First, the good news: Matt & his brave crew of WordPress coders have just released version 2.6 of the Open Source award-winningly awesome content management system called WordPress (download it here). I’ve been using it since it was called b2, and love it. I recommend it for most of my clients, and they love the simplicity and ease of use. I also really like how easy it is to customize and extend, using the excellent theme and plugin system.
If you have a WordPress installation yourself, please upgrade it today. Why should you do it today? In short, not only does the latest version of WordPress have some awesome new features (like content change tracking, a new “Press this” browser bookmark, using Google’s Gears system to make it faster, and about 194 bug fixes) it also contains the latest SECURITY FIXES.
Why should you care about security fixes? Because older versions of WordPress are vulnerable to exploits. I know this for a fact, and have been working on cleaning out a number of older installations of WordPress that have been hacked. This isn’t a fun process, and if you stay up to date, you will have the best chance of not getting hacked yourself.
This isn’t a problem exclusive to WordPress, and they’ve done a really good job generally at fixing holes (the current release proactively fixes a number of potential issues), but it is an issue you should definitely look into.
On a Unix machine, one thing to look for is this pattern in any files: md5($_COOKIE'
You can do a search through all your hosting accounts by running this command (run as root):
# grep -R 'md5($_COOKIE' /home/
That will tell you if you have any infected files (for this particular exploit). If you find any, you need to clean out those files. If you are running your sites out of version control (like using svn), this may be slightly easier.
$ svn st should tell you if any files were changed from the last time you checked them out. If you see unexpected files show up, you’ve been hacked.
To clean out your installation, not using version control method (done as root in this case):
- Copy your whole
public_htmldirectory to another location so you can do forensics on it and copy valid files back into your new installation:# cd /home/USERNAME/
# mkdir public_html-hacked
# mv public_html/* public_html-hacked/ - Download a clean copy of WordPress into your
public_html:# cd /home/USERNAME/
# wget http://wordpress.org/latest.zip .
# unzip latest.zip
# cp -R wordpress/* public_html/
# chown -R USERNAME:USERNAME public_html/* - Create a new
wp-config.phpfile. It’s probably a really good idea to first change your MySQL database password. To create your new config file:#cd public_html/
# cp wp-config-sample.php wp-config.php
# vi wp-config.php
Enter the correct (new) values for your MySQL database name, username, password, and the (currently 3) authorization unique key values (go to http://api.wordpress.org/secret-key/1.1/ to automatically generate the 3 keys for you to copy/paste into your config file. - Next, upgrade your WordPress database:
http://example.com/wp-admin/upgrade.php. You’ll have to sign in with your admin username and password. Once this is done (should go without a hitch, hopefully), examine your user table to see if there are any entries there that shouldn’t be. Delete any users that you didn’t create. Also, it would be a good idea to update the password for each user in the system. - Go through all of your Settings, looking for any suspicious changes. Specifically notice what the Uploads directory is set to (in Settings->Miscellaneous). It should probably be set to something like
wp-content/uploads. If it says something like../../../../../tmp/change it back. Also go look there to see if there are any left-over files that need to be investigated and removed. - Make a local copy backup of your database and then clean out entries that don’t belong there. Check your raw database (using something like PHPMyAdmin or command line mysql tools) and examine the
wp_userstable. Look for a user called WordPress. Delete it! If you found it, also check thewp_usermetatable and delete all entries associated with the bogus WordPress user ID. Next, check through your other MySQL tables to look for any suspicious entries (attached files, comments, posts, etc.) Delete anything that looks incorrect or wrong, but be sure not to delete your actual content.
As you can see, there are lots of things to check for if your installation of WordPress gets compromised. So, to save yourself a lot of pain and suffering, make sure you upgrade your WordPress installation(s) just as soon as you can.
More good info if you think your WordPress installation has been hacked:
- Has Your WordPress Been Hacked Recently?
- WordPress Support: Security issue, multiple sites
- Search the WordPress support forums for “exploit”
- Specific WordPress Codex information about this exploit
- Doncha’s excellent (and more recent) write-up of how to deal with a hacked WordPress installation
- WordPress Exploit Scanner plugin
22 responses to “Why you should upgrade your WordPress installation to version 2.6 (just released) today”
[…] […]
Always tempted to wait to upgrade until the inevitable x.x.1 version is published. At least you avoid any issues.
Not that I am trying to run down WordPress – it is the best CMS application, and extremely well supported.
Very Good~!!
[…] Recent public urls tagged “correct” → Why you should upgrade your WordPress installation to version 2.6 (just released) today […]
[…] Go to the author’s original blog: Comment on Why you should upgrade your WordPress installation to … […]
[…] Comment on Why you should upgrade your WordPress installation to … […]
[…] Comment on Why you should upgrade your WordPress installation to … […]
Hi, I’ve created a new free to join website called The UK’s Best – it aims to showcase the best businesses in the UK, particularly small businesses who I think offer better value for money and customer service than their larger rivals.
You can view the site here UK business directory
The site has just launched and will in the future become a paid for service, so I’d like to offer you this opportunity to join and promote your business (with a permanent link to your website) for free
Natural Herbalz Inc Offers Reviews on General health products, Skin care Products, Hair Care Products, Men’s and Women’s health Care Supplements, Weight loss and Diet Products, Sexual and Optimal Health Care products for your better health care and life style. http://www.naturalherbalz.com
This blog Is very informative , I am really pleased to post my comment on this blog . It helped me with ocean of knowledge so I really belive you will do much better in the future . Good job web master .
[…] comment on why you should upgrade your wordpress installation to … […]
American largest online natural herbal health care products reviews and medicines for all kind of health care treatments and solutions for men’s and women’s health, skin care and hair care, general health and sexual health, weight loss & diet from http://www.gordoniihoodia.net
I am glad to post my views and points in this blog, but I must say that webmaster of this blog has done a very great job to make his blog more informative and more discussable but unfortunately everything is same here that more than 80% in this and other blogs post their comments for making spam!!!, so i will really all this spam links to google band tool, because webmaster makes blogs for making discuss and for sloving each other problems.
thanks
Can’t find a diet program that works for you? The diet program is 100% guaranteed, or your money back.(You can’t lose anything but weight with THIS diet plan.) Don’t wait for New Year’s resolutions…Change your life today! (click my link!)
I think that if you uwork out and eat healthy any one would be fine
thanks.
I enjoyed to be at here because one of my point has been cleared here.
Blogs are becoming the main source of knowing about things certainty,its
importance,idolizing,either in a marketing way that one can differentiate.
http://www.weightlossproductz.com/category/weight-loss/
[…] Original post by Weight Loss […]
Penis enlargement products health and medical news and information on health care drugs and medicines for healthy living and better life.
http://www.naturalherbalproduct.com/breast-active/index.php
hi every one .. I want to know some thing. Which is that how to increases our own website pr . My site is that http://www.penisenlargementy.com
Hi. First of all I would like to say what a great site you have. I have been using it for a month or so now and really seeing the results. I am half an inch longer already and a good bit thicker. Thanx again.”
Weightlossproductz – We Care Your Health
weight loss productz offers all kind of natural herbal men’s and women’s health care products, general and skin care products, sexual and optimal health products, hair care and colon health, weight loss and diet products and much much more at http://www.weightlossproductz.com