WordPress blogging platform hits 3.0
The running a blog and/or content control system (CMS) WordPress, utilized by millions of blogs, has reached three.zero – marking a vast point in its evolution as a platform for all forms of content material on-line.
Or because the blogpost on the WordPress web page puts it:
“Arm your vuvuzelas: WordPress three.zero, the thirteenth important launch of WordPress and the end result of half of a year of work by way of 218 participants, is now to be had for down load (or improve inside your dashboard). Predominant new capabilities on this release encompass an attractive new default subject known as Twenty Ten. Subject builders have new APIs that permit them to without problems put into effect custom backgrounds, headers, shortlinks, menus (no greater document enhancing), submit types, and taxonomies. (Twenty Ten subject matter indicates all of that off.) developers and network admins will admire the long-awaited merge of MU and WordPress, developing the brand new multi-web page capability which makes it feasible to run one weblog or ten million from the equal installation.”
There is a large list of adjustments and upgrades.
The discharge is known as “Thelonius”, after the jazz pianist Thelonius Monk; previous versions have been called Mingus, Strayhorn, Duke, Ella, Getz, Dexter, Brecker, Tyner, Coltrane, Baker and Carmen – so that you can see that There may be a sort of jazz element going on.
But what’s going to depend for many WordPress users is the query of safety. Whilst WordPress does a splendid job inside the major of presenting desirable protection, the reality that there are such a lot of blogs accessible the use of it manner that vulnerabilities and exploits abound. Because it’s open source software, you need to take that as you find it – and there are masses of factors that may be performed to harden it.
The WPSecurityLock blog, one in all a range of which focusses on reports of security weaknesses or exploits towards WordPress, has examined the claims made for 3.zero – of which the maximum wonderful at once is which you do not must have an admin referred to as “admin” any greater; you could change the username to something else. On its very own, that might be one in every of the biggest steps. From personal revel in, I might say that the alternative step which makes the largest protection distinction is not to allow outside person registration (no longer simply flip it off, However also alternate the hooks within the code): that forestalls all way of cookie- and injection-primarily based attacks.
There’s additionally BlogSecurity, which has already located a “thrashing” attack primarily based at the capability to retrieve posts that have been trashed (simplest in version 2.nine upwards). BlogSecurity hasn’t but were given its teeth into three.0, However if you’re a WordPress user it is nicely well worth maintaining a watch on each of those.
The opposite big hassle will be what three.zero does to the extensive range of plugins written for WordPress, which add capability of one kind or some other (my non-public preferred for killing junk mail remains unsolicited mail Karma 2, However it is unlikely this could be up to date for version three; but the code is now to be had for improve and development at a Google Code repository – even though that does appear lively.
Meanwhile, here’s the introductory video for WordPress three.zero. (Word that it wishes Personal home page 4.3+ and MySQL four.1.2+.)
There may be also Mullenweg‘s seventy four-minute speech at WordCamp in San Francisco which he says is “jam-full of records at the boom of WordPress, three.zero, what we’re making plans for the future, and the philosophy of WordPress.” (We will admit to now not having listened to it all.)