Question about wordpress updates
Hi, a WordPress.org blogsite of someone I know recently got hacked, and the reason given for the site’s vulnerability was that WordPress plug-ins on the site had not been updated. Can a WordPress.com site similarly get hacked, and are there plug-ins on a WordPress.com site that should be updated to prevent that from happening?
The blog I need help with is cofarblog.wordpress.com.
No. WordPress.com has much, much more stringent security than your common or garden WordPress.org site. Part of that is that WP.com doesn’t allow you to upload plugins. The only plugins incorporated here are vetted by staff and at last count it takes them two years before they’ll add that functionality to the core of WordPress.com.
Great, thanks for the info!
How can I check which version of WordPress I am running? When will I know to update? Does an upgrade affect the appearance of my blog? After an upgrade, do I have to reformat my blog?
Read what I said. You’re running WordPress.com, which is a completely customized version of the software. Staff handle updates.
Does and upgrade effect the appearance of your blog? If you buy the design or theme upgrades it does.
Read the Support documents for more details http://support.wordpress.com/
I was wondering about this too. A newsletter I get from Amy Andrews linked to this: http://mashable.com/2014/08/06/wordpress-xml-blowup-dos/ about security problems with wordpress and that to prevent this, we need to update a new version from our dashboard. It said, “If your website runs on a self-hosted WordPress installation or on Drupal, update your software now.” It was saying our blogs could be lost if not updated with new protective versions. I don’t see anything about updates on my dashboard. What I’m reading from Raincoaster is that we never need to worry about updates and that WP staff handles this. Is that correct?
There’s nothing to wonder about. Staff do all WordPress version updates on WordPress.COM first. We bloggers do nothing. Our WordPress version upgrades are up and running here at WordPress.COM about a month before they are made available to WordPress.ORG users.
I received the same WordPress/Drupal notification from GoDaddy. Why GoDaddy would email me, since I’m not using GD hosting, is a puzzle. So…does WordPress know about these dual WordPress/Drupal notices being emailed to users?
The advice given on this thread is correct. WordPress.com users do not need to worry about any warnings regarding WordPress software versions. That only applies to people with self-hosted sites using the software available on WordPress.org.
Thanks, everyone for the clarification and support! Much gratitude to you.
Best wishes with your blog, Joanana.
Happy to help clarify.
The topic ‘Question about wordpress updates’ is closed to new replies.