Application Upkeep

One thing that is a downside of being in the hosting business, is definately applications - don’t get me wrong, I love things like Wordpress, 4Images, and various other PHP and Perl based apps (testing Ruby here on the home office server & soon on the dev machine at the Downtown office) - but the ol saying “If it ain’t broke, don’t fix it” really doesnt apply to the web, just because a application is still doing XYZ for you, doesn’t mean it’s safe and secure.

This morning I got the classic email “Hacked?” needless to say your heart drops, you begin thinking about last backups made, meetings you have to cancel for the day, and how quickly you can get on the box and see the amount of damage - well in this case it was 3 files, 2 html’s, and a php, nothing else seemed touched or damaged - the process was probably automated via Google no less - in this case search for “Wordpress” and then run the attempt against the possible exploit (1.2.x builds XMLRPC exploit) - and if it works, just blast the index page and let the world know, “I WAS HERE!”.

So since data was in tact for the client and my heart rate was returning to a normal almost-resting rate, he got to work on the process of upgrading Wordpress from 1.2.2 -> 2.0 - but in my reading I saw you had to step up, 1.2.x->1.5.x->2.0 - so I jumped in and did the remainder of the upgrade, as I had the 1.5.2 files still and I could really do things like, backing up files, folders, databases faster from command line, and just whipped through the upgrades - and now the client is playing around in a new Wordpress 2.0 playground :)

So if your a software user - be it Wordpress, Gallery, 4Images, MovableType, etc. etc. etc. - do yourself a favor, subscribe to the site’s update announcement list - could very well save your blog, your server, and your friendly neighborhood nerd some stress ;) (I still love you Josh, your like the Crazy Canadian Cousin I never had!) - if ANYONE needs help upgrading an application, even if you don’t host with me, hit up discuss and ask for help - always glad to lend a hand if I can.

Posted on 19 January '06 by Chuck Brown, under deep thoughts, random thoughts, work.

 
close Reblog this comment
Powered by Disqus · Learn more
blog comments powered by Disqus