Custom Upstreams: Enterprise-Scale WordPress and Drupal

Large organizations interested in Drupal or WordPress as CMS platforms have historically faced a fundamental conundrum: the main benefits of open source are directly undercut by the compromises inherent in Multisite architecture. Far too often this tension is unresolved and allowed to fester, even to the point of dooming entire projects.

Announcing New Pantheon Upstream Workflow

Today we’re happy to announce that we’ve opened up our Pantheon Upstreams workflow to be self-serve and available to all organizations using our website management platform. Upstreams have been a valuable tool for our partner agencies and enterprise clients for quite some time; allowing them to build scalable solutions and maintain a large network of sites. We believe this is a benefit that any organization managing more than just a few sites should take advantage of.

How to Get Rid of those Pesky "Mixed Content" Messages for WordPress

*/ /*-->*/ Perhaps you've heard the news surrounding "secure" websites? A secure site is better for your users. Their data (and yours) is safer. Google adds new rules all the time that could affect your search engine ranking. Luckily, most hosts offer an easy way to turn HTTPS on. You could even get a free SSL certificate through Let's Encrypt.

Busted: Experts Reveal the Truth Behind 3 WordPress Security Myths

Sometimes, the very conventional wisdom that’s supposed to solve a problem can make it worse. Spreading butter on a burn can trap in the heat. Blowing on a skinned knee can introduce infection. In so many cases, what we think we know keeps us from doing what will actually help. The internet is full of conventional wisdom about WordPress security. Too often, these myths not only fail to help, they can create a false sense of security that leaves your site vulnerable. The most serious security concerns may be what you don’t know you don’t know.

How Your Hosting Platform Can Make WordPress More Secure

WordPress security is a continuum. It takes a sustained effort to keep moving your site toward the secure end of the spectrum. How safe your site is ultimately comes down to your organization’s culture of security, and how well you follow security best practices.

How to Prepare Your Client for a Content Strategy Plan

Today, clients are starting digital projects with a leg up. Back in the day (insert old-timer music and a slight groan…), most clients had never done a web project. Today they attend conferences, read blogs, and research technology. They are out there learning and taking their investment seriously; and I love it! Of course no matter how much one prepares, it doesn’t substitute for hands-on experience. That holds true especially for the emerging practice of content strategy.

Announcing the Quickstart Guide to WordPress Security

Let’s start with the bad news: If you have a WordPress site, you’re in the crosshairs for malicious attacks. WordPress is the most popular CMS in the world. That makes it a tempting target. Now the good news: WordPress core is inherently secure. There’s never been a major exploit in the most recent version of the core.

Expert Tips on Creating a Culture of Security for WordPress

The weakest link in any security system is the human element. The most expensive alarm system won’t protect your house if you forget to activate it. The strongest deadbolt is useless if left unlocked. And, of course, the most robust, unhackable password might as well be “Password1” if it’s written on a Post-It attached to your monitor.

How I Got Involved with Girl Develop It and Why You Should Too

Girl Develop It is a nonprofit organization that exists to provide affordable and judgment-free opportunities for women interested in learning web and software development. Through in-person classes and community support, Girl Develop It helps women of diverse backgrounds achieve their technology goals and build confidence in their careers and their everyday lives.

How Do I Know It's Working? Advanced Page Cache Edition

Much of my day to day work as an ACE at Pantheon is spent confirming that certain development workflow tasks are possible on the platform. Lately, my preferred way of showing that something is possible—and stays possible—is by writing an automated test.

WordPress Security 101: 4 Steps to Take Today

Imagine the safest bank vault ever designed. It’s got 10-foot walls of solid concrete lined with foot-thick steel. The door alone weighs 20 tons, able to withstand everything short of a nuclear blast. The locking mechanism combines face recognition, fingerprinting, retinal scanning, DNA testing, and a randomly generated password that changes every five minutes. It’s the most secure place on earth. Now imagine the door is standing wide open.

Why HTTPS Deployments Need a CDN

There are many reasons to deploy HTTPS to a website: search engine ranking, avoiding browser warnings, and (of course) the security of your users.

Smooth Scaling: Exploratorium Eclipse Event Drives Over 20,000 Active Users

Monday’s eclipse was big news nationwide, and here in San Francisco one of the main events was held by our amazing local hands-on Science Museum, the Exploratorium. They also happen to run their website on Pantheon, and did a great job there showcasing the eclipse for anyone who couldn’t view it themselves:

Beating The Speed of Light with Fastly's Edge Cloud Platform

Pantheon believes every end user deserves to see sub-second websites—over HTTPS—wherever they are in the world. Fastly’s technology offers Pantheon unique capabilities when it comes to this goal of simultaneously turbo-charging and securing customer websites. By building Fastly’s edge cloud platform into their website management platform, secure, sub-second pageloads are now within reach for every Pantheon customer.

Wake-Up Call: It’s Time to Secure Your Website with HTTPS

It’s time to be blunt. If your business has a website, you need HTTPS. The elephant isn’t just in the room; it’s parked on the sofa, blasting death metal and eating all your Doritos. It used to be easy to ignore the issue of website security unless you were in ecommerce, the financial sector, or the healthcare industry. Getting certificates, keeping them up-to-date—it used to be a hassle, and hard to see that the rewards were worth the trouble.

Optimizing WooCommerce on Pantheon: Advanced Page Cache for WordPress

As the owner of a WooCommerce site, speed has a direct impact on your bottom line. The faster your site responds, the more your visitors will convert, and the higher your revenue will grow. Kissmetrics found 40% of visitors will abandon a site that takes more than three seconds to load.

Pantheon Advanced Page Cache: Drupal Cache Metadata on a Global CDN

Pantheon has always provided full page caching at our edge layer so that your HTML responses are served as fast as possible to your website's visitors, as well as handling huge spikes of traffic. Now with the launch of our Global CDN, those cached responses and their metadata go to 30+ points of presence worldwide. Responses from your site will come much faster when the caches are physically closer to your site visitors.

CDNs: The Battle of Fast vs. Fresh

To build a website today, there’s a lot to get right: performance, scalability, security (including HTTPS), functionality, search-engine rankings, and more. These come down to getting fresh content into the hands of site visitors—and doing it fast. CDN-based edge caching goes a long way to helping here, but it’s only as effective as the cache hit rate.

Democratizing Security and Performance on the Open Web

Pantheon is dedicated to improving the quality of the open web and making web professionals successful with open source. We do this by delivering a unique set of services via a completely different architecture compared to traditional/legacy hosting or infrastructure providers. Our customers stand on the shoulders of giants, always using the best cutting edge technology, and following best practices as a natural part of using our product.