It’s been a busy March so far. We had a great time talking shop at the PHP Conference in Minnesota and are looking forward to Magento Imagine this Spring. Additionally, we’re excited about adding Magento 2.0 to our hosting plans in the near future, but in the interim, you can start playing around with the Beta right now. And in news from the world’s most popular content management system, it may seem like it has been a long time coming, but WordPress finally released a Twitter plugin. Talk about worlds colliding. When you get some time, check those stories out as well as the rest of the news you missed this March. For the same great content the rest of the month, find us over on Twitter, Facebook, and Google+. Enjoy and let us know if we missed anything important in the comment section.
Like all popular software, WordPress is in a bit of a bind. It’s popular because it’s widely recognized as the best content management system by a large number of sites and users, but that popularity comes at a price. Online criminals know that if they can find an exploit in WordPress, they can access millions of sites, so they devote significant resources to finding problems in WordPress. And its popularity also means that the media pays particular attention to WordPress vulnerabilities when they are found.
If you’re a follower of the WordPress blogosphere, you’ll know that articles tend to fall into one of three groups: discussion of WordPress releases and plugins, howto articles, and news of security vulnerabilities. It’s not that WordPress is any more insecure than any other CMS — it’s a lot more secure than most — but journalists are always look for a good story and “tens of millions of website are vulnerable to hackers” makes for more clicks than “WordPress is awesome.”
With the news that the Magento 2 developer beta had been released, we got to work testing it for addition to our high-performance Magento hosting platform. We’re happy to announce that in the very near future, we’ll be adding Magento 2.0 to our eCommerce hosting plans. It’s been a long time coming, but once you see the new and improved Magento, we’re sure you’ll agree that it was worth the wait.
Magento 2.0 will be a significant and comprehensive upgrade, with innumerable new features both in the user-facing parts of Magento and under-the-hood. There’s good news for eCommerce retailers and Magento developers alike.
The Magento team have been focused on seven major areas for improvement, but I’d like to introduce you to Magento 2.0 by focusing on the three areas that will have most impact on our hosting clients.
Since this May, Google has been polishing a beta of Google Analytics which brings a host of improvements targeted at the eCommerce industry. The Enhanced eCommerce for Google Analytics tools have recently been cleared for general use, so it’s time to take a look at what Google has been working on for eCommerce retailers.
Retailers have a specific set of concerns that aren’t well represented by one-size-fits-all analytics solutions. Of course, it’s often possible to apply the more general tools to specific cases, and Analytics maestros have been doing that for years with GA and eCommerce, but the new tools are designed to make analyzing the purchase funnel and product-based websites more efficient and useful.
Enhanced Analytics for eCommerce includes reports that allow eCommerce retailers to get a clear view of product engagement, shopping cart behavior, and the ability to track the way users are initiating or abandoning transactions.
The parades and fanfare have died down since my glorious arrival. I have finally gotten a handle on some of the staff’s more “refined” tastes when it comes to mixes. Now, I understand the wisdom and foresight of my designers when they took some of the weirder flavors out of my menu.
From my short experience here, I grasp the reasoning behind “less is more.” There is no “I” in team, so I keep my mouth shut and mix what the people want. Who am I to judge? 50% diet Coke and 50% regular cherry Coke? Hey, whatever happens at Nexcess, stays at Nexcess.
those of you who are new here, we’ll give you a quick primer. Each month we like to peruse the internet for the best articles from a variety of subjects that are of interest to our clients. We generally focus on posts that concern the WordPress, blogging, ExpressionEngine, Magento, and eCommerce communities. This month, we’ve included articles that look at the growing importance of mobile as a part of eCommerce as well as Magento’s continued place as the dominant online shopping platform. And it can’t be a New Year without some drama, which the ExpressionEngine community experienced when the CMS came under fire recently. Check out the very well written response in defense of a great platform below. Now that you have a preview on what’s ahead, we’ll let you dive in to this month’s roundup. Here are the best and most relevant articles from January and February. If you want the same great content throughout the month, follow us on Twitter, Facebook, and Google+, Enjoy and let us know if we missed anything important in the comment section.
There’s nothing developers like more than scratching their own itches. Some of the best software — including WordPress itself — is the result of a developer solving their own problem and making the solution public.
So, as you might expect, WordPress developers have created plenty of plugins that help other developers. WordPress isn’t the easiest environment to get started with: the API can be somewhat abstruse and compared to other content management systems, grokking the ins and outs of WordPress isn’t easy—beginners need a little help.
In this article I’d like to take a look at four plugins that will help novice developers get to grips with WordPress.
For most of our clients, performance is of paramount importance. The need to provide users all over the world with fast loading websites and eCommerce stores is a key factor in their choosing Nexcess hosting; it’s what we do best. But equally important is user privacy and information security. The ability to protect sensitive data from online criminals is a fundamental requirement of eCommerce and modern web publishing. Until now it’s been excessively complex and expensive for clients to achieve both speed and security, which is why we’re introducing the Nexcess SSL CDN.
The Nexcess SSL CDN allows users of our content delivery network to add SSL encryption to assets served from the CDN’s edge nodes. SSL can be added to any of our CDN accounts for just $20 a month.
A famous poet once said: “Immature poets imitate; mature poets steal”. What’s not often mentioned is the continuation of that quote which adds: “bad poets deface what they take, and good poets make it into something better”. Everything we create is influenced by what went before, and web design is no exception. Good web designers draw inspiration from the work of others, bad designers repeat blindly without understanding the process that shaped what they are looking at.
Today, we’d like to draw your attention to a rather serious vulnerability in the Linux glibc library. Using this exploit, an attacker is capable of taking complete control of a victim’s system without requiring access to or knowledge of that system’s credentials. Thankfully, patches are already available for the vulnerability across all distributions- we advise all clients and hosts who have not already done so to update their glibc packages.
The issue, assigned the categorization of CVE-2015-0235, allows the creation of a heap-based buffer overflow in _nss_hostname_digits_dots(); used by both the gethostbyname() and gethostbyname2() glibc function calls. By making an application call to either of those functions, a remote attacker is capable of running arbitrary code under the identity of the application owner.