If you keep a watch on software security newsletters or blogs like the Wordfence blog, you’ll know there are a good number of new detected defects and vulnerabilities on a regular basis, even on well known plugins and software. It’s worth looking into the details of how this happens especially if you work on PHP software from time to time. Thankfully there are public records which let you compare to look at how these are fixed:
Continue reading “Learning from previous mistakes – pulling historical vulnerability information from various plugins”I don’t always test BETAs on the production home page…
… but when I do, it’s WordPress.org? – Check out a recent announcement from Make WordPress Core:
Continue reading “I don’t always test BETAs on the production home page…”FTP-able server with correct Apache permission settings
If you’re setting a local server you may want some trusted admins to upload to, one good way is the vsftp server. DigitalOcean has a good tutorial on it, but there are some odd issues.
Continue reading “FTP-able server with correct Apache permission settings”FastOrSlow – the new site checker from WordFence
Today the Wordfence developers announced the new fastorslow.com tool, a handy tool for seeing how fast your site is in various parts of the world. The Wordfence folks build a quite useful plugin used by many sites – and this one – to keep reduce risk of attack.
This new tool however can be used to see the performance of any type of public site and recommendations on speeding it up. It also would be a much easier way to time requests to a server like in the World Network Requests Measurement post.
Continue reading “FastOrSlow – the new site checker from WordFence”