Web News and Internet Information
A new WordPress update has been made available for download – WordPress 2.9.2 has been released to fix a security vulnerability involving the system’s ‘Trash’ function.
According to the development team, a user discovered a problem where WordPress users can access other authors’ deleted mail. As usual you can auto-update from the WP Dashboard, and be sure to backup your existing site & databases beforehand.
In recent weeks we have noticed a high number of users who have been compromised with the following exploit, because they were running outdated WordPress installation, vulnerable to several security flaws now patched in the latest version 2.9.1
http://securityreason.com/exploitalert/7683
As always, it is highly important to make sure your WordPress installation is up to date and that you are regularly backing up both your installation and databases. With the current “Automatic Update” features of the WordPress dashboard, it couldn’t be easier to update your installation.
WordPress was updated to version 2.8.6 last week, with a couple of new security holes patched up. You can view full information about the new version on the WordPres Blog.
Users who have installed WordPress using Fantastico, can upgrade automatically using Fantastico, or of course automatically from the WordPress dashboard.
WordPress.TV has released live videos from a range of speakers at the recent WordPressCamp 2009. Covering almost everything WP and WPMU related, there is bound to be some useful design and development tips for aspiring WordPress gurus.
Some highlights include Eric Amundson’s talk – 5 Free Ways to Bulletproof your WordPress site, which covers quick, free, and effective ways to make WordPress installations more usable, accessible, secure, and satisfying—all in one five minute video. You can view all of the live videos from WordCamp over at WordPressTV.
1stWebDesigner, has posted an article with 10 Important Tips for SEO on your WordPress blog. Detailing everything from tweaking your XML sitemaps, using “Nofollow” links, to installing some of the many available WordPress SEO plugins. Check it out at the link above.
WordPress is by far the most commonly asked about CMS with AUSWEB customers and an increasing number who’ve picked up smartphone devices such as BlackBerry’s, iPhone’s and HTC’s, are taking their web development mobile. By far the most useful tool we’ve seen is the official WordPress iPhone app, which will let you manage most of your site’s functions quite easily.
On the other side of the fence, this means a lot of users are creating smartphone specific layouts for the increasing number of users browsing on the go, and boy are there a lot of options! Fortunately, Speckyboy dot com, has compiled a list of 7 awesome WordPress plugins to optimize your site for mobile devices, check it out below:
7-amazing-plugins-to-view-your-wordpress-blog-on-any-mobile-device-iphone-pda
There have been a few automated tools to help you theme your WordPress installation, from automated theme generating web pages, to whole plugins for Adobe Photoshop designed to generate a theme from your .psd design files. However, for the most part they’ve all been fairly limited and quite hit and miss in terms of depth and sometimes just even working properly.
A promising new option however is ThemeDreamer, which has been built as a plugin for Adobe DreamWeaver, allowing you to easily break down the PHP file structure and dependent files of WordPress’ theme structure. Once installed Dreamweaver’s Design View editor shows the WordPress theme file ‘index.php’ reflecting the content of the linked files eg. ‘header.php’, ‘footer.php’, along with CSS styles and various WordPress Template Tag settings. ThemeDreamer simulates a typical post, and various template tag options by injecting sample data to allow you to visualize your various CSS style settings, without making repeated adjustments while testing the results in your browser, which is sure to save loads of time!
Check out the developer’s homepage for some demos and a link to download a trial version: ThemeDreamer.
Your WordPress database contains every post, every comment and every link you have on your blog. If your database gets erased or corrupted, you stand to lose everything you have written. There are many reasons why this could happen and not all are things you can control. But what you can do is back up your data. After all, it is important. Right?
Below are instructions to back up your WordPress Site and your WordPress Database. In addition, support is provided online at the WordPress Support Forum to help you through the process.
Making backups is essential because problems inevitably occur and you need to be in a position to take action when disaster strikes. Spending a few minutes to make an easy, convenient backup of your database will allow you to spend even more time being creative and productive with your website.
Wordpress developers have warned users their popular CMS is under attack from a ‘clever’ worm that automatically compromises unpatched versions of the Wordpress system. The particularly nasty bug crawls the web for vulnerable Wordpress installations, installing malware, deleting content, and generally wreaking havoc wherever it can on unpatched installations.
Wordpress founder Matt Mullenweg eloquently implored Wordpress bloggers to update more frequently. Originally, updating the Wordpress system was a rather laborious process. However, newer versions offer fast and simple one-click upgrades. The two most recent versions of Wordpress (2.8.3 and 2.8.4) cannot be attacked by the worm discovered this week, and blogs hosted at Wordpress.com are also apparently immune.
Moral of the story, update and update often!
WordPress has just patched a security vulnerability in version 2.83 which allowed anyone to remotely lockout an admin user by resetting the password, by means of a special URL link.
“The bug … is trivial to exploit remotely using nothing more than a web browser and a specially manipulated link. Typically, requests to reset a password are handled using a registered email address. Using the special URL, the old password is removed and a new one generated in its place with no confirmation required.”
WordPress have quickly fixed the vulnerability in version 2.84 and it is recommended you patch ASAP. Full information available at the link below and as always, users managing their WP installations via Fantastico should follow the correct backup procedures before upgrading.
http://wordpress.org/development/2009/08/2-8-4-security-release/
Please find attached the new important Fantastico software security updates for your cPanel Hosting account
Please always keep your scripts save and secure and up-to-date to the newest version to prevent server and system compromise, which would not just affect you , but lots of other clients!
Best Regards and thanks you for your cooperation.
AUSWEB Hosting , Domains and Dedicated Servers
http://online.ausweb.com.au/clients/
http://tutorials.ausweb.com.au/
http://ausweb.com.au
CMS, Joomla, News, PHP Applications, Scripting & Coding, Web Development, Web Hosting News, Wordpress, cPanel, drupal
Here at AUSWEB we have a huge number of users running WordPress websites from personal blogs, to business oriented websites and even us here on the AUSWEB Blog!
Thanks to the huge community of WordPress users there exists a huge pool of custom scripting, plugin and theme/design resources out there for you to add various features to your blog. Often overlooked however are some of the more recent in-built features for WordPress such as shortcodes which allow you to easily call php functions within your posts, thus saving time by speeding up repeated tasks.
Blogging, CMS, Scripting & Coding, Web Development, Wordpress
AUSWEB Tutorials