W3TC and WP Super Cache Vulnerability Discovered, We've Automatically Patched

Published on by Matthew Prince.

The team at the research firm Sucuri announced a serious vulnerability to W3TC and WP Super Cache this afternoon. (Update: it appears the vulnerability was first reported on WordPress.org about a month ago.) The vulnerability allows remote PHP code to be executed locally on a server for anyone running

Patching the Internet in Realtime: Fixing the Current WordPress Brute Force Attack

Published on by Matthew Prince.

There is currently a significant attack being launched at a large number of WordPress blogs across the Internet. The attacker is brute force attacking the WordPress administrative portals, using the username "admin" and trying thousands of passwords. It appears a botnet is being used to launch the attack

Vid Luther from ZippyKid “We can’t stop growing and we don’t want to”

Published on by Kristin Tarr.

Vidis the founder and CEO of ZippyKid, the leader in WordPress hosting. Vid has taken the work he did at Third Party Code (the company he founded before ZippyKid), and productized it into ZippyKid. ZippyKid focuses purely on WordPress, specifically hosting, securing, and scaling popular WordPress websites. Vid is a

Ben Metcalfe from WP Engine weighs in on a new breed of hosting, using social media for support, and how he missed out on @ben

Published on by Kristin Tarr.

Ben Metcalfe is the definition of an Internet professional. With more than 11 years industry experience under his belt, Ben has previously spent time working on the development of MySpace and websites at the BBC. He is the founder of two companies, Swordfish Corp and WP Engine. Having used the

How to Enable SSL on Tumblr, WordPress, Blogger, AppEngine, Posterous & More...

Published on by Matthew Prince.

The number of services today that allow you to quickly get online is stunning. Tumblr, WordPress, Blogger, AppEngine, Posterous, Ning, TypePad, Smugmug, and more allow anyone to publish content online. Unfortunately, most don't support SSL. This means that, if you access one of these platforms from a shared