Over the past few months we’ve seen multitude of point releases of WordPress. We’re all in favour of new features and performance improvements but sometimes we overlook the important security aspects these updates bring. Recently WordPress was the subject of an attack by a worm that had a negative impact on the performance and security of the software. (More details here).
It was, however, the right thing to do switching development efforts away from the next feature release to fix the security issues and push out that release promptly. It’s commendable that the fix was released so quickly and with the relative ease blog owners can upgrade their version of WordPress the continued impact of the worm was reduced significantly. I did the rounds of blogs I own and manage and it was a good feeling to address the upgrades quickly.
During the checks and subsequent upgrades I installed and used the WP Security plugin out of curiosity to see if there were areas of my blogs considered “insecure” or “at risk” according to the plugin. A few issues were raised and quickly resolved – how long they’d been there I don’t know, but the plugin certainly helped me in that respect. You can find the plugin here and I thoroughly recommend it as I can keeping your blogs updated with the latest version of WordPress.