WordPress 4.2+ Security Upgrades

WordPress 4.2+ Security Upgrades

WordPress Plugins: Security Vulnerability

Recently, a security vulnerability affecting multiple WordPress plugins was uncovered. The WordPress Official Documentation (Codex) for these functions was not very clear, and many plugin developers used them in an insecure way. Due to the varying degrees of severity and more importantly, the large volume of plugins affected, Sucuri coordinated a joint security release with all developers involved and the WordPress core security team.

What We Are Doing

For those of you with websites hosted and/or maintained by AME, we have updated WordPress as well as all plugins and themes (when available*) across our entire network and remote client sites. We are implementing new security measures, and may be installing harder precautions against malware and invasive attacks. Expect AME Network-hosted and maintained websites to be continuously updated when needed over the coming weeks and months.

Important Notes:

• If something is not working the way it used to, let us know. If you are unable to find your login page, we may have moved it for security reasons. Contact us for the correct URL.

• We have added a login attempt limiter to prevent brute force login attacks. Contact us if you are having problems logging in and accessing the dashboard or get locked out.

• *Themes can sometimes be vulnerable. For some clients, updating an older theme may not be an option. In such cases, we may recommend a new, up-to-date theme, website revamp, and security upgrades. AME clients will enjoy affordable, discounted packages for such upgrades and revamps.

General Reminder

This is a good time to remind everyone that all software will have bugs and some of those bugs will inevitably lead to security vulnerabilities, such is the world we live in. This applies to plugins, themes, webservers, CMS’s and basically anything that is written by people and based on code. As much as developers try to minimize them and deploy secure coding principles, mistakes will inevitably still happen. We just have to be prepared and find ways to minimize the affect of any vulnerability in your environment; a perfect example of such an approach is what you’re seeing here with this coordinated announcement and multiple critical update installations and upgrades.

We are strongly committed to keeping our client websites safe and secure, and providing effective support on an ongoing basis.

More details are available via the following links:

Post Status Announcement

WP Tavern Announcement

Sucuri Blog Announcements

 

Post your questions or comments below, use our Contact Form, or start a thread in our Support Forum.


Commentary

  1. May 5th, 2015 at 8:21 am

    Great knowing you guys and gals have our backs! Thank you!

Post a Comment