Waking up today and we’re hearing about more issues with certain plugins so once again here’s the type of blog post you see quite a bit on here. It’s namely the keep your website up to date post. You generally keep the software on your computer up to date don’t you?
There are new features, bug fixes and security patches being released all the time. WordPress is no exception. So the message here is patch up plain and simple. If you don’t log into your CMS (Content Management System) that often you can forget these things and you may feel it’s a hassle to sort out.
If you plan on doing the updates yourself then there’s a handy plugin to keep you notified it’s called WP Updates Notifier. You can see from the screen shot below it’s pretty easy to configure.
Just enter in your email address ( and send a test email and make sure the updates aren’t sent to your spam folder just in case ).
The next time there are updates for your WordPress install you’ll hopefully get a mail.
We’ve tested the plugin and it’s working fine on the latest version of WordPress 3.5.1 and hopefully the developers will be maintaining this one as it’s incredibly useful.
Not using certain plugins why not deactivate them and fully remove them from your install?
As with everything we highly recommend you backup before you do anything.
(Original Image: Robot from BigStockPhoto)
About the Author: James Larkin
61 Comments
Comments are closed.
That awkward moment when you’re not allowed to give a blog post the title you really want … but you really really want to use it 😀
Patch up WordPress ( please ) : http://t.co/vMdIZQhpDB
RT @blacknight: Patch up WordPress ( please ) : http://t.co/vMdIZQhpDB
Patch up WordPress ( please ) http://t.co/TpGzeQAUWb via @blacknight
Sewing Concepts liked this on Facebook.
@blacknight Can you name and shame the most troublesome plugins?
IIA Member Blogs: Patch up WordPress ( please ) http://t.co/euIrDit3Gw #iiamembers
Milos Ristic liked this on Facebook.
Aleksandar Djuric liked this on Facebook.
David Egan liked this on Facebook.
Edon Jusufi liked this on Facebook.
Ali Meke liked this on Facebook.
Was it the cache plugins issue you heard of this morning?
http://blog.sucuri.net/2013/04/update-wp-super-cache-and-w3tc-immediately-remote-code-execution-vulnerability-disclosed.html
Albin M Bucolli liked this on Facebook.
Mavilo Instituto Médico-Facial liked this on Facebook.
Marinko Radovic liked this on Facebook.
Ilija Dumnić liked this on Facebook.
That’s the one though we’ve been meaning to post on a few plugins that make life simpler anyways so it tied together nicely. The mfunc issue was removed in SuperCache 1.3 anyways so if people are up to date it hopefully wouldn’t be an issue. ^jl
Kristina Kika Djordjevic liked this on Facebook.
Caffe Plesni Bar Trik liked this on Facebook.
John Malone liked this on Facebook.
Milan Stojanovic liked this on Facebook.
Urim Krasniqi liked this on Facebook.
Maja Ilic liked this on Facebook.
Den Bagus Bagus liked this on Facebook.
Gentrit Zeqiri liked this on Facebook.
Patch up WordPress ( please ) http://t.co/aFkaZsWBxG
Janie Bailey liked this on Facebook.
Fatma Celik liked this on Facebook.
Marco Vasconcelos liked this on Facebook.
جہٰنہٰہىٰ الہجہٰنہٰہوٰن جہٰنہٰہىٰ الہجہٰنہٰہوٰن liked this on Facebook.
Qendrim Islami liked this on Facebook.
Jose Antonio Pereira liked this on Facebook.
Jose Correia liked this on Facebook.
Jaime A. F. Adão liked this on Facebook.
Jelena Vukcevic liked this on Facebook.
Ulrike Schwier liked this on Facebook.
Elwanna Gjakow liked this on Facebook.
Egzon N. Hoxha liked this on Facebook.
Kitty Chung liked this on Facebook.
Filipe Silva liked this on Facebook.
Richard van Breugel liked this on Facebook.
Zoran Jokic Mws-Design liked this on Facebook.
Ismajl Halimi liked this on Facebook.
Carla Oliveira liked this on Facebook.
Luciano Costa liked this on Facebook.
Why not?
La Ti Va liked this on Facebook.
Agon Kurtishaj liked this on Facebook.
Marko Gvozdenović liked this on Facebook.
Blendi Nuha liked this on Facebook.
Srecko Macak liked this on Facebook.
Aleksandar Zdravkovic liked this on Facebook.
وردة الجاردينيا liked this on Facebook.
That notify plugin I mentioned on http://t.co/p236FYNmms is working well *goes patching*
Naming and shaming these plugins should patch up any problems or maybe go as far as blocking them from been used.
Would really love to know which ones are causing the issues tho!
Mr Carpet Cleaning … it was related to two of the most popular plugins WP SuperCache and W3 Total Cache … using your logic it’d be good to ban WordPress as well as security issues pop up in it all the time 😀
Both plugins were patched pretty quickly and the issue wasn’t generally mentioned heavily until one of the security blogs picked up on it a month or so later. Exploits tend to be constantly found in software whether it’s your operating system or an application you use. The message here is to keep up to date and the notify plugin should give you a heads up that you need to upgrade things.
If you guys had a proper cPanel setup you would be able to trigger this automatically via onclick install.
The issues here are around the security settings and proactive attempts to stop DDoS rather than security exceptions in plugins.
I love this attitude that web security is not something the host should resolve, don’t get me wrong ancient plugins old WP versions, admin password, yeah that’s your problem as a client.
This botnet attack is separating the men from the boys when it comes to crummy web hosts.
Niall
I’m sorry, but I don’t think you actually appreciate what a DDOS actually is or how it impacts large hosting networks.
You also work on the assumption that all WordPress installs are automated and that all automated upgrades would work without causing issues with plugins, templates etc.,
You have no knowledge of what measures we have taken and continue to take to protect our clients and our network and I personally find your categorisation of us to be both offensive and misinformed.
We are the largest hosting provider in Ireland and the only one who actively engages in DNS abuse and internet security. None of the other providers come near us when it comes to infosec related activities.
Thanks for your comment
Michele
My terminology might not be correct but what I am trying to get across is that if the host is proactive they can stop a lot of this.
Security issues in plugins are one thing, but it is the default answer from hosts, that plugins are causing these issues. One click install keeps all my sites up to date, cpanel emails me to say hey update WP, which will in turn get me to do the same for plugins.
My point was that using cPanel this WP update can at least be automated or the the prompt can be.
My point here is athat some hosts are helping people and making core security updates, putting proactive steps in place, rather than telling people to keep WP plugins updated and pushing it back to them.
Fair play if you looking after DNS abuse and internet security.
My only gripe with WP on Blacknight is the lack of a standard plesk or cPanel, no offense intended, just my opinion.
Hi Niall, I think you’re getting two issues confused here. One issue is that there have been a number of large scale DDOS attacks against web hosting systems recently the other is that we’re actively trying to help our customers keep their software up to date and provide useful tips and tricks for them to get the most out of their website. We use WordPress ourselves, we have in house designers and developers and as such we’re talking from experience here. This blog post was in no way related to the DDOS attack that occurred recently
I’m actually someone who templates and develops WordPress sites I also write a number of our blog posts, develop and do a fair amount of graphic work for the company. Hence I thought it would be nice to pass on some knowledge and experience to our clients. I think it’s fair to assume the majority of people forget to update plugins. A lot of people would also I assume not log into their websites constantly it may be a few days, weeks or in some cases even months between logins. The notification plugin I mentioned in the post is something that can help with that.
Unfortunately given the huge number of plugins and templates that are available for WordPress unless we take full control and start to limit what our customers do it’s simply not an option for us to go installing updates and plugins on thousands of our customers WordPress sites.
I’m going to close this blog post to comment now unfortunately we’ve seen threads like this spiral out of control in the past so I’m going to close this to comment now. Feel free to address any concerns to customercare@blacknight.com
Regards,
James