WordPress Weekly News #006: Mullenweg Talks About WordPress Security and much more
Hello WordPress folks.
I am back with another edition of the WordPress Weekly News. I know there is a lot happening in the world of WordPress and it is difficult for you to keep track. Well, no need to worry because I am going to fill you in with all the latest WordPress talks from the past week.
Mullenweg Talks About WordPress Security
Matt Mullenweg has recently come out and re-assured that people at WordPress do really care about security. In response to a post on Medium.com, he said that security is viewed holistically at WordPress and from every angle
He explained what kind of threats can be stopped by implementing digital signatures to WordPress updates. “It could stop a man in the middle attack,” said Mullenweg. “It could stop a situation where the part of .org that serves the update is compromised but the signing part isn’t”.
Matt Mullenweg ended his post by saying that Medium is the ideal place for rants like these and would love to try the Medium editor.
No Rest for WP REST API Exploits
Remember, the vulnerability I mentioned last week in my roundup is still strong. Web app security service Sucuri tracked the damage the vulnerability caused and found out 66,000 indexed pages on Google Search under the “by w4l3XzY3” string. Till the time of publication, the number has grown to 304,000 entries. The other string “by Sa3d Hack3D” has 499,000 results. This all happened due a REST API vulnerability in versions before 4.7.2. After the public disclosure, the defacing activity has skyrocketed. Look at the following Google Trends chart:
This is going to cause SPAM SEO problems and websites may suffer by losing ranks and authority.
To fix the issue, you need to update to WordPress 4.7.2.
WordPress for iOS 7.0 Beta
You will be able to test WordPress for iOS 7.0 on testflight soon. The test phase would include testing Navigation arrows for notifications and support for right-to-left (RTL) languages. The update allows to add and edit post excerpts directly from the app.
You can signup on testflight and be a part of the test program.
10up recently launched an end-to-end solution for its ElasticPress plugin users. The website developing company released Elasticpress.io which will look after the hosting and the plugin optimizing performance for both.
It is a hosted search and query engine for Elasticpress. Elasticpress.io enables users to fully utilize Elasticpress without maintaining Elasticsearch.
The Elasticpress plans start at $299 per month and go up to $999 per month.
Creative Commons Launched New Search Tool
The Creative Commons launched a search tool that fetch results from multiple resources on site. While the previous search tool searched one source by sending the user off site, the new search tool, which is currently in beta version, shows results from off-site sources.
Not only that, it has a social sharing link which allows users to share their lists and also save their searches. The search tool is built on AWS using Python. The monthly hosting cost is $1400/month.
The company aims to make the material more discoverable and to add further improvements with this new search tool.
It’s the 80’s in the Miami WordCamp
An 80’s themed WordCamp, now that sounds exciting! Miami will host its 9th WordCamp where 800 attendees are expected. A host of global speakers are expected to rock the WordCamp in Miami this year with speakers coming from India, Australia, Canada and other countries.
The WordCamp will be a 3 day event starting from 23rd March. It will also feature a kid’s camp where kids will enlightened about WordPress and coding.
This sounds like one of the most exciting WordCamps ever. We will have to wait and see how it goes.
Time to Learn
Now, the best of round-up is here. Following are the tutorials you missed this week:
See You Next Week
That is all from this week’s WordPress Weekly News. If you have anything to tell, feel free to use our comments section.
Subscribe to Get a FREE WordPress Ebook Right in Your Inbox
WPblog provides the complete guide to launch your WordPress website completely FREE!
Moeez is ‘The’ blogger in charge of WPblog. He loves to interact and learn about WordPress with people in the WordPress community. Outside his work life, Moeez spends time hanging out with his friends, playing Xbox and watching football on the weekends. You can get in touch with him at moeez[at]wpblog.com.