Daily archives: Sunday, September 6, 2009
Since posting the DiW tutorial on designing a Tumblelog theme for WordPress, several readers have asked for a tutorial on how to setup just the Tumblr/tumblelog-style post links ...without having to implement the entire theme.
WordPress is like Windows, it's a huge target so hackers are extra-motivated to exploit it.There has been a bunch of brew-ha-ha over WordPress security over the last week or so. It started off a few weeks ago with a really easy URL hack to reset the Admin's password. That ballooned into a far nastier exploit allowing a new admin to be created who could totally hose a site. Matt Mullenweg does a little damage control here by essentially saying the best way to stay secure is to stay updated to the latest version. I wholeheartedly agree, and think that that step is just a part of a complete security breakfast (the upcoming book will have lots on security). I have probably nearly 20 WordPress sites I maintain and every single one of them was at 2.8.4. It's so trivially easy to upgrade, It's a no-brainer.