WordPress 2.6 disables remote access, swats 194 bugs

WordPress 2.6 disables remote access, swats 194 bugs

Summary: WordPress, one of the fastest growing blog software providers, has shipped a new update with fixes for nearly 200 bugs and a major security-related change to disable remote publishing protocols by default.With WordPress 2.

SHARE:
TOPICS: Security
5

WordPress to disable remote logins by defaultWordPress, one of the fastest growing blog software providers, has shipped a new update with fixes for nearly 200 bugs and a major security-related change to disable remote publishing protocols by default.

With WordPress 2.6, the open-source software promises to be more secure out-of-the-box with full SSL support in the core, and the ability to force SSL for security.

Even more importantly, WordPress has disabled the Atom Publishing Protocol and the variety of XML-RPC protocols by default to shut down a potential security risk.

The software upgrade also comes with "a number of proactive security enhancements, including cookies and database interactions," and about 194 bug fixes, some security-related.

WordPress lead developer Ryan Boren has published more details on SSL and cookie handling.

If you manage a WordPress blog, this should be considered an important update.  You should also pay close attention to Matt Mullenweg's security recommendations.

* Image source: Nikolay Bachiyski's photostream (Creative Commons 2.0)

Topic: Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

5 comments
Log in or register to join the discussion
  • Condom photo

    And the condom photo signifies what exactly? Increased protection?
    brilang
    • Why not?

      I've used a similar metaphor with customers, family and friends when discussing computer/internet security at the user's end. It does drive the point home.
      djchandler
  • Another OpenSource Triumph!

    Insecure architecture fixed in version 2.6! Well, better late than never, right? And of course in the OpenSource tradition, they fixed it ... fast? 196 bugs! A service pack and a half, for one single measly application - not an operating system, not even an important application. Just amazing.

    Makes me want to use Linux on an everyday basis!
    PMC-CON
    • Well, at least they don't try to [i]hide[/i] the bugs ...

      NT
      OldGuru
      • Gee, I wonder who does that.....

        Their name wouldn't begin with an "M" by chance, now would it?

        B-)
        hasta la Vista, bah-bie