WordPress 3.8 has arrived. The download and changelog are in the usual places.
The admin interface has had quite a big redesign. I think it looks neater, but I’m sure it will take a bit of getting used to. The nice thing is it’s mobile aware now. If I run it on my Nexus 7 in landscape I get something similar to the browser view. If I switch to portrait it rearranges the screen to make it fit better. Neat.
The auto-updater (manually initiated) worked fine on 5 blogs, so not worries there.
WordPress 3.7.1 has been released. The announcement is here and the changelog is here.
If you go on to your blog now, you will have the option of manually initiating the upgrade in the normal way. If you wait a few hours, it will magically update itself for you.
- The Terminator: A few hours later it begins to learn at a geometric rate. It becomes self-aware at 2:14 a.m. Eastern time… In a panic, they try to pull the plug….
- Sarah Connor: WordPress fights back.
- The Terminator: Yes. It launches its missiles against the targets in Russia.
- John Connor: Why attack Russia? Aren’t they our friends now?
- The Terminator: Because WordPress knows the Russian counter-attack will eliminate its enemies over here…
I’ve warned you!
WordPress 3.7 has been released. The downloads are in the usual place.
I updated 5 blogs with not hassles.
It’s worth having a read of this, which mentions the automatic updates that could happen without your intervention… Sounds kind of scary to me.
Happy upgrading, possibly for the last time…
WordPress 3.6.1 was released yesterday. You can see the list of changes here.
The auto-update feature ran though really quickly, with no problems.
WordPress 3.6 has arrived. You can read about it here.
I did the upgrade using the auto-update feature and it worked fine, as always.
WordPress 3.5.2 has been released. It’s a maintenance release, including a number of important security fixes, as described here. I’ve run the automatic upgrade on 5 blogs and it went through with no problems.
With all the recent press about global brute force attacks on WordPress I decided to install the Better WP Security plugin last Sunday.
It includes loads of security features, including the big ones mentioned in the recent attacks:
- Changing the name of the “admin” user.
- Changing the ID of your renamed admin user.
- Changing the table prefix.
- Max login attempts lockdown.
Of the 5 blogs I manage, 4 worked straight off with this plugin. Unfortunately, one required a few attempts, so remember to take filesystem and database backups before you start or you may not end up in a happy place.
Over the week since activating the plugin I’ve been quite interested/scared by the results. I’ve been getting several emails a day telling me of user lockdowns due to attempted brute force attacks originating from USA, Russia and the Netherlands.
If you have a self-hosted WordPress installation, you really need to take some basic steps stop yourself becoming a victim. There are a number of security plugins available, which I’m sure work equally well, but I only have experience of this one.
Assuming my current WordPress prefix was “wp_” and I wanted to change it to “banana_”, then I would do the following…
Take a backup of your database and file system. Remember, if you screw up and trash your blog you will thank yourself for the extra time you spent doing this!
Amend the “$table_prefix” setting in the “wp-config.php” file.
$table_prefix = 'banana_'; // Only numbers, letters, and underscores please!
Rename all the tables, swapping the “wp_” prefix with “banana_”. For example, the following statement would rename the “wp_comments” table to “banana_comments”.
RENAME TABLE wp_comments TO banana_comments
Perform the following updates.
UPDATE banana_options SET option_name = 'banana_user_roles' WHERE option_name = 'wp_user_roles'
UPDATE banana_usermeta SET meta_key = 'banana_capabilities' WHERE meta_key = 'wp_capabilities'
UPDATE banana_usermeta SET meta_key = 'banana_user_level' WHERE meta_key = 'wp_user_level'
UPDATE banana_usermeta SET meta_key = 'banana_autosave_draft_ids' WHERE meta_key = 'wp_autosave_draft_ids'
If you don’t do these updates, the blog will work, but when you try to access the admin site you will be greeted with a message saying,
You do not have sufficient permissions to access this page.
WordPress 3.5.1 has been released. The changelog and downloads are in the usual places. I’ve just done the auto-upgrade with no problems.
WordPress 3.5 has landed. You can download it from the usual place.
The auto update went fine on all five blogs I manage (they are not all mine ).