[wp-hackers] How to check a new plugin?
Peter Westwood
peter.westwood at ftwr.co.uk
Mon Nov 22 18:06:44 UTC 2010
On 22 Nov 2010, at 17:56, Patrick Laverty wrote:
> When you want to add a new plugin to your system, what do you do to check it
> out for it's safety and security on your blog? I'm in charge of a ms
> instance at a University and I get requests for plugins all the time,
> especially for ones that are on version <1 or admit they're "alpha" or
> "beta" versions. I don't want to simply reject something because of it's
> label, but I'm not totally sure how to evaluate a new plugin. Do any of you
> put them on a test server and then point a vulnerability scanner at the new
> plugin to see what happens? Advice?
>
Read every line of code
Test it works.
Check it doesn't kill your db servers.
Profit
Cheers
--
Peter Westwood
http://blog.ftwr.co.uk | http://westi.wordpress.com
C53C F8FC 8796 8508 88D6 C950 54F4 5DCD A834 01C5
More information about the wp-hackers
mailing list