You are here: Home » » Archives for WordPress

Posts Tagged ‘WordPress’

Is your WordPress blog food for worms?

by: Chris Hudson
5 September, 2009

Is your WordPress blog running on the latest version of the self-hosted blog software?

If not your blog could quickly become food for worms - well, one worm in particular that is doing the rounds of out-of-date, unpatched WordPress blogs.

This worm exploits a security bug that allows evaluated code to be executed through the permalink structure, makes itself an admin user, then uses JavaScript to hide itself so you can’t see it if you look at the users page - it also attempts to clean up after itself and finally inserts hidden spam and malware into your old posts.

The danger of a worm like this is that your website could be banned from Google for hosting malware or being used for spamming.

The cure is a simple one, thankfully, just make sure you are running the latest version of WordPress, 2.8.4

In fact, the security vulnerability was fixed in the previous release, so you can get away with running 2.8.3.
But upgrading WordPress has been made simpler over the versions and now it really is a “one-click fix”.

As a hosting company we promote this type of news as we believe this simple upgrading is part of being a good ‘virtual’ neighbour to other users on shared web servers. If you allow your blog to be breached by this worm and be banned from Google, then other customers who share your web server (and its IP address) could also find their websites removed from Google’s index - guilt by association!

So please take a few seconds to check that your WordPress blog software is 2.8.3 or higher - and hope that your virtual neighbours are doing the same!

Tags: Bloggging, WordPress
Posted in News | No Comments »

WordPress 2.8.2 available

by: Chris Hudson
22 July, 2009

WordPress version 2.8.2 upgrade is now available; it is a security release to fix a XSS vulnerability.

Comment author URLs were not fully sanitised when displayed in the admin which could be exploited to redirect you away from the admin to another site.

To upgrade either download version 2.8.2 or automatically upgrade from the Tools->Upgrade page of your WordPress blog’s admin area.

Tags: Update, WordPress
Posted in Technology | No Comments »

WordPress 2.8.1 beta upgrade is available

by: Chris Hudson
23 June, 2009

Many Intrahost clients use their web hosting account to run a blog - usually based on WordPress and last week saw the release of a major update, version 2.8.

Now, if you updated last week to the latest version of Wordpress you may be aware of a few bugs kicking around; problems with themes, the dashboard, incomplete page loads and the automatic upgrade!

You’ll be pleased to now that the WordpPress developers have taken their first steps towards fixing these bugs with the release of WordPress 2.8.1 beta.

Download WordPress 2.8.1 beta

Here are a few of the bugs fixed so far

Many themes were calling get_categories() in such a way that the command failed under 2.8. Now 2.8.1 works around this no changes are necessary to these themes
Users were running out of memory when loading the dashboard, resulting in an incomplete page. So Dashboard memory usage has been reduced.
Thankfully the automatic upgrade no longer accidentally deletes files when cleaning up from a failed upgrade!
The rich text editor will now load, avoiding compression issues.

To automatically upgrade from 2.8 to 2.8.1 Beta 1, follow these instructions.

WordPress can be automatically installed by Intrahost clients who are using the Fantastico add-on that comes as part of the cPanel control panel on their Linux based web hosting account.

Tags: Blogging, Upgrades, WordPress
Posted in News, Technology | 2 Comments »