Author Archive for Trevor Current

WordPress Paying Bug Bounties on HackerOne

WordPress is an Open Source Content Management System that allows users to build websites and blogs. We’ve been using the WordPress platform to build websites for our clients since 2009 and feel it is the best free CMS available today. And we’re not the only ones, WordPress now powers more than 28% of all sites on the web.

Because of the nature of “Open Source”, the WordPress core software is openly available to anyone in the world to use, including hackers! This unfortunately gives them the ability to spend countless hours trying to find bugs and flaws in the code to exploit for malicious purposes.

The Security Team at WordPress has been working hard to combat hackers, and to take it a step further, they have officially joined HackerOne.

The HackerOne platform was designed so security researchers can report vulnerabilities to the WordPress Security Team in a safe and responsible manner. They began working on this project privately just over a year ago and have finally made it public.

With the HackerOne announcement, WordPress has also introduced bug bounties. They reward reporters for disclosing issues to better help secure the WordPress platform. They have already awarded over $3,700 in bounties to seven different reporters.

So what does this mean for your WordPress powered website?

It takes a village to keep a project like WordPress moving forward, and the core contributors can’t do it alone. With the addition of the HackerOne community seeking those bug bounties, it will allow the WordPress Security Team to work more efficiently to patch the code and push security updates to your website.

 


 

At Current Media Group we take security very seriously. With our Managed WordPress Hosting, we make sure that our client’s websites are backed up daily, and protected with multiple firewalls throughout our enterprise-grade infrastructure. Our real-time security threat detection, and security audits and code reviews help to keep client’s sites safe. Should a website become compromised, we will immediately take action to find the exploit, remove the malicious code, and have the site back up and running in no time.

WordPress Ramps Up Marketing with TV Ads

During Matt Mullenweg’s State Of The Word address at WordCamp US 2016, he mentioned that they would be ramping up marketing efforts in 2017. Their first TV Ads are now being tested in six markets. Each shares a touching story of a business owner in Detroit who is using WordPress to power their business website. You can check out three of the Ads below.

 

 

 

 

Facebook Updates News Feed, How Will This Impact Your Marketing?

Facebook is constantly making changes to the News Feed to improve the user experience. Their latest effort hopes to reduce the number of links to low-quality web page experiences and to show more informative posts instead.

We’ve all experienced it, you’re scrolling through your News Feed and you see a great headline or photo that catches your eye. When you click on the link you’re presented with popups, offers, links, and general SPAMMY goodness. Frustrating isn’t it? Facebook has heard the complaints and now they’re taking even more steps to fight it.

Facebook is rolling out an update to show fewer Posts and Ads in the News Feed that link to these low-quality, misleading, disruptive or malicious sites. Similar to the work they’re already doing to stop misinformation, this update will help reduce the economic incentives of financially-motivated spammers.

There is a policy already in place to help prevent advertisers with low-quality web page experiences from running ads on Facebook, but now they are also taking into account Posts in the News Feed.

“With this update, we reviewed hundreds of thousands of web pages linked to from Facebook to identify those that contain little substantive content and have a large number of disruptive, shocking or malicious ads. We then used artificial intelligence to understand whether new web pages shared on Facebook have similar characteristics.”

If they determines that a post links to those types of low-quality web pages, it may show up lower in the News Feed and may not be eligible to be an ad.

How will this update impact your marketing efforts?

If you offer quality content through your Facebook Posts and Ads, you should see a small increase in traffic, but if you’re one of those SPAMMERS, expect to see a decline in traffic over the coming months. This update is only one signal that Facebook uses to rank the News Feed, so the impact will vary by publisher and their overall activity.

 


 

Current Media Group provides Social Media Consulting services for businesses of all sizes. Whether you want to learn for yourself, teach your staff, or have us do it for you, we will custom build a solution specifically for you.

Give us a call at 973-862-8687 to discuss your social media needs.

WordPress 4.7.5 Security/Maintenance Release

WordPress issued a security/maintenance release, version 4.7.5, and is now available for update.

This update addresses six security issues;

  1. Insufficient redirect validation in the HTTP class.
  2. Improper handling of post meta data values in the XML-RPC API.
  3. Lack of capability checks for post meta data in the XML-RPC API.
  4. A Cross Site Request Forgery (CRSF)  vulnerability was discovered in the filesystem credentials dialog.
  5. A cross-site scripting (XSS) vulnerability was discovered when attempting to upload very large files.
  6. A cross-site scripting (XSS) vulnerability was discovered related to the Customizer.

In addition to addressing the security vulnerabilities, WordPress 4.7.5 contains 3 maintenance fixes.

WordPress is recommending that you update your website immediately, but before you do make sure you have a full backup copy of your website files and database. You can download this latest version from WordPress.org or update your existing install by going to your Dashboard > Updates, and clicking the link to update.

You can learn more about this security release here.


Since Current Media Group provides Managed WordPress Hosting, our clients don’t have to worry about upgrading their websites to version 4.7.5, because we take care of that for them. We backup the website files and database, run the core update, and then confirm the website is loading properly before going live. If we detect a problem, we’ll automatically roll it back to the state it was prior to the update and inform our clients of the issue. Automatic WordPress core updates is just one of the great features you get with our Hosting and Support plans.

Twitter Usage on the Rise, Thank You President Trump!

We’ve been using Twitter since 2009, and what started out as a social network for early tech adopters has turned in to a main stream communication platform for everyday people, celebrities, and politicians alike.

When Twitter first launched in March 2006, there was nothing else like it online. The 140 character limit was designed to allow updates to be pushed to your phone through text messaging. It forced people to keep their thoughts short, sweet and to the point.

Facebook launched to a limited user base in 2004 and later opened to the public in September of 2006. Twitter already had a jump in the public space and continued to grow as the general use of Facebook slowly caught on.

Fast forward to March 2017, Facebook is now the clear leader in the social space with 1.94 billion monthly active users. YouTube comes in second at 1 billion, Instagram third with 700 million, and Twitter fourth with 313 million monthly active users.

But things are looking up for Twitter with the addition of 9 million new monthly active users in the first quarter of this year. Twitter now sits at 328 million monthly active users, still well under Facebook, YouTube and Instagram, but an increase of 14% from the previous year is significant.

Twitter credits this increase in new users to tweaks made to the news feed and notifications system, marketing efforts, and seasonality. But what wasn’t mentioned is the frequent use of its platform by our President, Donald Trump.

Whether you agree or disagree with President Trump’s views, there is no doubt his Tweets are creating increased activity on Twitter.

I view this as good timing on Twitter’s part. As they struggle to grow their user base and increase revenue, their marketing efforts and product tweaks coincide perfectly with all the free advertising they’re getting daily as the media (and the world) reference President Trump’s tweets.

While Twitter’s user base may be on the rise, their first quarter sales are on the decline. Last year this time sales were $595 million, but a year later they fell to $548 million. This marks the company’s first year-over-year sales decline since going public in 2013.

In a letter to shareholders, the company wrote “We continue to expect revenue growth to meaningfully lag audience growth in 2017”.

Twitter has been hard at work trying to grow the company with a mix of live streaming offerings, displaying more relevant content for users, and working to fight harassment and abuse on its network.

Looking at the big picture, Twitter isn’t going anywhere and is still a big player in the social networking space. While its user base may be smaller than other networks, it’s still a place that you should be spending some quality time. In relation to your business, their audience is huge, and with a proper strategy put in place, it’s a great venue to find and connect with potential new customers.

If you don’t already have a Twitter account for your business, now is the time to create one. Start sharing relevant industry information and follow the movers and shakers in your field. Once you’ve established your Twitter presence, use the tools and resources available to search for and connect with your prospects. Being Social requires effort and 2017 is the time to invest!

 


 

Current Media Group provides Social Media Consulting services for businesses of all sizes. Whether you want to learn for yourself, teach your staff, or have us do it for you, we will custom build a solution specifically for you.

Give us a call at 973-862-8687 to discuss your social media needs.

Has Instagram’s New Feed Affected Your Likes and Comments?

A little over a year ago Instagram updated to an algorithmic feed rather than the chronological feed we all knew and loved. This change caused an uproar in the social marketing community, and left many managers scratching their heads wondering how they would reach their audience.

Well this move appears to have payed off big. The platform’s “growth rate spiked, sharing per user increased, and Instagram has added 200 million monthly active users since to reach 700 million.” said TechCrunch’s Josh Constine.

The algorithmic feed was designed to show viewers content that is most relevant to them based on browsing habits. If you comment or like a user’s photos frequently, then the algorithm will show you their content more frequently. If you stop commenting or liking their content, that user will slowly disappear from your feed.

The algorithm also takes in to account popularity and timing. If a user you follow posts a photo that receives a lot of comments and likes quickly from the time it was posted, the algorithm will make the assumption that this is popular content and will show it to more of their followers. This of course has a snowball effect with the algorithm showing the photo to more and more people sometimes squashing other posts from being seen at all.

This tactic is taken directly from the Facebook playbook. When they rolled out their algorithmic feed, the change in user experience was met with some resistance, but has now become the way of life. It has also become hugely profitable to the company, so why not apply it to the other property they own, Instagram.

From a marketer’s perspective, it has become a pay-to-play ecosystem. If you want your posts to be seen, you’ll either have to create amazing content that goes viral, or pay for placement.

As you can imagine the algorithmic feed is not popular among marketers. What was once a level playing field where all individuals, celebrities, and brands had an equal opportunity to get their content seen by their followers, has now become a battleground between popularity contests and big budgets.

The algorithmic feed is here to stay, Facebook, Instagram, Twitter, and YouTube all use it and the pay-to-play model has become an intricate part of their businesses.

Don’t let the ever changing landscape of social media discourage you from using these technologies. With a little effort, creative content and some strategic planning, you will see results for your business.

 


 

Current Media Group provides Social Media Consulting services for businesses of all sizes. Whether you want to learn for yourself, teach your staff, or have us do it for you, we will custom build a solution specifically for you.

Give us a call at 973-862-8687 to discuss your social media needs.

WordPress Version 4.8 Coming in June

We’ve seen a few updates to the WordPress core over the last several months, but version 4.8 will be the first major release in 2017. The focus of this update is to refine existing features and prepare for the new Gutenberg editor. Additional features planned for this release include:

• TinyMCE inline element / link boundaries
• New media widgets
• WYSIWYG in text widget

The new widget enhancements are exciting to us as designers. Currently the only way to add media such as photos and videos, to a sidebar widget is to either use a plugin or write some code that would be added to a standard Text Widget. In version 4.8 you’ll have those widgets built right in to the core to make adding media so much easier.

If you’re not a coder, just trying to add some formatted text to a sidebar can be a pain. How do you format a link? How do you make text Bold? Many people just create a Post or Page and use the Visual Editor to create their content and then copy the code in to a standard Text Widget. In version 4.8 there will be a simple visual editor built-in to the Text Widget where you can do some basic formatting. This will be so much more user friendly to the non-coder.

The release schedule for WordPress version 4.8 is:

  • May 12, 2017 – Beta 1
  • May 19, 2017 – Beta 2
  • May 25, 2017 – Release Candidate
  • June 1, 2017 – Final Release Candidate (if needed)
  • June 7, 2017 – Dry Run for Release of WordPress 4.8
  • June 8, 2017 – Target Date for Release of WordPress 4.8

Big Name Brands that Use WordPress to Power Their Business Websites

We love WordPress and have been developing websites for clients of all sizes since 2009. Many of our clients had never heard of WordPress and some thought is was just free blogging software and couldn’t possibly be used to build a custom website that would fit their needs.

When we told them about its flexibility in design, ease of management, and the functionality that could be added through plugins, they began to understand. The fact that WordPress is the dominate CMS platform worldwide and that it powers over 26% of the internet also helped 😉

The great team over at WPbeginner.com put together a list of over 40 big name brands that have put their trust in WordPress. Companies like TechCrunch, Sony, Star Wars, Disney, and more have all realized the benefits this CMS platform has to offer.

We encourage you to give their article, 40+ Most Notable Big Name Brands that are Using WordPress a read to see for yourself the awesome sites that can be created with WordPress.

WordPress Ending Support for Old Versions of IE

It’s official, Matt Mullenweg, founding developer of WordPress, posted that WordPress will be ending support Internet Explorer versions 8, 9, and 10 starting with WordPresss 4.8.

Since Microsoft officially discontinued support for these browsers back in January 2016, Matt said “…to continue supporting them ourselves has gotten to the point where it’s holding back development”.

In general, Internet Explorer market share has dropped over the years in favor of more compatible and reliable browsers like FireFox and Chrome. Research shows that the older IE browsers combined is equal to less than 1% – 3% of total users. That number falls below the threshold where it makes sense for WordPress to continue to develop and test for.

So how will this effect your website visitors? In short, it won’t!

The majority of internet users have upgraded to newer computers and browsers that support the latest internet technologies. What website owners should be more concerned about is mobile compatibility.

With 80% of internet users owning smartphones, it’s critical that your website be mobile-friendly. Social media activity, email, and web browsing are happening from the comfort of the couch and not from the desktop.

We have the luxury of information at our fingertips. When a potential customer is searching for that product or service, you want them to find your site and have a great experience while there.

If your website is not mobile-friendly, you need to consider making it a business priority to update in 2017.

What is SSL and Why Do I Need it?

Safe web browsing and internet security is more important today than it has ever been. Everyday we hear about another major website being hacked and their service going down, or customer data being compromised. It happens to the best of them, Amazon, Twitter, Facebook, they have all experienced these problems, and the sad truth is, it could happen to your website too.

We need to be diligent in protecting our website and data by ensuring the web server software is up-to-date, that your Content Management System and plugin software is up-to-date, that security monitoring is in place, and website backups are running daily. But there is another step we can take to help protect our website and visitors, and that’s using SSL and HTTPS.

SSL stands for Secure Sockets Layer, and is the standard security technology used to create an encrypted link between a web server and the user’s web browser. Think of this connection like a tunnel between your website and your users. There is only one way in and one way out and all data sent between them is kept private and secure.

To create this secure connection you first need to purchase and install an SSL Certificate on your web server. You will need to answer a few questions about the identity of your company and website and then two cryptographic keys will be generated, a Private Key and a Public Key.

The Public Key is placed into a data file called a Certificate Signing Request (CRS) and is submitted to the Certification Authority that will validate your details and issue the SSL Certificate. Your web server will then match your issued SSL Certificate to your Private Key establishing an encrypted connection to your user’s web browser.

The encrypted connection is made over HTTPS (Hyper Text Transfer Protocol Secure) and will display https in the website address bar along with a closed padlock symbol.

Why do you need SSL?

SSL data encryption secures your website visitor’s connection, an when people see that padlock icon in the web address bar, they feel a little safer and trust visiting and shopping on your site. It also helps to limit your security liability knowing that the connection isn’t being compromised by a hacker trying to capture sensitive data.

Google and other search engines like secure websites. They are recommending you just by displaying your website in their search results. If they know your site is secured by SSL, they will be more likely to rank you higher in the results than your competition who aren’t using SSL.

If you have an e-commerce site, membership site, or are collecting some form of sensitive data, SSL is a must!

In the past to purchase, configure and install an SSL certificate on a website could get pretty expensive. But with the different options available today, it’s never been more affordable to secure your site.


As part of Current Media Group’s Managed WordPress Hosting and Support, we offer different levels of SSL encryption. If you need a basic SSL we can set you up at no additional cost and for more advanced needs our low priced SSLs will have you covered.

Need help deciding what WordPress hosting plan and SSL certificate is right for you? Feel free to give us a call at 973-862-8687 for a free no obligation consultation.