- The new image format you should be using now
- A new way to build your WordPress website (it’s the future of WordPress)
- Vulnerabilities and security issues we must deal with
WebP image format
We’ve been used to jpeg images on websites for what seems like forever. With the right compression, images can be reasonably small and still look good.
But there’s a new kid on the block. Actually, not that new. The WebP format was announced by Google in 2010 and then very slowly gained support. Because it’s not enough to have a new, cool image format. Browsers and mail clients have to support it. That’s been the main holdup.
As of mid-2022, 97% of browsers and email clients are compatible with WebP.
WebP will likely be the default for images in an upcoming version of WordPress.
According to the feature proposal, image conversion will be automatic inside WordPress and may offer user defined options for which images/sizes to convert.
Why the need for another image format
In 2010 when WebP was first announced, images on websites were still mostly on the small side. Because connections were slower and we wanted small image files that loaded kind of fast.
In 2022, websites use large images. Full window images in many cases. Images that even when carefully compressed result in large files. So it makes sense to switch to an image format that can deliver the same quality in about 30% smaller files.
Since we use more images and larger images today, that size difference quickly adds up.
If you use an image optimization plugin on your WordPress website, check that the plugin works well with WebP. If not, consider looking for one that does.
If you don’t have an image optimization plugin on your WordPress site, you could carry on as usual. Eventually WebP conversion will be part of WordPress core. At which point you will want to make sure any preferences for image processing are set to meet your needs.
All new websites should be using WebP out of the gate, since it’s now the de facto new standard for efficient images on websites and in email.
With most conversion happening on the website (currently in a plugin, in the future also in WordPress core), the change may not make much or any difference for how you get images ready for your website.
On the other hand, if you want to use WebP in an email or on a website that doesn’t include any image processing, you’ll need to be able to optimize and save WebP files in your image editing software.
Final takeaway: It’s not about what image format you upload to your website. It’s about the format those images are in when delivered to your visitors’ browsers. At that point, WebP will often deliver a smaller, faster loading image than a jpeg at the same quality. That’s what counts.
WordPress keeps adding features to whole site block editing
Block editing for posts in WordPress was introduced in December 2018. I was an early adopter, because I quickly discovered that the new blocks, even though still a work in progress, meant that I could format, final edit and publish a new blog post in 1/3 the time it used to take. With higher accuracy for catching typos and formatting issues.
Since then, block editing for posts has kept improving, constantly adding more refined and capable blocks and ways of styling those blocks. As a result, I haven’t built a website in years using anything other than blocks to do layout and formatting for the entire blog area. That includes the gallery of posts, archive and category pages, search results page and of course the single post page layout.
Pages built with blocks contain less code than the same page layout built using a page builder. As a result they load faster, which makes both website visitors and search engines happy.
Full-site editing and blocks
Earlier this year, WordPress rolled out full-site block editing. Meaning you can now build the entire website using blocks. No page builder required. Again, that means leaner code and pages that load faster.
Because full-site block editing is so new, it’s still maturing. In my client work that means I determine the best way to build each page individually. Sometimes I use a page builder. Sometimes the layout is created just as easily with blocks. For a growing number of pages I use a combination: The page builder formats some of the content and blocks add other content.
By a year from now, I fully expect to be using blocks only to build even the most complex page layouts.
What does full-site block editing mean for your website?
Since full-site block editing is the future in WordPress, new websites take advantage of it from the start. I wrote an article, Future-Proofing WordPress: 2 Key Components outlining how to do that.
Themes as we’ve known them, with defined page layouts that we could add content to in designated places and do some changes here and there to the layout or styling are now definitely history.
Page builders (Beaver Builder, Elementor, Divi to name a few) are about to become history. As I noted, I still use a page builder for many pages on a new website. But that will become more rare as full-site block editing matures and I can readily create complex layouts with blocks, ending up with a page that loads faster.
It’s an exciting time for creating uniquely styled websites in WordPress that are also easy to manage and update.
Website vulnerabilities and security concerns
Summer may bring a change of pace for many things, but hackers and security threats never take vacation and seemingly never sleep either.
I subscribe to regular reports of WordPress and plugin vulnerabilities. Lists that are seriously long. Just this week I got a long list of plugins with vulnerabilities that haven’t been fixed yet. It’s bad enough to be notified that a plugin you use has an issue, but a patch is available to fix the issue.
It’s really serious when there’s no fix for a known issue.
At that point, there’s really only one option: Turn off the plugin in question and remove it from the website. Disabling a plugin is not enough, since the code remains on the website, ready to be attacked. That’s why a plugin that can’t be patched with a fix, must be fully removed.
Unfortunately, all too often I see websites with 10, 20 or even more updates available. For WordPress core and to plugins. That’s like parking your car in a bad section of town and leaving the keys in it. Having done that, don’t be surprised if you come back to an empty spot. Somebody will see the opportunity and act.
It’s the same way with websites: Leave code un-updated and eventually some bad actor will capitalize on the vulnerabilities.
Protecting your website with a security plugin is a must
For the same reason, every WordPress website should have a security plugin installed and properly configured. It’s an effective way to keep hackers and other intruders out, data secure and website working, so your customers and clients can find you.
We are also seeing an increasing number of intrusion attempts that are not from bots, but from humans somewhere in the world who will actually go to websites and fill out forms or try to log in. It’s a testimony both to the effectiveness of automated spam protection measures such as reCaptcha and the value bad actors can gain from getting access to even small websites. There’s money in it. So we must protect ourselves.
The threat level online has been heightened all year long. No indication that the threats will go away. So be proactive and protect your website now.
A new image format may not sound like a big deal and your website isn’t going to explode or disappear if you ignore WebP. But given that we use more and larger images on our websites for visitor engagement, WebP is welcome, since smaller files load faster. That makes for happy site visitors.
Full-site block editing may sound confusing and it’s tempting to keep going with your WordPress website using the old tech stack. But any new or redesigned WordPress site should use or be ready for full-site block editing. Because it’s the future. More flexibility for layout, less code, faster loading pages. Pretty soon, we’ll all wonder how we ever got along without it.
“My site is so small. Nobody would bother hacking it” Too many website owners try to hide in obscurity. Ignoring website security. But hackers don’t care about site size. They attack vulnerable sites. It’s that simple.
2 things that can make your site run faster, which visitors will love, and one thing that can ensure it stays safe and online. Which visitors also really like.
Never miss out!
Get an email update every time I publish new content. Be the first to know!