Content management systems are being targeted by brute-force password attacks. Improve the security of your self-hosted WordPress blog by installing the Google Authenticator plugin. (more…)
- »
- WordPress 4.0 “Benny” is out!
- »
- When I click on Preview in the WordPress editor, Fluid makes a
GETrequest to the web server. It still uses the action address specified in the#postform (post.php), just not thePOSTmethod. But none of the form values are included, so I end up staring at a listing of all posts instead of the preview I wanted. Maybe it is getting confused by the fact that the#post-preview“button” is actually an HTML link (anaelement)? There is also some JavaScript that attaches to theclickevent of the link (see thedoPreview()function).
- »
- Upgraded to WordPress 3.6. The admin bar went missing on the front end…
6.12.07
Hiding from spammers
For a long time now I’ve removed the generator meta tag from all WordPress installations I’ve setup. Mentioning WordPress is just honey for the bees. Since I removed the meta tags the amount of spam has decreased remarkably. Posts about WordPress are targeted much sooner and for much longer than other posts.
Starting with WordPress 2.4 the generator information is inserted by the core code, as opposed to the theme. This means that the meta tag will reappear even if you have removed it from your theme. However, this is actually a good change, because now you can disable the tag not only from the HTML pages generated by the theme, but also from all other formats WordPress outputs. The information is created by a couple of functions centrally instead of scattered instances through the code.
I’ve created a plugin to accomplish this: No Generator works with the trunk code from svn, and will work with 2.4 once it is released.
8.9.07
Suomenkielinen WordPress 2.2.3
WordPressin versio 2.2.3 on tietoturvapäivitys. Sen asentamista suositellaan välittömästi.
Lisätietoa englanniksi: korjatut bugit ja muuttuneet tiedostot.
5.8.07
WordPress 2.2.2 ja 2.0.11 suomeksi
Suomenkielinen WordPress on taas ajan tasalla. Versiot 2.2.2 ja 2.0.11 julkaistiin 3 tuntia sitten englanniksi ja sisältävät tietoturvaan liittyviä korjauksia. Suomenkieliset versiot niistä voi nyt ladata suomenkielisen WordPressin kotisivulta:
Itse törmäsin päivityksessä palvelimen oletusasetusten tuomaan yllättävään lisäongelmaan. (jatkuu…)
- »
- Version 3.0 of the DoFollow plugin can differentiate between comments left by registered users and other visitors. (more…)
- »
- One of the recent posts has been showing up as new over and over again on feed readers. I narrowed the problem down to the email address obfuscation in Markdown & Extra. I just upgraded to a more recent version (two new versions had come out since the beginning of December), and one of the changes is that the obfuscation algorithm is now deterministic instead of random. So you should see that article pop up once more as new, if you are reading through the feed, and then never again.