Shared by Ozh on Twitter, image consisting of the ingredients necessary to turn an original logo into something that’s different but still retains some of the original characteristics. Can anyone figure out what’s wrong with the WordPress image?
By Jeffro on November 30, 2011
By Jeffro on November 30, 2011
Some users of WordPress.com will now be able to partake in revenue sharing display advertising thanks to the launch of WordAds. I say some users because it’s available only if your application is accepted. This quote by Jon Burke sums up the story of how bad advertising had been for WordPress.com users over the past few years.
Over the years one of the most frequent requests on WordPress.com has been to allow bloggers to earn money from their blog through ads. We’ve resisted advertising so far because most of it we had seen wasn’t terribly tasteful, and it seemed like Google’s AdSense was the state-of-the-art, which was sad. You pour a lot of time and effort into your blog and you deserve better than AdSense.
It’s indeed sad that Adsense can be considered the best that WordPress.com can do however, it’s about time they broadened their horizons and provided an alternate means of display advertising. Just a few weeks ago, I linked to a story that described just how bad the display advertising was on WP.com and the news of WordAds couldn’t come at a better time, despite being late.
I’m looking forward to seeing how this all comes together. The type of advertising, the sites content, and the actual products being advertised. If everything can mesh together well, this should be a success.
By Jeffro on November 29, 2011
Looks like there’s an exploit going around that appears to be similar in nature to the TimThumb vulnerability. If you noticed a bunch of “Cannot Redeclare” errors when browsing your website recently with eval code, chances are you’ve become a victim of this attack. Jeff Starr of DigWp.com and co-author of the book, Digging Into WordPress has laid out a series of steps on how you or consultants can clean up the mess that’s left behind. It’s also worth noting the following forum thread on the WordPress.org support forums where a number of people have been trying to investigate how this attack works.
By Jeffro on November 28, 2011
Some interesting numbers have been published by Dev4Press.com which show just over 50% of sites reporting data back to the WordPress.org mother ship are registering as using version 3.0. 10.8% for 3.1 and 16.2 percent use 3.2. When looking at the big picture, those are terrible numbers. That 50% number would ideally be 3.2 but for any number of reasons, those websites are not being upgraded. There is also the issue of accuracy in that many of the websites that are being reported may have either been abandoned or left online as a test bed.
I’m sure many plugin authors can relate to Millan in that supporting 3-4 versions of WordPress can be a pain in the neck considering some of the major differences between versions. What’s a plugin author do so since leaving those users out to dry is not acceptable?
By Jeffro on November 25, 2011
Ryan Imel of WPCandy.com has announced the launch of a quarterly magazine focused entirely on WordPress called the WordPress Quarterly. The magazine will be physical in nature meaning you can hold it in your hands as well as have a digital counterpart that won’t be available until the print edition ships. During the course of the year, the magazine will have four issues shipped, one in January, April, July, and October. If you want to own a small piece of WordPress history, you can pre-order the first issue for $12.00 while subscribing for the entire year will be $36.00. That doesn’t include shipping which many people outside of the U.S. have already complained about. However, Ryan has since tweaked the shipping prices to make them more affordable. The first issue already has a slew of contributing WordPress all stars which you can see here, covering the gamut from an article on TimThumb to bbPress and the GooglePlex.
What perplexes me is the idea of going through with a physical WordPress centric magazine at all. Back in March of 2010, Justin Tadlock started an interesting discussion on the Tavern forum regarding the idea of creating some sort of community oriented WordPress magazine. It would have been a website dedicated to the topics of WordPress, bbPress, BuddyPress and anything else that needed to be focused upon. Although the site wouldn’t really be used as a typical blog but more or less be used to publish non time sensitive content such as reviews, interviews, tips and tricks. At the end of the day, the idea never gained traction to see the light of day but it looks as though the excitement that was expressed regarding the idea back in 2010 is still prevalent as I’ve seen a number of people subscribe to the WP Quarterly Magazine.
Fast forward to the end of 2011 and the question I have is, what has changed since then to turn the idea into a reality with not so much of a website but a physical magazine? While Justin wanted a group of contributors to simply give back when submitting an article to the magazine, WPCandy is charging for this content. I wonder if the authors will be allowed in on profit sharing or if they are paid on a per article basis? Considering the alternative of being able to publish those great articles on ones own site, I’d be hard pressed to think people will just give away that type of content without a price attached.
At any rate, I’ll be watching from a distance to see if this magazine can gain traction and stick around for awhile or if the initial surge of subscriptions and excitement will die down. At the very least, owning the first issue will be like owning a small piece of history.
By Jeffro on November 22, 2011
Just in time for the holidays, the WordPress Swag store has reopened. There are two things worth noticing. The first is that the link does not point to WP SwagStore which is where the original store called home. The second is that the new store is running on Joomla. It was shocking to me as well as others when I mentioned that fact on Twitter. Andrew Nacin while not directly involved with the project has explained why the site is using Joomla through HelloMerch.com:
The swag store at wpswagstore.com is built on WP. The store for this holiday season is, clearly, not. Typically, merchandise was kept at Pier 38 and mailed by the fine folks at Automattic. Because of Automattic staffing changes and the closing of Pier 38 (all current merchandise is in storage — this is all new stuff), there was a need to re-route orders to a fulfillment center. In order to get this live as quickly as possible, a third-party service was used. Right now, every available core/community developer is working on version 3.3. No one is available to develop (and rapidly develop, at that) the existing swag store to get it up to speed for the current (and who knows, possibly transient) fulfillment situation. This is all just temporary.
First off, a huge thank you to Andrew Nacin who is one of the few that understands a thing or two about communication. Secondly, definitely browse around through the store as a new Red colored hoodie has been added as well as a red, green, or blue Christmas ornament featuring the WordPress logo. While I prefer that the ornaments be priced around $5.00, I decided to purchase a blue one. The ordering experience wasn’t too bad. Shipping ended up being half the cost of the item but considering it’s a WordPress branded ornament, I’ll let it slide.
By Jeffro on November 21, 2011
Siobhan McKeown has published a disturbing yet not out of the ordinary article that explains how a couple of plugins were recently added to the plugin repository that were using a version of J-Query from J-Query.org which after investigation proved to be a fake website. The purported J-Query file was actually propagating sites with CPA Infinity Affiliate Links. After the article was published, Otto responded in the comments to make note that the plugins were removed and the user who uploaded them has been banned. This is yet another reminder that the WordPress plugin repository is a powerful place to do naughty business for those that can get past a couple pair of eyeballs and not get noticed right away.
For the future, Otto recommends doing the following if you spot something malicious within a plugin on the repository:
Obviously malicious code doesn’t last long before somebody spots it (this one only lasted a week before somebody noticed, and it would have been removed that same day if anybody had reported it to us at firstname.lastname@example.org), but unintended security holes can become widely propagated for a longer period of time, leading to issues when hackers find and exploit them. So they are of a somewhat higher priority to find.
Apparently, reporting offending plugins to that email address gets swifter action than anything else. Although not related specifically to this story, I think it’s good to be reminded of June 21, 2011 when a number of suspicious commits were made to popular plugins after hackers gained access to the plugin repository. Thankfully, those commits were caught in a short period of time but there is no guarantee that they would catch them in time again.