|
|
|
Posted
8 months
ago
by
Jay Gilmore
Join Us At Modxpo Europe 2012 Photo Credit: Marcel030NL It's been long overdue and thanks to some incredible community members (Bert, GP and Mark) for getting it off the ground, the first MODXpo in Europe is a reality. This
... [More]
jam-packed event takes place Saturday, November 10, 2012 in Utrecht, the Netherlands. MODX, event sponsors and esteemed community members host a full-day of everything MODX. We can't wait!
Awesome Speakers
Presenters confirmed so far include MODX's knitting sage, Susan Ottwell, Bert Oost, Menno Pietersen and members of the MODX team including Ryan Thrash, MODX Co-founder, Kevin Marvin, CTO, Mark Hamstra, Sr. Developer and more to be announced. See the full lineup of sessions announced so far.
Sessions For Everyone
From MODX newbie to seasoned expert, MODXpo Europe 2012 sessions will include everything from the basics to advanced development strategies as well as demos of MODX Cloud. Some of the scheduled sessions are: Building a Site in 90 Minutes, Developing Extras for MODX: Hands-on and Responsive & Adaptive Web Design in MODX
Special Early Bird Pricing
MODXpo will be an event to remember and it's an amazing value at just €39,95 (around $50 USD) for a full day event including lunch, beverages and snacks. But hold-on. If you register on or before this coming Friday—September 14, 2012 you'll get €10 off the regular ticket price. Register today.
The Space Between
Beyond the sessions and the speakers, MODXpo will be a tremendous opportunity for you to meet and collaborate with MODX community members from around the world. As an example, when MODXers congregated at CMSExpo in Chicago this Spring they "borrowed" a room for a code-jam/exchange and shared tips, ideas and tactics on working smarter with MODX. With nearly 70 people already confirmed we're aiming to bring more than 200 people together, just think of the opportunities for networking and collaborative learning. Sign up today.
Become A Sponsor; Be A Hero
Does your company or organization want to show its support for and align it's brand with MODX to approximately 200 international web designers, developers, agencies as well as content managers and related industries? Whether you are a small design firm, hosting company or large company that loves what MODX is about, sponsoring MODXpo will make you a hero.
More To Come
It's early days yet and we'll have much more to announce about MODXpo 2012 Europe, be sure to check back here at the MODX blog and if you haven't already, head over to the MODXpo website for the complete details of the event.
Want To Help Make MODXpo A Stellar Success?
We want to make MODXpo a resounding success. You can help get the word out in many ways. Write a blog post about MODXpo and share on your favourite social networks. If you are a presenter/speaker at MODXpo why not offer an overview of your presentation on your own blog. Additionally, just sharing this post and any future posts on MODXpo with anyone who might be interested would be wonderful. See you there. [Less]
|
|
Posted
8 months
ago
by
Kevin Marvin
How many penguins can you fit in a suitcase? Image: Katia Donahoe, Plushka No one ever asks me that question, but I think it is very relevant to my job. Why? Because penguins are awesome, and a suitcase is not the world’s
... [More]
largest container. It’s analogous to a problem I struggle with weekly: trying to fit what I work on, and what I do for fun, into a week. I believe the things that I am privileged enough to do every day are awesome, but there are only so many hours in that week. I should call the board of standards and see if I can get them to make a week a few days longer.
Last week we invited all of the members of the MODX team from around the world to Dallas to discuss our present and future awesomeness. (And I can say that in all confidence because again, I believe this stuff is awesome. I’m not kidding. You can disagree with me if you like, I won’t take it personally! But you would be wrong. :P)
Embedding Innovation
We started the journey of embedding innovation at the very heart of MODX. To do this, we needed a process that not only harnesses the skills and talents of all of our team while giving us the ability to engage with external folks as well, but also provides a structure around the areas on which we should focus.
We developed a simple but effective framework to quickly determine, prioritize and organize important activities, dubbed our "4i Innovation Grid”. We deliberately mixed the teams up, and started brainstorming really good ideas for MODX the company, the CMS, the Cloud, and how we support customers of all shapes and sizes going forward.
I thought it would be fun to share how we went through this process, and to ask you to get involved. I’ll cover how you can help more in a bit, but want to start by outlining our process:
The 4i Innovation Grid
The MODX ‘4i Innovation’ Process
Our first step was dividing the whiteboard into the four quadrants above, and start brainstorming different ideas to put in each section. After extensive conversations and pie throwing we had copious amount of ideas on the board. All of them good, all of them valid. Once we were either a) satisfied we had them all or b) very, very tired of thinking really, really hard, the group then prioritized all of them we could. More discussion, more poor, unsuspecting pies lost, and we organized the penguins. We put them in the suitcase. We moved on to the next topic. We repeated this process for our four key areas—CMS, Cloud, Operations, and Support.
With the dust settled, the used pie tins thrown away, and the resultant sugar rush worn off, we split the company up into cross-functional groups. Each group would take the priorities provided by all members of staff, put them in order of the most critical or “Critical Path” (I promise, the only businessy term I will use). This would become our future roadmap for our products.
Don’t worry, I don’t think it will change the current roadmap too much, but what gets published from it will help you—potential lover of penguins—see what we think these products should become. And that’s where you come in.
Result: A Published Roadmap
Over the next few weeks, we will transcribe this information. Once properly massaged and put into small plastic baggies for storage in suitcases, we will entered them into our Project Tracker. We will also add the ability to vote on features to let you—and all MODX users—tell us how you feel about the activities we're planning. We’re also going to organize and collaborate with groups of community members to add to the list of ideas for the products.
We Want You
In short, we want to recruit you. You, who believe in Creative Freedom, who believe that people want amazing, not ordinary, average or poor web experiences. We want you to help us understand better how you use CMS and Cloud (once Cloud is fully unleashed, of course), and how we can do more to make doing your web work not only painless but enjoyable and rewarding.
I want you to have days as awesome as mine, and I hope you consider the penguins. [Less]
|
|
Posted
8 months
ago
by
25663
MODX Revolution is Still Safe After exhaustive investigation, at this point we have determined the recent modx.com security breach used custom code authored specifically for our website. It was not a result of code contained in any core releases
... [More]
of MODX Revolution. While we have taken additional steps to further secure our website, we will follow up with a more complete response in the coming weeks. [Less]
|
|
Posted
8 months
ago
by
25663
MODX Revolution is Still Safe After exhaustive investigation, at this point we have determined the recent modx.com security breach used custom code authored specifically for our website. It was not a result of code contained in any core releases
... [More]
of MODX Revolution. While we have taken additional steps to further secure our website, we will follow up with a more complete response in the coming weeks. [Less]
|
|
Posted
8 months
ago
by
Jason Coward
After exhaustive mitigation of the recent security breach on modx.com, we would like to discuss the incident, provide assurance of MODX’s security architecture, and relay the changes going forward. We would like to especially thank FireHost for
... [More]
their invaluable assistance in helping analyze the attack and recommending next steps.
We know this incident likely led to heartburn and frustration for many, and for that we sincerely apologize. We want all MODX users to know we absolutely realize the importance of the security and integrity of the MODX web properties and our products.
We want to emphasise that nothing in the code of any core release of MODX Revolution was involved in this incident. Nor did this affect MODX Cloud in any way.
The Attack Vector
On August 29th, we quickly cleaned and locked down our server when concerned individuals on Twitter alerted us to our homepage being blank. Our analysis determined that a single vector allowed the attack to be successful. A no-longer-used, hastily deployed form for previewing a listing before submission provided access to upload executable scripts. We also removed a software stack-testing file which remained on the server, as it was susceptible to a PHP bug that could serve as a vector for a compromise or service disruption.
The Impact
In many MODX environments the damage could have been much worse. However, thanks to specific architectural decisions to isolate user credentials and file downloads from the server hosting the web site, we were fortunate in the limited scope of damage. Part of the compromise involved disclosure of what the attacker mistakenly, albeit understandably, thought was critical user database table details for modx.com. Thankfully this was a restrained attack, as more damage could have been done.
MODX published several interim notices, but delayed this final debrief until we were certain of the vector(s) involved, and that we observed failed intrusion attempts. Our silence during this time was purposeful while we completed analysis and put additional protections in place.
No sensitive user information was exposed, and no backdoors into the server remain. The core product and Extras downloads hosted by MODX were never tampered with, nor do they contain any threats. That being said, we dodged a bullet.
What We Learned
As a result of this incident, we have created a formal security team, dedicated to being proactive and open, including learning from other projects and pledging to keep MODX users informed and updated. We are also monitoring the server with renewed scrutiny and frequency, and will inform the public should we discover new threats to our services or your data.
At MODX, we’re committed to not only improve the security of MODX’s internal assets and customer environments, but also to keep all users well prepared for and informed of the constantly evolving threats to all of our MODX-driven web sites and applications. [Less]
|
|
Posted
8 months
ago
by
27708
MODX Revolution is Still Safe After exhaustive investigation, at this point we have determined the recent modx.com security breach used custom code authored specifically for our website. It was not a result of code contained in any core releases
... [More]
of MODX Revolution. While we have taken additional steps to further secure our website, we will follow up with a more complete response in the coming weeks. [Less]
|
|
Posted
9 months
ago
by
27708
On Wednesday August 29, a hacker exploited a Local File Inclusion (LFI) vector in an older release of MODX Revolution we had running on one of our servers. This issue had already been fixed as part of the MODX Revolution 2.2.4 release. We locked down
... [More]
the site while we investigated the compromise.
Yes, one of the MODX web properties was not up to date and this was really not smart. We got burned, and this is our mea culpa. We have upgraded our websites to 2.2.4, changed all passwords related ... [Less]
|
|
Posted
9 months
ago
by
27708
On Wednesday August 29, a hacker exploited a Local File Inclusion (LFI) vector in an older release of MODX Revolution we had running on one of our servers. This issue had already been fixed as part of the MODX Revolution 2.2.4 release. We locked down
... [More]
the site while we investigated the compromise.
Yes, one of the MODX web properties was not up to date and this was really not smart. We got burned, and this is our mea culpa. We have upgraded our websites to 2.2.4, changed all passwords related ... [Less]
|
|
Posted
9 months
ago
by
ja...@modx.com (Jay Gilmore)
Before we went all-in on MODX as a software company, we bootstrapped the project and survived by building projects in MODX. But having to manage servers and perform “routine” maintenance—which frequently got delayed and, too often, went
... [More]
undone—was never fun.
If only back then we had MODX Cloud…
Why MODX Cloud
MODX Cloud was born from a desire to see optimized MODX infrastructure available at a reasonable cost—and to make building MODX sites properly a simple, consistently repeatable process. It solves two key problems:
Managing Servers, Scaling and Security are hard, never-ending challenges, and
Hiring the right Geeks or relying on outsourcing for the above is equally as challenging and often expensive.
Early feedback from beta testers confirms we’ve built something special. In short, MODX Cloud gives you the freedom to focus virtually all of your time and energy solving communication challenges and building amazing online experiences for your customers.
If you are a smaller shop or even a solo freelancer, MODX Cloud can help you win against larger competitors by giving you technical and productivity advantages unavailable elsewhere. You get to focus on the creative things you love most, while your clients benefit by more budget going to pretty pixels, great experiences and creative problem solving—not maintaining server stacks, constantly patching security updates or figuring out how to quickly/safely/easily move to more powerful environments [hint: Snapshots are your friend!].
An Amazing Experience
MODX Cloud removes complexity and risk from managing web infrastructure. To get it into as many site builders’ hands as possible, we borrowed from the 37signals playbook with plans that let you manage more MODX projects as your business grows. No nickel-and-diming to start new projects or to work on an existing ones. We will likewise offer affordable, turn-key production bundles with isolated environments for development, production and utility purposes (e.g., staging, demos, R&D or testing upgrades).
Early adopters will get even more, but we’re saving that for closer to launch time. ;)
Freelancer
Website Studio
Digital Agency
For savvy web workers who build amazing MODX sites.
For growing shops working on multiple MODX projects.
For larger companies with dozens of projects.
10 Dev Clouds
50 Dev Clouds
200 Dev Clouds
Ben Davis from BD Creative in Germany sums up the experience you can expect from MODX Cloud:
So far, the features I've seen in MODX Cloud are totally incredible. It's so well designed, it's actually fun to work in. I'll no longer have to spend time doing tedious or mundane server and installation tasks and spend more on ideas, creating and delivering for my clients.
If you haven’t done so, sign up for our beta today to experience MODX Cloud yourself. [Less]
|
|
Posted
10 months
ago
by
ry...@modx.com (Ryan Thrash)
MODX puts you in complete control of your website, right down to the last pixel. Case in point, when we launched MODX in 2004 you could have created an HTML5/CSS3 website—just like you can build an HTML7/CSS5 website today despite those standards
... [More]
not existing yet—just by putting any HTML into MODX templates.
MODX doesn’t force you into using complex theming systems, but it does offer developer the freedom to use a template engine like Twig if they so choose. The point is though, you don't have to be a developer in order to build an amazing website in MODX.
Designers and marketers can create completely custom, remarkable websites in MODX without ever having to learn how to code. If they need something truly custom, they can collaborate with developers without colliding. In the same way, they can turn over a site to a client without worrying about them breaking their hard work.
Freedom from Complex Theme Systems
We have always believed that the software that runs your website shouldn’t dictate its structure or force you to compromise your design to fit its mandatory theme layer. On the other hand, it should adapt to your explicit needs, today or tomorrow, and it should never force you to work with code in order to create a truly custom design.
No matter how cutting edge the creative vision for your website, if you can create a prototype mockup (or just want to download a template from a theme site), you can power it in MODX. This frees you to focus on building and communicating, not the software running your website.
Unlike so many other systems today, MODX fits your creative vision for the design, structure and content of your site, exactly as you envision and without compromise, not the other way around. [Less]
|
Copyright
©
2013
Black Duck Software, Inc.
and its contributors, Some Rights Reserved. Unless otherwise marked, this work is licensed under a
Creative Commons Attribution 3.0 Unported License
. Ohloh
®
and the Ohloh logo are trademarks of
Black Duck Software, Inc.
in the United States and/or other jurisdictions. All other trademarks are the property of their respective holders.