Happy Birthday, WordPress! WordPress.com and Toni Schneider win! Venture capitalists throw money at WordPress and Automattic. WordPress Plugin concerns raise their heads. Security and WordPress – becoming an issue? WordPress.com bloggers get 3 gigs. WordCamp Hamburg is this weekend. And we don’t like the WordPress.com name.
WordPress.com Wins! WordPress.com and Automattic won at the TechCrunch Crunchies. Automattic won in two categories, for WordPress.com for Most Likely to Succeed and Toni Schneider for Best Startup CEO. Congrats all!
Happy Birthday WordPress! Mike Little always reminds us of the birthday of WordPress and WordPress just turned five years old. Happy Birthday!
It’s Raining Money: Matt Mullenweg has announced that Automattic has secured USD $29.5 million from venture capitalist investments this year, up from $1.2 million in 2006. The New York Times has joined the investor team, too. The money is to be used for more investment in WordPress.com’s free blogging service, improvement in comment spam protection, hiring new developers and staff, and much more to help make WordPress and Automattic projects grow. As in the famous words of Dolly Madison, “Money is like manure; it’s not worth a thing unless it’s spread around encouraging young things to grow.”
New Automattic Official WordPress “News” Blog: Automattic, the parent company of WordPress, announced the WordPress Publisher Blog, a magazine style blog promising articles from WordPress developers and the staff of Automattic on how to use WordPress and offering interesting tips and tricks and news.
WordPress 2.5 News: WordPress 2.5, skipping over version 2.4, is scheduled for release in March and will include the new Administration Panels design along with some other great improvements.
WordPress 2.5 Weekly Digest: Peter Westwood reports on changes and improvements to WordPress 2.5 a week ago included update of the jQuery form Plugin, addition of a mass select functionality to the users panel for selecting all users for changing access permissions, a new interface introduced for Widget management, a new image uploader which has many very excited, ability to re-activate all Plugins deactivated by the Deactivate All button, ability to limit the depth of the “tree” displayed by
wp_list_categories() template tag, optimization of the SQL query for determining which URLs are awaiting pinging and which have been pinged, and a lot more documentation, fixes, and improvements. This week included more improvements to various importers including Blogger, getting the
get_sidebar() template tag to allow for multiple named sidebars, improvements in post title sanitation for the URL to allow for parenthesis and improved matching, changes to the tag cloud tag array, extensions to the HTML tags and attributes that the post filter will allow in posts when saved, improvements in displaying WordPress Plugin error detection code, new functionality for editing post slugs within the permalink context, timestamp improvements to update already published posts, and more documentation and minor improvements.
Mandatory Security Release WordPress 2.3.2: WordPress 2.3.2 has been released and is a mandatory security upgrade. The full details of the update include an urgent security release to fix a vulnerability in draft posts, suppression of some errors messages that may put your database at risk, and other bug fixes. Upgrade to WordPress 2.3.2 now.
Many Ways to Install WordPress: A new article on the WordPress Codex, the online manual for WordPress Users, now features many different ways to install, move, and import content with a WordPress blog. WordPress Installation Techniques covers resources and information for installing WordPress on your computer, moving WordPress from one server to another or one directory to another, integrating WordPress into an existing website, and moving from any of more than a dozen blogging programs to WordPress.
The Missing WordPress Plugins Uninstall Feature: Weblog Tools Collection continues covering the WordPress Plugins lack-of-uninstall features in WordPress and offers tips and recommendations from readers and WordPress experts on where to go with this frustrating “lack-of-feature” in WordPress. To get up to speed on the discussion, see Uninstall – Is There Such A Thing?.
BlogDesk for WordPress: There are a variety of ways to access your WordPress blog, and many are enjoying BlogDesk and Microsoft Windows Live Writer. Do you have a favorite way of accessing WordPress without using the WordPress Administration Panels?
Last Week’s WordPress Wednesday News: Last week’s WordPress Wednesday News report covered WordPress 2.5 On Track, Uninstalling WordPress Plugins, Premium WordPress Themes Debated, Permalinks, and More WordPress News, if you would like to catch up with the news on WordPress.
WordPress Security News
Pondering WordPress Security: Blog Security asks if “WordPress is Insecure by Design?” and then answers the question about the critical vulnerabilities that keep popping up lately in the WordPress core programming and Plugins. It explores the main issues and offers some ideas on what to do about it.
The most recent news on WordPress security includes:
- WP-Forum 1.7.4 SQL Injection reports a security issue with WP-Forum WordPress Plugin.
- A reminder: The WP TextLinkAds Plugin has reported as security vulnerability and continues to not be recommended for use.
- Noted web designer, David Airey.com had his blog and email hacked. While WordPress was probably not the issue in this case, some bloggers are getting their WordPress blogs hacked because they continue to not upgrade their version of WordPress. Don’t wait.
- David Kierznowski of BlogSecurity has found a critical vulnerability in TextLinkAds WordPress Plugin and recommends deactivating the Plugin until an update is issued.
- Blog Security reports on a vulnerability in the Democracy WordPress Plugin, the popular polling Plugin.
- BlogSecurity reports on “Defeating Audio Captcha Systems” which explores how the CAPTCHA system does not work, in any form.
- Blog Security reports on a vulnerability in WP-Filemanager WordPress Plugin and recommends you disable and remove the Plugin until an updated and fixed version is available.
- A vulnerability called the “WP Directory Traversal Vulnerabilities” has been found in WordPress 2.0.11 and WordPress 2.3.2 (not the current version) and only on WordPress running within the Microsoft Windows environment. This vulnerability means an attacker may edit and view sensitive files.
WordPress on Your Calendar
WordCamp Hamburg is this weekend, January 26-27. I’m not sure if it’s sold out, so check now for any last minute tickets.
WordCamp Dallas is March 29, 2008 and has opened up registration. There is a USD $20 registration fee and the event will be in Frisco, Texas, just outside of Dallas. I expect this to sell out fast, so get registered now. The line-up of speakers is very exciting and includes the top bloggers and experts on WordPress and blogging. Sponsors are still being sought, so if you want your company or blog’s name associated with a hot WordPress conference, get involved.
Are you involved with a WordPress group or club in your area? Make sure you announce meetings on the WordPress Meetup list and let me know so I can help promote your group’s activities. Here are some WordPress-related dates and events to put on your calendar as found on the WordPress Roadmap and the WordPress Meetup Group Listings (subject to change):
- The Baltimore-Washington WordPress January Meetup – January 26, 2008
- Nashville WordPress Meetup – January 26, 2008
- WordCamp Hamburg – January 26-27, 2008
- The New York City WordPress February Meetup – February 16, 2008
- WordPress 2.5 Release – March 24, 2008
- WordCamp Dallas – March 29, 2008 (Registration Required)
- WordPress Denmark Meetup for WordPress 2.5 at Advice – April 6, 2008
- WordCamp 2008 in San Francisco – July 2008 (waiting confirmation)
If you are having a WordPress-related event that isn’t on the calendar, post them below or via email.
Three Gigabytes of Free Storage on WordPress.com: The WordPress.com blog has announced all bloggers on WordPress.com is now entitled to 3 gigs of free storage, a six-fold increase. This will allow users to upload podcasts and video without much distress. If you need more, the paid storage is now increased from one gig to five gigs.
Dissing WordPress.com’s Name: It’s nice to know I’m not the only one. Mark Jaquith joins myself and many others whining about the WordPress.com name and all the confusion it brings. I was still having trouble explaining the difference between a page, web page, and WordPress Page when explaining the difference between WordPress and WordPress.com got thrown into the mix. While no one is serious about really changing the name, Mark’s recent rant about the name confusion has brought up a lot of neat suggestions. I vote for BlogPress. :D
Improvements to Akismet’s Interface: WordPress.com announces improvements to the Akismet interface which adds new tabs to the Comment’s Panel. There are now four tabs, one for all your comment spam caught by Akismet, and then three others to sort the comment spam by comments, trackbacks, and pings. The popular Akismet Auntie Spam Greasemonkey Script for Firefox will still work with the new interface, processing all of the comment spam. WordPress.com has also added an option to Options > Discussion which allows you to discard spam on posts older than one month, which shrinks down the size of your Akismet queue.
New To WordPress.com: If you are new to blogging on WordPress.com, check out this basic guide on What Do I Do With My New WordPress.com Blog?.
WordPress Plugins and Themes News
Tracking WordPress Compatibility: It’s often difficult to track what Plugin and Theme is compatible with which WordPress version. In the WordPress Codex are two “master” pages that list all the various compatibilities: WordPress Theme Compatibilities and WordPress Plugin Compatibilities. No matter which version you are using, and in preparation for the next version of WordPress, add these to your WordPress resource list to check before you upgrade.
Plugin Authors: Take Advantage of the WordPress Plugin Repository: Weblog Tools Collection reports on the WordPress Plugin Repository working in combination with Plugins on the WordPress Plugin Directory, which gives Plugin authors the ability to post and assign bug tickets to their Plugin and have an easier way of reporting and monitoring bug reports.
WordPress Post Order: Perishable Press offers “Six Ways to Customize WordPress Post Order”, a great look at various code and Plugin options for changing how WordPress displays your blog posts on the front page of your blog.
Get Under the Hood of WordPress: If you are developing a WordPress Plugin and want to get under the hood of WordPress, check out the WordPress Source Code from Taragana. It’s a directory of all the code files of WordPress. Click a file and it opens up in the right window will display the file’s code. Need to check out how WordPress does what it does and find the hooks you need to write WordPress Plugins, add this to your resource list.
WordPress Plugin Gossip: The new Publisher Blog from Automattic features an interview with Brian Groce of Watershed Studio discussing issues with WordPress Plugins. Yugatech asks if “WordPress Plugins Should Be Regulated” much the way the WordPress Theme Viewer is or will be soon. The issue of WordPress Plugins causing problems with WordPress Themes and having increasing security issues, and the ease of writing a WordPress Plugin, makes it hard to ensure Plugin authors are experienced enough to ensure the safety of their Plugin as well as its ability to work within different server setups and WordPress versions. Expect to see this subject be on the hot list this year for the WordPress Community.
What Makes a Premium WordPress Theme Premium? Smashing Magazine and Weblog Tools Collection both ask: What makes a WordPress Theme Premium? They both present some good arguments, pros and cons. Go have your say.
Battling Comment Spam: While many are happy enough with Akismet, others want to take stronger action to stop comment spammers. While I vote for killing comment spam at the source, bloggers like Ardamis are working to make anti-comment spam techniques hidden from the reader while still working effectively. Web Geek has created WP-SpamFree, another interesting comment testing Plugin. Matt Mullenweg has mentioned that the influx of financial investment in Automattic will go to further strengthening and expanding Akismet. Hopefully, these folks will team together to help us put an end to comment spam infiltration of our blogs.
Interesting WordPress Plugins: There are so many interesting WordPress Plugins released each week. Have you been paying attention?
- File Download WordPress Plugin allows attachment of a download file, such as an image, MP3, document, or PDF to any blog post or Page for readers to download.
- Berri Technorati Reactions on Dashboard WordPress Plugin displays “Technorati Reactons” to your WordPress Dashboard Panel. It does not remove or replace Google Blog Search incoming links lists.
- Super Twitter WordPress Plugin covers not only adding Twitter to your site, but also supports Fanfou, Jiwai, and others.
Writing to WordPress Standards: If you are developing WordPress Plugins or Themes, your first step is to visit the WordPress Codex, the online manual for WordPress Users, especially the WordPress Coding Standards and Writing a Plugin articles.
WordPress Techniques and Tips
Here are some featured articles and videos from around the WordPress Community and the WordPress Codex, the online manual for WordPress Users, the source to turn to first for your WordPress help.
NOTE: If you would like your WordPress tip and technique included in this list, see Tips For Writing Good WordPress Tips and Writing and Publishing Code In Your WordPress Blog Posts.
- Joost de Valk – Speed Up And Clean Up Your WordPress!
- IT Support Small Business – How To Secure a WordPress Server
- Migrating from Expression Engine to WordPress, step by step
- How to install WordPress on your own computer
- Mark Jaquith – PHP Echo/Return Logic
WordPress Community News
PhotoMatt Becomes Ma.tt: For those following the lifestyles of the rich and famous founder of WordPress, Matt Mullenweg has changed his personal blog’s domain name from photomatt.org to Ma.tt. If you have his feed in your feed reader, change it to http://ma.tt/feed/.
Vote for WordPress Ideas: Want your say in the next version of WordPress? The WordPress Ideas section on WordPress is an open forum for you to have your say. Why not take advantage of it and add your voice to the vote.
WordPress Podcast: Episode 32: Automattic Rumors, Lorelle Provides WordPress.com News includes an interview with Jonathan Bailey of Plagiarism Today and the Blog Herald discussing copyright issues and content theft, rumors of Automattic’s financial ventures, the WordPress.com Premium Theme Marketplace, and Lorelle joining as a reporter for news on WordPress.com.
WordPress Installed For Free: If you have problems installing the full version of WordPress, visit Installing WordPress for Free (aka Install4Free WordPress). This free, volunteer-driven service is limited to personal blogs only, and they help only with installations, not upgrades.
Using WordPress in Your Blog’s Name: WordPress is a trademark and you are not allowed to use WordPress in your blog’s name or URL unless you have permission of Automattic and WordPress. Also, remember, it’s spelled “WordPress” not “WordPress”. Oh, and Plugin is Plugin, not plug-in (what you put into a wall electrical socket).
Looking for a WordPress Expert? WordPress Consultants on Automattic is a list of experts you can hire to help you with WordPress Themes, WordPress development, WordPress Plugins, or other WordPress-related expertise. Also see the WordPress Jobs listings, and the WP-Pro mailing list.
If You Are Reading This: If you are reading this blog post NOT on the Blog Herald or from within your feed reader, it is being used against the copyright policy of the copyright owners. Please report it immediately so action may be taken to break some heads and feed scraping blogs.
Even More WordPress News?
Past WordPress Wednesday News Reports
- WordPress Wednesday News: WordPress 2.5 On Track, Uninstalling WordPress Plugins, Premium WordPress Themes Debated, Permalinks, and More WordPress News
- WordPress Wednesday News: WordPress 2.4 is 2.5, Release Delayed, Security Release Issued, WordPress Groups Group, Talking to Plugin Authors, and More
- WordPress Wednesday News: Mandatory WordPress Security Release, Sneak Previews of WordPress 2.4, Hoodies, Vote for WordPress, Moving to WordPress, Custom Fields, and More
- WordPress Wednesday News: WordPress 2007, Nominated for TechCrunch Crunchies, More WordPress Blogs Hacked, WordPress Events in 2008, WordPress.com Blogger Wins, and Snow
- WordPress Wednesday News: Akismet Day, Two Million Bloggers, Plugin Security Warnings, And WordPress is the Best CMS
WordPress News Sources
- WordPress Planet
- WordPress Development Blog
- WordPress.com Blog
- Weblog Tools Collection
- BloggingPro’s WordPress News and Tips
- The WordPress Podcast
- Lorelle on WordPress
- Planet WordPress from Planet Ozh
Each Wednesday on Blog Herald is WordPress Wednesday, featuring the news around the WordPress Community. If you have a WordPress news item or tip to suggest, please contact me at this special email address: firstname.lastname@example.org
Author: Lorelle VanFossen
The author of Lorelle on WordPress and the fast-selling book, Blogging Tips: What Bloggers Won’t Tell You About Blogging, as well as several other blogs, Lorelle VanFossen has been blogging for over 15 years, covering blogging, WordPress, travel, nature and travel photography, web design, web theory and development extensively as web technologies developed.