[Labs-l] Signpost
Yuvi Panda
yuvipanda at gmail.com
Thu May 12 19:54:37 UTC 2016
On Thu, May 12, 2016 at 3:41 PM, T Paris <tparis.wiki at gmail.com> wrote:
> If we didn't need access to any WMF databases and could even IP blacklist
> the instance's IP, would that alleviate some concerns? Also, would the
> auto-update feature help?
The problem is more of serving your readers malware / accidentally
becoming part of a botnet. The auto-update definitely helps but isn't
enough, IMO - there's no cleanup afterwards that it does, you only
need to be infected once for you to be compromised forever, etc.
Wordpress is amazingly awesome and I reccomend it to everyone who
wants to publish things on the web, I just want y'all to be also aware
that it does require constant sysadmin help/lookout to keep it secure.
Good luck! <3 Signpost :)
--
Yuvi Panda T
http://yuvi.in/blog
More information about the Labs-l
mailing list