Until now, details regarding WordCamp New York have been scarce to non-existent. However, Steve Bruner has published a post on the official site for the event and has notified everyone that this years event will take place on June 9th – 10th at Baruch College, the same location as 2010. As it turns out, WordCamp New York didn’t take place in 2011. Stay tuned to their official event website for details on Tickets and Speaker forms.
By Jeffro on March 20, 2012
By Jeffro on March 19, 2012
Vladimir Prelovac, an esteemed plugin author has shared his story on how he made $80,000 through one plugin. It took a few years but once he rewrote the free plugin and decided to charge for it, the money started to roll in. While I would have thought that the most purchasers would have opted for the cheapest version, instead, he made the most amount of money from the expensive version which had the least amount of costumers.
His story is inspiring. I just wish I had the skills necessary to create a plugin and then charge for it. I think I’ll hire Vladimir to create me a plugin, then I’ll handle the charging for it along with the support. Sure would be nice to have 80 grand to kick around.
By Jeffro on March 16, 2012
Perhaps one of the easiest attacks to perform on a WordPress based website is a brute force attack. Sucuri took the time to create a few different honeypots and monitored WP-Login.php to track the various IP addresses as well as the passwords used to break into the site. Their list of passwords attempted is no surprise to me as I’ve seen the same results over the course of a year via the Limit Logins plugin. It all comes back to the use of a strong password. A strong password would look something like this, RCu7R*0#zm. Unfortunately, many forms don’t accept certain characters in passwords so at the very least, add numbers to your password if you can only use numbers and letters.
The reason why this is one of the easiest attacks to perform is because by default, WordPress allows an unlimited amount of tries when logging into the backend. I understand that it’s the users responsibility to use a strong password but at the same time, I feel as though the software could help out by only allowing 3 login tries per IP address, very similar to how the Limit Login attempts plugin works. After 3 failed attempts, the IP address would be locked out for a certain amount of time. The only thing I can figure is this particular enhancement would cause some site owners more grief than peace of mind. Unlimited login attempts has been apart of WordPress since I started using it in 2007 and I don’t see it changing anytime soon, especially since the Limit Login attempts plugin exists and solves the problem so well.
By Jeffro on March 15, 2012
It was’nt long ago when Posterous looked poised to take a big chunk of market share away from WordPress and other sites such as Tumblr. But alas, Posterous will become yet another internet memory as they’ve announced that the talent behind the service will now be apart of Twitter. While Posterous will remain online for the foreseeable future, users have already started flocking to different services such as WordPress.com, who have experienced a 250% increase in imports from Posterous accounts since the announcement.
By Jeffro on March 13, 2012
John Baptiste of CatsWhoCode.com has published 10 useful SQL queries that you can use to clean up the database that houses your WordPress installation. Before any SQL queries are run, you should definitely back up your entire website as a wrongly executed query can ruin the database, rendering your site useless. If you’re afraid to execute any of the queries mentioned within his list, there are plugins available that can accomplish the same tasks such as WP-Cleanup but the same precautions must be taken, especially since some of the cleaning plugins are old and may not have the correct table or location to delete data from.
By Jeffro on March 13, 2012
As I mentioned about a month ago, Jane Wells has been working on a new venture called Jitterbug which aims to be a bakery with a cafe feel complete with WiFi. To help fund this venture and to purchase some equipment, Jane put together a project on KickStarter.com to generate crowd sourced capital. The monetary goal was $15,000.00 and that was reached just 4 days prior to the project expiring. One particular backer was able to pledge $5,000.00 and will have a muffin named after him. The backer was Michael Torbert, the author behind the All In One SEO Plugin.
Congratulations goes out to Jane Wells for a successful kickstarter project. I myself chipped in a hundred bucks but the best thing about it all is that I now have a really good reason to visit Tybee Island, Georgia.
By Jeffro on March 9, 2012
Sucuri has published more information regarding the compromising of at least 30,000 domains. Based on their research, they are ruling out the possibility that the attacks are taking advantage of a new vulnerability within the core of WordPress.
The first question is how are these sites getting hacked? On all the cases we analyzed, they either had outdated versions of WordPress, or of a plugin. We can safely rule out any new vulnerability on WordPress itself.
To stay on top of the latest malware threats on the web, you should subscribe to their RSS feed. Perhaps the more people that realize this stuff is happening on a daily basis, the more it will persuade them to keep sites, plugins, and themes updated.
By Jeffro on March 9, 2012
Fresh from WordCamp Phoenix 2012, Lance Willett who works for Automattic and is part of the theme wrangler team gave a great presentation for beginners on how to navigate the vast landscape that is WordPress themes. He covers the gamut such as where to look for themes, commercial themes, things to consider before using the theme on your site, etc. This presentation is truly for the beginner as it has nothing to do with coding. Nice job Lance.