Jump to content
MDDHosting Forums

CMS Security


fshagan
 Share

Recommended Posts

Of the various blogging and CMS packages, Wordpress seems to be the most secure when actual installations are evaluated:

 

WordPress reduced critical vulnerabilities to the low level of 4 percent, something Qualys puts down to that application’s easy, reliable updating design, while the latest version of phpBB, version 3.x, showed zero percent vulnerabilities.

 

The study was of over a million websites, and other software packages didn't fare as well. There's a list at that article, but Joomla was near the top of it at 91 percent of the installations being insecure. Drupal, another popular CMS, had vulnerabilities in 69 percent of the installations.

 

The article cites the easy one-click update option for Wordpress as being a main factor; I've found that with my customers as well. Having to download an update, extract it to disk, then FTP the files to the server, as needed with Joomla and Drupal, is too complex for many web hosts. I think phpBB also has a "one click" update option.

Link to comment
Share on other sites

The easier it is for the software to be updated, the more likely it is that it will stay updated. One of the biggest issues we've come across with WordPress is people who are insistent on using an older theme that has not been updated and is not compatible with newer versions of WordPress. What is silly is they blame us when their site is compromised due to running an outdated and insecure script.
Link to comment
Share on other sites

  • 1 month later...

Of the various blogging and CMS packages, Wordpress seems to be the most secure when actual installations are evaluated:

 

 

 

The study was of over a million websites, and other software packages didn't fare as well. There's a list at that article, but Joomla was near the top of it at 91 percent of the installations being insecure. Drupal, another popular CMS, had vulnerabilities in 69 percent of the installations.

 

The article cites the easy one-click update option for Wordpress as being a main factor; I've found that with my customers as well. Having to download an update, extract it to disk, then FTP the files to the server, as needed with Joomla and Drupal, is too complex for many web hosts. I think phpBB also has a "one click" update option.

 

good study....

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
 Share

×
×
  • Create New...