A Photographers & Visitors Guide & Timeless Stories

Posts tagged “WP Workarounds

WordPress Changes 2016 and 2017 – Accessing the Old System

bell-and-crossPreamble

Accessing the Old System

Much of the old system still exists.  For example the older and better “Classic Editor”, Dashboard, older Stats page, Post/Page Lists etc (see below).  It is only the links from the new system that have been withheld.  I presume, to give the appearance that the new system is preferred.

Any attempt to remove all access to the older, and generally preferred system, will surely be seen as a destructive act of belligerence against customers by WP. 

The new system, which uses Rest-API (Application Programming Interface ⇐), makes “apps” programming easier, provides remote access and records a lot of information about our activities as bloggers. The information collected is potentially profitable as a saleable item. Perhaps that is why WP are so keen to force it on us.  Allowing the old system to co-exist would probably mean replicating it using API.  More about API and WordPress ⇐. 

I don’t suppose that anyone would have minded the new API system if they hadn’t made such a hash of it.

Accessing the Old System

Please pass it on to any who might find it useful.

Two methods:-

1. Login to the Dashboard by using:-

https://yourblogname.wordpress.com/wp-admin/

Just copy the above to a notepad, replace yourblogname with your own blog name and then copy the result to your address bar (overwriting or deleting its current content) and then click on Go or Enter.

Example using my blog name. address-bar

or :-

2.  Thanks to a comment by notewords.wordpress.com, one can click on “WP Admin” at the bottom left of the new Stats Page and start from there.

Either way, your dashboard should then open and it is possible to use the left side menu to access all the old system, including a very old version of stats.  

Do bookmark/favourite your Dashboard for ease of future use. .

dashbard-1.

The left side menu can be expanded to text, or slid back to icons, by using the lowest arrow button of the menu.

The menu includes the original Post Editor (Add New),  Posts List (All Posts) etc.

.

.

.

.

.

.

.

dashboard.

There is also access to a very old Site Stats.

.

.

.

.

.

.

.

.

.
dahboard-menu.

By using the right hand mouse button, any link can be opened in a new tab.  More ↓.

.

.

.

.

.

.

.

.

I found it helpful to open a number of menu items in new Tabs and then bookmark/favourite for ease of future use. One can even create a Browser Folder of useful bookmarks, for each of one’s blogs, and use them as a custom menus. 

One can log in to any part of old system by using the relevant Bookmark.

Always open the Reader in a new tab, to avoid getting trapped in the new system. 

Using Bookmarks is very helpful if you find yourself trapped in the new system. It will also be helpful if WP start removing more links.

If you would like to make your views known about recent changes (and the more comments the better), the forum link is:.

https://en.forums.wordpress.com/topic/stats-feedback/page/2?replies=52

All logged in WP bloggers have the right to use it.

About changes to the WP Reader ⇐.


WordPress Changes – Behind the Scenes

bell-and-cross1. Behind the Scenes

The recent changes are not just about the appearance on mobile phones. There is further enterprise involved and perhaps the real reason for being so stubborn and rash in it’s implementation.

The following applies to any WP hosted blog and any using Jetpack.

A system known as Rest-Api is being installed. The system plants a Rest-Api cookie bundle on your computer. The new user-interface does not work without it.

The Rest-Api system provides:-

  • Easier Application Programming
  • Publicly available access to your posts/comments/likes. There is nothing new there, except that some further information is provided (e.g. the ID’s of visitors).
  • If you give permission, remote access to your blog/image-library for the purposes of allowing a service (e.g. a printing company) to download content.
  • If you give permission, remote access by a developer. Access may include your statistics, the ability to create/edit/delete posts and whatever else you provide permission for.

2. Public/Limited Access to Our Blogs

You might try clicking on some of these (I’ve kept it to the 4 most recent). Each of these will open in a new Tab. You can change the Blog name and you don’t have to be logged in to your account in order to use them. However, Private and Password Protected are not shown unless you are logged in and add “&status=any”. Note: Pretty=1 makes it readable.

Revealing my 4 most recent posts, or for whichever blog is named.

https://public-api.wordpress.com/rest/v1/sites/freedfromtime.wordpress.com/posts/?number=4&pretty=1

Revealing my 4 most recent comments received, or for whichever blog is named, with information about the commenter.

https://public-api.wordpress.com/rest/v1/sites/freedfromtime.wordpress.com/comments/?number=4&pretty=1

Revealing my 4 most recent Likes recieved, or for whichever blog is named, on a post with information about the Liker. The Post ID for this is “1” (my About page but may not be the same for you). Otherwise you will need a Post ID which can be obtained from the first link.

https://public-api.wordpress.com/rest/v1/sites/freedfromtime.wordpress.com/posts/1/likes/?number=4&pretty=1

Further content is available, when logged in and/or for a developer who has a Blogger’s permission. (see Section 3).

2.1 What’s the problem.

This does provide further information such as numeric ID’s for Blog, Post, Author and Comment relating to yourself and your visitors and, it seems, slows normal access.  Added to this, the design and function are generally considered as inferior to the previous User Interface.

2.2 A Greater Concern

One might consider this point a breach of security. Usually half the battle for a hacker is knowing one’s Log-in name/User name. With WordPress one’s Display name is often the same as one’s Log-in name/User name. However some have wisely hidden there User name behind a different Display name. The above Links publicly reveal any hidden Log-in/User name.

3. Full Access to Our Blogs

With a bloggers permission, a remote service provider (e.g. printing company) or developer may have a limited or complete access to your site using the Rest-Api system. That access relies upon a new cookie bundle “public-api.wordpress.com” on your browser. None of the new UI (Stats, Editor and Notifications) will work without it. However, unless you are adept at cookie management, I don’t recommend trying this. One can lose the ability to comment/like on other blogs if one cannot fully restore cookies.

The full range of Gets (view) and Puts (create/change), available with a Bloggers permission, can be found by clicking here ⇒. Full access can include Private and Password Protected.

Some Gets (as with the links above) are available to anyone.

A developer console here ⇒ provides extended access when logged in to one’s account or for a person who has the blogger’s permission. When using the developer console; to see the full return, click on the bottom left arrow of the brief return.

3.1 The Possible Problems

3.1.1 Security

Access is acquired using OAuth2 authentication. That method has been entirely disavowed by the lead author, who has removed his name from all specifications. His main concerns seem to be that, whilst OAuth1 was a protocol, OAuth2 is a framework that includes many musts and must-nots and requires an unusually high level of expertise to make secure. To read his post click here ⇒. An extract below:-

“To be clear, OAuth 2.0 at the hand of a developer with deep understanding of web security will likely result is a secure implementation. However, at the hands of most developers – as has been the experience from the past two years – 2.0 is likely to produce insecure implementations.”

He also wrote “When compared with OAuth 1.0, the 2.0 specification is more complex, less interoperable, less useful, more incomplete, and most importantly, less secure”.

3.1.2 Business Worth

Being able to store images from a mobile phone/tablet, upload them to WordPress and then download them to a service provider might be of use to some. However, serious photographers and/or those creating company literature (e.g. pamphlets, brochures etc) are more likely to upload higher resolution images directly to a printing company.

Most of us, if approached by a developer who wants access to our site, would likely respond with disinterest.

E-commerce companies might want to make use of a developers services to compete. But, if they’ve got any sense they will use in-house services provided by people who have a deeper knowledge of their company’s business and dedicated to it.

3.1.3 Business Loss

I believe that the new User Interface has been so badly implemented as to deter users in the new enterprise.

Existing customers have suffered considerable and pointless nuisance.

It has been shown that it takes less effort to keep existing customers than acquire new ones.

WP Reader Changes ⇐

WP Changes – Accessing the old system ⇐