Security

WordPress 4.3, “Billie”, released

Brian Krogsgard

August 18, 2015

WordPress 4.3, "Billie", has been released. Billie includes four major user-facing features that most website owners will experience on a semi-regular basis, and many other enhancements, bug fixes, and developer features.

Sucuri explains the security vulnerability they…

Brian Krogsgard

August 12, 2015

Security

Sucuri explains the security vulnerability they were credited with reporting in the WordPress 4.2.4 release.

WordPress 4.2.4 maintenance and security release

Brian Krogsgard

August 5, 2015

Security

WordPress 4.2.4 was released and auto-updated in the last 24 hours, thankfully to seemingly little attention (other than perhaps a bit of update fatigue). And that's a good thing. According to the announcement post, the release addresses six different issues.…

Inside the mind of a white hat WordPress hacker

Brian Krogsgard

August 5, 2015

Security

I've read, I think, my favorite WordPress security post ever. I admit, I do get excited when something is teased to me as a trilogy, but Netanel Rubin follows through with flying colors. Now, this post is long. And when…

Rogue shortcodes cause controversy for 4.2.3 security release

Brian Krogsgard

July 25, 2015

Security

The WordPress 4.2.3 security release looks like most security releases on the surface, but it has caused a good bit of controversy. The release includes a number of fixes, but one involving shortcodes is the focus of attention. Immediately after…

Growth in the French community

Jenny Beaumont

June 24, 2015

BusinessPlanet

Jenny Beaumont, a freelance web developer based in France, describes the recent growth boom in France's WordPress community and some of those who've helped it thrive.

A future API

Ryan McCue

June 19, 2015

BusinessPlanet

Ryan McCue, the lead developer of the WordPress REST API, imagines the year 2020, when the REST API is mature and in WordPress core. He tells us stories of some of the fun things that are possible.

What you need to know about HTTP/2 and some other things I don’t understand

Brian Krogsgard

June 18, 2015

Security

Do you ever enjoy reading something even though you know your knowledge barely scratches the surface of what's being discussed? I do. Reading anything written by Zack Tollman is a delight to me, and in this case I wouldn't say…

Sucuri want to compete with CloudFlare

Brian Krogsgard

May 28, 2015

Security

Sucuri is seeking to build a full CloudFlare alternative, according to WP Tavern: “The fundamental difference is that it’s security first, performance second,” Perez said. “So yes, in the coming months you’ll see more as our solution blossoms into a…

UI and password initiatives for WordPress 4.3

Brian Krogsgard

May 12, 2015

DesignSecurity

Two of the initiatives for WordPress 4.3 are for further improving WordPress (especially mobile) UI and re-evaluating password management. Starting Thursday, lead developer Helen Housandí will host UI chats in the WordPress Slack #design channel. Additionally, lead developer Mark Jaquith further laid…

In defense of WordPress

Brian Krogsgard

May 9, 2015

Security

Mattias Geniar gives WordPress a pat on the back for how the project has handled recent security vulnerabilities. At PHP conferences, WordPress often serves as a punching bag. Nearly every talk that discusses code quality brings in WordPress and compares…

The trojan emoji

Brian Krogsgard

May 8, 2015

DevelopmentMake WordPress

Andrew Nacin, lead developer of WordPress, just finished a talk at Loopconf, where he talked about a series of related WordPress security fixes that spanned two years, with the final fix included into WordPress core under the guise of emoji support.

WordPress 4.2.2 released to protect against critical security bug in Genericons

Brian Krogsgard

May 6, 2015

Security

WordPress 4.2.2 was released this evening in order to protect against a critical security bug in Genericons. From the release post: The Genericons icon font package, which is used in a number of popular themes and plugins, contained an HTML…

Automatically expire passwords for WordPress users

Brian Krogsgard

April 29, 2015

Security

Frankie Jarrett has created yet another handy plugin, this time to auto expire passwords for users of certain roles based on a customizable number of days. This plugin could be handy for organizations that require password resets, or just for…

WordPress zero day vulnerability on comment text patched in 4.2.1

Brian Krogsgard

April 28, 2015

HostingSecurity

Many readers have likely heard by now that WordPress 4.2.1 is out (and probably already patched on your installs). The patch is in response to a zero day vulnerability reported by Jouko Pynnönen of Klikki. WordPress 4.2.1 includes a check on…

WordPress security release for all versions

Brian Krogsgard

April 21, 2015

Security

All past versions of WordPress "are affected by a critical cross-site scripting vulnerability, which could enable anonymous users to compromise a site," according to the release post by Gary Pendergast. WordPress 4.1.2, 4.2 RC3, and new tag releases on past versions…

WordPress 4.3, “Billie”, released

Sucuri explains the security vulnerability they…

WordPress 4.2.4 maintenance and security release

Inside the mind of a white hat WordPress hacker

Rogue shortcodes cause controversy for 4.2.3 security release

Growth in the French community

A future API

What you need to know about HTTP/2 and some other things I don’t understand

Sucuri want to compete with CloudFlare

UI and password initiatives for WordPress 4.3

In defense of WordPress

The trojan emoji

WordPress 4.2.2 released to protect against critical security bug in Genericons

Automatically expire passwords for WordPress users

WordPress zero day vulnerability on comment text patched in 4.2.1

WordPress security release for all versions

Post Status

Opportunities

Partner Directory

Resources

The Community for WordPress Professionals

Post Status

Opportunities

Partner Directory

Resources