Google Warns Bloggers Hosting Old WordPress Versions

By Posted 2008 Updated   BloggingGoogleSecurityWordPress

All self-hosting wordpress bloggers have to upgrade whenever a new version of WordPress is released, not only to get new features and bug fixes, but also eliminate security loophoes easily exploited by hackers to hack your blog. Now Google webmaster tools will warn blog owners when their old wordpress versions are prone to hacking.

Google is presently running a limited test and warning webmasters who are hosting WordPress 2.1.1, which was known to be vulnerable to exploits. Remember how a cracker gained user-level access to one of the servers that powers wordpress.org, and modifed the wordpress 2.1.1 download files. They say if the test goes well, they will expand these messages to include other types of software on the web.

Here is a sample message which affected users will get.

Google Warning Message

I think this is a good way to warn wordpress bloggers about old versions at high security risk. But when someone has not upgraded wordpress for over a year, there is a high chance they have become inactive and stopped blogging. Upgrading wordpress is an essential task for wordpress bloggers (one of the benefits of hosting on WordPress.com). Anyone can find out your wordpress version easily, so it is recommeded you drop version string in header.php. Stay safe with the latest version of WordPress.


15 comments on “Google Warns Bloggers Hosting Old WordPress Versions

  1. Mickey says:

    I think this is perfect for those people you mentioned in your final paragraph that have stopped blogging. Just because they’ve stopped, they still need to update WP or remove it to avoid some potentially serious problems.

    This might be a good way to remind them of their old blogs that they may have forgotten about.

  2. Ajay says:

    recently i have upgraded my wp version
    and i think it’s now safe

  3. Tyler Banfield says:

    If anyone is looking for the simplest way to upgrade their WordPress installation, I highly recommend the WordPress Automatic Upgrade plugin: http://wordpress.org/extend/plugins/wordpress-automatic-upgrade/

  4. Mrinmay Bhattacharjee says:

    Thanks for the Information :)

    I upgarded 15 days ago to latest wordpress 2.6.2

  5. Aoi says:

    Good tip on the “header.php” line in the WP engine. Self-hosting a blog is more than just buying a domain name, as you point out. There’s admin work to be done, and WP makes it easy. Joomla! (good for group bloggers) has similar features, but takes more admin work than most individuals would want to bother with.
    Also, use the backup feature in WP just in case someone manages to take down your blog.

  6. Susan says:

    Good move by Google. Also, creating a file in the wp-content folder called index.html will hide plugins used on the site.

  7. sarpras says:

    I upgarded latest wordpress 2.6.2 using WordPress Automatic Upgrade.

    WordPress Automatic Upgrade allows a user to automatically upgrade the wordpress installation to the latest one provided by wordpress.org, very good plugin.

  8. webdesign says:

    I will upgrade my wordpress soon, thank you for your article.

  9. TJantunen says:

    I have always used WordPress Automatic Upgrade plugin and with the help of that plugin, upgrade is fast and easy to do.

  10. od3n says:

    new version have security and bugs updated so we wont give known free hole to hackers.

  11. Tama says:

    Oh, I must upgrade my site now, thanks for your notice.

  12. Ami | Websites Hacked says:

    That is a relief to know. Concerned about the increasing frequency of complaints in the forums about blog hijack

    At least one possible cause has been identfied [thank you] and we can take this small step to protect our blogs

  13. Vardis says:

    Good work. Thanks for the heads up.

  14. Ricks says:

    Thanks for the warning, gotta make sure all my WP sites are up to date!

  15. Sujit says:

    Thanks for the great NEWS, it is really a good update for the bloggers!!

Leave a Reply

Your email address will not be published. Required fields are marked *




css.php