It’s been another busy week for WordPress security — first a large number of very popular plugins were found to be vulnerable to XSS (Cross-site Scripting) attacks due to improper use of a couple of commonly used functions. Then, an important security update for the WordPress core, version 4.1.2 was released. Plugin and theme authors the world over are no doubt still busily checking their code and updates to various plugins and themes are still rolling out as I write this post (though most have already been fixed and updated a couple of days ago).
Many WordPress users are probably wondering … why are there so many security patches coming out for WordPress? Is WordPress a safe platform for my website? … continues
We’re thrilled to announce that our Managed Cloud VPS server products are now officially available.
We have been offering this service to a few select customers for a while now, and we have been carefully testing and monitoring the platform to ensure that it’s stable and fast. We’re pleased to say that it is now rock-solid — and thanks to SSD RAID drives — it’s crazy fast!
Starting at only NZD$199 per month you can get yourself a fully managed Cloud VPS server, powered by 64-bit Ubuntu Linux. We install a custom designed hosting stack, featuring Nginx with SPDY and PHP-FPM. You can choose to run either PHP 5.4, 5.5 or the latest and greatest: 5.6. … continues
A shiny new version of WordPress is not far away … WordPress 4.2 should be available within the next few weeks.
What’s new in WordPress 4.2
- Faster Plugin Installation and Updates
- Switch Themes in the WP Admin Customizer
- New and Improved Emoji Support
- Under the Hood
- Minor updates to the WP Admin theme
- Shared taxonomy terms get split *
- Improved accessibility for the WP Admin
I’ve posted about this on our Announcements page, but thought I’d mention it here too — all WP NET servers have been patched and tested as safe from the FREAK Attack SSL/TLS bug. We actually installed patches and tested a good couple of weeks ago, so we’ve been secure for sometime now.
The FREAK Attack affects browsers as well, so you should test all the web browsers you use.
An article recently published on ZDNet suggests that much of WordPress’s security woes are due to lack of knowledge on the part of the administrator. Security — an area that is often overlooked or left out of the budget altogether — if left unchecked, can make your website an easy target.
Frequently, if a handful of straightforward, proven security hardening measures had been completed, many sites would not have fallen prey to their attackers. … continues
When building a new WordPress website, it is best practice to do so on a development server (such as your local desktop machine), rather than on a live web server. For seasoned developers there are numerous tools, plugins and scripts to employ for building, deploying and testing WordPress installations — but for the less technically savvy it can be a bit tricky.
There are a few reasons why developing on a local server is best, which we’ll briefly cover. … continues
An interesting article was recently published on ZDNet, highlighting the increasing risks associated with unmanaged WordPress hosting.
In particular, the recent vulnerability discovered in the ubiquitous Slider Revolution plugin (and the subsequent controversy about the management of it’s disclosure and patching) has raised important questions regarding WordPress management and security.
At what technical level, is it accepted that a website owner has the necessary know-how to secure a website, protect it against attacks and detect when problems occur? As WordPress becomes ever more popular around the world — so too does the need for focus on security, performance and scalability.
… security is an even bigger imperative. Many WordPress sites belong to people who don’t know jack about computers, let alone web site administration. These users are much better off with a WordPress environment in which their options are limited, but their safety protected.
In 2015, it will be more important than ever to ensure that your WordPress installations are secure and up to date.
The next major release for WordPress, version 4.1 is due to be released on December 15 2014.
You can read some (work in progress) information about the new release on the WordPress.org website.
We will be reviewing and testing WordPress 4.1 as soon as it’s released and then start our upgrade process for all our hosting customers shortly thereafter. … continues
Our NZ-Based Managed WordPress Hosting has been operating for 8 months now, and already there have been many occasions when our added level of WordPress support and expertise has given our customers security and peace of mind.
WP NET does not just host your site and leave it at that — we constantly monitor the WordPress eco-sphere for important security updates, emerging threats and other risks — and when they are discovered we inform our customers and patch our systems as soon as possible. Most other hosts are not even aware of these issues and resolving them is usually left to you.
Many WordPress sites are still vulnerable to some of these threats weeks or even months later.
WP NET also monitors your website uptime and performs regular malware scans, and if we notice any performance issues with your site, we’ll get in touch and work with you to make improvements.
So, ask yourself … can you afford not to use Managed WordPress hosting?
As we continue to grow, we want to ensure that our hosting plans provide the right balance of resources that our customers need.
To this end, we have today increased the allocated resources on all hosting plans as follows. All prices remain the same. … continues