Users are advised that WordPress 3.0.3 has just been released and is a security update. This release fixes issues in the XML-RPC remote publishing interface. This release fixes issues in the remote publishing interface, which under certain circumstances allowed Author- and Contributor-level users to improperly edit, publish, or delete posts. If you have remote publishing enabled on your site you are urged to upgrade. You can do so easily via the built-in automatic upgrade feature. If upgrading the old fashioned way is your cup of tea here is the list of revised files … wp-includes/version.php xmlrpc.php readme.html wp-admin/includes/update-core.php
[Continue Reading...]
Posts Tagged ‘WordPress Security’
Previous Post Comment Rating Plugin Fixes Security Vulnerability
Previous Post Underrated WordPress plugin round-up
The three components of information security are: Confidentiality, Integrity and Availability (CIA). If you’ve followed the steps my previous tutorial, you’ll have come a long way towards ensuring all three. But you’ll always need to keep an eye on things – remember, no site is hack proof. Here are some tools to verify the integrity of your data. These plugins will not protect your site from attacks, they will only help you monitor your site and diagnose problems. I have not tested any of these with the latest WordPress 3.0 beta. Monitoring In my first article on WordPress security I mentioned Open Source Tripwire as an option for monitoring your WordPress install for unexpected changes. A reader pointed out that it wasn’t the best solution since it’s no longer maintained and suggested a couple other alternatives. Since then, I’ve discovered a much easier way of monitoring your WP install: WordPress […]
[Continue Reading...]Previous Post WordPress Plugin Releases for 04/26
I wrote previously on securing a fresh WordPress install. Today, I’ll cover several WordPress plugins that can be used with fresh or existing WordPress installations to enhance security. I’m not going to cover recovering a hacked site, or exploit scanning tools like Exploit Scanner or WordPress Antivirus in this tutorial.
[Continue Reading...]Previous Post WordPress Theme Releases for 04/13
WordPress developers take security very seriously, and many security experts evaluate WordPress’s code for flaws. Security updates are made frequently to keep users safe. However, there are some extra steps you can take to make a fresh installation of WordPress more secure and protect against future attacks. Remember, no system can ever be completely secure, but taking preventative measures can be helpful. Much of this guide is based on the advice from the WordPress Codex article on hardening WordPress, but it is aimed at the WordPress beginner. In future articles, I’ll cover advanced security measures, hardening existing WordPress installs, and recovering hacked WordPress sites. This guide should be relevant for both WordPress 2.92 (the most recent stable release as of this writing) as well as WordPress 3.0. Overview: -Preliminary steps for securing your WordPress install -Changing defaults in WordPress to implement “security by obscurity” -Choosing strong passwords -Installing and configuring […]
[Continue Reading...]Previous Post Why Is Gravatar Still Not Mainstream?
WordPress is pretty secure and they release updates periodically to fix loopholes, to stay safe you should always make sure to upgrade to the latest version of the software whenever they are available.
[Continue Reading...]Weren’t we just talking about upgrading to the latest and greatest version of WordPress just yesterday? Well today Ryan Boren has just posted at the WordPress.org blog about the release of the WordPress 2.8.3 Security Release. As he mentions in the posting this fix is related to the privilege escalation issues in version 2.8.1. What he says next is the real reason why WordPress is so popular and well supported: Luckily, the entire WordPress community has our backs. Several folks in the community dug deeper and discovered areas that were overlooked. With their help, the remaining issues are fixed in 2.8.3. Ryan is right – it is the community that looks after each other. Where else would you have such a diverse and talented group who points out any issues instead of just taking them public even though it would draw a lot of attention and maybe fame for themselves? […]
[Continue Reading...]Previous Post Competition going once, going twice . . .
Mark Jaquith recently posted over at the WordPress.org blog that the WordPress 2.0.x Legacy Branch is Deprecated – in other words retired and no longer supported for the most important aspect – security updates. It had gotten a little long in the tooth as it was published back in late December 2005. However, WordPress 2.0 was revolutionary in many ways. Think back to WordPress 2.0 and how that changed WordPress as we knew it at the time. Some of those changes we now take for granted included: Completely Redesigned Backend Included Spam and Backup Plugins Inline Uploading Faster Posting Post Preview User Roles labelled Header Customization WordPress 2.0 certainly set us on the path to the WordPress we know and love today. Congratulations 2.0 on a terrific service life – rest in peace “Duke”. Time For An Upgrade? What does this mean for you as an individual blogger, website developer […]
[Continue Reading...]I did a post for a Antivirus plugin for WordPress, several users commenting about different plugins that improve the security of WordPress, so I decided to sum up some of the plugins that provide security and comment spam protection for WordPress blogs.
[Continue Reading...]Previous Post WordPress Plugin Releases for 06/13
Antivirus for WordPress is a useful plugin that will scan your templates and also can monitor it on a daily basis for malicious injections in the themes.
[Continue Reading...]About the Author
- Len Kutchma
Len has been blogging for over 10 years and is a rabid WordPress fan. In addition to toiling away here at Weblog Tools Collection you can find him at his own blog WPCanada.ca. When time allows he also likes to lend a hand at the official WordPress support forum.
Web: http://wpcanada.ca
Categories
- bbpress
- Best of WordPress
- Blog Templates Blog Skins Blog Themes
- Blogging
- Blogging Essays
- Blogging News
- brainstorming
- buddypress
- Business of Blogging
- CMS
- Code
- Cold Fusion
- Community Interviews
- Cool Scripts
- General
- HOW-TO
- LinkyLoo
- Movable Type Plugins
- Photolog Script
- Podcasting
- QuickLinking
- Spam
- SXSW
- TLA
- Tutorials
- User Reviews
- Web Design
- Web Ethics
- Weblog Add-Ons
- Weblog tools blog tools blogging tools
- Weekly Plugin Review
- WLTC Community
- wordcamp
- WordPress
- WordPress Discussions
- WordPress FAQs
- Wordpress for Beginners
- WordPress Hack
- WordPress News
- WordPress Plugin Competition
- WordPress Plugins
- WordPress Polls
- WordPress Security
- WordPress Templates WordPress Skins WordPress Themes
- WordPress Tips
- WordPress Tools
- WordPress Troubleshooting
- WordPress Weekly
- WordPress Widgets
- WordPress WishList
- XHTML Tips
Obviously Powered by WordPress. © 2003-2013
