Register Blogs Advertise with usHelp Desk Today's Posts Search

Thread Tools Search this Thread
Unread 24th Dec 2011, 12:20 PM   #1
OffTheWallflowerChild
War Room Member
 
Patrician's Avatar
 
Join Date: 2004
Location: USA
Posts: 11,698
Thanks: 6,331
Thanked 2,666 Times in 1,801 Posts
Default
Warning: Upgrade Wordpress - Free+EZ 2 clicks
Share on: 
fb share twitter share gplus share more share

It is very important when you login to Wordpress and you see the tiny link at the top saying there is an upgrade available, that you do this immediately.

This is because security issues and vulnerabilities are often addressed by upgrades. Hackers often exploit these breeches - and unfortunately it is them that usually point out the weakness in the program's security by hacking the site.

All you do is double click the message that there is an upgrade available.

Then you will see a button to 'update automatically' - click that -

Wait a few seconds and it is done.

Patricia Brucoli
Plug-In Profit Site Helpdesk
Patrician is offline   Reply With Quote
The Following 2 Users Say Thank You to Patrician For This Useful Post:
Unread 25th Dec 2011, 12:53 PM   #2
Warrior Member
 
Join Date: 2009
Posts: 23
Thanks: 0
Thanked 2 Times in 2 Posts
Default
Re: Warning: Upgrade Wordpress - Free+EZ 2 clicks
Share on: 
fb share twitter share gplus share more share

Yes and its better to wait your essential plugins support to the latest version before you upgrade wordpress.

Recover Wordpress Hacked Blogs
amilajoy is offline   Reply With Quote
Unread 25th Dec 2011, 03:54 PM   #3
Freight Man Australia
War Room Member
 
Join Date: 2011
Location: Australia
Posts: 89
Thanks: 8
Thanked 10 Times in 9 Posts
Default
Re: Warning: Upgrade Wordpress - Free+EZ 2 clicks
Share on: 
fb share twitter share gplus share more share

If you can also use auto lock plugins so hackers dont run programs through to find your password. It is always a good idea to not have a login as admin ....makeup a silly name and write it down somewhere safe. Also back up your site so you can reload if the punks get in.

freight is offline   Reply With Quote
The Following 2 Users Say Thank You to freight For This Useful Post:
Unread 25th Dec 2011, 08:17 PM   #4
Retired Warrior
 
Join Date: 2011
Location: Southern Indiana
Posts: 27
Thanks: 6
Thanked 4 Times in 4 Posts
Default
Re: Warning: Upgrade Wordpress - Free+EZ 2 clicks
Share on: 
fb share twitter share gplus share more share

Patricia,
Is that the wordpress update or the Chameleon Update? Wordpress update worked fine a few days ago but the Chameleon update is not automatic. Which one are we talking about?

Merry Christmas Everyone!

Jerry,
Building a Business from Home, on a Shoestring Budget!
The App that Pays in so Many Ways Here
jccntry is offline   Reply With Quote
Unread 25th Dec 2011, 11:23 PM   #5
OffTheWallflowerChild
War Room Member
 
Patrician's Avatar
 
Join Date: 2004
Location: USA
Posts: 11,698
Thanks: 6,331
Thanked 2,666 Times in 1,801 Posts
Default
Re: Warning: Upgrade Wordpress - Free+EZ 2 clicks
Share on: 
fb share twitter share gplus share more share

WORDPRESS.

The Chameleon upgrade is inconsequential if you look at the notes -

... that is at least the current upgrade doesn't seem to have anything much - but I will check periodically and if there is ever a mention of security then I will recommend upgrading it too.

Patricia Brucoli
Plug-In Profit Site Helpdesk
Patrician is offline   Reply With Quote
Unread 26th Dec 2011, 01:41 PM   #6
Active Warrior
War Room Member
 
Join Date: 2008
Posts: 56
Thanks: 4
Thanked 8 Times in 8 Posts
Default
Re: Warning: Upgrade Wordpress - Free+EZ 2 clicks
Share on: 
fb share twitter share gplus share more share

I want to update my wordpress blog, but won't that mess up the current plugins. Unfortunately, not all plugin designers keep up to date. Just wondering.
MMateo23 is offline   Reply With Quote
Unread 26th Dec 2011, 02:52 PM   #7
OffTheWallflowerChild
War Room Member
 
Patrician's Avatar
 
Join Date: 2004
Location: USA
Posts: 11,698
Thanks: 6,331
Thanked 2,666 Times in 1,801 Posts
Default
Re: Warning: Upgrade Wordpress - Free+EZ 2 clicks
Share on: 
fb share twitter share gplus share more share

Yes I have heard of the upgrade 'messing' plug-ins up.

However, with that said, security is the top-most issue. If you have ever seen what hackers can do to deface a site you will realize you would rather have a messed up plug-in. It is not pretty.

Even after you clean the malware and restore your site there are things you may have to rebuild manually - so again, security is always A #1 priority.

Other than making your password really tough* (which only helps a little) the best thing you can do is make sure you have the most recent upgrade of Wordpress.

*Include all of the following:
- upper AND lower case letters
- numbers
- special characters $ % # @ ^ ! + & ~ ( ) [ ] = _ , . ; :
- at LEAST 9 characters total -

Never use a real word - like 'chicken' or 'rover'

To be really hyper-vigilant - don't use Admin as your username. (and don't use your name either) -

I read today it only takes hackers a few seconds to crack a password (there is software) - might as well make it as tough as you can.

Patricia Brucoli
Plug-In Profit Site Helpdesk
Patrician is offline   Reply With Quote
Unread 27th Dec 2011, 01:08 AM   #8
HyperActive Warrior
 
goleza's Avatar
 
Join Date: 2011
Location: Uganda
Posts: 328
Thanks: 159
Thanked 102 Times in 53 Posts
Lightbulb
Re: Warning: Upgrade Wordpress - Free+EZ 2 clicks
Share on: 
fb share twitter share gplus share more share

Thanks Pat for this thread that has actually come at a time I tried to upgrade from version 3.2.1 to the newer version 3.3. But as I was trying to do it, I was warned to first backup my site so as not to lose the content. This scared me and put it on halt because of not being conversant with what it takes to backup wordpress files. I tried to read the doc on backing up WordPress site but it wasn't easy to comprehend.

When I saw your thread, I again felt like you just click on the button to upgrade. Now my concern is how can I best do it without losing my content? Please advise!

Originally Posted by Patrician View Post

Yes I have heard of the upgrade 'messing' plug-ins up.

However, with that said, security is the top-most issue. If you have ever seen what hackers can do to deface a site you will realize you would rather have a messed up plug-in. It is not pretty.

Even after you clean the malware and restore your site there are things you may have to rebuild manually - so again, security is always A #1 priority.

Other than making your password really tough* (which only helps a little) the best thing you can do is make sure you have the most recent upgrade of Wordpress.

*Include all of the following:
- upper AND lower case letters
- numbers
- special characters $ % # @ ^ ! + & ~ ( ) [ ] = _ , . ; :
- at LEAST 9 characters total -

Never use a real word - like 'chicken' or 'rover'

To be really hyper-vigilant - don't use Admin as your username. (and don't use your name either) -

I read today it only takes hackers a few seconds to crack a password (there is software) - might as well make it as tough as you can.

goleza is offline   Reply With Quote
Unread 27th Dec 2011, 01:12 AM   #9
HyperActive Warrior
 
goleza's Avatar
 
Join Date: 2011
Location: Uganda
Posts: 328
Thanks: 159
Thanked 102 Times in 53 Posts
Lightbulb
Re: Warning: Upgrade Wordpress - Free+EZ 2 clicks
Share on: 
fb share twitter share gplus share more share

Please advise on how one can change the login information to avoid hackers. Can you also tell us the specific auto lock plugins so that we can consider using them?

Originally Posted by freight View Post

If you can also use auto lock plugins so hackers dont run programs through to find your password. It is always a good idea to not have a login as admin ....makeup a silly name and write it down somewhere safe. Also back up your site so you can reload if the punks get in.

goleza is offline   Reply With Quote
Unread 27th Dec 2011, 02:48 AM   #10
Active Warrior
 
Join Date: 2011
Location: Queensland, Australia
Posts: 38
Thanks: 4
Thanked 4 Times in 3 Posts
Default
Re: Warning: Upgrade Wordpress - Free+EZ 2 clicks
Share on: 
fb share twitter share gplus share more share

Hello Patricia,
I have just read your post about the wordpress login details. You suggest to not use admin as a username. I wanted to change admin to a new username, but in my wordpress profile it says "usernames cannot be changed." So how can I change admin to a more secure username? Please advice. Thank you.

Regards,
Martin

martin61 is offline   Reply With Quote
Unread 27th Dec 2011, 05:11 AM   #11
HyperActive Warrior
 
goleza's Avatar
 
Join Date: 2011
Location: Uganda
Posts: 328
Thanks: 159
Thanked 102 Times in 53 Posts
Lightbulb
Re: Warning: Upgrade Wordpress - Free+EZ 2 clicks
Share on: 
fb share twitter share gplus share more share

Thanks Pat for raising my courage to update my site through this thread. I have finally updgraded it and I see everything is still working normally but this time round navigating the dashboard has even been made easier and far better.

I have also changed my password and made it stronger and complicated, although it isn't possible to change the username. Any further hint on how to do it is highly welcome.

Once again thanks for the useful thread. Freight, thanks too for your good contribution.

goleza is offline   Reply With Quote
Unread 27th Dec 2011, 10:55 AM   #12
OffTheWallflowerChild
War Room Member
 
Patrician's Avatar
 
Join Date: 2004
Location: USA
Posts: 11,698
Thanks: 6,331
Thanked 2,666 Times in 1,801 Posts
Default
Re: Warning: Upgrade Wordpress - Free+EZ 2 clicks
Share on: 
fb share twitter share gplus share more share

You would just go to 'Users' and add another user and password and use that to login and post from now on.

I would then make the admin password 20 characters or however many you can to make it very difficult.

Just for future reference when you install Wordpress that is where admin is used for the username - Set it up with a different username instead.

Also there are settings about allowing other users to register and post - it sounds all nice and community/Web2.0 social - but actually I wouldn't allow anybody to do anything but comment.

I am not a Wordpress expert - there is plenty of documentation in Wordpress about all these issues as well as Google to find out the how and where of using it.

Patricia Brucoli
Plug-In Profit Site Helpdesk
Patrician is offline   Reply With Quote
Unread 27th Dec 2011, 01:16 PM   #13
Active Warrior
 
Join Date: 2011
Location: Queensland, Australia
Posts: 38
Thanks: 4
Thanked 4 Times in 3 Posts
Default
Re: Warning: Upgrade Wordpress - Free+EZ 2 clicks
Share on: 
fb share twitter share gplus share more share

Hello Patricia,
I am unable to change my username in my wp users. It would not let me. It says "usernames cannot be changed" right next to the box. Could you please give some more details on how to change the username. Looks like goleza got the same problem. Thank you.

Regards, Martin

martin61 is offline   Reply With Quote
Unread 27th Dec 2011, 01:31 PM   #14
OffTheWallflowerChild
War Room Member
 
Patrician's Avatar
 
Join Date: 2004
Location: USA
Posts: 11,698
Thanks: 6,331
Thanked 2,666 Times in 1,801 Posts
Default
Re: Warning: Upgrade Wordpress - Free+EZ 2 clicks
Share on: 
fb share twitter share gplus share more share

Hi Martin.

Please read this starting with the first line: Post #12 above

http://www.warriorforum.com/plug-pro...ml#post5309918

Patricia Brucoli
Plug-In Profit Site Helpdesk
Patrician is offline   Reply With Quote
Unread 27th Dec 2011, 11:34 PM   #15
HyperActive Warrior
 
goleza's Avatar
 
Join Date: 2011
Location: Uganda
Posts: 328
Thanks: 159
Thanked 102 Times in 53 Posts
Default
Re: Warning: Upgrade Wordpress - Free+EZ 2 clicks
Share on: 
fb share twitter share gplus share more share

Originally Posted by martin61 View Post

Hello Patricia,
I am unable to change my username in my wp users. It would not let me. It says "usernames cannot be changed" right next to the box. Could you please give some more details on how to change the username. Looks like goleza got the same problem. Thank you.

Regards, Martin
I think what Pat is telling you to do is to go to "Users". In the interface for "Users", look for the "Add New" button (either on top of page or just below "Users" on the left, depending on the Wordpress version you are using) and click on it to be directed to a page where you will fill in your details as a new user. The username and passwords you enter are the one you will continue to use when making new posts henceforth. This is what I also did. Hope this explanation will help you.

goleza is offline   Reply With Quote
Unread 28th Dec 2011, 01:46 PM   #16
Active Warrior
 
Join Date: 2011
Location: Queensland, Australia
Posts: 38
Thanks: 4
Thanked 4 Times in 3 Posts
Default
Re: Warning: Upgrade Wordpress - Free+EZ 2 clicks
Share on: 
fb share twitter share gplus share more share

Thank you Patricia and Goleza,
I found this website which explains step-by-step how to change the default username "admin" in wordpress. It is very simple!

Change the default WordPress admin username

Regards, Martin

martin61 is offline   Reply With Quote
The Following User Says Thank You to martin61 For This Useful Post:
Unread 28th Dec 2011, 04:38 PM   #17
WarriorHelp.com
War Room Member
 
Jeffery's Avatar
 
Join Date: 2004
Location: Clarksville, Tn in the Possum Hollar
Posts: 4,052
Thanks: 1,040
Thanked 996 Times in 661 Posts
Blog Entries: 1
Default
Re: Warning: Upgrade Wordpress - Free+EZ 2 clicks
Share on: 
fb share twitter share gplus share more share

Truth be told.. all default WordPress installations can be hacked. Just Google "wordpress scan" (without the quotes) and you will find links to some sites that show how to hack into a default WordPress installation. The point is "Regardless of the Admin Username and Password - all default WordPress installations can be hacked."

It is "true" and "recommended" that your Wordpress Username should not be admin simply because hackers know that the default Username for default WordPress installations is in fact: admin. It is also a known "given" that hackers use "programs" typically called "scanners" to scan a default WordPress installation for security vulnerabilities. The short story is.. the majority of the scanners will "stop scanning for vulnerabilities when the WordPress Username is not: admin.

To clarify what is a default WordPress installation.. all recommended WordPress installation methods at wordpress.org and almost all website hosts that offer Cpanel > Fantastico to install WordPress.

Most professional webmasters that install WordPress for you will not utilize the default WordPress Installation methods at wordpress.org and via Cpanel > Fantastico. Professional webmasters already know about the issue(s) and will safeguard your website (Online Business) built on the WordPress CMS.

The point is if a webmaster installed WordPress for you using the default WordPress Username "admin" and any of the default installation methods then you need to secure your WordPress if you are serious about protecting your online business.

[ One common practice that helps ]
Install a WordPress Plugin that scans your WordPress installation for known vulnerabilities and makes suggestions about how to correct the vulnerabilities.Just Google "wordpress security scan" (with the quotes) for a list of WordPress Plugins.
Jeffery is offline   Reply With Quote
The Following 2 Users Say Thank You to Jeffery For This Useful Post:
Unread 28th Dec 2011, 05:57 PM   #18
OffTheWallflowerChild
War Room Member
 
Patrician's Avatar
 
Join Date: 2004
Location: USA
Posts: 11,698
Thanks: 6,331
Thanked 2,666 Times in 1,801 Posts
Default
Re: Warning: Upgrade Wordpress - Free+EZ 2 clicks
Share on: 
fb share twitter share gplus share more share

The situation with 'Admin' usernames has just come to my attention and actually the person who told me originally was kind of wishy-washy - as if it was just his opinion and he wasn't really sure.

Now that I know for sure (thanks Jeffery) I will see how I can begin setting up WP with different usernames. Right now I have to check to see how that would populate the PIPS account profile. Hopefully there is something I can do not to be forced to use Admin.

I don't know what to do about existing accounts other than if you know how to back up your content - If so, I can re-install Wordpress and the theme and then you can load your posts back in yourself. (so not just know how to back up but how to use the back up to reload.

When I heard about vulnerabilities with Fantastico, I did look into installing Wordpress manually and unfortunately it is a long and tedious process - you might not think so but then you are not adding several accounts a day.

So short of all that and back to my point - upgrade Wordpress whenever you see the notice as this will protect you to some degree.

If your site gets hacked we can have it cleaned and restored from the back up the host does. So just contact the PIPS Helpdesk if you have an issue.

Patricia Brucoli
Plug-In Profit Site Helpdesk
Patrician is offline   Reply With Quote
Unread 30th Dec 2011, 06:26 PM   #19
HyperActive Warrior
 
Join Date: 2007
Location: USA.
Posts: 106
Thanks: 12
Thanked 17 Times in 15 Posts
Default
Re: Warning: Upgrade Wordpress - Free+EZ 2 clicks
Share on: 
fb share twitter share gplus share more share

Great. Just caught this, Patricia. Done!

A Beautiful Moment In Time" Treasuring all of life for all the right reasons." (Lee Wise)
LeeWise is offline   Reply With Quote
The Following User Says Thank You to LeeWise For This Useful Post:
Unread 30th Dec 2011, 09:11 PM   #20
OffTheWallflowerChild
War Room Member
 
Patrician's Avatar
 
Join Date: 2004
Location: USA
Posts: 11,698
Thanks: 6,331
Thanked 2,666 Times in 1,801 Posts
Default
Re: Warning: Upgrade Wordpress - Free+EZ 2 clicks
Share on: 
fb share twitter share gplus share more share

Originally Posted by martin61 View Post

Thank you Patricia and Goleza,
I found this website which explains step-by-step how to change the default username "admin" in wordpress. It is very simple!

Change the default WordPress admin username

Regards, Martin
THANK YOU MARTIN! THAT IS A GOOD FIND!

I HAVE COPIED AND PASTED THE LINK AND WILL GIVE IT TO ANYBODY WHO ASKS ON THE HELPDESK.

I WILL ALSO ADD IT TO MY TIPS AND TRICKS THREAD WITH HONORABLE MENTION OF A PIPSTER WHO STEPPED UP TO FIND AND THEN SHARE VALUABLE INFORMATION!!!!


http://www.warriorforum.com/plug-pro...ml#post5331515

HAPPY NEW YEAR 2012!

Pat

Patricia Brucoli
Plug-In Profit Site Helpdesk
Patrician is offline   Reply With Quote
The Following User Says Thank You to Patrician For This Useful Post:
Unread 7th Feb 2012, 07:16 PM   #21
OffTheWallflowerChild
War Room Member
 
Patrician's Avatar
 
Join Date: 2004
Location: USA
Posts: 11,698
Thanks: 6,331
Thanked 2,666 Times in 1,801 Posts
Default
Re: Warning: Upgrade Wordpress - Free+EZ 2 clicks
Share on: 
fb share twitter share gplus share more share

bumpity bump

Patricia Brucoli
Plug-In Profit Site Helpdesk
Patrician is offline   Reply With Quote


Bookmarks

Tags
clicks, free, upgrade, warning, wordpress


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off




All times are GMT -6. The time now is 09:30 PM.