Update Your Wordpress!

September 6, 2009 on 11:17 pm | In Dreamhost Apps, Insider View, Rants by Dallas Kashuba | 11 Comments

We’re big fans of Wordpress here at DreamHost.  It powers this website and many of our own personal websites.  It’s also probably the number one most popular web application running on our servers.

It’s so popular in fact that it’s increasingly become the target of security exploits.  Fortunately for all of us, the Wordpress coders have done a good job patching up security holes quickly once they’ve been discovered.  Unfortunately, that doesn’t matter one bit if you don’t update the copy of Wordpress running your website.

Wordpress Logo

If you are a lucky DreamHost customer, installing and updating Wordpress is very easy.  You really have no excuse for not updating.

We provide a one-click installer and upgrader for Wordpress (and several other popular web applications) making it as simple as clicking a button in our web panel.  We even let you request that we email you whenever a new release is available so you don’t have to keep track of it yourself.

If that is still too much effort and you are willing to give up some flexibility, we also provide what we call an easy one-click installer, which is really just a fully managed and hosted version of Wordpress that we update and maintain for you.  Even better, you can get this service from us absolutely free from DreamHost Apps (which also includes a bunch of other popular web apps for the same $0 price tag).

Why Not?

The only reason I can think of to not upgrade Wordpress as soon as it is released is the worry that it will break some plugin you’re using.  While that is a very valid concern, you should really consider how much those pesky plugins are worth to your website.  Are they worth the days of time it might take you to clean up a hacked website?  Are they worth the shame you would feel if your hacked website is used as a base to infect hundreds or thousands of other websites?  These are very real risks.  If you are using a plugin that prevents you from easily upgrading your Wordpress install, please consider abandoning it or finding a replacement that’s more robust and compatible.

Do It!

So, long story short:  UPDATE YOUR WORDPRESS RIGHT NOW. There is a major Wordpress hack going around targeting older versions of Wordpress.  The latest version is unaffected so if you have been a good upgrader you are safe!  A couple of big name bloggers (here and here) got hit recently, and it can also happen to you.  In fact, it might have happened already!  Check this post from Lorelle on Wordpress with lots of gorey details about the hack and to find out if you may be a victim.

11 Responses to “Update Your Wordpress!”

  1. daves561 Says:
    September 7th, 2009 at 7:38 am

    If you can’t seem to upgrade — perhaps the upgrade screen is acting funny and saying you don’t need to download “Version -” — check your plug-ins. There is a plug-in called “Disable WordPress Core Update” that causes this.

  2. Greg Says:
    September 8th, 2009 at 9:55 am

    @Dallas

    You’re awesome. I love the upgrade feature of the One-Click installs.

    I’m on a private server and have had great experience. The only thing I could ever want that Dreamhost doesn’t currently provide is NGINX web server support. Lighttpd leaks memory like a firehouse … and as such, the developers have stopped development of the current branch and are starting from scratch.

    http://blog.lighttpd.net/articles/2008/12/02/a-little-heads-up

    And we all know how well starting from stracth goes (Perl 6 – cough, cough).

  3. Teddy K Says:
    September 9th, 2009 at 8:25 am

    For what it’s worth, Wordpress.com is served by nginx.

    Google has even reported high usage of nginx as well.

    http://googleonlinesecurity.blogspot.com/2007/06/web-server-software-and-malware.html

    —-

    Dreamhost’s one-click install/upgrades are simply awesome. Thanks guys!

  4. Ants Says:
    September 9th, 2009 at 5:44 pm

    @Greg If you don’t necessarily like Apache or Lighttpd, you could always enable the admin user in your panel and install/configure NGINX yourself.

  5. Rob Says:
    September 10th, 2009 at 12:05 am

    Keep the automatic updates box checked.

  6. Li Xiao Long Says:
    September 10th, 2009 at 4:06 am

    You’re awesome. I love the upgrade feature of the One-Click installs.

  7. Maarten Says:
    September 12th, 2009 at 2:59 am

    While the new auto-upgrade feature within Wordpress itself is really cool, I’m seriously considering setting up Wordpress-MU so all my sites run off the same WP install. That should cut down on the time required to keep both WP and all plugins up-to-date.

  8. unreliable narrator Says:
    September 15th, 2009 at 11:15 am

    If this happened to you, as it did to me while I was on vacation…really good tutorial here:

    http://www.journeyetc.com/2009/09/04/wordpress-permalink-rss-problems/

    I’m back up and running now—and yes, upgraded. And with a new uncrackable password. :o) Thanks, DreamHost!

  9. Dallas Kashuba Says:
    September 16th, 2009 at 2:25 pm

    About lighttpd and nginx: We have noticed weird memory issues with lighttpd under some circumstances ourselves and we are definitely keeping an eye on alternatives.

  10. its01 Says:
    September 24th, 2009 at 6:49 am

    the updates and hotfix is very very important to close bugs!!!
    for software and operating system and web apps tooo

  11. Work from Home MLM Says:
    October 22nd, 2009 at 6:29 am

    After trying different blogging software, Wordpress really takes the cake. It’s a good thing DreamHost has a one click installer so you don’t have to go through the hassle of setting one up. Awesome!

Powered by WordPress. Pool theme by Borja Fernandez, modified by DreamHost.
Like WordPress? Consider attending WordCamp LA.
Entries and comments feeds. ^Top^