Solutions

WordPress Upgrade

George Shaw Oct-21st, 2014 12:42 5 0
Dear,

This is just an formal mail informing you to upgrade your WordPress sites to the latest version. During our routing monitoring we found that most of the WordPress sites are frequently hacked due to "outdated versions". So for security reason please upgrade your WordPress to the latest version 3.8.1 ASAP to avoid further major issues / hacks.

====================

====================

Note: Also we would recommend you to backup your whole work / WordPress site on your local machine before you start with the upgrade process.

Why is old WordPress software so vulnerable to attack?

Whenever a new plugin or WordPress update is released, a bug fix report accompanies it. Hackers find out the vulnerabilities of old WordPress versions by looking at these reports. Then, they can target outdated sites by going to the sites and selecting View page source to see what version of WordPress they are running.

Update all scripts and plugins on your account to the latest stable versions. Old applications can have serious security holes that allow exploits such as injections into pages that allow files to be uploaded to your account. The only way to maintain site security is by keeping all applications and scripts up-to-date.

The easiest way to avoid being targeted by hackers is by updating often. It’s much easier to prevent damage than restore your site later.

Why update to latest WP version:

1.To improve features:- New features make WordPress easier to use or more useful.

2.For your safety:- New security features prevent hackers from breaking into your website and inserting malicious code. This code can harm your site and cause it to lose position in search engine results. Search engines may even unlist your site.

3.To fix bugs:- New updates can fix functionality bugs in your site. So if something isn’t working properly, you may just need an update.

How to enable auto-upgrades to WordPress, its plugins and themes

By default, from version 3.7 and above, your WordPress site will update itself when a new minor or security update is released. This means, that if you're on WordPress 3.7.0 and version 3.7.1 is released the application will auto update itself. On the other hand, if WordPress 3.8 is released (a major version) by default you will have to update to it manually.

If you want the WordPress auto updates to handle major core updates too, you will have to add a single configuration line. To do this, open the wp-config.php file in the root folder of your WordPress installation and add this line to it:

define('WP_AUTO_UPDATE_CORE', true);

If you want your plugins to be automatically updated by WordPress when a new version is released, you need to add a line to your wp-config.php file, similar to the one above. This time, however, a filter is used for enabling the plugin auto updates:

add_filter( 'auto_update_plugin', '__return_true' );

If you want WordPress to handle themes updates you need another line added to the wp-config.php file:

add_filter( 'auto_update_theme', '__return_true' );

Also take the following steps to further increase account security:

- Change your main account's password along with any other passwords you have (mail accounts, FTP accounts). It is recommended to create a complex password with alphanumeric characters using both upper and lowercase such as Aa1Bb2Cc3. Additionally, you would want to ensure that you do not use a password related to the domain name or site content.

- Avoid saving passwords in any software such as your FTP password. In your FTP client, please begin using TLS encryption for FTP transfers as that will encrypt the password during the data exchange. In FileZilla, this is supported by going to Site Manager and setting your server's type as "FTPES - FTP over explicit TLS/SSL"

- Scan your local computer for any viruses and trojans frequently. If you have not performed this task recently, please do perform a computer scan as soon as possible to ensure that computer is clean.

Failure to reply within next 24 hours, we'll be forced to temporary suspend the services without any prior notice.

Should you have any further queries or need more information, Please let us know. We'll be more than glad to help you.

Vote

Was this article helpful?
5 out of 5 found this helpful

Leave a comment