Responsible Disclosure!

Who-is-responsible

Sucuri discovered the vulnerability, and informed the MailPoet team, gave them information and time to fix the issue. The MailPoet team did resolved it, but Sucuri disclosed the vulnerability to the wild just within 24hr of MailPoet released the update at WordPress.org.

This is not a Responsible Disclosure! We all are glad to Sucuri that they discovered the issue and informed the developer, but how on earth they expected a plugin which is downloaded more then 2 million times, and one of the most used plugin in its sector, could force their user to update to latest version within 24hr?

Result – 50 thousand WordPress site hacked using this exploit!

Who to blame? The security firm that we all love or their Responsible Disclosure?
Continue reading…

Contributing In WordPress: My Presentation On WordPressians MeetUp

10388118_10152463235314291_72663381596881020_n

We had an amazing MeetUp of WordPressians Group (6th meetup) at Dhaka, last Saturday (June 28th, 2014). It was our first meetup at HubDhaka, a great place of my dear friend Sajid. It was a super great meetup with all of our guys in WordPress Community.

I spoke about “Contributing In WordPress”. Here are the slides -

Adding photos of the events, courtesy to all our talented Photographer buddies, adding as gallery below. Also adding details about my presentation, and all resource inside.

Continue reading…

Introducing UniServer WPReMix

UniServer WPReMix is a portable local server for Windows Operating System, which comes prepacked with WordPress. Its a simple zip package, you just have to extract and run, you will get a fully configured WordPress installed and ready for your test or local development. I made this to make things super easy for new WordPress developer. Its light weight, and no more server and port configuration.

UniServer WPReMix
Continue reading…

Name.com Brings RapidPress, A Kind Of Hosted All-in-One WordPress Solution

I love name.com. Today they announced a new service called RapidPress. It’s a hosted WordPress solution, with domain and other necessary service. As a WordPress lover I also like to see more people built business on WordPress, making it easy for people to blog and make website. But probably for marketing Name.com in a way insult Automattic, company behind WordPress.com, which I don’t like. Keep reading for details.

rapidpressheader4

Continue reading…

Social Profilr Reimagined Version 2.1.2 Released

I actually pushed some rapid updates to my “Social Profilr Reimagined Changelog” plugin. Current latest version is 2.1.2, its more light weight and come with fixed dropdown view, with some minor changes. You could download it free from WordPress Extended. If you face any issue report bug in Plugin support page or in this blog.

W3 Total Cache Version 0.9.2.8 Update Causing Fatal Error (Solution)

I wrote about W3 Total Cache 0.9.2.7 issue, which caused few issues including MaxCDN custom domain name not working. Frederick, the plugin author was fast enough to release updated version 0.9.2.8, but it caused a Fatal error like below, and here I will show a quick workaround to fix the issue.

Fatal error: Uncaught exception 'FileOperationException' with message '<strong>/public_html/wp-content/w3tc-config/master.php</strong> could not be created, please run following command:<br /><ul><li><strong style="color: #f00;">chmod 777 /public_html/wp-content/cache/tmp</strong></li><li><strong style="color: #f00;">chmod 777 /public_html/wp-content/w3tc-config</strong></li>' in /public_html/wp-content/plugins/w3-total-cache/inc/functions/activation.php:127 Stack trace: #0 /public_html/wp-content/plugins/w3-total-cache/lib/W3/ConfigWriter.php(159): w3_throw_on_write_error('/...', Array) #1 /public_html/wp-content/plugins/w3-total-cache/lib/W3/Config.php(71): W3_ConfigWriter->save() #2 /public_html/wp-content/plugins/w3-total-cache/lib/W3/CloudFlare.php(174): W3_Config->save() #3 /public_html/wp-content/plugins/w3-total-cache/lib/W3/Plugin/CloudFlare.php(52): W3_CloudFlare->update_ip_ranges() #4 /h in /public_html/wp-content/plugins/w3-total-cache/inc/functions/activation.php on line 127

 

Continue reading…

W3 Total Cache Version 0.9.2.7 Broke MaxCDN/ NetDNA (Solution)

This blog also use W3 Total Cache to handle caching. Few days ago W3 EDGE company behind this super popular (Downloads: 1,622,242) plugin pushed updated version 0.9.2.7. They actually introduced a revamp look and seems like a great update. But after update, Asif.im broke down completely, as MaxCDN, the Content Delivery Network(CDN) I use was not working with the updated version of W3TC. Here is a quick semi-fix.

Continue reading…