[wp-hackers] wordpress security
william.canino at googlemail.com
Thu Oct 22 02:23:08 UTC 2009
> Can you imagine the outcry if WP forced an update that crashed a site? There
> are loads of users who wouldn't have a clue what to do and those that don't
> visit their site every day could end up losing search engine listings,
> visitors, and money.
... as opposed to an attack crashing their site and WP not forcing an
update while it knew about it?
> Methinks there would be some very angry people checking in with
> the WP community to say their website was completely down while they were
> not looking.
... as opposed to an attack crashing their site, eh?
> probably not for the vast majority. It could be done > with a plugin, and is probably best left to a plugin.
Is it because you think plugins --- most of which are maintained by
one or two people only and who don't use a peer-review VCS --- are
less vulnerable to security holes or attacks?
2009/10/21 Stephen Rider <wp-hackers at striderweb.com>:
> On Oct 21, 2009, at 9:07 PM, Mike Schinkel wrote:
>> On Oct 21, 2009, at 9:56 PM, Lynne Pope wrote:
>>> Can you imagine the outcry if WP forced an update that crashed a site?
>>> are loads of users who wouldn't have a clue what to do and those that
>>> visit their site every day could end up losing search engine listings,
>>> visitors, and money.
>> It's really a shame when one group of people decide what's good for
>> everyone else and then block those that want/need it.
>> WordPress could easily have an "Advanced Options" area that allowed
>> auto-update be turned on with full warnings for those who know what they are
> Ironically, I find myself on the exact opposite side of a virtually
> identical argument from earlier today. Auto-updates may be a great idea for
> some people, but probably not for the vast majority. It could be done with
> a plugin, and is probably best left to a plugin.
> Just my 2 bits.
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
More information about the wp-hackers