Comments on: WordPress Under Attack: Reason to Upgrade to 2.8.4 http://www.blogherald.com/2009/09/06/wordpress-org-under-attack-reason-to-upgrade-to-2-8-4/ The leading source of news covering social media and the blogosphere. Mon, 13 Feb 2012 09:18:59 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: Jamie Allsop http://www.blogherald.com/2009/09/06/wordpress-org-under-attack-reason-to-upgrade-to-2-8-4/comment-page-1/#comment-1104886 Jamie Allsop Wed, 09 Sep 2009 08:17:49 +0000 http://www.blogherald.com/?p=14202#comment-1104886 As soon as I found out about this issue I updated straight away. As soon as I found out about this issue I updated straight away.

]]> By: Jayce http://www.blogherald.com/2009/09/06/wordpress-org-under-attack-reason-to-upgrade-to-2-8-4/comment-page-1/#comment-1104881 Jayce Wed, 09 Sep 2009 02:56:12 +0000 http://www.blogherald.com/?p=14202#comment-1104881 I updated immediately after seeing this issue. ;) I updated immediately after seeing this issue. ;)

]]> By: Rob http://www.blogherald.com/2009/09/06/wordpress-org-under-attack-reason-to-upgrade-to-2-8-4/comment-page-1/#comment-1104847 Rob Sun, 06 Sep 2009 11:21:21 +0000 http://www.blogherald.com/?p=14202#comment-1104847 I upgraded to 2.8.4 as soon as it came out, but this past week I got e-mail notifications of several "new users." I became immediately suspicious, especially since I have no link available whereby the public can sign up to be a user ... there's no need to be registered as a user on my blog since anyone can read it and all comments are moderated. So I unchecked "Anyone can register" in the General Settings, deleted all users except my wife and me, and changed the password. I'm hoping I am now safe. I see no other signs of anything odd, but then I don't know enough about WordPress.org code and databases to get into the bowels of the thing to know if anything else is going on. I guess I'll just wait and hold my breath? I upgraded to 2.8.4 as soon as it came out, but this past week I got e-mail notifications of several “new users.” I became immediately suspicious, especially since I have no link available whereby the public can sign up to be a user … there’s no need to be registered as a user on my blog since anyone can read it and all comments are moderated. So I unchecked “Anyone can register” in the General Settings, deleted all users except my wife and me, and changed the password.

I’m hoping I am now safe. I see no other signs of anything odd, but then I don’t know enough about WordPress.org code and databases to get into the bowels of the thing to know if anything else is going on. I guess I’ll just wait and hold my breath?

]]>