Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
Open Source Software Upgrades

WordPress 4.4 Arrives 39

An anonymous reader with news of the newest release of open source WordPress, which adds a slew of new features to the blog management tool that will "make your site more connected and responsive." You can download the new release now from WordPress.org/Download (7.3MB). WordPress is a content management system (CMS) that powers 25 percent of the Web. The latest version is dubbed "Clifford" in honor of jazz trumpeter Clifford Brown.
This discussion has been archived. No new comments can be posted.

WordPress 4.4 Arrives

Comments Filter:
  • by Anonymous Coward on Thursday December 10, 2015 @09:27AM (#51094507)

    Why is the goal of a new release to make a site "more connected and responsive?" Neither of those are the real issue with Wordpress. I'd like to see an emphasis on security and making it much harder to compromise an install of Wordpress. This tells me that the Wordpress devs might not be taking the issue seriously enough. How about at least not exposing internal paths, having separate administrator accounts that aren't logged into like normal users, and otherwise hardening the system? That should be the goal of new releases, otherwise 25% of the internet is full of massive security holes.

  • by Billly Gates ( 198444 ) on Thursday December 10, 2015 @09:40AM (#51094567) Journal

    I love the remote administration features of wordpress. Infact the owners have no idea I am even remoting in with the sql commands

  • This was timed well with the FBI's announcement that they routinely use zero-day exploits.

  • Upgrade hell (Score:2, Insightful)

    by sgrover ( 1167171 )

    Between keeping the core WP system up to date, and keeping all the plugins up to date, the maintenance needs for a WP system discounts it for most of my customers. If you fail to keep the updates in place - almost daily, then your site quickly becomes owned and requires even more maintenance to fix. There are times and places for WP, but if all "fixes" and content updates are going to the consultants and tech team anyway, then why not just use static HTML?

    • Re:Upgrade hell (Score:4, Interesting)

      by gmack ( 197796 ) <gmackNO@SPAMinnerfire.net> on Thursday December 10, 2015 @11:01AM (#51095027) Homepage Journal

      This is not as hard a problem as you would think. Step one was installing the update notifier plugin and loading a cron job to ping the Wordpress cron script a couple of times a day (not needed on higher traffic sites) so I know when updates need to happen.

      Then I installed the "wp-cli" script [wp-cli.org] and added a script that grabs a backup of the database and web files before running the following commands:
      wp core update
      wp core update-db
      wp theme update --all
      wp plugin update --all

      Then.. wrap that in another script that cycled through all of the sites on my system and Wordpress becomes completely painless as long as no one has done anything crazy like mod the actual Wordpress php files..

      • by Anonymous Coward

        the problem with wordpress (and joomla, for that matter, which is also a huge target for hackers) is 99% of its users who read your comment here would go 'huh?' and have absolutely no clue what you said.

      • by rklrkl ( 554527 )

        I, too, have an ever-growing script that wraps around WP-CLI, but there's a *lot* of gotchas you've got to deal with:

        * Use "wp core verify-checksums" to make sure no-one's modded core files before you do a WP core update.
        * Check at least the Web site home page is returning a 200 success code before attempting any updates.
        * If the home page fails to return 200 after an update, auto-rollback the Web/DB from the pre-update backup you took.
        * You need the ability to exclude specific plugin updates if they break

    • Re:Upgrade hell (Score:4, Insightful)

      by thegarbz ( 1787294 ) on Thursday December 10, 2015 @12:31PM (#51095567)

      the maintenance needs for a WP system discounts it for most of my customers.

      You mean like the whole 7 updates released this year not included bug fixes for legacy systems? The same 7 updates which can be applied automagically with a click of a button and even check the compatibility of plugins as it goes?

      Do your customers also have problems tying their shoelaces and do you get paid by the hour to help them eat their meals?

    • by rklrkl ( 554527 )

      WP-CLI is your friend - lets you do all the admin pointy-clicky stuff via the command line instead (cue a cron'ed wrapper script!). Even manually updating WordPress is painless compared to pretty well any other CMS out there. If I mention "Umbraco updates" (yes, I know, it's Windows only) to anyone within earshot, they run away screaming. Umbraco has *no* updating facility at all (manual clicking in admin interface or automated) and it can literally take days to update just one Umbraco site following a horr

    • Well I for one handle various WP sites and upgrading is absolutely not a hell. I have less than a dozen plugins on each, and just update them before upgrading the core. Never found an issue, for a couple of years on.
      BTW, I went here to check if some new issues would have appeared when switching to 4.4, and I see none.

  • "This screen door has *two* eye hook locks to keep the bad guys out!!"
  • One of the major pains in the backside of WordPress is its use of absolute URLs for pages on the site thousands of times in the WP database. PHP is always had $_SERVER variables to dynamically find the top level component of your URL (e.g. http://www.joebloggs.com/ [joebloggs.com] if you need to (does WP ever need to know it anyway?), yet if you dump the SQL DB, you'll see that URLs are pretty well all absolute rather then relative. This is horrible because:

    * HTML generated by WordPress contains absolute URLs all over the

Keep up the good work! But please don't ask me to help.

Working...