The WordPress for iPhone application was recently released. It’s free and native, and so far the general consensus is that it’s nice but still has some kinks to work out. Indeed, I typo’d the password when setting this blog up in it and was presented with this broken screen:
Hello There! Thank you for visiting my site.
This is the professional blog of Eric Marden, a veteran web developer, entrepreneur, and inspirational speaker.
If you're new here, please subscribe to my
RSS feed. You'll get a blend of tech news, analysis, inspirational essays, and much more.
Subscribe today.
For the past few weeks I’ve been quietly tinkering on a new section of the ol’ xentek homestead, and I’m happy to report that the efforts are starting to bare fruit. In other words, I’ve been scratching a few itches, and have released the results under the GPLv3. The first one out of the incubator is FlareSmith. a WordPress plugin to integrate the FeedBurner Stats and FeedFlare services into your blog - without having to edit your theme.
This plugin was the result of using the K2 theme framework for most of my WordPress sites. I got tired of having to remember to patch theloop.php each time I wanted to upgrade K2. By developing a simple content filter, I could insert the small JavaScript snippet that powers the FeedBurner Stats and FeedFlare integration with your self-hosted blog.
The plugin is available here, and is also hosted at the WordPress Plugins Database - to take advantage of the new plugin upgrade functionality in 2.5.
Enjoy!
P.S. I entered the plugin into a competition. Stop by and vote for me if you get a chance.
WordPress Exploit Scanner 0.1 has been released, in response to a comment on a recent thread about old versions of WordPress sites being hacked. You may have spotted this in your WordPress dashboard. Problem is, it only works for v2.5.1+, so it will only be useful in keeping you safe going forward. I just installed it on a basic WordPress site with K2, and got the following results:
Suspect Plugins
These plugin files look suspect. Please verify they are files you uploaded.
- ../themes/k2/app/includes/k2-sbm-loader.php
No suspicious posts or comments found
Hooray! No suspicious text found in your posts or comments tables!
For a brand new plugin that’s not bad, but throwing a false negative on such a popular theme is something that will need to be addressed. I’ll be keeping an eye on this one.
WordPress 2.6 will be more secure out-of-the box including better support for running the admin over SSL and changes to disable the remote publishing protocols by default.
We have choosen to disable Atom Publishing Protocol and the variety of XML-RPC protocols by default as they expose a potential to be a security risk.
Peter Westwood, a Lead Developer for WordPress, revealed they are making the default install more secure. This will go a long way to making WordPress more secure. If your security consciousness has the dial tuned closer to the paranoid end of the spectrum, then check out Blog Security’s WordPress Security Whitepaper, which lists out many things you can do to lock down your self-hosted blog, and keep out the baddies.
Latest Comments
RSS