Thoughts on WordPress Version Information and Upgrade Warnings

A couple of thoughts just occurred to me, so I’ll publish them while I’m thinking of them. They’re related.

  • Right now, most every WordPress install has a meta element in the head area that echoes the version of WordPress. Now, as a recovering phpBB administrator, I’m reminded of something phpBB did after 2.0.13 or so: they removed making the version public. Now, doing that provides security by obscurity, but there’s value to it—hackers can Google for possibly exploitable versions of software where lazy adminstrators haven’t kept up with the upgrade process. Why make it easy for them? I think this should be gone.
  • In place of this meta element, it would be wonderful for the WP guys to set up Ping-O-Matic to handle such things in pings, which could then be forwarded to some server at WordPress World Headquarters. I mean, WP is Matt [and Ryan], and POM is Dougal [and Matt], so … synergy, people! If you want the stats, come up with a less obtrusive way to get it. [Plus, far fewer people will go to hack this out of their pings than are likely to remove the meta statement.
  • Lastly, to help the lazy amongst us WP admins, we should have a blaringly obvious content block---in yellow or red, depending on the severity---that does a quick lookup of the latest WordPress revision from wordpress.org and spits out a short statement, with links to the Codex with instructions on upgrading. This is also something that phpBB did inside the Administrator Control Panel.

With WordPress's fine support for technology that pulls and pushes data around the messy web, seems like all these are things easily done. Why do I suggest them? Well, in many cases, folks running things like WordPress and phpBB are doing so only after other people have installed them. They're either unfamiliar with, afraid of, or incompetent at installing server scripts. Scaring Supplying them with warnings will have them look up the people who did the support for them in the first place, and that'll be a good thing in the long run, I believe.

[A good thing for everyone but the poor saps who do the script installs. However, I'm one of those guys...]

Posted September 18th, 2005 in WordPress by Geof F. Morris.

Leave a response:

Note: This post is over 4 years old. You may want to check later in this blog to see if there is new information relevant to your comment.

By submitting a comment here you grant this site a perpetual license to reproduce your words and name/web site in attribution.