New Plugins: Events, Translation, & Photos

For your plugin pleasure, we’ve recently installed a few new tools based on site admin requests:

  • The Events Calendar – “Create an events calendar and manage it with ease. Packed with loads of useful features, The Events Calendar by Modern Tribe is ready to go right out of the box. It’s extensible, easy to use, and completely customizable.”
  • Weglot Translate – “With Weglot Translate, you can translate your site into a multilingual website with multiple languages in minutes without doing any code. Weglot Translate is totally SEO compatible.”
  • Google Photos Gallery with Shortcodes – “Use the plugin to display your Google Photo (Picasa) Albums on your WordPress blog. Using the shortcodes it is simple to embed a single album or all your albums. Display albums in grid view, list view or carousel.”

Why not Wix?

I hear occasionally from groups that are considering, or have already tried, using the heavily-advertised website hosting service “Wix”. It’s a tool, and if it works for you and your budget has the $150/yr (for the minimum plan), then it may be fine. I believe it’s important to have an independent website presence, apart from just a Facebook page or Twitter account, so in my book a Wix website is better than nothing.

However.

That is an expense, and not just this year, but for every year that anyone wants to keep that site going. And here’s where a big downside of their service becomes clear: you can’t take your site with you when you go. It’s called vendor lock-in, and it means that if you ever decide you’d rather host your site elsewhere, then you’ll essentially have to rebuild it from scratch.

From Wix’s own support article on “Exporting or Embedding Your Wix Site Elsewhere”:

Your Wix site and all of its content is hosted exclusively on Wix’s servers, and cannot be exported elsewhere.

Specifically, it is not possible to export or embed files, pages or sites, created using the Wix Editor or ADI, to another external destination or host.

This is a big reason I built Indivisible.blue on WordPress. It’s an open community, built on open source code, so it’s not only free, there’s also no vendor lock-in. You can export your entire site and move it to another WordPress provider whenever you want. Or if you already have paid WordPress hosting somewhere else, you can move it here, with minimal effort. And because WordPress is so common, open, and easy to work with, other website software often supports the WordPress export format, too (Squarespace is one example, Micro.blog is an even better one).

Don’t put all your web eggs in someone else’s proprietary basket if you don’t have to!

Enabling the Gutenberg editor

The release of WordPress 5.0 included an enhanced editor interface called “Gutenberg”. I updated the WordPress software to that version as soon as it was available, as always, but I worried that the sudden and fairly drastic change might catch some of Indivisible.blue’s many users off guard.

The solution, as usual for WordPress: a plugin! I installed the Classic Editor plugin, which kept the same old tried & true editor interface in place.

If and when site administrators are ready to switch over to the Gutenberg (aka “block”) editor, you can do that via selections under Settings -> Writing in your dashboard. As always, let me know if you have any questions!

screenshot of editor settings page

Computer Security Essentials for Campaigns (and others)

I saw this interesting post by technical entrepreneur and social critic Maciej Cegłowski recently: What I Learned Trying To Secure Congressional Campaigns. It’s a long account, though entertaining and informative, of his efforts traveling the country, teaching political campaigns about basic computer security practices.

As if getting campaigns to meet with you wasn’t hard enough, there’s also the problem of what to tell them.

The limiting reagent here is people’s mental capacity for hassle. You have to take pains not to burn through it. It is possible, with whining, to get a campaign to do one or two things. If you catch them early enough, and can visit them multiple times, maybe they will do a third thing.

If you work with or know anyone who works on campaigns, there’s a lot of good, first-hand insight there.

For much shorter checklists of items to consider, there are also succinct resource pages on the website of his organization, Tech Solidarity. In addition to security advice for Congressional campaigns, there are also basic security guidelines for activists and journalists, instructions for using U2F security keys, and more.

Caught up on some updates this morning, including WordPress 5.2.1 and a handful of minor plugin and theme releases. Also added a new site for a group in Michigan to kick the tires on!

Security Certificates Available for All Sites

This important feature has been available to sites for quite some time, but I’ve neglected to publicize it more: thanks to the excellent Let’s Encrypt project, any site on this network can be configured with a secure TLS certificate, free of charge.

A certificate like this is what lets browsers encrypt the data they send and receive with websites. You know it’s in use when the URL begins with https, and your browser also shows a lock icon in the address bar:

It’s an important level of protection for users, especially if they’re filling out forms or sending data to your site, and it’s even more important for administrators who are sending their passwords across the web.

If you want this feature but don’t have it yet, or if you have any questions, just contact me via this form or email!

And We’re Back

…and ready to try to post more regularly here. I’ve spiffed up the theme and tidied up the details of what this is about. Though the network continues to proudly host sites for many groups, this site has looked abandoned for too long. Will I stick to posting better than I did with the three (3) “weekly updates” I posted through all of 2017? Follow along to find out!

I’ve become more and more concerned about the power that the giant, corporate social networks have over our lives, information, and discourse, and will probably tend to post about that. For example, this TED talk about Facebook’s role in Brexit:


And if you’re interested in that, her behind-the-scenes account of giving that talk is also fascinating:

In the theatre, senior executives of Facebook had been “warned” beforehand. And within minutes of stepping off stage, I was told that its press team had already lodged an official complaint. In fairness, what multi-billion dollar corporation with armies of PRs, lawyers and crisis teams… wouldn’t want to push back on the charge that it has broken democracy?

Facebook’s difficulty is that it had no grounds to challenge my statement. No counter-evidence. If it was innocent of all charges, why hasn’t Mark Zuckerberg come to Britain and answered parliament’s questions? Though a member of the TED team told me, before the session had even ended, that Facebook had raised a serious challenge to the talk to claim “factual inaccuracies” and she warned me that they had been obliged to send them my script. What factual inaccuracies, we both wondered. “Let’s see what they come back with in the morning,” she said. Spoiler: they never did.

Two-Factor Authentication Available for All Sites

This has been in place for a while, but I neglected to announce it widely: two-factor authentication is now built in and available to every user of every Indivisible.blue site. Setting this up adds an additional level of security to keep someone from logging in as you. (Here’s a good article explaining two-factor authentication, if you’re not familiar with it.)

To enable this for yourself or Indivisible.blue users you administer, start at the “Users” section of your WordPress dashboard. The list there includes a new column that shows whether two-factor is enabled for each user.

To change the settings, click “edit” for a user, and then scroll down to the “Two-Factor Options” section. I recommend using “Time Based One-Time Password (Google Authenticator)” method, as well as generating backup codes, if you have a secure place to store them (like a password manager). The Google Authenticator app can be installed on your iPhone or Android phone and is easy to use.

If you have any questions or run into any problems, as always, let me know via the contact form or on Twitter: @IndivisibleBlue.

Sept. Update: This Network is Now Free

Yes, this project is still a going concern, and yes, it’s easier to say “I’ll write an update every week” than it is to actually do that. But rest assured, software updates and backups have been running right on schedule, regardless of posting regularity.

The news I wanted to share with you is that hosting Indivisible group websites on this network will now be provided free of cost. That has been the case from the start, thanks to an early, generous donation and modest expenses. But I’ve decided to make it official, and permanent: Indivisible.blue is free.

From the start of this project, I wanted to make sure it would be sustainable over the long years ahead of fighting the Trump/GOP agenda. If dozens or hundreds of groups signed up, I didn’t want to be on the hook for hundreds of dollars each month. But now it’s clear that growth in the number of sites has leveled off, and everything is still running fine on a $10/month server. I can live with that. (Though I’m still happy to accept your help if you care to chip in: see the financials page for donation details).

So to all the people who I awkwardly tried to describe the possible, maybe, semi-kinda-sorta estimated price, based on server costs divided by the number of sites based on the phase of the moon – I’m happy to say it’s much simpler now. And you don’t need to worry about the bill-collectors coming to collect $1.28 next month.

And to any new folks: come on in; it’s not too late. We have plenty of room to grow, so get in touch.

#Resist!

Learning WordPress

Here are some recommendations for sites, books, and courses to help you get going and make the most of your WordPress site on Indivisible.blue. Suggestions and contributions always welcome!

Note: If your site is hosted here, you can skip info about finding a hosting company, installing WordPress, and registering a domain; we take care of all that for you.