security

  1. Online Security: Are Your Passwords Working for You?

    Word about the Heartbleed bug spread widely and quickly, prompting many of us to change our passwords on numerous log-in sites. Have a tough time remembering all your passwords? Begrudge the time and effort it took to make the changes?

    Protecting online data is an ongoing concern, and changing passwords routinely is a practice that would serve us all well. There has been talk of instituting an annual Change Your Passwords day, but a once-a-year change is probably not enough to alleviate the concern. Hackers, leaks, security fails and program vulnerabilities are part of our wired landscape.

  2. Better WP Security Changing to iThemes Security

    We’re a big fan of the plugin known as Better WP Security. If we’ve developed a WordPress site for you, chances are your site uses it.

    On March 17, the authors of this plugin announced a name change to iThemes Security. For sites using the plugin with the previous name, WordPress will automatically deactivate it with the next upgrade. All sites with the plugin will be affected. The impact in not systems critical, but we wanted to give our clients a heads up! All you need to do is reactivate it with the new name.

    If you’d like more info about the update check out this link:

    http://ithemes.com/2014/03/17/better-wp-security-plugin-changing-ithemes-security-need-know/

  3. WordPress Update – Version 3.7 “Basie”

    There’s been a major update for WordPress recently. Here is the press release from the WordPress team:

    Version 3.7 of WordPress, named “Basie” in honor of Count Basie, is available for download or update in your WordPress dashboard. This release features some of the most important architectural updates we’ve made to date.

  4. Managed Optimized Wordpress Hosting in Raleigh NC

    WordPress 3.6.1 Maintenance and Security Release

    Check out this information from the WordPress team regarding the recent 3.6.1 release:

    After nearly 7 million downloads of WordPress 3.6, we are pleased to announce the availability of version 3.6.1. This maintenance release fixes 13 bugs in version 3.6, which was a very smooth release.

  5. Tighten Up Your WordPress Website Security

    The basis of more than 73 million websites, WordPress is one of the most widely used Content Management Systems. It’s popular with web designers and end-users alike for numerous reasons. Unfortunately, its popularity can make it a target for hackers.

    Taking proactive steps to secure your WordPress files is vital to protecting your web presence and your business. To start, we strongly advise you keep WordPress up-to-date on your site (new security features are often released with each version) and choose passwords that are difficult for hackers to guess.

  6. Managed Optimized Wordpress Hosting in Raleigh NC

    WordPress 3.5.2 Update

    WordPress 3.5.2 is now available. This is the second maintenance release of 3.5, fixing 12 bugsThis is a security release for all previous versions and we strongly encourage you to update your sites immediately. The WordPress security team resolved seven security issues, and this release also contains some additional security hardening.

  7. Protect WordPress with Backups & Malware Scans

     

    Think website hackers and data theft is a only concern for governments and large corporations? Think again. A recent Forbes article online reported that 40 percent of cyber attacks are against companies with fewer than 500 employees. Yet many small and medium-size businesses are not taking adequate security measures to protect their websites.

    It is always wise to have systems in place for off-site file backup and malware protection.

  8. Managed Optimized Wordpress Hosting in Raleigh NC

    WordPress 3.5.1 Maintenance and Security Release

    WordPress 3.5.1 is now available. Version 3.5.1 is the first maintenance release of 3.5, fixing 37 bugs. It is also a security release for all previous WordPress versions. For a full list of changes, consult the list of tickets and the changelog, which include:

    • Editor: Prevent certain HTML elements from being unexpectedly removed or modified in rare cases.
    • Media: Fix a collection of minor workflow and compatibility issues in the new media manager.
    • Networks: Suggest proper rewrite rules when creating a new network.
    • Prevent scheduled posts from being stripped of certain HTML, such as video embeds, when they are published.
    • Work around some misconfigurations that may have caused some JavaScript in the WordPress admin area to fail.
    • Suppress some warnings that could occur when a plugin misused the database or user APIs.

    Additionally, a bug affecting Windows servers running IIS can prevent updating from 3.5 to 3.5.1. If you receive the error “Destination directory for file streaming does not exist or is not writable,” you will need to follow the steps outlined on the Codex.

    WordPress 3.5.1 also addresses the following security issues:

    • A server-side request forgery vulnerability and remote port scanning using pingbacks. This vulnerability, which could potentially be used to expose information and compromise a site, affects all previous WordPress versions. This was fixed by the WordPress security team. We’d like to thank security researchers Gennady Kovshenin and Ryan Dewhurst for reviewing our work.
    • Two instances of cross-site scripting via shortcodes and post content. These issues were discovered by Jon Cave of the WordPress security team.
    • A cross-site scripting vulnerability in the external library Plupload. Thanks to the Moxiecode team for working with us on this, and for releasing Plupload 1.5.5 to address this issue.

    Download 3.5.1 or visit Dashboard → Updates in your site admin to update now.