WordPress 4.0 aka “Benny” in honor of the famous jazz clarinetist Benny Goodman on September 4th, 2014 and has a few interesting new features to make your life as a content writer (or editor) much easier. In earlier versions of WordPress, one has to install special plugins to embed videos from Youtube or any other video sharing sites. But in WP 4.0, embedding videos is a breeze – you just need to copy and paste the video URL into the editor window and WordPress will do the rest. How cool is that? Besides Youtube videos, you can also talks from TED as well as embed tweets. Another enhancement is in the area of finding plugins for your WordPress site. With over 30,000+ plugins from WordPress.org repository, one can easily get lost in the sea of options, but with WP 4.0, the developers have improved the search algorithm and included new metrics to help you find the most relevant plugin quickly and easily. The million dollar Question: Should you upgrade? Although there has been over 3 million downloads of WordPress Benny since its launch, I’d rather wait a couple more weeks before upgrading and wait for 4.x (e.g. 4.1, 4.2, etc) to be released. This will allow the good folks at WordPress to iron out any bugs or security flaws discovered by the open source community. Also, if you’re using custom themes or premium plugins, it would be a good idea to check with those developers first to see if there are any compatibility issues. This is to prevent your site from getting those confounded “Internal 500 Errors” when...
A critical vulnerability was discovered in a popular WordPress slider plugin called “Slider Revolution” which allowed the hacker to download your ‘wp-config.php’ file and access your database. This type of attack is known as LFI (Local File Inclusion) – where the attacker is able to access and download important/sensitive files on your server. When an attacker has access to the WordPress’s wp-config.php file, he or she basically has control over the database and can either insert malicious records/payloads into the database OR if the attacker wants to cause harm, delete all your content with click of a button. This is serious folks, and should be addressed immediately. Is my WordPress site vulnerable? If you’ve installed the Slider Revolution plugin, then yes, you should contact the plugin vendor and get and updated version immediately. Don’t wait until your site is hit. If you’re using a premium theme, you might want to check with the theme developer and ask them if the this slider plugin is included in the theme. Some of the premium themes have this plugin as part of the package. What to do next? If you have access to your server logs, you might want to check/look for the following string pattern – “revslider_show” to see if anyone is scanning your site for this vulnerability. If you have SSH access to your hosting account, you can issue the following command in the Apache log directory: egrep -ri ‘revslider_show’ * If you don’t have SSH access, then download the access log file via FTP and then run a search for that string “revslider_show”. You’d probably see lots of probes...
If you’re tired of eating the ordinary and looking for a fresh perspective of what dining in Malaysia can be, then check out Cuisine Riot.
This is the official website for the East Asia Regional Conference organized by the International Fellowship of Evangelical Students (IFES). Click here to view: IFES EARC 2014
Lado LOHI – the vision of the school is to educate, elevate and empower young people who are at risk of exploitation, maltreatment and poverty in Cambodia. Find out more about Ladolohi here....
