WordPress Interview: How SEOs & Publishers Can Improve WordPress via @sejournal, @martinibuster

A full-time sponsored contributor to WordPress discussed how publishers and members of the search marketing community can influence WordPress so that it’s more useful for all the things they want it to do.

The person I spoke with was Naoko Takano, a full-time sponsored WordPress contributor whose focus is on contributor experience improvement. She has also been responsible for organizing WordPress events in Asia.

WordPress Community

Many regard WordPress as software to manage content. But WordPress is more than that.

WordPress is actually a community that creates WordPress together.

As part of that reality, WordPress holds community organized conferences called WordCamp where members of the WordPress community attend workshops and presentations.

But, as far as I know, it’s never been a high priority with the search marketing community or even with publishers.

It seems like many of the publishers and SEO professionals who use WordPress don’t participate in the WordPress community itself.

I asked Casey Markee of Media Wyse (LinkedIn), a consultant for Food and Recipe bloggers, why WordPress publishers don’t seem to get involved with the WordPress community.

Casey offered this opinion:

“I think that’s a valid statement that publishers don’t get involved with the WordPress community.

I can’t tell you of any of my clients who have even considered going to Wordcamp and all I do is WordPress sites.

With the free training, masterminds, other conferences, etc, Wordcamp is not really a top recommendation.”

Perhaps the lack of interest is a perception that WordCamp is for developers and web designers, not for publishers and SEOs?

What WordPress Events Offer SEOs, Affiliates & Publishers

A September 2023 WordCamp in Rochester, New York has sessions about:

  • Improving sales pages
  • Using AI with WordPress
  • The pros and cons of page builder plugins
  • Tips on how to cultivate long-term readers

WordCamp is a chance for everyone who uses WordPress to share their ideas about what they want for WordPress and to share how to have success with it.

What follows is an interview with Naoko Takano, a full-time sponsored contributor involved with community at WordPress.

Interview With Naoko Takano of Automattic

It seems like WordPress core contributors seem to get the most spotlight.

However, about non-developers and programmers?

Question: How can SEOs, affiliates and publishers make WordPress better?

Naoko:

More than 20 Make WordPress teams regularly contribute to the project in different ways—from documentation and translation to marketing and support.

A new Sustainability team was formed a few months ago to help ensure sustainable practices and processes for WordPress.

Projects like the Photo Directory have introduced new ways to get involved in the project, catering to those interested in openly licensed photography.

Inclusivity is a core principle of the community, which strives to provide contributing opportunities for everyone.

Moreover, ongoing efforts are to improve the contributor journey and onboarding, such as the WordPress Mentorship pilot program.

For those unsure where to get started, this new tool aims to help them identify areas of contribution that match their skills and interests.

I get the feeling that there are subsets of WordPress users like SEOs, food bloggers, affiliate marketers, and local businesses (plumbers, restaurants, etc.) who may have specific needs that they’d like to be understood by the WordPress ecosystem.

WordPress Wants Insights From Real Users

Question: What would you say to those people who may not know that they can contribute to the development of WordPress?

Naoko:

Contributing to WordPress means your skills, needs, and interests can drive innovation and progress within the project.

The insights from real users are immensely valuable and can help shape WordPress in ways that benefit everyone.

You can share feedback, join discussions and events, report issues, or even participate in testing.

Feel free to reach out through the official forums or local meetups.

Together, we can make WordPress even better for all its users.

About WordCamp

Question: What is WordCamp?

Naoko:

WordCamps are community-organized events where people who use, build, and work with WordPress come together to learn, contribute, and connect.

They typically include talks, panel discussions, and occasional workshops and hackathons. WordCamp organizers are encouraged to create welcoming and open events, so content often ranges from web development to business to content writing.”

Question: How do WordCamps fit into the overall WordPress community?

Naoko:

“WordCamps began as a gathering for like-minded individuals, but they have grown to become a key connector within the WordPress community—nurturing education, collaboration, and inclusivity.

Like occasional in-person meetings in distributed companies, WordCamps have been essential for the open source project collaboration, allowing contributors to meet and bond.

With 1179 WordCamps across 393 cities in 65 countries (as of August 2023), they have acted as a grassroots marketing tool in the early days of community marketing, with enthusiastic users teaching and inspiring others.

In light of changes in how people gather, especially in recent years, the community looks to evolve the purpose of WordCamps and introduce innovations in both format and content offerings.

While we are seeing a new wave for WordPress events, their core values of inclusion and diversity remain the same.

Fresh, new ideas for events are not only welcome but highly encouraged.”

Offer Feedback To Your Favorite Plugin, Themes & Web Hosts

Plugin makers, hosting companies, and other well-known brands associated with WordPress attend WordCamps.

Question: Are there opportunities to meet with these companies and provide feedback or get more information about how they can help publishers?

Naoko:

“WordCamps often include a designated area with sponsor booths where companies display their products and services.

Representatives from these companies are present as attendees during the event and at after-parties, and they welcome people to ask questions, provide feedback, and learn about their offerings.

WordCampers love “hallway tracks” where informal conversations and networking happen outside the scheduled sessions.”

WordPress Events Are Opportunities To Grow Your Business

It seems that publishers should be at the heart of the WordPress community.

What can you say to publishers like food bloggers or affiliate marketers that would encourage them to attend a WordCamp?

Question: What’s in it for bloggers and affiliate marketers? What can they get out of it?

Naoko:

“Attending a WordCamp or WordPress event provides publishers, bloggers, and marketers valuable insights into the ongoing evolution of the WordPress platform and its ecosystem, such as plugins and themes.

WordCamps present numerous opportunities to grow their business and build connections in diverse ways, particularly through networking and learning from experts and fellow creators.

These events are designed with an inspirational approach and contribute significantly to the personal and professional development of those participating.”

The Difference Between WordPress.org & WordPress.com

For some users of WordPress, it might not be apparent that there’s a difference between WordPress.org and WordPress.com.

Question: Where do WordPress.com and Automattic fit into the overall picture of WordPress.org, the CMS most people use?

Naoko:

WordPress (often referred to as WordPress.org) is free, open-source software that anyone can download and install on the hosting platform of their choice.

Supporting its mission of democratizing publishing and the freedoms that come with open source is a large community of people and organizations collaborating and contributing to the project.

Throughout its 20-year history, WordPress has given rise to an ecosystem that represents a thriving economy in its own right, being the foundation for commercial products built on top of the open source software, such as WordPress.com—owned and operated by Automattic.

WordPress.com is a fully hosted version of WordPress with added features for security, speed, support, and more.

In other words, there’s no software to install or manage.

You can just sign up and start publishing content.

In addition to WordPress.com, Automattic has other WordPress-related commercial services and products and significantly contributes to the open source project.

Resources like this one from Learn WordPress provide a more detailed explanation of the differences between WordPress.org and WordPress.com.”

The Future Of WordPress

The WordPress open-source project is a remarkable success story that has many chapters yet to be written.

Question: What are some of those chapters that users can look forward?

Naoko:

“The present and future of WordPress hold exciting opportunities for everyone, from builders to enterprises.

The newly released WordPress 6.3 is packed with exciting features and tools that allow users to seamlessly shape all aspects of their online presence using blocks.

Explorations for Phase 3 of the WordPress roadmap, which have already begun, are focused on fostering real-time collaboration and streamlining the publishing flows to improve how creators and teams work together within WordPress.

This will help pave the way for the much-anticipated multilingual feature (Phase 4), making WordPress more accessible across different languages.”

How Can Publishers, Bloggers and Search Professionals Get Involved?

The publishing community, including affiliates and search marketers, have specific needs for how websites perform.

But these people are not coders.

Question: How can search marketers, affiliates and other publishers help make WordPress better for their specific requirements?

Naoko:

“Participation in future development is not limited to coding; it involves providing feedback, testing new features, and sharing feedback with the community of contributors.

By actively engaging, every user can have a say in shaping the future of WordPress and ensuring it remains a platform that thrives in the changing digital landscape.

A great way to stay on top of the latest developments and contributing opportunities is to subscribe to WordPress News and the WP Briefing podcast.”

WordPress Belongs To You

The search marketing community, for a long time and even today, experienced frustration from the low core web vitals scores of WordPress sites.

I can’t help but think that if SEOs and publishers had participated more in the WP community, core web vitals would have been addressed years earlier.

We can dump on WordPress and point fingers but ultimately, WordPress is all of us who use the CMS, so some of those fingers should rightfully point back at us.

An important takeaway from this interview is that WordPress does not improve in a top-down manner, where SEOs, affiliates and publishers passively wait for improvements to happen.

There are many opportunities that WordPress offers publishers and SEOs to get involved, including testing and offering feedback.

WordCamp is something that all publishers should view as important to their business.

It’s an opportunity to tell the people who make the plugins, the business that host your sites and create the themes, the people who work on the WordPress core what we want to see improved, what features we need  right now to make our businesses perform better.

There’s a lot going on at WordPress where publisher and SEO influence is needed.

Check out the WordCamp schedule to see if there’s one near you.

It may help you improve your bottom line.

Logo by WordPress/Featured image by author

WordPress Metform Elementor Contact Form Builder Plugin Vulnerability via @sejournal, @martinibuster

The U.S. government National Vulnerability Database (NVD) issued an advisory about a vulnerability affecting Metform Elementor Contact Form Builder WordPress plugin that could leak sensitive information.

Metform Elementor Contact Form Builder for WordPress

The Metform Elementor Contact Form builder is a third party add-on to the popular Elementor page builder plugin with over over 200,000 installations.

It offers a drag-and-drop interface that makes it easy to build contact forms, including multi-step forms.

The Metform contact form builder WordPress plugin for Elementor allows beginners with no coding skills to create surveys forms, contact forms, referral feedback forms and also can save a form so that a user can return to the form if they lose and regain Internet connection.

According to the official WordPress plugin repository:

“MetForm, the drag-and-drop WordPress contact form builder is an addon for Elementor, build any fast and secure contact form on the fly with its drag-and-drop flexibility.

It can manage multiple contact forms, and you can customize the multi step form with an Elementor builder.”

Information Disclosure Vulnerability

The vulnerability allows an attacker to obtain sensitive information.

This vulnerability is rated by the NVD as a medium level threat because it requires an attacker to obtain a subscriber-level or higher user role.

A subscriber-level user role is a relatively low bar for activating the exploit, as it’s easier to obtain than an admin or editor level user role.

An attacker only needs to subscribe to a website in order to be able to launch an attack.

Elementor’s website describes the subscriber user role:

“A WordPress subscriber is a site user who can only edit their profile, read posts, and leave comments.

WordPress uses the concept of ‘roles’ to enable a site owner to control and manage what set of tasks (capabilities) users can do or not do within the site.

A subscriber is the lowest level of user role with the fewest permissions.”

Thus, an attacker can begin hacking the site with the lowest level user role.

The NVD describes the threat:

“The Metform Elementor Contact Form Builder for WordPress is vulnerable to Information Disclosure via the ‘mf_first_name’ shortcode in versions up to, and including, 3.3.1.

This allows authenticated attackers, with subscriber-level capabilities or above to obtain sensitive information about arbitrary form submissions, including the submitter’s first name.”

Update Plugin To Mitigate Attack Threat

This vulnerability affects Metform Elementor Contact Form Builder plugin versions up to and including 3.3.1.

The most current version of the plugin is 3.4.0.

Metform Elementor Contact Form Builder Version 3.3.2 is the version that fixed the vulnerability.

According to the official Metform Elementor Contact Form Builder Changelog:

“Version 3.3.2

…Improved: Security, nonce and authorization checking.”

Read the official NVD advisory:

CVE-2023-0689 Detail

Featured image by Shutterstock/pedrorsfernandes

How to create a video website

There are many reasons why you may want to create a dedicated website for your videos. Perhaps you’re selling a course that you want to put behind a paywall. Maybe you’ve created a video series or podcast that requires its own branded home. Or maybe you just want to create an immersive environment for users to consume your video content, without the typical distractions of YouTube.

Whatever your goal, you can take two approaches to achieve this. You either use the automatically generated pages from a video hosting service or e-learning platform, or you build a dedicated website then embed your videos across it.

Using a video hosting service or e-learning platform

If you don’t want the hassle of maintaining a website, this is the way to go. By using a video hosting service or e-learning platform, you can easily store your videos. These services are also useful if you want out-of-the-box monetization options for a video course.

Vimeo Showcases & Collections

Vimeo offers two ways of building out a quick video website:

  1. Showcases allow you to put together an elevated playlist, which is ideal for a short series. Plus, you get to create a nice looking webpage to accompany it. 
  2. Collections are designed to support Vimeo OTT. This is a subscription service for those looking to monetize a library of video in a simple way. It’s priced at $1 per subscriber per month.

Sprout video

Sprout video offers a lightweight CMS that can be used to create a video website with multiple pages – and applied sitewide to a custom domain of your choice. It’s a great choice if you want a simple plug-and-play solution, and you have a fairly large library of video content that you want to categorise by topic.  

If you have some CSS and HTML skills, you can customize Sprout video’s CMS somewhat. However, at that point you may be better off building a custom solution with WordPress.

Example video site from Sprout Video

Wistia Channels

Wistia Channels is a great solution if you have serialized video content that you’re publishing regularly, like a podcast. Channels allows you to combine audio and video, and create a branded landing page that looks a bit like a video streaming service. Plus, it includes unique pages for each video. 

You can run Wistia Channels on a standard Wistia account subdomain URL. But you can also embed it into any page on an existing website, if you use a simple JavaScript embed code – thereby straddling the options of video hosting service vs. own website.

An example of Wistia Channels in action

Kajabi

For video courses and courses that include videos alongside written content in particular, Kajabi is a great solution. It allows you to build a quick video website that you can easily monetize. Kajabi has a very simple WYSIWYG CMS that doesn’t require any web development skills to use. Plus, it can be integrated with an existing website.

Example video site created with Kajabi

Creating a video website

If you’d like to do something more custom, or integrate your videos as part of a bigger web experience, you could consider creating a website with a more traditional CMS before embedding your videos. The advantage of this is not only in being able to build something precisely to your design and structure specifications, but also in having a web property capable of driving traffic from organic search and organic video sources.

WordPress is the ideal base technology

In the vast majority of cases, the best CMS for creating a video portfolio, series or course website will be WordPress. With thousands of video gallery plugins and integrations with all the major video hosting platforms, WordPress gives you all the options you need for a custom video website. Plus, it’s very simple and requires little technical know-how. You can very simply include videos from almost every platform in any page you created with the Gutenberg editor. Meaning: video can be part of the fabric of your WordPress site out of the box.

And if you use WordPress, you can also use the Yoast Video SEO plugin! The video SEO plugin ensures that your videos are indexed in Google, so you can drive more traffic to your website through video search.

Yoast Video SEO plugin

Options for integrating videos in WordPress

If you want to integrate your videos more elaborately within your chosen page types, there are a lot of great options out there.

LearnDash

LearnDash is a great plugin for a course-type video execution. It allows you to include videos from any source, like YouTube or Wistia, then create user playback triggers for course progression.

Wistia Channels

As with the standalone solution, Wistia Channels works really well as a way of creating a video gallery within any other page or page type. It creates unique URLs for every video within the gallery. These URLS are indexable by Google, which is great for your SEO.

All-in-one video gallery

This plugin is a bit like a mini CMS within a CMS. It allows you to build a fairly feature-rich video gallery experience within a WordPress website, bringing in videos from YouTube and elsewhere. All-in-one video gallery is a reasonable solution if you want a simple and traditional catalogue of your videos within a single page.

Example of All-in-one video gallery

In conclusion: building a video website is fairly straightforward and shouldn’t feel intimidating. Whatever your needs, there are great options out there.

Read more: How to stop videos negatively impacting Core Web Vitals »

Coming up next!

Forminator WordPress Plugin Vulnerability Affects Up To 400,000+ Websites via @sejournal, @martinibuster

The U.S. Government National Vulnerability Database (NVD) published notice of a critical vulnerability affecting the Forminator WordPress Contact Form plugin up to an including version 1.24.6.

Unauthenticated attackers can upload malicious files to websites which, according to the warning, “may make remote code execution possible.”

The vulnerability score rating is 9.8, on a scale of one to ten, with ten being the most severe vulnerability level.

Screenshot Of Wordfence Advisory

Image showing that the Forminator WordPress Plugin vulnerability is rated 9.8Screenshot from Wordfence.com

Vulnerability To Unauthenticated Attackers

Many vulnerabilities tend to require an attacker to first attain a WordPress user level before they can launch an attack.

For example, some vulnerabilities are available to those with a subscriber user level, others require contributor or admin level in order to perform an attack.

What makes this vulnerability particularly worrisome is that it allows unauthenticated attackers, those with no user level at all, to successfully hack the site.

A second reason why this vulnerability is rated 9.8 on a scale of 1 – 10 (critical) is that the attacker can upload an arbitrary file, which means any kind of file, like a malicious script.

The National Vulnerability Database (NVD) describes the vulnerability:

“The Forminator plugin for WordPress is vulnerable to arbitrary file uploads due to file type validation occurring after a file has been uploaded to the server in the upload_post_image() function in versions up to, and including, 1.24.6.

This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site’s server which may make remote code execution possible.”

Remote Code Execution

A Remote Code Execution (RCE) vulnerability is a type of exploit where the attacker can execute malicious code on the attacked website remotely from another machine.

The damage from this kind of exploit can be as severe as a full site takeover.

Contact Forms Must Be Locked Down

WordPress plugins that allow a registered or unauthenticated users to upload anything, even text or images, must have a way to limit what can be uploaded.

Contact Forms must be especially locked down because they accept input from the public.

RCE Not Specific To WordPress

These kinds of vulnerabilities are not particular to WordPress, they can happen to any Content Management System.

WordPress publishes coding standards for publishers to know how to prevent these kinds of things.

The WordPress developer page for plugin security (Sanitizing Data) explains how to properly handle uploads from untrusted sources.

The developer page advises:

“Untrusted data comes from many sources (users, third party sites, even your own database!) and all of it needs to be checked before it’s used.

Sanitizing input is the process of securing/cleaning/filtering input data.

Validation is preferred over sanitization because validation is more specific.

But when “more specific” isn’t possible, sanitization is the next best thing.”

Has the Forminator Contact Form Plugin Fixed The Vulnerability?

According to National Vulnerability Database and the Wordfence WordPress security company, the issue has been addressed in version 1.25.0.

Wordfence recommends updating to the latest version:

“Update to version 1.25.0, or a newer patched version…”

Forminator Plugin Changelog

A changelog is a record of all the changes made to a software. It allows users to read it and determine whether or not they want to update their software.

It’s a good practice to let your users know that a software update contains a fix (called a patch) for a vulnerability.

This lets users know that a particular update is urgent so that they can make an informed decision about updating their software.

Otherwise, how would a software user know that an update is urgent without the changelog informing them, right?

Judge for yourself whether the Forminator changelog offers sufficient notification to their users about a vulnerability patch:

Screenshot of Forminator Changelog

Forminator Contact Form for WordPress Plugin changelog

Sources:

Read the official National Vulnerability Database advisory:

CVE-2023-4596 Detail

Read the Wordfence advisory on the Forminator WordPress Contact Form Plugin Vulnerability

Forminator <= 1.24.6 – Unauthenticated Arbitrary File Upload

Read the Exploit Database report on the Forminator Contact Form vulnerability

WordPress Plugin Forminator 1.24.6 – Unauthenticated Remote Command Execution

Featured image by Shutterstock/ViDI Studio

WordPress Releases Free Course On Building & Monetizing Membership Sites via @sejournal, @martinibuster

WordPress just released a free course on how to make money with a membership site that walks through the process of setting it up, deciding the best payment plans and managing subscriptions.

The step by step guide is useful for anyone with a skill or knowledge to teach, a perfect way to start a new income stream.

What Is A Membership Site?

A membership site is a type of business that offers a group of people access to exclusive information.

The offering can be group lessons on creative writing, crafting, tying fishing flies, yoga, music class, art school and virtually anything else that can be taught.

The membership site can be executed by video, it could be in the form of an online community, it could even be a site that offers training videos and articles on a topic.

WordPress Course On Building A Membership Site

The course is called Membership Sites 101.

It provides a foundation for understanding the process of getting a membership site up and running, including design, monetization and recommended plugins.

WordPress announced the following learning topics:

  • “Setting up the Paid Content Block: Learn how to blend free content with paid content and entice new members with exclusive perks.
  • Crafting membership plans:
    Discover the magic of one-time, monthly, or annual payments, along with the power of “Pay what you want.”
  • Multiple membership levels:
    Unveil the secrets of Bronze, Silver, and Gold levels, or even create specialized topical memberships.
  • Managing subscriptions:
    Get insights on handling subscribers, earnings, and payment plans with ease.”

Membership Sites 101

The course takes about one hour and thirty minutes to complete.

It’s entirely self-guided and paced in short lessons that won’t overwhelm first timers.

WordPress lists the following topics for learning:

Three methods for setting up a membership site:

  1. Privacy and Password Protection
  2. Paid Content blocks
  3. Membership plugins

Suggestions for different types of membership sites

Guidance on choosing and setting up different membership levels

Ideas for a range of different types of content to include

What Is Needed To Learn?

The course assumes a basic understanding of how to use WordPress.

Students should be prepared to go through the information twice to make sure it is fully understood.

There is also a WordPress Education Community Forum for support if at any point a student needs assistance.

Read the full announcement:

Membership Sites 101

Featured image by Shutterstock/pAbscent Vector

WordPress Announces 100-Year Domain Name Registrations via @sejournal, @martinibuster

WordPress.com announced a one hundred year domain registration that comes with managed hosting and 24/7 customer service and other features for one price.

WordPress 100-Year Plan

The typical maximum domain name registration period is capped at ten years.

So it’s quite unusual to be able to register a domain for one hundred years.

WordPress calls this new offer the 100-year plan.

The cost of the 100 year domain name registration is $38,000 USD.

That works out to $380 per year for hosting and domain registration.

What Comes With WordPress Century Plan?

The official announcement named these features that come with the plan:

  • Domain secured for one hundred years
  • Multiple backups across data centers in different geographic locations
  • “Top-tier” managed WordPress hosting
  • Unmetered bandwidth (means unlimited traffic)

Dedicated and personalized support that’s available 24 hours per day, seven days a week

Who Is The 100 Year Plan For?

WordPress says that the plan is designed for individuals, families and company founders who want to document their company’s legacy.

The announcement explains:

  • “Families who wish to preserve their digital assets—the stories, photos, sounds, and videos that make up their rich family history—for generations to come.
  • Founders who want to protect and document their company’s past, present, and future.
  • Individuals seeking a stable, flexible, and customized online home that can adapt to whatever changes the future of technology will bring.”

At this time it feels apparent that the usage they have in mind are individuals who want to create a lasting way to communicate their stories.

Matt Mullenweg, CEO of WordPress.com is quoted as saying:

“Whether it’s giving a newborn the special gift of a domain and lifetime home on the web, or something you put in your will to make sure your website and story are accessible to future generations, I hope this plan gets people and other companies thinking about building for the long term.”

Signing up for the plan is simple, just fill out a form at the WordPress.com website.

Read WordPress.com’s announcement:

Introducing the 100-Year Plan: Secure Your Online Legacy for a Century

Sign up for the 100-Year Plan here

Featured image by Shutterstock/Roman Samborskyi

WordPress 6.3: A more intuitive way to work on your site

Yesterday, WordPress 6.3 was released! And this is definitely an update you want to check out. It comes with a renewed site editor, lots of new design options, and improvements in terms of performance and accessibility. Especially the updated site editor got us excited, it makes working on your website a breeze! In this post, we’ve listed the highlights of this week’s release that you will definitely want to know more about!

The site editor has a few new features

The site editor in WordPress has been a focus point for a while now, and the release of WordPress 6.3 brings it to a new level. Some of you might already be using the site editor to make changes to your website, and some of you might not use it at all. But with this release of WordPress, it’s definitely worth another look. You can easily access the editor by going to Appearance > Editor in the left side menu when you’re in the backend.

So why should you check it out? Well, the editor in WordPress 6.3 doesn’t just allow you to change the style elements of your site, it also allows you to edit pages right away, create patterns and control your navigation menus. Meaning that the editor comes in handy when you need to make quick changes to your website. That being said when you make bigger changes to your content, we would recommend using the post or page editor to make sure you don’t miss out on any essential feedback by the Yoast SEO plugin. But for quick changes or improvements to your menu or design, this is a welcome improvement. Bringing all of this together in one place saves us some clicking around and it all works in quite an intuitive way.

Change the navigation, style, pages, templates and patterns of your website right in the site editor

New navigation in the site editor

The menu on the left of the site editor has changed with this new WordPress release. As you can see in the image above, the menu now has several new items in addition to the Templates section. Now you can also select Navigation to manage your menus. You can use Styles to change up the design of your entire site or specific blocks. Click pages to browse and edit existing pages on your website, or even create a new one. Go to templates to create new ones or edit the ones you already have. Lastly, patterns gives you an overview of your patterns and template parts, also giving you the option to create a new one. It seems simple because it is, and that’s exactly why it works so intuitively.

Get more control over your design

This release comes with several features that allow you to take more control over what your pages look like. For one, WordPress 6.3 comes with enhanced padding and margin controls. You can select a block, click Dimensions in the right panel and use the slider to adjust the padding and margin per block. Making it easier to select the right padding and margin right away.

New padding options in WordPress 6.3
Use the Padding slider to see the change in padding right away

There’s also the option to select different aspect ratios for your images. This will help you make the image fitting for your page, without stretching it unintentionally. This can be especially helpful with images you’re using in patterns. Just select the image of which you want to change the dimensions, and use the aspect ratio dropdown in the right panel to select the image size of your choice.

Changes to the Cover block

WordPress 6.3 also brings us a few new options in the design of the Cover block. It now comes with layout options, helping you take control of how the text in your Cover block is styled. This may seem like a small thing, but all of these ‘smaller’ improvements give you more freedom in what your pages look like. It’s also possible to select duotone filters for your Cover blocks and play with the different dimensions like padding, margin and block spacing. Go check it out!

The Styles section and more

There’s loads more, and you can find a lot of it when you go to the Styles section in the site editor mentioned above. Here you can change up the general style of your website and the style you’ve set per block. Use this to style your paragraphs, quotes, buttons, headings, etc etc. It’s all there.

It’s also good to mention that the new release comes with style revisions. This means that you can keep an eye on the changes you’ve made to the design of your site and click through previous versions of your site. It also allows you to restore previous designs with one click.

Two new blocks to play with

Lately, every new release of WordPress comes with new blocks and this one is no exception. The two blocks that are added to the library this time are the Details block and the Footnote block.

The Details block allows you to hide content that people can access if they choose to do so. This could be helpful if you want to elaborate on something but don’t want your page to become too long. The content that is initially ‘hidden’ can be text, images or other media. It’s also good to note that search engines will still be able to see the content you hide when using this block. So you don’t have to worry about that having a negative impact on your SEO.

Detail block in WordPress 6.3
Example of the Detail block with content hidden
WordPress 6.3: detail block collapsed
Example of the same Detail block with the content shown

The second block that has been added is the Footnote block, which does pretty much what you expect it to do. It allows you to add a footnote (or multiple) to your post. Before, this had to be done by using a plugin, but now it’s possible with a block that’s part of the WordPress block library. Just select the text and click the arrow that points down in the toolbar to find the footnote functionality.

WordPress 6.3: Footnote block
Adding a footnote to a blog post with the Footnote block

Reusable blocks are now patterns

Reusable blocks allowed you to create a block (filled with content and/or media) and use it on different parts of your website by simply selecting it. These reusable blocks have gotten a sort of revamp and are now available in the form of Patterns.

Creating a pattern in WordPress 6.3
Creating a pattern in WordPress 6.3 with help from the block inserter

A pattern allows you to choose whichever blocks you like, style them however you want them to look and save them to use throughout your website. Using specific patterns in different spots can save you time and help you keep your website and pages consistent. You can choose to sync a pattern, meaning that that one change will apply to all parts of your website. Keeping you in control.

Meet the WordPress command palette

Command Palette in WordPress 6.3
Using the WordPress command palette in the post editor

WordPress 6.3 introduces us to a new command palette. Access this palette by going to your post editor or site editor and using the ‘ctrl + k’ or ‘command + k’ keyboard shortcut. This allows you to type in a command (it will load suggestions as you type) and do what you want to do a lot faster. The command palette offers an API for third-party developers to (un)register commands, but it also comes with a list of core commands by default. To give a few examples:

  • Navigating the site editor
  • Creating new posts and pages
  • Toggling editor preferences (such as distraction-free mode)
  • Toggling UI elements.

Dropping support for PHP 5

With the 6.3 release, WordPress is officially dropping support for PHP 5. Meaning that PHP 7.0.0 is now the minimum required PHP version. That being said, the recommended version of PHP remains at 7.4 or higher. Until now, the minimum PHP version that is being supported is 5.6.20. Although there isn’t a specific usage percentage that the PHP version has to fall below to get dropped, historically the team has used 5% as the baseline. Now that the percentage of PHP 5.6 usage users is 3.9% (and dropping), it’s time to drop support for PHP 5.

Technical enhancements in WordPress 6.3

Of course, a WordPress release isn’t complete without several performance and technical enhancements. Also, as with the last few releases, there was a strong focus on accessibility. Making WordPress more accessible with every new version that’s being released. For example, tab and arrow-key navigation has been improved, the heading hierarchy has been tweaked and new controls in the admin image editor make it easier for assistive technologies to navigate WordPress websites.

Rollback feature for failed plugin/theme updates

WordPress 6.3 comes with a rollback feature, which is worth mentioning here. This feature restores the previously installed version when a manual plugin or theme update fails. That way, website owners can be sure that their website is still available to their users when an update fails. As mentioned above, this will happen when a plugin or theme is manually updated. This feature will also become available for automatic updates in a future WordPress release.

A lot of the technical enhancements and features are focused on improving the performance of your website. If you’re interested in reading more about this (and what else you can find in WordPress 6.3), check out the Field Guide.

WordPress 6.3: A short recap

This release wraps up the second phase of Gutenberg, but that doesn’t mean it’s done. It’s onwards to the next phase of Gutenberg, which will probably once again bring us lots more in terms of intuitive features and accessibility. We can’t wait and hope you enjoy this new update of WordPress as much as we do!

Read more: WordPress is 20 years old: The CMS that revolutionized the web! »

Coming up next!

How To Use Multilingual Localization To Extend Your Reach – Ep. 319 via @sejournal, @lorenbaker

Multilingual Mastery: Amplifying Your Business Reach Through Localization

Have you wondered how to expand your business’ reach across different languages and cultures? Do you know what role multilingual and localized content can play in your business?

Naoko Takano, Localization and Community Program Manager for WordPress, joined me on the SEJShow to explore the significance of localization and internationalization in WordPress’ mission.

Naoko has been involved with WordPress localization since its infancy and has seen firsthand how multilingual localization has built larger communities around businesses.

Learn the power of multilingual content and what it means for effectively broadening your reach online. Discover tips and opportunities for your business to collaborate across different cultures and how to leverage this power to improve your ROI.

WordPress, being an open-source solution from WordPress.org, your mission is to empower the publisher. –Loren Baker, 06:45

One of the advantages WordPress has is that we have so many different types of languages, and it’s possible to add more languages as long as there are translators. –Naoko Takano, 13:49

The mission of WordPress is democratizing publishing. Our mission is to reach all the people using the internet and want to publish, not only in English-speaking countries. So yes, we want to expand beyond. –Naoko Takano, 23:28

[00:23] – About Naoko.
[02:18] – WordPress localization and global growth.
[06:45] – Open source as WordPress.org’s growth driver.
[08:49] – The role of translation in WordPress business expansion.
[10:58] – Volunteer-driven operations at WordPress.org.
[12:55] – WordPress plugins vs. enterprise CMS for expanding businesses.
[13:49] – WordPress’ multilingual capabilities.
[14:55] – Anticipation of multilingual support in WordPress core software.
[16:07] – Balancing WordPress’ multilingual offerings with business interests.
[16:54] – Gutenberg’s fourth phase: Multilingual support?
[17:07] – Adapting translation plugins for WordPress’ block editor.
[19:54] – WordPress’ growth in the Spanish market.
[21:52] – The most active countries in WordCamps events.
[23:12] – The impact of translation on WordPress.org’s international usage.
[24:42] – Democratization through cultural collaboration in WordPress.
[26:12] – Localization in WordPress: More than translation.
[30:15] – The future of multilingual WordPress.
[32:48] – The international WordPress community’s size.
[34:07] – Site translation and localization for various audiences.
[36:24] – Connecting with the WordPress community online.

Resources Mentioned: https://wordpress.org/

I would like to see a more technology-assisted way for us to read and reach the audience in different parts of the world. That helps us find more engaging content and allows the content provider to reach further than the limitation of their language area. –Naoko Takano, 30:55

We benefit as a community by using the version we are familiar with and providing that to the client. The backend is also translated, which helps people make the plugins usable without the language barrier. –Naoko Takano, 08:49

We, the translation community, always say over 20,000 active people have been translating something within a year or so.–Naoko Takano, 32:52

For more content like this, subscribe to our YouTube channel: https://www.youtube.com/user/searchenginejournal

Connect With Naoko Takano:
Naoko Takano is the Localization & Community Program Manager at Automattic with over ten years of experience in the US. She specializes in software localization and English-Japanese translation and applies her expertise to WordPress support, technical writing, and community organization.

A full-time contributor to the WordPress Polyglots and Community Teams for almost two decades, Naoko works as a Polyglots Global Mentor and General Translation Editor (GTE) for Japanese, aiding translation contributors and enhancing WordPress accessibility across different languages.

Connect with Naoko on LinkedIn: https://www.linkedin.com/in/naoko/
Follow her on Twitter: https://twitter.com/naokomc

Connect with Loren Baker, Founder of Search Engine Journal:
Follow him on Twitter: https://www.twitter.com/lorenbaker
Connect with him on LinkedIn: https://www.linkedin.com/in/lorenbaker

Yoast SEO’s hidden features that secretly level up your SEO

If you use Yoast SEO on your site, you’re probably familiar with features like the SEO analysis or the snippet preview. You might also know our inclusive language analysis, and how easily you can link to related posts or create redirects in the premium version of the plugin. But there’s (much) more! For instance, the Yoast SEO plugin has so-called hidden features. You won’t find them in your settings, but they do great work. Today, we’ll dive into these hidden features: which ones do we have and how do they lighten your load?

Why hidden features?

You can optimize a website in many different ways. Imagine having a toggle for all these options! That’s why, when developing our Yoast SEO plugin, we decided not to translate all these options into settings. If we believe something is beneficial for every Yoast SEO user, we turn the feature on. We call these features hidden features because as a user you’re not necessarily aware of their existence. You might even think we don’t have certain features because there’s no setting for it. But the opposite is true! We’re quietly taking care of things for you.

The hidden features of Yoast SEO

To help you understand what Yoast SEO does for your website in the background, we’ve listed some of the hidden features for you below. Let’s go through them one by one!

1. A structured data graph

Yoast SEO outputs a fully-integrated structured data graph for your posts and pages. But what is a structured data graph? And how does it help you optimize your site? To answer these questions, you first need to know what Schema is.

A few years ago, search engines came up with something called Schema.org to better understand the content they crawl. Schema is a bit like a glossary of terms for search engine robots. This structured data markup will help them understand whether something is a blog post, a local shop, a product, an organization or a book, just to name a few possibilities. Or, whether someone is an author, an actor, associated with a certain organization, alive or even a fictional character, for instance.

For all these items there’s a set of properties that specifically belongs to that item. If you provide information about these items in a structured way – with structured data – search engines can make sense of your site and the things you talk about. As a reward, they might even give you those eye-catching rich results.

How does the Yoast SEO plugin help?

Adding structured data to your site’s content is a smart thing to do. But as the number of structured data items grows, all these loose pieces of code can end up on a big pile of Schema markup on your site’s pages. Yoast SEO helps you prevent creating a big and unorganized pile of code. For every page or post, our plugin creates a neat structured data graph. In this graph, it connects the loose pieces of structured data with each other. When the pieces are connected, a search engine can understand, for instance, that a post is written by author X, working for organization Y, selling brand Z.

You can even build full how-to articles and FAQ pages using the free structured data content blocks in Yoast SEO!

A structured data graph: Yoast SEO connects blobs of Schema markup in one single graph, so search engines understand the bigger picture.

If you want to learn more about structured data, we’d advise reading Edwin’s story on how Yoast SEO helps search engine robots connect the dots.

2. Self-referencing canonicals

Canonicals were introduced as an answer to duplicate content quite some time ago. So, what’s duplicate content? Duplicate content means you’ve published content that is the same or very similar to other content on your site. In other words: it’s available on multiple URLs. This confuses search engines. They start to wonder which URL they should show in the search results.

Duplicate content can exist without you being aware of it. In an online store, for instance, one product might belong to more than one category. If the category is included in the URL, the product page can be found on multiple URLs. Another example would be campaign tags. If you add these tags to your URLs when you share content on social or in your newsletter, it means the same page is available on a URL with and without a campaign tag. And there are more technical causes for duplicate content such as these.

The solution for this type of duplicate content issues is a self-referencing canonical. A canonical URL lets you say to search engines: “Of all the options available for this URL, this URL is the one you should show in the search results”. You can do so by adding a rel=canonical tag on a page, pointing to the page that you’d like to rank. In this case, you’d need the canonical tag to point to the URL of the original page.

How does the Yoast SEO plugin help?

Should you go through all your posts now and add the canonical tag? Not if you’re using Yoast SEO. The plugin does this for you, everywhere on your site: single posts and pages, homepages, category archives, tag archives, date archives, author archives, etc. If you’re not really a techy person, the canonical isn’t easy to wrap your head around. Or perhaps you simply don’t have the time to focus on it. Why not let Yoast SEO take care of it? Then you can move on to the more exciting stuff!

Read more: rel=canonical: the ultimate guide »

3. Paginated archives with rel=next / rel=prev

Another hidden feature in Yoast SEO is rel=next / rel=prev. It’s a method of telling search engines that certain pages belong to an archive: a so-called paginated archive. A rel=next / prev tag in the header of your site lets search engines know what the previous and the next page in that archive is. No one other than people looking at the source code of your site and search engines see this piece of code.

Not so long ago, Google announced that it isn’t using rel=next/prev anymore. Does this mean we should do away with this feature? Certainly not! Bing and other search engines still use it, so Yoast SEO will keep on adding rel=next / prev tags to paginated archives.

Keep reading: Pagination and SEO: best practices »

4. Nofollow login & registration links

If you have a WordPress site, you most likely have a login link and a registration link for the backend of your site. But the login or registration page of your backend are places that visitors and search engines don’t ever need to be.

Therefore, Yoast SEO tells search engines not to follow links for login and registration pages. Yoast SEO makes sure that search engines will never follow these links. It’s a tiny tweak, but it saves a lot of unneeded Google action. 

5. Noindex your internal search results

This hidden feature is based on Google’s Search Essentials documentation. Google wants to prevent users from going from a search result in Google to a search result page on a website. Google, justly, considers that bad user experience.

You can tell search engines not to include a certain page in their search results by adding a noindex tag to a page. Because of Google’s guidelines, Yoast SEO tells search engines that they shouldn’t display your internal search results pages in their search results with a noindex tag. But the links on these pages can still be followed and counted, which is better for your SEO. The plugin tells them not to show these pages in the search results; the links on these pages can still be followed and counted which is better for SEO.

Read on: Which pages should I noindex or nofollow on my site »

6. Removal of replytocom variables

This last hidden feature is quite a technical one. In short, it prevents your site from creating lots of URLs with no added value. WordPress has a replytocom feature that lets you reply to comments without activating JavaScript in your browser. But this means that for every comment, it creates a separate URL with ?replytocom variables.

So what happens if you get a lot of comments? Search engines then have to index all those URLs, which is a waste of your crawl budget. Therefore we remove these variables by default.

But that’s not all..

Our plugin comes with loads of features and settings that will benefit the online visibility of your website. The free version of Yoast SEO already gives you access to a lot of features that will help you do well in the search results. Yoast SEO Premium gives you access to additional tools, like the internal linking suggestions or the redirect manager. This makes many SEO-related tasks much easier and saving you time.

Buy Yoast SEO Premium now!

Unlock powerful features and much more for your WordPress site with the Yoast SEO Premium plugin!

Keep on reading: Why you should buy Yoast SEO Premium »

Become a Yoast SEO pro series

Coming up next!

WordPress Paying Google Domains Transfer Fees via @sejournal, @martinibuster

WordPress.com announced that they are paying the domain transfer fees for Google Domain customers, and is committed to keeping domain registration prices low.

WordPress.com is matching Google’s pricing on over 400 top-level domains that are offered by WordPress.com.

Existing WordPress.com customers will also benefit from rock bottom prices on domain name registrations.

According to WordPress.com announcement:

“You may have heard that your account has been sold to Squarespace. Everything is expected to transfer and close later this year.

Fortunately for you, you’re not locked into that deal.

And we think we can do better.

For the first million domains that move from Google to WordPress.com, we’ll pay your transfer fee, which also extends your registration for an additional year. “

Are WordPress.com Domain Registrations Cheap?

Yes, registering a domain with WordPress.com is very low priced, matching the low prices that Google Domains charges.

  • GoDaddy charges $21.99 per year for registering a dot com domain.
  • WordPress.com only charges $12 per year for the same dot com domain.

It was announced that WordPress intends to keep domain registration prices low from now on, only raising the prices when the wholesale prices rise.

The official WordPress.com announcement says that they intend to offer budget priced domain names as a permanent business model.

WordPress.com explains:

“This isn’t a temporary thing.

We’re committed to keeping domain prices low, and will only raise them if our wholesale costs go up (we’ll run our domains business like Costco).”

WordPress.com is a Domain Name Registrar

WordPress.com is a different company from WordPress.org. WordPress.org is the CMS that everyone loves and uses.

WordPress.com is a part of the Automattic family of brands like WooCommerce, Jetpack, Akismet, Gravatar and other companies.

WordPress.com offers managed WordPress hosting.

Managed WordPress hosting is a hosting environment that is optimized for WordPress websites.

WordPress.com is also a domain name registrar.

Why Register a Domain With WordPress.com?

WordPress states that their service is superior in many ways to Google, GoDaddy and DigitalOcean.

The WordPress.com announcement explains:

“Our DNS speeds are faster than Google, GoDaddy, and DigitalOcean. But don’t take our word for it. Feel free to check for yourself at dnsperf.com. “

These are the advantages of registering domains at WordPress.com:

  • Faster DNS Speeds
  • Free privacy protection (some exclusions for non-U.S. domains)
  • Free SSL for domains hosted on WordPress.com
  • Low pricing on domain names

Lastly, WordPress.com is a trusted name on the web, known for their commitment for an open web for the entire world. committed to the democratization of

How to Transfer a Domain From Google Domains to WordPress.com

The process for transferring a domain is similar to transferring it to any other registrar.

The first step is to unlock the domain at your current domain name registrar, in this case at the Google Domains dashboard.

At the Google Domains dashboard you select which domains you want to transfer, then click on the Registration Settings located in the sidebar menu.

Then click on the Domain is Unlocked toggle switch.

Once the domain is unlocked, scroll down to the Transfer Out section then click on the link labeled, “Get auth code.”

From there you can visit the WordPress.com Domain Transfer page and follow the prompts.

You can also start at the Transfer your Google domains page at WordPress.com for full instructions.

Read the official WordPress.com announcement:

Transfer Your Google Domains to WordPress.com—On Us

Featured image by Shutterstock/Studio Romantic