This is a weekly round up of WordPress news I have accumulated from across the web some old some new but always interesting. The new relates to WordPress and sometimes other areas of the web. It often has a ficus on security and more.
Lets Encrypt is out to help encrypt the entitre web with free SSL Certs.
Let’s Encrypt Passes 5 Million Active Certificates
Let’s Encrypt, the open Certificate Authority, passed 5 million active (unexpired) certificates this week. The project came out of beta in April and has grown rapidly in the past few months. At the end of June, Let’s Encrypt reported that it had 3.8 million active certificates covering more than 7 million unique domains. In a little over a month, the number of active certificates has passed 5 million.
Let’s Encrypt attributes this growth to large-scale deployments from companies such as OVH, WordPress.com, Akamai, Shopify, Dreamhost, and Bitly. Read original article here…. wptavern.com
This is an old piece of news but may still be relevant if you are not on top of keeping your site upto date. The 404 to 301 plugin has been used to create spam links on users websites.
WordPress Plugin Hijacks Websites to Show Payday Loan Ads
Authors of the 404 to 301 WordPress plugin have hijacked the content of other websites by showing SEO spam on their homepages, most of the illegally displayed content being ads for payday loan services.
The 404 to 301 WordPress plugin is, at least in theory, a very useful plugin for site owners because it takes users landing on former website pages (that show 404 errors) and uses a 301 HTTP request to redirect them to the site’s homepage.
These ads were your basic SEO spam, ads that only showed up to Google’s search bot, but not to regular users. Read original article here…. news.softpedia.com
Hackers insert SEO spam via WordPress core files.
Hackers Insert SEO Spam on Legitimate Sites via WordPress Core Files
As a reminder that crooks will try everything to go undetected, Sucuri revealed last week a new method of inserting SEO spam on hacked WordPress sites using the /wp-includes/load.php file, one of WordPress’ core files.
Unsecured WordPress sites are all around us thanks to the huge market share the CMS has compared to all other products. Crooks leverage this large number of unsecured sites to hack into WordPress installations, either via outdated plugins, vulnerable themes, or via weak admin passwords.
After hacking their target, crooks tend to use these sites as bots in DDoS attacks, as command and control servers for criminal operations, and as malware download sites, to host malvertising or hijack SEO results. Read original article here…. news.softpedia.com
16k WordPress websites have been hacked using the methods from this article, this is another reason you need to dtay on top of your updates for your website.
16,000 WordPress Sites Have Been Hacked
At least 15,769 WordPress websites have been compromised so far this year by cyber-attackers, and most are serving up malware, unflagged by Google’s Safe Browsing checks.
WordPress is a popular target because the majority of the web uses it to manage and publish their content. That’s according to the 2016 Sucuri report on compromised web properties, which noted that out of 21,821 sites studied, the majority of them (78%) are using WordPress.
Poorly secured extensions give hackers initial access much of the time. Sucuri found that on average, WordPress installations had 12 plugins installed at any given time. The top three plugin vulnerabilities contributed to 22% of WordPress site hacks: Gravity Forms, TimThumb and RevSlider. Read original article here…. infosecurity-magazine.com
You opnion counts plus WordPress really wants to know how you spoends your days and nights with the product. Take a few minutes out and complete the survey so they can find out how it has grown.
Take the 2016 WordPress User Survey
With WordCamp US a little less than a month away, it’s time to take the 2016 WordPress user survey. The survey is quick and easy to fill out with only a few questions to answer. Results are anonymized and will be shared at this year’s State of the Word presentation.
Results from last year’s survey were not shared during Matt Mullenweg’s State of the Word presentation. During the question and answer portion, Mullenweg was asked about the results.
“Lots of data to go over, but basically more people are using WordPress, app development is growing, lots of people are making their living with WordPress, and other great trends are showing up,” Mullenweg responded. “We’ll try to do a blog post about it.”
In 2014, 33K people took the survey and of those 33K, 7,539 or 25% said they make their living from WordPress. Over 90% of respondents said they built more than one site. Read original article here…. wptavern.com
What can you expect in WordPress 4.7 (not flying cars yet) but some pretty decent improvemnts are on the horizion.
What’s Coming in WordPress 4.7 (Features and Screenshots)
WordPress 4.7 will be the last major release of 2016. As is the tradition, it will come with a new default theme for the next year.
WordPress 4.7 will bring an improved theme and site setup flow. In the customizer, you will now see a more polished view of your installed themes, better theme search, and improved setup directly from theme customizer.
Want to add custom CSS to your theme? Now you can do that directly from the theme customizer. However, your custom CSS will be specific to the theme you are previewing.
WordPress 4.7 will make some subtle but important changes to the editor. The paragraph and heading selector menu will now appear in the top bar. The underline button has been removed, and the strikethrough and horizontal line buttons are moved to the kitchen sink bar. Read original article here…. wpbeginner.com
In case your wondering WordPress 5.0 is coming soon so what does it have in store for you.
WordPress 5.0
Is WordPress taking a Revolutionary Step? These Security, Content and Developer Plugins are Pointing Something Big.
At this moment, WordPress 4.7 Beta is ready for testing and soon, it will be released after a few commits. But I think we should talk about version 5.0, which I guess will be a huge thing that you never expected.
The plugins listed here are proposed for a future version of WordPress. They are under active development. You can try them out, provide feedback, or join one of the development teams.
I say “hidden” because it’s not used by most of WordPress Users, although it is put right on WordPress Plugin Home it does not attract people, like me, I don’t know it’s existed until an accident. Read original article here…. wpwiseguys.com
Well that’s a wrap for this week more next week from WP Plugins A to Z.
Save