Secure WordPress upgrades

I’m sure that like a lot of bloggers out there, you’re using WordPress to power your blogs. And because WordPress is now the de facto choice for self–hosted blogging apps, it is now a favorite target for various security attacks. It’s like every ill–willed hacker is busy trying to find vulnerabilities in it.

The recent news of a fake WordPress site distributing a backdoored and fake WP 2.6.4 version is a significant concern for all users of the application. However, it seems that someway, somehow, someone will find a way to maliciously exploit WordPress. Here are some tips to avoid exposing yourself to problems like this:

  • Upgrade the application as often as there are new versions. This includes even point releases that may seem unnecessary, updates are there for a reason.
  • Download only from This becomes even more important if you can hardly understand code. Get your updates from legitimate sources only.
  • Only use trustworthy themes and plugins. Now this is not exactly easy, but knowing where to get them is half the battle. Always start your search from WordPress Extend and reliable third–party sources like WTC.
  • Update your plugins. And themes too. As everyone tries to make WordPress useful to others, some tend to release not–too–ready code. Some of these introduce vulnerabilities, but are typically updated prompty. Don’t forget to upgrade.
  • Deactivate unused plugins and delete them. Unused plugins do nothing, and they just increase the load WordPress puts on your server processes. The less plugins, the better. And make sure you delete them, even deactivated plugins can be executed without you knowing it!

Now those are just some tips to keep in mind. If you have other reminders for fellow WordPress users, share them by leaving a comment.

CrossSlide: Image slideshows in JQuery

DHTML/Javascript has always lagged compared to Flash when it comes to image slideshows. For some reason, Flash just handles the transitions and image handling better. I guess this can be attributed to Flash’s animation roots. But there are some Javascript–based slideshows that manage to do a decent job — Smoothgallery is one of them. Now comes CrossSlide, a JQuery plugin that pushes the limits of DHTML–based slideshows. What used to be almost exclusive to Flash like the Ken Burns effect, it can do it too! It can do smooth transitions, panning, and zooming.

Some caveats though: CrossSlide is more CPU–intensive compared to other similar implementations. This downside is somewhat negligible considering today’s multi–core processors, but it’s good to know about it’s limitations.

Jcrop: Crop images with JQuery


Jcrop is a JQuery plugin that easily gives you image cropping functionality in your web apps. It works in major browsers and since it utilizes the widely–adopted JQuery framework, should work fine in future browsers as well.

Image charts using PHP


pChart is a PHP library that will help put nice graphical charts in your applications. And the best thing about pChart is that it’s free unlike other similar solutions. Another advantage is the quality of the generated graphs that puts non–free solutions to shame.

I’m sure this will come in handy for future PHP projects.