Connect with us

SEO

WordPress Drops Security Support for Older Installations

Published

on

WordPress Drops Security Support for Older Installations

WordPress announced a three month warning that it is halting all security updates for older installations, versions 3.7- 4.0. The affected installations will display a permanent notice that cannot be dismissed.

Out of Date WordPress Installations

WordPress versions 3.7 – 4.0 will no longer receive security updates beginning on December 1, 2022.

Anyone using these out of date versions of WordPress will put their sites at risk for hacking after the final date of support.

The reason given for dropping dropping security support is that the WordPress core development team can better focus on updating the latest versions without the burden of keeping older versions up to date.

According to the WordPress announcement:

“Officially WordPress only provides support for the latest version of the software.

The Security team historically has a practice of backporting security fixes as a courtesy to sites on older versions in the expectation the sites will be automatically updated.

Until now, these courtesy backports have included all versions of WordPress supporting automatic updates.

Versions WordPress 3.7 – 4.0 have reached levels of usage, namely less than 1% of total installs, where the benefit of providing these updates is outweighed by the effort involved.

…By dropping support for these older versions, the newer versions of WordPress will become more secure as more time can be focused on their needs.”

Which Version Should Publishers Update To?

WordPress is advising publishers to update to the very latest installation, currently at version 6.0.2.

That said, WordPress will still be providing security support for version 4.01, which was released in 2015.

This means that publishers using older versions of WordPress could upgrade to 4.01 in order to not introduce instability to their websites because of older themes, plugins or PHP versions that may be in use.

But doing so is not recommended by WordPress because while security updates are backported to older versions, hardening updates are not backported to older versions.

Security updates are patches designed to block specific critical vulnerabilities.

Hardening is updating the code to make it more secure.

Some believe that requiring users of older versions of WordPress to update to the most up to date version may be perceived as risky because it could result in a non-functional website.

One commenter posted:

“Skipping through 8 years of new releases in one go is a risky operation, and by only offering that option, it’s likely to disincentivize lots of site owners from doing it. The thought process is going to be “Shall I press the button and see if 8 years of updates avoids breaking anything, or shall I just hope for the best leaving it on the current version which has worked thus far?””

Permanent Notification

WordPress posted that installations from versions 4.0 and older will receive a notification within the WordPress installation that alerts publishers that their version is obsolete and that security updates have ceased, with an encouragement to update to the latest version.

Screenshot of Permanent Notification

wordpress notification 632960235c69c sej

Number of Old Versions Still in Use

According to WordPress statistics, the number of older versions that are affected by this decision constitute less than 1% of total installations.

This change should therefore not affect the vast majority of WordPress publishers.


Citation

Read the Official Announcement

Dropping security updates for WordPress versions 3.7 through 4.0

Featured image by Shutterstock/Luis Molinero

Screenshot by Author

Source link

Keep an eye on what we are doing
Be the first to get latest updates and exclusive content straight to your email inbox.
We promise not to spam you. You can unsubscribe at any time.
Invalid email address

SEO

Google’s AI Overviews Avoid Political Content, New Data Shows

Published

on

By

Google's AI Overviews Avoid Political Content, New Data Shows

Study reveals Google’s cautious approach to AI-generated content in sensitive search results, varying across health, finance, legal, and political topics.

  • Google shows AI Overviews for 50% of YMYL topics, with legal queries triggering them most often.
  • Health and finance AI Overviews frequently include disclaimers urging users to consult professionals.
  • Google avoids generating AI Overviews for sensitive topics like mental health, elections, and specific medications.

Source link

Keep an eye on what we are doing
Be the first to get latest updates and exclusive content straight to your email inbox.
We promise not to spam you. You can unsubscribe at any time.
Invalid email address
Continue Reading

SEO

Executive Director Of WordPress Resigns

Published

on

By

WordPress Executive Director Josepha Haden Chomphosy resigns,

Josepha Haden Chomphosy, Executive Director of the WordPress Project, officially announced her resignation, ending a nine-year tenure. This comes just two weeks after Matt Mullenweg launched a controversial campaign against a managed WordPress host, which responded by filing a federal lawsuit against him and Automattic.

She posted an upbeat notice on her personal blog, reaffirming her belief in the open source community as  positive economic force as well as the importance of strong opinions that are “loosely  held.”

She wrote:

“This week marks my last as the Executive Director of the WordPress project. My time with WordPress has transformed me, both as a leader and an advocate. There’s still more to do in our shared quest to secure a self-sustaining future of the open source project that we all love, and my belief in our global community of contributors remains unchanged.

…I still believe that open source is an idea that can transform generations. I believe in the power of a good-hearted group of people. I believe in the importance of strong opinions, loosely held. And I believe the world will always need the more equitable opportunities that well-maintained open source can provide: access to knowledge and learning, easy-to-join peer and business networks, the amplification of unheard voices, and a chance to tap into economic opportunity for those who weren’t born into it.”

Turmoil At WordPress

The resignation comes amidst the backdrop of a conflict between WordPress co-founder Matt Mullenweg and the managed WordPress web host WP Engine, which has brought unprecedented turmoil within the WordPress community, including a federal lawsuit filed by WP Engine accusing Mullenweg of attempted extortion.

Resignation News Was Leaked

The news about the resignation was leaked on October 2nd by the founder of the WordPress news site WP Tavern (now owned by Matt Mullenweg), who tweeted that he had spoken with Josepha that evening, who announced her resignation.

He posted:

“I spoke with Josepha tonight. I can confirm that she’s no longer at Automattic.

She’s working on a statement for the community. She’s in good spirits despite the turmoil.”

Screenshot Of Deleted Tweet

Josepha tweeted the following response the next day:

“Ok, this is not how I expected that news to come to y’all. I apologize that this is the first many of you heard of it. Please don’t speculate about anything.”

Rocky Period For WordPress

While her resignation was somewhat of an open secret it’s still a significant event because of recent events at WordPress, including the resignations of 8.4% of Automattic employees as a result of an offer of a generous severance package to all employees who no longer wished to work  there.

Read the official announcement:

Thank you, WordPress

Featured Image by Shutterstock/Wirestock Creators

Source link

Keep an eye on what we are doing
Be the first to get latest updates and exclusive content straight to your email inbox.
We promise not to spam you. You can unsubscribe at any time.
Invalid email address
Continue Reading

SEO

8% Of Automattic Employees Choose To Resign

Published

on

By

8% Of Automattic Employees Choose To Resign

WordPress co-founder and Automattic CEO announced today that he offered Automattic employees the chance to resign with a severance pay and a total of 8.4 percent. Mullenweg offered $30,000 or six months of salary, whichever one is higher, with a total of 159 people taking his offer.

Reactions Of Automattic Employees

Given the recent controversies created by Mullenweg, one might be tempted to view the walkout as a vote of no-confidence in Mullenweg. But that would be a mistake because some of the employees announcing their resignations either praised Mullenweg or simply announced their resignation while many others tweeted how happy they are to stay at Automattic.

One former employee tweeted that he was sad about recent developments but also praised Mullenweg and Automattic as an employer.

He shared:

“Today was my last day at Automattic. I spent the last 2 years building large scale ML and generative AI infra and products, and a lot of time on robotics at night and on weekends.

I’m going to spend the next month taking a break, getting married, and visiting family in Australia.

I have some really fun ideas of things to build that I’ve been storing up for a while. Now I get to build them. Get in touch if you’d like to build AI products together.”

Another former employee, Naoko Takano, is a 14 year employee, an organizer of WordCamp conferences in Asia, a full-time WordPress contributor and Open Source Project Manager at Automattic announced on X (formerly Twitter) that today was her last day at Automattic with no additional comment.

She tweeted:

“Today was my last day at Automattic.

I’m actively exploring new career opportunities. If you know of any positions that align with my skills and experience!”

Naoko’s role at at WordPress was working with the global WordPress community to improve contributor experiences through the Five for the Future and Mentorship programs. Five for the Future is an important WordPress program that encourages organizations to donate 5% of their resources back into WordPress. Five for the Future is one of the issues Mullenweg had against WP Engine, asserting that they didn’t donate enough back into the community.

Mullenweg himself was bittersweet to see those employees go, writing in a blog post:

“It was an emotional roller coaster of a week. The day you hire someone you aren’t expecting them to resign or be fired, you’re hoping for a long and mutually beneficial relationship. Every resignation stings a bit.

However now, I feel much lighter. I’m grateful and thankful for all the people who took the offer, and even more excited to work with those who turned down $126M to stay. As the kids say, LFG!”

Read the entire announcement on Mullenweg’s blog:

Automattic Alignment

Featured Image by Shutterstock/sdx15

Source link

Keep an eye on what we are doing
Be the first to get latest updates and exclusive content straight to your email inbox.
We promise not to spam you. You can unsubscribe at any time.
Invalid email address
Continue Reading

Trending