ERIC SHEFFERMAN <DOT> COM

Blog-o-Goodness

You can’t go out this Friday night, it’s time to update WordPress to Version 3.4.2

Holy mother of toad! Again! WordPress just loves to release those late in the week security updates.

We already know how hackers work — they do a file compare of the old WordPress version to the new one, the write some code to exploit the vulnerability, and then they set the code loose on whatever servers they already control to hack MORE servers and control them too.

Then they go out, party for the weekend, and check in Monday morning to see all the WordPress installs they’ve hacked and can add their porn links to.

You’ve got two choices folks:

1. Get hacked and have all the gurus on WordPress.org blame you for your negligence.

2. Stay in Friday night logging into each of your WordPress installs and clicking the damn UPDATE button and waiting for it to finish. (And if you’re smart, run a backup before you do that.) No party for you

But FINALLY there is a new third choice that actually makes sense!

3. Use ManageWP to administer all your WordPress sites and be able to update them all with ONE click. And then go out and party!

I just used it and now I get to go out and party while feeling a bit safer and secure, knowing that my WordPress sites are all updated to the latest version.


Go there, do it now, the pain of having your site hacked over the weekend is too much. Trust me: been there, done that.

Share

How To Include Amazon Text and Image (Enhanced Display) Affiliate Links In WordPress – Part 2

Feh. As per my previous post on inserting iframe tags in the TinyMCE editor in WordPress for amazon affiliate links and youtube videos, this is something a user needs to be able to do without having the editor delete them as soon as you switch into WYSIWYG mode.

This plugin — Amazon Widgets Shortcodesalmost does what I’d want with amazon affiliate links. It’s nice that it makes them stand out in the editor with a little amazon logo. It seems to work in the WYSIWYG editor, but there are some issues with trying to move the cursor before or after it that make it necessary to switch to HTML mode to insert a placeholder character and then go back to WYSIWYG and move the cursor to the placeholder. Icky.

This comment regarding the TinyMCE Unfilter plugin points out the problem with inadequate care in coding. Otherwise the TSL TinyMCE Unfilter plugin seems to do what is actually needed. Unfortunately, the author hasn’t updated it in 6 months. And if you go in and edit it yourself, you run the risk of the author someday updating it and WordPress allowing you to overwrite your edited version with the author’s update — whether or not he addressed this issue.

That’s a problem with WordPress plugins – you can’t tell which ones will be abandoned or when or what the effects of that will be.

It looks to me like the TinyMCE Unfilter plugin will work if you aren’t making any other modifications via plugin to the TinyMCE. I think.

I couldn’t find anything else in the WordPress plugin repository that would do this kind of thing — which surprises me. Might just be an issue of not searching for the right keyword. Or results being buried under plugins that only work in version 2 of WordPress. Or whatever.

But there’s two other possible solutions — which both beat messing with the functions.php file and losing your stuff when you change themes.

 

Share

Check Your WordPress Website’s Speed and Make It Faster

Google thinks the web should be fast, and that’s kinda the final word. Here’s some (older but still useful) info on site speed as a ranking factor.

I recently found a useful website for testing your website’s speed – it checks the website by accessing it from multiple locations (in multiple countries) and thus gives a better test than just checking the speed in your own browser.

Read the rest of this entry »

Share

WordPress – Be Ready To Be Hacked Again

Ahh… the dreaded

3.0.4 Important Security Update

…a very important update to apply to your sites as soon as possible because it fixes a core security bug in our HTML sanitation library, called KSES. I would rate this release as “critical.”

Yeah. What that says to me is, “A hacker has already looked at the vulnerabilities in 3.0.3 and written a script to exploit it and deployed it on the websites he/she has already hacked so that it can go out and get access to even more web servers by simply crawling the web looking for WordPress installations that haven’t been updated yet.”

Read the rest of this entry »

Share

Getting WordPress Multisite to Work Part 4

Discover how ManageWP solves all these problems and more!

New way to tackle this… Last night I tried to install WordPress MU instead of WordPress 3 Beta.

After all, I don’t particularly care about the exciting new features — I just want to run multiple domain names off a single WordPress install so I only have to keep one WordPress install updated and secure instead of 10 or 20 or 50.

For all the stuff I’ve seen about installing MU, I thought it was going to be difficult. It wasn’t, but…

Read the rest of this entry »

Share

Getting WordPress Multisite to Work Part 3

Discover how ManageWP solves all these problems and more!

Today I’m going to make a fresh start and try to document it. Maybe it will even work.

My domain for installing WordPress 3 Beta will be http://earthmustdie.com/

So I created a database, uploaded the files and created my WordPress site. That was easy. Now…

Read the rest of this entry »

Share

Getting WordPress Multisite to Work Part 2

Discover how ManageWP solves all these problems and more!

It was a rainy night in NYC

I’m getting closer to getting the WordPresss Multisite feature to work for hosting multiple domains with one install.

I went to the WordPress NYC Meetup group last night since they were discussing the features of WordPress 3.0 including Multisite.

As an aside, I’d like to mention that it was a very impressive lecture put on by Steve Bruner and Boone Gorges — both of them know their stuff and know how to explain it. If you’re in the NY area and developing with WordPress I highly recommend this group.

Ah… but as to my particular install problem… not so much insight. I did learn that what I want to do is rather simple compared to what a lot of people in the room are doing.
My goal is to run all the websites I have now with just me as the single user running on a single install of WordPress. It shouldn’t be any particular extra stress on web server resources to do it that way vs. separate installs, but I’ll be able to roll out WordPress updates and plugin features across all my sites with a single button — and thus make it a lot easier to make sure that I always have all security updates in place. Otherwise setting up an additional website is about 10 minutes of “install work” followed by a lifetime of daily maintenance.

So the plan is to get Multisite working and handling all my different domains. And here’s what I’ve got so far:

Share

Keep Up With
Eric Shefferman

Via RSS
    

Via Email Updates
Name:
Email:

Categories

Archives

The following link is not for people: I do not like it, Sam I Am.