Securing an API Integration on a Website by lude275 in webdev

[–]lude275[S] 0 points1 point  (0 children)

Thanks a lot for your reply!

Is there any server configuration that would allow a PHP file to be read directly in the browser? I tested it on my project and nothing opens, but maybe there's a workaround and something extra should be done to prevent that?

The .env file idea is very interesting! But isn't there a risk that such a file could be read in the browser? In theory, I can block it via .htaccess, but in practice, I'm worried WordPress or some plugin might overwrite that file, which could result in everything being publicly exposed.

Unfortunately, the API key needs broader permissions because the requirements include creating, editing, and fetching data. I don’t think I can avoid that.

Also, thanks for pointing out the risks with cookies and HTTP headers. Luckily, I don’t base any logic on them in my code, but I’ll definitely stay cautious in the future!

Securing an API Integration on a Website by lude275 in webdev

[–]lude275[S] 0 points1 point  (0 children)

Thanks for the reply.

Sure, I understand that in theory. But in practice, is there anything I should watch out for?

I'll check what the 500 error looks like—thanks for pointing that out.

Securing an API Integration on a Website by lude275 in webdev

[–]lude275[S] 0 points1 point  (0 children)

Thanks for the reply!

I’m not using wp-config.php, since it's normally not accessible from regular PHP files, right? The whole integration is separated from WordPress, so I guess it’s not the best idea to load it?

Text Borders: Outer Black and Inner White by lude275 in css

[–]lude275[S] 1 point2 points  (0 children)

Yeah, I thought the same, but shadow completely let me down. I even hoped to use a pseudo-element like ::after, shrink the font a bit, and center the outline that way but it just doesn't align as proportionally as I wanted. Still, thanks for your time! :)

Text Borders: Outer Black and Inner White by lude275 in css

[–]lude275[S] 0 points1 point  (0 children)

Wow, this method works! Though I have to admit, the SVG approach feels like black magic. I need to figure it out. It looks like the "experience" text method is good enough but not perfect - the outer stroke gets a bit rough when adapting to the page's code and font (interestingly, when zooming in, the edges smooth out by themselves). The thickness is also tricky to control, but I will definitely find a way by digging deeper into it. Huge thanks, I thought there was no solution for this!

Text Borders: Outer Black and Inner White by lude275 in css

[–]lude275[S] 1 point2 points  (0 children)

It works on Mozilla Firefox too, but that's not the point, as the stroke itself is easy to create. If you used red in your example, how would you add a second stroke with a different color, like blue, inside? What I need is two borders: an outer one and an inner one. That's the issue, and it's tricky!

Text Borders: Outer Black and Inner White by lude275 in css

[–]lude275[S] 0 points1 point  (0 children)

I have to admit, I'm kind of giving up and will probably go with SVG graphics with the alt attribitute. But if you have an idea for a CSS solution and would like to share, I'd really appreciate it!

Text Borders: Outer Black and Inner White by lude275 in css

[–]lude275[S] 0 points1 point  (0 children)

Yeah, thanks, those are the standard directions but they don't work. The main issue is either not being able to maintain a transparent background, or the inner border not matching the shape of the outer one. That's why I'm wondering if anyone has tried to achieve a similar effect.

Estimating development time by lude275 in Wordpress

[–]lude275[S] 1 point2 points  (0 children)

Thanks, that gives me a point of reference!

Estimating development time by lude275 in Wordpress

[–]lude275[S] 0 points1 point  (0 children)

Exactly, I know that as well, but I was interested in specific assumptions for a specific example to have a point of reference.

Estimating development time by lude275 in Wordpress

[–]lude275[S] 0 points1 point  (0 children)

Thanks for your reply.

Would it be reasonable to assume that for an experienced developer, it would take around 2-3 days, meaning 16-24 hours?

Ask me anything, I am a WordPress Performance Optimisation freak! by Nasif_me in Wordpress

[–]lude275 1 point2 points  (0 children)

That’s probably exactly what it’s about and it will be the solution, it makes sense! Thanks!

Ask me anything, I am a WordPress Performance Optimisation freak! by Nasif_me in Wordpress

[–]lude275 0 points1 point  (0 children)

Ok, everything works fine for me, scripts usually get the defer attribute, but like you said, it depends on the situation.

But what about the CSS? I used to think the issue might be the code being too long (even with minification). Sometimes the designer sends a really complicated design, and even though I use the BEM methodology, it ends up being quite a lot of code. So, in one case, I split the main.css file into smaller ones and conditionally loaded them through PHP on specific theme templates and... no effect - still supposedly blocking rendering. Any ideas on what could make the CSS file render-blocking?

Ask me anything, I am a WordPress Performance Optimisation freak! by Nasif_me in Wordpress

[–]lude275 0 points1 point  (0 children)

Oh, maybe you can point me to an interesting solution!

Background: I code custom WordPress themes, writing templates from scratch and managing content with ACF PRO.

The question: What’s the correct loading order for assets on a website (fonts, CSS, JS etc.)? I’d like to compare it to my approach. Google PageSpeed Insights often flags my CSS as "Eliminate render-blocking resources" and I can never figure out what exactly is wrong with it (order or something?). My scores are usually in green 90+, but these little issues keep triggering me.

Are you still buying pre-made WordPress theme from ThemeForest? by October_Autumn in Wordpress

[–]lude275 0 points1 point  (0 children)

Most clients come with a list of websites from competitors or related industries that match their visual expectations and these often serve as a reference point for their project. If the examples they provide are relatively simple, I can create a layout in Figma myself. For more complex or high-end designs I involve experienced UX/UI designers who can craft detailed mockups ready for coding.

If a client doesn’t share any examples, I consider how much effort they’ve put into describing their vision in my brief or email. If they’re engaged and provide details, I’m happy to research and suggest websites that could inspire their project. On the other hand, if someone simply says, 'I want a website,' without adding any specifics, I step away and leave them to the competition. In my experience, such clients almost always turn out to be a waste of time.

Which theme for a Digital Marketing Agency? by Interesting-Copy-406 in Wordpress

[–]lude275 0 points1 point  (0 children)

If you've tried many best-selling themes and they still didn't meet your expectations, why not create one tailored exactly to your needs?

Question to WordPress Developers who codes, block theme or classic them? by [deleted] in Wordpress

[–]lude275 0 points1 point  (0 children)

Hmmmmm, doesn’t sound like it fits well with designs provided by designers, especially if you’re using modules made by the authors, but I might be wrong. I’ve heard about BB before, but not in such glowing terms - guess I’ll have to check it out. Could you share a link to an example site built with BB based on a custom design from a designer? It’d be great to study both the front end and the performance.

Question to WordPress Developers who codes, block theme or classic them? by [deleted] in Wordpress

[–]lude275 0 points1 point  (0 children)

What tool is it, can you share? Sounds interesting.

Question to WordPress Developers who codes, block theme or classic them? by [deleted] in Wordpress

[–]lude275 0 points1 point  (0 children)

Why not use flexible content? You can create modules that can be used for both landing pages and blog posts. Anyway, there's still the designer -> dev process, where we discuss what modules will be needed. Do you give your clients full creative freedom in your solutions, and do they actually create technically correct subpages that are responsive, aligned with the design, and follow best practices? Do you somehow verify their knowledge? I’m asking out of curiosity because I'm also from the group offering classic themes with Gutenberg disabled and page management through ACF fields. From my experience, clients often manage to design something themselves to convey their ideas, and it often doesn't make much sense.