I’ve upgraded this blog to WordPress 2.5.1, which adds several security fixes & performance improvements. This time I used WP Auto Upgrade, which was very quick but had one glitch. When it finished the update, it didn’t re-enable my plugins, so I had to re-enable them manually.
WordPress
Stolen Content
Checking my Akismet queue, I found several trackbacks from spam blogs scraping and reposting my content. They all seem to be using the same template, usually starting with “(some blog name) wrote an interesting post today…”, always giving it some random name linked to my blog.
I don’t mind my feed being included in an aggregator, but this is pure content theft.
Security Scan Plugin
I tried the WP Security Scan plugin, which checks the blog for common security problems, such as incorrect file permissions, but unfortunately it causes posting via XMLRPC to fail, so I had to deactivate it. I also tried out some other themes but didn’t really like them, so I went back to the old one.
WordPress 2.5 Final
I’ve upgraded this site to the final release version of WordPress 2.5. As always, the upgrade was quick & painless.
WordPress 2.5 Upgrade
I’ve upgraded this site to the WordPress 2.5 release candidate. I had been planning to wait until the release, but Daniel asked me to upgrade his blog a few days ago. When I saw how quick & painless the upgrade was, I decided to upgrade here as well.
The upgrade took less than 5 minutes, including backing up. So far every WordPress upgrade I’ve done has been quick, painless, and uneventful. With Drupal, on the other hand, every upgrade is traumatic and breaks lots of features. I still haven’t upgraded any of my sites to Drupal 6 yet.
WordPress 2.5
A friend asked me to upgrade his blog to WordPress 2.5 RC1, which I had decided to avoid until it’s actually released, so I tried it out on a local copy of this site running on my MacBook Pro. Unlike Drupal 6, I found the update was completely painless and didn’t break any of my plugins or themes.
I’m very cautious about upgrades. I always try it first with a local copy of my website running on my Mac. I don’t use MAMP; I use the built-in version of Apache with PHP5 enabled and MySQL installed.
After I verify that it works on my Mac, I try a test site. I create a subdomain like test.mysite.com, copy my files to the test directory, and make a copy of the database. I then try the upgrade on the test site. When I’m satisfied that it works, I simply swap the test & main site directories. I usually turn off the ability to post while I’m doing the update, to avoid having any stories or comments posted to the old site.
Blog Fight!
WordPress 2.5 will be released soon and I’m planning to upgrade this site. In an attempt to spread FUD, Anil Dash of Six Apart posted a blog entry suggesting that people “upgrade” to Movable Type instead. WordPress developer Matt Mullenweg responded by pointing out that WordPress is 100% open source.
I had originally used Movable Type at this blog, but I switched to WordPress when they took it commercial. Since that debacle, I will never trust them again not to suddenly change their licensing requirement. Even though there’s a “free” license, Movable Type still has a confusing array of licensing models for different usage requirements. I’d rather use something with one clear GPL license, not a confusing multi-tiered semi-commercial pricing model.
Fighting comment spam
I’ve implemented Donncha O Caoimh‘s steps to fight comment spam here. Two of the plugins, Comment Referrers and Delink Comment Author add links to the comment moderation email I receive that show the referrer, which helps identify spammers, and remove links from the comment.
Lucia’s Linky Love makes this blog less attractive to spammers by adding ‘nofollow’ to their links, while rewarding regular commenters by making their comments ‘dofollow’.
