WordPress updates

Auto-update convenience: WordPress upgrades itself to fix critical vulnerability

After yesterday’s upgrading of key WordPress plugins to fix a cross site scripting vulnerability, the WordPress team released version 4.1.2, which it described as a critical security release.

“WordPress versions 4.1.1 and earlier are affected by a critical cross-site scripting vulnerability, which could enable anonymous users to compromise a site,” the WordPress team said in a blog post announcing the release. The release also fixed 3 other security issues including an SQL injection vulnerability in some plugins.

I got the notification of the new release at past midnight. Years back, that would have meant that I’d need to stay up very late, download the latest release, upload the files to the server and perform the upgrade for each of the site I’m running. Continue reading →

WordPress InfiniteWP

WordPress security alert: vulnerability in multiple plugins; time to update

Do you use WordPress to run your site or blog? You better head off to your dashboard to check for plugin updates. Now.

A cross site scripting vulnerability has been spotted in several WordPress plugins and themes, including popular ones like Jetpack, WordPress SEO, Google Analytics, All in one SEO, Gravity Forms, among others.

“The vulnerability Sucuri discovered would allow an attacker to send a WordPress user with administrative rights a link which could execute malicious JavaScript,” Jetpack said in a blog post announcing an update to its pluginContinue reading →

WP Remote simplifies and centralizes the monitoring, backing up and upgrading of your WordPress sites. It is a free service. CLICK ON IMAGE TO ENLARGE.

Running multiple WordPress sites? Here’s a service and plugin you should use

The maintenance of multiple WordPress sites can be tedious and time-consuming. The necessary tasks of updating plugins and themes and backing up your files and database site-by-site can take up a large chunk of your time, depending on the number of sites you manage. This is time better spent writing and blogging.

WP Remote simplifies and centralizes this task with its excellent free service. I have been using the service for more than a month now and it has been a great tool and time-saver.

WP Remote is a free service that provides a single interface to monitor your WordPress installations, back up files and data and upgrade plugins and themes. It is both a service that you sign up to and a plugin that you install in the WordPress sites that you want to manage with the service.

WP Remote simplifies and centralizes the monitoring, backing up and upgrading of your WordPress sites. It is a free service. CLICK ON IMAGE TO ENLARGE.

WP Remote simplifies and centralizes the monitoring, backing up and upgrading of your WordPress sites. It is a free service. CLICK ON IMAGE TO ENLARGE.

Continue reading →

matt

WordPress rides the open source juggernaut

Eight years after it was started by a 19-year-old college freshman as a blogging software, WordPress now powers 14.7 percent of the world’s top one million websites. It is used in 55 million websites.

In his annual State of The Word address last week, WordPress founder Matt Mullenweg also said the open source content management system (CMS) now runs 22 out of every 100 new websites created in the US.

The velocity in WordPress adoption and its dominance illustrate the strength of the open source model, where the community is involved in the development of the software. It is not a coincidence that the top open source CMS packages today, WordPress and Drupal, also have the most active developer and user communities.

Matt Mullenweg giving his State of the Word 2011 address

Matt Mullenweg giving his State of the Word 2011 address.

Continue reading →

Building with WordPress: From sketch to prototype to company website in 5 hours

Aside from being a good blogging tool, WordPress is also a lightweight content management system that can be used to run such diverse sites as news or magazine publications, personal and organizational websites.

I recently started accepting paid web development work and website management. Several weeks back, I bought a domain, Tugkaran.com (from the Bisaya word for staging ground), and created a static HTML page as placeholder because I did not have time to configure WordPress to run the site.

Building with WordPress FROM SKETCH TO WORDPRESS DESIGN. The steps I took from planning a site to deploying a custom WordPress theme for it using Yahoo UI Grids Builder, Aptana, and Bluefish.

But when one of my projects was about to go live, I needed to quickly build Tugkaran because I already placed a link to it in the footer. I spent whatever time I could spare from newsroom and web development work building Tugkaran, 30 minutes or so here, an hour there, a few minutes here.

It took me five hours to go from sketching the site on paper, protoyping the design in HTML, and setting up WordPress with the custom theme. The site was designed “live.” Developing it locally and then replicating the work in the server would take more time—which I didn’t have.

The Tugkaran website still needs a lot of work but it will do for now. I’ll polish it when I have more time. If you want to study the files I worked on, you can download it at the end of this post.

Continue reading →

Joomla users schedule Cebu meeting

Users, developers, and supporters of the open source content management system (CMS) Joomla will be meeting in Cebu next Saturday, June 7 at the Lepiten & Bojos Law Office on Don Pedro Rodriguez St. in Capitol Site, Cebu City (see map below).

The meeting is preparatory to the Joomla Day that will be held in UP Diliman on June 14. During the meeting, members of the Joomla community in Cebu are scheduled to plan activities for a year and consider participation in a coming Open Source summit in Cebu on June 23 to 24 at the Cebu International Convention Center. The Open Source summit will have a track on Drupal, another popular open source CMS.

Continue reading →

Using WordPress as CMS of news, magazine sites redux

My redesign of Cebu Living, an online magazine on Cebu, is now live. Check it out. It’s using a WordPress theme for news and magazine websites. The new theme still needs a lot of work but if you want to try it out, you can do an anonymous svn checkout: svn checkout http://svn2.assembla.com/svn/cebulivingmagazine. Just go through the template files and see what needs to be changed for your site. I promise a commented version of the template files soon.

Unlike the previous Cebu Living theme, which I ported from an open source CSS/XHTML design, I built this new one from scratch. And it shows. I’m not a designer, in fact, I’m bad at designs. But the new theme incorporates elements I, as publisher, wanted from a site run as an e-zine and using WordPress as content management system (CMS).

I will be releasing the theme as soon as I finalize it. If you have comments on the new design, please leave it in this post or send it as an e-mail so that I can consider incorporating it in the theme.

Continue reading →

Going to school—Drupal school

I’ve been studying Drupal these past months. Drupal is a highly-regarded open source content management system (CMS) that can run anything from a single-person website to a community portal. There’s even a Newspapers on Drupal group for people using the CMS for their news websites.

Drupal school NOW SHOWING. I’ve downloaded Elliott Rothman’s video tutorial series on Drupal. Rothman’s tutorials are really helpful for newbies who want to learn how to use Drupal as content management system. Click on photo to enlarge.

Drupal, unlike many other open source CMS, seems to be much more technically challenging to use, especially for non-geeks like me who can’t program.

It took me a couple of months of studying and experimenting with WordPress to be able to confidently make it work for a project the way I wanted it to work. WordPress can be used to run a news or magazine website and I’ve done this for several projects. I am also currently writing a new article on how to use WordPress to run a news website and will be releasing a new theme for it. It’s for a personal project that I was supposed to launch this weekend but got delayed by work deadlines.

While I love WordPress and have been using it for most of my personal projects, I want to learn how to use Drupal extensively because I see it as the better CMS for larger, more complex, and community-oriented web projects. Some of the sites running Drupal are The Onion, MTV UK, Canadian Broadcasting Corporation’s Exposure, and The New York Observer.

The New York Observer’s use of Drupal is particularly noteworthy because its development team discussed how they did it in this article on the relaunch of the newspaper site using Drupal.

Continue reading →

Announcing WP-Subdued WordPress theme

I have just released WP-Subdued, a WordPress theme based on the open source Subdued web template released by Free CSS Templates. I regularly check Free CSS Templates and when I saw the Subdued template, I immediately knew it was perfect for a site I’m helping to launch.

wp-subdued WP-SUBDUED. My WordPress port of the Subdued template released by Free CSS Templates. Click on photo to view larger image.

To preview the original template, click on this link. To view how it looks in WordPress, check this working version in my sandbox.

The template was released as an open source design under a Creative Commons Attribution license and the designer said he’d appreciate if you somehow link to his site.

Save for changing the header to not use images, styling the sidebar list, and adding comment and search forms, I kept most of the design elements.

Continue reading →

Reinvigorate: the best hosted website metrics service I’ve tried

Hot on the heels of the release of the Automattic Stats came the sending of invitations to the beta version of Reinvigorate, a hosted free website metrics service that appears to trump most of the free website metrics services available today.

A day after installing and using the service, I think Reinvigorate is the most impressive website metrics package I tried. (Blogger’s note: the images in this post were taken a few hours after I installed the tracking code for the service). I found it so impressive that I immediately used it for my other blogs. Normally, I’d try out a stats package in this blog and then after a few weeks, I’d use it for the other sites I manage.

reinvigorate website metrics VISITOR PATHS. Reinvigorate tracks the pages readers visit in your site. This feature is very instructive and will tell you whether you did enough to provide links to related pages or articles. Click on photo to view larger image.

What distinguishes Reinvigorate from other hosted website metrics services I tried is that it tracks “paths,” the trail of web pages a reader visited in your site. The data it provides is really enlightening. I haven’t found a comparable feature in the several blog and website metrics services I’ve used.

Continue reading →