This past weekend I got to attend WordCamp Mid-Atlantic, my first WordCamp ever. This years conference took place at Johns Hopkins University in Baltimore City. The venue was a little tricky to get to and the parking situation was a bit limited, but once I got there I had a great time. The place was packed with all kinds of different people who shared one common interest — they all love WordPress.
The camp was divided into two tracks; beginner and pro. I spent the whole day in the pro track and my summary of the talks are below.
Scott Kingsley Clark – WordPress as a CMS
Scott Kingsley Clark led off the first session of the pro track with WordPress as a CMS. His talk covered how to add more fields to the edit screen besides the usual title, post, tags, and categories we’re all used to seeing. He walked through using a plugin called Pods CMS, which he is a co-author of. To me, it seems a little over complicated. I like to use custom meta fields to extend the data contained in posts or pages. For a non-technical user who isn’t comfortable writing PHP, Pods CMS seems like an acceptable solution to get them up and running.
Brad Williams – WordPress Security
I’ve listened to Brad many times as a regular on the SitePoint podcast so it was good to actually meet him in person. His talk (slides available) on WordPress security was well attended as securing a WordPress install is applicable to every blogger. The tips Brad dished out would help anyone lock down their blog with such methods as checking your file permissions, deleting the admin user, changing the prefix on your database tables, and (most importantly) staying up to date with plugins and core updates.
At the end of his talk he mentioned a list of plugins to help with WordPress security.
- WP Security Scan – Scans your WordPress installation for security vulnerabilities and suggests corrective actions.
- WP-MalWatch – performs a security scan of your WordPress installation nightly looking for evidence of foul play and if WP-MalWatch finds it, a dashboard widget will tell you were you should take a closer look.
- ServerBuddy – a plugin that tests server configuration to analyze the quality of your hosting & server configuration, and seek out problems with compatibility with various WordPress themes and plugins.
- Exploit Scanner – searches the files on your website, and the posts and comments tables of your database for anything suspicious.
- WordPress File Monitor – Monitor files under your WordPress installation for changes. When a change occurs, be notified via email.
- Login Lockdown – records the IP address and timestamp of every failed login attempt. If more than a certain number of attempts are detected within a short period of time from the same IP range, then the login function is disabled for all requests from that range.
For lunch a group of us went across the street to Tambers, an indian burger place. Their burgers are perfectly normal but the last page of the menu had indian dishes. Weird. I also got a chance to meet Lokesh Dhakar, the author of the original lightbox script. He’s a smart guy.
Andrew Nacin – Undiscovered APIs
Photo by Nick Whitmoyer
After lunch, Andrew Nacin gave a talk (slides available) about functions and APIs that aren’t as well known about among developers. Since they aren’t well documented, the only way to learn about them is reading the source. I really got a kick out of his talk because I had been looking at some of these functions for a project of mine. Some neat functions include
- wp_remote_request – to download files to your server from the web. WordPress uses this internally to download updates, themes, and plugins from within the admin screen.
- wp_handle_sideload – lets you add a file to the media library that is already located somewhere else on your server.
- oEmbed – allows the embedding of media by simply including the URL in a post. WordPress makes it easy to add your own oEmbed providers.
- add_feed – lets you make your own feed. Andrew demonstrated how to make a JSON feed of your blog posts with just a few lines of code.
It is no wonder Andrew knows all of this stuff, he’s one of the seven core contributors for the WordPress project.
I liked in-depth technical talks like this. I was probably one of the few people who this didn’t go over their head.
Jacob Goldman – Customizing WordPress Admin
Photo by Nick Whitmoyer
Customizing the back-end admin screen of WordPress is a big selling-point for Jacob’s consulting business. He feels the admin screen should be as simplified and tailored to the clients need as possible. And contrary to what others might say, WordPress makes it simple to tweak the admin screens.
Much of what Jacob talked about was removing sections like menu items that aren’t used and the default widgets on the dashboard. He added his own custom widgets to the dashboard to point to a contact form if the clients need more help. Speaking of help, you can also customize the contextual help menu tab that appears on practically every page. Adding your own help text is a great way to avoid people asking you the same questions over and over. At the least, you can tell them to check the help tab on the page you have a question with. WordPress also lets you customize the look and feel by adding your own stylesheet and overriding the default styles.
Jacob’s talk was inspiring for cleaning up the backend. He put a sample theme file that you can copy and paste from into your own theme.
Jane Wells – Closing Keynote
Photo by Nick Whitmoyer
To wrap up WordCamp Mid-Atlantic, we had the opportunity to hear from the head user experience leader for WordPress, Jane Wells. The keynote was delivered over Skype… from within a moving car! The video was a little blocky, but given the circumstances it was easily forgiven. Some of Jane’s keynote was about the upcoming improvements to WordPress. But most of the talk was gossipy Gnu Public License cruft. It wasn’t that interesting to re-hash the same stuff every other blog was blabbering about a month ago.
So that was WordCamp Mid-Atlantic. A huge thanks goes out to Aaron Brazell for organizing the whole thing and all of the sponsors for making the event possible. I look forward to attending other WordCamps in the future and maybe even hosting a talk of my own.