WordPress 2.8.5 was released today. Are you up-to-date? (And WordPress 2.9 is only another month away)
If you’re not, make sure you backup your data and upgrade soon. As WordPress becomes more and more popular the number of attacks against it grows. If you stay on an older version you become more and more vulnerable to these expliots. It can take weeks and months to recover from being hacked if Google sees your site serving malware or spam links.
Want to make sure you’re site is clean? Check out the WordPress Exploit Scanner plugin.
I preach this often but here’s another chance to say it. DON’T MOD THE CORE! I see it all the time in forums and blog posts where folks suggest editing files outside the wp-content directory. When you edit these files you have to maintain these changes and so you often decide to skip upgrading to a newer version of the software. Learn how to use the awesome system of hooks and filters available in WordPress and you can override almost anything in an upgrade proof manner. This system has been in place since version 1.2 so you don’t have any excuses anymore! I’d also suggest that if what you’re wanting to do isn’t available in a hook or filter that you work up a patch to the core to make that available to everyone. Not only will you future proof your change, you’ll also end up with other folks maintaining it and making it better for you. It’s pretty much the reason that open source is open source. Sorry for the soapbox!
- Backup often
- Upgrade often
- Don’t hack the core
- Give back to open source
(Need help? We do WordPress upgrades and we fix improperly patched copies of WordPress too! Contact us for more info)