WordPress has released its much anticipated version 5.2 and it comes packed with much needed new security features.
The latest update sees the world’s most popular content management system add support for cryptographically-signed updates, a modern cryptography library, a Site Health section in the admin panel and White-Screen-of-Death (WSOD) protection.
Starting with WordPress 5.2, the WordPress team will digitally sign its update packages using the ED25519 public-key signature system.What benefit does this offer? Essentially it will allow a local installation to verify the update package’s authenticity before applying it to a local site and can even help prevent supply-chain attacks on all WordPress sites.
WordPress aims to improve overall website security with its new “Site Health” section in the admin panel’s Tools menu which includes two new pages: Site Health Status and Site Health Info.
The Site Health Status page runs basic security checks and reports the findings and steps on how to fix any issues it discovered, while the Site Health Info section provides a wealth of useful information about a website and its server setup. Information is also provided about the WordPress install itself, file storage usage, plugins and themes.
The Serverhappy project is another new security feature included in the latest release of WordPress. While WordPress 5.1 included the ability to show warnings when WordPress installs were running on servers with outdated PHP versions, WordPress 5.2 includes White Screen of Death (WSOD) protection that works as a safe mode for WordPress sites.
WSOD protection can temporarily disable themes and plugins when a PHP fatal error is encountered so that site admins can access their sites’ back-ends and fix the error.