parent company of WordPress, demanded an 8% cut of WP Engine's revenue each month before a very public battle started.

The issue revolved around WP Engine's use of WordPress.org's open-source code without contributing much back.

Automattic's proposed a seven-year deal to allow WP Engine to use the WordPress trademark in exchange for this hefty payment.

This dispute is a reminder of the complexities that can arise in the open-source world, where the lines between fair use, monopoly, and the spirit of community contribution can sometimes blur.

What do you think about this situation?

Should companies be required to give back a certain percentage of their profits if they utilise open-source projects for commercial gains?

Matt Mullenweg spoke at WordCamp US 2024

I just read an insightful piece from earlier last week over at the WP Tavern before everything "blew up" with WordPress and WP Engine...

Matt Mullenweg spoke at WordCamp US 2024, exploring the concept of "Ecosystem Thinking" in Open Source.

He argues that what truly drives Open Source success is not the law but the ethos, the social mores. This Ecosystem Thinking, as he calls it, entails four essential elements: Learn, Evolve, Teach, and Nourish.

Mullenweg also raises a point about companies that contribute to the Open Source ecosystem versus those that merely benefit from it. He encourages us to "vote with our wallet" by supporting companies that actively contribute to the Open Source ecosystem.

Stating "To make his point, Mullenweg compared the Five For the Future contributions from Automattic and WP Engine, a competitor of similar size.

Automattic contributes 3,786 hours per week, while WP Engine contributes just 47."However, he also warns us about "parasitic entities" that only take without giving back.

He insists that the true success of Open Source lies not in the short term profits but the long-term contribution and sustainability.

What do you think about Matt Mullenweg's Ecosystem Thinking?

Does it resonate with your approach towards Open Source?

Link in the comments if you want to find out more.

WordPress decided to ban WP Engine from its resources

In a surprising turn of events, WordPress. org has decided to ban WP Engine from its resources...

This move has raised numerous eyebrows in the tech community as it limits the freedom of many WordPress users who rely on WP Engine for various services.

As talked about yesterday, the conflict began when Matt Mullenweg, WordPress co-creator and CEO of Automattic, accused WP Engine of:

- Profiteering

- Under-contributing to the WordPress community.

This accusation escalated to a point where WP Engine is now banned from accessing WordPress resources like:

- Themes

- Plugins

As a result, websites dependent on WP Engine cannot:

- Update their themes

- Install new plugins

This could potentially affect their performance and user experience.

Security updates are also inaccessible, posing a potential risk for those sites.

While WP Engine acknowledged the issue and stated they are working on a fix, the tension between the two parties remains high, raising questions about the future of user experience on WordPress.What do you think the outcome of this ban will be?

Will it affect your decision to use or continue using WordPress for web development?

Magento (Adobe Commerce) vs WooCommerce: What’s Right for Your Business in 2024?

Choosing the best eCommerce platform in 2024 can make or break your business.

With so many options, it’s tough to know what’s best.

Today, we’re breaking down two popular choices:

Magento (Adobe Commerce) and WooCommerce.

Both have perks and pitfalls, and the right choice comes down to your unique needs.

Let’s dive in:

Magento (Adobe Commerce) is perfect for large-scale operations:

? Scales with business growth.

? Top-notch security.

? Advanced SEO tools.

But… it’s pricey and requires serious tech know-how. Small businesses may find it too much to handle.

WooCommerce is ideal for small and mid-sized businesses:

? Easy setup and user-friendly.

? Budget-friendly with loads of plugins.

? Integrates seamlessly with WordPress.

However, it may struggle to support larger, more complex stores.

PIE Code stands by you as a partner to help you get the most out of WooCommerce, making sure it meets all your business needs - no matter how complex.

We have the know-how to take your WooCommerce store to new heights in 2024 and beyond, from custom integrations to unique features.

Have you got the right partner?

At Pie Code, we love collaborating with agencies on the technical side of web projects.

We believe that the right digital partner can make all the difference in a web project’s success.

Whether you’re a design agency or a business looking to grow online, having a reliable, flexible tech partner is key.

But how do you choose 'the one'?Is it about technical expertise or finding a team that feels like an extension of your own?In our experience, it’s a balance of both.

Reliability, innovation, and adaptability are crucial, but let’s not overlook communication. A partner who gets your vision, suggests solutions and fits right in with your team can elevate a project beyond just code.

What’s your take?

When choosing a partner, do you prioritise a proven track record or smooth collaboration?

If you are looking for a tech team to match and compliment your creative team, give me a shout, I'd love to chat.

WordPress has boosted its security measures...

This action follows a string of attacks that happened earlier this year.Several plugins fell victim to password security weaknesses.

To fight these risks, WordPress has rolled out two big upgrades:

Required two-factor authentication (2FA) for all plugin and theme creators

Use of SVN passwords

The 2FA, which will kick in from October 1, 2024, adds another step to check users' identities.

At the same time, SVN passwords give developers an extra security shield as part of the system that tracks changes.

Now approved people can change the code!

This boosts safety for plugins and themes.

This change is a big positive step to make WordPress stronger.

It makes sure all plugins and themes stay trustworthy, safe, and untouched at their source.We want to know what you think about these new safety rules.

Here at Pie Code, we offer our 'White Glove WordPress Hosting Service'.

This takes away the worry about safety and upkeep so you can focus on your business!

Send me a message or comment 'Security' if you want to learn more about it.

Are you prepared for a data breach?

If not, you're not alone!…

Most users are caught off-guard by a data breach, as highlighted in a recent Melapress survey.

- 65% see data theft as a major concern

- 47% without a previous breach lack a recovery plan

- 58% who are worried about compliance are not using Two-Factor Authentication

- 41% are wary about weak passwords and fail to enforce password policies.

If you own or run a WordPress site, the goal is not just to prevent unauthorised access but also to ensure compliance.

Here are some steps you can take:

1. Enable Two-Factor Authentication for an added layer of protection

2. Implement strict password policies and encourage frequent updates

3. Utilise a reliable security plugin to scan for vulnerabilities and monitor site activity

4. Consistently back up your site and store off-site for prompt restoration

5. Regularly update your WordPress core, themes, and plugins to resolve any security issues.

A recovery plan should also be in place, comprising of:

1. Automated, off-site backups and routine testing of the restoration process

2. A designated breach response team with clear roles

3. Prompt evaluation of compromised data and the extent of the breach

4. Awareness of legal obligations, including prompt notification requirements

5. Post-breach security improvements with regular audits and stricter access controls.

Our 'White Glove WordPress Hosting Service' provides security and maintenance support. We handle updates, backups, and proactive security, freeing you up to focus on your business.

Want to learn more?

Let's have a chat and ensure your site is secure, compliant, and always up-to-date.

Are you looking for 'the one'...

At Pie Code, we love collaborating with agencies on the technical side of web projects. We truly believe that the right digital partner can make all the difference in a project's success.

Whether you're a design agency or a business looking to grow online, having a reliable, flexible partner is key. But how do you find 'the one'?

Is it about technical expertise or finding a team that feels like an extension of your own?

In our experience, it's a balance of both and

- Reliability

- Innovation

- Adaptability

are all crucial, but let's not overlook communication.

A partner who gets your vision, suggests solutions and fits right in with your team can elevate a project beyond just code.

What's your take?

Do you prioritise a proven track record or smooth collaboration when choosing a partner?

I'd love to hear your thoughts.

How have your partnerships helped your business grow?

Also, of course, if you want to team up, or chat about the possibilities, drop me a DM!

I'm all ears :)

I never had an intention to become a runner...

Living a sedentary life for over 40 years, the thought of running felt like an unachievable task.

Before the lockdown, I accepted a challenge. I started the Couch to 5K program.

This is an NHS app designed to transform non-runners into 5km runners.

The journey was tough, leading to multiple dropouts.

After deciding to slow down, I started to repeat each week twice and started making lifestyle changes, you know, losing a bit of weight and reducing those after-work beers. In the summer of 2022, I successfully ran my first full 5K.

The secret?

It's not a big one, just staying consistent and remaining active even on non-running days.

Running went from being a daunting task to an enjoyable activity. It became a time for a bit of self-reflection and clarity.

Despite my 5k time not being impressive and having run a 10k only once, I enjoy running. I consider it my therapy.

A time to escape, let my mind wander, and reset. After finishing Couch to 5K, the Nike Running Club app guided my subsequent runs. This made the running experience more meditative.

Now, running is not just an exercise for me.

It is vital to my work-life balance.

Running has taught me patience, perseverance, and the importance of pacing. Running helps maintain my mental balance and keeps me grounded. If you're thinking about starting from zero, take the leap.

Yes, it will be hard, and you might struggle.

But keep pushing. Your motivation will propel you. Soon, the hard days will be numbered.

If you really want to do it, then that'll get you up and out on those days when you really don't want to do it.

And, as time goes on, those days will become fewer and fewer. ...that last bit is about running, but it is also not about running

Urgent update is needed for LiteSpeed Cache plugin users...

A critical flaw has been identified in the LiteSpeed Cache plugin, putting more than five million WordPress sites at risk of compromise. If you are not in a Windows environment, you should update to version 6.4 (or higher) immediately.

This flaw, known as the unauthenticated privilege escalation vulnerability, potentially allows attackers to gain administrator access and could enable the upload and installation of malicious plugins.

It's primarily due to a weak security hash in the user simulation feature. Unfortunately, this hash is relatively easy to guess, allowing potential attackers to brute-force it, potentially creating new admin-level accounts.

Remember, even if your site has the LiteSpeed Cache crawler feature disabled, it remains vulnerable. Only Windows systems are immune due to the unavailability of certain functions required to generate the hash.

So, upgrade to the latest plugin version and check your sites' user lists for any unrecognised admin-level accounts.

Are you ensuring your WordPress plugins are regularly updated to safeguard against such vulnerabilities?

That's it for another (what turned out to be explosive!) month.

Should you have any questions or queries about any of the stories or WordPress and WooCommerce related issues or want to chat through a forthcoming project, do get in touch below.

All the best

Have a WordPress project coming up?

Need help with a high-level WordPress problem?

Drop me a DM or call the team and we can help!

T +44 (0)20 7873 2224

E [email protected]

W pie.co.de