This is something that most people will delay, because they seem to think that, “If it isn’t broken, don’t fix it”…
WRONG. Although we patched our plugins folder on a previous security tip, that doesn’t mean that the plugin you are using will won’t put it’s version number in the head of the blog. A quick search will indicate that your out of date, and then disaster will (might) strike!
The Fix:
- Download new plugin files from wordpress.org/extend/plugins
- Extract to hard-drive
- Deactivate the plugin in the Wordpress Admin Plugin Area (Thanks Rarst)
- Overwrite the old files by clicking and dragging the files inside the new folder via FTP
- If some settings were lost, replace them
Quite simple for the amount of time it will take. Good luck with your fixes!
Related posts:
- Weird Wordpress Glitch/Update
- Change Your Wordpress Permalink Structure
- Create A “Sidenotes” Section On Your Sidebar
- Mixed Emotions About Content Theft
Share This Masterfully Crafted Article:
Your vote will help grow this blog and provide awesome content to its readers.
Loading ...
12 Comments
I had some problems while simply overwriting with few plugins. I had to disable them, upload and re-enable. Simple overwriting broke them.
Rarst’s last blog post..Dropbox drops invites
@ Rarst – Alright, I think I’ll edit the post.. Sorry about the problems & Thanks for the update
I don’t really know reason for that.
Most say to simply overwrite it, just sharing my experience.I am clueless in php, need ot read something on that since I am now messing with wordpress all the time.
Rarst’s last blog post..Dropbox drops invites
@ Rarst – No it makes sense.. Think about it. If a program is running off a file, and it gets replaced by one with the same name, it could screw up how it works.. so it produces an error.
I was actually going to write something like that, but it evaded my thoughts when I was writing.
Messing with Wordpress is fun
In one of the latest releases, Wordpress has had the ability to update plugins right from your admin panel. I just use that. Remote file access is disabled on my server so I can assume there is something else turning the gears (XML-RPC?).
tek’s last blog post..Nano 4G available, iPod Touch revamped, iTunes 8, Apple fanboys drool everywhere
@tekNo idea how exactly it works but I can say that I have my ftp locked to my IP and I can’t use auto-update. Probably wordpress tries to download files from repository to ftp
Rarst’s last blog post..VirtualBox for your pet Linux
Hey Brad,
Great tip — didn’t realize that not upgrading could be a security issue.
Of course now there is the hassle of updating everything… Especially if they have to all be installed from scratch!
Ah well, better safe than sorry!
Thanks for the tip,
~Graham
Graham Strong’s last blog post..Lipstick on a Pig or “Hog-Tied Marketing”
I used to be so slack about upgrading plugins but no longer as I get a prompt for the dashboard everytime updates for plugins become available.
Sire’s last blog post..Joining The F Group For Comments Sake
I write plugins and it amazes me how long people leave it before they upgrade. I can see some sites still using version 0.2 of my 2.0 plugin which is over a year old now. with wp 2.7 coming, that should be a thing of the past because of the new interface for installing and upgrading plugins in the dashboard. can’t wait!
Andy Bailey’s last blog post..Some improvements for commentluv.com and plugin
The new upgrade process within the wordpress dashboard really makes upgrading plugins a much, much smoother process. I’m betting that as we see more blogs upgrade to wordpress 2.6 and beyond, we’ll see a lot less issues with older plugins compromising security.
Adam Pieniazek’s last blog post..Caffeine: Keep Your Screen Awake!
Thanks for this tip, this is something I have really been neglecting to do. For the last month or two I have had like 10 plugins that have updates and I finally decided to take care of them all today.
Justin Wright’s last blog post..Introducing My New Ride
Very nice information. Check out my blog, I just posted a great blog about the 36 Best Wordpress plugins for 2009.