Week in review: Themeforest changes, Jetpack 3.1, Polar Polls, Yoast and Sucuri partner
Brian Krogsgard
DesignPlanet
Welcome to the sixth “Week in Review” on Post Status, where I hope to offer up some of the things you may have missed in the last week or so. Unfortunately, I haven't posted since the last week in review. Trust…
An introduction to setting up SSH keys for server management
Ben Lobaugh
DevelopmentPlanet
Utilizing SSH keys in conjunction with the servers you connect to is a great and highly recommended security practice. SSH stands for "Secure Shell" and enabling SSH for a server creates a secure channel between you (via the command line)…
Week in review: Beta 2, refinement, transparency, Do Action, apps, and more
Brian Krogsgard
PlanetSecurity
Welcome to the fourth “Week in Review” on Post Status, where I hope to offer up some of the things you may have missed in the last week or so. There are a lot of great reads to catch up on…
All Pods 2.x versions need updating due to significant security vulnerability
Brian Krogsgard
DesignSecurity
Scott Kingsley Clark notified me this morning that a security update has been released for all versions of Pods 2.0 and later. Pods allows for the creation or extension of WordPress content types. Any website that uses the feature to…
Fear mongering journalist pointlessly blasts WordPress
Brian Krogsgard
SecurityWordPress News
I encountered an article today that made my blood boil. Phillip Thomson wrote about the cost of three websites for the Australian Minister of Foreign Affairs for the Sydney Morning Herald. The article blasts Julie Bishop and her department for…
Pagely has new plans, a new dashboard, and a new Amazon Web Services infrastructure
Brian Krogsgard
BusinessHosting
Pagely has made some drastic changes to their hosting platform over the last few months. They've moved from Firehost to being fully powered by Amazon Web Services (AWS), led by their new CTO, Joshua Eichorn. Measuring tiers of hosting by…
WooThemes is investigating alleged website vulnerabilities
Brian Krogsgard
BusinessHosting
Some WooThemes customers are alleging that their credit cards suffered from fraudulent charges after purchasing items from WooThemes’ website. The point of vulnerability is unknown at this time. The number of affected customers is unknown. The following is what we know:…
The cost of running a WordPress website
Brian Krogsgard
HostingSecurity
A WordPress website is very affordable to get up and running. You can do it for free, plus the cost of your average shared hosting account. However, running a more serious site can get considerably more expensive. Here's the list…
Keys to building a successful remote workforce
Brian Krogsgard
BusinessSecurity
Stack Overflow co-founder Jeff Atwood writes why companies are not hiring the best and the brightest employees. While the title says the article is about hiring, it's really about working. His points boil down to a promotion for distributed workforces.…
WordPress 3.8.3 fixes a bug with “Quick Draft”
Travis Northcutt
Make WordPressSecurity
Last week's 3.8.2 security release introduced a bug where drafts written with the Quick Draft tool in the dashboard were not saved. That bug is fixed with today's 3.8.3 release. What's really interesting about this release is that not only is…
Severe Jetpack vulnerability disclosed, some sites being updated automatically
Brian Krogsgard
SecurityWordPress News
A severe Jetpack vulnerability has been disclosed and patched in Jetpack. The bug allows attackers to publish posts, and has existed since 2012. The Jetpack blog post states the following: During an internal security audit, we found a bug that allows an…
Security updates for 3.5 and 3.6
Travis Northcutt
Security
The good folks over at interconnect/it have backported the recent security updates for WordPress to the 3.5 and 3.6 branches, due to having some clients running older versions that, for whatever reason, aren't able to upgrade at this time. They've…
WordPress 3.8.2, 3.7.2, and 3.9 Release Candidate 1 have been released
Brian Krogsgard
Make WordPressSecurity
All of your websites are ready for updates. There is a security and maintenance release ready for WordPress 3.8.2 and WordPress 3.7.2. It's being released for both 3.7 and 3.8 due to the auto-updating feature released in WordPress 3.7. One…
Akismet releases update to address pingback vulnerability reports
Brian Krogsgard
Security
Akismet, the popular WordPress spam prevention plugin by Automattic, has released an update with a number of fixes, including two to address recent reports of DDOS risks in WordPress related to pingbacks. The post describes the two points that address…
Clef offering password-less integrations for WordPress plugins that enable user registration
Brian Krogsgard
Security
Clef is a password-less login solution that utilizes a phone app and WordPress plugin for more secure logins. You can get more specific information about two-factor authentication (which is different than this, but along similar lines) on my post where…
Why we don’t use a CDN: A story about SPDY and SSL
Travis Northcutt
DevelopmentSecurity
A great post from Zack Tollman at The Theme Foundry on why defaulting to what most consider best practices can sometimes be detrimental to performance. Using a CDN (content delivery network) for the new site was a forgone conclusion, as…
