Weblog of Nazly Ahmed
If you let your website visitors know, what version of WordPress you are running, you are potentially at risk. Hackers might use this opportunity to exploit the vulnerabilities in that particular version and will try to take down your website. Though you might keep your WordPress installation up-to-date, any lapses in failing to do so may open the doors to hackers. A good security measure would be to hide the WordPress version from the HTML source. By default if the theme uses wp_head() function which is true in most cases, the chances are that the WordPress version will be displayed in your HTML source.
Since WordPress 3.0 introduced Custom Post Types, I have been using it extensively in my projects. Each Custom Post Type had multiple Custom Fields, but I had major concerns on building an algorithm to search across multiple Custom Fields using query_posts() since it allowed only a single key value pair (meta_key and meta_value). I had to extend the functionality of query_posts() to get over this problem. Looking at the documention it appears that with the release of WordPress 3.1, query_posts() will have a new parameter called meta_query which could handle multiple Custom Fields.
If you are running a WordPress Website or a Blog where the content is updated and/or deleted frequently, you will need to optimize the MySQL tables more often than not so that you don’t run into database issues and down times. This also helps to maintain the average response time of MySQL queries.
WordPress is simple, yet powerful. Those are the key ingredients why it is popular among the Bloggers and Web Developers alike. WordPress will always be the first choice as a blogging platform. In the recent times it has moved far from being just a blogging engine. Most Web developers choose WordPress as their primary CMS of choice ahead of other popular Content Management Systems. Regardless of you being a Blogger or a Web Developer, the manner you maintain your WordPress files and database will play an important role in running a successful website.
The Refresh Colombo event yesterday evening was one of the best meetups we had so far and I would like to thank everyone for coming and making it a great success. Special thanks goes out to Chandika and Naveen for their very informative talks which would have definitely made a big impact to all who were present there. I got the honour of doing a session on WordPress Security and got a lot of requests to share the presentation slides. So here it goes. Click Here to download it.
You can follow InduNan who live tweeted from the event. Thanks to Thilina and Malinthe for live blogging from the event. Photos will be uploaded to Refresh Colombo Facebook page soon. See you all at the next event.
It’s the moment that most of the WordPress enthusiasts were waiting for. The release of WordPress 3.0 bring lots of new features and updates that makes WordPress a powerful CMS to build complex and powerful websites.
Arm your vuvuzelas: WordPress 3.0, the thirteenth major release of WordPress and the culmination of half a year of work by 218 contributors, is now available for download (or upgrade within your dashboard). Major new features in this release include a sexy new default theme called Twenty Ten. Read More >>
SQL injection is one of the deadliest techniques attackers use to exploit the weakness in your database code of your website. Regardless of the technology/scripting language you must make sure your code is 100% perfect against SQL injection.