The lesson, as always, don’t use WordPress or any other web-facing technology if you aren’t going to keep up to date with it. “Earlier this month, users of the popular WordPress CMS were advised to upgrade to the latest version of the software to patch “an undisclosed critical vulnerability.” At the sound of that dogwhistle,…
If you haven’t updated your WordPress install to 4.7.2, you might want to do that, assuming that it hasn’t already been hacked and defaced. Seems like that’s only a matter of time. https://www.wordfence.com/blog/2017/02/rest-api-exploit-feeding-frenzy-deface-wordpress-sites/ Image by Phil Oakley
Most of you probably haven’t noticed the change on the site over the last few days. At least I hope not many have, but go ahead and look up in your address bar. Yes, the site is no longer http://, it is now https://. The same is true for all of my blogs now. With…
The Danger Well, someone, somewhere, gave out the domain ?oogle.com to someone who was not representing google.com. what is stopping them from mimicking YOUR web site, or YOUR BANK’s website, and then leaving innocent-looking links for you to fall prey to? You would probably never realize what you did until it was tool late. Internationalized Domain…
If you don’t have automatic updates turned on your self-hosted WordPress sites, you should probably make some time to get them updated. Nothing like having your site hacked because you skipped an update that patches vulnerabilities! And while you’re at it, go ahead and turn on automatic updates. It won’t do major release updates, you’ll…
As to “Why can’t IT or my secretary do this?” If your IT folks or your secretary has an acceptable level of expertise and experience and are provided an acceptable level of resources, then they CAN do the work.One is not able or unable to handle the challenges of dealing with ESI simply because of…