bavatuesdays

8 Responses to “Upgrading UMW Blogs to WPMu 2.6 Screencast”

1. 1 Joe Aug 2nd, 2008 at 12:59 pm

   It really is that easy–if I can do it, anyone can!

   But I notice one thing, Jim. In the wp-config file, there’s a new area where it wants long keys–auth-key secure-auth-key and so forth.

   That wasn’t there in the previous version, and it asks for long, impossible to guess keys (that you won’t have to remember).

   I noticed that you didn’t bother with those. I did, and I’m wondering if it was necessary or not?
2. 2 Alan Levine Aug 2nd, 2008 at 3:37 pm

   Maybe we can do a site for http://www.screencastbloopers.com? and as far as “In fact, the upgrade is quite painless in the end.” whose end are you referring to?

   And… one more.. Jim- should I upload the wp-content folder?
3. 3 Reverend Aug 2nd, 2008 at 5:43 pm

   @Joe:
   WordPress is the people’s application! Anyone can play As for the keys, I’m glad you mentioned that. I did, in fact, go back and kill in those codes and they are key, because they add in some additional security that wasn’t there pre-2.5. So, thanks for pointing that out, and yes you should do it.

   @Cogdog:
   You know I am always up for another domain. In fact, I’ve been itching to map another domain onto my WPMu install. As for the screencast, I can’t believe you watched it given that you are a total rockstar with all things WPMu. Your most recent WPMu post taught me about ten trick for hacking the site, you really have too much free time. Nonetheless, I do love that you heard me ignore your advice in the screencast. I’m an uppity son of a bitch
4. 4 Gaby Aug 3rd, 2008 at 6:30 pm

   That was quick indeed.
   But I saw that you did some mistakes along the way
   I saw that you have a plugin to let users edit their theme. Aren’t you worried about people who can put php code or javascript code in the theme?

   @Joe
   Those strings are used by wordpress to encrypt the passwords with the “salt” technique. Basically what it does is take your password, merge it with the encryption key and only then it encrypts it with md5. The old wordpress would of just encrypted the password alone.

   Until now, the md5 string of a password would of been the same on your blog as anywhere else. Meaning that a hacker that would of got their hands on a md5 string could of brute forced that password.
   Now, with the encryption keys, your password can’t be hacked because it can’t be brute forced. They would need the encryption keys.
5. 5 Reverend Aug 4th, 2008 at 9:28 am

   Gaby,

   Many, many mistakes As for Userthemes, this is something we allow on a case-by-case basis, we know who is using it, and it gives us all the theme customization options of a single WP install, which is very nice. And, to be clear, not everyone who has a blog on UWM Blogs can edit their themes, that is something we give them permissions to do, and help them with along the way.

   Also, thanks for the clarification on the salt technique, it was quite useful.
6. 6 Gaby Aug 4th, 2008 at 9:34 am

   I would like to update my wpmu site as well, but I have a custom theme on the front page and its not integrating well with the signup page, so I had to manually edit the wp-signup.php
   I also did some translations and a custom spam filter, so its a bit harder for me to upgrade.
   But I will do it eventually.

   Also, I have a lot of themes on my site and none of them support tags, so I would have to edit each one and add the tags function.

   And since I have over 2300 blogs, I will edit he page that ugrades the blogs and set it to update 50 blogs at a time not 5 like it is default. That way I don’t have to wait half an hour or more.
7. 7 mercime Aug 22nd, 2008 at 8:23 pm

   Amen Reverend. Thank you for an informative and very entertaining screencast. Loved it, warts and all I must say you were pretty calm when you clicked on Site Admin and there was a blank page, awesome self control, I would have !^&&@@(*$(*@! Cheers.

1. 1 WPMU Tutorials » Reverend Jim’s resources Pingback on Aug 2nd, 2008 at 9:06 am

Leave a Reply