CiviHosting vs DigitalOcean

We recently received the follow email (text adjusted slightly) from a client who uses us for hosting Nextcloud on a VPS, including monthly upgrades. The relevant part is this: The problem is that my boss is complaining and wants to move it to our own hosting. He says it will be way less to host ourselves on digital ocean and I can update it myself, I would rather not do that, so can you help us to understand why it’s worth it to stay with you? This is a very good question — very valid. The answer we provided is also good. We answered that the boss is correct that… Read More

Continue Reading

WikiMedia Foundation Joins the W3C

The WikiMedia Foundation has announced that they are joining the World Wide Web Consortium! In a blog post by Gilles Dubuc, a Senior Software Engineer with WikiMeda, the Foundation has declared that they are “becoming a member of the W3C,” which means they are joining the world wide effort to standardize the underlying code structure of the Internet. As Dubuc writes: Founded by Tim Berners-Lee in 1994, W3C works with hundreds of organizations to ensure that the web’s basic building blocks—like HTML or CSS—remain consistent across browsers, platforms, and more. You can learn more about what W3C does over on Wikipedia. Joining the W3C fits right into our 2030 strategy,… Read More

Continue Reading

ConfirmEdit MediaWiki Extension

One of the most popular MediaWiki extensions is ConfirmEdit, and with good reason. It comes bundled with MediaWiki, since version 1.18, so you don’t need to download it. You just need to enable it and then configure it. What is it? In short: The ConfirmEdit extension lets you use various different CAPTCHA techniques, to try to prevent spambots and other automated tools from editing your wiki, as well as to foil automated login attempts that try to guess passwords. To enable, just add this to your LocalSettings.php: wfLoadExtension( ‘ConfirmEdit’ ); Now you need to configure it, as the default configuration is not, in general, terribly helpful. They say there that… Read More

Continue Reading

Social Warfare Plugin Vulnerability

The Social Warfare WordPress plugin has a known vulnerability for all versions prior to 3.5.2. You can see full details on the Unauthenticated Arbitrary Settings Update page at wpvulndb.com. We found today that one of our clients was running version 3.2.2 and their site was thus exposed to this risk. We checked that the backups were running correctly (just in case), upgraded that for them and then contacted them to inform them of what we did. We are here to help keep our clients’ sites secure.

Continue Reading

WordPress and the CiviCRM Contact Editor Extension

We recently had an issue with a WordPress and CiviCRM site that the Contact Editor extension was installed and the “actions” link was there, but if we clicked it, it was a 404 Page Not Found error. With the help of the extension author we determined that the version of the extension we had, which we needed for CiviCRM 4.7.30, indeed had a bug. She provided us with this patch and that fixed the problem.

Continue Reading

Joomla and CiviCRM — Too Many Redirects

We recently had a very serious issue with a Joomla and CiviCRM site that the contributions pages (no matter what payment processor) were giving this error: This page isn’t working somesite.com redirected you too many times. Try clearing your cookies. ERR_TOO_MANY_REDIRECTS and we couldn’t figure out why. We also ran into this error from PayPal: Error Payment approval failed with message :Security error Security header is not valid and this from Authorize.net: Payment Processor Error message :Security error Security header is not valid Together with our client, we eventually figured out that we needed all these settings in Joomla global config: I believe all I need to do is change… Read More

Continue Reading