Daily Tech Notes » WordPress

Normally I wait for sometime before upgrading WordPress installations. But this time I jumped to WordPress 2.5 when I came across serious security issues in 2.2.x series. Some of my blogs which ran under 2.2.x versions were badly hacked and I had to spend a lot of time recovering them! The hacker modified most of my posts and cleverly inserted hidden links. Also he installed a backdoor php file in the current template folder! This ensured that even after upgrade he can control my WordPress blog.

I detected the problem only when I realized that my blog is no longer in the Google search index!

The WordPress hacking became so widespread that Technorati has special process in place to quarantine infected/hacked WordPress blogs! There are reports of WordPress 2.5 vulnerability, but it is better to upgrade to 2.5 than stick with 2.3.3. The important thing is to upgrade as soon as a release is out rather than cling to a version for which hacking scripts may be sold in warez forums! So I am keeping my thumb on the WordPress upgrade button waiting for 2.5.1 

After the upgrade I came across an interesting  issue when I tried to post through Windows Live Writer. It responded with an error message – Invalid response document returned from XmlRpc server. I initially thought that it is a bug with Windows Live writer and compatibility issue with WordPress 2.5. Then I tried posting the same from the WordPress admin. When I tried to upload an image I got the following error,

– Fatal error: Call to undefined function wp_constrain_dimensions.

Then I realized there is some problem with the WordPress 2.5 upgrade. Here is how I resolved the problem. First I deleted all the php files in the WordPress root folder (except wp-config.php) and then deleted wp-admin and wp-includes folder. After ensuring that all old files are deleted, I uploaded WordPress 2.5 files again. That resolved the issue with Windows Live Writer!

Scroll to Top