fiber optics

June 5, 2024 Woo Wednesday

Woo Commerce logo

Woo Wednesday Online Meetup at Noon Pacific Time

Join Up At: Meetup.com

Other Upcoming Meetups (Pacific Time)

Dallas/Fort Worth WordPress: Event PageFeaturing Eric L.

WORDPRESS HELP-DESK SUPPORT: List of WP Meetup Groups – By Eagle

Learn WP – Recording videos for demos, courses & more: June 5th @ 2:00 pm

Ottawa WP – WordPress Q&A: June 5th @ 4:00 pm

Accessibility WP – Six Levels of A11Y Maturity: June 6th @ 8:00 am

Seattle WP – Freelancers Meetup: June 6th @ 10:00 am

Buffalo WP – Monthly Meetup: June 6th 4:00 pm

Learn WP – Online Workshop for the WP Training Team: June 6th @ 5:00 pm

Santa Cruz/San Jose WP – News Updates & Help Desk: June 6th @ 6:00 pm

West Orlando WP – First Friday Collaboration Meetup: June 7th @ 7:00 am

Portland WP – Monthly Help Desk: June 8th @ 10:00 am

South Sound WP – Helpdesk & Hacking: June 8th @ 10:00 am

NYC WP – Gravatar; Profile-as-a-Service: June 10th @ 9:00 am

Cambridge WP – WordPress Beginner Issues: June 10th @ 11:00 am

Hudson Valley Can Code: AI & I/O Extended keynote watching: June 10th @ 3:00 pm

San Diego WP – Web Help Monthly Meetup: June 10th @ 6:00 pm

Portland WP – GenerateBlocks; Global Styles & Pattern Changes: June 10th @ 6:00 pm

Learn WP – Exploring Synced Pattern Overrides in WordPress 6.6: June 11th @ 8:00 am

Baltimore WP – All Levels: Online Ask Me Anything WordPress! June 11th @ 4:00 pm

Woo News

Woo Commerce Image

Current WooCommerce version is 8.9.2

From the WordPress Repository

“This release includes fixes to remove a request which stores some basic request data (including IP address of the site visitor) in our server request logs hosted on Automattic (Woo’s parent company) infrastructure for a maximum of 14 days in WooCommerce versions 7.8.0 through 8.9.1.”

WooCommerce 7.8.3-8.9.2: Dot Release and Backport Fixes

From the Woo Developer Blog, by pia8c

WooCommerce 7.8-8.9 have received important fixes.

We have detected an issue involving the unintended loading of a file on the frontend of WooCommerce storefronts for versions 7.8.0 through 8.9.1 See our developer advisory for more information.

June Office Hours: Performance and Scalability

From the Woo Developer Blog, by Shani Banerjee

Woo office hours this month will be on Wednesday, June 19 from 16:00 – 17:00 UTC ( 12:00 PM EST, 9:00 AM PST)

HPOS Full-text search for orders is available in experimental mode

From the Woo Developer Blog, by vedjain

“…availability of Full-Text Search (FTS) indexes in experimental mode starting with WooCommerce 9.0, to be released June 11, 2024. In HPOS, we moved order addresses to a separate table, and now, we support adding full-text search indexes to order addresses and order products.

When enabled, all the order searches will be automatically redirected to full-text search indexes. Additionally, we have also made the non-FTS search faster when using HPOS.”

Developer Advisory: Backporting Notice for WooCommerce Versions 7.8.0 – 8.9.1

From the Woo Developer Blog, by pia8c

“We are issuing this advisory to alert the WooCommerce community about an issue involving the unintended loading of a file on the frontend of WooCommerce storefronts for versions 7.8.0 through 8.9.1.

We have discovered a request which stores some basic request data (including IP address of the site visitor) in our server request logs hosted on Automattic (Woo’s parent company) infrastructure for a maximum of 14 days in WooCommerce versions 7.8.0 through 8.9.1. Starting with WooCommerce 7.8.0 and continuing through the most recent release, 8.9.1, the https://stats.wp.com/w.js file is loaded on every frontend page. Loading this file was introduced as part of a feature to register server-side tracking during REST requests, as documented in Issue #37796.”

Issue Overview

  • Problem: Any WooCommerce site with tracking enabled will load a file, https://stats.wp.com/w.js, on every frontend page. Our server request logs for this file collect data such as IP address, referrer, timestamp, user agent, HTTP version, response code, response size, and response time.
  • Impact: The script itself does not actively send tracking data to Automattic. The data stored in WordPress.com server logs is the same data that would exist on request logs of the server a store is hosted on when a user visits the storefront. However, out of an abundance of caution, and as part of our commitment to data privacy, we have decided to apply the fix to all affected versions of WooCommerce to prevent unnecessary requests for this file.

WooCommerce Updated to Address Data Tracking Issue

From the Woo Developer Blog, by Jay Walsh

“In May 28, 2024, Woo’s engineering team discovered an issue within WooCommerce (versions 7.8 and above) that caused the unintentional collection of specific visitor data by Automattic, Woo’s parent company. 

This issue only pertained to WooCommerce stores that had data tracking enabled and did not have their store connected to Jetpack.”

Start a small business at home: 61 Ideas and top tools to get started

From the Woo Developer Blog, by Kathryn Marr

“Starting a small business from the comfort of your home isn’t just a dream for the ambitious. It’s actually a practical, achievable reality for anyone with a bit of drive and creativity. 

Whether you’re looking to ditch the 9-to-5 grind, pursue a passion, or simply earn some extra cash, the opportunities are there for those willing to put in the work. With the right tools and a bit of determination, you can start a business right from your home and work your own hours. 

It gives you the freedom to work on your own terms, tap into markets worldwide, and, let’s not forget, the commute is unbeatable. So, if you’ve ever thought, “Maybe I could do this”, now’s the time to turn that thought into action. 

Let’s take a look at 61 of the best small business ideas that can get you started, along with the top tools that’ll help you hit the ground running.”

Word News

Image of Regina Carter

WordPress 6.5.3 Maintenance Release

From WordPress.org, by Aaron Jorbin


“This minor release features 12 bug fixes in Core and 9 bug fixes for the block editor. You can review a summary of the maintenance updates in this release by reading the Release Candidate announcement.

WordPress 6.5.3 is a short-cycle release. The next major release will be version 6.6 planned for July 2024.”

WordPress 6.6 Beta 1

From WordPress.org, by marybaum

What’s coming to WordPress 6.6?

This year’s second major release is about polish and finesse. Features that landed in the last few releases have new flexibility and smoother flows—and a few new tricks. And of course there are a few brand-new features.

Data Views updates

Part of the groundwork for phase 3, Data Views get new and improved experience of working with information in the Site Editor. A new layout consolidates patterns and template parts, gets you to general management views in fewer clicks, and packs in a wide range of refinements.

Overrides in synced patterns

What if you could keep a synced pattern‘s look and feel everywhere it appears—keeping it on brand—but have different content everywhere it appears?

For instance, maybe you‘re building a pattern for recipes. Ideally, you want to keep the overall design of the recipe card consistent on every post that will have a recipe. But the recipe itself—the ingredients, the steps, special notes on technique—will be different every time.

And perhaps, in the future, other people might need to change the design of the recipe pattern. It would be nice to know they can do that, and that the content in existing recipes will stay right where it is.

In version 6.6, you can make all that happen, and overrides in synced patterns are the way you do it.

See all the blocks

Up to now, when you had a block selected and then opened the block Inserter, you only saw the blocks you were allowed to add to your selected block. Where were all the others?

In 6.6, when you have a block selected, you get two lists. First, there’s the list of blocks you can insert at your selected block. Then you get a list with all the other blocks. So you can get an idea of what you can use in your selected block, and what other blocks you could use in another area. In fact, if you select a block from that second list, WordPress 6.6 will add it below your block, to use in whatever you build next.

A new publish flow

Version 6.6 brings the post and site editors closer together than ever. So whether you’re writing for a post in the post editor or a page in the Site Editor, your experience will be about the same.

Style variations

If a block theme comes with style variations, 6.6 vastly expands your design options right out of the box, without installing or configuring a single thing. Because in 6.6, your theme pulls the color palettes and typography style sets out of its installed variations to let you mix and match for a whole world of expanded creative expression.

Section styles

Do you build themes? Now you can define style options for separate sections of multiple blocks, including inner blocks.

Then your users can apply those block style variations to entire groups of blocks, effectively creating branded sections they can curate across a site.

A note about CSS specificity

To make it easier for your variations to override the global styles CSS, those styles now come wrapped in `:root`. That limits their specificity. For details, read the full discussion on GitHub.

A native Grid layout

Grid is a new variation for the Group block that lets you arrange the blocks inside it as a grid. If you’ve been using a plugin for this, now you can make your grids natively.

Better pattern management in Classic themes

You heard right: You can do everything with patterns in Classic themes that you can in a block theme. You can see all the patterns available to you in a single view and insert a pattern on the fly.

Negative. Margins.

They’re here: negative margin values, so you can make objects overlap in your design. As a guardrail, you can only set a negative margin by typing an actual negative number, not by using the slider. That’s to keep people from adding negative values they didn’t intend.

Rollback auto-updates

Now you can have the convenience of setting all your plugins to auto-update and the inner peace you get from knowing that if anything goes wrong, 6.6 will do a rollback. Automatically.

This post reflects the latest changes as of June 4, 2024.

Federal Agencies Recommend DMARC Policy Enforcement

From Dmarcian

“The Federal Bureau of Investigation (FBI), the Department of State, and the National Security Agency (NSA) have released a security advisory titled North Korean Actors Exploit Weak DMARC Security Policies to Mask Spearphishing Efforts. The agencies warn that attackers from the Kimsuky group are seeking out domains with the non-enforced DMARC policy of p=none to orchestrate social engineering intrusions.”

Critical WordPress Plugin Flaws Exploited to Inject Malicious Scripts and Backdoors

From Security Week, by ByIonut Arghire

“Vulnerabilities in three WordPress plugins are being exploited to inject malicious scripts and backdoors into websites, according to a warning from Fastly.

The flaws can be exploited to execute unauthenticated stored cross-site scripting (XSS) attacks, allowing attackers to create a new WordPress administrator account, inject PHP backdoors in plugin and theme files, and set up tracking scripts to monitor the infected targets.”

WP Statistics plugin

WP Meta SEO plugin

LiteSpeed Cache plugin

Cloudflare Apps is deprecated and will be discontinued August 31, 2024.

After August 31, 2024, we will be automatically uninstalling installed apps from your Cloudflare zone(s). This will not impact Cloudflare’s first-party services running on your zones.

The Datadome app is the only exception to this.

We understand that uninstalling apps might be disruptive. To address any potential issues, please review and remove apps installed on your zones through the Cloudflare dashboard.

For any questions about the deprecation or support requests, reach out to apps-marketplace-support[at]cloudflare.com.

We will be creating a new Apps experience. If you’re interested, leave us feedback and sign up here.

Free Resources

Cookies Yes

“The CookieYes plugin enables seamless cookie consent and GDPR compliance by integrating an intuitive cookie banner into your website. It offers full support for GDPR (DSGVO, RGPD) and CCPA/CPRA to easily obtain user consent for cookies, ensuring legal compliance.

Customizable cookie banner designs and options make configuring a GDPR-compliant cookie consent solution simple. The plugin also supports various other global privacy regulations beyond GDPR, including LGPD (Brazil), CNIL (France), PIPEDA (Canada), Law 25 (Quebec), POPIA (South Africa), nFADP (Switzerland), Privacy Act (Australia), PDPL (Saudi Arabia), PDPL (Argentina), PDPL (Andorra), DPA (Faroe Islands), and the California Consumer Privacy Act (CCPA/CPRA). Additionally, it’s designed to align with significant state privacy laws in the US, such as VCDPA (Virginia), CPA (Colorado), CTDPA (Connecticut), and UCPA (Utah).”