WordPress security news and issues.
Hosting providers around the world are seeing a massive increase in brute force attacks against WordPress and Joomla sites. Attackers are looking to gain access to and compromise accounts, but failing that, they are slowing down their targets or even rendering them unavailable as they exhaust the sitesβ resources.
Chris Jean, of iThemes, has done a nice job summarizing the recent flood of WordPress brute force login attacks, along with ways to prevent them. There is also a Codex page on handling brute force attacks that’s getting a lot of effort put into it right now.
This is a really nice idea. It’s a coding challenge where you have to audit a plugin for security flaws. A chance to learn more about best practices and getting your code reviewed by core developers.
I wrote a shell script that creates a new WordPress install in MAMP (directory, database, and security keys) based on your input into the prompts and sends you to wp-admin/install.php upon completion. I use it for every project and put it up on GitHub for others to use or fork.
It seems that Dre Armeda and Brad Williams are destined to return to the internet-airwaves soon, with what appears to be a podcast called, “DradCast.” Drad is the nickname that Brad and Dre have given themselves as a tag team duo. The URL is currently just a signup form to be notified when DradCast starts….
WordPress 3.5.1 is out. Some bug fixes, security fixes, and even a couple usability tweaks of the media manager. Go update. No reason not to do so immediately for minor updates.
End of content
End of content
