If you have not updated your website to the latest WordPress version 5.0.3, it’s a great idea to upgrade it now.
Cybersecurity researchers at RIPS Technologies GmbH today shared their latest research with The Hacker News, revealing the existence of a critical remote code execution vulnerability that affects all previous versions of WordPress released in the past 6 years.
An SSL certificate encrypts the connection between your site and your visitors’ browser so hackers can’t steal personal information. SSL certificates can be cumbersome to install and can be expensive, but this situation is changing.
Let’s Encrypt is a new open source certificate authority that is backed by top companies including Automattic (the force behind WordPress), Facebook, Mozilla, Chrome, Cisco, and Sucuri. The aim of the project is to make installing SSL certificates automated and free for everyone.
wpmudev has everything you need to know about Let’s Encrypt SSL certificates and how to use them with WordPress right here.
Reveal Template helps determine the exact template being utilized to render the currently displayed page in WordPress or those to which WordPress falls back if the theme does not have a template of its own.
The revelations can be shown in several ways: in the site footer (default plugin setting), in a widget that can be placed into any widgetized area, as a shortcode within a post/page content area, or a template tag.
At WPLift, Joe Fylan posted a nice review of different backup options for web sites powered by WordPress. BackupBuddy is mentioned there of course, along with several good free options that allow to put the backup on the server, send it by email, or putting it to Google Drive (not fond of this option personally) or Dropbox (one of my favorite, along with backing up via InfiniteWP – the option not mentioned in the article since it does not fall into the plugins category).
With so many membership plugins for WordPress being available, it’s a real challenge to figure out which one to use for a particular web site. Chris Lema has been helping to clarify the matter for some time and now offers an even easier to use aid – a great infographic that guides you through multiple membership options towards a plugin that is more likely to be the answer:
Choosing a WordPress Membership Plugin
“Theme creep” is what I call it when functionality that has nothing to do with the presentational layer of a WordPress website “creeps” into the theme. What this ends up doing is chaining you to a WordPress theme that seemed like a beautiful and great one for your site when you first saw it. Chains you so that in six months or thirty, when you find yourself wanting a visual change of pace you’re left with a terrible choice: your pretty new look or your properly functioning WordPress site.
It’s a very accurate term for crawling over the boundaries of presentation and into the realm better served by plugins. This always makes me feel uneasy about WordPress themes perfectly suited for the task at hand: what if the development stalls, there will be no support for new WordPress features? What will it take going to reproduce the functionality, presuming that the theme permits to edit the code?
Sucuri who are famous for their great security services came up with a Free WordPress plugin to help with cleaning up a hacked WordPress-powered web site:
Cleaning Up Your WordPress Site with the Free Sucuri Plugin
The plugin may not help mitigate consequences of every hack, but it offers a set of steps that are likely to show you where the problem is. It starts with the Sucuri’s free remote scanner, SiteCheck, and ends with resetting passwords and security keys and offers advise on further hardening your WordPress installation.
Sarah Gooding has a piece of solid advise on how to protect the WordPress installation from clients who can’t contain their urge to tinker with things:
Protecting WordPress from Dangerous Clients
The best part of it is that it does not involve any plugins. All work is done in the wp-config.php file.
Stripe, a wonderful developer-friendly payment gateway, just became even more useful: there is now a WordPress plugin for it, Super Stripe.
You can now securely accept credit credit card payments on a WordPress site without PCI compliance headaches like a SSL certificate, security scans, maintenance routines, and so on. All that stays with Stripe and is now readily available to you through an easy to install and configure free plugin.
Nice roundup of available options for membership in WordPress by Chris Lema, grouped by price, content dripping, pausing memberships, and even the ability to use Stripe. The last option is for those who dislike PayPal but still need to easily accept membership payments.