[wp-hackers] wordpress security

Jeremy Clarke jer at simianuprising.com
Fri Oct 16 18:01:21 UTC 2009

On Fri, Oct 16, 2009 at 1:29 PM, Otto <otto at ottodestruct.com> wrote:
> Question to those of you who like this idea of emailing the admin for
> upgrade notification:
> Are you currently using this plugin?
> http://wordpress.org/extend/plugins/upgrade-notification-by-email/
> If not, why not?

I don't use it because in my 5+ years of using WP and installing it
all over the place I've worked out lo-fi systems (i.e. a text file)
where i list all the WP installs I'm responsible for and their
versions. When there is an update I learn about it on Twitter (because
I follow tons of WP people, not something I recommend to normal users)
and know to reconsider my text file and try to keep them all up to

So I personally don't really need the plugin or the feature. I'd still
use it, but going back to the old installs and installing the plugin
is more than its worth for me.

Others among us might use automatic svn or have special bash scripts
or WP plugins that keep track of multiple installations instead of my
wimpy text file. These are all great solutions for experts who have
experience and know what they're doing, but there needs to be more
pressure on newbies to pick up the importance of updating, and telling
them to install another plugin is a pretty innefective way IMHO. It
feels to me like preaching to the choir: if you know enough to install
plugins like that then you probably know its important to stay up to
date and have experience. I mean, how many of us have been hacked at
some point? I have multiple times, that's how I learned (and I still
don't always update fast enough!), if WP wants to improve its image it
has to start annoying people BEFORE they are hacked, not after.

Jeremy Clarke | http://jeremyclarke.org
Code and Design | http://globalvoicesonline.org

More information about the wp-hackers mailing list