Question about wordpress updates

  • Author
    Posts
  • #1930041

    cofarblog
    Member

    Hi, a WordPress.org blogsite of someone I know recently got hacked, and the reason given for the site’s vulnerability was that WordPress plug-ins on the site had not been updated. Can a WordPress.com site similarly get hacked, and are there plug-ins on a WordPress.com site that should be updated to prevent that from happening?

    The blog I need help with is cofarblog.wordpress.com.

    #1930090

    raincoaster
    Member

    No. WordPress.com has much, much more stringent security than your common or garden WordPress.org site. Part of that is that WP.com doesn’t allow you to upload plugins. The only plugins incorporated here are vetted by staff and at last count it takes them two years before they’ll add that functionality to the core of WordPress.com.

    #1930093

    cofarblog
    Member

    Great, thanks for the info!

    #1930265

    jsherwin2013
    Member

    How can I check which version of WordPress I am running? When will I know to update? Does an upgrade affect the appearance of my blog? After an upgrade, do I have to reformat my blog?

    #1930266

    raincoaster
    Member

    Read what I said. You’re running WordPress.com, which is a completely customized version of the software. Staff handle updates.

    Does and upgrade effect the appearance of your blog? If you buy the design or theme upgrades it does.

    Read the Support documents for more details http://support.wordpress.com/

    #1930268

    I was wondering about this too. A newsletter I get from Amy Andrews linked to this: http://mashable.com/2014/08/06/wordpress-xml-blowup-dos/ about security problems with wordpress and that to prevent this, we need to update a new version from our dashboard. It said, “If your website runs on a self-hosted WordPress installation or on Drupal, update your software now.” It was saying our blogs could be lost if not updated with new protective versions. I don’t see anything about updates on my dashboard. What I’m reading from Raincoaster is that we never need to worry about updates and that WP staff handles this. Is that correct?

    #1930269

    timethief
    Member

    There’s nothing to wonder about. Staff do all WordPress version updates on WordPress.COM first. We bloggers do nothing. Our WordPress version upgrades are up and running here at WordPress.COM about a month before they are made available to WordPress.ORG users.

    #1930270

    jsherwin2013
    Member

    Joanna,

    I received the same WordPress/Drupal notification from GoDaddy. Why GoDaddy would email me, since I’m not using GD hosting, is a puzzle. So…does WordPress know about these dual WordPress/Drupal notices being emailed to users?

    Jennie

    #1930271

    timethief
    Member

    @jsherwin2013
    You have a WordPress.COM hosted blog and so does joannaoftheforest. Please ignore all WordPress.ORG communications as they do not apply to your blogs.

    #1930272

    rootjosh
    Staff

    The advice given on this thread is correct. WordPress.com users do not need to worry about any warnings regarding WordPress software versions. That only applies to people with self-hosted sites using the software available on WordPress.org.

    #1930273

    Thanks, everyone for the clarification and support! Much gratitude to you.

    #1930274

    timethief
    Member

    Best wishes with your blog, Joanana.

    #1930275

    rootjosh
    Staff

    Happy to help clarify.

The topic ‘Question about wordpress updates’ is closed to new replies.