Upgrade to Wordpress 2.3.3 Now!
February 28th, 2008
I’ve been asked by some Blokesters if we should upgrade to Wordpress. Admittedly I was hesitant to do it because I had just moved over to Wordpress and got everything working great.
I was also concerned that it might knock out some of my plugins which I have been experimenting with. Like they say “if it ain’t broke… don’t fix it“. So I decided to put it off for awhile.
Well after reading some of the security warnings I’ve decided to take the plunge and upgrade, and so far (knock on wood) I’ve seen no problems.
WordPress 2.3.3 is an urgent security release. If you have registration enabled a flaw was found in the XML-RPC implementation such that a specially crafted request would allow a user to edit posts of other users on that blog. In addition to fixing this security flaw, 2.3.3 fixes a few minor bugs…
The security fix is easy. Just download the fixed version of xmlrpc.php and copy it over your existing “xmlrpc.php” file in your cPanel. The “xmlrpc.php” file can be found in the public_html/ folder in a normal Wordpress installation. Also, as always make a backup first before messing with your Wordpress files.
I contacted my blog host company Bluefur and within 5 minutes they completed the upgrade. I must say that I’m very impressed with their support and if you didn’t take advantage of their $10/year lifetime offer then you should have.
Hindsight is 20/20 eh? 
What now? If you like this post:
Leave a Comment and join the conversation..blog tip with your friends if you liked it
Subscribe to the RSS Newsfeed for more Blog Tips!
Leave a Comment and Join the Conversation...
What is an RSS Newsfeed?
Follow @BlogBloke on Twitter
10 Reasons Why I Don’t Like Your Blog
Video
Be COOL! Grab a Button
Vote for Blog Bloke!.gif){kind=small}
Upgrading WordPress is not too hard once you get the hang of it.
Shameless Promotion: How to upgrade your WordPress installation
Does Bloke and other Blokesters a method they know ?
Jaffer’s last blog post..Books you will find at my local library - Part II
[Reply to this comment: The author will be notified.]
Shame on you Jaffer.
The security fix is easy. Just download the fixed version of xmlrpc.php and copy it over your existing “xmlrpc.php” file in your cPanel. The “xmlrpc.php” file can be found in the ‘public_html/‘ folder in a normal Wordpress installation.
You can find more info about the security fix here. Also, as always make a backup first before messing with your Wordpress files.
[Reply to this comment: The author will be notified.]
Bloke — OK, so I submitted a help ticket to my host to see if they’ll do the upgrade for me. If not, I’m heading over to Jaffer’s place. Jaffer, will you let me cry on your shoulder if I screw it up? I’m not kidding. I actually cried during my move to WordPress. The guy who was helping me just about threw a brick at my head. I think it’s just because men don’t know how to handle crying women.
Kathy’s last blog post..If You Missed the Last Meeting…
[Reply to this comment: The author will be notified.]
Bloke: Now that the most useful tip we all need ! You must put that in the article.
Kathy: I still want you to be careful when copying the files. You don’t want to touch the wp-content folder and the wp-config file else you’ll loose your themes, plugins and customizations.
You can copy away the rest !
Jaffer’s last blog post..Books you will find at my local library - Part II
[Reply to this comment: The author will be notified.]
Jaffer, I already put a link to the Wordpress doc in the quote above that has the file for download with instructions. Nevertheless I’ve added it to the post because I want to keep you happy.
Regarding the other stuff that you mention, it shouldn’t be necessary to fool with those folders for this upgrade and I don’t want to frighten Kathy any more than she already is. But your advice is always good to follow — i.e. don’t fool with something you’re not sure of, AND always make a backup first.
Cheers!
[Reply to this comment: The author will be notified.]
In the Bluefur Cold Case mystery files, I contacted my blog host company Bluefur two months ago about the WordPress 2.3.2 upgrade and Bluefur has not completed both upgrades: WordPress 2.3.2 ( 61 days ago) and WordPress 2.3.3 (24 days ago).
Bloke, who do you call for fast results?
Debbie Dolphin’s last blog post..To the Lighthouse Excellent Award
[Reply to this comment: The author will be notified.]
That’s odd. First off, I’m on the mailing list so I get emails from blog@bluefur.com notifying me of updates such as this one. I called them on the phone and they said they have a different department that handles it. They suggested that I create a ticket for the request and/or just email them. So I emailed them at blog@bluefur.com and within a few minutes it was done.
I recommend trying both ways.
[Reply to this comment: The author will be notified.]
Thank you, BB!
I will eMail them to see what happens.
[Reply to this comment: The author will be notified.]
Oh yeah DD, I forgot to mention that you will need to give them your URL address and your cPanel username.
[Reply to this comment: The author will be notified.]
I upgraded about 2 weeks ago. It wasn’t bad at all. I was expecting for a few of my plugins to stop working but everything seems good.
Curtis’s last blog post..First harvest, what did you harvest first last year?
[Reply to this comment: The author will be notified.]
Bloke — I did as instructed. My admin panel says I still need to upgrade, though. I needn’t worry, though, should I?
Kathy’s last blog post..Do I Have OCD? Do I Have OCD? Do I Have OCD?
[Reply to this comment: The author will be notified.]
Hmm, are you sure you copied over the original xmlrpc.php file? Did you set it’s permissions to be copied over? Have you read all of the Wordpress documentation on the upgrade? Have you asked your blog host provider to help you? There must be a piece of the puzzle still missing.
[Reply to this comment: The author will be notified.]