A new update to WordPress was released today (WordPress 3.1.3) which is a security update for all the previous versions and it contains several fixes and enhancements including the following:
- Security hardening
- Taxonomy query hardening
- The prevention of sniffing out user names of non-authors by using canonical redirects
- File upload security improvement on hosts with “dangerous” security settings
- Cleans up old WordPress Import files if the import never finished
- New “clickjacking” protection in modern browsers on admin and login pages
WordPress 3.2 Beta Also Available
WordPress also announced today the release of the Beta 2 version of WP 3.2. I announced the Beta release here at WPExplorer.com around 2 weeks ago and it looks like things are moving fast as Beta 2 is already out! So if you are looking to get your hands dirty (if they are not already) have a look at the beta as it has a lot of cool changes/enhancements. Just make sure to install it on a “dummy” site as you don’t want your main website running a beta software with many possible bugs/security holes.
WordPress Updating Tips
Updating your WordPress installation shouldn’t be a hassle and in-fact it really isn’t, especially if you are using the built-in WordPress updater. However, below are some small tips to keep in mind while updating your CMS.
- Make a full back-up of your database and preferably your Server as well
- Disable plugins: this isn’t always necessary (especially for a small update like going from 3.1.2 to 3.1.3) but for larger updates disabling plugins can help avoid any issues after the update
- If making a manual update make sure to NOT replace your “wp-contet” folder –> this is pretty obvious but I’ve seen people do it and it was baaad.