WordPress updated to 5.1 on Feb 21

5.1 focuses on polish, in particular by improving the overall performance of the editor. In addition, this release paves the way for a better, faster, and more secure WordPress with some essential tools for site administrators and developers.

Site Health

With security and speed in mind, this release introduces WordPress’s first Site Health features. WordPress will start showing notices to administrators of sites that run long-outdated versions of PHP, which is the programming language that powers WordPress.

When you install new plugins, WordPress’s Site Health features will check them against the version of PHP you’re running. If the plugin requires a version that won’t work with your site, WordPress will keep you from installing that plugin.

Editor Performance

Introduced in WordPress 5.0, the new Gutenberg block editor continues to improve. Most significantly, WordPress 5.1 includes solid performance improvements within the editor. The editor should feel a little quicker to start, and typing should feel smoother.

Expect more performance improvements in the next couple of releases.

WordPress updated to 5.1

5.1 focuses on polish, in particular by improving the overall performance of the editor. In addition, this release paves the way for a better, faster, and more secure WordPress with some essential tools for site administrators and developers.

Site Health

With security and speed in mind, this release introduces WordPress’s first Site Health features. WordPress will start showing notices to administrators of sites that run long-outdated versions of PHP, which is the programming language that powers WordPress.

When you install new plugins, WordPress’s Site Health features will check them against the version of PHP you’re running. If the plugin requires a version that won’t work with your site, WordPress will keep you from installing that plugin.

Editor Performance

Introduced in WordPress 5.0, the new Gutenberg block editor continues to improve. Most significantly, WordPress 5.1 includes solid performance improvements within the editor. The editor should feel a little quicker to start, and typing should feel smoother.

Expect more performance improvements in the next couple of releases.

Contact Form 7 and ReCAPTCHA

Those of you using Contact Form 7 may have noticed an increase in your spam levels around the middle of December. This was due to an update of Contact Form 7 which required an update from ReCAPTCHA version 2 to version 3…. and then still didn’t work right. They finally got a fix out a couple days later and the spam is back to its usual level of dull roar instead of the weekend’s comparatively massive onslaught.

All of the sites on which we manage the Captcha have been updated. If you’re still getting a higher than normal amount of spam through your site, feel free to get in contact and we’ll take a look. It’s possible that your Captcha version is out of date.

It’s a good idea to send yourself an email through your contact form to make sure it works as you expect it to.

Gutenberg

Big changes in the WordPress core around mid-December as they updated from 4.9.8 to 5.0 (and shortly after to 5.0.1 and 5.0.2, and now 5.0.3), which includes the Gutenberg editor.

As of this writing, we have not moved some of you to the 5.x series. Most of you hosted at Sustainable Sources have been upgraded and we added and activated a plugin which will allow you to either use Gutenberg or the page editor you’re familiar with. To switch it off and try Gutenberg just go to Plugins => Classic Editor and click the Deactivate link. To go back to Classic, simply click Activate. Classic Editor will be supported for ~2 years, but you may as well learn Gutenberg now.

To get you started, here are some helpful Gutenberg resources:

Gutenberg Handbook – official WordPress guide with an in-depth look at how the editor works and tutorials on block creation. https://wordpress.org/gutenberg/handbook/

WordPress Gutenberg Guide – an illustrated guide by codeinwp that explains how Gutenberg works and shows you some advanced tricks. https://www.codeinwp.com/blog/wordpress-gutenberg-guide/

May ’18 news bits

It’s been a busy month and my twitter feed isn’t working right tonight as I write this, so I’m not going to be able to put in direct links or accurate quotes.

But it has been an interesting month in the security world! You may have heard about some of these in the news. Some highlights (and lowlights):

Major DDOS cyber crime website shut down –computerweekly.com

“Drupalgeddon” touches off arms race to exploit powerful web servers (the bug was patched in March, but many have not installed the patch).

Site linked to bank hackers is closed down. Site was responsible for selling a tool which enabled some 4 million cyberattacks.

Adobe patches four critical bugs in Flash, Indesign. (do your updates!)

Full article: https://threatpost.com/adobe-patches-four-critical-bugs-in-flash-indesign/131097/

Podcast: How millions of apps leak private data https://threatpost.com/roman-unuchek-on-apps-leaking-private-data/131332/

That’s it for this month! Stay safe out there!

January ’18 updates

WordPress core files were updated to 4.9.2 on January 16th, and WordFence saw an update to 7.1 on Jan 24. If you don’t see those on the list in your monthly report, your site received the updates as an automatic “push” from WordPress.

 

MalwareBytes bad update

If you use MalwareBytes (anti-malware program), they pushed out a bad update on Saturday, 1/27. 

How to resolve / verify you have the fixed update package:

Update package version 1.0.3803 or higher contains the fix.

To resolve, simply reboot your machine. In some cases, a second or even third reboot may be needed.

To verify you have this update, go to Settings -> About -> Update package version: 1.0.3803

Automatic Updates

We’ve had another round of important updates this month, including WordPress 4.8.3 to 4.9.0 early in the month, followed by 4.9.0 => 4.9.1 on the 29th. You may not see that one in your monthly report from us, as WordPress automatically updates the “dot” releases (those taking you from #.#.X to #.#.Y).

Sometimes the automatic updates get it done before we do!

New WordPress feature: Log in with Username, Email, or both

Since your email address can often be found ‘in the wild’ and your user name can be any dang (hard to guess) thing you want it to be, we strongly suggest that you use the User Name option. We’ll be setting everyone’s login to ‘User Name only’ unless I hear otherwise from you.