According to Donncha O Caoimh a new version of WP Super Cache is available.
This release addresses some issues large or busy sites had with deleting expired cache files. Some sites generated so many cache files that there were two [sic] many files generated, even when those files were cleared out every hour. To fix that I limited the recursive function that deletes the files to 100 deletions at a time. That function is called until all the cache files are deleted (or strictly speaking, no files are deleted. That’s how …

According to Mark Jaquith:
Subscribe to Comments puts a checkbox in your comments form that, if checked when leaving a comment, will e-mail that commenter all followup comments on that post.
This is great news for those using WordPress.com. It should help increase the number of comments, and increase discussion because of comments. Great Work!

Although this is not a direct WordPress vulnerability, it is a severe vulnerability that webmasters should be aware.
A new paper out this week details the exploit of MD5 and Certificate Athorities (CA). What makes this such a scary and threatening attack is the use of MD5 to secure a website identity. Using the HTTPS protocol, web surfers verify the identity of secure sites by checking for the lock icon and the use of HTTPS in the web address.
Using this exploit, an attacker can fake the authenticity of a website by …

WordCamp Whistler is coming January 24th, 2009 in Whistler BC, Canada. It will be held at the Fairmont Chateau Whistler.

WordCamp Indonesia coming January 17th – 18th, 2009. Read More…

WordCamp Las Vegas will be held January 10th and 11th, 2009. Read More…

WordPress Hacker
I have recently come across a series of posts regarding the elusive task of securing a WordPress installation. I was curious about how this works, and wondered why this would be needed since the WordPress development community does a fantastic job of release security updates to prevent attacks on millions of blogs run by the publishing software.
In reading on this subject, I found a website called wordpresssecured.com. I thought to myself how odd it would be for millions of people to be using an unsecure code set to run …