The blogging and/or content material control machine (CMS) WordPress, utilized by tens of millions of blogs, has reached three. Zero – marking a big point in its evolution as a platform for all types of content online.
Or, as the blogpost on the WordPress site puts it:
“Arm your vuvuzelas: WordPress 3.zero, the 13th predominant release of WordPress and the result of half a 12 months of work with the aid of 218 members, is now to be had for download (or upgrade inside your dashboard). Fundamental new capabilities on this launch encompass a sexy new default theme known as Twenty Ten. Subject matter developers have new APIs that permit them to without difficulty put in force custom backgrounds, headers, shortlinks, menus (no greater record modifying), publish kinds, and taxonomies. (Twenty Ten topic shows all of that off.) builders and network admins will respect the lengthy-awaited merge of MU and WordPress, developing the new multi-website capability which makes it feasible to run one blog or ten million from the identical installation.”
There may be a big listing of adjustments and upgrades.
The release is called “Thelonius,” after the jazz pianist Thelonius Monk; preceding variations were known as Mingus, Strayhorn, Duke, Ella, Getz, Dexter, Brecker, Tyner, Coltrane, Baker, and Carmen – so you can see that there is a type of jazz thing taking place Stump Blog. But what is going to remember for lots of WordPress users is the query of safety. At the same time, as WordPress does a first-rate job inside the major of offering good safety, there are so many blogs out there that the use of its method that vulnerabilities and exploits abound. Because it’s an open supply software program, you have to take that as you find it – and there are plenty of factors that can be finished to harden it.
The WPSecurityLock weblog, considered one of various which focusses on reports of safety weaknesses or exploits towards WordPress, has tested the claims made for 3.zero – of which the most incredible at once in which you don’t must have an admin called “admin” anymore; you may trade the username to something else. On its personal, that is probably one of the biggest steps. From private revel in, I’d say that the opposite step that makes the largest protection difference isn’t to allow external user registration (no longer flip it off, However, alternate the hooks within the code): forestalls all way of cookie- and injection-primarily based attacks.
Commercial
There may also be BlogSecurity, which has already located a “thrashing” attack based totally on the ability to retrieve posts that have been trashed (only in model 2.nine upwards). Blog security hasn’t but were given its tooth into three.0, But if you’re a WordPress consumer, it’s miles properly really worth maintaining a watch on each of those. The alternative huge hassle will be what 3.zero does to the great range of plugins written for WordPress, which add the capability of one kind or some other (my private favorite for killing junk mail continues to be junk mail Karma 2, However it is unlikely this could be updated for model 3; but the code is now available for upgrade and development at a Google Code repository – although that does seem energetic.
In the meantime, right here’s the introductory video for WordPress three. zero. (Note that it needs Php 4.3+ and MySQL 4.1.2+.) There is also Mullenweg’s seventy-four-minute speech at WordCamp in San Francisco which he says is “jam-packed with data at the boom of WordPress, three.0, what we’re making plans for the future, and the philosophy of WordPress.” (We’re going to admit to not having listened to it all.)
