Author Topic: If you have a Wordpress site you need to patch it against latest vulnerability (Read 7772 times)

mouser · « **on:** February 11, 2017, 08:29 AM »

Attacks on websites running an outdated version of WordPress are increasing at a viral rate. Almost 2 million pages have been defaced since a serious vulnerability in the content management system came to light nine days ago. The figure represents a 26 percent spike in the past 24 hours.

https://arstechnica....es-affects-2m-pages/

wraith808 · « **Reply #1 on:** February 11, 2017, 01:35 PM »

Depending on how you have your sites set up, they may automatically update. For safety's sake, I have the ones that I administer set up in this manner.

Deozaan · « **Reply #2 on:** February 11, 2017, 02:04 PM »

That article makes it seem not so bad in the opening paragraph when it talks about it being an exploit for an outdated version of WordPress. Then it says the exploit was fixed only about 2.5 weeks ago.

I do manually check my WordPress sites every so often to make sure they are updated, but that is probably on average about once per month. So yeah, thank goodness for WordPress auto-updates, because if not for that, my sites would probably be vulnerable as well.

panzer · « **Reply #3 on:** March 01, 2017, 06:05 AM »

https://arstechnica....ect-1-million-sites/

wraith808 · « **Reply #4 on:** March 01, 2017, 12:16 PM »

That article makes it seem not so bad in the opening paragraph when it talks about it being an exploit for an outdated version of WordPress. Then it says the exploit was fixed only about 2.5 weeks ago.

I do manually check my WordPress sites every so often to make sure they are updated, but that is probably on average about once per month. So yeah, thank goodness for WordPress auto-updates, because if not for that, my sites would probably be vulnerable as well.
-Deozaan (February 11, 2017, 02:04 PM)

That was my problem - the fact that my partner put other WP sites on the server that I didn't know about. And therefore, they weren't checked nor updated. It's a very big pain, and I definitely see the ramifications of it now.

Stoic Joker · « **Reply #5 on:** March 02, 2017, 06:42 AM »

That was my problem - the fact that my partner put other WP sites on the server that I didn't know about.
-wraith808 (March 01, 2017, 12:16 PM)

Yikes!!! I would have come completely unwound on that one. I'm not much of an authoritarian - I basically hate rules - But breaking the 'everything must be documented' rule around here is all 5 of the top 3 absolute no-nos.

wraith808 · « **Reply #6 on:** March 02, 2017, 07:05 AM »

That was my problem - the fact that my partner put other WP sites on the server that I didn't know about.
-wraith808 (March 01, 2017, 12:16 PM)

Yikes!!! I would have come completely unwound on that one. I'm not much of an authoritarian - I basically hate rules - But breaking the 'everything must be documented' rule around here is all 5 of the top 3 absolute no-nos.
-Stoic Joker (March 02, 2017, 06:42 AM)

I felt like coming unwound... but then I remembered that it was his client that allowed us upscale the server by 4 times. *sigh* the times when you know that you're right, but have to swallow it anyway. But I get reminded monthly when the bill comes...

Author Topic: If you have a Wordpress site you need to patch it against latest vulnerability (Read 7772 times)

mouser

If you have a Wordpress site you need to patch it against latest vulnerability

wraith808

Re: If you have a Wordpress site you need to patch it against latest vulnerability

Deozaan

Re: If you have a Wordpress site you need to patch it against latest vulnerability

panzer

Re: If you have a Wordpress site you need to patch it against latest vulnerability

wraith808

Re: If you have a Wordpress site you need to patch it against latest vulnerability

Stoic Joker

Re: If you have a Wordpress site you need to patch it against latest vulnerability

wraith808

Re: If you have a Wordpress site you need to patch it against latest vulnerability