[wp-hackers] wordpress security
Nathan Rice
ncrice at gmail.com
Fri Oct 16 15:27:55 UTC 2009
On Fri, Oct 16, 2009 at 11:19 AM, Sharon Chambers <sharon at brewerradio.com>wrote:
>
> I would call it annoyance. Anyone professing themselves to be website
> admin should be logging into their dashboard on occasion, and anyone failing
> to do so has no one but themselves to blame for security threats.
>
> I fail to see why a non-geek web admin would be considered "normal" at any
> rate.
>
>
That's exactly the attitude that gives WP the reputation it has for
security. That everyone who uses WP is a professional and should be
responsible not only to upgrade their install every time a new version comes
out, but should also be proactive about checking for upgrades.
Now, personally, I believe they SHOULD do both of those things. But I live
in reality, where they WON'T do both of those things.
So, we can either sit cross-armed and blame the stupid users, or we can
continue to provide them with tools that anticipate their lack of
provocativeness, like a simple email notification.
And no, a plugin won't suffice. It's a extra step that most users won't
take.
More information about the wp-hackers
mailing list