Opened 12 years ago
Closed 9 years ago
#20779 closed enhancement (fixed)
Recommend a user updates keys/salts in maint/repair.php
Reported by: | nacin | Owned by: | chriscct7 |
---|---|---|---|
Milestone: | 4.3 | Priority: | normal |
Severity: | normal | Version: | |
Component: | Security | Keywords: | has-patch |
Focuses: | Cc: |
Description
In maint/repair.php, we tell a user they need to add WP_ALLOW_REPAIR.
Since they are already going into wp-config.php, we should also encourage them to update their unique phrases for keys and salts, assuming they do not have a complete set of 8 unique ones already.
Attachments (2)
Change History (13)
#5
@
9 years ago
- Keywords 3.5-early removed
- Milestone changed from Future Release to 4.3
- Owner set to chriscct7
- Status changed from new to accepted
Refreshed patch to follow core formatting standards. This is a good idea. Let's get it in.
#7
@
9 years ago
- Resolution fixed deleted
- Status changed from closed to reopened
I am not sure we should harass them about missing keys.
#8
@
9 years ago
I still believe this is a good change. We could adjust the wording to be even less pushy, but I think it's reasonable to recommend updating them.
This ticket was mentioned in Slack in #core by helen. View the logs.
9 years ago
#10
@
9 years ago
I think it's fine to prod somebody who's here about the keys, but the string is a little bit harass-y. Maybe:
While you are editing your wp-config.php file, take a moment to make sure you have all 8 keys and that they are unique. You can generate these using the WordPress.org secret key service.
Looks good.