How to Improve the WordPress Admin User Interface

/in , /by

Initially WordPress was just for blogs. But now WordPress commands roughly half of the website content management market, taking over market share from Joomla and Drupal and other content management systems. This is mainly because WordPress is so easy to use and administer. The one drawback – and a significant reason why many still use Joomla – is the admin user interface. The admin area is the heart of any WordPress-powered site – it’s where everything is controlled – posts, pages, media, comments, etc. – A site with more than 10 pages and galleries can be difficult to manage in WordPress. Difficult, that is, without adding some of the following plugins. Plugins allow you to customize only what you need.

For example, suppose you have someone on your staff composing blogs for you. The out-of-the-box WordPress admin interface does not have a robust feature for editorial control and review.

Today, we will introduce you to a number of fantastic plugins that will enhance your WordPress website in some way. These admin plugins are all free to download from the official WordPress plugin directory and will help protect your website, give you more control over users or automate the editorial process. As always, we recommend that you consult with your website administrator prior to installing any new plugins since they can occasionally conflict with each other and break your website.

Post Scheduling & Management

1. Editorial Calendar

This is the perfect plugin for managing the scheduling of your posts. Editorial Calendar adds a calendar page to the post section of your admin area. Each day shows the posts that are scheduled for that day. Multiple posts are listed in chronological order.

Watch the Video to learn more

Editorial Calendar: Download

2. Peter’s Collaboration Emails

This is a great plugin for managing the editorial flow of blog posts. When a contributor submits a post for review, the plugin emails the specified users to let them know there is a post to review. Once the post is approved, the contributor gets an email letting them know it has been accepted. If the post is changed back to “Draft,” the contributor is advised that it has not been accepted and is sent a link to edit the article.

Peter’s Collaboration Emails: Download

3. Peter’s Post Notes

On its own, this plugin adds a panel to the sidebar of the add and edit post / page screens so that users can add notes for themselves or others and keep track of these notes. Whenever you save a post, you can type a note to be displayed along with the post in the edit view. When used with Peter’s Collaboration E-mails 1.2 and up, the notes are sent along with the e-mails in the collaboration workflow. There is also a general and private notes system on the dashboard.

On the dashboard, there’s also a summary of the most recent notes. By default this shows notes by all people on relevant posts / pages. There is also a general and private notes system.

 

 

 

 

 

 

 

 

 

 

Peter’s Post Notes: Download

4. Content Audit

Content Audit lets you and your staff easily review old content and determine if it’s still relevant. The plugin works with posts, pages and media. You can automatically set content as outdated after a set period of time and notify post authors about it. Content can be marked as redundant, outdated or trivial. You can also mark content as needing a review of SEO or style.

 

 

 

 

 

 

Content Audit: Download

5. Edit Flow

Edit Flow empowers you to collaborate with your editorial team inside WordPress. It’s feature rich and comes with a calendar, custom statuses, editorial comments, notifications, story budget, and user groups.

 

 

 

 

Edit Flow: Download

General Admin

6. Adminimize

This is a great plugin that let’s you hide parts of the admin dashboard that you deem “unnecessary”.  You can change back-end options; global options; dashboard options; write options for posts, pages and custom page types; link options; and menu options.

Adminimize: Download

Security

7. WordFence Security

This is an incredibly valuable plugin that is completely free. WordFence includes a firewall, anti-virus scanning, cellphone sign-in (two factor authentication), malicious URL scanning and live traffic including crawlers. Wordfence is the only WordPress security plugin that can verify and repair your core, theme and plugin files, even if you don’t have backups.

WordFence Security: Download

Summary

The great thing about WordPress is that the default installation doesn’t overwhelm you with options. This allows users to choose the plugins that best meet our particular needs and disregard those that don’t.

You might find that some of these plugins can be disabled after you use them. I recommend reviewing your situation every month or so and remove any plugins that aren’t being used regularly. Also it’s a best practice to remove any plugins that have not been updated (by the plugin developer) in at least a year. Old plugins increase the chance that someone can hack into your site. Update plugins regularly and delete plugins that you don’t use.

WordFence Security Update

/in , /by

We are seeing exploits in the wild appear within the last week for the following WordPress themes and plugins. If you are running any of these themes or plugins, check if there is a recent security update and install the update, or remove the item from your system if there is no security update. If you’re unsure, contact the theme/plugin developer or vendor.

  • Cubed Themes version 1.0 to 1.2. Remote file upload vulnerability. Distributed by themeprofessor.com. Exploit released on 9 November 2013.
  • Army Knife Theme, unspecified version. CSRF File Upload vulnerability. Theme is distributed by freelancewp.com. Exploit released 9 November 2013.
  • Charcoal Theme. CSRF File upload vulnerability. Distributed by the official WordPress repository. The theme hasn’t been updated for several years, so we recommend deleting all files from your system.
  • WP Realty Plugin may contain an email sender vulnerability. Please contact vendor for clarification. We’re seeing exploits that claim to exploit this hole. Plugin is distributed by wprealty.org.
  • The following themes distributed by orange-themes.com appear to contain a remote file upload vulnerability and we’re seeing exploits appear in the wild, all published around November 12, 2013: Rockstar Theme, Reganto Theme, Ray of Light Theme, Radial Theme, Oxygen Theme, Bulteno Theme, Bordeaux Theme. Please contact the vendor to find out of your theme is applicable and what action to take.
  • Amplus Theme version 3.x.x contains a CSRF file upload vulnerability. We’re unclear who the vendor is, but it appears to be Themeforest.
  • Make a Statement Theme version 1.x.x (also known as MaS ) contains a CSRF file upload vulnerability. Exploit distributed November 17, 2013. Vendor is themes.mas.gambit.ph.
  • Dimension Theme, unspecified version, contains a CSRF file upload vulnerability. Theme is distributed by ThemeForest. Exploit appeared November 17th, 2013.
  • Euclid Version 1 Theme contains a CSRF File Upload Vulnerability. Exploit appeared today. Theme is distributed by FreelanceWP.com.
  • Project 10 Theme, Version 1.0. Remote file upload vulnerability. Distributed by ThemeForest. Exploit appeared today.

Please remember: Deactivating a theme or plugin with a security hole does not make it safe. You need to remove all files from your system to remove the security hole in a theme or plugin. If your theme or plugin is listed here, don’t panic. First contact your theme or plugin author or vendor. Work with them to determine if your particular version contains the vulnerability we’ve publicized and get their advice on what action to take. If they are not contactable after a reasonable amount of time, work with your hosting provider or site developer to determine if you have a vulnerability and what action to take.

Source: www.wordfence.com