[wp-forums] Akismet Hacking Thread
Mika A Epstein
ipstenu at ipstenu.org
Wed Jul 13 15:26:40 UTC 2011
ANY known file is a security concern. Did you know WP and Drupal have index.php files? ZOMG! Backdoor hack!
Like I said, just because your house has a window doesn't make it more or less secure. Just don't leave the damn window OPEN. It's not the web app, and they ALL have the same flaw/hole, it's the sever not being secured correctly.
On Jul 13, 2011, at 10:58 AM, "Kevin Gagel (gagel)" <gagel at cnc.bc.ca> wrote:
> -----Original Message-----
> Sent: Wednesday, July 13, 2011 4:18 AM
>
> As indicated in the thread, injecting backdoors into plugin directories is pretty common. Akismet is on every install, so it's easy to target and blend something in to the woodwork. Definitely not a code security issue.
>
> Nacin
> _______________________________________________
>
> [Kevin Gagel] That statement makes the whole plugin infrastructure look like a high risk platform security issue. Why would I want to keep something that is so easily exploited and apparently deliberately insecure?
>
> _______________________________________________
> wp-forums mailing list
> wp-forums at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-forums
More information about the wp-forums
mailing list