Ada celah sekuriti serius di WordPress, upgrade sekarang ke versi 2.1.3!

sea surfBeberapa jam yang lalu ada berita penting di blognya Cosa tentang WordPress yang menyebutkan kalau ada celah keamanan yang cukup serius di WordPress untuk versi 2.1.2 kebawah. Sebenarnya bukan cuma di WordPress saja sih, tapi karena ini adalah masalah CSRF (baca: sea surf), jadinya banyak website yang kena, salah satunya adalah Gmail yang terkenal itu juga bisa dihack.

Untungnya WordPress team tanggap dalam hal ini. Sekarang ini sudah ada penangkalnya. Jadi semua versi terdahulu dari WordPress nggak aman. Cara paling ampuh adalah mendownload versi terbarunya serta langsung mengupgrade WordPress blog kita. Versi terbaru dari WordPress adalah versi 2.1.3 dan versi 2.0.10.
Akibat apa sih yang bisa terjadi dengan sekuriti ini? Blog kita bisa di susupi dan diganti username dan passwordnya. Belum lagi kalau orang jahil ini menghapus semua database kita, walah.. semua postingan yang disusun selama beberapa waktu bisa amblas. Terutama kalau kita malas membackup database kita ( seperti saya, contohnya :mrgreen: )

Jadi nggak usah tunggu lama-lama lagi, langsung upgrade sekarang saja, terutama kalau hidup kita tergantung sama WordPress (dari penghasilan adsense misalnya).

Cosa juga menyarankan kita untuk selalu me-log-out setiap kali kita udah kelar bekerja dengan panel WordPress. Saya sendiri sebenarnya memakai plugin Cookie Timeout yang memungkinkan bisa log-out secara otomatis dengan cara menghapus cookie (bukan kue) di browser sesuai waktu yang kita inginkan, saya biasa set setelah 1 jam.

FYI, secara default, WordPress baru menghapus cookie setelah 365 hari! Sangat tidak aman. Untuk solusi sementara, anda bisa pasang plugin itu, tetapi kalau mau benar-benar aman ya mesti diupgrade sekarang.

59 Responses to “Ada celah sekuriti serius di WordPress, upgrade sekarang ke versi 2.1.3!”

  1. Burner Irons says:

    Good day! I simply want to give an enormous thumbs up for the nice data you have right here on this post. I shall be coming again to your weblog for more soon.

  2. appliques says:

    Thank you for making the sincere attempt to speak about this. I believe very sturdy approximately it and wish to read more. If it’s OK, as you achieve more in depth wisdom, might you mind adding extra articles very similar to this one with additional information? It might be extraordinarily helpful and helpful for me and my friends.

  3. Trackback…

    [...]while the webpages we link to below are completely unrelated to ours, we believe they are worth a read, so have a look[...]…

  4. Hey! I’m at work surfing around your blog from my new iphone 4! Just wanted to say I love reading through your blog and look forward to all your posts! Carry on the excellent work!

  5. ww says:

    really enjoyed this kind of post, if I have your permission am i able to reproduce this post to my weblog and share it with other people as well. Naturally I’m going to give the original credits to you only.

  6. I may relate to this web site submit. Your site is usually a outstanding supply of data which I locate to become incredibly handy. Thank you to your thoughts and make sure you keep going to post significantly more top notch content. I’ve bookmarked your website and can test back again generally.

  7. NLP Malaysia says:

    I simply couldn’t depart your web site before suggesting that I extremely enjoyed the usual information an individual provide on your guests? Is gonna be again often to investigate cross-check new posts.

  8. where to buy Premier and Stitched Oakland Athletics jerseys ??…

    [...]we adivce go to this website to see more about Oakland Athletics jerseys and others. [...]…

  9. The post is written in very a good manner and it entails many useful

    information for me. I am happy to find your distinguished way of

    writing the post. Now you make it easy for me to understand and

    implement the concept.

Leave a Reply