GDPR compliance is an important consideration for all WordPress websites. The GDPR Compliance team is looking for help to test the privacy tools that are currently being developed in core.
Archive for CMS
1003 results.
We’ve added greater flexibility to how cPanel users can manage, protect, and administer email addresses on their mail server. You can now suspend or queue the outgoing mail from a single email account on your server. In case you’re not already familiar with the full administrative capabilities of Webmail, here’s a short run down. Receive Notifications of Send Limits Get alerts about accounts that are sending massive amounts of emails by entering Tweak Settings …
Comment
Last night, we pushed an update to EasyApache4 wherein after the update was installed Apache service may fail to restart properly. Upon checking the Apache error log, you may see error messaging similar to the following: Server xxxxxxx.com Primary IP Address xxxxxxxxxx Service Name httpd Service Status failed Notification The service “httpd” appears to be down. Service Check Method The system failed to connect to this service’s TCP/IP port. Reason Service check failed to complete …
WordPress 4.9.5 is now available. This is a security and maintenance release for all versions since WordPress 3.7. We strongly encourage you to update your sites immediately. WordPress versions 4.9.4 and earlier are affected by three security issues. As part of the core team's ongoing commitment to security hardening, the following fixes have been implemented […]
How and Why to Build an EDGE Server
Apr03
on April 3, 2018
at 4:00 pm
Posted In: Apache, CMS, Community, cPanel, edge-tier, Events, how to test cpanel, Products, Releases, security, System, testing cPanel server, Tips & Tricks, update cpanel
* This post was originally posted on September 27, 2016, and has been updated for accuracy. The Tiered Release System The tiered release system was introduced early in the development of cPanel & WHM. We knew it would be important to appeal to all types of users, from the risk-taking early adopters to the stability-seeking delayers. Each tier represents a different risk vs reward ratio, and today we’re here to talk …
With a significant new milestone and some great improvements to WordPress as a platform, this month has been an important one for the project. Read on to find out more about what happened during the month of March. WordPress Now Powers 30% of the Internet Over the last 15 years, the popularity and usage of […]
There are multiple factors that contribute to your hosting company’s success. One undeniable factor that separates good hosting providers from great hosting providers is the level of technical support they provide their customers. Providing customers with easy, fast solutions when they need it is the best way to increase loyalty, retention, as well as promote evangelism for your business. We want to make sure your technical support staff is at …
Last week was the annual CloudFest conference (previously WHD.global) in Rust, Germany. cPanel, Inc. was a Diamond Sponsor, and we showed up in force! Twenty-seven eager cPanel employees from four departments came along. We all got to meet with existing and potential customers and to pass out some pretty handy gloves. Celebrate the Cloud! Most of us in the technology industry have a love/hate relationship with …
- Project: Joomla!
- SubProject: CMS
- Impact: High
- Severity: Low
- Versions: 3.5.0 through 3.8.5
- Exploit type: SQLi
- Reported Date: 2018-March-08
- Fixed Date: 2018-March-12
- CVE Number: CVE-2018-8045
Description
The lack of type casting of a variable in SQL statement leads to a SQL injection vulnerability in the User Notes list view
Affected Installs
Joomla! CMS versions 3.5.0 through 3.8.5
Solution
Upgrade to version 3.8.6
Contact
The JSST at the Joomla! Security Centre.
Reported By: Entropy Moe
Joomla 3.8.6 Release
Mar13
Joomla 3.8.6 is now available. This is a security fix release for the 3.x series of Joomla addressing one security vulnerability and including over 60 bug fixes and improvements.
As the internet evolves — so do the policies that govern the way we store and share information. One of the latest policies to come into effect is the General Data Protection Regulation. This policy, also known as GDPR, comes out of the European Union and its goal is to protect certain types of personal information. We began preparing just over a year ago for this regulation, which comes …
Judging by the flurry of activity across the WordPress project throughout February, it looks like everyone is really getting into the swing of things for 2018. There have been a lot of interesting new developments, so read on to see what the community has been up to for the past month. WordPress 4.9.3 & 4.9.4 […]
Security is a huge priority for the cPanel team. Not only do we make sure we are providing everything we can to keep our customers protected, but we also provide ways for our customers to keep their clients’ information safe as well. One of our most prized features for both web, email, and server security is cPHulk. This feature, which provides great protection against brute force attacks, has been a part of our security suite …
Where’s the SDK?
Feb22
When we originally launched the cPanel & WHM documentation, we also included a Software Developer Kit (SDK). Our goal was to build it into an actual kit of tools and help that would support and enable our integrators. Unfortunately, as the documentation evolved and the documentation team took on more responsibility, the actual ‘kit’ was never created. That’s created a ton of confusion that we’re hoping to alleviate today. Announcing: Developer …
WordCamp Incubator 2.0
Feb21
WordCamps are informal, community-organized events that are put together by a team of local WordPress users who have a passion for growing their communities. They are born out of active WordPress meetup groups that meet regularly and are able to host an annual WordCamp event. This has worked very well in many communities, with over […]
WordPress 4.9.4 is now available. This maintenance release fixes a severe bug in 4.9.3, which will cause sites that support automatic background updates to fail to update automatically, and will require action from you (or your host) for it to be updated to 4.9.4. Four years ago with WordPress 3.7 “Basie”, we added the ability […]
Joomla 3.8.5 Release
Feb06
Joomla 3.8.5 is now available. This is a bug fix release for the 3.x series of Joomla fixing regressions which were reported after the 3.8.4 release.
WordPress 4.9.3 is now available. This maintenance release fixes 34 bugs in 4.9, including fixes for Customizer changesets, widgets, visual editor, and PHP 7.2 compatibility. For a full list of changes, consult the list of tickets and the changelog. Download WordPress 4.9.3 or visit Dashboard → Updates and click “Update Now.” Sites that support automatic […]
Things got off to a gradual start in 2018 with momentum starting to pick up over the course of the month. There were some notable developments in January, including a new point release and work being done on other important areas of the WordPress project. WordPress 4.9.2 Security and Maintenance Release On January 16, WordPress […]
- Project: Joomla!
- SubProject: CMS
- Impact: High
- Severity: Low
- Versions: 3.7.0 through 3.8.3
- Exploit type: SQLi
- Reported Date: 2017-November-17
- Fixed Date: 2018-January-30
- CVE Number: CVE-2018-6376
Description
The lack of type casting of a variable in SQL statement leads to a SQL injection vulnerability in the Hathor postinstall message.
Affected Installs
Joomla! CMS versions 3.7.0 through 3.8.3
Solution
Upgrade to version 3.8.4
Contact
The JSST at the Joomla! Security Centre.
Reported By: Karim Ouerghemmi, ripstech.com
- Project: Joomla!
- SubProject: CMS
- Impact: Moderate
- Severity: Low
- Versions: 1.5.0 through 3.8.3
- Exploit type: XSS
- Reported Date: 2017-November-17
- Fixed Date: 2018-January-30
- CVE Number: CVE-2018-6379
Description
Inadequate input filtering in the Uri class (formerly JUri) leads to a XSS vulnerability.
Affected Installs
Joomla! CMS versions 1.5.0 through 3.8.3
Solution
Upgrade to version 3.8.4
Contact
The JSST at the Joomla! Security Centre.
Reported By: Octavian Cinciu
- Project: Joomla!
- SubProject: CMS
- Impact: Moderate
- Severity: Low
- Versions: 3.7.0 through 3.8.3
- Exploit type: XSS
- Reported Date: 2018-January-20
- Fixed Date: 2018-January-30
- CVE Number: CVE-2018-6377
Description
Inadequate input filtering in com_fields leads to a XSS vulnerability in multiple field types, i.e. list, radio and checkbox.
Affected Installs
Joomla! CMS versions 3.7.0 through 3.8.3
Solution
Upgrade to version 3.8.4
Contact
The JSST at the Joomla! Security Centre.
Reported By: Benjamin Trenkle, JSST
Joomla 3.8.4 Release
Jan30
Joomla 3.8.4 is now available. This is a security release for the 3.x series of Joomla addressing four security vulnerabilities and including over 100 bug fixes and improvements.
- Project: Joomla!
- SubProject: CMS
- Impact: Moderate
- Severity: Low
- Versions: 3.0.0 through 3.8.3
- Exploit type: XSS
- Reported Date: 2018-January-21
- Fixed Date: 2018-January-30
- CVE Number: CVE-2018-6380
Description
Lack of escaping in the module chromes leads to XSS vulnerabilities in the module system.
Affected Installs
Joomla! CMS versions 3.0.0 through 3.8.3
Solution
Upgrade to version 3.8.4
Contact
The JSST at the Joomla! Security Centre.
Reported By: David Jardin, JSST
WordPress 4.9.2 is now available. This is a security and maintenance release for all versions since WordPress 3.7. We strongly encourage you to update your sites immediately. An XSS vulnerability was discovered in the Flash fallback files in MediaElement, a library that is included with WordPress. Because the Flash files are no longer needed for […]
Activity slowed down in December in the WordPress community, particularly in the last two weeks. However, the month started off with a big event and work pushed forward in a number of key areas of the project. Read on to find out more about what transpired in the WordPress community as 2017 came to a […]
There are many fine achievements to reflect on as we look back on 2017. Most importantly the Joomla Project wants to say a massive “thank you” to all our volunteers. As an open source project, Joomla can only achieve what it does with the valuable contributions of our extensive global community of hard-working volunteers. On behalf of the Joomla Project, Thank You!
New York – December 15, 2017
The FCC (Federal Communications Commission) vote on Thursday December 14, 2017 to repeal Net Neutrality, while unfortunately expected, is tremendously disappointing to all believers of an open and free internet.
Open Source Matters, Inc. and the Joomla Community believe wholeheartedly in content creation and dissemination. We as a community have been overwhelmingly in favor of retaining Net Neutrality in the United States and worldwide and will seek to make our voices heard in as many ways as possible.
Joomla 3.8.3 Release
Dec12
Joomla 3.8.3 is now available. This is a bug fix release for the 3.x series of Joomla which includes over 60 bug fixes and improvements.
Who is A2 Hosting?
It’s likely that you’re already familiar with A2 Hosting. Not only are they an active Joomla! Community member and have sponsored Joomla! and our community, they have been hosting Joomla! sites since their launch back in 2003.