Tag Archives: Wordpress

WordPress hysteria rant – Be proactive not reactive

Posted on by
Reply

So it seems that i am being verbally bludgeoned to write, so if that was the request, then here we go.

Firstly there was no official word from WordPress for about 3 days. 3 days of radio silence while security “sources” had posted this information for public consumption for some time.

So i do not know what you want the community to do? Sit and close their eyes, and act like nothing is happening? Read no news sites or blogs until there is word from the official provider of the product.

If there was an actual breach and users had not been vigilant, i think you (annoymous) would not be as adamantly posting, and sending slightly over-zealous commentary?

To make it worse there was a code review for WordPress 3.0 beta Continue reading

WordPress hack fix – Check your permissions

Posted on by
3

It seems after the brief period of quiet and uncertainty the main cause of the vulnerability attacking WordPress blogs was revealed. The security magazine over at darkreading.com noted that is was the storing of critical information as plain text in the database is what left users exposed.

Earlier i had noted that there was a problem with sites going down, and on a variety of different hosts as a result of some malware, that used SQL injections.

“The attacker basically created a scanner to locate all configuration files containing incorrect permissions” – darkreading.com

Continue reading

WordPress 3.0 Beta first code review complete

Posted on by
Reply

As the WordPress community eagerly awaits the final release of WordPress 3.0 it is always good news when you see positive reviews from Alex King, the WordPress innovator with plugins like the widely used Twitter Tools, the Carrington theme framework, and the WordPress ShareThis plugin, on how things progressed. This is also pretty re-assuring as this is essentially the first comprehensive code review of this type that they have done for the upcoming version.

At the moment WordPress is going through a major transition from version 2.0 released in December 24th 2005 to WordPress 3.0 Beta and 3.0 final scheduled for release in May 2010 according to WPDevel.

For those who have seen the gradual ascent of WordPress into the platform it is now, Continue reading

WordPress blogs getting HACKED! no fix as of yet?

Posted on by
5

UPDATE:

No official patch but there is a fix for this now. You can find out  more here… – April 12th 2009

Unfortunately today i read some bad news as SC magazine (April 9th 2010) reported that indeed some WordPress blogs had indeed been hacked! A while ago did write about security and permissions, and this came after working finding a malicious theme that attempted to execute and hack into a WP site from the the themes functions.php.

It seems that Themelab aptly wrote an article called “Dirty WordPress Hack Going Around, Cloaked to Search Engines” , as they noticed there was indeed a vulnerability and potential for SQL injection, or in lay man’s terms “hacking“. The article is dated March 1st 2010, and at the time they noted that,

This particular hack uses some particularly dirty methods which include inserting spam keywords into your own content, which is probably to control your keyword density.

They also point to a trick known as cloaking to inject data into your content, Continue reading

WordPress 3.0 Beta Released, get it while its hot!

Posted on by
1

The long wait is now over, WordPress have announced via their blog that the new version WordPress 3.0 Beta is now available for download by the public. This is pretty exciting considering that we will also being seeing Drupal 7 some time soon too.

The final version of WordPress 3.0 is due out later in WordPress, but in a move to release early could also be beneficial for WordPress and the community for a number of reasons: Continue reading

Blogging a real career in 2010

Posted on by
Reply

The last thing that you may hear when you think of blogging is, “Hmmmm this could actually be a career.”  According to the reliable wikipedia a blog is defined as,

A blog (a contraction of the term “web log“)[1] is a type of website, usually maintained by an individual with regular entries of commentary, descriptions of events, or other material such as graphics or video.

So essentially is the act (continuous) of of creating new content and adding to your weblog with frequent posts. Now with that said there are a couple of questions that arise:

  1. What does “Frequent” entail?
  2. Why does how frequent i write matter? Continue reading

Free Premium quality WordPress Podcasting Plugin

Posted on by
Reply

As another way to go grow and offer different types of media to keep your blog going. Podcasting is a definite way to add more dynamic content, and now you can with the free, premium quality WordPress Podcasting Plugin.

The project was initially developed by Ronald Heft over at  but it is now maintained by TSG. I think that there are currently two really good and free choices when it comes to adding multi-media content to your site, with the TSG podcasting plugin being one and the Blubrry Powerpress Podcast Plugin. Unfortunately it seems that the old podpress plugin that used to be an option isnt really going to be going any further. Continue reading