websitebuildersnow
[ad_1]
WordPress has issued a three-month warning to stop all security updates for older installations versions 3.7-4.0. Affected installations will receive a permanent notification that cannot be ignored.
Old WordPress installation
WordPress versions 3.7-4.0 will not receive security updates after December 1, 2022.
Anyone using these older versions of WordPress will put their site at risk of being hacked after the last day of support.
The reason we are discontinuing security support is so that the core WordPress development team can focus on updating the latest version without the burden of keeping older versions up to date.
According to the WordPress announcement:
“Officially, WordPress only provides support for the latest versions of the software.
Security teams have historically had a practice of backporting security fixes as a courtesy to older versions of sites in hopes that the site will be automatically updated.
Until now, these courteous backports included all versions of WordPress that support automatic updates.
Versions WordPress 3.7 – 4.0 have reached usage level. That means less than 1% of total installs, and the benefits of providing these updates outweigh the effort involved.
…By dropping support for these older versions, newer versions of WordPress will be more secure, allowing you to spend more time focusing on your needs. ”
What version should publishers update to?
WordPress advises publishers to update to the latest installation (currently version 6.0.2).
That said, WordPress will continue to provide security support for version 4.01 released in 2015.
This means that publishers using older versions of WordPress can upgrade to 4.01 to avoid website instability due to outdated themes, plugins, or PHP versions in use.
However, WordPress backports security updates to older versions, but not hardening updates, so it is not recommended.
Security updates are patches designed to block specific critical vulnerabilities.
Hardening means updating the code to make it more secure.
Some believe that requiring users of older versions of WordPress to update to the latest version may be perceived as dangerous, as it may cause the website to stop working.
One commenter posted:
“Skipping eight years of new releases at once is a risky operation, and offering only that option may discourage many site owners from doing it. “Are you going to hit the button and see if the 8-year update gets around the problem, or do you expect the best to the current version that has worked so far?”
permanent notice
WordPress posted that if you install from version 4.0 or earlier, you will receive a notification within your WordPress installation, warning publishers that that version has been deprecated and finished security updates, and encouraging them to update to the latest version.
screenshot of permanent notification
Number of older versions still in use
According to WordPress statistics, the number of older versions impacted by this decision is less than 1% of total installs.
Therefore, this change will not affect the majority of WordPress publishers.
Quote
Read the official announcement
Removal of security updates for WordPress versions 3.7 to 4.0
Featured image by Shutterstock/Luis Molinero
screenshot by author
[ad_2]
Source link
GIPHY App Key not set. Please check settings