I AM LISTENING TO
|
WHAT I LIKE
  • English
  • German


BLOG FILTER



14. May 2020

2020: WordPress Admin White Label Solutions ( Personal Favorites )

I am always looking for easy ways to white label the WordPress administration for myself and my clients. A nice personal touch for each project and an easy way to declutter the interface.

These are my personal favorites, that I use on a regular basis.

Admin Themes / Login Page

There are a lot of solutions out there, but many break easily and are really heavy to load. Some of these solutions I tried also break easily on new WordPress Upgrades. The first two below are currently my favorites.

  1. Slate Pro ( Commercial )
    “Slate Pro is a powerful WordPress admin theme plugin that reimagines WordPress with a clean and simplified design. White label your WordPress install with custom colors, a custom login screen, custom admin branding, and more. Slate Pro is now multisite compatible! Network activate to control the look of all sub-sites.”

    Slate Pro is a clean and simple admin theme, that does not try to alter the interface completely. Small changes that make a difference. Color adjustments, logos, simple menu & widget enhancements and login page tweaks. Compared to other solutions it has been a stable experience, even after multiple WordPress Updates.

    This is an install and enjoy solution!
  2. Kodeo Admin UI ( Free – Open Source )
    “Kodeo Admin UI turns your WordPress backend into a clean and modern user interface. All elements are well designed and arranged for the best user experience.”

    Kodeo is another clean interface, that goes further than Slate Pro. Many areas of the admin theme have been changed. It works well with most 3rd party plugins, but I have had problems with some plugins doing their own little interface tweaks.
    With Kodeo your WordPress Admin completely transforms and gives it a really modern & clean look.

    This is an install and tweak solution! You might need to trim certain CSS properties to make it work for everything.

  3. Material WP ( Commercial )
    “Material Design version of the WordPress Admin Interface”

    I have used this once or twice in the past. Its more of a honorable mention. The admin theme transforms the interface completely, but can feel sluggish on slower servers. It has an impressive set of options and gets regular updates.

    This is again an install and tweak solution! It works with most of the 3rd party plugins and Gutenberg, but some things might need to be trimmed by hand.

Menu Editors & User Groups

When sharing the administration with your customer, you often need to make it as simple a possible for them. Depending on your setup, the menu becomes cluttered and overwhelming really fast.

I often trim menus for each user role, to make only those options accessible that are really needed.

  1. Admin Menu Editor Pro ( Free / Commercial )
    This tool has been part of many of my projects and has been a solid solution for years. You can hide & move menus, create new menus, tweak menus by user role, hide plugins and also tweak the admin toolbar with an extra addon.
    Worth every penny! There is a free version available, that might just provide enough functionality for your next project.
  2. Groups ( Free )
    “Groups is designed as an efficient, powerful and flexible solution for group-oriented memberships and content access control. It provides group-based user membership management, group-based capabilities and access control for content, built on solid principles. Groups is light-weight and offers an easy user interface, while it acts as a framework and integrates standard WordPress capabilities and application-specific capabilities along with an extensive API.”

    This plugin allows you to add new user groups easily and can tie into the plugin above.

User Profiles

When sharing the administration with multiple users, its always nice to add some personality to the user profiles as well.

WP User Profiles
“WP User Profiles is a sophisticated way to edit users in WordPress.”

The plugin provides other small addons, like WP User Avatars. Neat plugin to tweak admins, editors and other users.

Admin Dashboard Replacements

  1. cubicFUSION Admin Enhancer (Free)

    portalZINE NMN | Development meets Creativity | cubicfusion logo
    This is a new plugin I am currently working on. The current shortcodes addon can help you integrate dashboard widgets into the dashboard builders below.

    I am also working on my own dashboard builder, that requires none of the solutions below and builds upon WordPress core functionality.

  2. Dashboard Welcome for Elementor (Free)

    portalZINE NMN | Development meets Creativity | elementor 300x102 1
    “Dashboard Welcome by PowerPack Elements gives you full control over the WordPress welcome panel using Elementor.

    You can personalize the dashboard with content and design built with Elementor. You can add heading, contact information, form, video, images, affiliate links, etc.

    While the above plugin is free, you need a Elementor Pro License to use it!

  3. Dashboard Welcome for Beaver Builder (Free)

    portalZINE NMN | Development meets Creativity | beaver builder 300x81 1
    “Welcome by Beaver Addons gives you full control over the WordPress welcome panel using Beaver Builder.

    You can personalize the dashboard with content and design built with Beaver Builder. You can add heading, contact information, form, video, images, affiliate links, etc.”

    Even though the plugin above is free, Beaver Builder is a commercial plugin!

  4. Divi Dashboard Welcome ($22)

    portalZINE NMN | Development meets Creativity | divi
    “Divi Dashboard Welcome gives you control over the WordPress Dashboard Welcome screen …”

    The plugin requires the Divi Page Builder. Both plugins are commercial!

Enjoy
Alex

readmore
22. March 2020

Heidelpay Academy – Certified Agencies

portalZINE NMN | Development meets Creativity | Heidelpay Logo mitUnterzeile orange RGB

Heidelpay

ENGLISH: The heidelpay Group is one of the fastest growing German tech companies for international payment transactions. Founded by Mirko Hüllemann in 2003, the company relies on its own innovative solutions such as the secured invoice purchase, purchase by instalments, direct debit and online bank transfers. In addition, heidelpay also cooperates with more than 200 well-known providers of credit cards and wallet solutions.

As a payment institute approved by the German Federal Financial Supervisory Authority BaFin and with over 16 years of experience in e-commerce and at the POS in its favour, the heidelpay Group enables companies of all sizes to make payments worldwide. The full-service payment service provider covers the entire spectrum of electronic payment processing: from processing, procurement, monitoring and risk management to accounts receivable management. Its fully scalable and modular solutions are used by 30,000 national and international customers. The various payment methods are available for e-commerce, m-commerce and stationary points of sale. “

GERMAN: Die heidelpay Group ist eines der am stärksten wachsenden, deutschen Tech-Unternehmen für den internationalen Zahlungsverkehr. Das von Mirko Hüllemann im Jahr 2003 gegründete Unternehmen setzt dabei auf innovative, eigene Lösungen, wie Rechnung, Ratenkauf, Lastschrift und Online-Überweisung. Daneben arbeitet heidelpay mit über 200 namhaften Anbietern von Kreditkarten oder Wallet-Lösungen zusammen.

Als von der Bundesanstalt für Finanzdienstleistungsaufsicht (BaFin) zugelassenes Zahlungsinstitut mit über 16 Jahren Erfahrung im E-Commerce und am POS zu seinen Gunsten ermöglicht die heidelpay-Gruppe Unternehmen jeder Größenordnung den weltweiten Zahlungsverkehr. Der Full-Service-Payment-Dienstleister deckt das gesamte Spektrum der elektronischen Zahlungsabwicklung ab: von der Abwicklung über die Beschaffung, Überwachung und das Risikomanagement bis hin zum Forderungsmanagement. Die voll skalierbaren, modularen Lösungen werden von 30.000 nationalen und internationalen Kunden genutzt. Für E- Commerce, M-Commerce und den stationären Point of Sale stehen die verschiedenen Zahlungsmethoden zur Verfügung.

Heidelpay Academy


ENGLISH: On March 19th I took part in the Heidelpay Academy, to be able to support my customers in the integration of all innovative solutions offered by Heidelpay.

I have been a partner since last year and have already integrated direct debit via Heidelpay for a customer.

GERMAN: Am 19.03. habe ich an der Heidelpay Academy teilgenommen, um meinen Kunden in der Zukunft verstärkt bei der Einbindung der innovativen Lösungen von Heidelpay zu unterstützen.

Ich bin schon seit letztem Jahr Partner und habe bereits für einen Kunden das Lastschriftverfahren über Heidelpay integriert.

Heidelpay Academy

readmore
16. November 2019

Building Low Carbon Websites

I signed the Sustainable Web Manifesto a couple of weeks ago. The manifesto perfectly reflects how I have been handling my business and my projects.

I created a special “GO GREEN” subsection to talk about the topic in more detail and give you some more context about the areas I can help you with.

We all share and use the web, just as we all share and live on this planet. This manifesto is a public declaration of a shared commitment to create a sustainable internet.

https://www.sustainablewebmanifesto.com/
  1. CLEAN –  The services we provide and services we use will be powered by renewable energy.
  2. EFFICIENT –  The products and services we provide will use the least amount of energy and material resources possible.
  3. OPEN – The products and services we provide will be accessible, allow for the open exchange of information, and allow users to control their data.
  4. HONEST – The products and services we provide will not mislead or exploit users in their design or content.
  5. REGENERATIVE –  The products and services we provide will support an economy that nourishes people and planet.

“If we embrace sustainability in our work, we can create a web that is good for people and planet.”

readmore
6. September 2019

Finally! GreenApe Shop goes live!

Together with my partners in crime (Dorit & Micha), we have finally opened our own personal online store.

We have been selling our single origin coffees (1st Single Malt Whisky Coffee, Basic – Single Origin Arabica, Kill me Quick Espresso -Single Origin Robusta), teas (Kräuterschorle – Kräutertee, Feuerkieker – Schwarztee) and rum (Fortune Teller – Double Aged Barbados Rum) using the Amazon Marketplace for the past 2 years.

No more Amazon

GreenApe has been a side project for the past years and I never wanted to deal with the maintenance of our own store. But its time to move on and do our own thing. Amazon has removed so many useful features over the years or added a new fee on top of other fees. Even though Amazon provides access to a large amount of customers, for small companies the fees build up quickly.

Our own

With our own store we can finally do bundles, coupons again and better optimized shipping. It will also allow me to better testdrive some new interesting features for my customers ;) Yeah its kind of my new toy or shopping lab! Its fun being able to work on untested new SEO features, structured data, merchant tools, shopping ads and tracking of all of those.

Locations

We have been selling in Germany for the past 2 years, but that might be changing in the future depending how well the new store shapes up :)

If you live in Germany, love good coffee, tee or rum … say Hi!

GreenApe – Makes Your Life Better
Homepage
Shop
Contact us

readmore
17. August 2019

Keeping Development Credentials Secure

Development today relies on multiple teams, services, and environments all working in unison. A topic that always comes up, when setting up a new development environment: How do we secure important credentials, while not making it too complicated for the rest of the team?

The key when working with version control systems like Git, is to keep any type of credentials out of the versioning system. These can be API keys, database or email passwords.

Even if its a private repository, development environments might change. It can be a simple staging & live website setup you are maintaining.

.env Files for Environment Variables

The simplest way in PHP is to use .env files to store your credentials outside of the public accessible directory structure. So outside the public_html, but still within the reach of the executing environment to read it. Variables are accessible through $_ENV['yourVar'] or getenv("yourVar"), once included in your code.

To make it simple you can use the popular package vlucas/phpdotenv, which reads and imports the file automatically.

Don’t fool yourself, if an attacker finds a way into your system, these variables can be easily read. This is just hiding the file from public access and provides some convenience while developing or sharing code.

Encrypted .env files

Some people propose to encrypt / decrypt environment variables using a secret key. But if an attacker can access your data, he can also find the secret key.

There are some nice packages that offer just that. You have to decide if those fit your ammo.

  • The psecio/secure_dotenv library provides an easy way to handle the encryption and decryption of the information in your .envfile. @Github
  • johnathanmiller/secure-env-php – Env encryption and decryption library. Prevent committing and exposing vulnerable plain-text environment variables in production environments. The lib provides a nice guided interface to encrypt your .env file. @Github
  • beyondcode/laravel-credential – Add encrypted credentials to your Laravel production environment. You can edit and encrypt using php artisan credentials:edit. @Github

Apache Pull – setting environment variables

The Apache2 environment variables are set in the /etc/apache2/envvars file. These variables are not the same as the environment variables of your Linux system; they are stored and manipulated in an internal Apache structure.

The /etc/apache2/envvars file holds variable definitions such as APACHE_LOG_DIR (the location of Apache log files), APACHE_PID_FILE (the Apache process ID), APACHE_RUN_USERS (the user that run Apache, by defaultwww-data), etc.

You can open and modify this file in a text editor of your choice. This is nice, but far from simple and requires a server restart. This is something which helps you when hardening security on a live deployed setup.

There are dynamic approaches, but you can do some research for that yourself :) Skipped that rabbit hole for now …

Infrastructure Secret Management

Handling secrets completely detached is another possibility. This is surely an overkill for most cases, but using an Infrastructure Secret Management concept might be worth looking into, if you are working on bigger scale projects that involve multiple development teams and setups. These services also often deal with secret rotation.

HashiCorp Vault – “Vault is a tool for securely accessing secrets. A secret is anything that you want to tightly control access to, such as API keys, passwords, certificates, and more. Vault provides a unified interface to any secret, while providing tight access control and recording a detailed audit log.”

You can deploy your own vault on your own infrastructure or test out a hosted version, which is free for Open Source projects. HashiCorp Vault

You will find a bunch of Hashicorp related packages that will help you to integrate a vault into your project workflow (scmrus/php-vault-env , poc-webapp-vault).

While this is nice, you will need to cache / store credentials somewhere, as you don’t want to query the vault on every single access.

The Hashicorp Vault is not the only Infrastructure Secret Management solution. There is a nice Github Gist that lists other solutions and a nice feature matrix.

Amazon also provides a solution called AWS Secrets Manager, which makes a lot of sense, when you build and deploy on AWS already :)

What a rabbit hole, once you start researching solutions :)
Have fun …

readmore
30. May 2019

Have you heard of GatsbyJS?

Gatsby is a free and open source framework based on React that helps developers build blazing fast websites and apps.

What they have to say

  • Go Beyond Static Websites. Get all the benefits of static websites with none of the limitations. Gatsby sites are fully functional React apps so you can create high-quality, dynamic web apps, from blogs to e-commerce sites to user dashboards.
  • Use a Modern Stack for Every Site. No matter where the data comes from, Gatsby sites are built using React and GraphQL. Build a uniform workflow for you and your team, regardless of whether the data is coming from the same backend.
  • Load Data From Anywhere. Gatsby pulls in data from any data source, whether it’s Markdown files, a headless CMS like Contentful or WordPress, or a REST or GraphQL API. Use source plugins to load your data, then develop using Gatsby’s uniform GraphQL interface.
  • Performance Is Baked In. Ace your performance audits by default. Gatsby automates code splitting, image optimization, inlining critical styles, lazy-loading, and prefetching resources, and more to ensure your site is fast — no manual tuning required.
  • Host at Scale for Pennies. Gatsby sites don’t require servers so you can host your entire site on a CDN for a fraction of the cost of a server-rendered site. Many Gatsby sites can be hosted entirely free on services like GitHub Pages and Netlify.

What I have to say …

While researching some popular static site generation tools, GatsbyJS comes up often. I have played with NuxtJS and Hugo in the past, but what I REALLY like about GatsbyJS is the plugin / modular system. You can build your website with plain-old React and CSS styles, but make your development more efficient by adding node_modules.

Also being able to import any data source with ease, using GraphQL, is amazing. And when it comes to content management, you can easily hook a headless WordPress or Drupal setup into the mix and consume their REST APIs :)

I am not switching my own website to GatsbyJS anytime soon, but its another tool in my toolbox for future project consideration !

There are many tutorials on Youtube about getting started, maybe something to consider for the next freetime testdrive ;) Enjoy …

GatsbyJS @ Github

readmore
18. May 2019

Screenshot Service with Node.js

Manet is a REST API server which allows capturing screenshots of websites using various parameters.

The Node.js server can use SlimerJS or PhantomJS as headless browser engines.

I have build similar with CasperJS, but this is far better for those that want a simple straight solution.

@GitHub

readmore
17. May 2019

CSS3 Animations with Special Effects.

A nice set of CSS3 Animations that can be easily used to spice up your design.

The animations can be triggered through Javascript, jQuery and the timings can be tweaked through pure CSS. The package also provides gulp, so that you can tweak every aspect easily.

Demo
Github

readmore
11. May 2019

portalZINE goes Multi-Language

Since I started in 2002, all iterations of portalZINE have been pure english content websites. You can read about the why on my services page.

I had potential customers in Germany complain about that a lot over the past few years. But your own website often suffers, while your customers get all the attention. That is how it is and how it should be!

Creating Multi – Language websites has been part of my services & portfolio for years, with an extreme application setup handling 13 languages in 2014 for the soccer world cup.

Multi-Language setups have come a long way and it was time to showcase that on my own setup as well. Not only to calm those potential customers, but to testdrive new functionality and possibilities on my own setup. portalZINE has always been my testlab for stability and new feature sets.

Most of my static pages are available in English and German now, the blog itself will remain pure English.

Need help setting up a multi language website, get in touch!

Cheers
Alex

readmore
7. June 2018

Youtube iFrame API and Cookieless Domain solution (GDPR / DSGVO)

GDPR / DSGVO REQUIREMENTS

The GDPR makes us jump through a lot of hoops to cleanup our websites and make all our code compliant. Many aspects of the GDPR are far from completely defined yet and there is a great uncertainty what is required, what can stay and what needs to be adjusted right now.

EMBED YOUTUBE VIDEOS

Embeding Youtube videos is one area,  that many are afraid of. You need to mention the use of youtube in your data privacy policy.

Something like that :”Our website uses plugins from YouTube, which is operated by Google. The operator of the pages is YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.

If you visit one of our pages featuring a YouTube plugin, a connection to the YouTube servers is established. Here the YouTube server is informed about which of our pages you have visited.

If you’re logged in to your YouTube account, YouTube allows you to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account.

YouTube is used to help make our website appealing. This constitutes a justified interest pursuant to Art. 6 (1) (f) DSGVO.

Further information about handling user data, can be found in the data protection declaration of YouTube under https://www.google.de/intl/de/policies/privacy.”

IS THAT ENOUGH

The question remains, if that is actually enough?
Youtube allows you to switch to a cookieless embed on their website, that limits the data flowing to Google servers.

THE IFRAME API

But how do you use that programmatically, with the Youtube iFrame API?

The iFrame API documentation has not been updated since 2014 and does not mention any option to switch to the cookieless youtube host.

But there is an easy option, just add the host option “https://www.youtube-nocookie.com” to your calls :

There we go, so simple and painless :)

The GDPR is a good thing, as it helps to secure our privacy. Those that are complaining now, are those that waited until the GDPR went live and did not take the time to really prepare soon enough.

BTW the email spam sent by so many services, was so not required, but helped me to clean up / delete those dormant accounts ;)

Enjoy coding!

readmore