Category Archives: Nexcess
Every four months, regular as (slightly creaky) clockwork, the WordPress developers produce a new release. The first release of the year traditionally lands some time in April, and this year, all being well, will be no different. But before WordPress 4.2 hits the servers next month, the developers need a bit of help ironing out any remaining kinks. The first beta was made available last week, and if you want to test the upcoming release, you can download it from the WordPress site or install the WordPress Beta Tester plugin, which will give you the option of updating to development releases.
It almost certainly doesn’t need saying, but it would be a very bad idea to run the beta on a production site: it’s no where near ready for that and it will almost certainly break something. If you want to test the beta, use a staging or testing installation created for that purpose.
Like all popular software, WordPress is in a bit of a bind. It’s popular because it’s widely recognized as the best content management system by a large number of sites and users, but that popularity comes at a price. Online criminals know that if they can find an exploit in WordPress, they can access millions of sites, so they devote significant resources to finding problems in WordPress. And its popularity also means that the media pays particular attention to WordPress vulnerabilities when they are found.
If you’re a follower of the WordPress blogosphere, you’ll know that articles tend to fall into one of three groups: discussion of WordPress releases and plugins, howto articles, and news of security vulnerabilities. It’s not that WordPress is any more insecure than any other CMS — it’s a lot more secure than most — but journalists are always look for a good story and “tens of millions of website are vulnerable to hackers” makes for more clicks than “WordPress is awesome.”
With the news that the Magento 2 developer beta had been released, we got to work testing it for addition to our high-performance Magento hosting platform. We’re happy to announce that in the very near future, we’ll be adding Magento 2.0 to our eCommerce hosting plans. It’s been a long time coming, but once you see the new and improved Magento, we’re sure you’ll agree that it was worth the wait.
Magento 2.0 will be a significant and comprehensive upgrade, with innumerable new features both in the user-facing parts of Magento and under-the-hood. There’s good news for eCommerce retailers and Magento developers alike.
The Magento team have been focused on seven major areas for improvement, but I’d like to introduce you to Magento 2.0 by focusing on the three areas that will have most impact on our hosting clients.
Since this May, Google has been polishing a beta of Google Analytics which brings a host of improvements targeted at the eCommerce industry. The Enhanced eCommerce for Google Analytics tools have recently been cleared for general use, so it’s time to take a look at what Google has been working on for eCommerce retailers.
Retailers have a specific set of concerns that aren’t well represented by one-size-fits-all analytics solutions. Of course, it’s often possible to apply the more general tools to specific cases, and Analytics maestros have been doing that for years with GA and eCommerce, but the new tools are designed to make analyzing the purchase funnel and product-based websites more efficient and useful.
Enhanced Analytics for eCommerce includes reports that allow eCommerce retailers to get a clear view of product engagement, shopping cart behavior, and the ability to track the way users are initiating or abandoning transactions.
The parades and fanfare have died down since my glorious arrival. I have finally gotten a handle on some of the staff’s more “refined” tastes when it comes to mixes. Now, I understand the wisdom and foresight of my designers when they took some of the weirder flavors out of my menu.
From my short experience here, I grasp the reasoning behind “less is more.” There is no “I” in team, so I keep my mouth shut and mix what the people want. Who am I to judge? 50% diet Coke and 50% regular cherry Coke? Hey, whatever happens at Nexcess, stays at Nexcess.
There’s nothing developers like more than scratching their own itches. Some of the best software — including WordPress itself — is the result of a developer solving their own problem and making the solution public.
So, as you might expect, WordPress developers have created plenty of plugins that help other developers. WordPress isn’t the easiest environment to get started with: the API can be somewhat abstruse and compared to other content management systems, grokking the ins and outs of WordPress isn’t easy—beginners need a little help.
In this article I’d like to take a look at four plugins that will help novice developers get to grips with WordPress.
For most of our clients, performance is of paramount importance. The need to provide users all over the world with fast loading websites and eCommerce stores is a key factor in their choosing Nexcess hosting; it’s what we do best. But equally important is user privacy and information security. The ability to protect sensitive data from online criminals is a fundamental requirement of eCommerce and modern web publishing. Until now it’s been excessively complex and expensive for clients to achieve both speed and security, which is why we’re introducing the Nexcess SSL CDN.
The Nexcess SSL CDN allows users of our content delivery network to add SSL encryption to assets served from the CDN’s edge nodes. SSL can be added to any of our CDN accounts for just $20 a month.
A famous poet once said: “Immature poets imitate; mature poets steal”. What’s not often mentioned is the continuation of that quote which adds: “bad poets deface what they take, and good poets make it into something better”. Everything we create is influenced by what went before, and web design is no exception. Good web designers draw inspiration from the work of others, bad designers repeat blindly without understanding the process that shaped what they are looking at.
Today, we’d like to draw your attention to a rather serious vulnerability in the Linux glibc library. Using this exploit, an attacker is capable of taking complete control of a victim’s system without requiring access to or knowledge of that system’s credentials. Thankfully, patches are already available for the vulnerability across all distributions- we advise all clients and hosts who have not already done so to update their glibc packages.
The issue, assigned the categorization of CVE-2015-0235, allows the creation of a heap-based buffer overflow in _nss_hostname_digits_dots(); used by both the gethostbyname() and gethostbyname2() glibc function calls. By making an application call to either of those functions, a remote attacker is capable of running arbitrary code under the identity of the application owner.
We are always looking for opportunities to set us apart from other hosting companies. We take our client suggestions seriously and strive to ensure the best possible hosting experience.
Over the past few years, we have asked for feedback on how to improve our Client Portal from our development partners and clients. One of the most common suggestions was to allow multiple logins to a single Client Portal account.
We are pleased to announce that later this week, the multiple-user Client Portal login feature will be available to all of our Portal users.