Unfortunately there is a serious security threat for bloggers who have not updated to WordPress 2.8.4. A worm is doing a lot of damage to blogs that have not been updated, but according to WordPress, 2.8.4 is immune to this threat. If you haven’t updated to 2.8 yet, there are several steps to make this a smooth process, and the “Be Safe Method” has kept me out of trouble. (If you are already at 2.8, you should be fine just doing the automatic update, but if you are at 2.7.1, for example, please use the Be Safe Method).
Here is what I do (Be Safe Method):
- Be sure all plugins are up-to date.
- Check the compatibility of your plugins. You can check at this WordPress site.
- Save a backup to your hard drive
- Got to Tools > Export, and save an export
- Deactivate all plugins
- Using FTP, backup your theme
- Click the update to 2.8.4 button
- Reactivate your plugins
- Check you theme and functionality.
- If your theme has incompatibilities with 2.8, you will need to upload the revised files from theme author. This is very tricky if you have done a lot of customization.
If you need assistance, let us know!
Thanks, Joel, for your strong opinion on being safe.
[...] This post was mentioned on Twitter by River Girl, Customized Marketing and Alltop. River Girl said: Eliminate Current WordPress Security Risk http://bit.ly/yOkkh (via @custommarketing) [...]