Random babble by Paulh

Over at Adii.co.za there’s a competition to win the Developer’s Package of wordpress themes.

What’s so good about these themes? Well for one they look very professional, secondly wordpress is not just for blogs, its uses as a cms are endless, unfortunately most templates out there are made for blogging - not great if you want to develop a news portal - which is why i like the gazzet edition  so much.

I’ve yet to try these themes out, but from the feedback and screenshots they look awesome

The long awaited version 2.5 of wordpress is here

WordPress 2.5, the culmination of six months of work by the WordPress community, people just like you. The improvements in 2.5 are numerous, and almost entirely a result of your feedback: multi-file uploading, one-click plugin upgrades, built-in galleries, customizable dashboard, salted passwords and cookie encryption, media library, a WYSIWYG that doesn’t mess with your code, concurrent post editing protection, full-screen writing, and search that covers posts and pages

Have played about with an early release of 2.5 and so far so good, only a couple of old plugin didnt work.

Would make sure you backup your database and wordpress installation before upgrading.

If like me you think Wordpress is a great cms you’ve probably installed several templates and plugins. But do you know what exactly it is you are installing?

Chances are unless you are a PHP programmer you won’t have given this a second thought.

So what is it you are installing?
Wordpress  plugins and some templates contain code that performs a particular task.  Some of my favourite plugins are listed here

So what’s the security issue?
Those plugins and templates could be malicious!

Most of us take precautions when downloading programs and files on to our desktops, but happily install plungins and templates on servers without giving it a second thought.  So now you have your nice new shiny template installed, but what else is it doing? Possibilities are endless, you could be opening your server up for sending out spam,  or leaving your company server open to attack.

In the last few week alone I’ve seen..

• templates email that send out emails when installed
• plugins inserting hidden links in all your posts
• mystery encoded php in templates
• plugins that install extra php files from remote servers

So what can you do?
Until there is a online system where plugins and templates are checked for security holes, and we’re able to download them from a verified source, all we can do is be very careful.. Before installing look through those template and plugin files, and check for suspicious code.

Search Engine Serious, a real ‘old’ timer :), has news on this years SEO Roadshow .

The previous roadshow is the best seo event i’ve been too. It’s basically an invitation only, informal weekend meet up at a hotel. Lots of dirnking, lots of eating, and some very knowledegable people… Spammers, CEO’s, blackhats, whithats(not many of them to be honest), entrapenours, bedroom seo’s to head’s of search of multinationals.

This years event looks like it will be held in September/October, possibly Ireland. To get an invite you need to find someone who has already been invited.

See you there

Been really busy for the last few months having fun setting up our SEO strategy and getting things put into action.

Can’t see me posting here much  for the foreseeable future, but just thought i would mention that DougS has started his own blog.

Dougs blog should be  regular read for anyone who likes to hear someone rant about search, affiliate marketing, making money, etc.