How To Stop XML-RPC Attacks While Allowing Jetpack & VaultPress Access

Folks in the WordPress space have been following the XML-RPC Quadratic Blowup attack fairly closely these last few weeks, as the attack has the capability to cripple sites running an unpatched version of WordPress within minutes, if not seconds. WordPress 3.9.2 (and 3.8.4 and 3.7.4) fixed the root problem, the vulnerability to the XML-RPC Quadratic […]

Fork Puppet(-WP)


My fellow 10upper Eric Mann recently authored a post entitled Just Ship Already in which he encouraged developers to (get this) just ship their code, already! Well, in the interest of doing just that, I’d like to announce a fork of Ryan McCue’s Puppet WordPress module. That’s Nice. Uh, What? Puppet is an awesome systems […]


Screen Shot 2014-03-10 at 7.52.39 PM

tl;dr version: I joined 10up in October, been very busy since. We just released a fancy-dance new plugin named PushUp Notifications. You should get in on it. Long version: I joined 10up last October as a Senior Systems Engineer and have been head-down in systems for some pretty large customers since then. Obviously, blog output […]

WordCamp St. Louis 2014

I’m speaking this afternoon at WordCamp St. Louis 2014 about making your whole* life easier with WP-CLI. My slide deck is available right here:

DradCast Episode #15: “A Maker Not A Fighter”

So I did a little thing last night with my buddies Brad and Dre. I think it went pretty well.

Theme Hook Alliance First Pass (1.0-draft)

After I published my previous post detailing the proposed Theme Hook Alliance, I decided to put virtual pen to virtual paper and started the themehookalliance project over on github. A couple of train rides later, I feel like I’m ready for folks to start commenting on it. So please, if this effort interests you in […]

Literal Barrage is Stephen Fry proof thanks to caching by WP Super Cache