Introducing CoSchedule, the newest member of our Technology Partner Program

We’re excited to announce that CoSchedule has joined our Technology Partner Program. CoSchedule is a comprehensive marketing tool to help you and your team execute your entire content marketing strategy within WordPress.com VIP. If you’re looking to plan awesome content and save a bunch of time, the CoSchedule plugin on VIP can help you do just that.

Here are 10 reasons to check out CoSchedule:

1. Customize Team Roles 

WordPress VIP customizable team roles

Customize everyone’s role on your team to give permissions for specific responsibilities. Help them use the features they need to do their work, and hide the ones that get in their way.

2. Control Who Can Share Content

WordPress VIP custom social media permissions

You can control access to your social profiles to limit who can and can’t publish to each account. Give specific team members the rights to use certain company social media profiles while restricting others’ access. This will help you get a ton of traffic from your team, while providing advanced accountability for social sharing.

3. Advanced Profiles For Sharing Content

WordPress VIP social media security and private profiles

When you create content your team is really proud of, they’ll want to share it with their personal fans, followers, and friends. Your team can rock at social media with private social profiles and share your content to generate even more traffic.

4. Better Accountability

WordPress VIP security and access logs

Sometimes, you just need to know who published what. It helps to have a full history log of who modified your blog and social media content. CoSchedule will help you know exactly who did it.

5. Scheduling Social Media Messages

WordPress VIP social media scheduling

Schedule social media messages as you write your blog posts. That means multiple team members can work on a project at the same time to move faster, be more productive, and work together in the same tool to see what everyone is working on.

6. Custom Workflow That Works For Your Team

WordPress VIP customizable content marketing workflow

Create a workflow that suits your needs: build your own task templates, name those tasks, assign them to the right custom roles for your team, and automatically change the due dates if you move your content around on your calendar.

7. Analytics

WordPress VIP social media analytics

You need to know how your content performs to prove your ROI and improve your future content.

8. Work Where It Works Best For You 

WordPress VIP custom dashboards

You can access CoSchedule directly within WordPress.com VIP, or as a standalone web app.

9. Security

CoSchedule uses the same security technology most banks use to protect your information. Check out their status log whenever you’d like to see stats on our up times. You’ll always have access to at least two support techs during regular business hours, and at least one support tech is on call 24 hours a day.

10. Get The Support You Need

There’s something special about receiving support that helps you get through a tough problem. And taking that to a whole other level is even better. Get the priority level support you need for any question you have when you choose CoSchedule for WordPress.com VIP.

The support includes setup assistance and full support for your entire experience with CoSchedule. Don’t hesitate to reach out.

Introducing the WordPress Security White Paper

We’re very proud to share the WordPress Security White Paper with the WordPress community!

The white paper is an analysis and explanation of the WordPress core software development and its related security processes, as well as an examination of the inherent security built directly into the software. Decision makers evaluating WordPress as a content management system or web application framework should use the white paper in their analysis and decision-making, and for developers to refer to it to familiarize themselves with the security components and best practices of the software.

The WordPress Security White Paper is available directly on the WordPress.org site. In addition, the HTML and PDF versions are available at Automattic’s Documattic Updated! Now on the WordPress GitHub repository for any updates and/or additions.

We’d really love to encourage and help share translations of the white paper to the global WordPress community. If you have a translation to contribute, please add it to the WordPress GitHub repo so others can benefit, too. Pull requests welcome!

The text in the white paper (not including the WordPress logo or trademark) is licensed under CC0 1.0 Universal (CC0 1.0) Public Domain Dedication. You can copy, modify, distribute and perform the work, even for commercial purposes, all without asking permission.

Thank you to all who contributed to the initial release and compilation of this document: Barry Abrahamson, Michael Adams, Jon Cave, Helen Hou-Sandí, Dion Hulse, Mo Jangda, and Paul Maiorana.

Below is the table of contents for the white paper, which you can find here.

Overview
Executive Summary
An Overview of WordPress
The WordPress Core Leadership Team
The WordPress Release Cycle
Version Numbering and Security Releases
Version Backwards Compatibility
WordPress and Security
The WordPress Security Team
WordPress Security Risks, Process, and History
Automatic Background Updates for Security Releases
2013 OWASP Top 10
A1 – Injection
A2 – Broken Authentication and Session Management
A3 – Cross Site Scripting (XSS)
A4 – Insecure Direct Object Reference
A5 – Security Misconfiguration
A6 – Sensitive Data Exposure
A7 – Missing Function Level Access Control
A8 – Cross Site Request Forgery (CSRF)
A9 – Using Components with Known Vulnerabilities
A10 – Unvalidated Redirects and Forwards
Further Security Risks and Concerns
XXE (XML eXternal Entity) processing attacks
SSRF (Server Side Request Forgery) Attacks
WordPress Plugin and Theme Security
The Default Theme
The Theme Review Team
The Role of the Hosting Provider in WordPress Security
A Note about WordPress.com and WordPress security
Appendix
Core WordPress APIs
White paper content License
Additional Reading

A special note: As you can see in the table of contents, the white paper is specific to the open source core WordPress software. The core WordPress software is the foundation of WordPress.com and there are additional Security FAQ related to WordPress.com VIP here.

The Dream Internship: Work at Automattic (Summer 2015 and beyond)

Applications are now open for the WordPress.com VIP internships! We’re currently focused on applications for the summer 2015 period, but we’ve also opened up a dedicated internship application form which will allow interested students to apply for internships on a rolling basis during the year.

Our company Automattic — which runs WordPress.com, Akismet, VaultPress, and many other services — is looking for a few stellar student interns, specifically to work with us on the WordPress.com VIP team. WordPress.com VIP provides hosting and support for high-profile, high-traffic WordPress sites, including Time.com, FiveThirtyEight.com, qz.com, TechCrunch.com, Recode.net, NYPost.com, etc.

Where will you be working you may ask? Anywhere! We are a distributed company and are happy if you work from wherever you are — as long as you have a good broadband connection.

For more information and to apply for one of our paid internships, please refer to the dedicated Internships page here on the VIP site.

We look forward to seeing your applications! 

28 billion pageviews: A Year at WordPress.com VIP

2014 has been a big year at WordPress.com VIP. So far, we’ve served more than 28 billion pageviews (or, 28,250,403,658 the last time we checked). We’ve also added 350 new sites to the VIP network and 13 new members to our team (including an acquisition)!

As the leading WordPress solution for enterprises, we pride ourselves on working with your team to ensure that your code is optimized, secure, and fast. This year our customers have deployed changes 31,000 times, comprising more than one million lines of code—and we’ve reviewed every line. (And in case you were wondering, 4pm ET on Thursdays is the busiest hour in our deploy queue).

vip-2014-yearly-review

Here’s a quick look at big moments of 2014:

January

We rang in the new year by helping Walt Mossberg and Kara Swisher launch Recode.net.

And we push the button for @recode

A video posted by Kara Swisher (@karaswisher) on

At the end of the month, we welcomed both The Bloggess and Grantland to the VIP network.

Screen Shot 2014-12-15 at 10.45.14 AM

February

During the Sochi Winter Games, we were proud to host the Canadian Olympic Team’s official site.

Screen Shot 2014-12-17 at 8.57.51 PM

March

We launched the newly-designed Time.com on WordPress.com VIP while gathered around a table during our annual team meetup.

We were excited to see Nate Silver’s FiveThirtyEight.com launch on VIP.

April

We hosted our third annual Intensive Developer Workshop in Napa, California, with opening remarks from Tim Ferriss and sessions on everything from performance, to security, to ElasticSearch. 100 percent of the participants surveyed said they would recommend the conference to their colleagues. (You can pre-register for next year’s workshop now!)

May

We hosted our very first European Big Media & Enterprise WordPress Meetup in London! Over the course of the year we’ve hosted nine Big Media & Enterprise WordPress meetups in five different cities: New York, London, San Francisco, Boston, and Toronto, featuring flash talks by USA Today, GlobalNews.ca, TechCrunch, Harvard Business Review, Metro UK, Forbes, PMC, and NESN.

In addition to hosting the TED 2014 conference blog, we welcomed ideas.ted.com to WordPress.com VIP.

Screen Shot 2014-12-15 at 10.50.31 AM

June

As our team watched the 2014 FIFA World Cup, we were thrilled to be a part of USA Today and Fusion’s soccer football coverage.

We were also happy to welcome Fortune.comAlaska Airlines, and American Eagle Outfitters to the VIP family.

Screen Shot 2014-12-15 at 10.46.08 AM

July

The Meredith Vieira Show launched on VIP.

We introduced in-dashboard live chat support for the 22,000 editors, authors, and contributors across the VIP network. Our team is on stand-by to assist users and help them get their work done more efficiently.

Screen Shot 2014-12-15 at 4.09.13 PM

August

Robin Williams’ death was covered by almost every news site in the VIP network, with more than 221 million pageviews over a span of roughly 48 hours.

Quartz introduced a redesign and launched a homepage for the first time, and blog.wikimedia.org migrated their site onto VIP.

Screen Shot 2014-12-15 at 10.47.08 AM

September

We welcomed Fusion.net, a joint venture between Disney/ABC and Univision, onto WordPress.com VIP.

Screen Shot 2014-12-17 at 9.17.25 AM

October

We geared up for another set of our VIP Training Days events around the United States – these 1-day courses bring VIP training to a city near you, whether it’s the Superuser, Developer Fundamentals I, or Developer Fundamentals Site Security & Debugging courses you’re interested in.

2014_Automattic_Wordpress-2371

November

Another huge traffic day for the VIP network this year were the 2014 midterm elections. As the results unfolded we followed along the live blog on FiveThirtyEight.com. (Read more on how politicians and government groups are using WordPress to power their sites here.)

Screen Shot 2014-12-15 at 4.15.07 PM

Also in November, Taylor Swift sold 1.2 million albums during her release week and pulled her music from Spotify. Spotify’s CEO posted a response on their VIP-hosted site.

And finally, we were thrilled to welcome Code For The People to our team, and in true VIP style, celebrated the announcement together in Lisbon, Portugal.

December

We are excited to welcome Foreign Policy, which launched on VIP this month.

As people look back on the year, they are choosing WordPress.com VIP to do so: Time.com’s Person of the Year and Facebook’s Year in Review were both announced on VIP.

2014 was a huge year for WordPress.com VIP, thank you for being a part of it. We’re looking forward to an even bigger 2015!

Looking to learn more about WordPress.com VIP? Take a look at our services, our featured partners, or job openings

WordPress.com VIP Acquires Code For The People

Code For The People is a six-person WordPress development agency based in the UK, known for their great service and the enterprise tools they’ve created. Automattic has acquired them and will be winding down the consulting part of their business as they join our WordPress.com VIP team to continue building the best tools and services for enterprises using WordPress.

We’ve worked very closely with Simon Dickson, Simon Wheatley, and the rest of the Code For The People team in recent years as partners collaborating on projects for our mutual customers, and before that through their many contributions to the WordPress open-source project and community.

They bring a deep understanding of WordPress, unique experience providing solutions for government agencies, and a particular specialty developing multilingual tools, like Babble, for enterprises. We also really appreciate their commitment to contributing back to WordPress, and are excited to have John Blackbourn continue leading the development of WordPress 4.1 as part of Automattic.

And while Automattic has always been a distributed company, and WordPress.com VIP a global team, we’re excited to expand coverage for our European customers as well.

Congrats to the team, and welcome to the Automattic family!

The Dream Internship: Work at Automattic (Spring 2015)

Update: Applications are now closed.

Our company Automattic — which runs WordPress.com, Akismet, VaultPress, and many other services — is looking for a few stellar spring student interns, specifically to work with us on the WordPress.com VIP team.

WordPress.com VIP provides hosting and support for high-profile, high-traffic WordPress sites, including Time.com, FiveThirtyEight.com, qz.com, TechCrunch.com, Recode.net, NYPost.com, etc.

You’ll be working on a range of projects depending on your skills and passions, but here’s an overview:

Communications Intern: This internship is all about improving client communications. You’ll likely be writing case studies, interviews, launch posts and new feature posts for the VIP News site, in addition to helping organize our fall events.

Development Intern: This internship is all about making things. You’ll likely be working on WordPress plugins for large media companies, or working on core WordPress.com features and development.
Update: The Development Internship position is now filled. We will be accepting applications for our summer internship starting February.

Where will you be working you may ask? Anywhere! We are a distributed company and are happy if you work from wherever you are — as long as you have a good broadband connection. This paid internship runs 12 weeks between March 9th and May 29th, 2015, but we are flexible on the dates.

Interested? Complete your application by filling in the form below. In the space provided, introduce yourself and why you’d like to be an intern with our team. Be clear about what you’ve done and what you’d like to work on — for example, a killer plugin or integration, a feature improvement, a case study, etc. Students enrolled in a full-time or part-time undergraduate or graduate program with 6+ months left before graduation are encouraged to apply.

Send in your internship application by November 1st for consideration in the program. If you have any questions, please leave a comment and we’ll get back to you!

Applications are now closed.

Josh Betz is a former VIP intern who now works as a code wrangler. During his internship he worked on a VIP user management plugin and WordPress.com Enterprise.

The Meredith Vieira Show Launches On VIP!

Meredith Vieira has had quite a career. You probably know her from years as co-anchor of the Today Show or maybe as host of Who Wants to Be a Millionaire. Well, starting this fall, you’ll know has as host of The Meredith Vieira Show, which is slated to launch September 8th on NBC. And, starting this week, you’ll know her as the newest member of the WordPress.com VIP family – the brand spankin’ new website for the television show is live and we’re super excited to welcome Meredith and her team! Good luck with the show launch!

The Meredith Vieira Show

http://meredithvieirashow.com/

The Dream Internship: Work at Automattic (Summer 2014)

Our company Automattic — which runs WordPress.com, Akismet, VaultPress, and many other services — is looking for a few stellar summer student interns, specifically to work with us on the WordPress.com VIP team.

WordPress.com VIP provides hosting and support for high-profile, high-traffic WordPress sites, including Time.com, FiveThirtyEight.com, qz.com, TechCrunch.com, Observer.com, GigaOM.com, etc.

We currently have two open (paid) intern positions. You’ll be working on a range of projects depending on your skills and passions, but here’s an overview:

Development Intern: This internship is all about making things. You’ll likely be working on WordPress plugins for large media companies, or working on core WordPress.com features and development.

Communications Intern: This internship is all about improving client communications. You’ll likely be writing case studies, interviews, launch posts and new feature posts for the VIP News site, in addition to helping organize our fall events.

Where will you be working you may ask? Anywhere! We are a distributed company and are happy if you work from wherever you are — as long as you have a good broadband connection. The internship runs 8-10 weeks between June 1st and August 1st, 2014, but we are flexible on the dates.

Interested? Write up a post on your WordPress blog and leave a comment on this post with a link to it telling us what you’ve done and what you’d like to work on — for example, a killer plugin or integration, a feature improvement, a case study, etc. It’s OK if you’d like to keep your post private; your comment and link will remain private to the VIP team as well.

Send in your internship application by May 1st, but the earlier, the better. If you have any questions, please leave a comment and we’ll get back to you!

Extreme Makeover, Data.gov Edition

Earlier this week, Data.gov relaunched with a beautiful new redesign. Behind it is a powerful CMS platform called WordPress. The previous version of the site ran on a mix of Drupal and other proprietary systems, but as Marion Royal points out in a blog post explaining the relaunch, development on the previous version of the site was done behind closed doors. Marion goes on to explain the open source ethos that was put into play with this update of the site:

Now we’re using open source systems, including WordPress and CKAN. Most importantly, the development is public from the beginning on GitHub so you can see how the site came to be, and will continue to grow. We’ve already had significant help from the open source community and look forward to more.

Data.gov is one of the most innovative initiatives inside of the federal government. A talented team of designers and developers are working hard to expose millions of pieces of government data from across the entire government so that citizens, along with government entities, can leverage that data for good. From the Data.gov website:

Data.gov is the home of the US government’s open data. You can find Federal, state and local data, tools, and resources to conduct research, build apps, design data visualizations, and more. The Data.gov team works at the U.S. General Services Administration, but the site itself is open source, and we’d love your help making it even better.

I have personally worked closely with many of the developers who helped to steer this project. I have been continuously impressed by their level of dedication to opening up government data and putting it into the hands of those who want to use it to make America a better place. I expect big things out of this team, and I believe that Data.gov — and other similar initiatives — can help redefine the way citizens view the work that the government does. It’s an exciting time to be working on these issues and I’m very excited to see WordPress at the center of the action in Washington, DC.

Data.gov on GitHub.

New Plugin: Comprehensive Sitemaps

Map of Boston by Norman B. Leventhal Map Center at the BPL

We’re excited to announce the availability of a new plugin for WordPress.com VIPs: Comprehensive Sitemaps.

All WordPress.com sites come with XML sitemaps built-in. These files are automatically generated, cached for a 24-hour period, and updated whenever a post is published, updated, or deleted—however, they are also limited to the 1,000 most recent posts.

With Comprehensive Sitemaps, you can now build and serve sitemaps encompassing all of your content, to help give search engines an extra boost when crawling your site. This is done by using sitemap indexes and breaking down the files into years, months, and days. Additional care was taken to optimize the plugin for quick and fast delivery (individual sitemap files are pre-generated), and the plugin smartly handles post changes by updating only the affected sitemap files, so you’re always serving up-to-date content.

The code was originally written by the development team at Metro UK. Here’s what Paul Kevan, a Metro engineer, had to say about the plugin:

The sitemap plugin spawned out of a requirement to maintain our indexing when migrating over from our in-house CMS to WordPress.com. The default plugins only output 1000 posts and considering the Metro site had over 300k posts, we were worried about the indexing drop when we not only moved hosting but also changed the structure of our permalinks.

Three months later, thanks in part to the plugin, we had fully reindexed the whole site in Google with only a few minor problems.

When the VIP team got in touch to discuss open sourcing the plugin, we were only too pleased to say “yes”. The Metro development team is able to be very lean thanks to the services of WP.com VIP and we were conscious that the best way to repay this was contribute back to the community.

We worked closely with Paul and Metro’s development team to get the plugin into a shareable state. Other VIPs like Maker Media and Service Partners like Alley Interactive and 10up also offered to help and contributed code that helped further clean up or optimize the code or introduce new features.

Installing the Plugin

The plugin needs to be installed via your theme code:

wpcom_vip_load_plugin( 'msm-sitemap' );

Setting up Sitemaps

Once you’ve committed the code change to activate the plugin, please open a ticket so that we can generate the sitemap for you. We need to run a one-time process to generate the full archive; it’s rather resource-intensive and something that we can help run in a smooth manner.

Note: if you’re using custom post types and want to include them in the sitemap, you need to explicitly include them via the msm_sitemap_entry_post_type filter.

Follow Along

You can follow development on Github. If you come across problems, we ask that you first check the issues on Github and if the problem hasn’t already been reported, go ahead and create a new one. There are several fixes and improvements planned; pull requests are welcome and highly encouraged.

A big thank you to Metro UK for contributing this code back to the VIP community!

Map of Boston courtesy of the Norman B. Leventhal Map Center at the BPL.