There is a new version but that’s the first I’ve heard of this particular problem as I’m a FF user. We usually check with the latest versions of Chrome and Opera (PortableApps versions) and also IE9. I didn’t know MS had given up on IE for XP – just one more reason to tell everyone to use FF I guess.

We’re about due for some changes to Like+ so I’ll get this looked at while we’re at it – in the next couple of weeks.

-Frank

Then we’ll have to agree to disagree on some things then.

Certainly the AIO SEO plugin does what it does as a marketing stunt, and the number of updates (at least 1 per week) surely aren’t mostly security? I can’t believe that for a moment and if it’s true then that’s another reason not to use it.

No, the example I gave was a good ‘un. The reason I don’t use AIO SEO any more is because after each update it required you to go the admin settings for it and check a box to re-enable it. Oh and while you’re there, guess what? Donate or upgrade please. And that happens once a week. No thanks. That is purely a marketing gimmick and even if you could convince me that it wasn’t, then as I said above with that many security updates having to be done so often then it must be inherently insecure.

So it’s gone.

That leaves us with the other reason for this plugin – I want to be aware of the updates but I don’t want to be punished with constant nag messages and I certainly don’t want my clients being bothered with them either. This fits the bill perfectly.

Finally… You may not be aware of this, but I also have a another plugin called RSS Updates which creates a new obfuscated RSS feed you can tap into, which publishes details of required updates. Set it up with a tool like Feed Notifier Portable or an RSS app on your smart phone and you’ll never miss a client plugin/theme/core update again.

Couple it with Disable Update Nags and you’re laughing.

Your clients won’t see the update nags and you can quietly login and do the updates when it suits you.

-Frank

Yeah I know, I know. And all I’ll say is I’m working on it. I like to let things roll around in my mind for good long while before they’re cooked and I want to do this the right way. I’ve already had a version checker plugin created but not released as I’m not happy with the way it works.

You’d think it would be simple but it’s a lot more complicated than it seems to get it just right so that it’s completely transparent while still being secure.

When I do it, then the version checker plugin will likely be secured with ionCube and the plugins themselves while not encoded will not work without the version checker active, and a security token of some kind being set within it – password or email.

However, in the meantime I *have* come across a simple method that I might adapt – still thinking about it.

-Frank

Yep I agree and I tend to delete plugins I’m not using as the code inside them can still be entries into your site even though the plugins aren’t active. Ditto themes. But hackers tend to target plugins that are used widely as they get most traction with those, so if you’re using old themes there’s a good chance a hacker wouldn’t bother with them, they’ll instead target well used platforms like Genesis/Thesis etc which is one reason I don’t use them.

So as long as you keep backups of your db using plugins like Lester Chans WP-DB Manager which does the backup and emails it to you, then it’s never going to be too hard to recover it all. Annoying yes, but quickly fixable as the db tends to be pretty much the only thing you can’t replace from local files.

-Frank

I used to use Hostgator and was happy with them for quite a while, but when I was ready for a dedicated server, I moved to Hostnine. They then introduced something called reseller central ($25/mo) which is absolutely the bees knees as it allows you to create separate cPanel/domain accounts on servers across the US, in the UK and in Singapore. It means you don’t have all your domains stuck on the one IP address which can come in very handy if you know what I mean.

Then recently their VPSs looked better specced than my dedicated server ($70/mo cheaper too) so I moved to one of those instead about 2months ago. There have been a couple of hiccups but it all seems to have settled now and I honestly wouldn’t know that my main domains are running on a VPS. So I know have the VPS, plus a whole pile of domains (mine and clients) spread all over the place for a total of $130/mo.

The support is second to none and average ticket time for really difficult tech support is something like 6 minutes and they really do sort it out too – you get genuine techies not first line support.

Outstanding.

-Frank

Did you ever update past 1.0.0 and fix this?

Plugins are updated not to seek attention – haven’t you installed the plugin already anyway? The reasons plugins receive updates are because the developer added or improved functionality or to patch a security issue or a bug.

If you think that plugins receive too many updates and therefore don’t update at all anymore, you’re not doing yourself any favors and I just hope that you don’t have clients depending on you!

The real reason why you would disable update nags is because you are very aware of all the updates and you don’t want to see the “nag” on all your sites and certainly not on those of your clients.

Another very valid reason can be that you manage your websites with a plugin, so you are already aware of all the different updates of plugins.

I have been told that most of the WP updates and many of the plugin updates are security patches. Hackers/crackers never sleep, it seems.

I have had accounts hacked more than once because of old plugins that were not even in use, or that had not offered updates lately. Now I worry about some of my old customized themes that have not offered updates in years.

But keeping clients and other users from seeing or messing with updates is brilliant!