September 6, 2009 at 10:34 PM by Dr. Drang
Late last night I upgraded the WordPress engine for the blog to 2.8.4, the version that’s supposed to be resistant to this nasty worm that’s working its way across the internets. I mentioned in this post yesterday that although “And now it’s all this” hadn’t been hit, I’d be upgrading and things might be a bit weird here for a couple of days. But the upgrade went very smoothly and quickly. I added an addendum to that effect to yesterday’s post, but I thought a bit more detail was in order.
Let me first confess that I was one of those people the WordPress developers hate. I installed WP 2.3 back in January of 2008 and never upgraded it until yesterday. Why not? Well, laziness would be the first reason, but in my defense I must say the WordPress upgrade instructions for older versions were written in a way that emphasized the pitfalls of the process. In fact, they’re still written that way. It’s quite different from the installation instructions, which is all lollipops and fuzzy kittens. So I got scared and put it off. And off.
Also, the first upgrade from 2.3 came out right after I’d installed it. I’d just gone through a lot of work transferring the blog from Movable Type on a different host, and I wasn’t in the mood to go through that kind of hassle again. I wanted a chance to write the blog before I had to administer it again.
As it turned out, my worries were unfounded. Here’s what I did (after backing up all the files and the database):
- Deactivated all the plugins.
- Downloaded the latest WordPress tarball and put it on the server.
- Untarred it into a directory named “wordpress” (this is the default).
- Copied the unique things from my
all-this/directory (where the 2.3 blog lived) to the new
wordpress/directory. This included
- folders of images and sounds,
- my theme,
- the plugins,
- my favicon,
- an .htaccess file, and
- a file used by Google Analytics.
wordpress/wp-config-sample.php, entered the administrative info from
all-this/wp-config.php, and saved it as
all-this/wp-adminin my browser and clicked the button to update the database.
- Relogged in to
all-this/wp-admin, updated the flickrRSS plugin, and activated all the plugins.
- Tried several pages and links to convince myself that the blog was really up and running.
This may seem like a lot of steps (and it is when compared to the automatic upgrade that I should be able to do from now on), but it was quite straightforward. The only reason it took as long as an hour was because I kept checking and rechecking my steps as I went along.
So I’ve learned my lesson and will upgrade promptly from now on.
As for the worm itself (is it really a worm? I thought worms were programs that run independently, not within the framework of another program), I’m not sure yet how bad it really is. Many people are reporting being hit; many, like me, are reporting no problems. But so far I’ve seen no statistics, just anecdotes. Maybe there’ll be better information after the holiday.