Upgrading WordPress

Many security vulnerabilities have been found in older software and WordPress is no exception. Some malicious elements have found a way to alter parts of the header or footer files in many unsuspecting WordPress installations. So it would be very prudent to keep up with the release of recent patched software.

If you follow the guidelines as detailed here, it will be relatively painless. I will also go over a few ways how you can secure better your WordPress installations. Remember that you have to be lucky all the time whereas for the malicious hacker – he has to be lucky just once.

Recipe for Upgrading WordPress

Items Required & Method

1. Grab the latest version of WordPress from here: http://wordpress.org/download/

At this time it is available in two formats – gunzipped version for the Unix/Linux boxes and zipped version. You can grab any version which will suit you. Extract to a local directory and keep aside.

2. Backup your present Installation. If you have access to the control panel of your server, take a mysql backup of all the data from your WP.

Copy all the files from the root, wp-admin, wp-content and wp-includes into another directory, or better still copy to your local machine. In case something goes wrong, you need to have a fall back plan.

Open wp-config.php and save the // ** MySQL settings ** // information somewhere close. You will need to hang on to this file if you want to have a trouble free upgrading experience.

3. Place an index.html with a message – “The Blog is undergoing some changes” and some polite message to the effect that the service will be unavailable for some time. You should take only a few minutes for the complete upgrading process. But still it is nice to put up a temporary index.html

At the time of upgrading your server will likely throw up some error message which is best avoided.

4. Now it is time for the Rock and Roll ! Now go ahead and delete the following 2 directories ONLY:

Wp-admin

Wp-includes

Some FTP clients will protest if you are trying to delete the directory with files inside. Use your control panel’s file manager for this task.

Upload your extracted wp-admin and wp-includes to the production server.

Now copy all the files over the old files. If you use any of the themes from the themes directory, leave them for now.

You will find the following files under the themes directory:

  1. comments.php
  2. comments-popup.php
  3. sidebar.php
  4. header.php
  5. footer.php
  6. functions.php
  7. index.php
  8. style.css
  9. rtl.css
  10. screenshot.png

Edit them – adding whatever changes you have incorporated into these files. Then transfer these files over.

5. The final step: Launch your browser and point to your blog/wp-admin/ and you will be greeted with a login screen. Login and you will be taken to the upgrade part where it will ask your approval to fill in the data. The upgraded version will look for the config file from the root where it stores the database connection details. So if you have done the steps as detailed here, you will have completed the upgrading process with out any fuss.

WordPress Security Details

Matt Cutts has this to say about securing the WordPress installation – http://www.mattcutts.com/blog/three-tips-to-protect-your-wordpress-installation/

The recent version ( at the time of writing this blog – it is 2.5.1) doesn’t have the earlier vulnerabilities regarding the plugins where anyone can see what plugins you have installed by just looking at the directory index. The newer version will show the “Sorry, no posts matched your criteria.”

It would be a good idea to lock down the wp-admin directory by any of the following means:

  1. Place Password protection to this directory. Use Apache server’s password protected directory mode. You will see this error message – “Sorry, no posts matched your criteria.” Instead of a 403 Status code.
  2. Use .htaccess to block unauthorized access. A sample is shown as below:

Order Deny,Allow

Deny from all

allow from 67.23.67.255

The above directives will block the world from accessing this directory, but allows access only to the IP 67.23.67.255 ( not a real IP )assuming that is your IP.

OCR with Webcam

OCR with Ubiquitous Webcam

Optical Character Recognition (OCR) technology has matured to include digital image processing and with the kind of processing power available in the average Personal computer, it should come as no surprise that in these days the accuracy of the OCR exceeds 99 %.

 

Typically most software commercial or free would require that you use a TWAIN compliant scanner to capture the image you want to use for converting to editable text. For best results this might be the only way as you need to present the best possible image for the OCR software to work upon. You will need to acquire black and white or grayscale image as color information would confound the OCR process.

 

In case your software has any issues working with your scanner, you can still save the scanned image in a TIFF (Tagged Image File Format) format and invoke the OCR software with this TIFF file. Most image editing tools will have no problem converting the images to this TIFF format.

 

When you are in the office, it would not be an issue to use the services of a desktop scanner to convert the magazine page or newspaper page to electronic format. Many a time you would see when you are traveling – a magazine article or a newspaper page which would be ideal to illustrate your stand. Only thing that would stop you is the lack of accessibility to a desktop scanner. You don’t have to wring your hand in despair anymore.

Your Laptop may already be equipped to take care of not only the means of capturing the newspaper/magazine page, but also the requisite software to convert the acquired image to editable text format. I wanted to do a bit of test in this line and this is what I found out.

 

I have a Laptop with barebones software installed and not too many techno wiz attachments. The notebook is equipped with a 1.3 mega pixel (extrapolated resolution) Web camera and MS Office installed amongst other things. A typical scenario.

 

I used the webcam to “capture” this image displayed here from an old magazine. You can see from the faded sepia toned color that the magazine must have been sitting at the shelf for ages. Again the choice of this torn page was deliberate to demonstrate that if we can get any decent result from such a faded magazine page, you should get far better results with a better recent subject.

OCR with Webcam

Now you need an OCR software to complete the conversion process. You need to look no further than the standard MS office software suite for this.

Click on All Programs – > Microsoft Office – > Microsoft Office Tools – > Microsoft Document Imaging

You will have a “free” OCR software here and it will take the above image acquired from the Webcam. Just click on Page from the top menu and select the and you will get the following page:

OCR software

Click on Tools – > Recognize Text using OCR and it will have converted the image into editable text ready to be ported to MS Word. Click again on Tools – > Send Text to Word and your MS Word will fire up with the converted text.

This is what mine did at the end of the exercise:

A T one tirn, p!opIe
did&t daw to svar
t3eMhe’r—go1d’ look. But
rw dlnw gold teamed
with
pLItinuTn or white
ldz so in, and Ioks so
good, u
wonder why it
took u so long. At InterCold. there i a .triking rngi. of unfussy, elcg.mt jcseItery rings. earrin. chair . and pvidant in theit very f fordable Career Carals range. embellished with diamond and pearls. Prices begin at R 3.)OO. And for tho thinking of tying the knot, it you haven’t chcn our wedding nng yet, take a peek at the ‘Rings for E1rnitv’ range. You’ll go mad trying to make up your mind…

Not too good – You would say. But you had supplied a color image in the first place. With a bit of image manipulation and a grayscale image the eventual outcome is almost 85 % accurate. Not bad for a basic web cam based OCR.

Wireless Router Security

We covered installation of a simple wireless Router about a year back. At that time to make the installation as painlessly simple as possible, we have mentioned that we will use WEP – Wired Equivalent Privacy with 128 bit WEP key by using a string of 26 Hexadecimal (Hex) characters.

But WEP is not really suited for a secure Wifi connectivity due to its poor security implementation. With more and more security risks associated with WEP being publicized, it is essential that home and corporate users move on to more secure means.

Wireless Router Security

WPA and WPA2: Wifi Protected Access is a type of system to secure Wireless networks available in 2 modes – Enterprise version and Personal version. The personal version of WPA uses Pre-Shared Key (PSK) in which every computer is given the same passphrase on a shared basis as the name implies. So as a corollary the security of the system depends on the passphrase. In this mode, the data is encrypted using RC4 Stream Cipher with a 128 bit key together with a 48 bit initialization vector. The major security feature is the dynamic changing nature of the Temporal Key integrity protocol. Together with additional security features like Message Integrity Code, WPA provides a better secure Wireless network.

With the technical background covered briefly as above, we again show you how to set up a WPA secured Wireless Access Point in this blog.

We use the same Wireless Router as we have used earlier in our last year example – DLINK DI 524.

Wireless Settings

  • Fire up your Wireless Router’s control panel in your browser. Head to the Wireless button on the left side of the panel. You should be greeted with a  Wireless Settings section of the AP (Access Point) portion.
  • Enable the Wireless Radio button
  • Select the security to the last option – WPA-PSK/WPA2-PSK mode.

        The other options include :

        None (Not Recommended at all)

        WEP (not recommended again)

Enter a 15 character Passphrase in the PreShare Key column.

Click Apply and exit.

Go to your Laptop or any other Wireless enabled computer and set up the Wireless connectivity. You should be able to browse the list ( depending upon the available Wireless Access point in your locality) and select your now secured Wireless Network by the Network ID (SSID). It should display a dialog box in which the option of providing the PreShare Key is visible. Enter your key here and click to save. I am using a Laptop with Windows Vista Business OS. Your OS may allow you to enter this when you select the Wireless connectivity mode in a slightly different way. But essentially, you will need to enter the same Passphrase across all the computers sharing the same Wireless Network.

And you are ready to Rock and Roll …

Our Parent site TargetWoman - the leading women portal presents painstakingly researched extensive information in the form of thousands of condensed pages. It offers the widest and the most detailed information on subjects women care.