Well I know it’s hard to upgrade and all, WordPress 2.3.2 is “an urgent security release”. So you may consider updating it to fix your draft post exposure and leaking of WordPress table names.
WordPress 2.3.2 is an urgent security release that fixes a bug that can be used to expose your draft posts. 2.3.2 also suppresses some error messages that can give away information about your database table structure and limits and stops some information leaks in the XML-RPC and APP implementations. Get 2.3.2 now to protect your blog from these disclosures.
As a little bonus, 2.3.2 allows you to define a custom DB error page. Place your custom template at wp-content/db-error.php. If WP has a problem connecting to your database, this page will displayed rather than the default error message.
Source: WordPress blog
Download the new WordPress 2.3.2 now.
Go here to view the changes between WordPress 2.3.2 and WordPress 2.3.1. Read more details on this WordPress update.
//beconfused will not be affected. I think. Probably 1 second of downtime starting from now.
This took me longer than expected and I was getting quite impatient already. I started working on this since Thursday night and I wanted to roll this out on Friday night but it’s just so hard. I think I got rusty somehow too.
This release, I mainly want to improve the readability of the blog. I want to try a darker background color too, almost all my previous layouts have been white. I want it really simple too. Nobody’s interested in my archives anyway, no one wants to know how many categories I have. So I rid them.
In order to make it look less boring, I try to change the colors of the posts to play around. You probably can guess how are the colors generated after a while.
Quite a bit of thought went into search engine optimization and advertisement placement too. No choice, I couldn’t throw them away as they pay for my bills you know.
However, this design is far from completed. After I applied the theme throughout the whole blog, I start seeing a couple of problems here and there that I overlook during my test.
Hope you guys like it.
In the next hour, I’ll be updating the blog design, so if you see something strange, it really is because I am doing something strange. I hope the layout would go well.
I did quite a rush job, especially in getting random categories and latest comments. I didn’t use a plugin and instead just code a couple of functions to grab random categories and stuff. It’s bad for maintenance and I’m kinda scared that things would break.
Also ridding most of the plugins. The new blog design would be a lot simpler and should load therefore load faster. I tested it on Firefox 2, Opera 9, Safari 3, and Internet Explorer 7. Internet Explorer seems to have a rendering bug that I couldn’t fix and I don’t really want to do CSS hacks. It’s rather minor anyway, so I’ll just wait till Internet Explorer 8 comes out.
And meanwhile, great news for spammers, you can happily spam me while I’m doing site testings.
My blog disappeared yesterday due to issues with MediaTemple’s rather troubled maintenance. This offline moment kinda caught me by surprised. MediaTemple announced an Electrical Systems Maintenance and I didn’t really read carefully what it’s about. I thought it’s some power supply maintenance actually.
…(gs) Grid Container issues are resolved leaving one final issue which is BlueArc.
BlueArc engineers have been in our data center for the last 8 hours undergoing their project to upgrade three of our Titan disk systems which combined power the storage for Cluster.1 and Cluster.2 of the (gs) Grid. During the post-upgrade reboot of one of the BlueArcâs components failed (storage shelf) which kept Cluster.2 from rebooting completely.
Source: MediaTemple
I’m on their cluster 2 or what they call “Grid.Cluster.2″. Someone probably reprogramed their space bar to return a period or something.
Well, if you’re interested in ordering services from MediaTemple, consider putting me as your referrer. I’ll really appreciate it. Entering coupon code “surfstation” without quotes will entire you a 15% discount. They’re pretty good except for this longer-than-expected maintenance which annoyed me for 10 hours or so…
I treat security fixes with a little more concern but really, it’s just annoying me that the WordPress upgrading process is quite a hassle. I know I know, you just upload the files and that’s all. But to load up my FTP program to do that - just too much of a hassle.
Every piece of web application should be able to receive updates easily. Today I’m upgrading WordPress, tomorrow I’ll be probably upgrading phpBB, the next day, probably CakePHP. It’s just too difficult to manage.
I was thinking that the PHP module may perhaps include some sort of an easy update function that all web applications can use. Developers just have to generate an XML file of the files that have been changed and a PHP function can just run to download all the files in a tmp folder and deploy it quickly.
Anyway, these are the updated files from WordPress 2.2.2 to 2.2.3:
- tags/2.2.3/wp-includes/default-filters.php (1 diff)
- tags/2.2.3/wp-includes/plugin.php (4 diffs)
- tags/2.2.3/wp-includes/query.php (3 diffs)
- tags/2.2.3/wp-includes/formatting.php (2 diffs)
- tags/2.2.3/wp-includes/feed-rss2-comments.php (2 diffs)
- tags/2.2.3/wp-includes/rewrite.php (1 diff)
- tags/2.2.3/wp-includes/version.php (1 diff)
- tags/2.2.3/wp-includes/pluggable.php (1 diff)
- tags/2.2.3/wp-includes/widgets.php (2 diffs)
- tags/2.2.3/wp-includes/rss.php (2 diffs)
- tags/2.2.3/wp-includes/vars.php (1 diff)
- tags/2.2.3/xmlrpc.php (2 diffs)
- tags/2.2.3/wp-mail.php (1 diff)
- tags/2.2.3/wp-admin/admin-ajax.php (1 diff)
- tags/2.2.3/wp-admin/admin-functions.php (2 diffs)
- tags/2.2.3/wp-admin/rtl.css (6 diffs)
- tags/2.2.3/wp-admin/options.php (1 diff)
- tags/2.2.3/wp-admin/install-rtl.css (1 diff)
- tags/2.2.3/wp-admin/widgets-rtl.css (1 diff)
You can download the new WordPress here. By the way, WordPress 2.3 is rolling out on September 24. So look out for it.
[via WordPress dev blog]
I have been running into troubles logging in to WordPress and was kinda frustrated all morning.
Basically each time I use tried to log in, I get:
You do not have sufficient permissions to access this page.
I could not edit the blog, nothing works except the front page. I did a couple of searches at Google but the solutions didn’t seem to work for me.
In the end, I did a new installation of WordPress and scrutinized every damn thing in the users and usermeta table between a database that worked and a database that doesn’t.
Did you change the prefix of your table names in WordPress after the migration?
(more…)
One of the websites (not //beconfused) I managed got hacked. My host pointed out an exploit in WordPress and said that intruders have planted a spam email sender. The WordPress installed is 2.2 and yeah I didn’t update when 2.2.1 was out. But the exploit is not among those that are fixed which is puzzling. Perhaps it’s really a new exploit, I’m still waiting for the web host to give me more details. Honestly… I am a little confused, I don’t know how to handle these stuff.
And my blog is going to max out the bandwidth again it seems. I am already using a business plan and it seems to be insufficient. My bandwidth is 40 GB per month and I am hitting the limit. I just upgraded 3 months back actually, it used to be 20 GB per month. I didn’t explain it to outgrow that quickly! I thought I would probably grow to using more than 30 GB per month probably the start of next year at the earliest. (Yes, I kinda got it charted out.) (more…)