Vulnerability in phpMyAdmin Requires Immediate Patch

A critical CSRF Vulnerability in phpMyAdmin Database administration tool has been found and a patch is available for all computers and servers running the MySQL database. Does this include you? If you are using WordPress, yes it does. Contact your web host to ensure phpMyAdmin is updated immediately. If you are self-hosted and manage your […]

Blog Exercises: Protect Your Privacy

The web world thinks my birthday is January 1. Does the web know your birthday? Among the many Blog Exercises so far this year, I’ve mostly focused on your blog. Today, I want to talk about something related to your blog but mostly to your exposure and presence on the web: your private and personal […]

WordPress Anniversary: Comment Spam Lessons

It’s hard to believe that I’ve learned much from comment spammers over the years. I’ve learned that they are among the most hated folks in the world, yet you have to respect them as well. As I look back on ten years of blogging with WordPress on this 10th Anniversary year, I realized that comment […]

The Brute-Force Password Attack on WordPress Sites

My mother emailed me and asked if WordPress was under attack. With all the news of last week’s attack of the Boston Marathon, the attacks on WordPress and other PHP-based web publishing sites was low on the priority list for myself and others, but this is something to take seriously. As we get back to […]

WordPress Anniversary: WordPress and Evil

As I look back on the ten years of WordPress, there is a dark side to blogging. While many blamed WordPress for the evil, like guns, WordPress doesn’t cause evil, people cause evil. In fact, WordPress, Automattic, and the WordPress Community has fought longer and harder against the evil doers in the world than most […]

Happy Holidays and Onward!

We survived the Mayan Calendar. We’ve survived planets lining up. We’ve survived attacks on our person, our community, our faith, and our country. Just another year. As we charge forward this coming year, here are some things to look forward to here on Lorelle on WordPress and on my other sites, and many things to […]

Update WordPress Now: WordPress 3.4.2 Released

WordPress 3.4.2 Maintenance and Security Release arrived today, and it’s time to update. This is both a maintenance and security release, therefore it is mandatory, not optional. Recently, I wrote about keeping WordPress updated for security reasons, and I’m singing the same song again. Don’t wait. Don’t hesitate. Use the automatic, one-click update feature. In […]

Update WordPress Now: Reuters Hacked

It is an old song. I’ve sung it for years. UPDATE WORDPRESS NOW! Reuters was hacked recently and many blame WordPress, though most honest reporters are quick to state that it is the webmaster/site owners fault for not updating. Seems they were running a version from over a year ago. According to PC Magazine’s Security […]

What You Most Need to Know About WordPress

At the recent WordCamp Portland 2012, I was asked by several attendees to cover the basics of WordPress and we came up with What You Most Need to Know About WordPress. Here are the “notes” from that unconference presentation. The Difference Between Categories and Tags I hear this question at WordCamps, from readers, students, and […]

Firefox 5 Crashes: What is Causing Them and How to Fix It

If you are one of the thousands suffering constant crashes from the June update of Mozilla Firefox 5, realize you are not alone. Literally thousands have reported on Firefox 5 crashing across all platforms, including Windows and Mac. UPDATE: The crashes were clearly not a result of problems with Firefox but with Adobe Flash. Crashes […]

Is Your WordPress Blog at Risk from the Epsilon Email Theft?

I’ve just published news and tips on how to respond to the recent announcement and news about the Epsilon email theft on WordCast, “Epsilon Email Lists Breached: How to Protect Yourself.” I’ve included a list of the companies involved and tips on how to identify email phishing scams, deal and respond to them, and advice […]

Update WordPress Now: WordPress 3.0.4

The last month has seen two WordPress mandatory security releases, and today, WordPress 3.0.4 brings another mandatory update. To update, log in as the Administrator and click the update notification for one-click updates to your WordPress blog. WordPress.com blogs are automatically updated. In writing up “Mandatory Security Update: WordPress 3.0.4 Released for WordCast, I stumbled […]

Malware Found in WordPress Theme – Protect Yourself Now

I’ve just published “WordPress Theme Malware Prevention and Protection on WordCast, covering the recent WordPress Theme dissection of malware by Otto. The article sums up his revealing analysis of how a Theme malware code integrates itself into your site, even down to the server level, through a twisting path of imaginative code. The code reminds […]

Blog Struggles: SOBCon, Idea Whelmed, and Tell It To the Telephone Pole

A few people were concerned when I started my first Blog Struggles Diary recommending that I not blog every day thus changing the whole tone of my site. This confused me as I thought this was what my site was about. I had to take some time to think about that…then life and work interfered, […]

Old WordPress Versions Under Attack

Otto42 of OttoDestruct, a key WordPress developer and supporter, reports that there is an “attack” on older versions of WordPress right now. The number of sites hit by this is growing every hour. Protect your WordPress blog now: UPDATE NOW!!! Update your WordPress blog before you continue reading this post. That’s how critical this issue […]