Lots of action in this update (especially since I missed last week’s).
- Site email – I discovered that automatic email notifications were exceeding my mail service’s quota, which sometimes caused delays in my receiving feedback. That’s been addressed, and I should hear from you more quickly and reliably.
Login security – I enabled a small – but I think important – security improvement on the login screen. Normally, if someone enters the wrong login information, WordPress will say either there is no user by that name, or that the password for the (correctly entered) username is wrong. This is a bad security practice, and I’m amazed that WordPress has this as the standard behavior. The reason it’s bad is because it gives brute force login attempts more information than they should get: it tells them which user IDs are valid (and worth trying to guess passwords for), and which aren’t (so they don’t waste time trying to guess those). The fix simply blanks out that message, which is admittedly less user-friendly, but the security improvement is significant.
New & updated plugins
- New sites – Last but certainly not least, we’ve added four new sites to the network. Several of them are still getting set up or kicking the tires, but one that’s wasted no time at all is CornynStakeout.com. Targeting one of the terrible senators right here in my own Lone Star State, I’m proud to have helped this site’s creator get this site live quickly and easily. It was mentioned by the national Indivisible Team on Twitter today, and has had about 3,000 unique visitors since then.