As expected, WordPress 4.7.1 was released in January. Specifically on January 11. It fixed eight security issues that affected WordPress 4.7 and below. Then on January 26, version 4.7.2 was released to fix three additional security issues. All of those fixes were applied as appropriate to 4.6.1.
Normally we wait a month to update our WordPress sites to major versions (like 4.6 to 4.7) because of potential incompatibilities between the WordPress version and plugins and themes, as well as for bugs to be fixed. WordPress is at such a stable point in terms of features that most things are just nice enhancements, and waiting is fine.
However, for security updates for WordPress, as well as the themes and plugins we use, we update those on all our client sites as fast as is possible; in fact, for the security updates for WordPress, like going from 4.7.0 to 4.7.1, we allow those to be updated automatically since there are ALWAYS security updates.
W3Techs has ranked WordPress as the fastest growing CMS. More people using it leads to two things:
- More plugins, themes, and options when you choose to upgrade your site
- More people trying to hack into your site
A great tool that we use for some things, which we recommend to our clients to use, is Trello. It allows you to create a “flow” to any major activity, such as keeping track of tasks, a sales pipeline, a bug list, etc. It’s free for most things you’d want to do.
A highly effective Gmail Phishing technique has been going on. They basically trick you into signing into a google look-alike page, and the URL in the address bar looks authentic! A lot of technically savvy people have gotten stung by this. Please be careful and keep your antenna up for these types of things.
Passwords remain terrible in the world wide web. Keeper Security analyzed 10 million passwords that became public via data breaches in 2016 and found that nearly 17 percent of users are protecting their accounts with “123456,” which Keeper ranked as the most common password of 2016! Can you believe that??? We can’t over-emphasize that you don’t have repeated and simple passwords.