mBlog.my Free Wordpress Hosting

Another WordPress plugin with over 1 million active installations has made it to the news due to security bugs. This time, it’s the Page Builder plugin for WordPress sites that has a couple of bugs allowing full site takeovers.

Page Builder WordPress Plugin Bugs

Wordfence has highlighted another vulnerable WordPress plugin that boasts more than 1 million active installations.

As revealed in their blog post, the popular WordPress plugin Page Builder by SiteOrigin had multiple security bugs. Exploiting these bugs could allow an adversary to gain complete control of the target…

Watch out block patterns. There is an old player in town making the hard sell before you have even rolled out of bed. Envato just dropped a massive library of template kits for Elementor in your front yard.

Not to worry, the company plans to open things up for the block editor in the future. The Elementor page builder just makes the most sense right now. It was the first to market. It is mature and has a backing of 5 million users, many of whom will be accustomed to commercial upsells, and $15 million in recent funding. Financially, it is the smart play. The company can also test…

Last June we reported that Google was looking to build directly into WordPress the automatic generation and submission of XML Sitemaps. This way when you publish content, and you didn’t set up an XML Sitemap, the XML Sitemap file will be done automatically.

Gary Illyes from Google said on Twitter that WordPress might get native sitemap support!” He shared this tweet from Pascal Birchler, a Google engineer, who said “we’re making great progress towards a merge proposal for WordPress 5.5.” This is in regards to getting the XML Sitemaps feature plugin for WordPress built into…

Last weekend I had the opportunity to interview Andy Fragen, a longtime member of the WordPress community and core contributor. He is also the author of the GitHub Updater plugin, which allows developers to enable automatic updates to their GitHub, Bitbucket, GitLab, or Gitea hosted WordPress plugins, themes, and language packs. In the video below, Fragen gives us a window into his world on the frontlines as an acute care surgeon.

After working his shifts at the hospital, Fragen returns home and voluntarily keeps himself in semi-isolation from his wife and kids. He spends his…

A critical bug found in Google’s official WordPress plugin with 300,000 active installations could allow attackers to gain owner access to targeted sites’ Google Search Console.

Site Kit is a WordPress plugin designed by Google to help site owners to gain insight on how their visitors use and find their website via official stats collected from multiple Google tools and displayed directly in the WordPress dashboard.

The plugin also makes it easier to set up and configure key Google products such as the Search Console, Analytics, Tag Manager, PageSpeed Insights, Optimize, and…

With full-site editing just around the bend, it is a fair question to ask whether the WordPress ecosystem is prepared for such a transition, particularly on the theme development side of things.

It is no secret that theme developers have struggled to keep up with the barrage of changes between Gutenberg plugin updates and, ultimately, major WordPress versions. It is also a fair question to ask who is steering the ship. Where are the site developers, theme authors, and other designers who spend every day crafting the front end of…

The security of your WordPress website depends on the systems you put in place to protect it and harden its security. With the sharp increase of automated password guessing, your users’ sensitive information and access to your site are more at risk than ever.

This is why it’s so important to protect your WordPress site further by adding two-factor authentication. Because your site is only as strong as its weakest password.

In this article, we’ll illustrate what WordPress two-factor authentication is, why it’s so important, and how to implement it on your website with an easy to…

Hurrah, there is freeware to get a free WordPress site to Word as a .DOCX file, and thence to an ebook. Only the one, and hardly known to search-engines, but it’s for Windows and it works. WordPress2Doc comes from Germany and was last updated by the author, Raffael Herrmann, in December 2017. The source code for WordPress2Doc is on Github.

It has some nice features…

* Select only certain posts from your exported .XML feed.

* There’s a post preview, over in a side-panel.

* Images are called and embedded (so long as the source WordPress blog is public, presumably).

* The blog’s…

Severe CSRF to XSS bugs open the door to code execution and complete website compromise.

Page Builder by SiteOrigin, a WordPress plugin with a million active installs that’s used to build websites via a drag-and-drop function, harbors two flaws that can allow full site takeover.

According to researchers at WordPress, both security bugs can lead to cross-site request forgery (CSRF) and reflected cross-site scripting (XSS). They “allow attackers to forge requests on behalf of a site administrator and execute malicious code in the administrator’s browser,” according to Wordfence…

Recently, we took a look at the Caddy Web server. Today, we’re going to back things up a little bit and look at the A from the classic LAMP stack: the Apache Web server.

Apache has a bad reputation for being old, crusty, and low-performance—but this idea mostly stems from the persistence of ancient guides that still show users how to set it up in extremely antiquated ways. In this guide, we’re going to set up an Ubuntu 20.04 droplet at Digital Ocean with an Apache Web server set up properly and…