Preparations are underway to bring multiple upgrades to the Store Locator Plus® location map and directory services over the next few months. Part of those preparations include upgrading the underlying architecture that runs our services. One of the key elements behind our WordPress plugin store, the documentation site, our demo site, and others is the database engine.
Tonight we implemented a database upgrade that improves the security and performance of all Store Locator Plus® services. This upgrade was required by AWS for all MySQL compatible database installations. The end-of-life (EOL) was set for February 2023 which was far too close to the “busy season” for many of our Store Locator Plus® SaaS users.
With that in mind we opted to perform the upgrade on August 1st. This week is typically the slowest traffic week of the entire year, just before thing start to ramp up again for the busy fall and pre-Christmas season. After a week of testing and analysis, tonight was the night to make it happen. WIth full backups in place and the failover/recovery nodes on the cluster working as expected, the decision was made to put the latest version of the database engine online.
While a few customers experienced up to 5 minutes of downtime this evening, most customers saw zero downtime as the new version of the database came online and the prior servers were retired.
This is one of many steps we are taking to continue to improve the performance and security of our servers. For our SaaS platform users it is one more thing we are doing to ensure your map, directory, and location search services remain fast and reliable for years to come.
Over the course of the next month we will continue to improve our infrastructure while the development team works on an improved user experience and additional features for all Store Locator Plus® users.
Thank you for being a Store Locator Plus® customer.
Users of our self-managed WordPress plugins will need to download the latest Store Locator Plus® release from our website. Normally this would be available directly from the WordPress plugin directory, however the WordPress plugin team has yet to approve our latest updates. Until they approve the updates and re-enable free downloads, the only option for WordPress plugin users to get the latest release is to purchase the base plugin from our WordPress store.
Tired of waiting for the WordPress plugin team to re-activate the plugin and provide quick-and-easy automated updates? Switch over to the Store Locator Plus® SaaS release and you never have to deal with updating your locator plugin stack again. We handle all those details for you. Prices start as low as $5/month.
Store Locator Plus® 5.9 was released today for our WordPress plugin customers. The update addresses several security concerns in the AJAX and REST libraries included with Store Locator Plus®. Despite several articles being released prematurely from security companies in the WordPress market, we are unaware of any compromises to WordPress sites due to this vulnerability.
Unfortunately the folks that manage the WordPress plugin directory de-listed Store Locator Plus® almost immediately, despite our ongoing communication that we were working on patching the reported vulnerabilities. As such, many of our WordPress plugin users are now unable to update the WordPress plugin to install the latest 5.9 release automatically from within their site dashboard.
Users that wish to upgrade to the latest 5.9 release will need to follow these steps until further notice:
- If you do not already have an account at WordPress.StoreLocatorPlus.com with the Store Locator Plus® base plugin as a prior purchase, you will need to purchase it.
- Go to https://wordpress.storelocatorplus.com/
- Click the Add To Cart Link
- Complete your purchase
- Login to your WordPress.StoreLocatorPlus.com account and download the base plugin.
- Go to https://wordpress.storelocatorplus.com/
- Click on My Account (top right of screen on the menu bar)
- Click on the Downloads entry on the account menu (top-middle of the page).
- Download Store Locator Plus®
- Deactivate and Delete Store Locator Plus® from your website plugins. It will not remove your settings or locations.
- Login to your website as a site administrator.
- Go to plugins.
- Find the Store Locator Plus® plugin, hover over the entry on the plugin list.
- Deactivate the Store Locator Plus® plugin (this may deactivate your premium Store Locator Plus® add ons)
- Delete the Store Locator Plus® plugin.
- Upload and activate the updated 5.9 version of Store Locator Plus®.
- While staying logged in as an administrator on your site go to plugins.
- Click the Add New button.
- Click the Upload Plugin button next to the “Add Plugins” title.
- Select the Store Locator Plus® slp4.zip file you downloaded from our WordPress store.
- Go back to the main Plugins dashboard on your site, listing all plugins.
- Check off ALL the Store Locator Plus® plugins, including the newly-uploaded Store Locator Plus® base plugin and any premium add-ons you may have.
- From the menu on the top or bottom of the plugin list, choose “Activate” and click Apply.
For those that do not have an existing purchase of the Store Locator Plus® base plugin for WordPress and do NOT wish to purchase a copy from our store, you can wait until the folks that manage the WordPress plugin directory review our latest release and re-list it in the WordPress plugin store. We are hoping this happens soon, but they are very busy and it could take up to a month for them to review our updates.
For Our SaaS Customers
For our customers using our SaaS service, none of this applies to you. All security patches and updates are automatically provided as part of the service. The security concerns in the self-managed WordPress plugin that are being discussed do not affect your site in any way. SaaS users are not hosting data or access endpoints for AJAX or REST on their servers, and thus have no vulnerabilities like those discussed in the various Store Locator Plus® security bulletins.