WordPress wants sites to eat their (patching) vegetables

Apparently. over a third of the web sites on the Internet (including this one) run the WordPress content management software package. Natch, this makes WordPress a juicy target for hackers looking for software vulnerabilities. Find one good hole and you can pwn many sites with little effort. To make matters worse, there are lots of WordPress sites out there running old, smelly, dirty, vulnerable versions of the software. Of course! Bloggers want to blog, not mess around with software updates… but in these dangerous times, you have to eat your patching vegetables. Sigh. The folks at WP are really good at patching bugs, but those patches are of no use if people don’t install them. So the WP folks have an idea… forced upgrades of old sites. I admire their guts!

…the WordPress team plans to allow site owners to opt out of this forced update process. The WordPress team plans to send emails to website administrators and show a stern warning in websites’ dashboards before starting the auto-update process. These warnings will also include opt-out instructions, and will be shown/sent at least six weeks before a site is forcibly auto-updated.

More information here

Leave a Reply