Call for Testing: WordPress 6.8 RC1

The WordPress 6.8 Release Candidate 1 is now available on WordPress VIP. Use the Software Management page to update your non-production sites to WordPress 6.8 for testing.

What’s Changing?

WordPress 6.8 Release Candidate 1

Testing this release candidate is the next step in preparing your site for the WordPress 6.8 release slated for April 15, 2025.

How to test WordPress 6.8

Local Environment

Ensure VIP-CLI is updated:
npm update -g @automattic/vip

Update environment:
vip dev-env update --slug SITENAME

Non-production

Alternatively, you may update a non-production site to WordPress 6.8 RC1 now.

Within the Software Management section of the VIP Dashboard, you can select your non-production environment and change the WordPress version to “6.8″ within the “Testing” section.

Testing is vital to polishing the release during the Release Candidate and a great way to contribute. ✨

Not for Production Environments

WordPress VIP does not recommend using Release Candidate or Beta versions in production environments. Any sites that have managed updates will automatically be updated to WordPress 6.8 when released on April 15.

Questions?

If you have testing feedback or questions related to this release, please open a support ticket, and we will be happy to assist.

Removing restrictions on Media Imports 

Following feedback from customers, we’re pleased to make media imports even easier on the VIP Platform. We have now removed all limits for what file types can be imported using our VIP-CLI tool.

Previously our import tool matched the default limitations in WordPress, allowing the import of files as long as they matched a list of allowed file types. Uploading disallowed file types prior to this update required contacting support. After consultation on the security implications, we are happy to remove this restriction allowing any file of any type to be imported using the vip import media command provided by our CLI.

No updates to the VIP CLI are necessary for you to benefit from this improvement.
We’re always pleased to receive feedback from customers and improve our product to make your work easier. Our documentation on media imports contains more details, and please reach out to us if you have any questions!

New Feature: Deny Requests Based on User Agent

We’re excited to introduce another new access control feature in the VIP Dashboard. You can now block requests based on the user agent, adding an additional layer of protection for your application powered by the VIP CDN.

What’s New?

This feature allows you to block requests from specific user agents, such as AI crawlers and unwanted bots, before they even reach your application. With better control of the traffic accessing your site, you can ensure that unwanted traffic doesn’t impact your app’s performance.

Rules for managing User Agent blocks can be managed in the VIP Dashboard, from the User Agents page, located under the Security Controls section of the VIP Dashboard. Requests can be blocked based on exact or partial matches of user agent strings.

Why This Matters

  • Edge-Based Denial: Requests are blocked at the VIP CDN, reducing application load and ensuring faster response times for legitimate users.
  • No Deployments Required: Easily enable and manage this feature directly from the VIP Dashboard — no code changes or deployments needed.
  • Granular Control: Set rules to block full or partial user-agent strings for better control over your traffic.
  • Independent of IP Restrictions: Use this feature alone or combine it with IP address restrictions for enhanced security.

If you’re currently using the VIP_Request_Block class in your application code to manage user agent blocks, we’ve created a guide to help you transition to this new, easier method of restricting access.

Find out more about this feature in our documentation. 

Call for Testing: WordPress 6.8 Beta

WordPress 6.8 Beta is now available. This is the first beta released as part of the 6.8 development cycle and can be deployed to non-production environments in your WordPress VIP dashboard.

The current target for the final release is April 15, 2025

What is being added or changed?

WordPress 6.8 Beta 1 contains over 370 enhancements and 520 bug fixes for the editor, including design improvements, polishing the query loop, and more than 230 tickets for WordPress 6.8 Core. Here’s a glimpse of what’s coming:

Editor improvements

Easier ways to see your options in Data Views, and you can opt to ignore sticky posts in the Query Loop. Plus you’ll find lots of little improvements in the editor!

The Style Book comes to Classic themes

The Style Book now features a structured layout so you can preview site colors, typography, and block styles more easily. You can use the Style Book in classic themes with editor-styles or a theme.json file and includes clearer labels, and you can find them under Appearance > Design.

Support for Speculation browser API

WordPress 6.8 introduces native support for speculative loading, leveraging the Speculation Rules API to improve site performance with near-instant page loads. This feature prefetches or prerenders URLs based on user interactions, such as hovering over links, reducing load times for subsequent pages.

Major security boost

WordPress 6.8 will use bcrypt for password hashing, which significantly hardens WordPress. Other hashing is getting hardened, too, throughout the security apparatus. You won’t have to change anything in your daily workflow.

How to test the upgrade on a local environment

The quickest way to test locally is to use the VIP Local Development Environment.

To update an existing environment:

vip dev-env update -w=6.8 --slug=mytestsite

To create a new one:

vip dev-env create -w=6.8 --slug=mytestsite

How to test the upgrade on a VIP Platform environment

You can update your non-production environments by running the trunk version of WordPress from within the Software Management section of the VIP Dashboard or by running the vip config software update command with VIP-CLI.

For example:

vip @mytestsite.production config software update wordpress trunk

Call for Testing: Jetpack 14.4-beta

Jetpack 14.4-beta is available now for testing and the download link is available here

Jetpack 14.4 will be deployed to VIP on Tuesday, March 18, 2025*. The upgrade is expected to be performed at 17:00 UTC (1:00PM ET).

*This deployment date and time are subject to change if issues are discovered during testing of the Jetpack release.

A full list of changes is available in the commit log.

What is being added or changed?

Enhancements

  • Newsletter: Add newsletter widget header row behind a feature flag.
  • Newsletter: Add footer widget section.
  • VideoPress: Add title to the attachment details view.

Bug fixes

  • Forms: Ensure non-rendering fields to not trigger validation or show value in form submission response.
  • Forms: Fix 404 error when a user submits an invalid form with JavaScript disabled.
  • Gravatar Widget: Fix linked accounts not showing.
  • Publicize: Fix disconnect command not working.
  • Widget Visibility: Fix possible fatal errors for widgets using anonymous functions as callbacks.

What do I need to do?

We recommend the below:

  1. Installing the release on your non-production sites using these instructions.
  2. Running through the testing flows outlined in the Jetpack Testing Guide.

As you’re testing, there are a few things to keep in mind:

  • Check your browser’s JavaScript console and see if there are any errors reported by Jetpack there.
  • Use Query Monitor to help make PHP notices and warnings more noticeable and report anything you see.

Questions?

If you have any questions, related to this release, please open a support ticket and we will be happy to assist.

New Plugin Vulnerabilities Overview 

We’re introducing a new feature in the VIP dashboard that highlights the importance of proactive security management for your WordPress environment. Starting today, a new graph will display plugin vulnerabilities over time, giving you a clear view of security risks tied to plugins. 

You can access this new graph in the Vulnerability Statistics tab on the Plugin page in the Code section of the dashboard.

Why This Matters

We often hear that users struggle to get a comprehensive picture of their site’s security, particularly when it comes to plugin vulnerabilities. This feature aggregates vulnerability data to show you trends over time. The more vulnerabilities that are open, the higher the security risk. A rise in vulnerability curves correlates to an increased need for swift action.

Find out more about the plugin panel in the VIP Dashboard in our documentation. 

Looking Ahead

In future releases, we plan to refine this feature by allowing deeper insights into how the data can be used to strengthen security practices. A soon to be released feature will help you to stay on top of vulnerabilities by allowing you to get notified when certain thresholds get breached.

Stay proactive, stay secure.

New Parse.ly Report: “Your Year in Content” Report

We’re excited to introduce Your Year in Content, a year-end report that provides a high-level view of your site’s content performance over the past calendar year.

What’s included

This report compiles key metrics at the site level, helping you assess your content strategy and impact:

  • Total performance metrics – Yearly page views and visitor counts tallied in one place.
  • Top content analysis – Your top 5 posts, most engaging sections, and highest-impact authors.
  • Key content insights – Additional data to give you a full picture of your year’s performance, such as your top-tweeted post or top search-driven post.

Why it matters

  • Inform strategy – Use past performance to guide future content decisions.
  • Team recognition – Highlight top-performing content and contributors.
  • Annual planning – Leverage insights to set data-driven goals for the year ahead.

How to access your report

Your Year in Content report is available now! To view it, replace {{SITEID}} with your site’s ID, such as wpvip.com in the below URL.

http://dash.parsely.com/{{SITEID}}/year-in-content 

Note: This report is available only at the individual site level and will not appear in the reporting section of the Parse.ly dashboard.