Category Archives: Security

Security

Upgrade or else!

4/8/2008 – 12:48 pm

UPDATE 2008-04-16: Well crud. I was just re-reading the WP 2.5 announcement post for something else, and spotted a bit about security updates between 2.3.3 and 2.5. So my previous advice about 2.3.3 being okay was incorrect. [...]

By Dougal | Also posted in Blogs, Search, WordPress | Tagged , , , , , , , , , | Comments (84)

Creating a secure WordPress install

10/30/2007 – 5:23 pm

Over on BlogSecurity, there’s a whitepaper on How to create a secure WordPress install. It covers several areas, including MySQL setup, WordPress user configuration, Apache protection of directories, and some useful plugins. [...]

By Dougal | Also posted in WordPress | Tagged , , , , , , , , , | Comments (25)

WordPress 2.2.2 Released

8/5/2007 – 11:03 pm

There is a new security & bugfix release: WordPress 2.2.2. There are no new features in this version. Since it is a security release, all users should upgrade as soon as possible. [...]

By Dougal | Also posted in Software, WordPress | Tagged , | Comments (14)

WordPress 2.2.1 Released

6/21/2007 – 10:25 am

WordPress 2.2.1 is now available. Most of the changes are minor bug fixes, however there are some security fixes as well. We can’t stress enough how important it is to upgrade your sites and keep them current so that you aren’t open to attacks. [...]

By Dougal | Also posted in Software, WordPress | Tagged , , , , | Comments (19)

New WordPress Releases: 2.0.10 and 2.1.3

4/3/2007 – 11:44 pm

That’s right, two shiny new bugfix/security updates. One for the 2.0 branch and one for the 2.1 branch. There are some small bugfixes in both of these versions, but the main reason to upgrade is for the security fixes (I’m going to write more on that subject later).

Visit the downloads page for version 2.1.3, and the Release Archive for version 2.0.10.

Watch later this month for the release of WordPress 2.2. [...]

By Dougal | Also posted in Software, WordPress | Tagged , , , , | Comments (9)

Important: Upgrade to WordPress 2.1.2

3/3/2007 – 10:01 am

In the interest of getting the word out as quickly and as widely as possible, a brief word about a new WordPress release: If you recently installed version 2.1.1, you should upgrade to WordPress 2.1.2 immediately. There was a security breach on the server which housed the download archives, and some files in the 2.1.1 download were modified to include a serious security hole. [...]

By Dougal | Also posted in Software, WordPress | Tagged , , | Comments (16)

Two New WordPress Releases

2/21/2007 – 10:37 am

Announcing not one, but two new WordPress releases: WordPress 2.0.9 (for the 2.0 branch), and WordPress 2.1.1 (for the 2.1 branch). Both versions include fixes for a minor XSS (cross-site scripting) attack vector, plus various other small bugfixes. [...]

By Dougal | Also posted in Announcements, MySQL, WordPress | Tagged , | Comments (5)

Virus Alert

1/29/2007 – 11:01 am

I don’t usually do this, but I think this is serious enough that we need to get the word out. . [...]

By Dougal | Also posted in Fun, Humor | Tagged | Comments (2)

WordPress 2.0.7 Released

1/16/2007 – 10:34 am

WordPress 2.0.7 has been released (yes, I know I missed announcing 2.0.6, but I was on vacation). The major focus of this release was a new security patch under certain versions of PHP with register_globals turned on, plus a fix in Conditional GET support under certain combinations of IIS/PHP-CGI versions (AKA the “Feedburner bug”). [...]

By Dougal | Also posted in Software, WordPress | Tagged , , | Comments (3)

WordPress 1.5.x safe from XML-RPC worm

11/9/2005 – 9:58 am

In case you didn’t already see my post over on the WordPress Development Blog, rest assured that WordPress is safe from the recently announced PHPXMLRPC worm. [...]

By Dougal | Also posted in Blogs, News, Tech, WordPress | Tagged , , , | Comments (4)