BillBelew.com
BloggingPlugins

Deciding on Yoast plug-in516

Member dzflower453 private msg quote post Address this user
Can we use this on the current blog?
Thanks,
Dai
Post 1 • IP   flag post
Forum Owner Belew private msg quote post Address this user
@dzflower453

Why? Plug-ins slow down a site. They can be and often are a security risk.

If you do the basics as I taught you there is no need for Yoast or anything like it.
Post 2 • IP   flag post
Top Contributor Steve private msg quote post Address this user
@Belew Would be a really interesting test to have half your class use plugin and online SEO type tools, correct permalink structure, etc., as opposed to going el-natural so to say...
Post 3 • IP   flag post
Member dzflower453 private msg quote post Address this user
it's good to have something to keep us accountable...free babysitting (even though we are adults)
Post 4 • IP   flag post
Forum Owner Belew private msg quote post Address this user
@dzflower453

Hmm.... babysitting. That's hard for me to do.
Post 5 • IP   flag post
Forum Owner Belew private msg quote post Address this user
@Steve

Perhaps next time I teach a class from scratch.
Post 6 • IP   flag post
Member dzflower453 private msg quote post Address this user
obviously, the babysitting is done by the plug-in so you don't have to.
Post 7 • IP   flag post
Teacher Rev private msg quote post Address this user
@Belew

I'm surprised that you spread the "plugins slow down a site" meme. Of course it is true that any active code added to any website, no matter what style or brand it is, will slow it down (slightly!) but this idea that plugins are somehow evil because they inordinately slow down a WordPress site (maybe that's not what you meant) is just nonsense. In most cases, any slowness is all but immeasurable to the typical user.

The idea that it is better to build functions into the theme, rather than use plugins, is mostly wrong thinking too. The savings, or gain, in doing so, if any, doesn't offset the flexibility of using plugins.

Well made plugins are the least of your worry when it comes to security. Keeping them updated and doing regular backups is more worthy of your attention.

WordPress was, by the way, designed from the ground up to have four separate areas, 1) core files - the engine, if you will, 2) theme - the look and feel or design, 3) plugins - feature/function extensions, and 4) content - all the stuff you add.

That is a well thought out structure and works extremely well. We should all have such market acceptance!

Just my 2¢.
Post 8 • IP   flag post
Forum Owner Belew private msg quote post Address this user
@Rev

Plugins are not evil.

Unnecessary plugins are unnecessary. I use plugins.

Yoast is extremely popular. It was also hit by a virus not long ago.

"Everything should be kept as simple as possible. But not simpler," Einstein.
Post 9 • IP   flag post
Teacher Rev private msg quote post Address this user
@Belew

It's WordPress, Jim, not quantum physics! ;o)

And, not to put too fine a point on it, the Yoast plugin was not hit by a virus. A bit of code in common use by many people on many platforms, and which was accepted as normal practice, was discovered to be exploitable. No one could anticipate that -- well, at least not in such a way as to prevent it -- and, of course, it was WordPress that got the bad rap even though that coding technique was used elsewhere.

When you are #1 you get the flack. Hopefully you are big enough to handle it. It doesn't, however, mean that WordPress plugins are security risks or any more exploitable than the same code used on a custom coded site. In fact, just as there are more people looking for ways to hack WordPress sites, there are more people looking for ways to protect WordPress sites -- fixing exploitable code sooner, updating plugins, reporting issues to the appropriate people, etc.

The Yoast plugin, the slider which was where the original discover was made, and several dozen other plugins that almost nobody knows about, are all the better for it. Thank goodness for an open source community that works together and cares!

When did someone report to you about a possible exploit in your custom coded website or that non-WordPress commercial website template you bought? I've used both, and in my experience the answer to my own question is, "NEVER!"

Again, just my 2¢.
Post 10 • IP   flag post
Top Contributor Steve private msg quote post Address this user
@Rev "When you are #1 you get the flack. Hopefully you are big enough to handle it. It doesn't, however, mean that WordPress plugins are security risks or any more exploitable than the same code used on a custom coded site"

It actually does ... once an exploit is known, given the volume of WordPress websites, Hackers will search and generate a list of websites that potentially can be exploited... if I was designing a bot this would be inbuilt... as would be the exploitation of them, once a list was generated.

It's not as easy to do that with a custom website, and of course if the plugin isn't there, no one can find it via search...

And yes, I know it's possible to hide things... I am just speaking generally

I was discussing this with a few developers a month or so back and it's now widely thought, at least amongst us, that hackers are specifically trying to find exploits in plugins as that gives them access to large numbers of websites... this is why they are constantly being updated.
Post 11 • IP   flag post
29723 11 11
destitute