May 21st, 2008 • 10:41 am
A quick note to Betalogue readers: I have reopened the new user registration feature in WordPress, which means that anyone can register with this blog again and that comments are no longer restricted to already registered users exclusively.
I closed new user registrations last week following hacking attempts on the blog. I strongly suspected that the ability to hack my WordPress system back then was at least in part related to the fact that the blog was open to new user registrations.
I haven’t been able to either confirm or infirm this, so by reopening the blog to new user registrations I am taking a chance. I am hoping that the other measures that I have taken (mainly, upgrading the blog to the latest version of WordPress) have eliminated the vulnerability.
If not and if I get hacked again, I will probably have no choice but to close the new user registration feature for good. This won’t mean that I will no longer accept new users. It will just mean that posting comments on Betalogue will be even harder, because prospective new users will have to contact me and ask me to manually add them to the list of users first. (The situation for existing users will not be affected.)
I certainly hope it does not come to that. But I cannot afford to spend more time trying to deal with security issues affecting this blog. I am not interested in becoming an on-line security expert.
I just hope that the latest version of WordPress fixes the vulnerabilities that enabled my older version of WordPress to be hacked. I don’t have time to search through all the on-line documentation about WordPress in order to try and confirm this. I guess we’ll just see what happens.
Thanks for your patience and understanding.