Envelope

Ready to ‘next-level’ your business? Consider CaboPress

If you’re like me, you can’t begin to count the number of conferences you’ve been to throughout your career. But, you can count on one hand the ones that truly made a difference. We love WordCamps, proven by the number Zeeksters have spoken at or helped to organize. I’ve been lucky to attend several WordCamp Business Tracks that gave me amazing, practical advice on the nuts and bolts of running a company. But when it comes to wanting to achieve things you’ve never achieved before, nothing you’ve done before will do. You can’t learn how through one 45 minute presentation at a time over the course of a year. Because of this, there’s CaboPress. Registration for 2017’s edition of CaboPress opens soon, and you can sign up for updates by email starting now. Here’s why you should apply for this invitation-only masterclass in management.

What is CaboPress?

Founded and hosted by Zeek’s Board of Directors Chair Chris Lema and his wife Melissa, CaboPress is a conference of a different kind. We gathered at the Fiesta Americana Resort in Cabo San Lucas for a week of poolside dining and intense conversations. The ground rules set CaboPress apart:

  • Instead of presentations, the “hosts” led conversations in two sessions of two conversations each day, and only in the morning.
  • These discussions took place in one of the resort’s pristine pools, with views of the ocean. No laptops, and limited note taking on phones through waterproof bags.
  • The lack of electronics and recording means no barriers or reasons not to be completely engaged, open, and honest about your business challenges. Plus, everyone feels a little exposed in their swimwear, so no worries about breaking the ice – it’s already done. Now let’s play ‘Who’s got the most tattoos?’!
  • We ate three meals together each day as a group, and got to know some of the fascinating attendees we didn’t know well before. We had smaller groups to meet with for lunch to discuss that morning’s sessions.
  • No schedule for the afternoon, so we could relax or get a little work done as needed.
  • Evenings featured after-dinner drinks, socializing, and cigars (this is a Chris Lema production, after all).

Why You Should Go

The Attendees

Fellow CaboPressers are a hand-picked group of company founders, CEOs, marketing experts, project managers, and even a clinical psychologist who specializes in the challenges founders and other executives face. They’re from companies with names you recognize if you’ve been on the WordCamp circuit, and they’re available for any questions you might have. In such a casual atmosphere, it’s easy to open up and talk about challenges you’re facing.

The Hosts

We had brilliant people from many different kinds of backgrounds leading our morning discussions, including Jason Cohen (founder and CTO, WP Engine), Zeek’s own Steve Zehngut, Jeff King (SVP & GM of Hosting, GoDaddy), Jennifer Bourn (partner, Bourn Creative), Sherry Walling (clinical psychologist), Karim Marucchi (CEO, CrowdFavorite), Brian Clark (founder and CEO, Rainmaker Digital) and of course, Chris Lema.

Every discussion was an active one – definitely no falling asleep in your chair here. As though the universe offered a reward for a particularly good session, we saw a whale breaching just off the shore one morning.

The Setting

Steve Zehngut and Sarah Wefald at CaboPress
Me and Steve, on a pirate ship

Simply put, it’s paradise. You can see the ocean, eat and drink on the all-inclusive resort plan, hang out by the pool, or go into town to get a little of the local experience. I was still doing some work that week, and developing many ideas for how I’d want to implement what I was learning back at the office, but I’d never felt so relaxed. The ability to disconnect and focus on the “why” and “how” of what I do instead of on the daily list of “whats” was a gift. Look how relaxed Steve and I look!

If you want to get something you’ve never had, you have to do something you’ve never done — and I don’t mean rob a guy and steal his boat. We all have high opinions about our own achievements and skill sets, but when it comes down to it, perspective is necessary to get to that next level. We can’t give ourselves that perspective by definition. One answer on where to get that perspective is CaboPress. Hope to see you there.

So what are you waiting for? Sign up now to be notified when the application window opens.

Sign Up Now

XML-RPC, the REST API, and WordPress security

We spend a lot of time at the Orange County WordPress Meetup talking about how to make your site more secure. A few basic tips we discuss are: don’t use “admin” as your username, follow best practices when creating your passwords,  and if you’re an advanced developer, consider changing your database prefix from “wp_” to something else. However, the more advanced WordPress becomes, the more things there are for us to consider for security. There’s no better time than the start of the New Year to make a resolution to protect your site! Two advanced WordPress features to consider for security are XML-RPC and the new REST API.

Secure your XML-RPC and REST API today!

XML-RPC

One of the files in your WordPress install is something called xmlrpc.php. This piece of code is an API that allows for external software to perform basic functions on your site like publishing a post, uploading an image, and more. If you’ve ever used a utility like IFTTT.com to create posts on your site, you’ve made use of the XML-RPC API. Some features of Jetpack also use XML-RPC.

As useful as this feature is, it can also be a point of vulnerability. Hackers can target XML-RPC with DDoS attacks via pingbacks and even brute force login attempts, which can make your site inaccessible.

Thankfully, there are several ways to protect yourself. One option is to disable XML-RPC altogether; however, this isn’t the right choice for all sites, especially if you need to use these functions.

You can have your XML-RPC cake and eat it too by using security plugins like Wordfence or Sucuri to prevent these attacks.

REST API

WordPress’ REST API is one of our favorite features. We’ve extended it considerably in our work using WordPress as the content management system for our mobile apps, so data is easy for clients to manage and easy to share data between platforms. But, like XML-RPC, this feature is prone to abuse.

A few days ago, GHacks.net pointed out that by default, the REST API is accessible to anonymous users. This means that anyone who goes to {yourdomain.com}/wp-json/wp/v2/users can access a list of all your site’s registered users. Though this information by itself doesn’t make your site vulnerable, it could provide a hacker what they need to cross-reference with other data, or give them a place to focus a social engineering attack, to crack an administrator’s password.

In WordPress versions 4.4 to 4.6, it was possible to disable to REST API altogether by using a filter. However, this filter was removed in version 4.7. Instead, you can use a plugin like Disable REST API to block anonymous users from accessing your site’s information. This option keeps the API available to authenticated users.

Shutting it off isn’t always the answer

Both the REST API and XML-RPC are genuinely useful features. Even if you’re not using them now, it’s a good idea to keep your options open. There’s no such thing as 100% security for a website, but plugins like the ones mentioned above put you on the right path.

Zeek Speaks: WordCamps Orange County, Los Angeles, and Nashville 2016

We love WordCamp, so we get involved as much as we can. A WordCamp is a weekend event in cities all over the world where people get together to talk about how they use WordPress. You’ll find members of our team organizing WordCamps both here in Orange County (20152016, and 2017) and in Chicago (2013), and speaking at as many WordCamps nationwide as we can.

This summer, Zeeksters spoke at WordCamps in Orange County, Los Angeles, and Nashville.

WordCamp Orange County

In Orange County, Steve Zehngut, me, and David Arceneaux all served on the organizing committee, and Jacob Arriola and Aaron Holbrook presented on WordPress development.

Jacob’s topic was “Getting Started with SVGs for WordPress Theme Building.” He showed WordCampers how to use vector graphics to maximize page load speeds and to make the site look its best on retina screens.

Watch Jacob’s presentation on WordPress.TV:


Aaron led a discussion session on how to improve WordPress search, focusing on his work integrating Elasticsearch to replace WP’s native search functionality.

WordCamp Los Angeles

In Los Angeles, Jacob Arriola flexed his knowledge of Flexbox page layouts in his presentation. He walked the audience through a starter theme he developed. You can view his GitHub code repo here to learn more.

Our founder Steve Zehngut organized the conference’s Sunday business track. Presenters spoke in two groups of three, with each group first giving talks on a business topic, followed by more than an hour of panel discussion. I spoke in the first group on Sunday morning about how to use the rules of improv comedy in project management.

WordCamp Los Angeles 2016 presentation by Sarah Wefald
Sarah Wefald’s presentation on how to use the rules of improv comedy to manage web and mobile app projects

WordCamp Nashville

The very next weekend, Steve flew to Nashville to deliver the keynote talk at WordCamp: How to level up as a WordPress professional.

We love going to WordCamps to share what we know and learn from others in the community. If you haven’t been to a WordCamp yet, we can’t recommend it highly enough, no matter how advanced or beginner-level your skills may be. If you don’t have a local WordCamp, you can host your own. Check out WordCamp Central to start a camp or to find a camp near you.

Chris Lema joins Zeek’s Board of Advisors

Steve Zehngut and Chris Lema
Me and Chris on a cigar safari

Chris Lema has been a trusted friend and informal advisor to me and to Zeek for several years. Today, I’m pleased to announce that we’ve made it official: Chris Lema has joined Zeek’s Board of Advisors.

The WordPress community already knows him through his vast library of blog posts, e-books, WordPress presentations, and even the occasional dinner. His reputation for being a kind but no-nonsense executive and coach is well-earned.

I founded Zeek more than 20 years ago. We’ve done a lot of amazing work that I’m very proud of, and we’ve built our agency around the WordPress community. No matter how far you’ve come, there’s always further you can go. We know Chris has the insight as well as foresight to help us “level up.”

Thanks for joining us, Chris. We’re proud of what we’ve done with your unofficial advice, and we can’t wait to see what we can do with your official leadership.

Ultimate Media Ventures launches first of three websites

Ultimate Media Ventures is an eSports agency that works with some of the top brands in gaming, producing events and crafting brand identities. Ultimate contacted us to help them create three sites encompassing their lifestyle, culture, and community commitment to gaming: their corporate site, an e-commerce site, and a news outlet. We’re proud to have launched the Ultimate Media Ventures corporate site in time for their appearance at Pax East.

ultimate

Design

When your events feature highly detailed, impressive production, and your clients are the top brands in gaming with console-quality graphics and strong identities, your corporate identity has to match. We brought in Robert Nienhuis of Nien Studios to collaborate with the Ultimate team to create a modern, cutting edge design that reflects Ultimate’s highly relevant and on-trend work.

Read More

Prudential Lighting launches redesigned website

Prudential Lighting is one of the country’s most sought-after custom lighting companies, specializing in architectural fixtures. They contacted us to create a new website to feature their many products and serve as a central point of communication between them, their customers, and their sales agents.

prulite-desktop

Redesign

Prudential puts a great deal of thought and effort into the design of their products, and they wanted their website to reflect their sleek, modern design principles. Robert Nienhuis of Nien Studios delivered a cutting edge user interface that allows their product photography to shine.

The company has a large product offering, so we paid special attention to presenting the information in a way that’s useful to the user, as well as supporting marketing messaging.

Read More

Heisenberg is now on Foundation 6

Last year, we open-sourced our internal WordPress starter theme, Heisenberg. It’s where we begin all of our WordPress custom theme projects and provides theme authors a starting point to build custom WordPress themes of their own. It’s based off of Automattic’s Underscores starter WordPress theme and ZURB’s Foundation for Sites.

Recently, ZURB released Foundation for Sites 6, and naturally, we’ve upgraded Heisenberg along with it to take advantage of the newest features.

Read More

What do you mean when you say ___? A Glossary of Terms

“What do you mean when you say ___?” Speaking with developers and development agencies can sound like a different language. When I start working on a new project with a new partner, my first order of business is to establish a mutually understood vocabulary so we can communicate as effectively as possible. Some partners come to us with less of a technical background than others, and that’s more than okay – we are happy to help, and we don’t judge.

This article is a list of some terms we use and what they mean in plain language you can use, even if you don’t know your HTML from your MySQL.

Read More