New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
Welcome back, also your comment is kind of ironic.
Thanks @Mun!
Wordpress seriously needs to deal with security in a big way. Babysitting the addons is another thing.
Constant downloads and installs for those running WP. Way too frequent and 75% of userbase isn't keeping up. Especially end user installs.
Nice software per se and lots of addons, but running WP is bad news. Been there, done that.
You do realize that they are compromising WP by cracking the password with 1000s of tries. It really isn't wp's fault in this case. Just like it isn't ssh's fault that everyone tries to crack the root password of your server while sitting in a small cramped office in china.
Absolutely Mun.
WP should implement some simple detection of failed attempts moreso and emails to owner/admin at thresholds.
WP is too popular, like Windows is on OS level. Big target with tons of easily compromised systems.
I think the talks about joomla and drupal point this to be wrong. In the modern computer era, open source web apps with little backing have more wholes then the massively pop. ones.
@Mun, open source vs. closed source is an interesting e-penis war. Flaming war.
Using other folks software is inherently risky at best. At worst it's a leaking sinking ship.
Rolling your own software is limited by your own knowledge and proactive fixing though.
One of these days, someone is going to mop up open source world/free software and create a security conscious OS with common apps very hardened. Can't happen soon enough.
Then go do it instead of sitting around flaming at Chris.
That's not a one man job @Mun.
Now Chris and Biloholowskyj that's a single operator doable task.
Wordpress hackers are not a bad issue.
The issue is all the spam bots, especially on Multi-User installs. I ran one for about 4-5 months and when I actually remembered about it, it had about 15k different sites that were just spam. e.g. bob345453.domain.com, some even posted penis enlargement info or pills.
^ @Derek the Wordpress spam is huge. But it's general issue anywhere the harvesters find a form really.
thanks, maybe later i add it.