WordPress Exploit Scanner 0.1 has been released, in response to a comment on a recent thread about old versions of WordPress sites being hacked. You may have spotted this in your WordPress dashboard. Problem is, it only works for v2.5.1+, so it will only be useful in keeping you safe going forward. I just installed it on a basic WordPress site with K2, and got the following results:
Suspect Plugins
These plugin files look suspect. Please verify they are files you uploaded.
- ../themes/k2/app/includes/k2-sbm-loader.php
No suspicious posts or comments found
Hooray! No suspicious text found in your posts or comments tables!
For a brand new plugin that’s not bad, but throwing a false negative on such a popular theme is something that will need to be addressed. I’ll be keeping an eye on this one.
Hello There! Thank you for visiting my site.
This is the professional blog of Eric Marden, a veteran web developer, entrepreneur, and inspirational speaker.
If you're new here, please subscribe to my
RSS feed. You'll get a blend of tech news, analysis, inspirational essays, and much more.
Subscribe today.
Now this is cool. Media Temple, in partnership with Parallels, is going to soon be offering XServe virtual hosting with the ability to scale up to a full XServe’s worth of power and server resources. Offering everything an XServe has, including serving multiple web sites (including built-in wikis and blogs, whatever that means), iCal Server, Directory, and Time Machine backups - I’m hoping that it will prove to be useful for small group ware work and personal site hosting.
You can apply for the Private Beta here.
One of my photos was featured in the Chicago City Guide published by Schmapp. Well, they just launched an iPhone version of the Schmapp Chicago Guide. They’re sniffing the user agent string, so If you are using a desktop computer, this link will show exactly how the photo is displayed and credited in the iPhone version of their guide. The photo they featured is this one I took of the Allerton Hotel sign:
WordPress 2.6 will be more secure out-of-the box including better support for running the admin over SSL and changes to disable the remote publishing protocols by default.
We have choosen to disable Atom Publishing Protocol and the variety of XML-RPC protocols by default as they expose a potential to be a security risk.
Peter Westwood, a Lead Developer for WordPress, revealed they are making the default install more secure. This will go a long way to making WordPress more secure. If your security consciousness has the dial tuned closer to the paranoid end of the spectrum, then check out Blog Security’s WordPress Security Whitepaper, which lists out many things you can do to lock down your self-hosted blog, and keep out the baddies.
When we say ‘open-source’ we mean specifically that the code behind reddit is available to the public for download, and we’re inviting the public to submit code to help improve the site.
Laughing Squid has been all over this. And TechCrunch is already running it. The best bit is the logo on their trac instance:
But other than the “free” bug fixes, I can’t really see what greater good this is going to bring to the world or their organization. Don’t we have enough news voting sites? I guess Reddit doesn’t think so. This would have been bigger news a year ago.
Have some unique ways to use reddits source code? Then post them in the comments.
Latest Comments
RSS