This week, WordCamp Europe Organizer, Partner at Human Made, and global nomad, Noel Tock, took over ManageWP AMA. Tock works remotely and has been nomadic for three years, but his proximity to the WordPress community remains close. He is working on a WordPress mobile app called Vienna, and is also the founder of Happytables, Nomadbase, Project Reality, and Game Artist. Tock’s experience creating online products is extensive. He has a lot of expertise in not just the CMS, WordPress, but creating products and connecting communities through WordPress. Commenters asked a variety of questions about his prowess in the WordPress arena, as […]
Explaining and Understanding the GNU General Public License (GPL)
Updated on November 2, 2016. It is common knowledge that WordPress is released under the terms of the GPL. However, time and again, controversies and confusions arise — be it the barring of ThemeForest sellers from WordCamps or the erstwhile debate between WordPress and Thesis, or the most recent WordPress/Wix debate, interpretations and implementations of the GPL across the internet tend to vary. While the end users are generally aloof from such debates, it can be a rather confusing situation for developers and designers alike, especially if they are creating and selling WordPress-related products or services, such as themes and […]
What To Expect In WordPress 4.7
After kicking off development in August, we are just about one month away from the release of WordPress 4.7, which is slated to go live on December 6. WordPress 4.7 Beta 1 was released last week and people have already started testing the software. The core team welcomes any and all suggestions, so set up a test site and start playing with the new version. There are a lot of exciting features to look forward to, so let’s jump into what you can expect in 4.7. REST API Content Endpoints The REST API framework was merged with 4.4 in October 2015. We expected […]
Announcing The WordPress Industry Survey 2016
Today, we’re excited to announce the WordPress Industry Survey 2016! We want to hear from you. This three-minute survey asks questions about your WordPress practice, including basic profiles, business strategy, and community participation. Our goal is to provide real insight on the state of WordPress businesses. We will run the survey from now through the end of November. We’ll then use the collected information to create a free downloadable report. Fill out the survey below! Your feedback is important to us. Create your own user feedback survey
Wix Uses WordPress Code, Violates GPL
Microsoft vs. Apple, Oracle vs. Salesforce, Comcast vs. Verizon — rivalry is just a natural part of growth in the tech world. The recent controversy between WordPress co-founder Matt Mullenweg and Wix co-founder Avashai Abrahami is no exception. On Friday, Mullenweg alleged that the Wix application is built using stolen code, highlighting the similarities between the newly released mobile app and the WordPress editor. “This explicitly contravenes the GPL, which requires attribution and a corresponding GPL license on whatever you release publicly built on top of GPL code,” Mullenweg said. Since the initial post, there has been follow up directly from Abrahami […]
Storing Encrypted Data In The WordPress Database
Today security and privacy are becoming more and more important. We’re not only hearing about password leaks but leaks of sensitive information. Servers will always get hacked, this can’t be avoided. But encrypting the data stored on those servers can drastically reduce the damage. In this article, I will discuss how to store and retrieve encrypted data in the WordPress database. Before doing so, I will discuss the difference between hashing and encryption along with a few other considerations. Hashing vs Encryption In WordPress, we use hashing a lot as part of our security. Nonces, which I covered in a recent […]
How The Open Source Empire Reached The US Government
Open source is imperiously taking over the internet. Today, you’d be hard-pressed to find a tech company that is not, in some way, leveraging open source to their advantage. Open source is working to lead technologies into the future. Dominating more than 25 percent of the internet, WordPress is one of the biggest open-source projects in the world. Its flexibility and ability to scale make it the obvious choice for any website, regardless of industry. From education and nonprofits to enterprise companies and world-renowned publications, WordPress is the CMS of choice. WordPress, and open source more broadly, has recently even reached […]
5 Takeaways From This Week’s AMA With Matt Cromwell
This week, Matt Cromwell took over the ManageWP AMA. Cromwell is a Partner and Head of Support at WordImpress as well as co-author of the Give donation plugin. He began working on websites to pay his way through college where he earned multiple degrees. After being offered the position at WordImpress, Cromwell left the life of academia and never looked back. You may also recognize him as one of the founders and organizers of the Advanced WordPress Facebook group, which now has over 23,000 members and 30 administrators. People asked about organizing a Meetup, business changes, and of course the […]
Is The Future Of WordPress Security Cloud-Based?
WordPress security shouldn’t be taken lightly. When your entire livelihood is online, you should be taking every measure to make sure your site is safe. No one knows the state of WordPress security better than Sucuri co-founder Dre Armeda. Two years ago, Armeda left the company to pursue other things. Now he is back and just as passionate about web safety as ever. After being gone for two years, Armeda has fresh eyes on the industry and believes the way forward is to use external services. “If there’s already traffic on your site it’s too late. You need to stop thinking beyond the […]
When PHP String Comparisons And Nonce Validation Go Wrong
In a recent article, I talked about nonces, what they are and their role in WordPress. This article stressed the importance of using nonces to help prevent XSS and CSRF attacks. Soon after that post was published I read about multiple security vulnerabilities in the extremely popular plugin W3 Total Cache. One of these vulnerabilities is the result of improper nonce validation. A nonce was not validated using the standard wp_verify_nonce() function. Instead, the nonce was validated using a == comparison. In this article, I’m going to cover string comparisons in PHP. Specifically some of the issues with string comparison, […]

No Comments