Sphinn Home » Blogging
Avatar Posted By: streko 140 days ago
Topic Type: News Story (Jump to http://www.securityfocus.com)
Category: Blogging
IMO the only way to be secure for right now is to run the last build before 2.5 & update it with all security patches - then if you are worried about sites not accepting your blog because its under 2.5 - simply go into your header.php in your template directory and change the meta tag from ...

meta name="generator" content="WordPress
8 Comments     

Comments

from streko 140 days ago #
Votes: 0 | Vote:
+ -

Change meta tag from...

meta name="generator" content="WordPress bloginfo('version') "
(there is standard php stuff in there but old sphinn won't let me have them in the post.)

to

meta name="generator" content="WordPress 2.5"

from tnash 140 days ago #
Votes: 2 | Vote:
+ -

Interesting I suspect this might make http://sphinn.com/story/40009 a bit more relevant though it should be pointed out this could potentially effect other versions as well.

from nowsourcing 140 days ago #
Votes: 1 | Vote:
+ -

I sphunn as the securityfocus site is relavent, however all previous versions of WordPress are at risk.

Yeah, what Tim said.

from mvandemar 139 days ago #
Votes: 0 | Vote:
+ -

Damn it.

Ok, so... 2.3.3 is not listed, but we never heard from WP on this one:

New Wordpress 2.3.3 Exploit/Vulnerability - Adds Spam Directory /wp-content/1/

So, not sure what the best approach would be.

from streko 139 days ago #
Votes: 0 | Vote:
+ -

customize your code so much that it becomes your own version.

with WP being open source im kinda surprised no group has taken the code and just made it crazy secure and then redistributed it so it would still run plugins and templates like normal.

from Jeeb90 139 days ago # - show/hide this comment
Votes: -1 | Vote:
+ -

I would like to see someone take it and make a secure closed-source version.  Then have them be responsible for making sure it still works with future plugins etc and everytime a new version is released. I'd be willing to pay for that.  I wonder if there's a programmer willing to do that.  And a person willing to be in charge of such a project.

There could be very good money in that if it's the real deal.  Charge people yearly.

from markymark 137 days ago #
Votes: 1 | Vote:
+ -

Well, there's a surprise. I'm with Jeeb90 - a paid, closed source version is the way to go. I'd pay just to avoid the tediousness of updating my WordPress blogs every 27 minutes or so.

from SpostareDuro 137 days ago #
Votes: 0 | Vote:
+ -

do we really wait 27 minutes? i thought it more frequently than that..hmm


Log in to comment or register here.

Top 10 Most Sphunn
In What's New

  1. 10 Steps For Gaining 150+ New Subsc... (18)
  2. AdWords Making Big "Quality Score" ... (16)
  3. Why Alert Competitors to Your SEO S... (15)
  4. How to File a Google Reconsideratio... (15)
  5. Traffick: Infinite Regression Award... (15)
  6. Link Development Decathlon « Link P... (14)
  7. Google Analytic’s Achilles heel: Pr... (12)
  8. 5 Easy Steps to Great IA the SEO Wa... (12)
  9. Google Now Searching For Synonyms (12)
  10. Google’s Historical Data Patent, Pa... (11)

Latest Comments

Search Marketing Expo

Save the date for:
SMX China (Nanjing) - Sept. 23-24
SMX Stockholm - Sept. 23-24: See who's speaking or register now.
SMX East (New York City) - Oct. 6-8: See the agenda or register today and save!
SMX London - Nov. 4-5: Pre-agenda rate now available. Click here.