@wceh @evan @davew The #WordPress community and the Fediverse develeloper community are close, close cousins. And each one can be so much richer by collaborating with the other.
@wceh @evan @davew The #WordPress community and the Fediverse develeloper community are close, close cousins. And each one can be so much richer by collaborating with the other.
Now in its second year, WordCamp Canada is bringing pioneers of the #fediverse and #open web to Ottawa in October: @evan and @davew Do you use #WordPress and/or #Mastodon? We'd love to hear from you! https://canada.wordcamp.org/2025/
It’s Not WordPress. It’s the Plugins.
After managing hundreds of WordPress sites over the years, one thing is clear: the core is solid – it’s the outdated, poorly written plugins that open the doors to attacks. At OSDay 2025, I attended a talk that confirmed this and shed light on a massive bug bounty hunt that closed nearly 1,000 vulnerable plugins.
https://journal.bsd.cafe/2025/07/14/its-not-wordpress-its-the-plugins/
Looking for some help with implementing BuddyPress on an existing WordPress site - anyone with experience out there who can provide tips, or consult for a fee?
Suggestions and boosts welcome!
In eigener Sache: „Established 2023“
Zwei Jahre. 24 Monate. 730 Tage. So lange gibt es diesen Blog – und das nur, weil ich eigentlich nur für mich die Mediatheken durchforste, um Filme zu finden, die etwas riskieren. Filme, die weh tun, irritieren, begeistern, wütend machen. Filme, die nicht glatt gebügelt wurden, Filme für meinen ganz privaten Eskapismus. Ich schreibe darüber, weil sie mich beschäftigen. Weil ich etwas sehe, das nicht untergehen sollte im Strom der Flachware. Und weil ich glaube, dass Filmkritik viel mehr sein kann als Konsumberatung.
Canadian job opportunities, I'm not affiliated with any of these companies:
Ziff Davis is hiring a number of roles remote in Canada. Some positions list a salary range, while others don't. See https://www.ziffdavis.com/careers/jobs and make sure to select "Remote - Canada".
Xplor is hiring an Engineering Manager "this team is fully remote and primarily based in North America, but will sometimes work with contractors in EU or other time zones. Our tech stack includes Python, Django, Node.js, Ember.js, React, PostgreSQL and more." Job description and apply at https://jobs.smartrecruiters.com/Xplor/744000069322537-engineering-manager.
Long & McQuade is hiring a PHP developer in Pickering, Ontario. "Proven experience as a PHP Developer or similar role in web development. Strong knowledge of PHP frameworks such as Laravel, Symfony, or CodeIgniter." No salary range listed. Apply at https://www.long-mcquade.com/?page=careers-description&JobsID=45596.
Content Bloom is hiring for the following positions: Senior Web Developer, and Web Developer. Both in Halifax, Nova Scotia. Salary range is listed. See their existing positions to apply at https://contentbloom.com/careers/.
New.
Infoblox: Vexing and Vicious: The Eerie Relationship between WordPress Hackers and an Adtech Cabal https://blogs.infoblox.com/threat-intelligence/vexing-and-vicious-the-eerie-relationship-between-wordpress-hackers-and-an-adtech-cabal/ @InfobloxThreatIntel #cybersecurity #infosec #WordPress
So on the one hand, I definitely get the sentiment as someone more or less transitioning away from #WordPress. But on the other hand, the argument does feel a bit flimsy. Could use more actual examples rather than just being a rant.
https://webdesignerdepot.com/the-slow-implosion-of-wordpress-2025-and-the-cms-thats-losing-its-soul/
Just a heads-up on this supply chain attack on the Gravity Forms wordpress plugin, one IOC is POST requests to gravityapi[.]org - a 3 day old domain.
That domain shares an IP with gravityapi[.]io.
Our 2025 Roadmap: Building the Future of WordPress Federation – #ActivityPub for WordPress https://activitypub.blog/2025/06/11/our-2025-roadmap-building-the-future-of-wordpress-federation/
Vielleicht nutze ich ab 2026 eine zweite #WordPress Installation als meine hauptsächliche #Fediverse / #Microblogging Instanz. Vorteil: Ich könnte sie wirklich selbst hosten. Bin gespannt was 2025 noch so kommt.
@elena
It looks like the #WordPress team are working hard to make your deams come true.
https://activitypub.blog/2025/06/11/our-2025-roadmap-building-the-future-of-wordpress-federation/
@deadsuperhero Caching responses is always a good advice when it comes to #WordPress serving #ActivityPub content, too.
ActivityPub for WordPress
The 2025 Roadmap
»Our goal for this year is to finalize the full ActivityPub experience — so that WordPress can be used as a first-class citizen of the Fediverse.«
This means:
- publishing to the network
- following
- reading
- interacting
- moderating
And all in a way that feels natural for WP users.
Really exciting what @pfefferle, @obenland and the other contributors are creating.
#WordPress #ActivityPub #Fediverse
https://activitypub.blog/2025/06/11/our-2025-roadmap-building-the-future-of-wordpress-federation/
I can’t know definitively yet…I have to babysit my server and keep an eye on logs. But, I think I may have found the culprit for why I get timeout issues with #ActivityPub and #WordPress.
It might be PHP-FPM. If you’re using Nginx, this is kind of a “glue layer” for making PHP stuff talk to Nginx.
I host most things with Nginx, which sometimes requires configuring workarounds with traditional PHP applications. I was digging around in my logs during the latest server slowdown, and I got some error messages about pm.max_children
and pm.start_servers
being way too low.
Anyway, raising the amount seems to be helping? More word on this as experiments continue.
@matthiasott Just recently started shipping in production for full custom #Wordpress dev. No build step at all. Global variables in the <head> and nested stylesheets for each block/component.
I currently pay $120/yr to host a #WordPress blog at A2Hosting. Seems kinda steep. Looks like WordPress.com could be as low as $48/yr if I don't need plug-ins.
Other options I should consider? I remember there was drama with the Automattic CEO last year.
I want to keep my old posts and comments without a major migration to another platform which I expect means options like a static site generator are out...
#AskFedi do you know anyone with a federated Wordpress site who uses it extensively? Not just for publishing straight to the Fediverse, but also in a social way (aka as a fedi profile)?
I've run into a few roadblocks with mine and I could really use some inspiration
UPDATE: thank you for all the superb recommendations. I don't think I need any more, I got a clear picture of what I need to do. I'll share more about this soon... Now I need to take my little one to the park
#Wordpress #ActivityPub #selfhosting
WordPress-Plug-in SureForms: Sicherheitslücke gefährdet 200.000 Webseiten
Wer in den eigenen WordPress-Instanzen das Plug-in SureForms einsetzt, sollte updaten: Eine Sicherheitslücke erlaubt die Übernahme.
@Crell @alina it's not ignorance.
It's the fact that #PHP is still a pain in the ass and that every software I know that uses it is a burning piece of shit when it comes to security and updates.
php
shite and they'd rather deal with #Java and #Tomcat than to ever touch it.And sadly I agree with them: Because php feels like #IIS Extensions but worse...
Vielleicht kann der @pfefferle das beantworten?
Warum werden manche Hashtags im Profil des Blogs richtig angezeigt und andere als unanklickbarer Normaltext?
Vielleicht kann ja auch jemand anderes helfen?