Have you ever been in that situation where you have CLI access to a wordpress site but not through the GUI? I had that experience recently and wanted to know which version of wordpress the person was using. Mainly, I wanted to see if they were keeping things up to date. So with this handy one liner I found scouring through the web, you can do exactly that. # find .
Maybe someone can help me out here. It seems to me that wordpress is lacking some support for upgrades with SSL. For example, I do not have FTP open on my web server and I have no plans to open it up in the future. I DO however support ftp over ssh also known as sftp. But when I click on the ‘automatically upgrade’ link in the plugins directory, here is the screen that I am greeted with.
I’m not sure if you’ve applied the latest updates for wordpress but I did last week. However, it appears that someone got in to one of the blogs that I manage and created an account for themselves. They didn’t do anything with it, but they DID have full admin access. I’m assuming that this was due to a security bug in 2.8.3 as they were in when that was on the server.
I’ve been doing quite a bit of side work for friends and family putting together some low traffic ‘business card’ sites. I used to do a lot of custom programming for each of these where I would put up the site and then have a CMS on the back end so they could log in and update the content. This worked out for a while and I had a pretty basic CMS built that I could plug in where needed.