January 28, 2016 | Posted by Rachel Gillevet | Security

How WiredTree Tackled The Recent Spate of cPanel Vulnerabilities

How WiredTree Tackled The Recent Spate of cPanel Vulnerabilities

Turns out there’ve been some pretty severe cPanel vulnerabilities floating around the wild. At least, that’s what a look at cPanel’s recent update announcement seems to indicate. According to a post over on the official cPanel Forums, the company last week released a series of updates which provide ‘targeted changes to address security concerns with the cPanel & WHM Product.’ Although more details are expected to surface later today, the vulnerabilities targeted by the updates range from a 2.1/10 all the way up to a 10/10 on the severity scale. Read More →

January 21, 2016 | Posted by Rachel Gillevet | Webmasters

Can CSS Be A Security Vulnerability For Web Applications?

Can CSS Be A Security Vulnerability For Web Applications?

When building web applications that accept user input  — especially if we allow users to include HTML — we’re acutely conscious of the potential risks. Hackers are ever alert for opportunities to embed code that can be used to carry out cross-site scripting attacks or SQL injection attacks. Our response is to rigorously sanitise input to remove anything that might put users or the app at risk. Read More →

January 19, 2016 | Posted by Rachel Gillevet | CMS

Drupal 8 Is Finally Here!

Drupal 8 Is Finally Here!

Drupal users yearning for the release of Drupal 8 are used to disappointment. First mooted in 2012 with an expected delivery date of late 2013, it’s been a long and hard road, but Drupal 8 is finally here. Sporting over 200 new features, I’m not going to say Drupal 8 was worth the wait, but its arrival is certainly welcome.

If you’re not familiar with Drupal, it’s a PHP-based CMS that was designed from the ground-up to support complex publishing scenarios. Drupal powers around 2 percent of the web, which is a far cry from WordPress’ 25 percent, but Drupal and WordPress are very different beasts. Drupal is suitable for all types of sites, but it’s particularly good for enterprise sites and other large-scale publishing ventures. A number of very high-traffic sites, including Whitehouse.gov, MTV, and The Economist are powered by Drupal. Read More →

January 18, 2016 | Posted by Rachel Gillevet | Monthly Roundups

2015’s Best Design, Development, and Security Content

2015’s Best Design, Development, and Security Content

For our first roundup of 2016, we went back and found some of our favorite posts from 2015. From the U.S. government releasing its own set of web design standards to the web celebrating its 25th birthday, it was a busy year with a ton of important content. If you think we missed some outstanding articles from the year that was, we’d love to hear your favorites in the comment section below. So without further ado, enjoy this roundup of 2015’s best and don’t forget to follow us on Twitter, Facebook, and Google+ for the same great content in 2016! Read More →

January 14, 2016 | Posted by Rachel Gillevet | Wordpress

Mobile-Specific WordPress Sites Are Obsolete

Mobile-Specific WordPress Sites Are Obsolete

Not that long ago, mobile browsers had a fraction of the functionality of their modern descendants. Mobile devices seemed wonderfully advanced, but they were a joke compared to even the least expensive smartphones of today. Web technology wasn’t up to the task of providing mobile users with a positive experience. Publishers and eCommerce merchants worked around the lack of functionality by creating so-called m-dot pages. Read More →