The aspect of community-powered support is definitely one of that factors that has lead to the popularity of WordPress, but despite millions of users, only a handful regularly volunteer in the support forums. How can you support WordPress? What kind of questions will you encounter? What if you aren’t an expert? These just a few of the questions that Automattic Happiness Engineer Sheri Bigelow answers in her WordCamp Portland 2010 session, How to Support WordPress. I became a volunteer in the WordPress Support Forums six years ago, one week after installing WordPress. I was what some would call a “n00b,” but while I was waiting for an answer to my question, I noticed a few installation questions that I could answer. Fast-forward six years later, and everything that I know about WordPress today was learned from answering questions on the WordPress Support Forums. If a lack of knowledge is preventing […]
[Continue Reading...]
Archive for 2010
Users are advised that WordPress 3.0.3 has just been released and is a security update. This release fixes issues in the XML-RPC remote publishing interface. This release fixes issues in the remote publishing interface, which under certain circumstances allowed Author- and Contributor-level users to improperly edit, publish, or delete posts. If you have remote publishing enabled on your site you are urged to upgrade. You can do so easily via the built-in automatic upgrade feature. If upgrading the old fashioned way is your cup of tea here is the list of revised files … wp-includes/version.php xmlrpc.php readme.html wp-admin/includes/update-core.php
[Continue Reading...]Emporium is a two column theme for WordPress and the eShop plugin. Valentine is a modern style css3 layout, with a fixed header and footer, and embedded fonts.
[Continue Reading...]WordPress is certainly the most popular open source blogging platform, but how are development decisions made? You may have heard that WordPress is a democracy, that Matt Mullenweg makes all the decisions, or that Automattic governs the development of WordPress. Of course, neither of those are true. WordPress is actually a Meritocracy. It’s really quite simple and efficient, but the more you contribute to WordPress, the more weight your opinions carry when it comes time to make decisions. Probably the best example of this is Andrew Nacin. When Nacin began contributing to WordPress, he could only submit his bug fixes and enhancements for review. After showing his commitment to the WordPress community over three months and a hundred patches, Nacin was asked to be a core developer. Now, Nacin’s bug fixes and enhancements go right to the core. I could write pages upon pages describing how everything works, but I’d certainly […]
[Continue Reading...]The fine folks over at Testking.com have created and shared an info-graphic that displays the power of WordPress. The image contains interesting information that can be found within the Codex but has been displayed in a nice, visual form. Notables include: time line of releases and major milestones from 2003 to 2010, web usage of WordPress, percentages of websites using different versions of WordPress, daily user activity and much more. Some of this information seems to be WordPress.com based so keep that in mind. Despite the information at some point being dated, this would still make a great snapshot to use as a poster. The Power of WordPress
[Continue Reading...]New plugins Snow Storm displays falling snow flakes on the front of your WordPress website for a festive presentation. WordPress Gzip Compression enables gzip-compression if the visitor’s browser can handle it. This will speed up your WordPress website drastically and reduces bandwidth usage. Updated plugins Easy FancyBox enables the FancyBox 1.3.4 jQuery extension on all image, SWF, YouTube and Vimeo links. WordPress SEO is the most complete all in one SEO solution for your WordPress blog.
[Continue Reading...]WordPress 3.0.2, the first mandatory security update in quite a while, was released not too long ago. The update patched an exploit which allowed an Author-level users to gain access to the site well above their user level, but the real story here is the overall efficiency of the volunteer developers. With a team unpaid volunteers keeping WordPress in tip-top shape, you might be surprised to hear that this particular update went from initial disclosure of the exploit to final release in no more than four hours! That particular time frame is almost unheard of, even amongst commercial projects. To further sweeten the pot, the VaultPress team automatically pushed a hotfix the next day to all VaultPress-enabled blogs, ensuring that all VaultPress users were protected from the exploit, even if they had not had a chance to apply the 3.0.2 update. With such an efficient team of volunteer developers, and […]
[Continue Reading...]About the Author
- James
James began using WordPress in 2004. Being new to WordPress (and blogging in general), he quickly found the WordPress Support Forums and basically never left. James currently resides in sunny Southern California, where he enjoys bringing happiness to millions of WordPress.com users.
Web: http://macmanx.com
Categories
- bbpress
- Best of WordPress
- Blog Templates Blog Skins Blog Themes
- Blogging
- Blogging Essays
- Blogging News
- brainstorming
- buddypress
- Business of Blogging
- CMS
- Code
- Cold Fusion
- Community Interviews
- Cool Scripts
- General
- HOW-TO
- LinkyLoo
- Movable Type Plugins
- Photolog Script
- Podcasting
- QuickLinking
- Spam
- SXSW
- TLA
- Tutorials
- User Reviews
- Web Design
- Web Ethics
- Weblog Add-Ons
- Weblog tools blog tools blogging tools
- Weekly Plugin Review
- WLTC Community
- wordcamp
- WordPress
- WordPress Discussions
- WordPress FAQs
- Wordpress for Beginners
- WordPress Hack
- WordPress News
- WordPress Plugin Competition
- WordPress Plugins
- WordPress Polls
- WordPress Security
- WordPress Templates WordPress Skins WordPress Themes
- WordPress Tips
- WordPress Tools
- WordPress Troubleshooting
- WordPress Weekly
- WordPress Widgets
- WordPress WishList
- XHTML Tips
Obviously Powered by WordPress. © 2003-2013
Comment Rating Plugin Fixes Security Vulnerability
If you use the Comment Rating plugin for your WordPress powered site, you are highly encouraged to upgrade to the latest version as it fixes a security vulnerability. More specifically, a Cross-site Request Forgery attack. According to the report at OSVDB.org which is an Open Source Vulnerability Database: The flaw exists because the application does not require multiple steps or explicit confirmation for unspecified sensitive transactions for the admin function. By using a crafted URL (e.g., a crafted GET request inside an “img” tag), an attacker may trick the victim into clicking on the image to take advantage of the trust relationship between the authenticated victim and the application. Such an attack could trick the victim into executing arbitrary commands in the context of their session with the application, without further prompting or verification. There is no known workaround for versions lower than 2.9.21. Kudos goes to KrebsOnSecurity for reporting […]
[Continue Reading...]