MDDHosting Forums: CMS Security - MDDHosting Forums
Help
Page 1 of 1
CMS Security
#1
fshagan 
- Member
-
- Group: Members
- Posts: 139
- Joined: 10-January 11
Posted 21 September 2011 - 09:24 AM
Of the various blogging and CMS packages, Wordpress seems to be the most secure when actual installations are evaluated:
The study was of over a million websites, and other software packages didn't fare as well. There's a list at that article, but Joomla was near the top of it at 91 percent of the installations being insecure. Drupal, another popular CMS, had vulnerabilities in 69 percent of the installations.
The article cites the easy one-click update option for Wordpress as being a main factor; I've found that with my customers as well. Having to download an update, extract it to disk, then FTP the files to the server, as needed with Joomla and Drupal, is too complex for many web hosts. I think phpBB also has a "one click" update option.
Quote
WordPress reduced critical vulnerabilities to the low level of 4 percent, something Qualys puts down to that application’s easy, reliable updating design, while the latest version of phpBB, version 3.x, showed zero percent vulnerabilities.
The study was of over a million websites, and other software packages didn't fare as well. There's a list at that article, but Joomla was near the top of it at 91 percent of the installations being insecure. Drupal, another popular CMS, had vulnerabilities in 69 percent of the installations.
The article cites the easy one-click update option for Wordpress as being a main factor; I've found that with my customers as well. Having to download an update, extract it to disk, then FTP the files to the server, as needed with Joomla and Drupal, is too complex for many web hosts. I think phpBB also has a "one click" update option.
#2
MikeDVB
- Forum Administrator
-
- Group: Staff Administrator
- Posts: 1,545
- Joined: 27-September 08
- Gender:Male
- Location:Central Indiana, USA
Posted 25 September 2011 - 07:32 PM
The easier it is for the software to be updated, the more likely it is that it will stay updated. One of the biggest issues we've come across with WordPress is people who are insistent on using an older theme that has not been updated and is not compatible with newer versions of WordPress. What is silly is they blame us when their site is compromised due to running an outdated and insecure script.
█ Michael Denney - MDDHosting, LLC - Professional Hosting Solutions
█ LiteSpeed Powered - Shared, Reseller, Semi-Dedicated, and VPS
█ Incremental R1Soft CDP Backups on all shared, semi-dedicated, and VPS services!
█ http://www.mddhosting.com/ - Follow us on Twitter!
█ LiteSpeed Powered - Shared, Reseller, Semi-Dedicated, and VPS
█ Incremental R1Soft CDP Backups on all shared, semi-dedicated, and VPS services!
█ http://www.mddhosting.com/ - Follow us on Twitter!
#3
balan
- Newbie
-
- Group: Members
- Posts: 2
- Joined: 27-October 11
Posted 27 October 2011 - 04:56 AM
fshagan, on 21 September 2011 - 09:24 AM, said:
Of the various blogging and CMS packages, Wordpress seems to be the most secure when actual installations are evaluated:
The study was of over a million websites, and other software packages didn't fare as well. There's a list at that article, but Joomla was near the top of it at 91 percent of the installations being insecure. Drupal, another popular CMS, had vulnerabilities in 69 percent of the installations.
The article cites the easy one-click update option for Wordpress as being a main factor; I've found that with my customers as well. Having to download an update, extract it to disk, then FTP the files to the server, as needed with Joomla and Drupal, is too complex for many web hosts. I think phpBB also has a "one click" update option.
The study was of over a million websites, and other software packages didn't fare as well. There's a list at that article, but Joomla was near the top of it at 91 percent of the installations being insecure. Drupal, another popular CMS, had vulnerabilities in 69 percent of the installations.
The article cites the easy one-click update option for Wordpress as being a main factor; I've found that with my customers as well. Having to download an update, extract it to disk, then FTP the files to the server, as needed with Joomla and Drupal, is too complex for many web hosts. I think phpBB also has a "one click" update option.
good study....
Share this topic:
Page 1 of 1