One of my clients got hacked last week. They had been running a copy of WordPress 2.5 (WP) that was installed in May of 2008 and never updated. Although WordPress 2.5.1 was released 25 April 2008 and included an important security fix, the Client software was never upgraded.

So how do you keep your WP install up to date?

Since WP 2.7, you can upgrade from the dashboard. This is by far the easiest way to stay up-to-date, but there have been some problems reported when running on some hosts so find the right host.

You can also do a manual upgrade of the software. WordPress has a mailing list and an RSS feed which all WP admins should subscribe to.

Pay someone to keep it all up to date.

And lastly, if you don’t want to have to be bothered with all this, then don’t run your own blogging software. Run a hosted solution.

Tags: ,