Upgrading All Over the Place

Most people know by now about the vulnerability that’s been being used to exploit a vast number of older WordPress and Joomla installations all over the web.

In case it needs reiterating, if you haven’t yet upgraded your WordPress websites to 2.8.4, or your Joomla websites to 1.5.14, upgrade your sites now.

For more details, refer to:

Lorelle on WP: Old WordPress Versions Under Attack
Weblog Tools Collection: Old WordPress version? Attack warning. Please upgrade!

and this link has the resources to help you clean up if you’ve already been hit:
Journey Etc: Wordpress Permalink & Rss problems

If you’ve been wary of upgrading because your favorite WordPress plugin has not been updated in the past two years, it’s worth taking a leap and disabling that plugin, then searching for a replacement for it after you’ve upgraded. If your concern is about a custom theme that might break in a few places after the upgrade, it’s easier to have a missing or misaligned section of your site for a few hours while you get help fixing some WP calls or some CSS definitions than it is to have to constantly guard the broken lock on an older version in order to keep your site’s look undisturbed.

This time, the upside for me is that now a handful of the sites that I manage are a little bit cleaner — I’ve gotten rid of some plugins that were either abandoned or not even being used on their respective sites anymore.