flipside

That’s good news. I think it will be easier for every one.

If you are going to change the description, you might also want to look at the sentence that you quoted. “This plugin allows you to rename physically the media files by updating their titles.“.

I think that sentence is ambiguous. When I read it, I thought it meant that the plugin will allow you to change the title of the image, and then will automatically rename the file based on the change you have made to the title.

I think what it actually means is that you have to change the title yourself, manually, and the plugin will then change the filename.

I think you could make it clearer in the description. I downloaded it and installed it before I realised that manual renaming isn’t available. When you say in the description “By default it does it automatically…” you are implying that there is a non-default way of doing it. It would be clearer if you specifically stated “The free version does not allow manual renaming”.

Yes, I think I’ll go with that. I tried following the advice in Hardening WordPress but ran into permissions problems with media uploads and plugin installations.

Most people in this Stack Exchange thread seem to be doing it that way. Although, interestingly enough, there are a couple of people who are adamant that that’s the wrong to do it, and they quote the Hardening WordPress document to support their assertions.

I’m concerned about security to the extent that everyone is, but I’m not paranoid about it. I’m just trying to find out what the recommended set up is. I had actually read that document, Tara, and it seemed to me to contradict the one I linked to. It contains this:

Typically, all files should be owned by your user (ftp) account on your web server, and should be writable by that account. On shared hosts, files should never be owned by the webserver process itself (sometimes this is?www, or?apache, or?nobody?user)

The Hardening WordPress document talks about giving write permissions to the themes directory. I took that to mean that it should be owned by some user and have group write permissions to the apache process. Something like this:

chown -R themes fred:www-data
chmod -R 775 themes

Yes. Here’s the head and tail

I’m getting the same message, but hashes-4.2.2.php exists at
../wp-content/plugins/exploit-scanner/hashes-4.2.2.php

I guess I’ll have to. I was trying to avoid that, if possible. Funny thing is, it’s notifying me of available plugin updates.

Actually, I’ve already tried that, with no luck. I even tried it in a couple of different browsers, just to make sure the cache was well an truly cleared.