I was never able to get WP to do an "automatic" update. Ever. Even with Aaron's weird hack. Not sure why. I am pretty sure that it has something to do with permissions in the IFS but frankly, was was just easier to manually update it.

I share your concern with WP and not just the database. It was the vector I targeted when I was in the final day of my "Web App Penetration Testing and Ethical Hacking" class with the SANS institute (I successfully breached WP, however we only came in third in capture the flag...bummer).

I have found that there are usually only a few pages in a business website that need regular updating (like blogs) and there are plenty of alternatives to WP that are more svelte and secure. I have been leaning to using CKEditor to allow end user HTML-ish editing of pages rather than a full blown CMS. But, I guess that depends upon your requirements. Less is more in most cases.

Thanks for the heads up. If I ever get the automatic update to work in the few WP installs I have, I'll be cautious....

Pete Helgren
www.petesworkshop.com
GIAC Secure Software Programmer-Java

On 8/20/2015 6:13 PM, Jon Paris wrote:
For some time now we have been wrestling with trying to find out why our WP site was automatically updating itself, but that all plug-ins failed during the last step of the update for no obvious reason.

We have spent many hours and $s on this without resolution and have had to resort to manually updating the plug-ins.

Why am I mentioning this? Because after the last round of updates a number of features on the site stopped working. Password resets, blog post notifications, etc. It turns out that the WP update process has been “lying” to us - the main wP software was no actually being updated it just said it was. As a result we appear to be in a situation where the plug-ins are for a more recent version of WP than the one we were actually running! The net appears to have been that various functions failed.

We have now manually updated the main WP software and most of the “broken” functionality is working again - not all of it and we suspect that database corruption during the mis-match period may have caused this - we’re still working on it.

So - this is just a heads up to any of you using WP that you may not be as up-to-date as you think! And that may lead to other problems later.

Jon Paris

www.partner400.com
www.SystemiDeveloper.com



As an Amazon Associate we earn from qualifying purchases.

This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.