Jetpack

Jetpack 3.5: Menu Management

Today we released Jetpack 3.5 which includes the ability to manage your site’s menus directly from WordPress.com as well as several bug fixes and enhancements.

Menu Management

With this version of Jetpack connected, you can manage your site’s menus directly from wordpress.com/sites. This adds to our growing list of centralized site management features such as automatic and bulk plugin updates.

Jetpack Menu Management

How to Update

Visit the Plugins page in your Dashboard and update Jetpack from there. Alternatively, update all your sites in bulk from wordpress.com/plugins/jetpack.

How to Install

You can install Jetpack by visiting our install page or by searching for it in your Plugins page on your dashboard.

Feedback

Please give us your feedback by leaving a comment and letting us know what you love or what you’d like to see in future updates. If you find any bugs or issues, please file a new issue on GitHub, create a new forum post, or simply contact our support team.

Posted in Releases | Tagged | 4 Comments

Jetpack 3.4.3: Coordinated Security Release

Jetpack 3.4.3 contains a critical security update and you should update your sites and any you help manage as soon as possible.

Background

Sucuri notified us of an issue where improperly escaped URLs were being generated by a number of high-profile WordPress plugins, including Jetpack and Yoast. We’ve worked with the WordPress Security Team to coordinate a release which is being pushed out to all users. By the time we published this post (6pm GMT, April 20, 2015), if you haven’t opted out of auto-updates, your sites will update themselves automatically.

The Vulnerability

The vulnerability Sucuri discovered would allow an attacker to send a WordPress user with administrative rights a link which could execute malicious JavaScript. The vulnerability was introduced in Jetpack 3.0 and to date we have no evidence of this being exploited. However, now that this update is public, it’s more likely that exploits may occur. To avoid a breach, you should update your site as soon as possible.

How to Update

We have prepared and shipped updates to all affected versions of Jetpack. Unless you’ve opted out, your sites should update automatically – please check your sites to confirm that Jetpack plugin has been successfully updated to one of these versions: 3.0.3, 3.1.2, 3.2.2, 3.3.3, or 3.4.3.

If not, please visit the Plugins page in your Dashboard and update Jetpack from there or update all your sites in bulk from wordpress.com/plugins/jetpack.

Note: Not all plugins affected by this issue will be auto-updating, some will be releasing updates separately. For that reason, we highly recommend that you make ensure that all your plugins are up-to-date as updates are released over the next few days.

We also recommend updating any other plugins you may have installed to their latest version – not all plugins will be automatically updating (like Jetpack)

Feedback

As always, we greatly appreciate your continued use and support of Jetpack and we sincerely apologize for the inconvenience this has caused.

We take the security of your sites extremely seriously so please feel free to get in touch with our support team, create a new forum post, or leave a comment on this blog post if you have any concerns or problems updating.

We’d also like to extend our huge thanks to the crew on the WordPress Security Team who worked around the clock – and across timezones and several plugin teams – to coordinate today’s release.

Posted in Releases | Tagged , | 1 Comment

Jetpack 3.4.2: Bug Fixes

 
Jetpack 3.4.2 includes a small number of bug fixes that previously required users to manually patch items in the plugin. Three of the issues were causing fatal errors in very specific circumstances (affecting less than 1% of our users). The fourth issue we addressed was related to JavaScript running unnecessarily on all admin pages, causing conflicts with other plugins and potential JavaScript errors.

This release is recommended for all users.

 

How to Update

Visit the Plugins page in your Dashboard and update Jetpack from there. Alternatively update all your sites in bulk from wordpress.com/plugins/jetpack.

 

How to Install

You can install Jetpack by visiting our install page or by searching for it in your Plugins page on your dashboard.

 

Feedback

Please give us your feedback by leaving a comment and letting us know what you love or what you’d like to see in future updates. If you find any bugs or issues, please file a new issue on GitHub, create a new forum post, or simply contact our support team.

 

Posted in Releases | Tagged , , | 1 Comment

Jetpack 3.4: Protect, Secure, and Simplify

With Jetpack 3.4, we’ve added new security features to protect your Jetpack-connected WordPress sites from bot net attacks. We’ve also taken some first steps to create a simplified interface for how you interact with Jetpack.

Your WordPress, Secured.

Brute force attacks are a growing concern for many website administrators. By integrating features from the WordPress plugin BruteProtect, Jetpack Protect can help you take control of site security and protect your site from this common attack vector.

jp-stats-3-4-retina-2

A Centralized Experience

Continuing Jetpack’s mission to bring feature parity between self-hosted WordPress sites and WordPress.com, you will soon be able to manage security features from either your site’s dashboard or a central interface on WordPress.com. Locked out of your site from too many failed login attempts? You can whitelist your IP address in WordPress.com.

jetpack-manage-security

Jump Start

With the click of a button, you can immediately boost performance, security, and engagement to jump start your site with a curated set of Jetpack modules.  This feature is tailored for those who are new to the plugin or new installation of Jetpack.

jetpack-jumpstart

 

How to Update

Visit the Plugins page in your Dashboard and update Jetpack from there. Alternatively update all your sites in bulk from wordpress.com/plugins/jetpack.

 

How to Install

You can install Jetpack by visiting our install page or by searching for it in your Plugins page on your dashboard.

 

Feedback

Please give us your feedback by leaving a comment and letting us know what you love or what you’d like to see in future updates. If you find any bugs or issues, please file a new issue on GitHub, create a new forum post, or simply contact our support team.

 

Posted in Releases | Tagged , , | 21 Comments

Jetpack 3.3: A Single Home for all your WordPress Sites

With the release of Jetpack 3.3 this week, we bring you a new centralized dashboard from which you can manage all your WordPress sites — both your WordPress.com and your Jetpack-connected sites, regardless of where they’re hosted.

 

All Your Sites. One Dashboard.

From day one, Jetpack’s mission has been to bring feature parity between WordPress sites hosted on WordPress.com and those hosted elsewhere. With this release, your Jetpack sites appear alongside those hosted on WordPress.com and enjoy the same user interface, management, and posting functionality.
1
See all your sites on a single page and know at a glance if Jetpack or another plugin requires an update. Search through multiple sites to easily identify the one you’re after.

 

Initiate plugin updates

2

Initiate plugin updates for a single site or for all your sites at once. When a plugin is out of date, you will see a notification right away. Turn plugins on or off with one click — per site or in bulk.

 

Automatic updates

5

Ensure you’re always running the latest version of Jetpack — or any other plugin — turn on auto-updates. Again, you can do this on a per-site basis or in bulk.

 

Centralized posting and mobile UI

4

Publish new posts to any WordPress.com or Jetpack site from the same editor available at WordPress.com/Post. We optimized everything from the ground up to work on all mobile and tablet devices. You can manage and post to your sites from anywhere, on any device, with a full-featured experience.

 

How to Update

Visit the Plugins page in your Dashboard and update Jetpack from there. Alternatively update all your sites in bulk from wordpress.com/plugins/jetpack.

 

How to Install

You can install Jetpack by visiting our install page or by searching for it in your Plugins page on your dashboard.

 

Feedback

Please give us your feedback by leaving a comment and letting us know what you love or what you’d like to see in future updates. If you find any bugs or issues, please file a new issue on GitHub, create a new forum post, or simply contact our support team.

 

Posted in Releases | Tagged , , , | 48 Comments

Jetpack 3.2: Speed Improvements and a Centralized Posting Experience

Last week we released Jetpack 3.2, bringing  you speed improvements and a centralized posting experience.

Speed Improvements

jetpack-3.2-graphs-related-posts-2

We’ve improved the caching mechanism for Related Posts. Previously, you’d have to wait up to 12 hours for the cache to flush and related posts to appear on newly-published posts. Now, it happens in just a few minutes!

jetpack-3.2-graphs-site-speed-2

We’ve also worked on speed improvements at the heart of Jetpack, including consolidating and streamlining CSS and reducing the number of resource requests Jetpack makes. Coupled with Photon, this makes your site load faster – just one of many planned performance enhancements in store for Jetpack.

A Centralized Posting Experience

newposting-3

With Jetpack connected, you can now publish posts to your self-hosted WordPress site with the same editor available on WordPress.com giving you one centralized place from where to publish content, irrespective of where your WordPress site is hosted. Additionally, the new editor works great on mobile and tablets (and desktops!).

To try it out, head over to wordpress.com/post and pick your site from the site picker on the top left of the editing window (after connecting and updating Jetpack).

How To Update

To update Jetpack, login to your WordPress Dashboard and update directly from the Plugins tab or download the plugin files and install manually.

Bug Fixes, Enhancements, and Feedback

There are also many minor enhancements and bug fixes with Jetpack 3.2. For full details, please see the change log.

Please give us your feedback by leaving a comment and letting us know what you love or what you’d like to see in future updates. If you find any possible bugs or issues, please file a new issue on GitHub, create a new forum post, or simply contact our support team.

Subscribe to our mailing list to get notified by email of new things coming soon from Jetpack.

Posted in Releases | 20 Comments

Jetpack 3.1: Portfolio Custom Post Types, a New Logo, and Much More

The latest Jetpack update adds exciting new features like additional JSON API endpoints and Custom Content Types — which includes the Portfolio Custom Post Type. And we’ve got a spiffy a new logo!

Custom Content Types

Custom Post Types (or CPTs) allow you to have content that doesn’t necessary fit into a post but isn’t right for a static page. Now, you can enable Custom Post Types via Jetpack. More and more CPTs are supported by themes on WordPress.com, making the ability to access this custom content critical if a user migrates to a self-hosted site.

Introducing the Portfolio Custom Post Type

custom-content-types

The Portfolio Custom Post Type gives you an easy way to manage projects you want to showcase on your site. It’s already supported by a number of themes, and more theme developers are planning on adding it.

If your theme doesn’t support it yet, enable the Portfolio Custom Post Type by activating the Custom Content Types module in your Jetpack settings. Then, enable the feature by going to Settings > Writing in your WordPress admin and checking the option under “Your Custom Content Types” to enable the Portfolio Custom Post Type.

You can then choose to display the portfolio using the portfolio shortcode ( [portfolio] ) or with a link to the portfolio in the menu.

New Jetpack Logo

Jetpack 3.1 also unveils a new Jetpack logo. Without further ado, here it is!

New Jetpack Logo

Why do we need a new logo? Glad you asked! Jetpack is ever-evolving and is a major part of Automattic and WordPress. It’s grown a lot since its introduction in 2011, and its branding should grow too. Something better, faster, stronger.

If you would like to use the new logo, you can find the official PDF on the Automattic press page.

Features for Theme Developers

If you are theme developer — or just like to tinker with your theme — you’ll enjoy Jetpack 3.1’s additions

First off, we’ve added responsive video support! One of the things that is often overlooked when developing a responsive theme is making videos responsive. To add support to your theme, just add the following line to your theme’s functions.php file.

<?php add_theme_support( 'jetpack-responsive-videos' ); ?>

This ensures that any videos are responsive, no additional markup or special coding required. It just works! Every video on your site will display just as nicely on mobile devices as they do on your largest display.

We’ve also updated to the most recent version of Genericons (3.1). For specific changes, please see the Genericons releaselog.

Features for Plugin Developers

For sites that opt in, we’re also adding additional JSON API endpoints that allow you to manage themes and plugins as well as Jetpack feature activation. If you’ve not yet explored the WordPress.com JSON API, you can do so online at the WordPress.com developer console.

More Updates to the Jetpack Admin Interface

Jetpack 3.0 dramatically overhauled the Jetpack admin interface. Thanks to your feedback, 3.1 makes new design even more user friendly and accessible! Now, you can activate, configure, and deactivate Jetpack features right in the feature description box. Manage the feature with a single click and configure its settings without backing out of the description.

We also improved the RTL support for many Jetpack features. With WordPress and Jetpack used globally, this makes it easier for people who use languages that read from right to left to better use these features.

And so much more!

As always, there are many minor enhancements and bug fixes with Jetpack 3.1. For full details, please see the change log.

We value your feedback, so please comment and let us know what you love, and what you’d like to see in future updates. If you find any possible bugs or issues, please file a new issue on the Jetpack GitHub page, create a new forum post, or simply contact our support team.

Posted in Releases | 21 Comments

Jetpack 3.0: Now landing at a blog near you

What good are dozens of features if they’re hard to find and use? Welcome to Jetpack 3.0, with a completely overhauled admin interface that makes configuring and managing Jetpack quick, easy, and fun. (Yes, fun!)

Jetpack Dashboard

The new Jetpack Dashboard provides a quick overview of all Jetpack’s powerful features — sort by category, alphabetical order, or by newest additions to get right to the one you’re interested in.

Jetpack 3.0 Dashboard

Interested in a feature, or not sure what it does? Click on the title for a description and related information:

Jetpack 3.0 Related Posts Modal

Jetpack Settings

Head over to the new Settings page to see all the available features. The updated Settings page contains much-requested bulk activate and sorting features. Wondering how to configure a feature? Hover your mouse over any enabled feature to pull up a configuration link:

Jetpack 3.0 Settings

Site Verification Tools

Verifying your site ownership with services like Google, Microsoft’s Bing, and Pinterest can be an experience in frustration. Jetpack 3.0 adds a Site Verification Tools module — just register with any of the available services (links are provided on the feature’s configuration page), drop in the provided key, and presto! Site ownership verified. Read more about it!

And many more!

There are many more minor enhancements and bug fixes with Jetpack 3.0. (Too many to list here!) For full details see the change log.

As always, we’re continually striving to make the Jetpack experience more streamlined and enjoyable. We would love to hear what you think of the new user interface:  what do you like? What would you love to see in the future? Leave us a comment below!

Posted in Releases | Tagged | 28 Comments

Jetpack 2.9.3: Critical Security Update

Jetpack version 2.9.3 contains a critical security update, and you should update your site and any you help manage as soon as possible. You can update through your dashboard, or download Jetpack manually here.

During an internal security audit, we found a bug that allows an attacker to bypass a site’s access controls and publish posts. This vulnerability could be combined with other attacks to escalate access. This bug has existed since Jetpack 1.9, released in October 2012.

Fortunately, we have no evidence of this being used in the wild. However, now that this update is public, it’s just a matter of time before exploits occur. To avoid a breach, you should update your site as soon as possible. (The vulnerability has been disclosed on the MITRE Common Vulnerabilities and Exposures system as CVE-2014-0173.)

This is a bad bug, and Jetpack is one of the most widely used plugins in the WordPress world. We have been working closely with the WordPress security team, which has pushed updates to every version of the plugin since 1.9 through core’s auto-update system. We have also coordinated with a number of hosts and network providers to install network-wide blocks to mitigate the impact of this vulnerability, but the only sure fix is updating the plugin.

Over the next few hours, we will reach out to individuals whose sites are still running an insecure version. Sites that don’t update may be disconnected from the Jetpack service for their own security, and will be able to reconnect as soon as their version of Jetpack is updated.

If you host a large number of Jetpack-powered blogs, please leave your contact information in the comments so we can be in touch in the future. We have prepared and shipped point releases for all eleven vulnerable branches of the Jetpack codebase: 1.9.42.0.6, 2.1.4, 2.2.7, 2.3.7, 2.4.4, 2.5.2, 2.6.3, 2.7.2, 2.8.2, and 2.9.3. If you can force these upgrades for your hosted users, it will prevent their sites from being compromised.

Finding and fixing bugs is a key part of software development. I can’t promise there will never be another issue like this, but I can promise that when a problem is found we will do everything in our power to protect as many people as possible, as quickly as possible. We care deeply about each and every WordPress user.

Posted in Releases | Tagged , | 92 Comments

Jetpack 2.9

Jetpack 2.9 is out! We’ve got a few exciting new additions — Multisite support, a Related Posts module, and a more secure Single Sign On — along with many smaller improvements and bug fixes.

Manage all your Multisite connections with one login

Logging in to each blog on a Multisite network to connect and configure Jetpack can be time consuming. Now, you can administer them all from one master account. When network-activating Jetpack, you’ll see a new Jetpack > Settings tab in your Network Admin. From here, you can manage all your blogs’ connections, control whether individual blog admins can reconnect with their own account, and designate which Jetpack modules are activated by default.

Make your site stickier with Related Content

The Related Posts module encourages your visitors to stick around longer by displaying links to additional content on your site related to what they’re currently viewing. Usually, analyzing website content to suggest relations eats up precious server resources. By utilizing the power of WordPress.com, the Related Posts module gives visitors more of what they came for while keeping your server resources freed up.

Sample Related Posts

More security with Single Sign On

The Single Sign On module already gives you peace of mind against compromised user accounts because WordPress.com handles all the authentication for you — your site never touches the user’s private credentials. This release takes security a step further by giving site administrators the ability to require users to have Two-Step authentication enabled on their WordPress.com account before they can log in.

Posted in Releases | Tagged , , , , , | 47 Comments
Follow

Get every new post delivered to your Inbox.

Join 68,290 other followers