I am not as experienced as many in using WordPress, but I have seen 2 critical upgrades in the last month or so. It just seems to be a pain to do the upgrade so I found an easier way for the last one. I am not sure if this is the same as doing what is recommended, but I’ll throw this out in case someone else wants to do it too.
You see, the WordPress.org site describes a sort of long process, and I always wonder if I am doing all the steps correctly and whether I will lose my blog, etc. (I back up every night, but still, who wants to go through all the headache of the blog being messed up?).
I found myself reading Johnchow’s blog about this recent update and he said the following about this update.
“If you have registration enabled a flaw was found in the XML-RPC implementation such that a specially crafted request would allow a user to edit posts of other users on that blog. In addition to fixing this security flaw, 2.3.3 fixes a few minor bugs. If you are interested only in the security fix, download the fixed version of xmlrpc.php and copy it over your existing xmlrpc.php. Otherwise, you can get the entire release here.”
I went with that, and copied the new file over and was so happy that is was that easy. The problem is, the WordPress Dashboard doesn’t know I did this. And so, it kept reminding me to upgrade. At first I searched for a plugin to turn off the auto_update remind feature, but then I thought that might not be the best plan. I do want to be notified when updates are needed.
So how did I fix it? I decided to look through the WordPress directories for some file that would be triggering this, and I found it! version.php.
It’s in the wp-includes directory. You can either download the newest version of WordPress and just copy this version file over, or you can modify the version.php file you have to the new version, in this case change the 2.3.2 to 2.3.3.
That gets rid of the reminder in Dashboard. I know this is not the “Best way” to upgrade , and it probably has some risks, but it worked for me and was far easier that the “recommended” way.
Hope this helps someone. Let me know what you think about this. Is this an acceptable upgrade? Did I miss some important thing that will make me wish I had done it differently? Let me know what you think.