Jump to content


Photo

CMS Security


  • Please log in to reply
2 replies to this topic

#1 fshagan

fshagan

    Member

  • Members
  • PipPip
  • 145 posts

Posted 21 September 2011 - 09:24 AM

Of the various blogging and CMS packages, Wordpress seems to be the most secure when actual installations are evaluated:

WordPress reduced critical vulnerabilities to the low level of 4 percent, something Qualys puts down to that application’s easy, reliable updating design, while the latest version of phpBB, version 3.x, showed zero percent vulnerabilities.


The study was of over a million websites, and other software packages didn't fare as well. There's a list at that article, but Joomla was near the top of it at 91 percent of the installations being insecure. Drupal, another popular CMS, had vulnerabilities in 69 percent of the installations.

The article cites the easy one-click update option for Wordpress as being a main factor; I've found that with my customers as well. Having to download an update, extract it to disk, then FTP the files to the server, as needed with Joomla and Drupal, is too complex for many web hosts. I think phpBB also has a "one click" update option.
  • 0

#2 MikeDVB

MikeDVB

    Forum Administrator

  • Staff Administrator
  • PipPipPipPipPip
  • 2,900 posts
  • Gender:Male
  • Location:Central Indiana, USA

Posted 25 September 2011 - 07:32 PM

The easier it is for the software to be updated, the more likely it is that it will stay updated. One of the biggest issues we've come across with WordPress is people who are insistent on using an older theme that has not been updated and is not compatible with newer versions of WordPress. What is silly is they blame us when their site is compromised due to running an outdated and insecure script.
  • 0
Michael Denney - MDDHosting LLC - Providing Hosting since 2007
Scalable shared hosting plans in the cloud! Check them out!
Highly Available Cloud Shared, Reseller, and VPS
http://www.mddhosting.com/

#3 balan

balan

    Newbie

  • Members
  • Pip
  • 2 posts

Posted 27 October 2011 - 04:56 AM

Of the various blogging and CMS packages, Wordpress seems to be the most secure when actual installations are evaluated:



The study was of over a million websites, and other software packages didn't fare as well. There's a list at that article, but Joomla was near the top of it at 91 percent of the installations being insecure. Drupal, another popular CMS, had vulnerabilities in 69 percent of the installations.

The article cites the easy one-click update option for Wordpress as being a main factor; I've found that with my customers as well. Having to download an update, extract it to disk, then FTP the files to the server, as needed with Joomla and Drupal, is too complex for many web hosts. I think phpBB also has a "one click" update option.


good study....
  • 0




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users