Informational One Pager providing a guide for chefs or restaurateurs to read before considering a new supplier. Fun touch with the falling emojis in both the foreground and background. Also the rotating book covers on hover is neat!
React’s popularity shows no sign of waning, with the demand for developers still outstripping the supply in many cities around the world. For less-experienced developers (or those who’ve been out of the job market for a while), demonstrating your knowledge at the interview stage can be daunting.
In this article, we’ll look at fifteen questions covering a range of knowledge that’s central to understanding and working effectively with React. For each question, I’ll summarize the answer and give links to additional resources where you can find out more.
The virtual DOM is an in-memory representation of the actual HTML elements that make up your application’s UI. When a component is re-rendered, the virtual DOM compares the changes to its model of the DOM in order to create a list of updates to be applied. The main advantage is that it’s highly efficient, only making the minimum necessary changes to the actual DOM, rather than having to re-render large chunks.
JSX is an extension to JavaScript syntax that allows for writing code that looks like HTML. It compiles down to regular JavaScript function calls, providing a nicer way to create the markup for your components.
Take this JSX:
<div className="sidebar" />
It translates to the following JavaScript:
React.createElement(
'div',
{className: 'sidebar'}
)
Prior to React 16.8 (the introduction of hooks), class-based components were used to create components that needed to maintain internal state, or utilize lifecycle methods (i.e. componentDidMount and shouldComponentUpdate). A class-based component is an ES6 class that extends React’s Component class and, at minimum, implements a render() method.
Class component:
class Welcome extends React.Component {
render() {
return <h1>Hello, {this.props.name}</h1>;
}
}
Functional components are stateless (again, < React 16.8) and return the output to be rendered. They are preferred for rendering UI that only depends on props, as they’re simpler and more performant than class-based components.
Functional component:
function Welcome(props) {
return <h1>Hello, {props.name}</h1>;
}
Note: the introduction of hooks in React 16.8 means that these distinctions no longer apply (see questions 14 and 15).
When rendering out collections in React, adding a key to each repeated element is important to help React track the association between elements and data. The key should be a unique ID, ideally a UUID or other unique string from the collection item, but which can be an array index as a last resort:
<ul>
{todos.map((todo) =>
<li key={todo.id}>
{todo.text}
</li>
)};
</ul>
Not using a key can result in strange behavior when adding and removing items from the collection.
props are data that are passed into a component from its parent. They should not be mutated, but rather only displayed or used to calculate other values. State is a component’s internal data that can be modified during the lifetime of the component, and is maintained between re-renders.
If you try to mutate a component’s state directly, React has no way of knowing that it needs to re-render the component. By using the setState() method, React can update the component’s UI.
As a bonus, you can also talk about how state updates are not guaranteed to be synchronous. If you need to update a component’s state based on another piece of state (or props), pass a function to setState() that takes state and props as its two arguments:
this.setState((state, props) => ({
counter: state.counter + props.increment
}));
Continue reading 15 React Interview Questions with Solutions on SitePoint.
Keeping your website secure is something every website owner worries about. And for good reason: if your site is hacked or goes down, you could lose business.
WordPress used to have a reputation for being insecure. But these days, it's no longer true. Some of the world’s largest brands, including major news corporations and government departments, use WordPress for their websites. They wouldn’t use it if it’s not secure.
But WordPress is open source software, which means anyone can access the code. And that means hackers can try to identify vulnerabilities and exploit them. Luckily the WordPress community is on top of this, and security updates are released regularly to fix any vulnerabilities. So as long as your site’s up to date, you have less to worry about.
In this post, I’ll show you some ways to make your site more secure. I’ll include best practices for security and show you how to make your site less vulnerable to hackers.
Let’s start with some best practices.
Before you start installing security plugins or tinkering with your wp-config.php file to make your site more secure, there are some simple best practices you can follow to enhance security in your WordPress site.
These are:
Let's take a look at what each of these means.
Using strong passwords is the simplest and one of the most effective lines of defense against hackers. You should always use passwords that include a combination of letters, numbers and special characters, and make sure other users on your site do so too.
You can check your passwords on the How Secure is my password? site to find out how long it would take an automated system to crack your password. The password I use for my site would take 16 billion years to crack, so I don’t think there’s much chance of anyone guessing it.
You can also force other users of your site to use strong passwords using a plugin like Force Strong Passwords. Alternatively if you have Jetpack installed, you can force strong passwords using that plugin.
Another simple but very effective way to keep your site safe is to ensure it’s up to date.
Some WordPress updates are to introduce new features. Others are to fix bugs. But plenty of them will add security patches, and you want to make sure your site has those.
Make sure you update your site whenever the dashboard tells you to, and diarize to check it regularly. This applies to themes and passwords as well as to WordPress itself.
Alternatively, you can install a plugin that will manage and automate updates for you. The Easy Updates Manager plugin lets you choose which themes and plugins to keep updated and will run a regular check for you and run updates.
If you do automate updates, make sure you take regular backups of your site in case an update causes problems.
When you’re choosing themes and plugins, it’s important to only install ones that you are confident will be free of bugs or malicious code.
With free plugins, it’s a good idea to only install plugins and themes you find in the theme and plugin directories (which you access via your WordPress admin). These themes go through quality checks so you can be confident they’ll be well coded and free of any malicious content.
If you choose to buy premium themes and plugins, make sure you buy them from reputable vendors like CodeCanyon and ThemeForest. Ask other WordPress users and look in forums for recommendations.
If you’re ever tempted to download a free plugin from anywhere other than the theme or plugin directory, stop to check the source carefully first. If the provider is offering the plugin for free and hasn’t submitted it to the official directory, ask yourself why they might be doing that. There’s a chance they could be doing it because they want to introduce vulnerabilities to your site or at the very least insert spammy content or links.
Explore thousands of the best WordPress themes ever created on ThemeForest and leading WordPress plugins on CodeCanyon. Purchase these high-quality WordPress themes and plugins and improve your website experience for you and your visitors.
When choosing your hosting provider, take the time to find a reputable provider who will provide guarantees about security and uptime. A dedicated WordPress hosting provider like Siteground will be able to help you with any security issues you might have, and will take steps to keep their servers secure.
The hosting plan you go for will also have an impact on security. The cheapest hosting plans are cheap because they have hundreds or thousands of clients and websites on a server. The more people using that server, the more opportunities there are for introducing security problems.
So before you go with that ultra-cheap hosting provider, ask yourself if it might cost you more in the long run.
For secure hosting, take a look at SiteGround. It comes with an easy installer, free support, and automatic updates. We're happy to be able to offer a huge discount of 70% off self-managed WordPress hosting, thanks to our partnership with SiteGround.
The theme editor, or visual editor, is a screen in your WordPress admin you can use to edit the code in your theme.
It might look like a really handy way to tweak your code, but it has some serious risks attached to it. When you edit code using the theme editor, the old version is not backed up. You have no way of rolling back your changes if you do something that breaks your site or introduces vulnerabilities,
If you want to edit the code in your theme (or create a child theme to modify your theme, which is better precise), then you should use a code editor and SFTP.
You can disable the theme editor by adding two lines of code to your wp-config.php file:
define( 'DISALLOW_FILE_EDIT', true ); define( ‘DISALLOW_FILE_MODS’, true );
That way you and other users of your site won’t be tempted to use it to make quick tweaks that could cause you big problems.
Note: only modify your wp-config.php file if you’re confident doing this sort of thing.
It’s good practice to keep your site backed up regularly. This way, if your site is hacked or it breaks after an update, you have a recent version you can restore.
Install a backup plugin and set it to automatically back up your site as least as often as you update the site. So if you’re adding to your site every day, back it up every day. That way, if you do have to restore the most recent backup, you won’t lose much content.
The same goes for automatic updates: if your updates plugin is running updates every day, you should also back your site up every day.
If you’re editing and uploading files to your WordPress site (eg. theme and plugin files), then it’s important to do this in the most secure way you can.
Using SFTP instead of FTP means that that the files will be encrypted before you upload them. So no one can access them while you’re transferring them to your site or downloading them to your computer.
This is particularly important if you do this kind of work on a public network, such as coffee shop Wi-Fi. Ideally, you should avoid using public Wi-Fi to manage the files in your WordPress site, but in reality we’ve all had times when we’ve needed to upload a file urgently and can’t wait till we get back to a more secure connection.
A good hosting provider will provide SFTP as part of their service—ask them to tell you how to access it and set up keys for use when transferring files to your site.
Adding SSL to your WordPress site means that the https:// at the beginning of the domain name will be replaced by https://.
Adding SSL to your site is free with Let’s Encrypt and will give you two benefits:
You can install a free SSL certificate with Let’s Encrypt, either via your hosting provider’s dashboard or by using a plugin. See our guide to SSL to find out how to do it.
If you want to have ultimate control over security in your site and monitor it for any problems, then it’s a good idea to install a security plugin.
Security plugins will monitor your site for downtime or security breaches and email you if there are any problems. They’ll also let you configure security settings to harden your site and make it even tougher for hackers to get in.
There’s a range of free security plugins available via the plugin directory, but if you want extra protection, it can be a good investment to install a premium plugin. This way you get access to advanced features like enhanced firewall protection, IP and country blocking, and help getting your site back online off it’s hacked.
You can learn more about security plugins a lesson from my free course on Essential WordPress Plugins: Why You Need a WordPress Security Plugin and Some of the Options
You can also sign up to a security service like Sucuri that will monitor your site and help you fix it if it’s hacked or goes down. This can seem expensive—but if your site is breached, the time you will save and the potential business you might lose will make it worth your while.
Cloudflare is another service that was initially designed to help boost website performance, but also has a security service that will monitor your site, help you keep it secure, and fix it for you if it’s hacked. This is a good option if you also want to take advantage of Cloudflare’s content delivery network, which will help your site run faster.
Keeping your WordPress site secure is an essential part of website management. If your site was to be hacked or break after an update, you could lose hours or maybe days fixing it. And if you have to pay someone to fix it for you, that can be expensive.
If you follow the tips above, you’ll be able to protect your site from the majority of security risks and rest easy in the knowledge that your site is running smoothly and not being hacked. How far you decide to go and how much you can spend on security will depend on your site and your budget, but you should certainly use secure passwords and keep your site updated as a bare minimum.
Here are a few of the best-selling and up-and-coming WordPress themes and plugins available for 2020.
.jpg)
