Comments on: Wordpress users: Disable “Guest User” http://www.thedietdiary.com/blog/lucia/1478 Fri, 20 Nov 2009 10:55:27 -0800 http://wordpress.org/?v=2.8.6 hourly 1 By: lucia http://www.thedietdiary.com/blog/lucia/1478/comment-page-1#comment-10188 lucia Fri, 28 Jul 2006 12:04:03 +0000 http://www.thedietdiary.com/blog/lucia/1478#comment-10188 Checking things after codecave's blog entry: Bugtrack seems to be here: http://seclists.org/lists/bugtraq/2006/May/ The upgrade from 2.0.2 to 2.0.3 seems to fix this bug: http://seclists.org/lists/bugtraq/2006/May/0537.html Unchecking register users seems to fix this. I could be incorrect about this, but it appears that there is a security flaw in 2.0.2 that makes it dangereous to permit users to self register. 2.0.3 attempted to fix it. However, Dr. Dave warned us some security flaw associated with leaving self register unchecked remains in 2.0.3. Evidently, now that the flaw has been brought to the WP team's attention, they concurs a security flaw remains. I think it's wise to not let new users self register-- particularly since nearly zero% of knitting blogs need this feature. If you co-blog, you're both already registered, right? Checking things after codecave’s blog entry:
Bugtrack seems to be here: http://seclists.org/lists/bugtraq/2006/May/

The upgrade from 2.0.2 to 2.0.3 seems to fix this bug:
http://seclists.org/lists/bugtraq/2006/May/0537.html

Unchecking register users seems to fix this.

I could be incorrect about this, but it appears that there is a security flaw in 2.0.2 that makes it dangereous to permit users to self register. 2.0.3 attempted to fix it. However, Dr. Dave warned us some security flaw associated with leaving self register unchecked remains in 2.0.3.

Evidently, now that the flaw has been brought to the WP team’s attention, they concurs a security flaw remains.

I think it’s wise to not let new users self register– particularly since nearly zero% of knitting blogs need this feature. If you co-blog, you’re both already registered, right?

]]> By: The Code Cave http://www.thedietdiary.com/blog/lucia/1478/comment-page-1#comment-10187 The Code Cave Fri, 28 Jul 2006 04:36:07 +0000 http://www.thedietdiary.com/blog/lucia/1478#comment-10187 [...] Thanks to some drastic and controversial actions taken by SpamKarma creator Dr. Dave, a large percentage of the blogging populace has been alerted to a security hole in WordPress. He even went to the effort of activating a warning message that was sent out to everyone who uses his SK2 plugin. … [...] [...] Thanks to some drastic and controversial actions taken by SpamKarma creator Dr. Dave, a large percentage of the blogging populace has been alerted to a security hole in WordPress. He even went to the effort of activating a warning message that was sent out to everyone who uses his SK2 plugin. … [...]

]]>