4 Reasons to Use a CDN for WordPress

The Internet and any client has a need for speed; that much everyone already knows. But why is this so important for your WordPress site, and why should you use a CDN for WordPress to help with your site’s loading times?

You’ve probably seen the 3 second loading time chart many times. It, and countless charts just like it, are everywhere.

There’s a reason for that though – page loading time can massively affect conversions; it’s as simple as that. And what are most WordPress sites aimed at, ultimately? I know that my sites are all focused on somehow making money. Whether they’re affiliate sites or service-based websites, they’re all aimed at converting!

If loading times affect conversions, then fixing issues with speed is a good thing to do.

Here are four reasons that you may want to use a CDN for WordPress sites that you build or manage.

1. Your Site Will Load Faster with a CDN

This is one of the strongest selling points of setting up a CDN for WordPress.

One of the biggest speed killers for your website is distance. Specifically, the distance between your hosting server and the visitor’s browser. Whilst the size of your page makes a real difference, the distance the content has to travel can definitely be the largest bottleneck in website loading speeds.

Ideally, your visitor needs to be as physically close to the hosting server as possible.

Unfortunately, setting up a hosting server at a location which is physically close to any one particular visitor is all but impossible — unless you are setting up a CDN, that is.

The very idea of a Content Delivery Network (CDN) is exactly that. A CDN’s primary purpose is to set up as many servers as possible in different geographical locations, such that anybody who hits the service is as physically close as possible to one of the locations.

Have a look at the following image from CloudFlare which explains the concept perfectly, this shows the Cloudflare network powered by 165 data centers around the world:-

You can see that there are many CDN server points. In this manner, all visitors, in any location in the world, are always served content from a location which is (relatively speaking) near to them.

Hosting static content on a CDN network is the closest you can get to creating a global hosting setup for your website.

2. Your Website Will be Safer with a CDN

The next reason why a CDN is essential for your website is security.

Did you know that more than 51% of the web’s traffic actually comes from bots rather than humans?

The worst thing about it is that above 29% of web traffic comes from malicious bots.

That means your website is constantly under a deluge of bad bot traffic. If you’ve ever taken a look at analytics data, or used a security plugin like WordFence, you’re already aware of this fact.

These bots are constantly probing your site for vulnerabilities. If you slip slightly in your security efforts, if you have not chosen a good WordPress host, or if you miss a WordPress security update or a plugin update, rest assured your site will soon be suffering the consequences.

Most CDNs are able to identify and block bad bots rapidly, making your site safer when plugged into a CDN. The collective knowledge gained by the network can be used to prevent attacks on your own sites.

3. Your Site is Protected Against Traffic Based Attacks with a CDN

I’m sure you’ve been stuck in traffic at least a few times in your life. I know I have. Getting stuck in traffic is a waste of productive time and money.

The same concept applies to your website.

However, it’s even worse when somebody purposely sends an overwhelming amount of traffic to your website.

In a Distributed Denial of Service (DDoS) attack, an army of compromised web servers or computers (or even IoT devices) are recruited to send so much traffic to your website, that your legitimate users unable to access it.

If your website is the lifeline of your business, a DDoS attack can literally bring your business to a standstill. Regardless of whether you’re on a shared hosting server or a dedicated server, your website won’t be able to keep up with the flood of traffic.

The same concept used by a CDN to make your website fast, can also work in your favour by absorbing malicious traffic over a global network of servers fronting your website.

Most CDN implementations use the concept of reverse proxy to serve your website. The reverse proxy will be the CDN server network.

This means that your website’s visitors will hit the CDN server closest to them before they hit your site’s actual server.

In this manner, any malicious traffic is intercepted before it actually gets to your server. CDNs have intelligent algorithms which are able to identify malicious DDoS traffic and kill it.

Incapsula, MaxCDN, KeyCDN, CloudFlare and most of the top players all have support for mitigating traffic-based attacks.

4. Faster Web Design and Development

When you’re creating a WordPress site which is meant to be fully optimised for performance, you’re going to have to perform a number of additional implementation steps.

You’ll be looking for an image optimisation plugin, a content minification and combination plugin, a static and dynamic content caching plugin, and other tools to fully optimise the WordPress website. While it may be possible that one or two plugins are able to actually serve most of your optimisation needs, you’ll still need to perform additional testing to ensure the plugins are able to operate correctly.

Personally, I’ve found that optimising with various plugins is a nightmare of epic proportions.

CDNs are actually able to perform all of the above mentioned optimisations in one fell swoop. Image optimisation, dynamic file compression, static and dynamic content caching are all built-in into the CDN.

Coupled with that, there are other optimisations such as Custom Content caching rules to fix any problems with specific plugins on your site.

Most of these performance optimisations are going to be hard to achieve with your typical WordPress plugin.

Such stuff as session reuse optimisation (particularly for HTTPS websites), TCP Connection pre-pooling and rapid purging all improve the optimisation.

Other improvements such as improving the SSL/TLS handshake process would not be something which the typical developer would be capable of optimising by themselves. Having this completely handled by the CDN gives a significant boost, particularly to HTTPS websites, which unfortunately take a hit in performance when enabling HTTPS.

All of these above optimisations decrease the design and development time with the website whilst pushing the performance envelope as far as it can get.

A CDN catering for all of the above will drastically reduce the time spent on optimisation.

Conclusion

Speed is typically the most obvious benefit of using a CDN that people will mention over and over again.

While the website loading speed is a critical component, and an essential justification for setting up a CDN, this should not be the only selling point.

The other points mentioned, particularly performance, security, protection and better optimisation are just as important as website loading speed.

At the moment, we use CloudFlare CDN for our web sites. We customise the settings for our clients to give their web sites the best possible results in terms on SEO and Site Speed.

It’s good to share

Install SSL Certificate on Apache via SSH

SSL stands for Secure Sockets Layer. It is used to secure the connection between internet browsers and Web server or websites by transferring the encrypted data rather than plain text. You can secure the HTTP connections by installing an SSL certificate. Installing an SSL certificate will allow for https:// connections instead of the standard http://. There are two types of certificates.

  • SSL certificate issued by the Certificate Authority (CA)
  • Self-Signed SSL certificate.

The main difference between these two types is that for a Self-Signed certificate, no third party is verifying the identity information of the Website and hence it is not trusted by any of the web browsers. So, accessing the website with self-signed SSL will prompt Untrusted Connection and you’ll have to Confirm Security exception manually. This is something users wouldn’t like to do. This is where SSL certificates verified by a CA comes into play. The CA verifies the website identity information and also provides CA Bundle (for browser compatibility). So these connections are accepted by almost all the browsers.

For installing SSL certificate (both types), we need to generate Private Key and CSR (Certificate signing request).

1) Generate Private Key On The Server

OpenSSL is the open source SSL package that comes along with most of the linux distros. Make sure openssl package is installed.

We are generating private key with openssl command as shown below.


openssl genrsa -des3 -out www.domain.com.key 2048

This will prompt a password, when you enter the passphrase and hit ‘Enter, the key file will be generated in the present working directory and the file name will be ‘www.domain.com.key’, where domain is name of the domain that you enter when the key is generated.

2) Generate Certificate Signing Request (CSR)

After generating your private key, you need to generate a CSR (Certificate Signing Request). You can easily create that with openssl command.


openssl req -new -key www.domain.com.key -out www.domain.com.csr

Few questions regarding the website identity will be asked and this will be checked by the certificate authority.

CSR will be generated in the present working directory with the file name ‘www.domain.com.csr’. Here is the screenshot of the CSR file.

3) Create SSL Certificate

After generating Private key and CSR, you need to create the SSL certificate. Now is where the difference come into play.

For a CA verified cerificate you need to provide CSR and Private key to the Certificate vendor. They will provide a CA verified certificate file (.crt file) and you can install it. But for a Self-Signed certificate, you need to generate the certificate manually.

Generating Self-Signed certificate
Certificate file will be generated with private key and CSR encoded in it. All the information for in the Private key and CSR will be encoded in the .crt file. Command is given below.


openssl x509 -req -days 365 -in www.domain.com.csr -signkey www.domain.com.key -out www.domain.com.crt

Certificate file will be generated in the present working directory as ‘www.domain.com.crt’, please note that domain.com is my domain name in this example and it should be replaced with the actual domain name. Here is the generated .crt file

To install this certificate for a website, you need to create a new VirtualHost for the domain name because SSL is using a different port and not the common port 80. SSL port is 443. So Apache will be listening to both 80 and 443 for the non-encrypted and encrypted data respectively. Or, you can create a separate conf file, in /etc/httpd/conf.d directory and then ask Apache to refer the said directory with ‘Include’ directive as shown below.


Include conf.d/*.conf

Now, add the below given code either in the VirtualHost or in the separate configuration (eg: ssl.conf) file created in the /etc/httpd/conf.d direcory.


SSLEngine on
SSLCertificateFile /path_of_crt_file/www.domain.com.crt
SSLCertificateKeyFile /path_of_key_file/www.domain.com.key

This will tell apache to refer the .crt (certificate) file and .key (Private key) file for SSL encrypted connection.

4) Restart Apache

Final step is to restart Apachge service for the changes to take effect.


/etc/init.d/httpd restart

You can verify the SSL setup by just loading your website with HTTPS, eg: https://domain.com

If your website is loading with https, be sure you have SSL installed for your website.

Of course, if that all looks too much then you can just get us to install your SSL certificate for you. Or you can purchase a low cost SSL certificate and we will do everything for you end to end. Simply contact us at

It’s good to share

How to get a free SSL Certificate & why Google is forcing you to

Did you know that a site with an SSL certificate will both improve your search engine rankings and it will also offer your visitors better security! Something you may know is that you can actually get an SSL Certificate free of charge (no strings attached!).

SSL certificates secure your website and boost its rankings in Google. And now, thanks to services like Let’s Encrypt, you can actually get a free SSL certificate for your website.

You read that right, all of the benefits of SSL and none of the costs!

So what is an SSL Certificate?

Have you ever noticed how sometimes websites start with “http://” and then sometimes they start with “https://” and have a green padlock? If you have, you’ve seen the end result of an SSL certificate. But what you haven’t seen is what goes on behind the scenes.

SSL stands for Secure Sockets Layer. Essentially, SSL establishes an encrypted link between your web server and your visitor’s web browser. This ensures that all data passed between the two remains private and secure.

With an unsecured HTTP connection, third-parties can snoop on any traffic passing between your reader’s browser and your web server. Obviously, this is a huge issue if you’re passing sensitive information like credit card numbers.

But nowadays, many entities, including Google, are pushing to use secure HTTPS connections for all traffic, even things you might think are mundane.

So why do you need an SSL Certificate?

In the past, the only time an average webmaster needed to care about SSL was for an ecommerce website. But that all changed in late 2014 when Google dropped a bomb:

SSL was going to be rolled out as a ranking factor.

That’s right, sites that use SSL certificates get a boost in the SERPs. It might not be a huge boost, but I think you’ll agree with me that any boost in search rankings is a good one. When I moved my portfolio site to HTTPS, I experienced a notable bump in my search rankings.

But now Google is going even further. As of January 2017, Google will mark “HTTP pages that collect passwords or credit cards as non-secure.” That means your WordPress login page will be marked as non-secure if you’re not using HTTPS. Here’s what that change will look like in Google Chrome:

Google eventually plans to expand this feature to treat all HTTP pages like this:

You definitely do not want all of your users seeing that in their URL bar!

So how do I get a free SSL Certificate from Let’s Encrypt?

If you’re just running a regular WordPress site and you are not handling any super sensitive information (like credit cards), you can get a free SSL certificate from a service called Let’s Encrypt.

This certificate will give you all of the benefits of SSL without costing you a single penny. And here’s the best part:

Most major hosting providers are partnering up with Let’s Encrypt to make installing an SSL certificate totally painless.

Here are two ways to get your free SSL certificate from Let’s Encrypt:

Install Your Free SSL Certificate from Your cPanel Account (for supported hosts)

As I mentioned, many hosts are partnering up with Let’s Encrypt to add free SSL certificates directly inside their customers’ cPanel dashboards. For example, if you’re hosting at SiteGround, you can install an SSL certificate in about two seconds from your cPanel dashboard. You just have to find the Let’s Encrypt button:

Then, all you need to do is select your desired domain and click Install:

Here’s a full list of web hosts who offer direct support for Let’s Encrypt. The process for most supported hosts should be similar to SiteGround.

I use Plesk so I just added the Plesk Extension – Let’s Encrypt, then when you go into any domain you will see the Let’s Encrypt add-on. Simply click that, type in your email address and there you have it! It will assign the domain with the SSL certificate and everything’s ready to go, just like that!

Use “SSL For Free” to Configure Your Let’s Encrypt Certificate

If your host doesn’t support Let’s Encrypt, you may still be able to get your free SSL certificate by using a website called SSL For Free.

The site will help you configure Let’s Encrypt certificates. But, you will need access to your site’s FTP details and potentially support from your host.

If at all possible, you should try to find a host that offers direct Let’s Encrypt support because it greatly simplifies the process.

How to configure your Free SSL Certificate With WordPress

Once you get your SSL certificate installed, users will be able to view a secure version of your site by going to “https://yoursite.com”. But just because your HTTPS connection is active doesn’t mean you’re finished.

To properly configure WordPress to work with your SSL certificate, you need to make some changes. You could do this manually or you could use an awesome plugin that does everything for you.

Really Simple SSL handles the whole process. Just install it and run the plugin and it will make all the necessary changes.

Just be aware – you will naturally get signed out of WordPress when you run the plugin. This is because the plugin changes your default URL from “http://” to “https://.” All you need to do is log in again with your normal login credentials. No need to be alarmed!

And there you have it, I hope you’ve found this post useful!

Let me know your thoughts or if this has helped you in the comments below.

It’s good to share

What Happens in an Internet Minute in 2016?

Have you ever wondered what exactly happens every minute on the internet? I know I have. The following statistics are mind-boggling and put in perspective how scalable platforms have taken over the world:-

internet-minute-2016

The above infographic shows how truly important the element of scale is to business today.

Google literally processes 2.4 million searches every minute. In that same span of time, 700,000 people login to Facebook and Amazon sells net over $200,000 of sales (both physical and digital goods).

Platforms such as the ones listed above are comparable in magnitude to other mega-sized companies, but without the intense capital expenditures, debt, or hard costs. That’s why Alphabet, Google’s parent company, can spend over a billion dollars each year on “moonshots”, and why Facebook’s stock is up 35.6% over the last 52 weeks.

Here are the full stats on what happens every internet minute:

  • 701,389 logins on Facebook
  • 69,444 hours watched on Netflix
  • 150 million emails sent
  • 1,389 Uber rides
  • 527,760 photos shared on Snapchat
  • 51,000 app downloads on Apple’s App Store
  • $203,596 in sales on Amazon.com
  • 120+ new Linkedin accounts
  • 347,222 tweets on Twitter
  • 28,194 new posts to Instagram
  • 38,052 hours of music listened to on Spotify
  • 1.04 million vine loops
  • 2.4 million search queries on Google
  • 972,222 Tinder swipes
  • 2.78 million video views on Youtube
  • 20.8 million messages on WhatsApp

That’s a lot of data every minute, and this volume of information is part of the reason that these same companies are prioritising the ability to process and interpret big data more than ever before.

Still not impressed?

Check out this website; http://www.internetlivestats.com/

internet-live-stats

It’s good to share

2016 Social Media Image Sizes Cheatsheet

Social media platforms are forever changing the image sizes and formats, so to keep you all updated the guys over at Make a Website Hub created tan awesome cheatsheet with all the dimensions you could possibly need in 2016 regarding social media.

The need for strong social media presence has soared in 2015 and has only continued to increase in 2016. This is why you really need to keep up to speed with your business / brand / personal profiles, and to optimise them with the right images to represent you!

“The 2016 Social Media Image Sizes Guide” below explains to you what the best image sizes are for each social network and the image types to use. Every major social media platform is listed on here so you’re up-to-date with social media
platform optimization.

Also this graphic displays specific dimensions and some very quick tips and insights to help you make your mind up on what photo to use on what.

 

Print

 

Twitter Image Sizing Tips

Profile Photo: 400 x 400 pixels (a maximum 100 KB file size)

It is often said that the “first impression is the last impression”!

Your Twitter profile picture is your main identification mark that will be visible to everyone. It will be visible on your home page, on the Twitter stream of your followers whenever you Tweet and so on.

Since it represents you or your brand, the image should be of the highest quality.

Header Photo: 1 500 x 500 pixels (a maximum 10 MB file size)

You can use an eye-catchy, creative image for your high-resolution header photo on your Twitter profile page. As a business, your Twitter page header photo should be in sync with your logo, tagline and brand.

In-stream Photo: 440 x 220 pixels (a maximum 5 MB file size for photos and 3 MB file size for animated gifs)

You can post up to four pictures along with your tweets on this platform. For every in-stream picture, an image link is created which takes up the Twitter character space. You simply need to maintain the 2:1 ratio of the images which can be reduced
to a smaller version to effectively fit your follower’s stream.

 

Image Sizing Advice for Facebook

Cover Photo: 851 x 315 pixels (a preferred maximum file size of 100 KB)

You can edit and add creative images as your cover photo that represents you or your business in the correct sense. Try to maintain a minimum size of about 399 x 150 pixels.

Profile Picture: 180 x 180 pixels

Unlike the cover photo, which only appears on your Facebook page, your Facebook profile picture will be seen on your page, on posts where you comment, on the timelines of others where you post messages, in search results of Facebook’s Open Graph
and so on.

In short, it represents you at most places on the largest social networking platform.

Shared Image: 1 200 x 630 pixels

You can engage your friends or business followers in meaningful conversations by sharing useful images on your Facebook timeline. These will appear in the news feeds of your friends and followers. Check this post for more information on
image sizes for Facebook

 

Image Sizing Guidelines for Google+

Profile Image: 250 x 250 pixels

Again, this picture will be your identity across the Google+ network. Even though the dimensions are for a square image, your Google+ profile picture appears as a circle.

So, you need to take special care of how your image looks without the important parts being cut out.

Cover Picture: 1 080 x 608 pixels

You can use a large picture representing your brand, logo and business tagline as your Google+ cover image.

Shared Image: 497 x 373 pixels

You can share images on your Google+ posts and indicate the specific “circles” with whom you want to share the image and for whom it may be more relevant. Remember, such images (along with the associated text) are likely to turn up in the Google
search engine for search queries related to your posts or business.

 

Instagram Image Sizing Rules

Profile Picture: 110 x 110 pixels

Photo Size: 640 x 640 pixels

Photo Thumbnails: 161 x 161 pixels

For all types of Instagram images, you need to maintain an aspect ratio of 1:1. So, all your images will appear in square dimensions. You need to take special care with the image quality because limited text content is shared on this platform.
It is more about the pictures and visuals!

 

Recommended Image Sizes for Pinterest

Profile Picture: 165 x 165 pixels

A Pinterest profile picture may not be as important as that of Facebook or Twitter profile pictures. However, you still need to use a nice one. After all, anyone who arrives at your board or pins through the keyword search will probably have a
look at your profile too.

Board Display Image: 222 x 150 pixels

Use eye-catchy images for posting on the relevant Pinterest boards.

Pin Sizes: a width of 236 pixels (with scaled height)

Though these are the dimensions for your Pinterest pins, expanded pins will have a minimum width of 600 pixels. You can post larger images (as only the width is fixed, while the length can be scaled further up) for better engagement and more re-pins
or likes.

 

Optimisation Rules for Tumblr Image Sizes

Profile Image: 128 x 128 pixels

You can use a good looking square profile picture that visually represents you or your business on Tumblr. It will appear on your profile page, next to the button to “follow” you when someone lands on your page and as thumbnails next to your posts
in your follower’s feeds.

Image Posts: 570 x 750 pixels

You can post images with up to 10 MB file sizes (except for animated gifs which should not be more than 1 MB). You can thus upload really high-quality pictures for your Tumblr posts.

 

YouTube Image Sizing Guidelines

Channel Cover Picture: 2560 x 1440 pixels (for desktop), 1855 x 423 pixels (for tablets), 1546 x 423 pixels (for smartphones), and 2560 x 1440 pixels (for TV)

The sizes are optimised for the different platforms as YouTube videos are often streamed using any of the above mentioned platforms. Also, the video channel cover image should tell your viewers more about the kind of videos that they will probably
be able to view on your channel.

Video Uploads: 1 280 x 760 pixels

You know that YouTube is a video sharing site and not an image sharing one. So, you need to maintain this resolution (about 16:9 aspect ratio) for the videos that you upload.

 

Image Size Optimisation for LinkedIn

Standard Logo: 100 x 60 pixels

Career Cover Picture: 974 x 300 pixels

Banner Image: 646 x 220 pixels

For this professional social networking platform, you should make sure that all your images are embedded with text to add more contexts.

Also, make sure that you use creativity to showcase the most relevant things about your business and brand in the banner image as well as in your cover image.

It is bound to get you connected and engaged with more professionals. Even from a personal profile perspective, you can leverage the most out of this platform by having creative images to make professionals sit up and take notice.

It’s good to share

WordPress 4.5 Beta 1

WordPress 4.5 Beta 1 is now available!

This software is still in development, so WordPress don’t recommend you run it on a production site. Consider setting up a test site just to play with the new version. To test WordPress 4.5, try the WordPress Beta Tester plugin (you’ll want “bleeding edge nightlies”). Or you can download the beta here (zip).

WordPress 4.5 is slated for release on April 12, but to get there, they need your help testing what they have been working on, including:

  • Responsive Preview of your site in the Customizer (#31195) – See how your site looks in mobile, tablet, and desktop contexts before making changes to its appearance.
  • Theme Logo Support (#33755) – Native support for a theme logo within the Customizer.
  • Inline Link Editing (#33301) – Within the visual editor, edit links inline for a smoother workflow.
  • Additional Editor Shortcuts (#33300) – Includes a few new shortcuts, like `..` for code and **..** for bold.
  • Comment Moderation Improvements (#34133) – An enhanced experience when moderating comments, including preview with rendered formatting.
  • Optimization of Image Generation (#33642) – Image sizes are generated more efficiently and remove unneeded meta, while still including color profiles in Imagick, for reduced sizes of up to 50% with near identical visual quality.

There have been changes for developers to explore as well:

  • Selective Refresh (#27355) – A comprehensive framework for rendering parts of the customizer preview in real time. Theme and plugin authors should test their widgets specifically for compatibility with selective refresh, and note that it may ultimately be opt-in for 4.5.
  • Backbone and Underscore updated to latest versions (#34350) – Backbone is upgraded from 1.1.2 to 1.2.3 and Underscore is upgraded from 1.6.0 to 1.8.3. See the this post for important changes.
  • Embed templates (#34561) – Embed templates were split into parts and can now be directly overridden by themes via the template hierarchy.
  • New WP_Site class (#32450) – More object-oriented approach for managing sites in Multisite
  • Script loader (#14853, #35873) – Introduces wp_add_inline_script() for including inline JavaScript just like wp_add_inline_style() works for CSS, and better support for script header/footer dependencies.

If you want a more in-depth view of what major changes have made it into 4.5, check out all 4.5-tagged posts on the main development blog, or check out a list of everything that’s changed.

If you think you’ve found a bug, you can post to the Alpha/Beta area in the support forums. We’d love to hear from you! If you’re comfortable writing a reproducible bug report, file one on the WordPress Trac. There, you can also find a list of known bugs.

Thank you WordPress for your continuous hard work and awesome updates!

It’s good to share

WordPress 4.4.2 Security and Maintenance Release

WordPress 4.4.2 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately.

WordPress versions 4.4.1 and earlier are affected by two security issues: a possible SSRF for certain local URIs, reported by Ronni Skansing; and an open redirection attack, reported by Shailesh Suthar.

Thank you to both reporters for practicing responsible disclosure.

In addition to the security issues above, WordPress 4.4.2 fixes 17 bugs from 4.4 and 4.4.1. For more information, see the release notes or consult the list of changes.

Download WordPress 4.4.2 or venture over to Dashboard → Updates and simply click “Update Now.” Sites that support automatic background updates are already beginning to update to WordPress 4.4.2.

It’s good to share

New Bootstrap 4 Alpha is now available!

Bootstrap 4 alpha 2 is now available. Since the last release, nearly 100 people have pushed over 900 commits to v4 and they’ve closed over 400 issues and pull requests. Those numbers are outrageously awesome to see, and they’re still got extra work to do for the full release of version 4.

Here’s a look at a handful of the changes since our last alpha:

  • Overhauled spacing utilities to use a numerical tiering (to avoid confusion with grid tiers).
  • Continued refactoring efforts to replace markup-specific selectors with classes across several components (including pagination, lists, and more). Still more to do here with additional components.
  • Reverted media queries and grid containers from rems to pixels as viewports are not affected by font-size. See #17403 for details. We’ve got a ton of grid work left, too. Feel free to follow along with #18471.
  • Reverted .0625rem width borders to 1px for more consistent component borders that avoid zoom and font-size bugs across browsers.
  • Renamed .img-responsive to .img-fluid to avoid future confusion on the various responsive image solutions out there.
  • Replaced ZeroClipboard with clipboard.js for Flash-independent copy buttons.
  • Inputs and buttons now share the same border variable to ensure components are always sized similarly.
  • Updated all pseudo-element selectors to use the spec’s preferred double colon (e.g., ::before as opposed to :before).
  • Cards now have outline variants and mixins to support extending base classes further.
  • Utility classes for floats and text alignment now have responsive ranges. This means we’ve dropped the non-responsive classes to avoid duplication.
  • Added support for jQuery 2.
  • And hundreds more Sass improvements, bug fixes, documentation updates, and more.

They are encouraging folks to skim through the second alpha’s milestone on GitHub for a better idea of what’s changed across the board. You can also follow along with other v4 efforts with the v4 label on our issue tracker.

Ready to dive in? Then head to the v4 alpha docs!

If you are not ready to take the leap quite yet, you can download Bootstrap 3.3.6 here.

I think it goes without saying that we really can’t wait for the official release of Bootstrap 4! 😀

It’s good to share