Whether you have an eCommerce store, write about your favorite topics online, or promote services on your site, backups are absolutely critical. They provide incredible peace of mind — if your WordPress site is ever hacked or if it goes down for any reason, you can quickly and easily restore it in full.
Until now, Jetpack has offered daily backups as an option for site owners. And while this is a great step to protect your site, Jetpack’s real-time backups are the best way to get complete peace of mind. They save a copy of your site each and every time a change is made — a page is updated, a post is added, a setting is tweaked, or a product is purchased — all behind the scenes without requiring you to lift a finger. That way, you know that you’ll never lose a second of your hard work or a single customer order.
And we believe so strongly that every WordPress site should have real-time backups that we’re making them even more affordable and accessible.
That’s why we’re now including real-time backups in each of our Backup and Security plans.
Continue reading → Never Miss a Moment: All Backups Are Now Real-time
Jetpack 10.2 is now available for download. We have some cool new features for you along with several bug fixes and performance enhancements.
Continue reading → Jetpack 10.2: Get More Widget Visibility Controls
Versions before 4.5.1 of the Software License Manager plugin for WordPress have an exploitable Cross-Site Request Forgery (CSRF) vulnerability. Any user logged in to a site with the vulnerable extension can, by clicking a link, be tricked to delete an entry in the plugin’s registered domain database table. The link can be distributed in an email, or on a website the victim user is likely to visit.
The good news is, there’s not much else that can be done by exploiting this weakness. And the attacker needs to know the id of the domain they wish to delete from the database beforehand.
Still, we recommend anybody running version 4.5.0 or earlier of the plugin to upgrade as soon as possible.
Continue reading → CSRF Vulnerability Found in Software License Manager Plugin
Recently the Jetpack team found some infected files in one of our hosted customers’ sites, and quickly traced the source of infection back to the Workreap theme by Amentotech. We started an investigation and uncovered a number of vulnerable AJAX endpoints in the theme; the most severe of these was an unauthenticated unvalidated upload vulnerability potentially leading to remote code execution and a full site takeover.
We reported the vulnerabilities to the Amentotech team via the Envato Helpful Hacker program, and the issues were addressed promptly by them. Version 2.2.2 of the theme was released on June 29, 2021 that fixes the found vulnerabilities.
Due to the seriousness of the vulnerabilities, we highly recommend all users of the Workreap theme to upgrade to version 2.2.2 or later as soon as possible.
Download the upgrade from the theme website and install it manually, or upgrade automatically via the Envato market plugin.
Continue reading → Multiple vulnerabilities in Workreap theme by Amentotech
We’ve got quite the release for you this month! Jetpack 9.5 provides personal recommendations for your site, improves your findability with free SEO tools, and gives your visitors a better search experience. Bonus: the WordPress mobile app was recently updated and now includes Jetpack tools helping you to protect your site from anywhere. Let’s get to it!
Continue reading → Jetpack 9.5: Level up your site with custom recommendations
Jetpack 9.2 is now available. Give the latest version a try, by installing Jetpack or updating your existing installation.
Continue reading → Jetpack 9.2: Ready for WordPress 5.6
In August, developers’ lives got a lot easier when official WordPress images certified by Bitnami and Automattic became available on Amazon Web Services.
Now, you can also find official WordPress images on the Google Cloud Platform (GCP)! Automattic (the folks behind Jetpack, WordPress.com, WooCommerce, and more) partnered with Bitnami to provide a straightforward, secure way to use WordPress and Jetpack on GCP.
Continue reading → Get WordPress Bundles for the Google Cloud Platform Through Bitnami
At Jetpack, our Happiness Engineers are usually busy supporting our customers to ensure that they have everything they need for a successful website — but we interrupted one of them for an inside look at Jetpack and some valuable tips and tricks.
Meet Joen, a Jetpack Happiness Engineer who grew up in Viking territory but now works remotely under the sunshine and blue skies of southern Spain.
Continue reading → Meet Joen from Jetpack: A Connoisseur of Sunshine and WordPress
One of WordPress’s biggest benefits is plugins, which let you expand your site’s functionality to meet your exact needs. There are no limits to the type or number of plugins you can install and activate on your WordPress website — there are currently thousands available in the WordPress repository.
But with this unlimited flexibility comes responsibility, since each new plugin introduces its own set of potential issues, from site slowdowns to crashes and compatibility issues. With a little knowledge and a little Jetpack, you can resolve the three most common challenges — or prevent them from happening in the first place.
Continue reading → How to Avoid Common WordPress Plugin Problems with Jetpack
Continue reading → How Does a Blog Help Boost Your SEO?