hosted by liquidweb


Go Back   Web Hosting Talk : Web Hosting Main Forums : Hosting Security and Technology : All Wordpress Users Must Upgrade Now!
Reply

Forum Jump

All Wordpress Users Must Upgrade Now!

Reply Post New Thread In Hosting Security and Technology Subscription
 
Send news tip View All Posts Thread Tools Search this Thread Display Modes
  #1  
Old 09-05-2009, 11:12 AM
CubicH-Gray CubicH-Gray is offline
WHT Addict
 
Join Date: May 2008
Posts: 124
Exclamation

All Wordpress Users Must Upgrade Now!


Seems to be a pretty serious situation going on. If you own a hosting company maybe make a note somewhere on your site alerting your clients. If you don't upgrade, your blog could potentially be hacked all the way down to the DB. Pretty scary.

>> Read

__________________
//VPS Blowout going on now! Can you believe it?
//Installation of any script i.e. Wordpress, theme or plugin(s) included!
//99.9% Uptime//Live Support//Awesome Deals!
//CubicHost.org



Sponsored Links
  #2  
Old 09-05-2009, 11:14 AM
JulesR JulesR is offline
Disabled
 
Join Date: Mar 2008
Posts: 630
Old news though, to be honest. Anyone who doesn't keep Wordpress up to date runs the risk of this and other known vulnerabilities and exploits, so there's nothing new here.

  #3  
Old 09-05-2009, 11:16 AM
CubicH-Gray CubicH-Gray is offline
WHT Addict
 
Join Date: May 2008
Posts: 124
Old news for many people here, but I doubt its old news for many of your clients if you run a business.

__________________
//VPS Blowout going on now! Can you believe it?
//Installation of any script i.e. Wordpress, theme or plugin(s) included!
//99.9% Uptime//Live Support//Awesome Deals!
//CubicHost.org

Sponsored Links
  #4  
Old 09-05-2009, 11:19 AM
JulesR JulesR is offline
Disabled
 
Join Date: Mar 2008
Posts: 630
Well clearly I do run a business, as my signature suggests.

The problem with this thread is that this is one of many known Wordpress vulnerabilities, so there's nothing new here at all. It's the age old "keep your scripts up to date or you may get hacked" adage.

Don't get me wrong, I and I'm sure others appreciate the notification, but it's common sense really.

  #5  
Old 09-05-2009, 11:28 AM
syngadget syngadget is offline
Junior Guru Wannabe
 
Join Date: May 2009
Location: Transylvania
Posts: 66
This is why it's important to protect yourself, like block at least some SQL-injection attacks using wp firewall plugin, (password) protect wp-admin directory, wp-login.php file or using login lockdown plugin to prevent bruteforce attack and so on...

__________________
SYN Gadget (!) Synchronous Gadget
It's All About Gadget, Gizmo, Hot Tech Stuff and So Many More!
SYN Gadget is Proudly Hosted by SYN Hosting

  #6  
Old 09-05-2009, 12:05 PM
UNIXy UNIXy is online now
Warp Speed!
 
Join Date: Feb 2008
Location: Houston, Texas, USA
Posts: 2,824
FYI, there's an upgrade plugin that will do it all for you. It's called "Wordpress Automatic upgrade."

Best

__________________
|- UNIXY :: Fully Managed Servers and Clusters Since 2006
|- DC POP :: Houston, Los Angeles, Atlanta, & Rotterdam NL
|- Managed Magento Varnish Servers w/ ESI. < 250ms Page Load / TTFB
L- We LOVE helping our clients!

  #7  
Old 09-05-2009, 12:21 PM
syngadget syngadget is offline
Junior Guru Wannabe
 
Join Date: May 2009
Location: Transylvania
Posts: 66
Quote:
Originally Posted by UNIXy View Post
FYI, there's an upgrade plugin that will do it all for you. It's called "Wordpress Automatic upgrade."
no such plugin needed. its just a matter of clicking one button on your dashboard should have an automatic upgrade function when you aren't up-to-speed.

__________________
SYN Gadget (!) Synchronous Gadget
It's All About Gadget, Gizmo, Hot Tech Stuff and So Many More!
SYN Gadget is Proudly Hosted by SYN Hosting

  #8  
Old 09-05-2009, 12:45 PM
Curious Too Curious Too is offline
WHT Addict
 
Join Date: Mar 2001
Posts: 147
Quote:
Originally Posted by JulesR View Post
Old news though, to be honest. Anyone who doesn't keep Wordpress up to date runs the risk of this and other known vulnerabilities and exploits, so there's nothing new here.
This may be old news to system admins but there are many WP blog owners who are not aware. I have had numerous outdated WP blogs on my servers attacked with this particular exploit the past few days, so another announcement won't hurt.

  #9  
Old 09-05-2009, 01:22 PM
MikeDVB MikeDVB is offline
Web Host Extraordinaire!!!
 
Join Date: Dec 2007
Location: Indianapolis, Indiana USA
Posts: 14,869
Old news or not - advising people to upgrade their scripts is always a good thing.

__________________
Michael Denney - MDDHosting, LLC - Professional Hosting Solutions
LiteSpeed Powered - Shared, Reseller, Semi-Dedicated, and VPS
For high-end shared accounts ideal for business, check out our Semi-Dedicated offerings!
http://www.mddhosting.com/ - Providing Quality Services since 2007

  #10  
Old 09-05-2009, 01:30 PM
JulesR JulesR is offline
Disabled
 
Join Date: Mar 2008
Posts: 630
I agree, but it pretty much goes without saying Otherwise you'd have a forum post every week; Upgrade Wordpress Upgrade PHPBB2, Upgrade vBulletin, Upgrade Mambo, Upgrade Joomla, etc etc.

  #11  
Old 09-05-2009, 01:34 PM
MikeDVB MikeDVB is offline
Web Host Extraordinaire!!!
 
Join Date: Dec 2007
Location: Indianapolis, Indiana USA
Posts: 14,869
Quote:
Originally Posted by JulesR View Post
I agree, but it pretty much goes without saying Otherwise you'd have a forum post every week; Upgrade Wordpress Upgrade PHPBB2, Upgrade vBulletin, Upgrade Mambo, Upgrade Joomla, etc etc.
True, probably better to start a blog and post it all there - less spammy

Funny enough the initial link is to a blog post haha

__________________
Michael Denney - MDDHosting, LLC - Professional Hosting Solutions
LiteSpeed Powered - Shared, Reseller, Semi-Dedicated, and VPS
For high-end shared accounts ideal for business, check out our Semi-Dedicated offerings!
http://www.mddhosting.com/ - Providing Quality Services since 2007

  #12  
Old 09-05-2009, 01:41 PM
JulesR JulesR is offline
Disabled
 
Join Date: Mar 2008
Posts: 630
CubicH-Gray: I hope you haven't taken what I've said personally, as that wasn't my intention at all. It's great you're informing people of these script issues, but there are so many different widely used scripts out there it's not really practical to do so here. Things like Kernel vulnerabilities that are relatively infrequent however, are definitely great things to post here.

Keep on fighting the good fight

  #13  
Old 09-05-2009, 02:09 PM
CubicH-Gray CubicH-Gray is offline
WHT Addict
 
Join Date: May 2008
Posts: 124
Quote:
Originally Posted by JulesR View Post
CubicH-Gray: I hope you haven't taken what I've said personally, as that wasn't my intention at all. It's great you're informing people of these script issues, but there are so many different widely used scripts out there it's not really practical to do so here. Things like Kernel vulnerabilities that are relatively infrequent however, are definitely great things to post here.

Keep on fighting the good fight

Understood. It's just there have been voluminous updates for WP, but while many fixed security vulnerabilities, none have been as serious as this in my opinion. Some people don't check their blogs daily and since this threat seems so imminent as described in the link, I felt like it was necessary to share.

__________________
//VPS Blowout going on now! Can you believe it?
//Installation of any script i.e. Wordpress, theme or plugin(s) included!
//99.9% Uptime//Live Support//Awesome Deals!
//CubicHost.org

  #14  
Old 09-05-2009, 02:24 PM
IGXHost IGXHost is offline
Disabled
 
Join Date: Mar 2009
Location: Toronto, Canada
Posts: 2,570
Thanks for the notice. It's true that scripts and software should be kept up to date regularly but this one sounds a bit more serious. Not all updates are released to prevent databases from getting hacked.

  #15  
Old 09-05-2009, 02:59 PM
alons alons is offline
Web Hosting Master
 
Join Date: May 2009
Posts: 1,450
Quote:
Originally Posted by igxhost View Post
Thanks for the notice. It's true that scripts and software should be kept up to date regularly but this one sounds a bit more serious. Not all updates are released to prevent databases from getting hacked.
But its always safe to upgrade to the latest version.
All users should upgrade whenever there is a newer release. At present its current stable release is 2.8.4

Regards,
Alons

__________________
Softaculous - Auto Installer for cPanel, Direct Admin, InterWorx, Plesk, H-Sphere
The only Auto Installer that installs 260+ scripts. Install in just ONE STEP!
Virtualizor - VPS Control Panel supporting OpenVZ, Xen, KVM and has 60+ OS Templates
Webuzo - Softaculous for the Cloud i.e. Softaculous Standalone

Reply

Similar Threads
Thread Thread Starter Forum Replies Last Post
Quick job: wordpress upgrade iNCubO Employment / Job Offers 5 08-05-2009 04:27 AM
Wordpress Upgrade - Help with database error grandad Hosting Security and Technology 16 03-26-2008 05:18 PM
Low cost Wordpress upgrade service thesmallguyshost Employment / Job Offers 0 03-03-2007 07:29 PM
cPanel - Forced upgrade - new phpBB for all users? ninja_byte Hosting Security and Technology 9 06-18-2005 10:30 PM
wordpress users come in! d3nnis Web Hosting Lounge 8 04-22-2004 11:45 PM

Related posts from TheWhir.com
Title Type Date Posted
Media Temple Launches Premium WordPress Hosting for Designers, Web Developers Web Hosting News 2014-03-04 14:24:41
Ecwid Partners with Automattic to Launch WordPress.com Business Integration Web Hosting News 2014-02-25 15:05:59
Page.ly Grows Managed WordPress Hosting Platform with BlogDroid Acquisition Web Hosting News 2013-06-27 15:43:37
The Host Group Launches Enhanced WordPress Hosting Plans Web Hosting News 2013-04-01 10:27:40
Wordpress Business Package Offers SMB Hosting for $299 per Year Web Hosting News 2013-03-05 14:06:15


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Postbit Selector

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Forum Jump
Login:
Log in with your username and password
Username:
Password:



Forgot Password?
Advertisement:
Web Hosting News:



 

X

Welcome to WebHostingTalk.com

Create your username to jump into the discussion!

WebHostingTalk.com is the largest, most influentual web hosting community on the Internet. Join us by filling in the form below.


(4 digit year)

Already a member?