WP Pipeline?

11 years ago

I was just watching the demo video they have up on another sales page (different than yours) with a huge discount going on right now and it looks like a good product, I know someone that uses it and loves it,

I am not sure what free products you are referring to, I'm not aware of anything free that does what their demo shows, and really for a central wordpress management tool I would not trust anything free, being that this is something so intricate and advanced.

I have seen another central management tool that costs much more than this one, can't remember the name right now, the link is saved somewhere in my bookmarks.

The fact that they refer to blog is perfectly okay, Wordress is a blog platform, and this tool only works with Wordpress, so I don't think it's about how you use it, it's about what it is, and that is why they are saying blog.

Anyway, I was looking for reviews as well, so I found your thread, I might buy it, since the lowered the price so much for the holidays.

Thanks

Signature

Highest Quality PLR - Content You Will Be Proud To Share With Your Audience - Sign Up For My Email List And Get A Ton Of FREEBIES - https://internetslayers.com

Giant Women's Health PLR
Giant Kettlebell PLR Pack
Yoga PLR eBook/200 + Pcs. Of Meditation/Wellness PLR
Healthy Cooking 225 Pcs. Of PLR

{{ DiscussionBoard.errors[7396278].message }}

6PackJim

11 years ago

I saw their demo and I don't know why WP Pipeline is any different than what is already available. By the way, which program would you recommend?
Thanks!

Thanks
1 reply

{{ DiscussionBoard.errors[7396280].message }}

Love2Blog

11 years ago

Originally Posted by 6PackJim

I saw their demo and I don't know why WP Pipeline is any different than what is already available. By the way, which program would you recommend?
Thanks!

What else is readily available? The only one I know of is something that costs over $200 a month I saw that on John Chow's site

I just found the one from John Chow's site - it's Manage WP - it starts at $162 per year for 25 sites and goes up from there, there are monthly options as well, but Pipeline is a one time payment, seems like a better deal.

There is also WPMU, but I think that's somewhat different than these tools. WPMU uses 1 database for all sites, I believe.

Thanks
1 reply

Signature

Highest Quality PLR - Content You Will Be Proud To Share With Your Audience - Sign Up For My Email List And Get A Ton Of FREEBIES - https://internetslayers.com

Giant Women's Health PLR
Giant Kettlebell PLR Pack
Yoga PLR eBook/200 + Pcs. Of Meditation/Wellness PLR
Healthy Cooking 225 Pcs. Of PLR

{{ DiscussionBoard.errors[7396314].message }}

benz1

11 years ago

@Love2Blog, where is the sales page you saw, are the prices lower that the one at the link above?

WP started off life as a blogging platform but it advanced beyond that years ago. I manage hundreds of WP sites for myself and clients and very few of them are blogs. WP is now the CMS of choice for fully featured websites which is why it's so strange that they refer to WP sites as blogs.

WPMU was replaced a couple of years ago by Multisite which is built into WP now. It is a system for creating multiple WP sites from a single installation. It is not a replacement for these tools.

ManageWP is the best known and robust of these tools and although it is a (very reasonable) monthly subscription, it is feature rich and has a whole company behind it. All the other tools that I'm aware of use a plugin on the remote site to manage them to avoid the need to use the username and password. I would be concerned about a tool developed by a couple of internet marketers that uses usernames and passwords when all the others believe this is not secure enough.

The only thing in favour of WP Pipeline is that it's a one off fee for unlimited sites. It's a shame they didn't launch it as a WSO as I would be very interested to ask questions, e.g., does it include upgrades, and read other Warriors questions and experiences. Who knows, maybe that's exactly why they didn't launch it as a WSO?

Thanks
1 reply

{{ DiscussionBoard.errors[7396433].message }}

Love2Blog

11 years ago

Originally Posted by benz1

@Love2Blog, where is the sales page you saw, are the prices lower that the one at the link above?

WP started off life as a blogging platform but it advanced beyond that years ago. I manage hundreds of WP sites for myself and clients and very few of them are blogs. WP is now the CMS of choice for fully featured websites which is why it's so strange that they refer to WP sites as blogs.

WPMU was replaced a couple of years ago by Multisite which is built into WP now. It is a system for creating multiple WP sites from a single installation. It is not a replacement for these tools.

ManageWP is the best known and robust of these tools and although it is a (very reasonable) monthly subscription, it is feature rich and has a whole company behind it. All the other tools that I'm aware of use a plugin on the target site to manage them to avoid the need to use the username and password. I would be concerned about a tool developed by a couple of internet marketers that uses usernames and passwords when all the others believe this is not secure enough.

The only thing in favour of WP Pipeline is that it's a one off fee for unlimited sites. It's a shame they didn't launch it as a WSO as I would be very interested to ask questions, e.g., does it include upgrades, and read other Warriors questions and experiences. Who knows, maybe that's exactly why they didn't launch it as a WSO?

No, it looks like the same discount $67 for Pro version.

I too wish they launched a WSO, but there is a 60 day money back guarantee and support Help Desk.

I too would prefer a NON plugin version, such as WP Manage, but I want to avoid the monthly fees.

When you say "uses usernames and passwords" you mean for accessing the sites inside the plugin's dashboard? You think this is not a secure method?

Thanks
1 reply

Signature

Highest Quality PLR - Content You Will Be Proud To Share With Your Audience - Sign Up For My Email List And Get A Ton Of FREEBIES - https://internetslayers.com

Giant Women's Health PLR
Giant Kettlebell PLR Pack
Yoga PLR eBook/200 + Pcs. Of Meditation/Wellness PLR
Healthy Cooking 225 Pcs. Of PLR

{{ DiscussionBoard.errors[7396470].message }}

benz1

11 years ago

Originally Posted by Love2Blog

When you say "uses usernames and passwords" you mean for accessing the sites inside the plugin's dashboard? You think this is not a secure method?

Unless the remote sites use SSL (https) then the usernames and passwords will be transmitted unencrypted over the Internet and could potentially be intercepted. There have been discussion on the ManageWP forum about it in the past although I've just had a quick look and can't find it.

EDIT: There is a Manage WP article about security at http://managewp.com/how-managewp-handles-security

Thanks
1 reply

{{ DiscussionBoard.errors[7396561].message }}

Love2Blog

11 years ago

Originally Posted by benz1

Unless the target sites use SSL (https) then the usernames and passwords will be transmitted unencrypted over the Internet and could potentially be intercepted. There have been discussion on the ManageWP forum about it in the past although I've just had a quick look and can't find it.

Their sales page discusses this, this sales page, WP Pipeline, that is more comprehensive than the video only page:

--------------

Q. Is it safe?
A. The plugin uses standard WordPress authentication (login) to access remote blogs. It does not create any "back doors" or non-standard access that can be exploited. All stored passwords are encrypted with a government standard encryption.

All URLs, usernames and passwords are encrypted
It uses RIJNDAEL_256 encryption, generally know as AES. AES has been adopted by the U.S. government and is now used worldwide.

---------

So do you think that makes it safer?

Thanks
1 reply

Signature

Highest Quality PLR - Content You Will Be Proud To Share With Your Audience - Sign Up For My Email List And Get A Ton Of FREEBIES - https://internetslayers.com

Giant Women's Health PLR
Giant Kettlebell PLR Pack
Yoga PLR eBook/200 + Pcs. Of Meditation/Wellness PLR
Healthy Cooking 225 Pcs. Of PLR

{{ DiscussionBoard.errors[7396587].message }}

benz1

11 years ago

Originally Posted by Love2Blog

Q. Is it safe?
A. The plugin uses standard WordPress authentication (login) to access remote blogs. It does not create any "back doors" or non-standard access that can be exploited. All stored passwords are encrypted with a government standard encryption.

All this is saying that it uses standard WP usernames and passwords to access the remote site. Passwords stored in the system are encrypted but they would have to be unencrypted before being sent over the Internet to login to the remote site.

Originally Posted by Love2Blog

All URLs, usernames and passwords are encrypted
It uses RIJNDAEL_256 encryption, generally know as AES. AES has been adopted by the U.S. government and is now used worldwide.

---------

Same as above. Passwords are only encryted in the system.

This is (relatively) safe if someone hacks the site or server where the plugin is installed. It is NOT safe for logging into remote sites.

Thanks
1 reply

{{ DiscussionBoard.errors[7396600].message }}

Love2Blog

11 years ago

Originally Posted by benz1

All this is saying that it uses standard WP usernames and passwords to access the remote site. Passwords stored in the system are encrypted but they would have to be unencrypted before being sent over the Internet to login to the remote site.

Same as above. Passwords are only encryted in the system.

This is (relatively) safe if someone hacks the site or server where the plugin is installed. It is NOT safe for logging into remote sites.

So are you saying you wouldn't buy it because of this?

I hope some people will chime in some reviews

Thanks
1 reply

Signature

Highest Quality PLR - Content You Will Be Proud To Share With Your Audience - Sign Up For My Email List And Get A Ton Of FREEBIES - https://internetslayers.com

Giant Women's Health PLR
Giant Kettlebell PLR Pack
Yoga PLR eBook/200 + Pcs. Of Meditation/Wellness PLR
Healthy Cooking 225 Pcs. Of PLR

{{ DiscussionBoard.errors[7397532].message }}

benz1 11 years ago

Originally Posted by Love2Blog

So are you saying you wouldn't buy it because of this?

I hope some people will chime in some reviews

No, I'm just saying it's something to bear in mind.
- Thanks
{{ DiscussionBoard.errors[7397633].message }}

BenShaffer

11 years ago

Hiya,
Ben Shaffer here. Half of Ben Shaffer and Tony Marriott

I'll get Tony to answer the specific questions of security as he knows better than I.

However:

1. All usernames and passwords are secured as above. So if anyone does hack your db, then there is almost no chance they have access to your details unless they are able to decrypt RIJNDAEL_256 encryption which is incredibly unlikely unless they are a government agency...or James Bond...or both.

2. WP Pipeline logs into your remote sites using the same method that you would normally use from your desktop to login to your blogs. So, in theory someone could intercept. In reality though it has the same likelihood as someone intercepting your communication with your blog or any other non-https site when logging in from your computer.

3. I believe that https logging in will be added soon, but Tony will have to confirm that.

4. All updates are free.

5. In our dummy launch, we sold into three figures quantity of the plugin and only had 2 refunds, which obviously is incredibly low especially for a CB product. Hope that's an indication to you of customer satisfaction!

Any questions, feel free to ask here or at the helpdesk which is at http://www.tonymarriott.info .

We are both very committed to this product as you can probably tell, and although it is being launched in a traditional way this product is an integral part of our strategy for the mid to long term. Features are being added which will rival any more expensive competitor.

As noted, the reduced pricing is for launch week (until 4th December) and then will be increased after that.

Best Wishes,

Ben Shaffer

[ 1 ] Thanks
2 replies

Signature

$100 a Day Using Automated Software

Steal Amazon, Kindle and Buying Keywords In Seconds!

{{ DiscussionBoard.errors[7397631].message }}

Love2Blog

11 years ago

Originally Posted by BenShaffer

Hiya,
Ben Shaffer here. Half of Ben Shaffer and Tony Marriott

I'll get Tony to answer the specific questions of security as he knows better than I.

However:

1. All usernames and passwords are secured as above. So if anyone does hack your db, then there is almost no chance they have access to your details unless they are able to decrypt RIJNDAEL_256 encryption which is incredibly unlikely unless they are a government agency...or James Bond...or both.

2. WP Pipeline logs into your remote sites using the same method that you would normally use from your desktop to login to your blogs. So, in theory someone could intercept. In reality though it has the same likelihood as someone intercepting your communication with your blog or any other non-https site when logging in from your computer.

3. I believe that https logging in will be added soon, but Tony will have to confirm that.

4. All updates are free.

5. In our dummy launch, we sold into three figures quantity of the plugin and only had 2 refunds, which obviously is incredibly low especially for a CB product. Hope that's an indication to you of customer satisfaction!

Any questions, feel free to ask here or at the helpdesk which is at http://www.tonymarriott.info .

We are both very committed to this product as you can probably tell, and although it is being launched in a traditional way this product is an integral part of our strategy for the mid to long term. Features are being added which will rival any more expensive competitor.

As noted, the reduced pricing is for launch week (until 4th December) and then will be increased after that.

Best Wishes,

Ben Shaffer

Thanks for the input.

I have questions, I assume that all out existing sites will stay the same as far as Cpanels go?

Meaning that this is just a tool to remotely login to many sites from one location, instead of one by one?

So we just add the url's and usernames and passwords, not change anything in existing mysql's or Cpanel's?

And, I assume there will be no issues with footprints of all these sites being owned by one person, like I suspect happens with Multi Site (WPMU) where all sites share a database?

Sorry if these questions sound lame, but I want to be sure.

Thanks
1 reply

Signature

Highest Quality PLR - Content You Will Be Proud To Share With Your Audience - Sign Up For My Email List And Get A Ton Of FREEBIES - https://internetslayers.com

Giant Women's Health PLR
Giant Kettlebell PLR Pack
Yoga PLR eBook/200 + Pcs. Of Meditation/Wellness PLR
Healthy Cooking 225 Pcs. Of PLR

{{ DiscussionBoard.errors[7397685].message }}

BenShaffer

11 years ago

1. Nothing will change as far as CPanel goes. In order to create clone blogs, it logs into cpanel, but that is all.

2. I would be surprised if there was a footprint with WPMU either, although am not an expert. As part of the training, we do go through how to avoid a footprint. Although tbh, using WP Pipeline will not add an additional footprint which links up your sites which is not already there. Like (almost) any plugin which is installed, Google can in theory know that you are using WP Pipeline. However there is no connection between your blogs.

Hope this helps.

Best Wishes,

Ben Shaffer

Thanks
1 reply

Signature

$100 a Day Using Automated Software

Steal Amazon, Kindle and Buying Keywords In Seconds!

{{ DiscussionBoard.errors[7397990].message }}

Love2Blog

11 years ago

Originally Posted by BenShaffer

1. Nothing will change as far as CPanel goes. In order to create clone blogs, it logs into cpanel, but that is all.

2. I would be surprised if there was a footprint with WPMU either, although am not an expert. As part of the training, we do go through how to avoid a footprint. Although tbh, using WP Pipeline will not add an additional footprint which links up your sites which is not already there. Like (almost) any plugin which is installed, Google can in theory know that you are using WP Pipeline. However there is no connection between your blogs.

Hope this helps.

Best Wishes,

Ben Shaffer

Thank you, can Pipeline be installed on a blog that I use for testing and one that is not really an active site?

It's hosted and has WP installed and everything, it's just not a site that is indexed in Google or one that I actively post on or anything. Just use it as a template for cloning and testing things out.

Would that be okay? Instead of using an active money site?

Thanks
1 reply

Signature

Highest Quality PLR - Content You Will Be Proud To Share With Your Audience - Sign Up For My Email List And Get A Ton Of FREEBIES - https://internetslayers.com

Giant Women's Health PLR
Giant Kettlebell PLR Pack
Yoga PLR eBook/200 + Pcs. Of Meditation/Wellness PLR
Healthy Cooking 225 Pcs. Of PLR

{{ DiscussionBoard.errors[7397994].message }}

BenShaffer

11 years ago

Originally Posted by Love2Blog

Thank you, can Pipeline be installed on a blog that I use for testing and one that is not really an active site?

It's hosted and has WP installed and everything, it's just not a site that is indexed in Google or one that I actively post on or anything. Just use it as a template for cloning and testing things out.

Would that be okay? Instead of using an active money site?

Yes. Absolutely.

Thanks
1 reply

Signature

$100 a Day Using Automated Software

Steal Amazon, Kindle and Buying Keywords In Seconds!

{{ DiscussionBoard.errors[7397997].message }}

Love2Blog 11 years ago

Originally Posted by BenShaffer

Yes. Absolutely.

Thank you very much the information you've given is helpful
- Thanks
Signature
Highest Quality PLR - Content You Will Be Proud To Share With Your Audience - Sign Up For My Email List And Get A Ton Of FREEBIES - https://internetslayers.com

Giant Women's Health PLR
Giant Kettlebell PLR Pack
Yoga PLR eBook/200 + Pcs. Of Meditation/Wellness PLR
Healthy Cooking 225 Pcs. Of PLR
{{ DiscussionBoard.errors[7398006].message }}

tyankee

11 years ago

Originally Posted by BenShaffer

Hiya,
Ben Shaffer here. Half of Ben Shaffer and Tony Marriott

I'll get Tony to answer the specific questions of security as he knows better than I.

However:

1. All usernames and passwords are secured as above. So if anyone does hack your db, then there is almost no chance they have access to your details unless they are able to decrypt RIJNDAEL_256 encryption which is incredibly unlikely unless they are a government agency...or James Bond...or both.

2. WP Pipeline logs into your remote sites using the same method that you would normally use from your desktop to login to your blogs. So, in theory someone could intercept. In reality though it has the same likelihood as someone intercepting your communication with your blog or any other non-https site when logging in from your computer.

3. I believe that https logging in will be added soon, but Tony will have to confirm that.

4. All updates are free.

5. In our dummy launch, we sold into three figures quantity of the plugin and only had 2 refunds, which obviously is incredibly low especially for a CB product. Hope that's an indication to you of customer satisfaction!

Any questions, feel free to ask here or at the helpdesk which is at http://www.tonymarriott.info .

We are both very committed to this product as you can probably tell, and although it is being launched in a traditional way this product is an integral part of our strategy for the mid to long term. Features are being added which will rival any more expensive competitor.

As noted, the reduced pricing is for launch week (until 4th December) and then will be increased after that.

Best Wishes,

Ben Shaffer

all of my sites have been hacked in the past 2 days and the only thing i can attribute this to is this plugin.. they are on 5 different servers at different hosting companies..

Thanks

Signature

MustangTraderOnline.com - Mustang Classified Ads
SwordsofHonor.com
BoiseWired.com - Internet Marketing and Web Design

{{ DiscussionBoard.errors[7963199].message }}

TheCondor

11 years ago

[DELETED]

{{ DiscussionBoard.errors[7968973].message }}

tyankee

11 years ago

Originally Posted by TheCondor

There has been a worldwide brute force hacking campaign over the past week or so directed at millions of WP sites worldwide. Don't see how WP Pipeline can be to blame!! FWIW, I have found it a great timesaver and it makes it easier to manage the 80+ sites I manage. Its not perfect, but way cheaper than the other similar options and I think its a great plugin. Glad I bought it.

that makes some sense but how would they have hacked into over 100 of our websites on 5 different servers when we constantly change passwords and run 2 separate anti virus programs daily.. that is what our hosting company suggested was the problem.. since the file that was ALWAYS infected was in the wp-pipeline plugin subfolder.

Thanks
2 replies

Signature

MustangTraderOnline.com - Mustang Classified Ads
SwordsofHonor.com
BoiseWired.com - Internet Marketing and Web Design

{{ DiscussionBoard.errors[7970361].message }}

BenShaffer

11 years ago

Originally Posted by tyankee

all of my sites have been hacked in the past 2 days and the only thing i can attribute this to is this plugin.. they are on 5 different servers at different hosting companies..

Originally Posted by tyankee

that makes some sense but how would they have hacked into over 100 of our websites on 5 different servers when we constantly change passwords and run 2 separate anti virus programs daily.. that is what our hosting company suggested was the problem.. since the file that was ALWAYS infected was in the wp-pipeline plugin subfolder.

Hi,

Firstly, if you haven't already, I would advise that you are in touch with us at our helpdesk so that we can look at it further. I am almost certain there is no connection to WP Pipeline and putting it in a thread like this is quite unfair as it does make us look bad for probably no reason.

Before I explain why it is 'almost' impossible, let me explain a bit how WP Pipeline works:

There are actually two plugins. The master plugin which is installed once on a dedicated blog. Then the slave plugin which is installed on all of the blogs which are controlled.

I am assuming you have taken the security precautions which are outlined for the plugin in the members' area.

In order to find your Master Plugin installation, a potential hacker would have to find a footprint. This is far from impossible. However, when they do find your installation, in order for them to know what your over 100 websites urls are, they would need to read them from the database.

In order to discover that information, they would have to decrypt the URLs from the database which have been secured with your chosen password phrase. The chances of them being able to do this even by brute force are so small, they are close enough to be non existent.

Therefore, it could be that rather than the master plugin they are targeting the slave plugin. Once again, they would have to find it by a footprint.

If they used Google or a similar method to find a footprint, then they would not only be targeting your sites, but thousands of other customers' sites also that are using our plugin.

(This is just one reason why we went for the self-hosted solution rather than hosted solutions which IMHO are more vulnerable)

As far as I am aware, you are the only person to have reported such a problem so far so this is also extremely unlikely.

In summary, I strongly suspect that WP Pipeline is not the problem but that you have some other vulnerability within your sites which has been exploited by a brute force attack or otherwise.

In addition, let me say that I am not the programmer for this script, but that is Tony who will add anything here that I may have missed out or said in error.

In the meantime, I suggest that if you still suspect that WPP is a problem then you get in touch with us at tonymarriott.info with further details.

Best Wishes,

Ben Shaffer

Thanks

Signature

$100 a Day Using Automated Software

Steal Amazon, Kindle and Buying Keywords In Seconds!

{{ DiscussionBoard.errors[7971541].message }}

Tony Marriott

11 years ago

Originally Posted by tyankee

that makes some sense but how would they have hacked into over 100 of our websites on 5 different servers when we constantly change passwords and run 2 separate anti virus programs daily.. that is what our hosting company suggested was the problem.. since the file that was ALWAYS infected was in the wp-pipeline plugin subfolder.

As mentioned above there has been a massive brute force hacking campaign. I have seen brute force hacking attempts to many of my blogs including those that have no WPP connection or plugin installed.

However IMO a mass hack of 100 websites (especially across multiple servers) is more likely to be a back end hack. i..e. getting access to your ftp/cpanel details either directly via the host server or from your PC.

There is a known "issue" where some hosts run particular malware scanners that identify false positives in some files (not just WPP). In short they look for a php command "base64_decode" as this is often used in malware.

However it is also legitimately used in many application including WPP and some "less than perfect" malware scanners will identify that erroneously.

If your malware info includes a reference to "base64" then that is almost certainly the above issue. In all cases where this has happened, that has been the case.

This is more of an issue in older versions of WPP. So ensure you have updated both slave and master plugins to the latest versions.

If you would like to send the details of the file infected and any info passed to you from your host I will gladly take a look at it.

http://tonymariott.info - helpdesk

Currently there are no know security issues with WP Pipeline. There are 1000s users of WPP which equate to hundreds of thousands of sites. Any security flaw would be made apparent very quickly and would not be limited to one user.

No website is 100% protected from hacking. Major banks, businesses, social networks and governments get hacked every single day. If someone is determined to hack your website then they will.

The fact is that using WPP to keep your sites up to date and using strong admin passwords means you're significantly less likely to have your sites hacked (all else being equal).

WPP is not in itself a total security solution but it does allow you to more rapidly and more efficiently role out security plugins and updates etc. So in practice with WPP you will significantly reduce your chances of getting hacked.

cheers
Tony

Thanks

Signature

Free Local Business Analyzer & Lead Generator

{{ DiscussionBoard.errors[7971548].message }}

haddon

11 years ago

[DELETED]

{{ DiscussionBoard.errors[7399230].message }}

Tony Marriott

11 years ago

Originally Posted by haddon

I've already purchased (although I've not tried it yet

) because I like the ease it's supposed to clone and deploy.

My biggest reservation is using it to automatically update Wordpress and plugins. I'm behind on updating Wordpress because I understand that auto-updating sometimes fails with disasterous outcomes, and so I've been manually backing up the database, then manually uploading the new WP files. Way too time consuming... Is the consensus here that auto-updating is safe?

Also I had (and continue to have) a problem with a plugin (OK, it's Contact Form 7) that was working just fine for several years, then I updated it several months ago, and now it's broken. My client is very unhappy and I'm looking for a new form plugin. Of course the time spent investigating and fixing is my time. So now I'm hesitant to update anything that's "not broke".

Thoughts anyone?

Yes unfortunately this is the situation that people find themselves, in a sort of catch 22. We as people always take the less painful path and that means (in this case) not updating.

Of course that only remains the least painful path until something else goes horribly wrong.

I do not recommend just updating everything in one go when you start with WPP. Some due diligence should be done if your sites are crucial or clients of course.

What you need to do is get to a point where you are up to date and then things are much easier.

I suggest having at least one test blog that you install all your plugins etc. on and you can try out updates on that blog before updating your whole estate. You may need more test blogs of course depending on the size and complexity of your network.

With automated updates these additional blogs are no overhead and can save you from a lot of pain.

Of course you need to get to that point from where you are.

If you already know you can break your blogs through updating then I suggest you spend a little time and build a couple of new blogs (updated) Wordpress version. Install the older plugins/themes on that blog and see if they are now broken or not.

If all ok then you know you can update the main Wordpress application. I still suggest that first time through you try a few first or even update them one at a time. You can do that from the control blog one click.

Next step is to try out the updated themes on the test blogs and then the plugins.

Where you find any problems you will need to work those out before updating the live estate.

May be a bit of work but well worth it to get to a stable situation that you can manage going forward.

You can't just ignore customer sites. They will bite you in the end. At least this way you are in control of any issues and will have the time and wherewithal to deal with them.

Best of luck

Tony

Thanks
2 replies

Signature

Free Local Business Analyzer & Lead Generator

{{ DiscussionBoard.errors[7399347].message }}

SkiBum

11 years ago

Tony,

I tested a similar product recently which is still in Beta, and to me it was not functional because it required my host to have Zend Gard enabled. Of course, my host only offers that with VPS hosting plans, not shared hosting.

Is that/will that be an issue with this plugin?

Thanks
Ski

Thanks

{{ DiscussionBoard.errors[7399372].message }}

haddon

11 years ago

[DELETED]

{{ DiscussionBoard.errors[7399439].message }}

Love2Blog

11 years ago

Originally Posted by haddon

Thanks for the great advice Tony! I really appreciate it.

Your plugin will be very valuable for achieving control.

PS - I would also "thank you" via the forum for your "useful post" but I haven't figured out how to do that yet! :confused:

Just click the gray Thanks Button, it's right below his post on the right, next to the Quick Reply and Multi Quote buttons

Thanks
1 reply

Signature

Highest Quality PLR - Content You Will Be Proud To Share With Your Audience - Sign Up For My Email List And Get A Ton Of FREEBIES - https://internetslayers.com

Giant Women's Health PLR
Giant Kettlebell PLR Pack
Yoga PLR eBook/200 + Pcs. Of Meditation/Wellness PLR
Healthy Cooking 225 Pcs. Of PLR

{{ DiscussionBoard.errors[7400620].message }}

fnelsen 11 years ago

I purchased the plugin and like it a lot. I has 30+ wp installations and I was using Mass wordpress updater that had serious security issues for me. The task of managing this many wp installations is daunting without something like this and it is a bargain at the price. I installed it 2 days ago and have found the interface easy to use and I setup a new wp installation that went very smooth. My plugins and most common themes are stored on my wp management site and installing them to the new install was very easy. For me it works great
- [ 2 ] Thanks
- 1 reply
{{ DiscussionBoard.errors[7406647].message }}
- benz1 11 years ago
  
  Oh well, I guess Tony isn't going to respond any further...
  
  Thanks
  
  {{ DiscussionBoard.errors[7416802].message }}

benz1

11 years ago

Originally Posted by Tony Marriott

Yes unfortunately this is the situation that people find themselves, in a sort of catch 22. We as people always take the less painful path and that means (in this case) not updating.

Of course that only remains the least painful path until something else goes horribly wrong.

I do not recommend just updating everything in one go when you start with WPP. Some due diligence should be done if your sites are crucial or clients of course.

It is essential that plugins and themes are kept up to date as when security vulnerabilities are found, they are published online giving the green light to hackers to search for, and take advantage, of any they find.

My advice is to make sure you have backups of the site before doing the updates, then if something goes wrong, (and occasionally it does regardless of testing), you can just restore the site and update it manually. If your host doesn't do daily backups, you can schedule backups to take place just prior to doing your regular updates.

You also need to be aware that some plugins require user action after being updated to re-activate them or update database tables, etc. It is therefore good practice to login to the admin panel after doing updates to check if anything needs doing. (It could be argued that this kind of defeats the purpose of doing mass updates?) However, after a while you will get to know which plugins require this so you just need to check sites after these specific plugns have been updated.

Thanks

{{ DiscussionBoard.errors[7400398].message }}

Tony Marriott

11 years ago

Hi guys,

Tony Marriott here.

Just thought I would drop and add my own thoughts.

Love2Blog:

The master plugin should be installed on a new/clean blog. Keep it separate from any other blogs and just use it as you master control blog. Set it to private so that it does not get indexed.

Lots of reasons to do that. Better security, less chance of any conflicts with existing installations and it can do a lot of work sometimes so always better to not be competing with other blog activities that might be going on.

Never install the master plugin on your money sites. Let them make money and let your master blog do it's job and look after your money sites.

Basically just backing up all that Ben has said previously.

There is no issue with footprints. There are no pointers (links) from the remote blogs back to the control blog or to each other so nothing for Google to follow.

cPanel is not used at all for blog management like plugin updates and installs etc. It does integrate with the blog cloning if you have cPanel but it does not need cPanel to work.

Benz1:

Absolutely concur with you that Wordpress is no longer "just a blog". In fact there must be very few areas of "web estate" that Wordpress has not infiltrated. Although it is still widely referred to as a "blog". I think the word "blog" that has come to mean more than it's origin connotation. "Blog" defines a website that is not technically rigid and unfriendly but flexible, technically advanced and easy to work with. But definitely not just a blog

If anyone has any specific questions feel free to ask or you can get me at the helpdesk http://tonymarriott.info if you want a swifter or more personalized response

cheers
guys

Tony

[ 1 ] Thanks
1 reply

Signature

Free Local Business Analyzer & Lead Generator

{{ DiscussionBoard.errors[7399243].message }}

benz1

11 years ago

Originally Posted by Tony Marriott

Absolutely concur with you that Wordpress is no longer "just a blog". In fact there must be very few areas of "web estate" that Wordpress has not infiltrated. Although it is still widely referred to as a "blog". I think the word "blog" that has come to mean more than it's origin connotation. "Blog" defines a website that is not technically rigid and unfriendly but flexible, technically advanced and easy to work with.

Sorry, have to disagree with you on this. Have never heard that definition of a blog before. Wikopedia defines a blog as,

A blog is a discussion or informational site published on the World Wide Web and consisting of discrete entries ("posts") typically displayed in reverse chronological order (the most recent post appears first). (Blog - Wikipedia, the free encyclopedia)

The Google definition is,

A Web site on which an individual or group of users record opinions, information, etc. on a regular basis.

I know it's only semantics but your incorrect use of the term just made me wonder how much you know about WP if you refer to all WP websites as blogs. Not a big issue and I'm sure it won't bother most people.

Would you care to comment of the security aspects of using usernames and passwords to access remote sites as opposed to the plugins used by your competitors?

Quote from How ManageWP Handles Security - ManageWP

One of our basic principles is "the less data we keep, the better passive security is". To put it in a more straightforward fashion, we will never ask for your sites' passwords.

Access to your site is governed by the ManageWP Worker plugin that you install directly onto your blog. When you install and activate the plugin, you must immediately link your site using the ManageWP dashboard. If you do not, another user could theoretically link to your site (although in reality, the likelihood of that occurring is absolutely miniscule). If you are not ready to link your site, just deactivate the plugin.

For those amongst you who are technically minded, communication between ManageWP and your sites is handled by OpenSSL signed protocol. We dumped the XML-RPC implemented in WordPress by default due to its vulnerability to traffic sniffing (i.e. it is inherently insecure). Instead, we use OpenSSL signed communication, which makes it nearly impossible for a hacker to fake any of the messages sent by ManageWP.

In your testing, have you noticed any false reporting of plugins that need updating due to caching plugins in use on the site?

Thanks

{{ DiscussionBoard.errors[7400535].message }}

dapex

11 years ago

I have to say I am liking the look of this tool.. There are free tools that do a similar job but not with the automated backups etc.. And as this price its almost daft not to

Thanks

{{ DiscussionBoard.errors[7400222].message }}

BenShaffer

11 years ago

Not really sure which part you are referring to.

We are not going to comment on how another software/script operates and we have told you what we do.

If you mean this:

"In your testing, have you noticed any false reporting of plugins that need updating due to caching plugins in use on the site?"

Then, with about 100 beta testers, we have fixed any bug reported. We are at a stage now where everything is very stable although obviously we do respond to anything which needs to be update.

B

Thanks
1 reply

Signature

$100 a Day Using Automated Software

Steal Amazon, Kindle and Buying Keywords In Seconds!

{{ DiscussionBoard.errors[7416807].message }}

benz1 11 years ago

Originally Posted by BenShaffer

Not really sure which part you are referring to.

We are not going to comment on how another software/script operates and we have told you what we do.

I wasn't asking you to comment on another script. Apart from the question you have just responded to I asked if you/Tony would care to comment on the security aspects of using usernames and passwords to access remote sites as your competitors believe it is not secure.
- Thanks
{{ DiscussionBoard.errors[7416844].message }}

BenShaffer

11 years ago

He didn't comment because I already have in #11 above.

Thanks
1 reply

Signature

$100 a Day Using Automated Software

Steal Amazon, Kindle and Buying Keywords In Seconds!

{{ DiscussionBoard.errors[7416847].message }}

benz1

11 years ago

Originally Posted by BenShaffer

He didn't comment because I already have in #11 above.

You said, "I'll get Tony to answer the specific questions of security as he knows better than I".

To quote ManageWP, "We dumped the XML-RPC implemented in WordPress by default due to its vulnerability to traffic sniffing (i.e. it is inherently insecure)". It's this that I was inviting comment on.

Yes, I agree that it's unlikely that this would happen but it is a risk that your competitors have deemed unacceptable. It might be fine if managing a few of your own "blogs" but not if you are maintaining clients' sites on a commercial basis.

I wish you every success with your plugin but I'll stick to my current business class solution.

Thanks
1 reply

{{ DiscussionBoard.errors[7416915].message }}

dapex

11 years ago

Originally Posted by benz1

You said, "I'll get Tony to answer the specific questions of security as he knows better than I".

To quote ManageWP, "We dumped the XML-RPC implemented in WordPress by default due to its vulnerability to traffic sniffing (i.e. it is inherently insecure)". It's this that I was inviting comment on.

Yes, I agree that it's unlikely that this would happen but it is a risk that your competitors have deemed unacceptable. It might be fine if managing a few of your own "blogs" but not if you are maintaining clients' sites on a commercial basis.

I wish you every success with your plugin but I'll stick to my current business class solution.

How is their system any more open to traffic sniffing than you logging onto your sites from your home PC??

Thanks
2 replies

{{ DiscussionBoard.errors[7420939].message }}

Love2Blog

11 years ago

Originally Posted by dapex

How is their system any more open to traffic sniffing than you logging onto your sites from your home PC??

I would like to know that too, we login every single day, is it any different?

Thanks
1 reply

Signature

Highest Quality PLR - Content You Will Be Proud To Share With Your Audience - Sign Up For My Email List And Get A Ton Of FREEBIES - https://internetslayers.com

Giant Women's Health PLR
Giant Kettlebell PLR Pack
Yoga PLR eBook/200 + Pcs. Of Meditation/Wellness PLR
Healthy Cooking 225 Pcs. Of PLR

{{ DiscussionBoard.errors[7420957].message }}

Tony Marriott

11 years ago

Hi Guys,

Firstly my apology for not responding to some of you comments earlier.

As I am sure you can understand I have been focusing all my time an effort over the last few days to the product helpdesk supporting and assisting our customers.

Originally Posted by SkiBum

Tony,

I tested a similar product recently which is still in Beta, and to me it was not functional because it required my host to have Zend Gard enabled. Of course, my host only offers that with VPS hosting plans, not shared hosting.

Is that/will that be an issue with this plugin?

Thanks
Ski

Hi SkiBum,

I'm pretty sure I answered this question for you on the helpdesk but will add it here also for everyone.

ZendGuard or Zend Optimizer (depending on your PHP version) is required to successfully run this plugin.

It is installed on pretty much all hostings by default. It is very unusual to only offer it on VPS. In the case of your specific hosting (as I said in the HD response) I checked and they do in fact have it as default on their shared hosting (Zen Optimizer).

So in short no it will not be an issue for this plugin

Originally Posted by benz1

It is essential that plugins and themes are kept up to date as when security vulnerabilities are found, they are published online giving the green light to hackers to search for, and take advantage, of any they find.

My advice is to make sure you have backups of the site before doing the updates, then if something goes wrong, (and occasionally it does regardless of testing), you can just restore the site and update it manually. If your host doesn't do daily backups, you can schedule backups to take place just prior to doing your regular updates.

You also need to be aware that some plugins require user action after being updated to re-activate them or update database tables, etc. It is therefore good practice to login to the admin panel after doing updates to check if anything needs doing. (It could be argued that this kind of defeats the purpose of doing mass updates?) However, after a while you will get to know which plugins require this so you just need to check sites after these specific plugns have been updated.

Absolutely correct advice. Of course you can never protect against all eventualities and failures/problems will occur occasionally. As with everything website related your best protection and last line of defense are good backups.

Unless you have a specific plan or agreement with your hosting company it may be less than desirable to rely on them for your backups. Many will not backup sites over certain size and most will not actually “guarantee” a backup or restore. Don't assume your hosting will be doing all that for you.

Yes, some plugins may require additional configuration after an update. WP Pipeline is a tool to help you do things more quickly, with less effort and in an organized and structured manner. Like all tools it is not a replacement for common sense and should be used sensibly. There is no 100% substitute for a set of human eyes (ask Google) and checking through your online estate should all be part of your due diligence and good business practices.

Originally Posted by benz1

You said, "I'll get Tony to answer the specific questions of security as he knows better than I".

To quote ManageWP, "We dumped the XML-RPC implemented in WordPress by default due to its vulnerability to traffic sniffing (i.e. it is inherently insecure)". It's this that I was inviting comment on.

Yes, I agree that it's unlikely that this would happen but it is a risk that your competitors have deemed unacceptable. It might be fine if managing a few of your own "blogs" but not if you are maintaining clients' sites on a commercial basis.

I wish you every success with your plugin but I'll stick to my current business class solution.

I think Ben has answered the points on security very well so sorry if I reiterate some comments.

It is impossible for me to comment knowledgeably on any competitors methods or reasons for using those methods. Even if I could I probably wouldn't. So any comments here are generic answers.

To be clear the ManageWP comment refers to XML-RPC. WP Pipeline does NOT use XML-RPC.

There are two main ways to communicate with a WordPress site (Forgetting XML-RPC)

1.Via the Standard WordPress login
2.Create a custom “back-door”

These are two completely different approaches and both have their own security implications

Using number one above, whether automated or not, has the same level of security as you logging into your own blog from your PC/Mac.

Using number two relies on the developer creating a secure communication system.

For WPP Pipeline I decided that using WordPress's standard login offered the guarantee of at least “no less” security than already existed with no chance of any accidental insecurities created by using a back door system. Also the huge community of developers in this space ensures rapid and ongoing development and improvements of Wordpress itself.

For a “normal” WordPress login the password is sent across the internet unencrypted and is vulnerable to traffic sniffing. That is true whether you use WP Pipeline or not. As a percentage of WordPress hacks I would guess traffic sniffing is very very low and probably says more about security failing elsewhere such as unencrypted wifi connections.

The complete solution to that would be to use SSL (https) connections to your WordPress blogs. I am currently looking at adding an SSL option to WP Pipeline.

[ 1 ] Thanks

Signature

Free Local Business Analyzer & Lead Generator

{{ DiscussionBoard.errors[7421290].message }}

Tony Marriott

11 years ago

Originally Posted by dapex

How is their system any more open to traffic sniffing than you logging onto your sites from your home PC??

I notice I didn't add this specific quote in my last answers.

WPP Pipeline is no more open to traffic sniffing than you logging into your own WordPress site from your own PC. It uses the exact same process.

Thanks
1 reply

Signature

Free Local Business Analyzer & Lead Generator

{{ DiscussionBoard.errors[7421300].message }}

yorkiedale

11 years ago

This looks good, and is what I need.
A few questions:

It is a plugin, to be used on a new wordpress install that effectively becomes your management tool. Can this be installed in a sub-domain or sub-directory, or does it need its own plesk/cpanel

Whilst reading, I thought it sounded like it was some form of managed tool, that stores data on your site, and is run from a dash board. Now, after reading info here on Warrior Forum I am thinking it is a self-run plugin on my own site. Which is correct?

Will it work in multisite environs? ie doing all that it does to installs on a multisite

If I have 2 or more seperate web management needs for it, so want to have 2 or more groups of sites registered, that are accessed with different business partners or ie I don't want my personal wordpress sites to be managed by my business partner who looks after clients sites - can it do this, having eg password protected access to site groups in the dashboard. Or, will it need 2+ installs on different domains, so do I have to buy the plugin multiple times?

Is this thread the best place for such Q&A ?

All in All it looks great

Thanks
1 reply

Signature

Earn and Learn - get recurring direct $1000 Commissions - http://www.exitusgroup.com

Helping people Save Money and Make money, by spending less on Fuel !
Global team partners wanted; use : http://www.lessfuel.co.uk

{{ DiscussionBoard.errors[7424752].message }}

Tony Marriott

11 years ago

Originally Posted by yorkiedale

This looks good, and is what I need.
A few questions:

It is a plugin, to be used on a new wordpress install that effectively becomes your management tool. Can this be installed in a sub-domain or sub-directory, or does it need its own plesk/cpanel

Hi Yorkiedale

Yes it is a plugin and yes you install on a fresh subdomain/subfolder.
It does not need Plesk or cPanel although it does offer some integration into cPanel for those that have it.

Whilst reading, I thought it sounded like it was some form of managed tool, that stores data on your site, and is run from a dash board. Now, after reading info here on Warrior Forum I am thinking it is a self-run plugin on my own site. Which is correct?

It is a plugin for a WordPress installation that you host and will be your master control panel.

Will it work in multisite environs? ie doing all that it does to installs on a multisite

No it does not support multisite

If I have 2 or more seperate web management needs for it, so want to have 2 or more groups of sites registered, that are accessed with different business partners or ie I don't want my personal wordpress sites to be managed by my business partner who looks after clients sites - can it do this, having eg password protected access to site groups in the dashboard. Or, will it need 2+ installs on different domains, so do I have to buy the plugin multiple times?

In one installation you can set up multiple individual user access to their own dashboard and control both what blog groups they can see/manage and what functions within WPP they can use..

Is this thread the best place for such Q&A ?

Not really. This is actually a product review thread and it is not monitored by us all the time.

If you have any specific questions and you want swift answers then best use the helpdesk at

http://TonyMarriott.info

All in All it looks great

Yes, we have a lot of very happy users

Thanks

Signature

Free Local Business Analyzer & Lead Generator

{{ DiscussionBoard.errors[7427724].message }}

deu12000

11 years ago

I've been using this since it was only available to their mailing list a few months now. It works great. I only have about 30 of my sites using this, but it makes everything extremely easy. I update a whole bunch of sites. I don't always update the themes because some I've made custom changes to but it allows me to do that. I keep plugins up to date with a couple of clicks. If I need to mass install plugins and themes I have my own little private repository where I can install a whole bunch of things in a couple of clicks.

This has plugin has saved me an insane amount of time. I have to start putting the rest of my sites on it because it's so easy to use and a great time saver.

Thanks
1 reply

Signature

The online/local digital marketing agency mastermind. Lifetime deal.
Offliners, Online Marketers Get Instant Leads - More than 100,000 Fresh Leads Added Weekly

{{ DiscussionBoard.errors[7585544].message }}

Tony Marriott

11 years ago

Originally Posted by deu12000

I've been using this since it was only available to their mailing list a few months now. It works great. I only have about 30 of my sites using this, but it makes everything extremely easy. I update a whole bunch of sites. I don't always update the themes because some I've made custom changes to but it allows me to do that. I keep plugins up to date with a couple of clicks. If I need to mass install plugins and themes I have my own little private repository where I can install a whole bunch of things in a couple of clicks.

This has plugin has saved me an insane amount of time. I have to start putting the rest of my sites on it because it's so easy to use and a great time saver.

Good to haer you are getting teh benefits from WP Pipeline and good point about custom themes. Here's a tip.

If you have a number of WP sites using a theme you have customized you can install the updated theme on one WP site and then add your custom changes.

Download the folder yoursite.com/wp-contents/themes/your-theme-name and zip it. Upload it to your WP Pipeline library and you can now deploy that theme to any of your other WP sites.

cheers
Tony

Thanks

Signature

Free Local Business Analyzer & Lead Generator

{{ DiscussionBoard.errors[7586165].message }}

smileysteve

11 years ago

I have been running WP pipeline for a couple of months and I am now managing about 80 sites with it. It is superb.
What joy it was when Wordpress Vers 3.5.1 came out it was my first big test of the software. I just clicked a couple of buttons and all the sites were upgraded to the new version.
It used to take me months to getting around to upgrading them all. Now it takes me minutes.
If you have more than a handful of sites this is a complete no brainer. Buy it.

[ 1 ] Thanks

{{ DiscussionBoard.errors[7716715].message }}

dadhere

10 years ago

I've been using this for over a year on about 20 sites and so far it's been great. No problems at all!

Thanks

Signature

{{ DiscussionBoard.errors[9468862].message }}

WP Pipeline?

Trending Topics

What's the Best IM-Related Skill to Learn Today That Can Help in the Future?

Would You Go?

Any good link monetization services?

Are billboards still effective in driving customers?

My WordPress website was hacked and this is what happened