WordPress Security Best Practices

Web Development, WordPress | Posted by Keefr June 19th, 2017

Great article by iThemes, who just so happens to make a security plugin for WordPress. But seriously, the seven things that the article focuses on are things I’ve tried to focus on over my years as developer with my teams and employers.

I love too that it points out that exploiting sites isn’t usually a concentrated/personal attack, but rather bots constantly sniffing the Internet for exploits, sites that haven’t been patched, have exploitable, permissions etc.

Things like using HTTPS everywhere have gotten easier over the years as well, as free domain validation level certificates have become easy to do, providing your web host offers the service via something like Let’s Encrypt.

BTW, the iThemes Security Pro plugin has been a mainstay in all our WordPress installs. While some people don’t like actually paying for plugins, you should at least use their free version to harden your WordPress sites with ease.

Source: – 7 WordPress Security Best Practices

Thoughts on the Future of Front End Development

User Experience (UX), User Interface (UI), Web Development | Posted by Keefr May 29th, 2017

SEOHave I mentioned lately how much I love css-tricks.com? On top of the CSS depth that a site like CSS Tricks would come with, author Chris Coyer is knowledgeable across all things front end development.

He said he was recently asked to to speak on the future of front-end web development. He’s quick to make disclaimers that he’s just one man, but most of his points are in line with my experiences and gut as well.

Source: CSS-Tricks – What is the Future of Front End Web Development?

Target=”_blank” Vulnerability and How to Protect Your Sites

Browsers, How-Tos, HTML | Posted by Keefr May 1st, 2017

Markup / HTMLThis exploit is over a year old, but I just now came across it. Messing around with a security plugin for WordPress last week, there was a setting about combatting an exploit with target=”_blank” — something most developers use time and time again to open links to external sites in a new tab or window.

Turns out that hackers have found a way to exploit that as the target=”_blank” has partial access to the linking page via the window.opener object.

Luckily it’s real easy to combat, adding rel="noopener noreferrer" to each external link.

Source: JitBit – Target=”_blank” – the most underestimated vulnerability ever

Hamburger Menu Animation / Functionality Collection

CSS, JavaScript, User Experience (UX), User Interface (UI), Web Development | Posted by Keefr April 24th, 2017

Markup / HTMLThe hamburger menu isn’t going away anytime soon — neither on mobile nor desktop web designs and development.

Line25 published this collection of 20 examples of ways to implement and animate the showing/hiding toggle tied to the hamburger button. A lot are similar, but worth clicking through and trying out individually.

Source: Line25 – Demystifying the Hamburger Menu: 20 Hand-Picked Examples

Animated CSS Loaders

CSS | Posted by Keefr April 20th, 2017

What comes around goes around, right? A lot of these animated loaders done mainly with CSS harken back to the heyday of Flash — the initial experience taking a little longer than a person’s attention span. So to give the user a cue, a looping animation was created to indicate loading of the site/resources was in progress.

The list below shows 20 unique ways to show content is still in the process of being loaded.

Source: Line25 – Animated Loaders | 20 Unique Examples + Free Downloads