As you recognize over the previous couple of months we’ve been engaged on the brand new options for WordPress 2.9. We’ve additionally been engaged on attempting to make WordPress as safe as doable and through this course of we’ve recognized a variety of safety hardening modifications that we thought had been price back-porting to the two.8 department in order to get these enhancements on the market and make all of your websites as safe as doable.
The headline modifications on this launch are:
- A repair for the Trackback Denial-of-Service assault that’s presently being seen.
- Removing of areas inside the code the place php code in variables was evaluated.
- Switched the file add performance to be whitelisted for all customers together with Admins.
- Retiring of the 2 importers of Tag knowledge from outdated plugins.
We’d advocate that every one websites are upgraded to this new model of WordPress to make sure that you’ve gotten the most effective out there safety.
In case you suppose your website might have been hit by one of many latest exploits and also you wish to just be sure you have cleared out all traces of the exploit then we might advocate that you simply check out the WordPress Exploit Scanner. It is a plugin which searches the recordsdata in your web site, and the posts and feedback tables of your database for something suspicious. It additionally examines your record of lively plugins for uncommon filenames. You may learn extra about this plugin right here – “WordPress Exploit Scanner“