Page 2 of 4 FirstFirst 1234 LastLast
Results 11 to 20 of 31

Thread: Wordpress 3.0 Released

  1. #11
    Quote Originally Posted by Shenron View Post
    WordPress has just announced the release of version 3.0

    Unlike others I recommend that you DON'T UPGRADE your current version until 3.01 or 3.02 is out, but that's just my opinion, what do I know anyway...
    Will wait for at least release of version 3.01 before upgrade.

    DON.

  2. #12
    Join Date
    Jan 2009
    Location
    Philadelphia, Pennsylvania
    Posts
    1,797
    Here are some simple security tips that can help you protect your Wordpress installations:
    Simple Site Security Measures

    I'll also agree with Shenron in saying that it's always best to wait a while before upgrading, in regards to major core updates.
    Plugins, however, should be updated immediately.

  3. #13
    Join Date
    May 2009
    Location
    New York
    Posts
    3,772
    Quote Originally Posted by TopDogger View Post
    @bogart, if you think your server may have been compromised, be sure to change your FTP access passwords.

    I have never had any of my web sites hacked, but I have always gone to great lengths to secure my sites and my servers. If you take all of the proper security measures, the weakest link tends to be the hosting company. I've seen situations where hundreds of sites on a major hosting company's servers were hacked because their security was the easiest to crack.

    There are some good articles out there about hardening WordPress. Download this white paper. It is one of the best.

    WordPress Security Whitepaper
    .
    On a couple of the sites I had changed the default "admin" username and the sites had hard to force passwords. I haven't changed the passwords. But haven't had any problems since making a couple of fixes identified by the security scan plugin and "hardening the wp-admin with htaccess". I think that the host could have some issues. There's only so much that you can do on a shared server. The whitepaper should be useful to play around with some additional security.

    Quote Originally Posted by James Stein View Post
    Wp security plugin is not security software and no it does not cut off 95% of the attacks, Nope it does nothing for security ..

    The IP in the .htaccess file can be obtained, but you will argue that ...
    The WP security plugin really doesn't do much. But does help in scanning the CHMOD values and a few other minor things like changing the wp-prefixes.

    I think "hardening WordPress with htaccess" can help. Most likely the ^ackers will just move on rather than taking the time to find the IP within the htaccess.

    Wordpress is open source and its also going to have security issues. I'm not really a fan of Wordpress. It has it uses but sometimes you're better off with a static site or using another CMS.

  4. #14
    Someone got a demo? Would like to see the changes, but can't find a demo on WordPress.Org
    |Nico Lawsons

  5. #15
    Quote Originally Posted by James Stein View Post
    You know what man .. I have better things to do seriously than have you attack my post left and right ...
    I am not attacking your post. I didn't even mention your name. I am simply defending the legitimate comments made by others that you attacked.

    Quote Originally Posted by James Stein View Post
    Wp security plugin is not security software and no it does not cut off 95% of the attacks, Nope it does nothing for security ..
    It is what the name implies. It is a Security Scan. No one ever said it was security software. Closing the holes it identifies helps to prevent the most common attacks. That is common knowledge and that is obvious. A WordPress installation is much less secure when those holes are left open.

    Quote Originally Posted by James Stein View Post
    The IP in the .htaccess file can be obtained, but you will argue that ...
    And perhaps you can explain how that can be done. Oh, you can't. Just as I thought.

    It's fine to make comments and express your opinion, but please back it up with SOMETHING. If you can't, you are not contributing anything useful.

    Quote Originally Posted by James Stein View Post
    But I was asked by many to create a secure wordpress install so I did ...
    This exactly what I am talking about. If you have a better method for securing WordPress, tell us how you do it. We would like to see a better method, if one exists. We also would like to see you substantiate at least a few of your opinions with some sort of evidence, methods, supporting articles or anything useful.

    Participating in a forum community means that if you have certain skills, you share that knowledge and experience with others. Opinions are meaningless unless backed up with facts and rationale.

    .
    Last edited by TopDogger; 18 June, 2010 at 12:36 PM.
    "Democracy is two wolves and a lamb voting on what to have for lunch. Liberty is a well-armed lamb contesting the vote." -- Benjamin Franklin


  6. #16
    Topic is Wordpress 3.0

  7. wish i have read this thread before updating.. the 3.0 is terrible.


  8. #18
    I don't plan to upgrade soon. I just did a post to a way old WP install and it worked fine. But sure, it may be vulnerable to some exploits.

    The plugins tend to be the weak links I think and there are well documented ways to secure plugins published by the developer community such as how to implement the check_admin_referer function in the options panel.

  9. #19
    Quote Originally Posted by garfish View Post
    wish i have read this thread before updating.. the 3.0 is terrible.
    What don't you like about it? I'm getting ready to set up a new site and was planning to test 3.0.
    "Democracy is two wolves and a lamb voting on what to have for lunch. Liberty is a well-armed lamb contesting the vote." -- Benjamin Franklin


  10. #20
    I am working on a new install of WordPress 3.0

    Some observations:

    No bugs found thus far.

    The installation allows you to set the administrator username. It no longer defaults to 'admin'.

    The new default theme is twentyten, which was written by the WordPress team. The old classic and default themes are gone.

    twentyten validates as HTML 5 with the W3C Validator.

    twentyten uses widgets by default. It has two sidebar widget areas and four footer widget areas built into the theme.

    The code used for twentyten is much more complex than with the previous included themes. This one is loaded with bells and whistles. I haven't done any speed testing yet, but I suspect that this could be slower than previous themes. There are lots of comments in the theme scripts.

    the style.css file is quite large at 22k. The old style.css file for the old default theme was only 10.1k. I'm not sure why they are redefining basic HTML markup. The style sheet seems inefficient.

    Code:
    strong { font-weight: bold; }
    
    em, i { font-style: italic; }
    I am modifying the twentyten theme for this project so that I can dig into new features.

    The admin section looks and functions pretty much the same as previous versions. No big surprises.


    I will keep updating this post as I discover new features and issues.
    Last edited by TopDogger; 22 June, 2010 at 02:18 AM.
    "Democracy is two wolves and a lamb voting on what to have for lunch. Liberty is a well-armed lamb contesting the vote." -- Benjamin Franklin


Page 2 of 4 FirstFirst 1234 LastLast

Similar Threads

  1. phpBB 3.0.8 has been released
    By GeeOne in forum Forum Life
    Replies: 2
    Last Post: 21 November, 2010, 14:21 PM
  2. [WTS] phpLD 4.1 Released
    By dvduval in forum Scripts
    Replies: 0
    Last Post: 4 September, 2010, 03:10 AM
  3. Wordpress 2.9 Released
    By Shenron in forum Blogging
    Replies: 31
    Last Post: 8 February, 2010, 07:42 AM
  4. Wordpress 2.8.1 Released
    By Shenron in forum Wordpress
    Replies: 10
    Last Post: 13 July, 2009, 21:44 PM
  5. Wordpress 2.8 Released
    By Shenron in forum Wordpress
    Replies: 20
    Last Post: 24 June, 2009, 12:22 PM

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •