WordPress Security Alert and Upgrade Help
Over the past 24 hours we’ve been inundated with questions about a serious WordPress security issue that is reaching a critical mass. It appears that a worm is using old versions of WordPress to replicate and infect blogs around the Internet. If you are using a version of WordPress prior to 2.8.4 (the current version at the time of this alert) you must upgrade immediately.
There are many reasons why a WordPress user may put off upgrading. Maybe you don’t believe an upgrade is necessary, or you’re afraid that an upgrade might break a custom theme. It’s possible that you simply don’t know how to upgrade WordPress. If you’re running an older version of WordPress and you’ve avoided upgrading for any of these reasons, please take a few minutes to watch the video below. The video explains why it’s crucial that you upgrade NOW and walks through many common upgrade scenarios.
Get the Flash Player to see this player.
Related Links:
- How to Upgrade WordPress (covers manual upgrades and includes demonstration of the backup plugin).
- Best Practices for Upgrading WordPress
- WordPress Database Backup Plugin
- How to Keep WordPress Secure
- Old Versions of WordPress Under Attack
- WordPress Security Help
WordPress 2.3.2 Released – Be Sure to Upgrade
A not so minor upgrade to WordPress was released last week. I say “not so minor”, because version 2.3.2 addresses several urgent security vulnerabilities. As always, I advise that everyone upgrade their WordPress blogs as soon as possible. Since this round of changes focuses on fixing bugs and patching security, there should be no issues with theme or plugin compatibility.
If you need help with a manual upgrade, be sure to check out our video on the subject.
Also of interest, it was recently announced that the next point release of WordPress will be 2.5 instead of 2.4. The delay has been attributed to a large number of new features, as well as the holidays (even WordPress developers need a break around Christmas). Expect version 2.5 to arrive in late March.
WordPress User Roles Explained
User roles provide bloggers with an easy and flexible way to control access to various WordPress feature. Unfortunately the user role system can be confusing to new bloggers. Even experienced WordPress users are frequently baffled by the role system and the permissions that are associated with each role.
If you’re collaborating with multiple bloggers, working with an editorial staff, or requiring subscribers to create user accounts in order to comment, an understanding of the WordPress user role system is essential. This video will help you sort out your options by explaining the permissions associated with each role, and demonstrating how the WordPress administrative interface changes depending on a user’s role.
The video covers the current standard WordPress roles:
Administrator, Editor, Author, Contributor, Subscriber
