WordPress 2.8.5

Was checking some stuff on my WP Dashboard a few minutes ago when I noticed that there was notification advising me to upgrade to WordPress 2.8.5. Here’s an excerpt from the WordPress blog regarding this recent release:

As you know over the past couple of months we have been working on the new features for WordPress 2.9. We have also been working on trying to make WordPress as secure as possible and during this process we have identified a number of security hardening changes that we thought we worth back-porting to the 2.8 branch so as to get these improvements out there and making all your sites as secure as possible.

WordPress 2.8.5 headline changes:

  • A fix for the Trackback Denial-of-Service attack that is currently being seen.
  • Removal of areas within the code where php code in variables was evaluated.
  • Switched the file upload functionality to be whitelisted for all users including Admins.
  • Retiring of the two importers of Tag data from old plugins.

Recently, there’s been a lot of attacks and exploits on WordPress blogs. Lately, I’ve been receiving a lot of notifications from the WordPress Firewall plugin regarding attacks on my blog. If you think that your blog has been compromised you can use the WordPress Exploit Scanner plugin to check your blog for any traces of exploits.

I’ve just upgraded my WordPress install to version 2.8.5 and I strongly suggest that you do too. It will only take a few minutes of your time and it won’t only make your blog more secure but it will also give you some peace of mind.

If you haven’t upgraded to WordPress 2.8.5, you are advised to do so immediately to avoid the risks of a DDOS attack and prevent future problems and headaches on your blog or website.

Download WordPress 2.8.5 now!

JaypeeOnline is supported by its audience. When you click on the advertisements or purchase through links on our site, we may earn an affiliate commission. Learn more



Owner and editor of JaypeeOnline. Self-proclaimed geek. New media writer and consultant. WordPress advocate. Loves blogging, gadgets, video games and sports. You can follow him on Facebook or Twitter.


  • JP Habaradas, October 21, 2009 @ 1:45 PM Reply

    @VC – This is just a hardening release that fixed a few bugs to keep your blog more secure and make it more ready for the next stable release – version 2.9.

    WordPress encourages but doesn’t force users to upgrade. If you don’t want to upgrade, its totally up to you. These upgrades are made to help us keep our blogs more stable and secure.

  • V.C, October 21, 2009 @ 1:43 PM Reply

    I don’t understand why they released the new version so quickly after the last update 2 months ago.
    I don’t see any changing in this new version. It’s not really necessary to upgrade.

  • JP Habaradas, October 21, 2009 @ 9:35 AM Reply

    @Jhay – Really? Its been a while since that happened to me after I upgraded my WordPress install. But anyways, that upgrade.php page is just a confirmation, kinda like a formality. Hehe

  • Jhay, October 21, 2009 @ 9:31 AM Reply

    I think this is the first WP upgrade I applied that worked “out-of-the-box” because after I uploaded the files via FTP, it didn’t redirected me to the /wp-admin/upgrade.php page. :D

  • JP Habaradas, October 21, 2009 @ 7:00 AM Reply

    @jan – Good job! Now you can sleep better knowing that your blog has the latest version of WordPress. Yes, the WP Firewall plugin is a totally different plugin from the WordPress Exploit Scanner plugin.

  • jan geronimo, October 21, 2009 @ 6:59 AM Reply

    Done. I’ve upgraded mine to 2.8.5 already this morning… Is this WordPress Firewall plugin different from WordPress Exploit Scanner?

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.