26 Nov
2023
26 Nov
'23
11:07 a.m.
On Sun, 26 Nov 2023 at 10:06, Peter Collins via BitFolk Users
<users(a)mailman.bitfolk.com> wrote:
On Sun, 26 Nov 2023 at 10:00, iain via BitFolk Users
<users(a)mailman.bitfolk.com> wrote:
Agreed.
This is possibly a good alternative, but it's just another way to paper over the
cracks.
Wordpress is not safe. It should not be used.
A little narrow sighted, Wordpress is extremely secure and as a core platform it is
proactively maintained to what I see has a high standard.
Of course there may be issues with some plugins but those are secondary choices to
Wordpress itself. Arguably the insecurity you are referring to is that
of the system administrator for not maintaining the local system, if the platform
isn't patched then by the same count debain isn't secure.
When referring to security risks of Wordpress and previous exploits,
it would be super helpful to share exactly which successful exploits
have been witnessed in the wild.
I'm sure that different Wordpress plugins have wildly different track
records when it comes to security, but it would be great to get an
idea of which ones to avoid, rather than throwing out the baby with
the bath water.
Personally I've run Wordpress with many plugins for years without
incident, but it's always made me a bit nervous.