Connect with us

WORDPRESS

WordPress 5.9 May Boost a Core Web Vitals Metric by Up to 33%

Published

on

wordpress core web vitals 60f15666d5c1b sej

WordPress published an article in their developer section proposing to refine WordPress’ default lazy loading behavior. Testing revealed that the proposed change improved a Core Web Vitals performance metric by as much as 33%.

Proposal to Improve Core Web Vitals in WordPress

The proposal states that fine grain control of the lazy loading attribute belongs in the hands of theme developers.

That said, it was found that by refining how the lazy loading is added by default results in significant improvements in the Core Web Vitals metric called Largest Contentful Paint.

This is how the proposal describes the improvement:

“Instead of lazy-loading all images and iframes by default, the very first content image (also considering featured images) or content iframe should not be lazy-loaded.

This is a more sensitive default than what the current implementation uses, that on average and at scale will result in better LCP performance out of the box, while keeping necessary bandwidth low.”

Lazy Loading and Largest Contentful Paint

Lazy loading is a way to speed up the perceived download of a page by delaying the download of web page elements such as images and iframes that are not needed at the moment.

Using lazy loading, elements like images that are not viewable in the site visitor’s browser screen can be delayed by using an HTML attribute called the loading attribute.

An image is a web page HTML element.

An HTML attribute is code that modifies an HTML element, like an image.

The loading attribute modifies the image, in this case, by telling the browser to delay downloading it.

The loading attribute tells the browser to delay downloading an image, freeing the browser to download more important page elements that are immediately viewable to the website visitor.

This makes the page interactive faster for the site visitor.

Largest Contentful Paint (LCP) measures how fast image and other elements download in the site visitors viewport (the browser screen that the visitor sees).

An image is usually coded in HTML like this:

<img src="example.jpg" alt="example text">

Adding lazy loading is a simple matter of adding the lazy load HTML attribute:

<img src="example.jpg" alt="example text" loading="lazy">

How WordPress 5.9 May Improve Largest Contentful Paint

The developer who published the proposal to improve LCP noted that as of WordPress 5.5 the core code added the lazy loading attribute by default to all images and iframes.

But that’s not ideal because the images at the top of the page, like logos and featured images, need to download in order for the web page to become usable.

WordPress implemented lazy loading like this because it had no way to accurately exclude the most important images from receiving the lazy loading attribute.

The reason is because all themes are coded differently and this kind of granular exclusion is best done by the theme developers for that reason.

While the current WordPress implementation of default lazy loading was not ideal, adding lazy loading in this manner is a clear improvement over not adding the loading attribute at all.

What’s being proposed represents a clear improvement as the test results listed below demonstrate.

How WordPress Will Improve Largest Contentful Paint

What the WordPress developer team is proposing is to exclude adding the lazy loading attribute to the first image or iframe in the code.

The developer tested this method on the top 50 most popular WordPress themes and discovered that adding it to the first image or iframe element provided an average improvement in the LCP Core Web Vitals score by an average of 7%.

The developer next tested how well LCP improved by adding lazy loading to two elements. The performance gains dropped by an average of 2%, making it clear that excluding lazy loading from more than one element did not improve LCP any better.

These are some of the findings:

“Omitting the first content image from being lazy-loaded resulted in a median LCP improvement of 7% (1,877ms compared to 2,020ms with current core behavior) and a median image bytes increase of 0% (368KB compared to 369KB with current core behavior). → Omitting the first content image clearly results in an LCP improvement while not noticeably regressing on image bytes saved.

Omitting the first two content images from being lazy-loaded resulted in a median LCP improvement of 5% (1,927ms compared to 2,020ms with current core behavior) and a median image bytes increase of 2% (378KB compared to 369KB with current core behavior). → Omitting the first two content images produces worse results for both metrics than only omitting the first one, i.e. it is better to only skip lazy-loading for the first content image, and therefore no additional tests with larger numbers of images not being lazy-loading are needed.”

New WordPress Lazy Loading Test Results

  • 5% of themes in the test group scored LCP scores that were 10% worse to as high as 21% worse.
  • 42% of the themes improved LCP scores from 10% to as high as a 33% better.
  • Testing revealed that the benefits were better for the majority of the tested themes.

According to the WordPress proposal:

“While the median LCP improvement across all themes is only 7%, there are larger notable wins for a significant number of themes, while notable losses are minimal.”

Googler Makes a Proof of Concept Plugin

A WordPress Core committer created a proof of concept (POC) patch in plugin form, presumably for debugging purposes and published it on GitHub.

It’s not an official WordPress plugin release so it’s not advisable to rush out and install it.

Official plugin releases are posted in the WordPress plugin repository.

When Will Refined Lazy Loading Arrive?

The timeline for the improved lazy loading behavior is currently set for WordPress 5.9.

WordPress 5.9 is currently set to be released in December 2021.

The proposal for the improved lazy loading feature is currently undergoing discussion and has so far met with a positive response in the comments.

So unless a currently unforeseen issue arises, it is very possible that improved Largest Contentful Paint scores may be coming to WordPress sites later this year.

Citations

Official WordPress Proposal Announcement
Refining WordPress Core’s Lazy-loading Implementation

WordPress GitHub Page for Lazy Loading Improvement
Omit Lazy-loading Attribute on First Content Image/iframe

Searchenginejournal.com

Keep an eye on what we are doing
Be the first to get latest updates and exclusive content straight to your email inbox.
We promise not to spam you. You can unsubscribe at any time.
Invalid email address

WORDPRESS

Credit Card Stealer Targets WordPress Payment Plug-Ins

Published

on

Credit Card Stealer Targets WordPress Payment Plug-Ins

Card Not Present Fraud
,
Fraud Management & Cybercrime

MageCart Operators Hide Infection in Legitimate Payment Processing Software

Image: Shutterstock

Hackers have repurposed credit card-stealing malware to attack WordPress websites that use a popular e-commerce plug-in to capture and steal payment card details, security researches warn.

See Also: LIVE Webinar | Stop, Drop (a Table) & Roll: An SQL Highlight Discussion

Attackers are deploying modified MageCart malware against WordPress websites that use the WooCommerce shopping cart plug-in, says website security firm Sucuri. WordPress plug-in developers Barn2 calculate that more than 40% of “all known online stores” use the plug-in.

An “overwhelming majority” of credit card-skimming malware that Sucuri finds on compromised e-commerce environments target WooCommerce. The modified MageCart injects PHP code into a plug-in file that facilitates the handling of payment data to Authorize.net, a popular Visa-owned payment gateway often used in conjunction with WooCommerce. The injected code checks whether web traffic from infected websites contains a string for payment card numbers. If it does, it dumps an encrypted copy of the card number into a .jpg file for later downloading.

“Dumping stolen credit card info to an image file is an old trick that we have identified attackers doing for quite a few years,” Sucuri writes.

The vulnerabilities in question don’t originate with WooCommerce or Authorize.net, Sucuri says, and instead highlight the importance of good website security.

The modified MageCart malware also injects JavaScript into the payment gateway code to capture data such as cardholder name, address, phone number and postal code – data that increases the value of stolen payment card data on the black market.

The malware emulates the WordPress Heartbeat API to evade detection, Sucuri says.
MageCart derives its name from its original target, the Magento e-commerce platform. Hackers have used it to breach British Airways, unsecured Amazon Web Services cloud storage accounts and jewelry chain Claire’s.

Sucuri says it found the modified MageCart malware after a client received a warning from their bank that their website had been identified as potentially compromised since cards used legitimately on the client website had later been used fraudulently.

“If malicious actors compromise an environment they can tamper with existing controls,” irrespective of a plug-in’s security controls, Sucuri says.



Source link

Keep an eye on what we are doing
Be the first to get latest updates and exclusive content straight to your email inbox.
We promise not to spam you. You can unsubscribe at any time.
Invalid email address
Continue Reading

WORDPRESS

WordPress force updates thousands of websites following WooCommerce security breach

Published

on

WooCommerce Storefront

Top website builder (opens in new tab) WordPress has pushed an urgent update to users with the WooCommerce add-on installed in response to a highly disruptive security vulnerability.

Cybersecurity researchers from GoldNetwork recently discovered a major flaw affecting WooCommerce Payments 4.8.0 and higher. WooCommerce is an open-source ecommerce WordPress plugin designed to service small and medium-sized businesses.

Source link

Keep an eye on what we are doing
Be the first to get latest updates and exclusive content straight to your email inbox.
We promise not to spam you. You can unsubscribe at any time.
Invalid email address
Continue Reading

WORDPRESS

Bluehost launches new commerce solutions for WordPress – ThePrint –

Published

on

Mumbai (Maharashtra) [India], March 24 (ANI/PRNewswire): Bluehost, one of the largest WordPress hosting providers in the world, today announced the launch of its new commerce solutions that make it simple for customers to launch their online stores and makes using WordPress easier by bringing together YITH plugins and WooCommerce. Addressing the need for a simple, convenient online selling solution for all, Bluehost’s new commerce solutions, bring together the power of WordPress, the versatility of WooCommerce and the elegant simplicity of YITH plugins to empower users to easily create online stores that truly stand out from the rest.

From a mobile-responsive eCommerce website to powerful connections with all the major online marketplaces, Bluehost’s commerce solutions enable users to sell products anywhere and everywhere confidently. The affordable all-in-one commerce solutions allow users to build a robust online store. Users can easily accept payments, sell across popular marketplaces, schedule calendar appointments, ship new customer orders, print labels, and add advanced features like GiftCards, WishList, Customer Account Page, and more. Site owners will save time and energy maintaining every aspect of their eCommerce business, all from one platform.

Bluehost’s commerce solutions make selling online easier and save customers hundreds of dollars by bundling enhanced plugins.

“We have so many customers around the world with unique needs and different levels of expertise building online stores,” said Ed Jay, President of Newfold Digital, the parent company of Bluehost and YITH. “With the launch of Bluehost’s new commerce solutions, our team is addressing the needs of small businesses looking for the flexibility and power of WordPress but want the experience of coming online and selling to be simple. The curated experience we are providing strikes the perfect balance of security, reliability, and functionality by taking the power of WordPress and putting it into the hands of users in a way that feels intuitive and native for each of our customers seeking to grow their businesses.”

Bluehost’s commerce solutions offer the functionality, and the perfect mix of tools, plugins and guidance online sellers need to start and grow their online business including:

– Easy Online Store Creation: Bluehost’s new commerce solutions come with an easy-to-follow onboarding experience. Answer a few simple questions and within minutes users will have the right foundation pages to launch their site. The guided onboarding experiences walks users through the set-up process for commonly needed features of an online store, like payment processing, tax information, shipping and managing product inventory. It helps customers launch further, faster by setting up their theme, fonts, top menu and homepage by assembling a custom design in a few simple steps.

– WooCommerce and Enhanced YITH Plugins: Both of Bluehost’s commerce solutions come with WooCommerce and enhanced YITH plugins. YITH is one of the largest sellers and developers of WooCommerce Plugins for WordPress, with nearly 2.3M active installs and more than 100 plugins that expertly solve critical eCommerce needs. Payment Processing, Gift Cards, Wish Lists, Appointment Bookings, Shipping, Product Search/Filtering and Customer Account Creation are included, providing users with everything they need to build an online store for a simple low price.

– Sales Across Multiple Marketplaces: Whether users are selling on Amazon, Etsy, eBay, Shopify, BigCommerce, or any other kind of marketplace, the Bluehost Online Store + Marketplace plan allows customers to manage their inventory from one centralized dashboard. This allows them to analyze which marketplace is the best place for selling their products, as well as keep track of inventory in real-time without having to log into multiple dashboards.

– Yoast SEO: The #1 WordPress SEO Plugin powering more than 13 million websites. Yoast SEO is made by world-renowned SEO experts and is packed full of features, designed to help visitors and search engines to get the most out of their website. Newfold acquired Yoast in August 2021.

– New WordPress eCommerce Block Theme “Wonder” Pre-installed: Take advantage of WordPress’s Block Editor with Wonder’s 24 patterns, focused on shops, and six different style variations. YITH, a leading global provider of WooCommerce plugins acquired by Newfold in March 2022, built Wonder leveraging their WordPress commerce expertise.

– Professional Services and 24/7 Expert Support: In-house Bluehost experts are readily available to help customers get online and support customers if roadblocks are encountered while creating an online store, via online chat or over the phone at 1800-419-4426.

For more information on Bluehost’s commerce solutions, including product features and details, visit Bluehost.in.

Bluehost is the leading web hosting solutions provider specializing in WordPress. Since its founding in 2003, Bluehost has been trusted by millions of people because it makes building, growing, and managing successful WordPress websites easy. Bluehost delivers a suite of WordPress solutions designed with the perfect mix of guidance, tools, and expertise to build a professional website. Bluehost is a part of the Newfold Digital family of brands. For more information on Bluehost, visit Bluehost.in.

Newfold Digital is a leading web and commerce technology company serving nearly 7 million customers globally. Established in 2021 through the combination of leading web services providers Endurance Web Presence and Web.com Group, our portfolio of brands includes: Bluehost, CrazyDomains, HostGator, Network Solutions, Register.com, Web.com, Yoast, YITH, and many others. We help customers of all sizes build a digital presence that delivers results. With our extensive product offerings and personalized support, we take pride in collaborating with our customers to serve their online presence needs. Learn more about Newfold Digital at Newfold.com.

Media Contact:

Paola Lorenzo

[email protected]

This story has been provided by PRNewswire. ANI will not be responsible in any way for the content of this article. (ANI/PRNewswire)

This story is auto-generated from a syndicated feed. ThePrint holds no responsibility for its content.

Source link

Keep an eye on what we are doing
Be the first to get latest updates and exclusive content straight to your email inbox.
We promise not to spam you. You can unsubscribe at any time.
Invalid email address
Continue Reading

Trending