Cloudflare is a popular service that offers DNS, CDN, security services, and more. It is often used by WordPress site owners to speed up and secure their websites. By default, Cloudflare automatically caches static assets like CSS, JS, and images. With a little extra work, Cloudflare can also be configured to “cache everything”, which means a static HTML copy of your website will be cached and served from Cloudflare’s extensive network of data centers around the world. In this post, you’ll learn more about Cloudflare’s “full page cache” feature, and if it’s a good option for your WordPress site.
pipdig, one of the biggest WordPress theme providers to bloggers, is distributing code dressed up as the “pipdig Power Pack” plugin which amongst other things:
A great post by Jem. I highly recommend giving it a read if you’re a pipdig customer or just someone who’s interested about how easy it is for a theme provider to inject b***shit into your WordPress site.
In short, here’s what pipdig does with your site.
- Uses your site to issue DDoS attacks on competitors.
- Change links in your WordPress database to point to pipdig.com.
- Violates GDPR laws.
- Disables other plugins without asking you first.
The story doesn’t end there though.
Regarding that last point, Nicky Bloor discovered that pipdig disables Bluehost’s and SiteGround’s caching plugins, and then prompts users with a message that reads, “Is your host slowing you down?”.
Disgusting behavior from pipdig. I hope they lose customers over this.