Discovr 2: Introduction to WordPress

Posted on May 15, 2008 | 7 comments

Discovr Hosts: Michael Mistretta and Chris Thomson

Special Guest: Jeff Chandler

Intro music by Joe Sayer (email)

From learning how to setup a WordPress site, to must-have plugins and advanced tweaking tips, this episode of Discovr explores WordPress from top to bottom.

Shownotes

We’d love to hear your feedback! Feel free to contact us with any tips, tricks, or topics you want to learn about. Whether the feedback is good or bad, we’d love to hear it. You can also follow @Discovr on twitter to keep up with all that’s happening behind the scenes on the Discovr podcast.

Download MP3 | Subscribe in iTunes (Enhanced)

7 Replies

  1. Daniel Brusilovsky May 15th 2008

    Great show! Learned a lot!

  2. James May 18th 2008

    Just wanted to mention that using FTP is a very bad idea. FTP sends all data, including usernames and passwords, in cleartext. This means that anyone sniffing your network traffic with freely available tools such as Wireshark, would be able to get the username and password to your hosting account.

    SFTP is the secure replacement to FTP, that encrypts your data stream, so that anyone sniffing would just end up with a bunch of meaningless, random looking data.

    Any host that only supports FTP and not SFTP is a host you should avoid.

  3. Chris May 19th 2008

    James: True. However, the only file that is not okay to send in cleartext is the wp-config.php file, which you setup through an interface on your website. So while editing wp-config.php, it would be a good idea to use SFTP, but when uploading all of the other WordPress files, it’s probably better just to use the regular FTP, because it’s faster. Thanks for your input, and suggestions. :)

  4. Daniele Rossi May 21st 2008

    Great 2nd show! I really liked the plugin recommendations. They seem very useful and I’ll be installing them asap. Looking forward to the next episode.

  5. Chris May 21st 2008

    Daniele: We’ll have an episode in the next few months (late June, actually) that focuses on various WordPress plugins. I’m glad you enjoyed the episode. :)

  6. James May 24th 2008

    @Chris

    That’s not entirely correct. When you use FTP, you have to supply the username and password to your hosting account so that your FTP client can connect to your server. That username and password is sent in cleartext. If your hosting credentials are sniffed, then someone can just login to your account and check your wo-config file to get your Wordpress password. Although I would be much more worried about someone getting the login details for the hosting rather than for Wordpress.

    As far as FTP being faster, that statement is technically true, however you will never notice the speed difference in everyday usage. Modern computers are very fast at applying symmetric encryption. SFTP only uses asymmetric encryption (which is slower due to the more complex math involved) to exchange the symmetric session key. So all data transfered is encrypted/decrypted using fast symmetric encryption.

    FTP is a legacy protocol that was designed without security in mind. It should never be used in an environment where security is an issue (eg. any data transfered in the Internet that you wouldn’t want someone else to have complete access to).

  7. Michael Jun 9th 2008

    Just wanted to say thanks for a great episode. Very informative and interesting and I used your list above to plugin a handful of great stuff. I really liked the wp database backup plugin.

    Thanks,

    Michael


Leave a Reply