The latest free WordPress eBook from Code Poet has arrived, Locking Down WordPress. This new eBook from Rachel Baker, Brad Williams, and John Ford, will show you how to secure your WordPress installation and take care of it when things get out of hand. Security should be one of your fore-most concerns with any website, and this eBook is free and available in PDF, EPUB, and Kindle formats, so get it while it’s hot!
[Continue Reading...]
‘WordPress Security’ Category
Previous Post WordPress Theme Releases for 7/14
Previous Post Free WordPress Security Webinar
WordPress 3.3.2 and 3.4 Beta 3 have been released. This important security update plugs exploits in Plupload, SWFUpload, and SWFObject (three external libraries used by WordPress), as well as a few additional fixes. WordPress 3.4 Beta 3 is still not ready for prime time, but provides almost 90 fixes since the second beta release. Please do take a few swings at it on a test installation, especially if you are a plugin or theme developer. If you find any bugs, please report them, and contact the support forums if you need any help. If you’re currently running on the WordPress 3.3 branch, please update to 3.3.2 as soon as you can!
[Continue Reading...]Previous Post WordPress Plugin Releases for 4/19
iThemes will be sponsoring a free webinar on WordPress security on April 25 at 1 PM CDT. The webinar will be given by Dre Armeda of Sucuri and will cover cleaning up your WordPress site and keeping it secure. If you can’t make it, don’t worry. iThemes will be providing a recording later for viewing at your leisure.
[Continue Reading...]Previous Post WordPress Theme Releases for 9/6
If you’re worried about the recent TimThumb security vulnerability, but haven’t had a chance to see if you’re affected, identifying and fixing vulnerable instances of TimThumb just got a whole lot easier thanks to a new plugin from Peter Butler. Now, all you need to do is install and activate this plugin, run the scanner from the new Tools -> Timthumb Scanner section in your Dashboard, and click the Fix button to repair any vulnerabilities that are found.
[Continue Reading...]Previous Post WordPress Plugin Releases for 8/3
A zero day vulnerability has been found in TimThumb, a popular image resizing script used by several WordPress themes. The person who discovered the vulnerability has issued a fix and instructions to detect any lingering hacks. As described on the VaultPress blog, “The vulnerability allows third parties to upload and execute arbitrary PHP code in the TimThumb cache directory. Once the PHP code has been uploaded and executed, your site can be compromised however the attacker likes.” The folks at Sucuri have constructed a great list of just a few affected WordPress themes, just to give you idea of how many themes use TimThumb. If your theme uses TimThumb, contact your theme author for an update immediately, or download the latest version if it has already been updated. If your theme author is not willing to offer an update, it’s probably time for a new theme, but you can also […]
[Continue Reading...]Previous Post WordPress FAQ: Moving WordPress
If you hate to read about security, then this great presentation by WordPress Core Developer Mark Jaquith on WordPress Theme and Plugin Security from WordCamp Phoenix 2011 is just for you! The presentation is great to watch and quite educational for both WordPress users and developers.
[Continue Reading...]Previous Post WordPress Theme Releases for 2/6
WordPress 3.0.5 and 3.1-RC4 have been released. Both releases address three security issues and add additional security enhancements, and 3.1-RC4 fixes “about two dozen additional bugs.” Both updates are available immediately via your Dashboard, but users updating to 3.0.5 will need to update to the latest release of Akismet again. Core developer Andrew Nacin hopes to minimize “the Akismet update dance” in WordPress 3.1 and put an end to it in WordPress 3.2.
[Continue Reading...]Previous Post Plugin Review – Dynamic Widgets
WordPress 3.0.4 has been released to plug a critical security vulnerability. [It] fixes a core security bug in our HTML sanitation library, called KSES. I would rate this release as “critical.” I realize an update during the holidays is no fun, but this one is worth putting down the eggnog for. In the spirit of the holidays, consider helping your friends as well. If you’re currently testing WordPress 3.1, make sure that you upgrade to the latest nightly release to get the same security fixes.
[Continue Reading...]Previous Post Comment Rating Plugin Fixes Security Vulnerability
Users are advised that WordPress 3.0.3 has just been released and is a security update. This release fixes issues in the XML-RPC remote publishing interface. This release fixes issues in the remote publishing interface, which under certain circumstances allowed Author- and Contributor-level users to improperly edit, publish, or delete posts. If you have remote publishing enabled on your site you are urged to upgrade. You can do so easily via the built-in automatic upgrade feature. If upgrading the old fashioned way is your cup of tea here is the list of revised files … wp-includes/version.php xmlrpc.php readme.html wp-admin/includes/update-core.php
[Continue Reading...]About the Author
- James
James began using WordPress in 2004. Being new to WordPress (and blogging in general), he quickly found the WordPress Support Forums and basically never left. James currently resides in sunny Southern California, where he enjoys bringing happiness to millions of WordPress.com users.
Web: http://macmanx.com
Categories
- bbpress
- Best of WordPress
- Blog Templates Blog Skins Blog Themes
- Blogging
- Blogging Essays
- Blogging News
- brainstorming
- buddypress
- Business of Blogging
- CMS
- Code
- Cold Fusion
- Community Interviews
- Cool Scripts
- General
- HOW-TO
- LinkyLoo
- Movable Type Plugins
- Photolog Script
- Podcasting
- QuickLinking
- Spam
- SXSW
- TLA
- Tutorials
- User Reviews
- Web Design
- Web Ethics
- Weblog Add-Ons
- Weblog tools blog tools blogging tools
- Weekly Plugin Review
- WLTC Community
- wordcamp
- WordPress
- WordPress Discussions
- WordPress FAQs
- Wordpress for Beginners
- WordPress Hack
- WordPress News
- WordPress Plugin Competition
- WordPress Plugins
- WordPress Polls
- WordPress Security
- WordPress Templates WordPress Skins WordPress Themes
- WordPress Tips
- WordPress Tools
- WordPress Troubleshooting
- WordPress Weekly
- WordPress Widgets
- WordPress WishList
- XHTML Tips
Obviously Powered by WordPress. © 2003-2013
