Wordpress 2.5 is Better?

Published
by
HWDOT
on April 18, 2008
in Blogosphere, Download, Internet and Wordpress
. Tags: , , , , , , , , , , , , .

Wordpress 2.5 is BetterYeah, i finally upgraded the last version of my wordpress.org, wordpress 2.3.3 to wp 2.5. Version 2.5 does include security fixes so it is recommended for all users, you’ll upgrade/update your wordpress as soon as possible.

Yeah, We all are already aware of Wordpress, it is one of the best Content Management Systems (CMS) in blogosphere. In this new wordpress version 2.5, i can see many new & improved features which are better. It comes with a better page/post management system than the previous version 2.3. Admin redesign with a simpler and more modern design, makes my eyes fresh everytime i’m in admin page :). Internet security is now better too, it supports “salted passwords” , now uses the phpass library to stretch and salt all passwords stored in the database, which makes brute-forcing them impractical.

The improvements in 2.5 are numerous, and almost entirely a result of your feedback: multi-file uploading, one-click plugin upgrades, built-in galleries, customizable dashboard, salted passwords and cookie encryption, media library, a WYSIWYG that doesn’t mess with your code, concurrent post editing protection, full-screen writing, and search that covers posts and pages.

>> WHY UPGRADE / UPDATE, Vulnerability Issues ??
I don’t know whether those new improvements and features will make you certain to upgrade. But, these problems may be in your list of choice to do soon.

+ Wordpress 2.3.3 VULNERABILITY:
Just type these keywords in GOOGLE.com > wordpress 2.3.3 vulnerability
Wordpress 2.5 is Better vulnerability issues….

“New Wordpress 2.3.3 Exploit/Vulnerability (Adds Spam Directory /wp-content/1/)”
“WordPress 2.3.3 Invaded by Wily JavaScript | TrendLabs | Malware …”
“Wordpress 2.3.3 Hidden Links Injection Exploit and How To Not Let …”

… ,and more…

Does this wordpress 2.5 fix that? It’s not confirmed yet, and no reports yet about wordpress.org 2.5 having that vulnerability, even it’s just ‘ordinary’ if it will have another in future, but it doesn’t make me anxious, i’ll get the next upgrade and update version again asap.. :) Yeah, It’s a must-have for our safety. This case is like VIRUS versus ANTIVIRUS, isn’t it? You should upgrade and update that.

+ TECHNORATI Warnings : Vulnerable WordPress Blogs Not Being Indexed

Blogs that have been compromised by this security vulnerability are typified by having links to spam destinations inserted onto the blog page. These link insertions may be invisible to casual observations; the links are often obscured by style attributes that render them invisible. These links are still seen by crawlers such as Technorati’s, Google’s and Yahoo’s. You can find these links by viewing the source of the blog pages or, when using Firefox, looking under “Tools” -> “Page Info” -> “Links”. Blogs hosted on wordpress.com are not affected by this issue; only blogs hosted on their own installations of WordPress from wordpress.org require concern.

Because of this ongoing problem, we’re discontinuing processing crawls of blogs that exhibit common symptoms of being compromised. We strongly recommend upgrading your WordPress installation. Even if you haven’t been afflicted by a compromise, by the time you are aware that you have been a number of negative consequences may have already occurred (for instance, flagged spam by Technorati, Google or Yahoo!) — this has been reported by many WordPress users. (Technorati)

I believe that “Nothing is forever and safe” in this huge world including internet, so i think updating/upgrading and… making frequently backups are essential things to do.

>> WHAT’S NEW in WordPress 2.5 ??

Wordpress 2.5 is Better login screenshot> Wordpress 2.5 User Features:
+ Cleaner, faster, less cluttered dashboard
+ Dashboard Widgets
+ Multi-file upload with progress bar
+ Bonus: EXIF extraction
+ Search posts and pages
+ Tag management
+ Password strength meter
+ Concurrent editing protection
+ Few-click plugin upgrades
+ Friendlier visual post editor
+ Built-in galleries

> Wordpress 2.5 Developer Features:
+ Salted passwords — Version 2.5 now uses the phpass library to stretch and salt all passwords stored in the database, which makes brute-forcing them impractical. If you use something like mod_auth_mysql wordpress have created a plugin that will allow you to use legacy MD5 hashing. (The hashing is completely pluggable.) Users will automatically switch to the more secure passwords next time they log in.

+ Secure cookies — cookies are now encrypted based on the protocol described in this PDF paper. which is something like user name|expiration time|HMAC( user name|expiration time, k) where k = HMAC(user name|expiration time, sk) and where sk is a secret key, which you can define in your config.

+ Easy taxonomy and URL creation — probably best illustrated with an example: I can call register_taxonomy() with a few arguments to register a “people” taxonomy and whenever I edit an image I’ll see a UI like tags has for identifying the people in a photo, and these will be URL addressable with /person/firstname-lastname/. All with a single function call.

+ Inline documentation — the vast majority of the new code going into WordPress include inline documentation that explains the functions and documents their arguments.

+ Database optimization — Wordpress.org haven’t changed the table layout in this release, which is one of the reasons so many plugins work fine with 2.5. We have added a few new indicies and made a few default fields more flexible based on some bottlenecks we found on WordPress.com, which now hosts 2.7 million WordPress blogs. It should be invisible to the application, just a bit faster on the database side.

+ $wpdb->prepare() — now almost all of the SQL in WordPress is prepared first, and the same functions are available to your plugins. This should prevent elementary SQL escaping issues.

+ Media buttons — the add media buttons above the post are both expandable, so you could have an “Add Google Map” button if you like, They can be overridden, so if you think you can do the video or audio tab better than we have you can replace the default.

+ Shortcode API — the new gallery functionality is powered by the new shortcode API. Shortcodes are little bracket-delineated strings that can be magically expanded at runtime to something more interesting. They give users a short, easy to type and copy/paste string they can move around their post without worrying about messing up complex HTML or embed codes. The Shortcode API is fully documented.

Read more details Wordpress.org 2.5 development here.

Wordpress 2.5 is Better admin redesign>> IS IT COMPLICATED to UPGRADE ?
Hehe.. it’s easy.
+ Step 0: Before You Get Started > BACKUP, Yes, BACKUP and BACKUP! You can use wordpress backup plugins, FTP, but i prefer a full backup from my CPANEL which includes SQL database and all files.

+ Step 1: Replace WordPress files > After downloading the new files, you’ll just replace or delete your old wp-includes and wp-admin directories then copy the new dirs /files.

*** WARNING : The wp-content folder requires special handling, as do the plugins and themes folders. You must copy over the contents of these folders, not the entire folder. Copying the entire folder overwrites all your customizations and added content.

Also take care to preserve the wp-config.php file in the root directory, as it contains your database sign-in information. Do note though that usually this will not be a problem since in a new installation the config file will be named wp-config-sample.php.

+ Step 2: Upgrade your installation
if your wordpress example.com just type this in your browser :
http://example.com/wordpress/wp-admin/upgrade.php

then follow the instruction.. and DONE !

>> OR.. for more details just follow this guide from official website:
codex.wordpress.org/Upgrading_WordPress

So, If you still use the previous one, What are you waiting for? Let me guess, maybe because of THEMES and PLUGINS, you’re not certain whether they will be supported in wp 2.5 ?

Take it easy, you may visit this page for compatibility information.

> WordPress 2.5 Plugin Compatibility List
codex.wordpress.org/Plugins/Plugin_Compatibility/2.5

> WordPress 2.5 Theme Compatibility List
codex.wordpress.org/Themes/Theme_Compatibility/2.5

“Hell NO.. my themes or plugins are NOT supported YET!”

:)

Yeah, one of my plugins was neither supported yet, but it didn’t stop me because we all know there are so many other themes and plugins with the same use for Wordpress (the best CMS for me) which may be better than you’ve used. I found another plugin to replace which is not supported. I think it’s not a big problem as long as it works.

Remember this popular quote: “Change never changes”. Yes, There is nothing lasting forever in this world including internet world.. :) So, just update and upgrade your old stuff. According to me, that is better than doing nothing. What do you think?

Oh yeah, i almost forgot, i think you’re already aware of wordpress.org to download this wordpress 2.5.

+ Read more Recommended Posts about WORDPRESS
+ Read more Recommended Posts about INTERNET SECURITY
+ Read more Recommended Posts about TWEAK INTERNET SPEED
+ Read more Recommended Posts about TWEAK WINDOWS

www.HWDOT.com

Recommended BROWSER > Mozilla Firefox ( 2X Faster than Internet Explorer).

0 Responses to “Wordpress 2.5 is Better?”

Feed for this Entry Trackback Address
  1. No Comments
  1. 1 Wordpress 2.5.1 Upgrade: Security Fix, >70 Bug Fixes Update at www.HWDOT.com
    Pingback on Apr 25th, 2008 at 5:33 pm
  2. 2 WordPress 2.6 Available + TURBO speed (using Google Gears), 194 bugs fixed at www.HWDOT.com
    Pingback on Jul 16th, 2008 at 8:44 pm

Leave a Reply