Posted on

So You’ve Been Hacked! How to Clean Up a Hacked WordPress Site

You visit your WordPress site and, wait a minute…it looks different. There were some changes made that you didn’t create yourself. So, you go to log in to take a peek around and fix the issues. However, it’s not letting you log in. Uh-oh. It looks like your WordPress site was (gulp!) hacked.

As concerning as that is, take a deep breath, relax, and know that there’s a path to get your website back into your control from hackers. And we’ll break it all down for you in this article.

Along the way, you’ll see how to resolve many hacking issues for free with the help of our WordPress security plugin, Defender.

I’ll be going over:

Plus, there’ll be some resources to prevent this from happening in the first place.

After reading this article, you’ll be able to be prepared for any hackers, know how to handle an attack, get your site under your control in no time — and breathe a sigh of relief.

Reasons Your WordPress Site was Hacked

All websites are susceptible to hacking, not just WordPress sites.

WordPress, in fact, is quite a secure platform. So, just because you’re using WordPress isn’t the only reason you might become a victim.

The thing is, WordPress is so popular that WordPress sites are frequently the target of hackers. There are just many WordPress sites worldwide, making the odds go up.

With that in mind, why do sites get hacked?

Hackers have their reasons. It could be because they want to use your WordPress site to attack other sites. Or, possibly the hacker has malicious intentions, like stealing personal data.

There’s a multitude of objectives why sites get hacked. Sometimes, it’s just a fun activity for a hacker to do on a Sunday afternoon while sipping on a mocha.

And it’s done in many ways, too.

It might just boil down to someone having your WordPress admin username and password. Or, it might be that you have insecure web hosting, which makes your site vulnerable to hacking attempts.

Plus, if your site is vulnerable, it’s more prone to attacks.

Here are several reasons why your site may have been targeted:

Weak Passwords: Most brute force attacks rely on weak or easily guessable login passwords (e.g. passwords related to names, places, birthdates, or mobile numbers).

Incorrect File Permissions: File permissions consists of a set of rules used by your web server. They assist your web server control access to files on your website. If you have incorrect file permissions, it can give a hacker access to change your files.

Outdated WordPress Theme or Plugins: If you have an outdated theme or plugins, they’re frequently littered with security flaws and bugs, making your site vulnerable.

WordPress Isn’t Updated: It’s vital to keep your WordPress up-to-date. What’s important to know is WordPress releases new updates for a reason. New versions of WordPress fix security issues and bugs.

All this goes without saying if you have a WordPress site — you can be hacked. However, with adequate prevention, it’s more likely to avoid hacking attempts and keep your site safe.

For more information about keeping your site secure, check our article on ways to secure your WordPress site for free.

Signs You’ve Been Hacked

As I mentioned in the introduction, you may notice things aren’t right. After all, it’s your website, and you’re used to how it looks and functions — so you catch on quickly when things look weird.

Sometimes, it’s harder to catch that your site has been hacked (e.g. malicious code); however, the signs are usually pretty clear.

Dev Man in front of a hacked computer.
It’s clear to Dev Man that something’s not right.

Here are some sure signs that your WordPress site was hacked. There’s also a quick explanation of why this may have happened, along with the reasons.

  • Your Site Redirects to Another Site: A redirect can occur when a hacker adds a script that redirects people to another site when they visit yours.
  • You Can’t Log In: Before jumping to conclusions about being hacked, make sure it’s not a matter of you just forgetting your password. If you conclude that forgetting your password is not the case, a hacker may have changed your password to prevent access or removed your account.
  • Sudden Drop in Traffic: This can happen if malware and trojans hijack your WordPress site’s traffic and have it redirected. Traffic drops also occur if you end up on Google’s blocklists, which can be the case if your site gets hacked.
  • Your Site was Changed: Change of a homepage to a static page links to unsavory sites, or a footer with links that you didn’t add, are all good signs of hacking. Site changes can happen if a hacker gains access to your admin. Be sure to check with any administers that have access to your site to confirm that they didn’t make the changes themselves.
  • Bad Links Added to Your Website: Same as your site being changed, this can happen if a hacker gets access to your admin.
  • Unknown File Scripts: If you find this, it could mean your website was compromised by a hacker who added malware or some other malicious software. This can happen if your website is susceptible to attacks (e.g. outdated, insecure theme).
  • Suspicious User Accounts in WordPress: Your site may be compromised, and a hacker created a new account in the admin. If you have a registration option on your site, be sure to double-check that to ensure it’s not just a user. Typically, a hacker account will have an administrator role.
  • You Get Notifications from Defender: Our answer to security, Defender, will give you detailed security reports and lets you know about suspicious activity. If some red flags occur, you may have been hacked.
  • Slow or Unresponsive Website: A DDoS attack can cause this. Check out this article to learn more about how and why they occur.
  • Google Gives a Warning that Your Site May be Hacked when Searched: Google may display a warning sign when your site is searched. This might be an indication that your WordPress sitemap has been hacked.

If you’ve noticed one or more of these signs and feel like your site may have been hacked, it’s crucial to take action as quickly as possible. Let’s take a look at what to do next.

13 Things You Can Do Once You Know You’ve Been Hacked

There are several steps you can take once you believe you’ve been hacked. Keep in mind that some of these steps may not be necessary. It all depends on what kind of attack from a hacker occurred.

These steps should give you a clear path, regardless of attack, on ways to get back in control of your WordPress site as quickly as possible.

  1. Don’t Stress: It’s essential to relax and be as clear-headed as possible when fixing a hacked site. Meditate, have a moment of Zen, or do whatever you can to try not to stress out about the situation. It’ll more than likely be okay, and you need to focus on getting things fixed.
  2. Reinstall WordPress Core: You might need to reinstall WordPress if the WordPress core files were compromised. A new installation will replace them. You can read more about reinstalling WordPress in this article.
  3. Reinstall Plugins and Themes: If you updated your plugins and themes and are still experiencing issues, delete them, and then have them reinstalled. If you question whether the plugin or theme is secure, be sure to investigate how updated it is and use your best judgment on whether to continue using it. If it was a free plugin or theme, you might want to reconsider installing it and opt for a premium version or an updated plugin or theme from the WordPress plugin or theme directory. Bottom line: make sure whatever theme or plugin you reinstall is updated, safe, and won’t be the cause of any security issues.
  4. Backup Your Site Immediately: A premium plugin like Snapshot Pro is an easy way to backup your site. Just ensure you have it backed up before tackling any hacking issues.
  5. Locate What Was Hacked: Do a rundown of the issue(s) and determine what the hack is (see the list above).
  6. Put Your WordPress Site in Maintenance Mode: To ensure visitors don’t see your site in a compromised state, put your site in maintenance mode with the help of a plugin like Branda. Of course, if you can’t log in, this can’t be possible. When you can log in again, and there’s still some cleaning up to do, then put it in maintenance mode at that time. Also, in some cases, it’s better if the site is turned off completely to prevent any access. That way you can avoid running any PHP code. For example, if the malware runs code on each WordPress load, putting it in maintenance mode won’t change a thing, as visitors might still open the site and the maintenance mode still triggers a WordPress load. Therefore, you end up cleaning and the code is getting re-added, which leads to a never-ending cycle.
  7. Contact Your Hosting Company: Good hosting companies can help determine the situation and advise. For example, they might be able to tell you where the hackers found their way in from. If you host your site(s) with us, we offer 24/7 customer support to assist with any hacking issues, including cleanup for infected sites.
  8. Contact Support: If you’re with a website support management company, it might be best to contact support before proceeding with DIY repairs, depending on the level of hacking. Like with our hosting, we have 24/7 support for all WPMU DEV members and can guide you through what’s best to do in your situation. Contacting support is good to do early or if you try to fix the issue independently and can’t.
  9. Reset Your Passwords: If you can access your admin, change all of your passwords. This ensures that a hacker can’t use your password if that was how it gained entry. Choose a strong password for your login, and reset the SFTP, database, and hosting password with your provider as well. Also, consider limiting the number of login attempts, and enabling two-factor authentication.
  10. Update Plugins and Themes: Ensure that all of your plugins and themes are up to date. It’s vital to tackle this before trying other fixes. If it’s a plugin or theme that’s the culprit, any other fixes you may try may be undone by the vulnerabilities.
  11. Remove Users: Search your users in the WordPress admin and remove any users you don’t recognize.
  12. Get Rid of Unwanted Files: Our plugin, Defender, can scan for files that may be from hackers. It’s important to remove these corrupt files as quickly as possible (more on this to come). Just be sure they are unnecessary files before deleting them.
  13. Clean Your Database: You’ll want to clean this up if your database was hacked. This will ensure that you have less stale data and aren’t taking up a lot of space, which in return will make your site faster.

Following some of these necessary steps will help you get your site back in no time from the grasp of a hacker that wreaked havoc on it.

That being said, it can’t be emphasized enough to make sure that you know how to clean up your website the right way after a hacker attacks it. The goal of cleaning up your site after an attack is to get it back the way you had it, so you don’t want to wreck your site trying to do it yourself if you’re not sure how.

If you have any questions on what to do, it’s important to contact support or get in touch with a professional.

How to Clean a Hacked WordPress Site with Defender

Luckily, depending on the type of hack, a lot can be done with our free security plugin, Defender. He’s been mentioned already several times throughout this article, and here’s a detailed look at what he can do after an attack.

This section is a four-step guide if it appears malware may be the cause of the hacking.

Here are the steps we’ll be taking:

  1. Scanning for Malware in One-Click
  2. Deleting Infected Files
  3. Running Another Scan
  4. Setting Up Notifications and Schedule Automated Scans

Keep in mind that Defender works as a great preventative measure as well, so you don’t get hacked in the first place. To get a glimpse at what all he can do, be sure to read our article on getting the most out of Defender.

If you were hacked, let’s check out what you can do to clean up the mess with Defender.

1. Scan for Malware in One-Click

To determine if malware might be an issue with your website, the first thing to do is scan WordPress’s core files for malicious code.

That’s done from Defender’s dashboard by tapping New Scan.

A new scan in Defender.
The blue New Scan button will get things moving.

It will be just a few moments for Defender to check out your site’s core files for malware.

A new scan in Defender.
Defender looks on as he actively scans for malware.

If any issues are detected, Defender will let you know how many were found.

The number of malware scan issues.
It looks like Defender found a few things that could be wrong.

Please note that the free version of Defender will scan WordPress’s core files. If you want him to scan other areas, you’re able to with Defender Pro. Defender Pro’s additional scanning includes:

Plugins & Themes: Plugins and themes are scanned for known, publicly-reported vulnerabilities.

Suspicious Code: Crank-up scanning a notch by scanning all site files for suspicious PHP functions and code.

Since we detected some issues, let’s get them taken care of.

And for more on scanning your WordPress site for malware, check out this article.

2. Delete Infected Files

After a scan, you can easily find all of the issues that Defender spotted in the admin’s Issues section.

Here, Defender discloses the issue. He will tell you detailed and specific information, including:

  • Issue Details: A brief description of the issue and a snippet of code
  • Location: Where the issue’s file path is located
  • Size: The suspicious file’s size
  • Date Added: This shows the date and time that the code was added to the WordPress site.

You then have the option to Delete or Ignore the code.

If you want to get rid of the issue immediately, you can in one-click by hitting the Delete File button.

suspicious code in Defender.
Delete the code in one-click.

If you decide to delete the file, it will be deleted permanently. The bad code will no longer be a problem.

Plus, you can delete things in bulk if there are numerous issues.

Bulk actions in Defender.
Take care of a lot of issues in one click.

Wiping-out bad code can’t get much easier after a hacker attacks your site.

A note of caution: It’s important to be 100% sure that something is harmless before deleting and/or ignoring it. Contact one of our experts 24/7 if you’re unsure or need advice.

Please read our article about finding and deleting suspicious code with Defender for more detailed information.

3. Run Another Scan

If you deleted suspicious code from your site, just like you ran a scan the first time, do it again to ensure that all of the issues are taken care of.

4. Set Up Notifications and Schedule Automated Scans

Ensure that you stay on top of any hacking activity by setting up notifications and automated scans in Defender. It’s easy to do and one of the most effective ways to know if you’ve been hacked.

In the Notifications section, you can configure what notifications you want to enable, add recipients for the notifications, schedule reports, and configure reports.

You can set up the Notifications for:

  • Security Recommendations
  • Malware Scanning
  • Firewall

And you can set up Reporting for:

  • Malware Scanning
  • Firewall
  • Audit Logging

Enable notifications individually or in bulk.

Choose what notifications and reporting you want: Individually or in bulk.

Set up users you have in your admin, or invite by email, that you’d like to receive notifications.

Where you add recipients to get email notifications.
Add as many users as you’d like.

You can schedule Security Notifications to be delivered daily, weekly, or monthly.

Where you schedule a scan.
In this example, it’s set for monthly.

When it comes to Reporting, customize the frequency, day of the week, and time to deliver reports.

Where you schedule notifications.
This report will get delivered to recipients Sundays at 4 AM.

You’re now set up to be aware of malware hacking issues and immediately take care of them.

There’s a ton more you can do with Defender when it comes to security, such as setting up a firewall, IP lockouts, and two-factor authentication.

Getting Your Site Off of Google Safe Browsing List

Once you have your site back in your hands and cleaned-up from any destruction a hacker caused, it’s essential to make sure you’re not on Google’s Safe Browsing List. If you are, it’s vital to get off it.

Luckily, it’s quick and easy to do. There are six main steps to take

    1. Begin by signing-in to Google Webmaster Tools.
    2. Add your WordPress site if you haven’t already.
    3. Follow Google’s instructions and verify your site.
    4. Select your site on the Webmaster Tools home page.
    5. Click on Site status, and then Malware.
    6. Click on Request a review.

After you submit a request to have your site reviewed, the timeline for the review to be processed varies depending on what type of attack you had. Here’s a look at the different timelines for review process times:

Hacked with Spam: Several weeks

Malware: A few days

Phishing: A day

Once Google determines that your site is clean, warnings from browsers and search results will more than likely be removed within 72 hours.

If your site request wasn’t approved, be sure to reassess your site for malware, spam, or any modifications that may have been caused by a hacker. Then, you can always submit it again for review.

Cleaning Up

You wake up and go to your website’s URL. After taking a look around, it’s perfect. Everything is in order, and there’s no evidence of a hack anywhere. Whew! It looks like you cleaned-up the hacker’s mess, and you’re protected a bit better now.

Hopefully, it won’t happen, but if a hacker does attack again, you’ll be ready to move quickly and get your site back with ease. With plugins like Defender and the tips mentioned in the article, the process of getting your site back into your control usually isn’t as daunting as you might think.

We have a lot more information about cleaning up your site after a hacking. After all, it can leave a mark. It’s not as simple as grabbing some rubber gloves and stain remover to make your site nice and shiny again.

Be sure to read our article How I Cleaned Up My Site After it Was Hacked and Blocklisted, and Have You Been Hacked? How to Clean Your Site and Get Off Google’s Blocklist.

Also, this is #SecurityMonth, so you can currently get 35% off your first year of our Security & Backups Pack featuring Defender Pro, Snapshot Pro, Shipper Pro, and Automate to help clean up your security. Click on the coupon below to unlock the exclusive deal.

35% Off Security & Backups Pack

With what we’ve mentioned in this article and our other resources, you should have your WordPress site clean in no time.

Posted on

What Makes Up the Backbone of Website Development

Developing a website isn’t much different than building a house. In order to do so, experts in engineering, design/architecture, project management, creative, and development must work together to understand and achieve specific goals.

First, let’s discuss the three critical phases of website development that get us to the point of development and theming. While the importance of these phases is sometimes overlooked or discounted, each step is crucial to the success of your website and marketing efforts. Overlooking or underplanning in the initial phases of website development will lead to a mediocre website at best, or even complete failure to achieve your business goals.

Posted on

3 Serverless Strategies to Look for in 2021

If you had at least one chance to attend business and technologies conferences recently, you probably saw lots of DevOps strategies, Agilist, and DevSecOps engineers around the digital transformation track. No matter what business you work in, it’s no secret that DevOps is a big trigger to craft new companies. It is also used to optimize existing resources, from the IT infrastructure to workflow processes and cultural changes.

While I was moderating several tracks (i.e. serverless) at KubeCon + CloudNativeCon North America 2020, I had a chance to catch a very interesting trend around DevOps. The trend was more interest in cloud-native application development than deployment and provisioning with certain cloud platforms on Kubernetes. Kubernetes was unleashed upon the world back in 2014. Since then, IT ops organizations have benefited from orchestrating immutable application runtimes with service invocation and discovery, autoscaling, and resilience by using Kubernetes. In the meantime, application workloads also need to move forward to serverless functions and event-driven reactive services, along with the DevOps platform, which is a key ability to manage multi and hybrid cloud infrastructure.

Posted on

Integrating OpenLDAP With Camunda in Windows

In this article, we'll see a working example of OpenLDAP and its integration with Camunda using Camunda Distribution so that you can easily check it in your local setup and then use these concepts take it further to higher environments in your project.

Prerequisites

To test OpenLDAP integration with Camunda in your local windows machine, you need to have below tools/software which we will be using for our use case. 

Posted on

Step-by-Step Guide: Application Using NestJs and Angular

Just a few days before Christmas, I came along the NestJs framework. I always wanted to give NodeJs development a try, but the idea of a JavaScript backend seemed to keep me away.

NestJs is a framework for building Node.js server side applications and supports Typescript. Since almost all my experience is with Angular and NestJs provides an out-of-the box application architecture heavily inspired by Angular, it seemed like all the boxes were checked and I had to give it a try. For more information, please visit NestJs Official Documentation.

Posted on

My Design Thinking Experience

Hello, people!

Do you know about design thinking? If your answer is no, you should at least Google and learn about this approach to development. In this article, I want to share my experience with it and my ideas about it.

Posted on

What Does Being Cloud-Native Mean for a Database? [Webinar Sign-up]

Different cloud-native technologies and methodologies – including containers, Kubernetes, microservices, and service meshes – are all being used by organizations today, particularly enterprise developers and DevOps teams, 90% of which say cloud-native is somewhat or very important. As development and DevOps start to become "cloud-native," the database should too. But, what does being cloud-native mean for a database?

Learn how Couchbase maximizes cloud-native technologies' advantages by natively integrating using the Couchbase Autonomous Operator to deliver a geo-distributed database platform, providing a hybrid, multi-cloud database solution for organizations. Couchbase Autonomous Operator enables developers and DevOps teams to run Couchbase as a stateful database application next to their microservices applications on a Kubernetes platform, which frees organizations from cloud vendor lock-in and supports hybrid and multi-cloud strategies.

Posted on

Managing Multi-Channel Selling in the Magento 2 Store

Introduction 

Magento 2 eBay has prospective buyers eager to buy something and, being the most popular online marketplace, it is filled. If you have the desired goods with preferable conditions, you will increase revenue dramatically with the help of this new channel.

Though we consider Magento 2 eBay to be an international online auction, there is a multinational e-commerce organization behind it. The marketplace itself facilitates C2C and B2B sales through the world-famous web site. Founded in 1995, eBay is now a multi-billion dollar corporation with activities in almost 30 countries.

Posted on

Reload Your Brain After Coding

There is one notable fact about the Nintendo Wii U console that can be shocking content for many readers. On November 18, 2012, at the time of launch, this console was the most powerful gaming console in the world. In this status, she existed for almost a whole year. Another thing to think about is that 2012-2014 is the golden time for console games. The developers have learned how to squeeze all the juices out of iron; the picture, the plot, the elaboration of the world were perfect. And, all these games went straight to the new promising console. The starting lineup for the Forgotten Console was shocking. And, the best lineup is ever available at the start.

Today, I wanted to tell you about the best games that most PC users have not played yet. All these games are worthy of attention even after 5 years after their release. I don't see why you don't start playing right after reading the article; just check out Nintendo Wii ROMs at the ROMs Planet website. Below are my own favorites that I recommend. 

Posted on

Custom Layouts Plugin Creates a Posts Display System for Both the Classic and Block Editors

Ross Morsali, via his brand Code Amp, released the Custom Layouts plugin last week. The plugin’s goal is to provide a visual post layout builder for users of both the block and classic editors.

For end-users, this is yet another choice between the multitude of plugins for displaying posts. After years of new plugins launching in this space, it would seem that there would be a clear front-runner, but developers are still trying to tame this wild and complex feature. The Custom Layouts plugin has its own approach, and it is worth giving it a quick spin to see if it suits you.

I have written extensively about the upcoming Query block and its role in the future of WordPress. However, it is necessary to look at alternative solutions for displaying posts via the block editor. The Gutenberg development team should take note of the things that work and those that do not.

For developers, the plugin is a noteworthy experiment that uses the block editor component system outside of the actual editor. Custom Layouts uses these various components on its custom Layout and Template Editor screens.

The plugin is a product of Morsali learning React and the block system in the last year and a half. “Working with Gutenberg and the Block Editor as a developer is a far superior experience to the old paradigm (the classic editor) — the learning curve is definitely greater, but once you get over the hump it seems the future is bright,” he wrote in the plugin’s announcement post. “I also love the fact that we don’t actually need to be using the Block Editor to use Gutenberg components — that means we can still build what we want and how we want it (providing we’re using React), whilst keeping the UI in tune with the rest of WordPress.”

How the Plugin Works

Template-editing screen from the Custom Layouts WordPress plugin.
Template editor screen.

Custom Layouts takes a different route than similar plugins, splitting its components into different screens. The terminology can be confusing to the uninitiated. The plugin introduces two parts that serve as the foundation of its system:

  • Templates: Handles the design of individual posts.
  • Layouts: Controls queried posts and their layout.

I have had a beta version of the plugin since late December. This has given me three weeks to decide whether I like the approach. On the one hand, the plugin caters to two different user bases. One set can implement their layouts via the Custom Layouts block. Those on the classic editor can use the Layout Editor screen. Both share the Template Editor.

Custom Layouts block in the WordPress editor.
Creating a three-column grid layout.

The plugin’s system is a good option for users of the classic editor. It comes with a visual interface they would otherwise not have. It also provides a shortcode for easy copying/pasting into the post editor.

For users of the block editor, having a separate screen for the template builder will likely feel unnatural. Because the block editor is a visual interface itself, the multiple screens create a disjointed atmosphere that never feels right.

However, there is a solution for that in the plugin. I recommend users skip the Template Editor and Layout Editor screens altogether. The Custom Layouts block serves as an alternative layout builder in the block editor. Plus, users can edit existing templates via a popup overlay or even create new ones without ever leaving the post-editing screen.

Popup overlay for editing templates in the WordPress block editor.
Overlay for editing a template.

Building everything from the post editor feels like it should feel. Users get more of that instant feedback that they are accustomed to through the block editor.

There are benefits to the multi-component system. Separating the template builder means that users can build and reuse a specific design from a single source. They can also update individual templates, which will subsequently apply to all uses of those templates across the site.

The other benefit is that end-users are not overloaded with choices. Building a query-related block, widget, shortcode, or similar component is fraught with complexity. This is because there are three pieces of laying out a list of posts: the query to load them, the overall layout, and the design of the individual posts. Putting options for each of these pieces into the block inspector, for example, means creating a balance between sacrificing some choices and providing every possible setting to the user. This balancing act is what drove Morsali toward separating the components of the plugin.

On the whole, Custom Layouts is a solid plugin. The downside is that there is a little bit of a learning curve because it serves two audiences. Users will need to figure out which workflow best suits them first. Once they figure that out, the plugin is pretty nice to work with.

Posted on

How To Add Interactive Content To Your WordPress Site

How To Add Interactive Content To Your WordPress SiteMillions of blog posts are published every single day on the WordPress platform alone. Standing out through your run-of-the-mill text article isn’t exactly easy. Integrating interactive content in your strategy for 2021 could be rather necessary to increase audience engagement. A Demand Gen study on content preferences found that B2B buyers are increasingly relying on […]

The post How To Add Interactive Content To Your WordPress Site appeared first on WPExplorer.

Posted on

Life with ESM

ESM, meaning ES Modules, meaning JavaScript Modules. Like, import and friends.

Browsers support it these days. There is plenty of nuance, but as long as you’ve dropped IE, the door is fairly open.

Before ESM, the situation for JavaScript projects was:

  1. We’ve got packages we need to use from npm.
  2. We’ll install them from npm ahead of time with our package.json, npm install and whatnot.
  3. We’ll write import statements that are invalid ESM for some reason (developer convenience, I guess) and assume we’re importing packages from a local node_modules folder.
  4. Our bundler will know what to do with those invalid imports.
  5. This is all OK, because word on the street is that bundling is still required for performance, and it does other stuff we want anyway, like run Babel and friends.

Now that we can count on ESM more, the story is shifting somewhat, and all of those things are being questioned.

  • What if we didn’t have to npm install?
  • What if we don’t need a bundler?
  • What if performance is fine, between HTTP/2+, global CDNs, browsers doing fancy things, etc.?
  • What if maybe we shouldn’t be compiling code so much because we’re down-compiling too much?

We’re seeing next-generation tooling that leans into all that. Snowpack 3 was just released and look at this:

That React (with JSX), being written just as it normally is, and there was no npm install, no node_modules directory, and no build step. But, still a dev server and reloading. So light. Very refreshing.

I just listened to a recent Toolsday episode where Una and Chris chatted with Jason Miller about WMR, which I hadn’t heard of until then. It feels very spiritually similar to Snowpack/Skypack. With WMR, you get to use npm packages without having to install them, or write with things like JSX, TypeScript or CSS Modules, and get a bunch of dev conveniences, like a server, hot reloading, etc.

Something is clearly in the water here, and I think that something is a leaning into ESM.

Even on the Node.js side, ESM is happening. Here’s Sindre Sorhus, who has over 1,000 npm packages(!):

At the end of April 2021, Node.js 10 will be end-of-life, which means that package maintainers can target Node.js 12. This Node.js version has full support for JavaScript Modules, also known as ESM.

He’s planning to move almost all of those 1,000 packages to ESM in 2021. Not a “dual” setup where you output multiple different formats… just ESM, and he’s encouraging everyone to do the same. I would think this momentum toward direct ESM usage in the browser builds heavily when the npm ecosystem is doing the exact same thing.

And when you do need to bundle because, say, something on npm isn’t yet ready for ESM, then next-gen bundlers are getting smoking fast.

The post Life with ESM appeared first on CSS-Tricks.

You can support CSS-Tricks by being an MVP Supporter.

Posted on

The Bitcoin Blockchain Explained

Bitcoin is the world’s first and most popular digital currency. It is decentralized and controlled by no one. How does it work, and why can you trust it? After all, if computers can copy any file, why can’t I just make copies of my bitcoins? And if it is not controlled by any one central party, what prevents me from making or forging transactions for bitcoins I don’t own? This article will explain in layman’s terms how Bitcoin works and provide information on how the technology backing Bitcoin can be used for business use cases beyond simply a digital currency.

Bitcoin works by solving three record-keeping challenges without the need for a central record keeper like a bank:

Posted on

Ping a server on a VPN network.

Hello All,

I've only just started to develope some code in VB.net and i have very little experience in it and some of the "instructional" web pages are very confusing to my dyslexic mind.

The scenario is as follows: -

I am connected to a server via VPN, but the connection speed to the server is kind of erratic. The CAD software I use in my day job, is quite processor hungry/dependent and sometimes the CAD software will stop working as it processes work/commands. Sometimes the issue is not the CAD software, but the latency of the VPN connection (this is not at my end, but the server connection). When the CAD stops working, I start a command prompt window and ping the server and get something like the following.

Ping.jpg

I would like to do something similar in vb.net.

I have a user form with a button on it to ping the cad server and this works and I can get a single result.

This uses the following code (which I have borrowed from somewhere):

    Private Sub OnePingCadSvr_Click(sender As Object, e As EventArgs) Handles OnePingCadSvr.Click

        Dim host As String = "0.0.0.0"
        Dim pingreq As Ping = New Ping()
        Dim rep As PingReply = pingreq.Send(host)
        Dim SingleRoundtripTime As Long

        Console.WriteLine("Pinging {0} [{1}]", host, rep.Address.ToString())
        Console.WriteLine("Reply From {0} : time={1} TTL={2}", rep.Address.ToString(), rep.RoundtripTime, rep.Options.Ttl)
        PingHost.Text = "Reply From: " & rep.Address.ToString()
        PingHost.Refresh()
        PingRoundTrip.Text = "Round Trip Time: " & rep.RoundtripTime & "ms" ' & rep.Options.Ttl
        PingRoundTrip.Refresh()
        System.Threading.Thread.Sleep(1500)

    End Sub

If I try to run this 4 times in a FOR loop, the round trip time is exactly the same time for each iteration of the loop i.e. If I get 27ms for the first iteration, it will be the same value for the remaining iterations, whereas manually repeating a single ping, 4 times, I get slightly different speeds (as I would expect) and more inline with the cmd ping.

It almost feels like I need to reset something before each iteration of the FOR loop starts, but I dont have a clue.

I have tried using google and I've gone through lots of different web sites and not come up with a solution, this is mainly because I don't really understand the syntax

Can anyone help?

I also realise that my code is probably not the best, but Im trying to learn as I go.

Thanks in advance, Steve