Author: Robin Labadie (LRob)
What's new in Nextcloud 30?
Like every 6 months, Nextcloud has just released its new major version. The official release notes are rather limited, and no one wants to read the complete changelog... With 2,363 changes cumulated on Nextcloud 30.0.0 and 30.0.1. Fixes, new features, enhancements, dependency updates and so on. It's all quite complex to analyze and summarize. Fortunately, ChatGPT can summarize it all for us (over 2,400 lines of text and 172,879 characters). So to save you hours of your life, here's the ChatGPT summary of what you need to know from the Nextcloud 30 changelogs...
WordPress vs WP Engine conflict: ACF becomes Secure Custom Fields
The conflict between WordPress founder Matt Mullenweg and WP Engine continues to rock the WordPress community. The latest development in this affair concerns a major ecosystem plugin: Advanced Custom Fields (ACF). Since October 12, 2024, ACF has been entirely replaced on the official WordPress.org directory by Secure Custom Fields (SCF), a fork put in place by the WordPress security team. The official announcement was made via a blog post on WordPress.org. Here's what you need to know. A change officially motivated by security In a post published on October 12, 2024, Matt Mullenweg...
For the first time, an LRob IP has been blacklisted
Seeing an IP blacklisted is part and parcel of life as a web host, a daily occurrence for the biggest and most permissive ones. Nevertheless, this is a first for LRob in its 10 years of existence! The more positive among you will say that this is the ransom of glory... Inevitably, as the volume increases, so does the risk of unauthorized activity on a site. The most critical will cause a scandal. Whatever the case, at LRob we're committed to transparency. So we're here to answer all your questions. What happened and what solutions are we implementing? Here are the answers. Find out...
LRob Documentation: Migrating from MediaWiki to WordPress
Replacing a wiki with WordPress: a simpler solution for documentation At LRob, documentation management is essential, but until recently it was handled by MediaWiki. While this tool is effective for collaborative projects, it becomes cumbersome and complicated to manage when you're alone writing and maintaining documentation. It was while working on a WordPress site with numerous pages used as categories that the idea came to me: why not use WordPress to manage documentation, without any additional plugins? Why switch to WordPress? WordPress, which runs www.lrob.fr, offers...
LRob now contributes to malicious IP reporting with AbuseIPDB
For a long time, I've been looking for a way to effectively exploit the hacking data blocked by my servers. And as a WordPress hosting specialist, believe it or not, I thwart hundreds if not thousands of hacking attempts every day (and regularly repair hacked WordPress sites from other hosts). Intrusion attempts are constant, but thanks to security systems such as Fail2ban, attacks are automatically stopped before they cause any damage. However, beyond simply protecting my systems and customers, I wanted to go further: share this information and make the Internet more secure...
Blacklists (RBL): SPFBL.net's outrageous practices
Not all blacklists are created equal. And SPFBL is an example not to be followed. Don't use this blacklist and don't give in to its pressures.
WordPress vs WP Engine conflict: analysis of the drama
The world of WordPress, which powers over 40 % of the world's websites, is in turmoil. At the center of the conflict are two major players in the ecosystem: Matt Mullenweg, founder of WordPress and CEO of Automattic, and WP Engine, one of the leading hosting companies for WordPress. This confrontation, which has taken on legal proportions, raises crucial questions about control of the WordPress brand, open source, and the governance of one of the web's most influential projects. Here's a detailed analysis of the case and what's at stake. Background: WordPress and WP...
Critical security flaw in CUPS on GNU/Linux September-October 2024: What you need to know
A quadruple critical security flaw has just been discovered in CUPS for all GNU/Linux systems. This article will be updated with the new information, to provide you with a simple and effective summary of what you need to know and do. UPDATE 09/29/2024: These vulnerabilities only concern CUPS, so very few servers are affected, unless you have printers in your datacenter...! This article has been rewritten accordingly. A critical flaw: what do we know? Security researcher Simone Margaritelli discovered this set of vulnerabilities at the beginning of September....
Best practices for your WordPress contact forms
Contact forms are essential for acquiring customers. Yet a number of these forms are poorly configured and fail to forward prospect requests...
Back to school for adults 2024: New products and special offers from LRob
💥New offers & up to -30% in September 💥Boost your back-to-school! All the details 👇 In September, adults go back to school too! And it's been exactly 1 year since I left my CDI to focus totally on the LRob business. So it's time to mark the occasion. September's schedule is packed, so let's get down to business. ⭐ What's new ⭐ 🟢 Migration to LRob can now be ordered from the LRob portal! With 3 service levels available from €120 to €499 (the latter allows the migration of 50 overnight mailboxes!). 😎...
Increase in URSSAF contributions for 2025 (AE/EI)
Since July 1, a decree dated May 30, 2024 has set the increase in contributions for 2025 for BNC (and Cipav). For better social protection. Auto-entrepreneurs (and EI): get ready. As indicated in this first news item: This concerns auto-entrepreneurs affiliated to the general Social Security scheme and declaring their sales in the BNC category. The aim is to guarantee their supplementary pension rights. Source : autoentrepreneur.urssaf.fr An e-mail from URSSAF on August 28 provides information on changes in the overall contribution rate. This confirms the information given on July 10 on the official website. Summary of...
Critical security flaw in the LiteSpeed Cache WordPress plugin: 5 million sites affected
On August 19, 2024, a critical vulnerability was identified in the LiteSpeed Cache plugin, used by over 5 million WordPress sites. This flaw allows an unauthenticated attacker to impersonate an administrator, compromising the full integrity of the site. Technical details The flaw was discovered by WordFence. It affects all versions of the LiteSpeed Cache plugin up to version 6.3.0.1. By exploiting a bug in the role simulation function, an attacker can use a hash to impersonate an administrator. Once this hash has been obtained, he can create a...
From self-taught to WordPress host: 12 years of passion summed up 🚀
In 2012, I created a geek community. I wanted to host it myself on Linux servers. Because everyone knows that a server worthy of the name is necessarily Linux-based! I was unknowingly entering my true vocation: sysadmin 🌱 📷 Photo by Manon Laterza - 2012 - I manage my servers, my friends play pétanque next door. 😂 The beginning In 2012, we needed: a website (initially a forum), a voice server and game servers. I'd been a computer geek for 10 years, and was the only one of the 25 people...
Free LRob migration in August!
Is your site too slow? Insecure? Are you wasting time managing it? ▶️ Migration to LRob is free during the month of August! 👌 Working in the middle of August instead of drinking Mojitos in Ibiza? 🍸Taking advantage of the lull to get organized and improve? 💪 Get rewarded at last! 🥇 👉 For all LRob annual hosting subscriptions, migration of your sites and emails is free! The migration is complete and includes:✅ Smart DNS changes for seamless migration✅ File and database migration...
Apache web server vulnerability affects millions of servers
The Apache HTTP server is one of the most widely used web servers in the world. However, like all software, it is not immune to vulnerabilities. And beware, it's a double vulnerability. On July 4, a critical security flaw was discovered, affecting Apache version 2.4.60. This flaw is rated CVE-2024-39884. The flaw allows the source code of PHP files to be disclosed. This is absolutely critical, as these files may contain, for example, database passwords or confidential proprietary code. A patch has therefore been released in version 2.4.61 of the server...
![[Solved] o2switch customers targeted by insidious WordPress hack - UPDATE: Hosting company's exemplary handling of the situation](https://www.lrob.fr/wp-content/uploads/2024/07/hack-de-sites-wordpress-chez-o2switch-et-autres.png?x99260)
[Solved] o2switch customers targeted by insidious WordPress hack - UPDATE: Hosting company's exemplary handling of the situation
Identification & causes: everything you need to know 👇 Last week, on LinkedIn, I revealed a hack that was apparently widespread among owners of WordPress sites hosted by o2switch. As a WordPress security expert, and thanks to an investigation with a few affected and unaffected colleagues, we were able to find out more. UPDATE 07/31/2024 - In summary According to an internal source, the hosting provider is not really to blame. The hypothesis of insufficient maintenance of the hacked sites thus remains the preferred one. Again according to this internal source, the means put in place by the host to determine the precise origin of this...
10 criteria for the best WordPress webmaster in 2025
How do you know who to trust with your site? Discover the 10 fundamental criteria to avoid making a mistake.
Don't just use "digital" any old way!
The word "DIGITAL" is obsolete and misused! ⚠️ Let's do better 👇