Orangeinks

WordPress Update 2.5.1 Includes Over 70 Bug Fixes

WordPress just released another update since a major one last month (ver 2.5). The new version 2.5.1, includes over seventy bug fixes including security fixes. Check out the full list of fixes made in 2.5.1 here.

As for added security, all is advised to place a secret key in their wp-config.php file. If you can’t come up with your own secret key, you can let WordPress generate a random secret key for you by clicking the “visit this link we set up to get a unique secret key” in their blog post. Just copy the entire line of code and paste it into your wp-config.php file (or overwrite this line if it exists:  define(‘SECRET_KEY’, ‘put your unique phrase here’); // Change this to a unique phrase).

Reminder: To update, just copy everything to your host EXCEPT the wp-content folder.  Copying the wp-content folder to your server will delete (overwrite) your currently installed themes and plugins. Always remember to backup.

Tags: Blog, Plugin, security, update, wordpress

WordPress 2.5 Stable Release Up for Download

WordPress just released its latest stable version (2.5) and it is looking great. The new version is equipped with a new interface which I think WordPress users will enjoy. It takes a little getting used to with the with the new look, but you’ll get used to it in no time. What caught my attention is the ability to change and edit your pemalink for a certain post (see images). This will make your post URL more search engine friendly and you can edit it to what you think is the best for SEO. The add media function is also new where you can easily add images, videos, audios, and other media in your posts. All plugins that I have been using seems to work fine.

Write Post

Edit Permalink

Upload Media

To upgrade to the new version all you have to do is copy everything to your server except the WP-Content Folder. Copying the wp-content folder will overwrite your plugins and themes so you will be left with nothing. Backing up all your files is always a necessary precaution to make whenever making an upgrade in your host. After copying everything just login to your dashboard and you will be asked to update your WordPress database.

You can get the newest version of WordPress here or check your WordPress dashboard for the update link.

Note: If you are using the Zemanta App which I have posted a while ago, It is currently not working with this new version of WordPress (2.5). So we have to wait until they upgrade their app.

Tags: 2.5, update, version, wordpress

WordPress 2.3.3 Urgent Update

A security flaw has been discovered in the XML- RPC implementation. XML-RPC is a spec and a set of implementations that allow software running on disparate operating systems, running in different environments to make procedure calls over the Internet. The update fixes the flaw that allows a user to edit post in your blog by doing a specially crafted request.  Enough with the technical details, if you are using WordPress and have your user registration enabled then you should update your hosted WordPress. This will prevent registered users in your blog from editing your posts.

The update also includes some bug fixes:

• gettext fails to determine byteorder on 64bit systems with php5.2.1
• some registration emails fail in 2.3.1 b/c of “callout verification”
• maybe_create_table call to config.php issue

WordPress also reported a vulnerability in the WP-Forum plugin that is being actively exploited right now. WP-Forum is a WordPress plugin that enables you to have a forum directly attached to your WordPress installation.  If you are using this plugin, it is strongly recommended that you remove it until an update is available from its author.

Tags: critical, flaw, Plugin, security, update, wordpress, wp-forum

WordPress Important Update (2.3.2)

WordPress just released an update that fixes a bug that could expose your draft posts. The update also suppresses some error messages that can give away information about your database table structure and limits and stops some information leaks in the XML-RPC and APP implementations. I have seen these error messages from orangeinks and some other blogs. The codes are there for everyone to see. I you’re using WordPress as a hosted blog platform, it is strongly suggested that you upgrade now to protect your blog from the said disclosures.

WordPress also added a little bonus of allowing you to define a custom DB error page.

Place your custom template at wp-content/db-error.php. If WP has a problem connecting to your database, this page will displayed rather than the default error message.

To help you with the upgrade, just follow the instructions posted here. And remember guys, backup your files.

Tags: 2.3.2, bug fix, security, update, wordpress