Tuesday, September 22, 2009

upgrading wordpress to latest version - a cautionary tale

Having put it off long enough, I have just upgraded my wordpress installation from the legacy 2.0.11 (which was stable and officially supported until very recently) to 2.8.4. What prompted this? The following on the wordpress website:

Right now there is a worm making its way around old, unpatched versions of WordPress. This particular worm [...] makes itself an admin, then uses JavaScript to hide itself when you look at users page, attempts to clean up after itself, then goes quiet so you never notice while it inserts hidden spam and malware into your old posts. [...] Upgrading is a known quantity of work [...] Fixing a hacked blog, on the other hand, is quite hard. Upgrading is taking your vitamins; fixing a hack is open heart surgery. (This is true of cost, as well.)

2.8.4, the current version of WordPress, is immune to this worm. (So was the release before this one.) If you've been thinking about upgrading but haven't gotten around to it yet, now would be a really good time.

- excerpt from http://wordpress.org/development/2009/09/keep-wordpress-secure/

I did the upgrade to 2.8.4 in one fell swoop by following the steps in the wordpress codex. There appeared to be only a few glitches that were relatively quickly ironed out and everything seemed to be running fine.

Until I noticed several stray Âs in some of the older posts. And ûs instead of üs, és instead of és, âs instead of âs, etc. etc. It turns out that I SHOULD have disregarded the detailed instructions and googled to find others' recommendations about upgrading the Legacy Wordpress. Thank goodness for backups!! (Please read more about my wordpress upgrade woes. )

When you are upgrading your older version of wordpress (don't put it off!!), take a look Pixelita Designs; they put together a handy (if only I'd seen it!!) step by step guide:

  1. Backup your database! If you have the WP Backup plugin, just use that to capture the latest MySQL dump. Otherwise, go through your web host's control panel and PHPAdmin to export the *.sql file to your hard drive.
  1. Chart your upgrade path. Since you are upgrading from 2.0.11, you should upgrade incrementally, like this: 2.0.11 > 2.1 > 2.2 > 2.3 > 2.5 > 2.6 > 2.7 > [2.8.4]
  2. Make sure you have downloaded and unzipped to folders all of the WP versions you'll need to complete your upgrade. You can find them in the download archive.
  3. Using your favorite FTP program, upload WordPress, starting with 2.1, from the folder you downloaded and unzipped. DO NOT UPLOAD any .htaccess or wp-config.php files from any of the distros! You will want to retain your own versions of .htaccess and wp-config.php already on your server.
  4. Once the first new version is uploaded, point your browser to the /wp-admin folder and upgrade.php. For example, if your WordPress install is at www.yourserver.com, you would go to: http://www.yourserver.com/wp-admin/upgrade.php.
  5. Proceed to upgrade the database when prompted.
  6. Repeat steps 6, 7, and 8 above (uploading the incremental versions, invoking upgrade.php and updating the database) until you've upgraded all the way to [the most recent] WordPress

- excerpt from http://blog.pixelita.com/78/upgrading-your-legacy-wordpress-site/

Obviously, if you are upgrading from Wordpress 2.2, you would upgrade 2.2 > 2.3 > 2.5 > 2.6 > 2.7 > 2.8.4 And please remember to start with making a full backup of your wordpress!!

Also, while you are doing the upgrade, you can upload a temporary index file to your wordpress folder. Make a page that looks like your site and put something like "server currently undergoing maintenance - please come back later" on the page. Save it as index.html and upload it to your wordpress folder. Once the upgrade is done, you can remove that temporary index file and get back to blogging.

All wordpress releases are here: http://wordpress.org/download/release-archive/

Hope this helps.

This post was written by Elizabeth from blog from OUR kitchen


Scott at Real Epicurean said...

Fair enough; I always use the latest version.

The newer versions tell you about any available update on the dashboard and offer a "1 click" upgrade option.

cookingschoolconfidential.com said...

I'm just tweaking my blog and popped by here to see if there were any issues I should be aware of and the first post I read was this one.

How marvelous that this resource is here. Of course, it would be nice if it included an IT person on call, but, still, this is a pretty good start!


Elizabeth said...

Because I have made a number of cosmetic changes, I'm a little wary of the "1 click" upgrade option and always look at what files have been changed first, by going to the official Wordpress page showing all the wordpress versions with "changed files" links: http://codex.wordpress.org/WordPress_Versions

And already, since I first posted about this, I've had to upgrade from 2.8.4 to 2.8.5!

For that upgrade, I uploaded my temporary maintenance "index.html" and then uploaded "changed files" only rather than using the "1 click" option.

Here's what I did:

1. I downloaded the latest version of wordpress http://wordpress.org/download/ and extracted the changed files into a "wordpress upgrade" folder on my desktop.

Of course, as with all upgrades and changes, I took the usual precautions.

2. I made a backup of my database (which should be done on a regular basis anyway). I went to phpMyAdmin to get the backup.

3. I made backups of all of the files that were being changed. (For instance, one of the files changed in 2.8.5 is wp-includes/post-template.php; I downloaded wp-includes/post-template.php from my 2.8.4 wordpress files and put them in a 2.8.4 backup folder. I did the same with all the files that were named as "changed files".)

I then checked each 2.8.4 file to see if I had made any cosmetic changes to those files (in one, I had...). I made the cosmetic change in the corresponding 2.8.5 file.

4. I created a "maintenance" page by putting something like the following in the body of the page:

The database server for my Wordpress Blog is currently under maintenance and will be available as soon as possible.

I saved that file as "maintenance.html" and uploaded it via ASCII to my wordpress folder. When I was ready to upgrade, I renamed the maintenance file to "index.html". (This file takes precedence over the wordpress’ index.php because the browser looks for the index files in alphabetical order.)

Now that my wordpress was on hold, it was time to upgrade!

5. I uploaded all the new files (and deleted any files that were designated to be deleted) from the changed files list.

6. I renamed "index.html" back to "maintenance.html" again and the upgrading was done!

For more information, please take a look at the official pages on Upgrading Wordpress. http://codex.wordpress.org/Upgrading_WordPress

Idol White said...

I always wanted a bright smile, but due to drinking coffee, drinks and cigarettes that is almost impossible for an ordinary man.
A few days after much searching I found a blog with interesting ideas for those who want bright white.


It worked ...

website designing development company chennai india said...

I have read this post. collection of post is a nice one ..that am doing website designing company chennai india and website development company chennai india. That I will inform about your post to my friends and all the best for your future posts..

Mejbahul Alam said...

A plenitude of thanks incredibly for your post. Hold writing. I can't thank you enough for the blog. Really savor your heart! Fantastic. I welcome you looking at this blog post. Really getting amped up for considering extra. Great.Very wonderful report post. Really getting amped up for reading more. Can read on. best hosting

Web Hosting in Malaysia said...

Thanks for providing useful information
Web Hosting in Malaysia

lakshaya sarees said...

kanchipuram silk sarees wholesalers

kanchipuram pure silk sarees manufacturers

kanchipuram silk sarees manufacturers

kanchipuram silk sarees

kanchipuram silk sarees

kanchipuram silk sarees

Azmeri said...


Could anyone suggest how to find the Best Email Blast Service for my Business? Email Blast Service