Hello World Web Hosting & Domains

05/23/2026

This is what being a web hosting running cPanel has been like for the last 10-ish days...

Yes, there have been a string, a LONG string, of vulnerabilities reported/discovered. The good news is cPanel has been quick to release security patches.

At the same time, it's caused a lot of us to rethink what hosting panel we offer. Especially since a cPanel license often costs more than the server itself.

05/22/2026

7.0 in 7 Minutes

WordPress 7.0 is here with the baked in foundation for AI Connectors. It's a milestone moment for the software and I look forward to see how the CMS evolves ...

05/22/2026

WordPress 7.0 is a *major* release. Major releases always come with early bugs. I recommend waiting a week or three before updating, unless you REALLY need the new features.

The admin and dashboard have been redesigned. It might be a little jarring if you update then plan to make a quick post, and things are not where they used to be.

There's also -
* Block editor updates
* New collaboration features
* AI features included in the Core. It can be disabled.

Before you update the WordPress Core, update plugins and themes, and check them for compatibility with WP 7.0.

Build the navigation you’ve always wanted. Drop in a pattern, adjust it like a single block. Show the right content to the right screen. Connect the AI tools you already use. WordPress 7.0 hands you more of the controls, and trusts you to use them. Early access: real-time collaboration Work togeth...

05/19/2026

The pros and cons of XML-RPC in WordPress.

When deploying WordPress in a production environment, every enabled feature should be evaluated for its security and performance implications. By default, Wo...

05/17/2026

May 14, 2026 By Amy Kamala in Development, General, Releases WordPress 7.0 Release Candidate 4 The fourth Release Candidate (“RC4”) for WordPress 7.0 is ready for download and testing! This version of the WordPress software is under development. Please do not install, run, or test this version o...

05/10/2026

With cPanel – I just got recognized as one of their top fans! 🎉

05/01/2026

It's been an interesting week in the world of cPanel web hosting. Make sure your web host has upgraded to a fixed version, change your passwords and enable 2FA, and check your websites for any signs of exploits or malware.

From Rapid7.com -
"On April 28, 2026, cPanel issued a security update to fix a critical vulnerability affecting the cPanel & WHM and WP Squared products.

In the cPanel release notes, the bug was described as "an issue with session loading and saving." CVE-2026-41940, the identifier subsequently assigned on April 29, 2026, has a CVSS score of 9.8 and allows unauthenticated remote attackers to bypass authentication and gain unauthorized administrative access to the affected systems. First-party cPanel & WHM and WP Squared vendor advisories are available."

https://support.cpanel.net/hc/en-us/articles/40073787579671-Security-CVE-2026-41940-cPanel-WHM-WP2-Security-Update-04-28-2026

Latest Article Changes:05/01/26 11:52AM CST: An updated version of the detection script has been added. This addresses scenarios where false positives were being detected. 05/01/26 08:05AM CST: Tem...

03/29/2026

https://www.wordfence.com/blog/2026/03/800000-wordpress-sites-affected-by-arbitrary-file-read-vulnerability-in-smart-slider-3-wordpress-plugin/?utm_campaign=Wordfence%20Intelligence%20Marketing&utm_medium=email&_hsenc=p2ANqtz-8BLpmbH0SpcxblAtUrR0ZHV-J70QByXxwtpEy3k-hUkRQRqQSgwZc3_2pMjo8kXwrQ2X0X6wMo9T5Q2ttGxN-C1tUSlg&_hsmi=410779219&utm_content=410779219&utm_source=hs_email

On February 23, 2026, we received a submission for an Arbitrary File Read vulnerability in Smart Slider 3, a WordPress plugin with an estimated more than 800,000 active installations. This vulnerability makes it possible for an authenticated attacker, with subscriber-level permissions or higher, to....

03/20/2026

"Starting March 12, 2026, SSL certificates issued by any Certificate Authority will last 200 days — a little under 7 months — instead of a full year. This is an industry-wide change that applies to everyone, everywhere. Certificates you already have will keep working until they expire, and new automation tools are on the way to make each reactivation seamless."

Starting March 12, 2026, SSL certificates issued by any Certificate Authority will last 200 days — a little under 7 months — instead of a full year. This

03/18/2026

Last week did a series of back-to-back maintenance and security updates. Links to each individual update and it's specifics in the comments.