The first round of @WordCampSD tickets sold out within hours of being announced and stunned us all. The second and final round sold out March 1, a mere week after opening sales. Unfortunately, it was also twenty-four days before I officially stepped into my new role as Product Evangelist at SiteLock. It was looking like I missed the boat. In this case, the boat would, of course, be the USS Midway; the majestic World War II era aircraft carrier-turned-museum permanently moored across the San Diego Bay from San Diego International Airport … and WordCamp San Diego.
Category: WordPress security Page 14 of 16
Yesterday on Twitter, Dr.-Ing. Mario Heiderich of security firm Cure53 announced an unauthenticated cross-site scripting flaw in WordPress version 4.5, the current version as of the announcement, and below.
Cross-site scripting, or XSS, flaws are vulnerabilities in a website’s code where malicious actors can execute, or trick visitors or administrators to execute, malicious code in a visitor’s browser.
We can’t believe that our first @WordCampJax is over already! The weekend was filled with new faces, educational talks and some great networking. We were very excited to be present, as this year was Jacksonville’s first! The Camp organizers did an incredible job putting together a fun-filled weekend; one we will not soon forget!
The first ever WordCamp was held in San Francisco in 2006 and was organized by Automattic CEO Matt Mullenweg. WordCamps have since grown to include six continents, 48 countries, 66 cities and counting. Each individual WordCamp is planned by volunteers and brings its own local flavor. Jacksonville was no exception, with our hotel located near the popular Jacksonville Landing, and our after-party event at the eccentric Kickbacks, the Jacksonville team made sure we had a true local experience.
We kicked off our second quarter of 2016 with a trip to weird and wonderful Austin, Texas for the second annual #WooConf! WooConf is an event focused on online storeowners and developers that use the eCommerce solution WooCommerce. If you’re in eCommerce and you don’t know what WooCommerce is, you should! Used by more than 37 percent of all online stores on the Internet (according to BuiltWith.com), WooCommerce is the number one eCommerce platform in the world by volume. This year’s conference brought more than 30 top-tier presenters from the space to share their expertise and experience.
Many individual and small company forays on the web are through WordPress on shared hosting accounts, and it’s not uncommon for a shared hosting account to hold multiple WordPress sites as needs and business grow. Site owners maintain each and every WordPress install, managing content, configuration, users and updates. At least they should. Maintaining multiple sites in a single shared hosting account is time-consuming and, as we’ll see, risky as each site on the account is a point of access that has to be secured.
In this post, we’ll discuss how conglomerating multiple WordPress sites in a single account may not save time and money, it may in fact lead to the compromise of every site on the account. We’ll also discuss how to host securely, keeping all your sites from falling due to a single plugin vulnerability.
We are so excited to be taking part in our first WordCamp Europe in Vienna, Austria on June 24 – 25.
WordCamp Europe is the global WordPress conference that gathers together WordPress enthusiasts from all over the world in a different European city every year. This year’s event is set to break attendance records with over 2,000 expected attendees. It is being held at the magnificent MuseumsQuartier located in the city center and is anticipated to be the most amazing WordCamp Europe to date.
We cannot wait to experience all that beautiful Vienna has to offer and to meet WordPressers from over 60 countries. See you there!
Update: check our our recap of WordCamp Europe 2016!
A recent article reported that WordPress.com is moving to enable HTTPS by default on all of its 600,000 hosted sites. This is a huge security win for WordPress.com users and the Internet at large. It sets a high security bar for other entities to strive for, and of course helps protect users and visitors from prying eyes.
If you’re a WordPress.com user, one way to take advantage of WordPress.com’s exemplary efforts is to go further and enhance the security of your WP.com site with protection services.
We’re stoked to be sponsoring and attending the inaugural WordCamp Jacksonville at Florida State College in April. We’ll be soaking in the sun, handing out swag (spoiler: it’s awesome), and of course meeting all of you incredible WordPressers! So mark April 16th and 17th on your calendar and we will see you there!
So mark April 16th and 17th on your calendar and we will see you there!
While reviewing malware, the SiteLock Research Team detected suspicious code in a WordPress plugin. We reviewed the suspicious code and found the plugin wasn’t malicious per se, though it was potentially vulnerable to attack. We will discuss the plugin and analyze its unique authentication issues, and then discuss mitigation and the dangers of using unsupported plugins.