WordPress & Drupal Vulnerability? - Keep calm and update!
Yesterday, a serious vulnerability in the PHP XML parser used by WordPress and Drupal was announced. After some great collaboration between the core developers of those applications, new versions that address the issue were released for both WordPress and Drupal. We, at SiteGround, are proactively addressing the issue too:
- Our security team has been addressing the issue on the server level. We have discerned unwanted activity during last week and have applied certain firewall rules to mitigate it even before the exploited issue was announced. Once we became aware of the officially published details of the problem, we were able to refine our server level defense. Our team is on the guard and ready to add a future improvement if needed.
- All WordPress users, who use our autoupdater will be updated to the newest version in 24 hours after the announcement was made
- All WordPress users, who do not use our autoupdater but are on a version 3.7 or higher will be automatically updated by the native WordPress update function too.
- Once the automatic updates are done, we will scan our servers for outdated WordPress versions and will contact by email their users to recommend update.
- We will also contact all Drupal users on our servers, whose applications are not updated and will strongly encourage them to go ahead and get the latest version.
How to secure your WordPress website? (video tutorial)
Comments ( 2 )
Thanks! Your comment will be held for moderation and will be shortly published, if it is related to this blog article. Comments for support inquiries or issues will not be published, if you have such please report it through
Tim
As per usual, Siteground stays on top of any and all security threats! With their dedicated support, I can be assured my website as well as my clients sites are well looked after and updated with security patches.
Anthony Crowe
I just migrated my websites to siteground tonight and am amazed at how far behind my previous host is, comparatively, to this host. This security announcement and fix had never been mentioned to any of the web owners that I know on that host. The cPanel here is also much more extensive than the cPanel on my old host. So far, so good. Hope it stays that way.
Start discussion
Thanks! Your comment will be held for moderation and will be shortly published, if it is related to this blog article. Comments for support inquiries or issues will not be published, if you have such please report it through