As over the previous couple of months we’ve been engaged on the brand new options for WordPress 2.9. We now have additionally been engaged on attempting to make WordPress as safe as attainable and through this course of we’ve recognized quite a few safety hardening adjustments that we thought had been value back-porting to the two.8 department in order to get these enhancements on the market and make all of your websites as safe as attainable.
The headline adjustments on this launch are:
- A repair for the Trackback Denial-of-Service assault that’s at present being seen.
- Removing of areas inside the code the place php code in variables was evaluated.
- Switched the file add performance to be whitelisted for all customers together with Admins.
- Retiring of the 2 importers of Tag information from previous plugins.
We’d advocate that every one websites are upgraded to this new model of WordPress to make sure that you’ve got one of the best out there safety.
In the event you assume your web site might have been hit by one of many latest exploits and also you wish to just remember to have cleared out all traces of the exploit then we might advocate that you just check out the WordPress Exploit Scanner. This can be a plugin which searches the recordsdata in your web site, and the posts and feedback tables of your database for something suspicious. It additionally examines your listing of energetic plugins for uncommon filenames. You may learn extra about this plugin right here – “WordPress Exploit Scanner“