As you understand over the previous couple of months we now have been engaged on the brand new options for WordPress 2.9. We’ve additionally been engaged on attempting to make WordPress as safe as attainable and through this course of we now have recognized plenty of safety hardening modifications that we thought had been value back-porting to the two.8 department in order to get these enhancements on the market and make all of your websites as safe as attainable.
The headline modifications on this launch are:
- A repair for the Trackback Denial-of-Service assault that’s at the moment being seen.
- Removing of areas throughout the code the place php code in variables was evaluated.
- Switched the file add performance to be whitelisted for all customers together with Admins.
- Retiring of the 2 importers of Tag information from previous plugins.
We’d advocate that each one websites are upgraded to this new model of WordPress to make sure that you’ve got the most effective out there safety.
In case you suppose your website might have been hit by one of many current exploits and also you wish to just be sure you have cleared out all traces of the exploit then we might advocate that you just check out the WordPress Exploit Scanner. This can be a plugin which searches the information in your web site, and the posts and feedback tables of your database for something suspicious. It additionally examines your checklist of energetic plugins for uncommon filenames. You may learn extra about this plugin right here – “WordPress Exploit Scanner“