Apr 29 2008

Security Flaw in WordPress; Upgrade

Published by at 7:28 am under Blogging,Site Configuration

One of the things I have always hated about blogging is having to administer the web site. Moving to a hosted solution (Bluehost) earlier this year made life much easier, but there are still some issues I have to manage. One example is upgrading the WordPress version, which Bluehost helps with by providing Fantastico and SimpleScripts to do scripted updates. Fantastico is good, but they’re a little slow to provide updates. SimpleScript also looks good, but the verbiage in the update makes it sound like they overwrite the whole directory, not a good thing. So I found a WordPress plugin that handles all the messy stuff for me, Automatic Upgrade.

I’m not a total wimp when it comes to this sort of upgrade, but I’d rather have it done by a script that hopefully won’t hit the wrong key at the wrong time, something I’m prone to do. I like the fact that it backs up both the WordPress directories and the database for you before proceeding with the upgrade. It was good at disabling all of the other plugins I had running on the site, but was no where near as good about bringing them back up. That was a minor concern and gave me a good reason to update all the plugins too.

With a vulnerability in the WordPress 2.x installation that can result in admin access to your site, you’ll want to get upgraded as quickly as possible. I like my hosting company, but I can’t expect them to make upgrades to my site their first priority. So I have to make it one of mine.

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]

No responses yet

Trackback URI | Comments RSS

Leave a Reply

%d bloggers like this: