This is an important announcement for OptimizePress 1.0 users. (Please note this does NOT apply to OptimizePress 2.0 which is built with a completely new codebase)
Back in April 2013 we discovered a potential security flaw in part of the code for OptimizePress 1.0. Our developers quickly patched this issue and we released an update to the platform. We also announced this to our customers via email, although it appears now that many of our users may not have received this email.
To ensure your site is secure, please follow these steps:
Step 1: Check your OptimizePress 1.0 version
Ensure that you are running OptimizePress version 1.6 or above. This will ensure you have the latest version of OP1 which is fully patched and secure
If you do not have the latest version, go to our members area
http://www.optimizepress1.com/wp-login.php and login (if you need logins you can contact us via the ticket system and we will send them to you).
http://www.optimizepress1.com/wp-login.php and login (if you need logins you can contact us via the ticket system and we will send them to you).
To update your site, simply login to your WordPress site, go to Appearance > Themes and then activate a different theme (any theme). Then click the “delete” link below the OptimizePress Theme to remove it. Then simply go back to Appearance > Themes > Upload theme and upload the latest zip file from our membership.
Your content is completely safe when you delete the OptimizePress theme as your content is stored separately in your Database. Please note if you have made any custom changes to your theme core files (PHP files) you should not update in this way as you will lose your changes (see below for information on what to do instead)
If you don’t know how to update your site – please send us your WordPress administrator logins, your site URL (address) and your FTP or Cpanel details if you know them and we will update your site
Once you have uploaded the new theme folder your site should be secure. You may wish to run a security scan on your site to ensure there are no files which may have been maliciously uploaded just to be sure.
Step 2: If you have customized your php files or are running a language version
We may not have a 1.65 version of the language version you are using – in this case you need to manually update a few files on your site.
First, download the latest version of the theme from our OptimizePress 1.0 members area. Unzip the theme package when you get it onto your computer.
Now access your site via FTP and navigate to the wp-content/themes/OptimizePress/lib folder
You now need to also open that folder in the theme files that you have just download to your computer.
Now copy the following 3 files from your new OptimizePress theme folder to your site via FTP:
– media-upload-lncthumb.php
– media-upload.php
– media-upload-sq_button.php
So you should now have the 3 new files from the new OptimizePress theme folder on your website. If prompted to overwrite – select YES.
This will patch your installation of OptimizePress.