The blogging and/or content material control machine (CMS) WordPress, utilized by tens of millions of blogs, has reached three.zero – marking a big point in its evolution as a platform for all types of content on line.
Or as the blogpost on the WordPress site puts it:
“Arm your vuvuzelas: WordPress 3.zero, the 13th predominant release of WordPress and the end result of half a 12 months of work with the aid of 218 members, is now to be had for download (or upgrade inside your dashboard). Fundamental new capabilities on this launch encompass a sexy new default theme known as Twenty Ten. Subject matter developers have new APIs that permit them to without difficulty put in force custom backgrounds, headers, shortlinks, menus (no greater record modifying), publish kinds, and taxonomies. (Twenty Ten topic shows all of that off.) builders and network admins will respect the lengthy-awaited merge of MU and WordPress, developing the new multi-website capability which makes it feasible to run one blog or ten million from the identical installation.”
There may be a big listing of adjustments and upgrades.
The release is called “Thelonius”, after the jazz pianist Thelonius Monk; preceding variations were known as Mingus, Strayhorn, Duke, Ella, Getz, Dexter, Brecker, Tyner, Coltrane, Baker and Carmen – so you can see that There is a type of jazz thing taking place.
But what is going to remember for lots WordPress users is the query of safety. At the same time as WordPress does a first-rate job inside the major of offering good safety, the reality that there are so many blogs out there the use of it method that vulnerabilities and exploits abound. Because it’s open supply software program, you have to take that as you find it – and there are plenty of factors that can be finished to harden it.
The WPSecurityLock weblog, considered one of various which focusses on reports of safety weaknesses or exploits towards WordPress, has tested the claims made for 3.zero – of which the most incredible at once is which you don’t must have an admin called “admin” anymore; you may trade the username to something else. On its personal, that is probably one of the biggest steps. From private revel in, I’d say that the opposite step which makes the largest protection difference isn’t to allow external user registration (no longer just flip it off, However additionally alternate the hooks within the code): that forestalls all way of cookie- and injection-primarily based attacks.
There may be also BlogSecurity, which has already located a “thrashing” attack based totally on the ability to retrieve posts which have been trashed (only in model 2.nine upwards). BlogSecurity hasn’t but were given its tooth into three.0, But in case you’re a WordPress consumer it’s miles properly really worth maintaining a watch on each of those.
The alternative huge hassle will be what 3.zero does to the great range of plugins written for WordPress, which add capability of one kind or some other (my private favourite for killing junk mail continues to be junk mail Karma 2, However it is unlikely this could be updated for model 3; but the code is now available for upgrade and development at a Google Code repository – although that does seem energetic.
In the meantime, right here’s the introductory video for WordPress three.zero. (Note that it needs Php 4.3+ and MySQL 4.1.2+.)
There is also Mullenweg‘s seventy four-minute speech at WordCamp in San Francisco which he says is “jam-packed with data at the boom of WordPress, three.0, what we’re making plans for the future, and the philosophy of WordPress.” (We’re going to admit to not having listened to it all.)