WordPress Security Upgrade to 2.6.5

The latest WordPress release is a security fix with three bug fixes. It came out November 25, 2008 and is a recommended upgrade. But do *you* really need to upgrade? According to WordPress, the XSS security issue that prompted this upgrade, "...only affects IP-based virtual servers running on Apache 2.x." So the answer is that if your site is running on a shared server (and most sites are), the security issue won't affect your installation. The security issue only affects websites that are using a dedicated IP address (most sites are … [Read more...]

When Should I Upgrade WordPress?

People often ask me my opinion about whether/how often to upgrade WordPress. Mainly they want to know whether they need to upgrade with every single release. And if not, then what is the criteria for deciding yes or no? My basic policiy for myself is also what I recommend for my clients or anyone seeking this advice. My policy is to upgrade WordPress with every security-related recommended upgrade. If the upgrade is related to security, there is not even a question in my opinion. Do the upgrade or risk the security of your WordPress … [Read more...]