switching.social
To avoid confusion, here's a step-by-step guide to putting your #Wordpress blog on the #Fediverse:
1. Log into your Wordpress site
2. Go to "Plugins", "Add New", search for "ActivityPub" plugin, install and activate it.
3. Go to "Users", then "Your Profile". Scroll down, and right at the bottom there's a new section called "Fediverse" with the blog's Fediverse address.
4. Share this address on #Mastodon etc, people will be able to follow it by pasting it into the search box and following it!
switching.social
A number of people have asked how to make Wordpress blogs federate with the Fediverse (including Mastodon and Pixelfed).
You can do this by adding the ActivityPub for Wordpress plugin from here:
https://wordpress.org/plugins/activitypub/
When the plugin is installed, it allows anyone on the Fediverse to follow your Wordpress blog.
It's still in beta, the plugin's developer is @pfefferle
Matthias Pfefferle
Nice! #Pixelfed and #WordPress are now #federated! đ
schokopflaster
Denke drĂźber nach finally meine #Wordpress-Projekte mit einer github-Alternative zu versionskontrollieren.
Aber welche Alternative nehme ich?
#gitlab und #bitbucket klingen beide gut. Ăbersehe ich bei gitlab irgendeinen groĂen Nachteil?
MĂśchte/kann zur Zeit nicht selbst hosten und kein Geld zahlen.
Habe bisher nur marginale git-Erfahrung, von daher ist das fĂźrs Wechseln erstmal irrelevant.
FĂźr mich relevant: GUI > CL
[ ] gitlab [ ] bitbucket [ ] unbedingt was anderes!11!
Atari-Frosch
Atari-Frosch
Strypey
I need to set up a website for a #comedy podcast I'm doing with an old friend and collaborator. I'm thinking of just using an off-the-shelf service like #Wordpress.com or #Squarespace, to keep it simple. But if there's a #cooperative doing something like this, using only #FreeCode software, at a similar price, I'd rather support them than lease a #VPS and spend hours doing my own sysadmin.
đ
Craig
#WordPress 5.2.2 #debian packages now uploaded to the FTP servers.
Not really sure what they changed between 5.2.1 and 5.2.2 just some tweaks by the look of things.
Also 5.3 should be out soon.
https://wordpress.org/news/2019/06/wordpress-5-2-2-maintenance-release/
SQUââ˛KYâPâ˛Náâ˛KâS :rojava:
So I feel like because #WordPress is FOSS and wants plugins to also be FOSS they should maybe display license info for plugins somewhere.
infosec-handbook.eu
"WooCommerce Checkout Manager" plugin for WooCommerce (WordPress), used by 60,000+ websites, vulnerable to arbitrary file uploads:
https://thehackernews.com/2019/04/wordpress-woocommerce-security.html
â the latest version of WooCommerce Checkout Manager (4.2.6) is still vulnerable to this
â there is no patch available
â mitigation: disable the "Categorize Uploaded Files" option in the setting, or disable the plugin completely
#woocommerce #wordpress #vulnerability #0day #zeroday #infosec #cybersecurity #security
infosec-handbook.eu
Popular WordPress plugin "Social Warfare" actively exploited:
https://thehackernews.com/2019/04/wordpress-plugin-hacking.html
â last month, Social Warfare 3.5.3 was released, containing fixes for 2 security vulnerabilities (XSS, RCE)
â 37,000 WP websites out of 42,000 active sites use the outdated, vulnerable version
â update to Social Warfare 3.5.3
#wordpress #plugin #vulnerability #socialwarfare #infosec #security #cybersecurity
Robert Johnson
As much as I have pissed and moaned about #wordpress in the past, I am glad it exists and it is FOSS.
Nobody (Linux Walt ALT)
#Wordpress > Drupal
Drupal is just overly complicated for any task, so that the only surprise is that it doesn't have more security holes discovered.
switching.social
WordPress people,
Can you recommend WordPress paid and managed hosting services that *don't* use Google Fonts by default?
(i.e. a service easy enough for non-techies to use, but which doesn't automatically put Google's claws into their site)
It seems like every default WP theme has some kind of code that loads up Google Fonts, even if you don't use Google Fonts.
đ
Craig
#wordpress users, do you use the plugin called Social Warfare? It has a bug where anyone can update a string setting adding an eval()
So someone has decided to redirect sites with this plugin to a porn site. đ˛
Best to delete this plugin
Dr. Roy Schestowitz (ç˝äź)
đ° Lapineige đ
Dear #Yunohost admins/maintainers, do you know if it's possible to install a #Wordpress instance aside of a Wordpress multi-instance app ?
On 2 different domains.
hoergen on Friendica
infosec-handbook.eu
WordPress vulnerabilitiesâpath traversal + local file inclusion = remote code execution:
https://blog.ripstech.com/2019/wordpress-image-remote-code-execution/
â the vulnerability was there for 6 years
â fixed in WordPress 4.9.9 and 5.0.1, however, path traversal is still possible under certain circumstances
#wordpress #vulnerability #cms #infosec #security #cybersecurity #rce
lnxw48a1
Jonkman Microblog is a social network, courtesy of SOBAC Microcomputer Services. It runs on GNU social, version 1.2.0-beta5, available under the GNU Affero General Public License.
All Jonkman Microblog content and data are available under the Creative Commons Attribution 3.0 license.