Can't find what you are looking for ?

Saturday, September 12, 2009

Upgrade your Wordpress blog frequently to keep it more secure

There are a large number of people who want to start blogging, don't like using a shared platform such as Blogger, and install a Wordpress blog on a shared hosting service. And once installed, they start adding new content, generating more user visits. However, a huge percentage of these people do not upgrade to the latest Wordpress version, with many of them having versions of Wordpress that is many versions old. It does not even occur to many of them that is infact a security risk. A security risk ? How come ? One would think that maybe you can lose out on a few new features by not upgrading, but how would this be a security risk ?
Well, not upgrading your version of Wordpress is like not installing the periodic security patches that come with Microsoft Windows. These security patches are meant to close holes that have been discovered in Windows, and not installing them means that you stand to risk somebody being able to hack into your system. Similarly, Wordpress is an evolving software, with holes being discovered, and the Wordpress community patching these holes through more recent versions. Consider the following page (link)

Right now there is a worm making its way around old, unpatched versions of WordPress. This particular worm, like many before it, is clever: it registers a user, uses a security bug (fixed earlier in the year) to allow evaluated code to be executed through the permalink structure, makes itself an admin, then uses JavaScript to hide itself when you look at users page, attempts to clean up after itself, then goes quiet so you never notice while it inserts hidden spam and malware into your old posts.
2.8.4, the current version of WordPress, is immune to this worm. (So was the release before this one.) If you’ve been thinking about upgrading but haven’t gotten around to it yet, now would be a really good time. If you’ve already upgraded your blogs, maybe check out the blogs of your friends or that you read and see if they need any help.

The above example is a live example of why you would want your Wordpress installation to be upgraded to the latest available version. Who wants to be in a position where you have to fix your blog after you find that the worm caused lots of problems ?

Ad: Click Here to learn about Two Powerful & Profitable WordPress Plugins!

WordPress for Business Bloggers: Promote and grow your WordPress blog with advanced plug-ins, analytics, advertising, and SEO (Paperback)

No comments: