Save over 40% when you secure your tickets today to TNW Conference 💥 Prices will increase on November 22 →

This article was published on September 5, 2009

Why you should upgrade your WordPress blog


Why you should upgrade your WordPress blog

If you use self-hosted WordPress for your blog and you’re not using the latest version, 2.8.4, you’re running a severe risk of your site security being compromised and even hacked.

So do these three things right now:

1. Log in to your WordPress admin dashboard and check what version of WordPress you have installed. If you’re running any version higher than 2.7, you’ll see a text like this in the ‘Right Now’ module at the top of your screen (if you don’t see that module, check your screen options settings):

youareusingwp284

The 💜 of EU tech

The latest rumblings from the EU tech scene, a story from our wise ol' founder Boris, and some questionable AI art. It's free, every week, in your inbox. Sign up now!

2. Change all your passwords including admin, for each user if you have multiple users and FTP access. Then check the list of users to see if there are any you don’t recognize. If so, remove them.

3. If the version text on your dashboard says anything other than “You are using WordPress 2.8.4,” you’ll need to upgrade. You can do it from within your WordPress admin if you’re using a recent version (if you’re not, then you really are at risk). Or check your hosting service to see if they offer an easy upgrade method, eg, like 1-Click, the simple and secure method offered by DreamHost, my hosting service, or something like Fantastico offered by many others.

If you do have to upgrade, by whatever method you use, please still follow the detailed how-to guide in the WordPress Codex, the detailed documentation system for all things WordPress, paying special attention to the prep you need to do before you execute the upgrade.

Or, check out my 6 tips for upgrading WordPress including the 10-minute audio guide.

It never ceases to surprise me how some bloggers don’t upgrade (I’ve been guilty, too). Yes, it can be inconvenient and a bit time consuming especially if you rigorously do the prep including disabling all plugins.

Yet the consequences for not doing it can be catastrophe. So it’s worth the time invested.

If you are interested in the details of exactly what this security issue is all about, including the tell-tale signs that suggest your site may have been compromised, read Lorelle VanFossen’s post with the alert about this issue. She also has links to some terrific resources on how to strengthen your blog security.

Stay secure!

Get the TNW newsletter

Get the most important tech news in your inbox each week.

Also tagged with


Published
Back to top