WordPress 4.9.2 Security and Maintenance Release

by

WordPress 4.9.2 is now available. This is a maintenance and security release for all WordPress versions since 3.7, and you need to update your websites immediately.

An XSS vulnerability was discovered in the Flash fallback files in MediaElement, a library that is included with WordPress. Because the Flash files are no longer needed for most use cases, they have been removed from WordPress.

MediaElement has released a new version that contains a fix for the bug, and a WordPress plugin containing the fixed files is available in the plugin repository.

While WordPress.org already started automatic background updates that do not require you to do anything it may take some time for them to get to your website. If it does not update automatically today, do it yourself (if you are confident enough) or contact Dusk Owl for help.

WordPress 4.9.1 Security Release

by

WordPress 4.9.1 is now available. This is a security release for all previous versions since WordPress 3.7, and it is strongly recommended that you update your websites immediately.

WordPress versions 4.9 and earlier are affected by four security issues which could potentially be exploited as part of a multi-vector attack.

While WordPress.org already started automatic background updates that do not require you to do anything it may take some time for them to get to your website. If it does not update automatically today, do it yourself (if you are confident enough) or contact Dusk Owl for help.

WordPress 4.8.3 Security Release

by

WordPress 4.8.3 is now available. This is a security release for all previous versions, and you must update your websites immediately.

WordPress versions 4.8.2 and earlier are affected by an issue where unexpected and unsafe queries can lead to potential SQL injection (SQLi). WordPress core is not directly vulnerable to this issue, but special hardening has been added to prevent plugins and themes from accidentally causing a vulnerability.

While WordPress.org already started automatic background updates that do not require you to do anything it may take some time for them to get to your website. If it does not update automatically today, do it yourself (if you are confident enough) or contact Dusk Owl for help.

Do You Have Permission to Use That Image?

by

Finding images for your website or brochure can be tricky. There are confusing stock sites, tempting free collections, there is also a Google image search that may look like an easiest option. How to make sure you don’t have to regret your choice later? Theresa Jennings can help with a clear, to the point presentation.

Not a fan of presentations? A downloadable PDF is also available.

Cloudflare now offers unmetered DDoS attack mitigation

by

Cloudflare turns seven this week and it wants to give your network a present. Should your website come under Distributed Denial of Service (DDoS) attack, it will never charge you additional fees, or (and this is important) kick you off the network.

Cloudflare CEO Matthew Prince has pledged unmetered DDoS mitigation, regardless of the size of the attack and no matter what level of service you have from the free tier all the way up to the enterprise level.

This is wonderful news for small business owners. Take advantage of it if you haven’t done so yet.

WordPress 4.8.2 Security and Maintenance Release

by

WordPress 4.8.2 became available today. This is a security release for all previous versions, and you need to update your websites immediately. The update fixes 9 security issues.

While WordPress.org already started automatic background updates that do not require you to do anything it may take some time for them to get to your website. If it does not update automatically today, do it yourself (if you are confident enough) or contact Dusk Owl for help.

Next steps toward more connection security

by

Google has sent out a warning that HTTP sites that contain forms and other input fields will be marked Not Secure staring this October.

The search giant gave a notice of this a few months ago but has now takes the next step to formally notify those who will be affected with the upcoming change.

The notification states: “Beginning in October 2017, Chrome will show the ‘Not secure’ warning in two additional situations: when users enter data on an HTTP page, and on all HTTP pages visited in Incognito mode.”

The original Google Chrome post can be found here: https://blog.chromium.org/2017/04/next-steps-toward-more-connection.html

WordPress 4.7.5 Security and Maintenance Release

by

WordPress 4.7.5 became available today. The new version addresses 6 security issues affecting WordPress 4.7.4 and earlier releases. It also includes 3 maintenance fixes to the 4.7 release series.

While WordPress.org already started automatic background updates that do not require you to do anything it may take some time for them to get to your website. If it does not update automatically today, do it yourself (if you are confident enough) or contact Dusk Owl for help.

This Site Will Show You All Nearby Cafes with WiFi Hotspots

by

Available as both an iOS app and a web-based service, with an Android app currently in the works, Cafe Wi-Fi is a map that shows off any available Wi-Fi hotspots at any given area.

Much like the Airport Wi-Fi map, Cafe Wi-Fi relies on a combination of user contributions and third-party sources like FourSquare to populate its map with Wi-Fi hotspots.