My Kansas Library

Most of you have automatic upgrades to the new versions of WordPress set up – but if you notice that your site hasn’t updated yet and want to do that now, feel free. This site has already updated and no problems have been noticed, so yours should be fine, too! Ninja Forms, a plugin that is commonly used to create contact and registration forms for library websites has been updated as well – that one you’ll have to update manually (by clicking the “update” link on the plugin page  – the rest is done for you by WordPress), but I encourage you to do so. I also am encouraging everyone to make sure they have the Wordfence plugin installed and running on their sites. I’ve been talking to the system techs over the past weeks to help them make sure the plugin is there and working – there is a rash of pharma spam attacks going on that you might not notice (nor will your patrons, generally, unless they are using VERY old browsers – the attack is meant to improve the spammer’s link counts, not necessarily to actually advertise the pharma products to your patrons) that Wordfence can help find and root out. Talk to your system tech person if you have questions about those plugins, the upgrade or anything else – or you can, as always, contact me at rhastings@nekls.org if you run into problems! Thanks!!

Hello and welcome to yet another edition of WordPress vulnerabilities! Today’s edition consists of a fairly nasty hack that is outlined at http://arstechnica.com/security/2015/09/active-malware-campaign-uses-thousands-of-wordpress-sites-to-infect-visitors/ (at the very bottom is a link to the Securi website scanner that will help you find out if your site is compromised). In case the article is more than you want to read right now… the general idea is that there is a hack that is suspected to use vulnerable plugins that hijacks a website to make it deliver malware to visitors. There is no information on what the vulnerable plugins might be or whether they are the latest version, but it’s always a good idea to make sure yours are up to date on a *very* regular basis!

Please let me know (rhastings@nekls.org) if you have any questions or concerns!

There has been a new version of WP released overnight. Some of you who have already been moved to our new server might already have had the update automatically applied to your site. If you log into your WP dashboard and see the version is 4.2.3, you are fine. If not, however, this is a pretty major security release, with lots of bug fixes thrown in, so it would be a good idea to log in and do your updates as soon as you can.

Details about the update are at https://wordpress.org/news/2015/07/wordpress-4-2-3/ if you want more information. So far, no issues have cropped up, but please let us know if something happens to your site!!