WordPress & Drupal Vulnerability? -  Keep calm and update!

drupal-wp-vuln

Yesterday, a serious vulnerability in the PHP XML parser used by WordPress and Drupal was announced. After some great collaboration between the core developers of those applications, new versions that address the issue were released for both WordPress and Drupal. We, at SiteGround, are proactively addressing the issue too:

  1. Our security team has been addressing the issue on the server level. We have discerned unwanted activity during last week and have applied certain firewall rules to mitigate it even before the exploited issue was announced. Once we became aware of the officially published details of the problem, we were able to refine our server level defense. Our team is on the guard and ready to add a future improvement if needed.
  2. All WordPress users, who use our autoupdater will be updated to the newest version in 24 hours after the announcement was made
  3. All WordPress users, who do not use our autoupdater but are on a version 3.7 or higher will be automatically updated by the native WordPress update function too.
  4. Once the automatic updates are done, we will scan our servers for outdated WordPress versions and will contact by email their users to recommend update.
  5. We will also contact all Drupal users on our servers, whose applications are not updated and will strongly encourage them to go ahead and get the latest version.

How to secure your WordPress website? (video tutorial)

Access email sent!

Sign Up For
More Awesome Content!

Subscribe to receive our monthly newsletters with the latest helpful content and offers from SiteGround.

Thanks!

Please check your email to confirm your subscription.

Hristo Pandjarov

Product Innovation Director

Enthusiastic about all Open Source applications you can think of, but mostly about WordPress. Add a pinch of love for web design, new technologies, search engine optimisation and you are pretty much there!

Comments ( 2 )

author avatar

Tim

Aug 12, 2014

As per usual, Siteground stays on top of any and all security threats! With their dedicated support, I can be assured my website as well as my clients sites are well looked after and updated with security patches.

Reply
author avatar

Anthony Crowe

Aug 19, 2014

I just migrated my websites to siteground tonight and am amazed at how far behind my previous host is, comparatively, to this host. This security announcement and fix had never been mentioned to any of the web owners that I know on that host. The cPanel here is also much more extensive than the cPanel on my old host. So far, so good. Hope it stays that way.

Reply

Start discussion