Jetpack

Jetpack 3.5: Menu Management

Today we released Jetpack 3.5 which includes the ability to manage your site’s menus directly from WordPress.com as well as several bug fixes and enhancements.

Menu Management

With this version of Jetpack connected, you can manage your site’s menus directly from wordpress.com/sites. This adds to our growing list of centralized site management features such as automatic and bulk plugin updates.

Jetpack Menu Management

How to Update

Visit the Plugins page in your Dashboard and update Jetpack from there. Alternatively, update all your sites in bulk from wordpress.com/plugins/jetpack.

How to Install

You can install Jetpack by visiting our install page or by searching for it in your Plugins page on your dashboard.

Feedback

Please give us your feedback by leaving a comment and letting us know what you love or what you’d like to see in future updates. If you find any bugs or issues, please file a new issue on GitHub, create a new forum post, or simply contact our support team.

Posted in Releases | Tagged | 18 Comments

Jetpack 3.4.3: Coordinated Security Release

Jetpack 3.4.3 contains a critical security update and you should update your sites and any you help manage as soon as possible.

Background

Sucuri notified us of an issue where improperly escaped URLs were being generated by a number of high-profile WordPress plugins, including Jetpack and Yoast. We’ve worked with the WordPress Security Team to coordinate a release which is being pushed out to all users. By the time we published this post (6pm GMT, April 20, 2015), if you haven’t opted out of auto-updates, your sites will update themselves automatically.

The Vulnerability

The vulnerability Sucuri discovered would allow an attacker to send a WordPress user with administrative rights a link which could execute malicious JavaScript. The vulnerability was introduced in Jetpack 3.0 and to date we have no evidence of this being exploited. However, now that this update is public, it’s more likely that exploits may occur. To avoid a breach, you should update your site as soon as possible.

How to Update

We have prepared and shipped updates to all affected versions of Jetpack. Unless you’ve opted out, your sites should update automatically – please check your sites to confirm that Jetpack plugin has been successfully updated to one of these versions: 3.0.3, 3.1.2, 3.2.2, 3.3.3, or 3.4.3.

If not, please visit the Plugins page in your Dashboard and update Jetpack from there or update all your sites in bulk from wordpress.com/plugins/jetpack.

Note: Not all plugins affected by this issue will be auto-updating, some will be releasing updates separately. For that reason, we highly recommend that you make ensure that all your plugins are up-to-date as updates are released over the next few days.

We also recommend updating any other plugins you may have installed to their latest version – not all plugins will be automatically updating (like Jetpack)

Feedback

As always, we greatly appreciate your continued use and support of Jetpack and we sincerely apologize for the inconvenience this has caused.

We take the security of your sites extremely seriously so please feel free to get in touch with our support team, create a new forum post, or leave a comment on this blog post if you have any concerns or problems updating.

We’d also like to extend our huge thanks to the crew on the WordPress Security Team who worked around the clock – and across timezones and several plugin teams – to coordinate today’s release.

Posted in Releases | Tagged , | 3 Comments

Jetpack 3.4.2: Bug Fixes

 
Jetpack 3.4.2 includes a small number of bug fixes that previously required users to manually patch items in the plugin. Three of the issues were causing fatal errors in very specific circumstances (affecting less than 1% of our users). The fourth issue we addressed was related to JavaScript running unnecessarily on all admin pages, causing conflicts with other plugins and potential JavaScript errors.

This release is recommended for all users.

 

How to Update

Visit the Plugins page in your Dashboard and update Jetpack from there. Alternatively update all your sites in bulk from wordpress.com/plugins/jetpack.

 

How to Install

You can install Jetpack by visiting our install page or by searching for it in your Plugins page on your dashboard.

 

Feedback

Please give us your feedback by leaving a comment and letting us know what you love or what you’d like to see in future updates. If you find any bugs or issues, please file a new issue on GitHub, create a new forum post, or simply contact our support team.

 

Posted in Releases | Tagged , , | 1 Comment

Jetpack 3.4: Protect, Secure, and Simplify

With Jetpack 3.4, we’ve added new security features to protect your Jetpack-connected WordPress sites from bot net attacks. We’ve also taken some first steps to create a simplified interface for how you interact with Jetpack.

Your WordPress, Secured.

Brute force attacks are a growing concern for many website administrators. By integrating features from the WordPress plugin BruteProtect, Jetpack Protect can help you take control of site security and protect your site from this common attack vector.

jp-stats-3-4-retina-2

A Centralized Experience

Continuing Jetpack’s mission to bring feature parity between self-hosted WordPress sites and WordPress.com, you will soon be able to manage security features from either your site’s dashboard or a central interface on WordPress.com. Locked out of your site from too many failed login attempts? You can whitelist your IP address in WordPress.com.

jetpack-manage-security

Jump Start

With the click of a button, you can immediately boost performance, security, and engagement to jump start your site with a curated set of Jetpack modules.  This feature is tailored for those who are new to the plugin or new installation of Jetpack.

jetpack-jumpstart

 

How to Update

Visit the Plugins page in your Dashboard and update Jetpack from there. Alternatively update all your sites in bulk from wordpress.com/plugins/jetpack.

 

How to Install

You can install Jetpack by visiting our install page or by searching for it in your Plugins page on your dashboard.

 

Feedback

Please give us your feedback by leaving a comment and letting us know what you love or what you’d like to see in future updates. If you find any bugs or issues, please file a new issue on GitHub, create a new forum post, or simply contact our support team.

 

Posted in Releases | Tagged , , | 21 Comments

Jetpack 3.3: A Single Home for all your WordPress Sites

With the release of Jetpack 3.3 this week, we bring you a new centralized dashboard from which you can manage all your WordPress sites — both your WordPress.com and your Jetpack-connected sites, regardless of where they’re hosted.

 

All Your Sites. One Dashboard.

From day one, Jetpack’s mission has been to bring feature parity between WordPress sites hosted on WordPress.com and those hosted elsewhere. With this release, your Jetpack sites appear alongside those hosted on WordPress.com and enjoy the same user interface, management, and posting functionality.
1
See all your sites on a single page and know at a glance if Jetpack or another plugin requires an update. Search through multiple sites to easily identify the one you’re after.

 

Initiate plugin updates

2

Initiate plugin updates for a single site or for all your sites at once. When a plugin is out of date, you will see a notification right away. Turn plugins on or off with one click — per site or in bulk.

 

Automatic updates

5

Ensure you’re always running the latest version of Jetpack — or any other plugin — turn on auto-updates. Again, you can do this on a per-site basis or in bulk.

 

Centralized posting and mobile UI

4

Publish new posts to any WordPress.com or Jetpack site from the same editor available at WordPress.com/Post. We optimized everything from the ground up to work on all mobile and tablet devices. You can manage and post to your sites from anywhere, on any device, with a full-featured experience.

 

How to Update

Visit the Plugins page in your Dashboard and update Jetpack from there. Alternatively update all your sites in bulk from wordpress.com/plugins/jetpack.

 

How to Install

You can install Jetpack by visiting our install page or by searching for it in your Plugins page on your dashboard.

 

Feedback

Please give us your feedback by leaving a comment and letting us know what you love or what you’d like to see in future updates. If you find any bugs or issues, please file a new issue on GitHub, create a new forum post, or simply contact our support team.

 

Posted in Releases | Tagged , , , | 48 Comments

Jetpack 3.0: Now landing at a blog near you

What good are dozens of features if they’re hard to find and use? Welcome to Jetpack 3.0, with a completely overhauled admin interface that makes configuring and managing Jetpack quick, easy, and fun. (Yes, fun!)

Jetpack Dashboard

The new Jetpack Dashboard provides a quick overview of all Jetpack’s powerful features — sort by category, alphabetical order, or by newest additions to get right to the one you’re interested in.

Jetpack 3.0 Dashboard

Interested in a feature, or not sure what it does? Click on the title for a description and related information:

Jetpack 3.0 Related Posts Modal

Jetpack Settings

Head over to the new Settings page to see all the available features. The updated Settings page contains much-requested bulk activate and sorting features. Wondering how to configure a feature? Hover your mouse over any enabled feature to pull up a configuration link:

Jetpack 3.0 Settings

Site Verification Tools

Verifying your site ownership with services like Google, Microsoft’s Bing, and Pinterest can be an experience in frustration. Jetpack 3.0 adds a Site Verification Tools module — just register with any of the available services (links are provided on the feature’s configuration page), drop in the provided key, and presto! Site ownership verified. Read more about it!

And many more!

There are many more minor enhancements and bug fixes with Jetpack 3.0. (Too many to list here!) For full details see the change log.

As always, we’re continually striving to make the Jetpack experience more streamlined and enjoyable. We would love to hear what you think of the new user interface:  what do you like? What would you love to see in the future? Leave us a comment below!

Posted in Releases | Tagged | 28 Comments

Jetpack 2.9.3: Critical Security Update

Jetpack version 2.9.3 contains a critical security update, and you should update your site and any you help manage as soon as possible. You can update through your dashboard, or download Jetpack manually here.

During an internal security audit, we found a bug that allows an attacker to bypass a site’s access controls and publish posts. This vulnerability could be combined with other attacks to escalate access. This bug has existed since Jetpack 1.9, released in October 2012.

Fortunately, we have no evidence of this being used in the wild. However, now that this update is public, it’s just a matter of time before exploits occur. To avoid a breach, you should update your site as soon as possible. (The vulnerability has been disclosed on the MITRE Common Vulnerabilities and Exposures system as CVE-2014-0173.)

This is a bad bug, and Jetpack is one of the most widely used plugins in the WordPress world. We have been working closely with the WordPress security team, which has pushed updates to every version of the plugin since 1.9 through core’s auto-update system. We have also coordinated with a number of hosts and network providers to install network-wide blocks to mitigate the impact of this vulnerability, but the only sure fix is updating the plugin.

Over the next few hours, we will reach out to individuals whose sites are still running an insecure version. Sites that don’t update may be disconnected from the Jetpack service for their own security, and will be able to reconnect as soon as their version of Jetpack is updated.

If you host a large number of Jetpack-powered blogs, please leave your contact information in the comments so we can be in touch in the future. We have prepared and shipped point releases for all eleven vulnerable branches of the Jetpack codebase: 1.9.42.0.6, 2.1.4, 2.2.7, 2.3.7, 2.4.4, 2.5.2, 2.6.3, 2.7.2, 2.8.2, and 2.9.3. If you can force these upgrades for your hosted users, it will prevent their sites from being compromised.

Finding and fixing bugs is a key part of software development. I can’t promise there will never be another issue like this, but I can promise that when a problem is found we will do everything in our power to protect as many people as possible, as quickly as possible. We care deeply about each and every WordPress user.

Posted in Releases | Tagged , | 92 Comments

Jetpack 2.9

Jetpack 2.9 is out! We’ve got a few exciting new additions — Multisite support, a Related Posts module, and a more secure Single Sign On — along with many smaller improvements and bug fixes.

Manage all your Multisite connections with one login

Logging in to each blog on a Multisite network to connect and configure Jetpack can be time consuming. Now, you can administer them all from one master account. When network-activating Jetpack, you’ll see a new Jetpack > Settings tab in your Network Admin. From here, you can manage all your blogs’ connections, control whether individual blog admins can reconnect with their own account, and designate which Jetpack modules are activated by default.

Make your site stickier with Related Content

The Related Posts module encourages your visitors to stick around longer by displaying links to additional content on your site related to what they’re currently viewing. Usually, analyzing website content to suggest relations eats up precious server resources. By utilizing the power of WordPress.com, the Related Posts module gives visitors more of what they came for while keeping your server resources freed up.

Sample Related Posts

More security with Single Sign On

The Single Sign On module already gives you peace of mind against compromised user accounts because WordPress.com handles all the authentication for you — your site never touches the user’s private credentials. This release takes security a step further by giving site administrators the ability to require users to have Two-Step authentication enabled on their WordPress.com account before they can log in.

Posted in Releases | Tagged , , , , , | 47 Comments

Jetpack 2.8: Introducing Markdown and Improving Monitor

We’re thrilled to announce that our latest update is out the door! Jetpack 2.8 includes improvements to Jetpack Monitor and also introduces a brand new Markdown module.

Jetpack Monitor Module Card

Improved Jetpack Monitor notifications

Multiple users can now receive Jetpack Monitor email notifications. As an admin user linked to WordPress.com, you can opt in to receive these notifications right from your dashboard. Just navigate to the Jetpack page, find the Monitor module card, and click on Configure. Then, check the “Receive Monitor Email Notifications” setting and save your changes. Now if your site ever goes down you will receive notifications to your WordPress.com linked account email!

Write more efficiently with Markdown

Since introducing Markdown on WordPress.com, we’ve had a lot of requests to bring it over to Jetpack. Well, queue the trumpets, start the drumroll, Markdown is here!

For those who don’t know, Markdown is a quick way to add formatted text without writing out any HTML. Markdown lets you compose links, lists, and other styles using regular characters and punctuation marks. If you want a quick, easy way to write and edit rich text without having to take your hands off the keyboard or learn a lot of complicated codes and shortcuts, then Markdown might be right for you. We do strongly suggest sticking with the “Text” tab in the Editor when using Markdown.

Here is an example of Markdown in the text editor:

Markdown in text editor

And here is that same Markdown converted to HTML in the Reddle theme:

Markdown converted to HTML in Reddle

Isn’t that pretty awesome? You can check out the announcement post over at WordPress.com for more information about Markdown and see our Markdown support page.

Publicize Support for Custom Post Types

For our developer friends out there, we’ve added Publicize support for custom post types, allowing you and your clients to automatically post new entries from any CPT to your social media networks. You’d need to make one small tweak in the code defining the CPT—just add 'publicize' to the CPT’s 'supports' array.

For example, to enable the title, editor, Publicize, and Jetpack’s new support for Markdown: 'supports' => array( 'title', 'editor', 'publicize', 'wpcom-markdown' ),

As always, if you notice any issues with this release, just give us a shout over at the forums or send us a message through our contact form. Thank you for flying with Jetpack!

Posted in Releases | Tagged , , , , , | 29 Comments

Jetpack 2.5: Google Integration, VideoPress, and Facebook Embeds

In the latest update to Jetpack, we have some exciting new features to share with you including integration of Google services and products, adding VideoPress to our list of modules, and the ability to embed your Facebook updates into your blog posts. Let’s take a closer look at each of these new features!

(more…)

Posted in Releases | Tagged , , , , | 38 Comments
Follow

Get every new post delivered to your Inbox.

Join 68,910 other followers