WordPress AutoUpdater Restarted

We first launched our WordPress AutoUpdater in 2012. Some tweaks were made to the system a year later, when the original AutoUpdate feature was included in the WordPress core, but we continued to rely primarily on our own system for our customers. The SiteGround AutoUpdater has been used successfully for the last 5 years and has kept a lot of our customers up-to-date and safe from hacks. Thanks to it, more than 70% of the WordPress installations on our servers have been constantly using the latest software version. However, we have been thinking for a while how to get this percentage even closer to 100. The recent security issues with WordPress REST API motivated us to introduce a change into the system that increased the upgrade rate to more than 90%.

Read More

HTTPS for WordPress With a Click

UPDATE: If you're using CloudFlare with your website, make sure you set the SSL Option in our CloudFlare tool in cPanel to Flexible,  then configure WordPress to work through HTTPS and finally, switch the option in CloudFlare to Full Strict. This way, you will not have any downtime during the reconfiguration process. Check out our CloudFlare tutorial for additional information on that matter.

A month ago we made the first step to increase the adoption rate of SSL certificates amongst our customers by starting to issue automatically Let's Encrypt certificates for all domains hosted on our servers. However, there still remained a manual step to configure all applications to use the certificates we've made available. We knew that if we really wanted to see a rise in the HTTPS usage we not only needed to provide the SSLs, but also make it easy for our clients to implement them. Today we are happy to announce that we have achieved this second goal for a large group of our customers -- the WordPress users.

Read More

PHP 7.1 Already Available on Our Servers

php7-1-available-siteground-servers
We are thrilled to announce that one more time SiteGround has made the latest PHP version (PHP 7.1) available on most of its servers just minutes after it was officially released. PHP 7.1 comes with exciting new features for developers. However, it also introduces backward incompatible changes and migrations from 7.0 to 7.1 should be performed with great caution.
Read More

When Your CMS Reaches End of Life

cms-end-of-life

End of Life (EOL) in the CMS world refers to the point in time when an older version stops being supported by the company or community that has built it, and all efforts are focused on current and future versions. No support means performance, and more importantly, security issues, which nobody wants.
Read More

Jetpack Critical Security Vulnerability

jetpack

Today a critical vulnerability was found in one of the most popular and widely used WordPress plugins - Jetpack. Fortunately, according to the plugin authors there is no evidence that this issue has been used to hack real sites. However, an update of the plugin was released - Jetpack 4.0.3.

As usual, our security team was pro-active and updated our WAF (web application firewall), adding rules to prevent the hack from being used. This means that even if your plugin is not updated to the latest version, your site will still be protected. However, we urge all Jetpack users to update the plugin to its latest version in which the vulnerability is patched.