http://wordpress.org/extend/plugins/secure-wordpress/ http://wordpress.org/extend/plugins/exploit-scanner/ http://wordpress.org/extend/plugins/tac/ http://wordpress.org/extend/plugins/update-notifier/ http://wordpress.org/extend/plugins/wordpress-file-monitor/ http://wordpress.org/extend/plugins/wp-malwatch/ http://wordpress.org/extend/plugins/wordpress-firewall-2/ http://wordpress.org/extend/plugins/block-bad-queries/
WordPress automatic silent updates could mean and end to WordPress security problems and kill the need for WordPress security plugins. While this solution has it’s drawbacks that could cause your website to white screen of death, silent updates have the potential to finally make WordPress a secure platform. This change, planned for November, would make my WP security scanners obsolete including my own WordPress Security Scanner because every website running WordPress will, in theory, be secure.
I was recently asked how I would generate thumb nails in WordPress. WP has gone through ALOT of changes around images and thumbnails since I first started using WordPress. The current best practice for thumbnails in WordPress is described here: http://markjaquith.wordpress.com/2009/12/23/new-in-wordpress-2-9-post-thumbnail-images/
An amazing start-up that I provide consulting for recently used WordPress to build user-generated consumer complaints feature. The idea behind ConsumerBell is to empower consumers by grouping their complaints together and giving them leverage. For ConsumerBell to work, they need complaints! So, they built a beautiful feature for users to submit and publish their complaints. There are several ways to publish moderated user-generated content in WordPress. ConsumerBell built a custom plugin, but I’ve found some other interesting ways to solve the problem of generating user created content without programming.
Dries, the creator of Drupal recently started a conversation about WordPress vs. Drupal. This is the first time I’ve read a great discussion about the pros and cons of each platform. John Eckman, the founder of one of the best WordPress agencies responded well on his blog. John’s experience with the two communities seems similar to my own because I’ve also been an active participant in both communities. In fact, 3 years ago, I considered myself a WordPress expert.
So, while I’ve been slaving away trying to get my own blog to pass my WordPress security scanner, Zappos got hacked. It happens. They were probably running WordPress right? Their customer information was accessed. While they didn’t make an announcement, they did email their customers and tweet about it. While I’m happy with their proactive response, this provides a wonderful learning opportunity for all of us who store passwords for a living.