WordPress 3.8

WordPress 3.8 was recently released, and as always, we’ve updated our WordPress one-click installer to automatically install the latest version for new WordPress sites.

If you’ve previously installed an older version of WordPress, you should update it from within your WordPress Dashboard.

WordPress 3.7.1

WordPress 3.7.1 was recently released, and as always, we’ve updated our WordPress one-click installer to automatically install the latest version for new WordPress sites.

If you’ve previously installed a version of WordPress earlier than 3.7, you should update it from within your WordPress Dashboard.

The 3.7 series of WordPress introduces a feature that automatically applies security updates and bug fixes without you needing to take any action at all — as the WordPress authors put it, you get “updates while you sleep”. It’s a great new feature.

WordPress 3.6.1

WordPress 3.6.1 was recently released, and as always, we’ve updated our WordPress one-click installer to automatically install the latest version for new WordPress sites.

If you’ve previously installed WordPress, you should update it from within your WordPress Dashboard.

The new version of WordPress is described as a security release that prevents “hackers” from modifying your site if you use “a popular plugin“, whose name has not yet been revealed so that everyone has a chance to upgrade first. While we may be able to add additional protection against this vulnerability when the details are revealed, updating now guarantees your site will stay protected.

Read the rest of this entry »

WordPress 3.6

WordPress 3.6 was recently released, and as always, we’ve updated our WordPress one-click installer to automatically install the latest version for new WordPress sites.

If you’ve previously installed WordPress, you can (and should!) upgrade it from within your WordPress Dashboard.

WordPress 3.5.2

WordPress 3.5.2 was recently released, and as always, we’ve updated our WordPress one-click installer to automatically install the latest version for new WordPress sites.

If you’ve previously installed WordPress, you should upgrade it from within your WordPress Dashboard.

Read the rest of this entry »

WP Super Cache and W3 Total Cache security

Several people have asked us about the recent WordPress WP Super Cache and W3 Total Cache plugin security vulnerability.

For the most part, sites hosted on our servers aren’t vulnerable to this because we block comments that contain the malicious code.

Read the rest of this entry »

WordPress login rate limiting (again)

We’ve talked before about WordPress login rate limiting. Attempts to guess WordPress administrator passwords are an ongoing problem, getting worse all the time.

The average WordPress site we host has received tens of thousands of malicious login attempts this month, with hundreds of thousands of different IP addresses being used in the attacks. We try to block the IP addresses that are responsible, but the ever increasing number of addresses means we can’t block all of them — an individual address often attempts a login only once a day for a given site. We need to adopt other tactics.

Read the rest of this entry »

WordPress 3.5.1

WordPress 3.5.1 was recently released, and as always, we’ve updated our WordPress one-click installer to automatically install the latest version for new WordPress sites.

If you’ve previously installed WordPress, you can upgrade it from within your WordPress Dashboard.

As a reminder, you should always update immediately when WordPress tells you there’s a new version available in the Dashboard. Don’t let yourself get behind, because it gets more difficult to update smoothly if you’re several versions out-of-date.

In addition, don’t avoid upgrading just because the upgrade screen says you should make a backup of your WordPress files and database first: we already make backups for you, automatically, every day.

WordPress 3.5

WordPress 3.5 was recently released, and as always, we’ve updated our WordPress one-click installer to automatically install the latest version for new WordPress sites.

If you’ve previously installed WordPress, you can upgrade it from within your WordPress Dashboard.

As a reminder, you should always update immediately when WordPress tells you there’s a new version available in the Dashboard. Don’t let yourself get behind, because it gets more difficult to update smoothly if you’re several versions out-of-date.

WordPress 3.4.2

WordPress 3.4.2 was released yesterday, and it contains important security updates to keep your site safe.

Our WordPress one-click installer automatically installs the latest version for new sites. If you’ve previously installed WordPress, you should upgrade it right away from within your WordPress Dashboard.

In fact, you should always update immediately when WordPress tells you there’s a new version available. Don’t let yourself get behind, because it gets more difficult to update smoothly if you’re several versions out-of-date.