WordPress 2.8.5 Security Update

October 22, 2009 | By eric | 2 Comments »

If you're new here, you may want to subscribe to my RSS feed. Thanks for visiting!

Image from www.blogohblog.com

Image from www.blogohblog.com

This new Wordpress update is called “hardening version”.

I’m waiting for the 2.9 version but according to WordPress developers, they need to back-port some security fixes they are working for 2.9 into 2.8. This is to make all previous versions as secured as possible.

I guess the most important headline among the changes is the fix for DOS or Denial of Service. This trackback remote denial of service vulnerability is a nasty bugs that could exploits the core files of WordPress.

DOS attacks can render your blog inaccessible. This kind of attack will consume your blog bandwidth resources and there is big possibility that your web host provider will cut your connection even if your site is providing you “unlimited bandwidth”. DOS attacks violate the “acceptable user policy” of virtually all internet service providers including web host companies.

WordPress developers are recommending that all sites shall upgrade to this version to ensure the best protection available.

Additional recommendation in this release that you should read:

If you think your site may have been hit by one of the recent exploits and you would like to make sure that you have cleared out all traces of the exploit then we would recommend that you take a look at the WordPress Exploit Scanner. This is a plugin which searches the files on your website, and the posts and comments tables of your database for anything suspicious. It also examines your list of active plugins for unusual filenames. You can read more about this plugin here – “WordPress Exploit Scanner

The WordPress Exploit Scanner works by scanning all your files and directory in your site. It will try to find the code that it’s inserted into a hacked site. It uses a lot of memory during scanning so better check the readme.txt before running it.

Tagged: 

2 Comments »




Leave a Reply

ClickBlog.org Related Posts Widget for Blogs by LinkWithin