How hackable are different blog systems? (RE server security) - GoFuckYourself.com

collegeboobies · 07-01-2007, 04:30 PM

Is wordpress secure? What blog systems are safer or less exploitable by hackers.

PinPine · 07-01-2007, 04:35 PM

I think mainstream blogs are hacked more easily. But I am wondering the same thing.

collegeboobies · 07-01-2007, 04:39 PM

Quote:

Originally Posted by PinPine

I think mainstream blogs are hacked more easily. But I am wondering the same thing.

If its the same software?

Oracle Porn · 07-01-2007, 04:40 PM

Quote:

Originally Posted by PinPine

I think mainstream blogs are hacked more easily. But I am wondering the same thing.

stfu noob.

RawAlex · 07-01-2007, 04:46 PM

Any commercial "open source" software is potentially the subject of hacks because it is easy for hackers to look at the code and determine attack paths that will work properly. Wordpress is better than many packages because they don't require risky CMOD file options and such. Wordpress also doesn't require root access or significant server powers to operate or update, which makes it safer.

Like all software, it isn't as secure if you don't update it. Significantly out of date version of wordpress (say before 2.1.4 or so) are somewhat to significantly at risk for hacks.

CMS are way more likely to get hacked, and they often have much larger access to system resources and can more easily bypass security.

PinPine · 07-01-2007, 04:48 PM

Quote:

Originally Posted by Oracle Porn

stfu noob.

Why, think about it.....blogs like phpnuke are hacked easily. At least what happend to me in the past or am i overlooking something ?

Gateway69 · 07-01-2007, 06:31 PM

I agree with RawAlex, when it comes to open source your opening a can of worms and potential attacks.

What ever your looking it its a good idea to always check this site http://www.securityfocus.com/ and check for any recent hacks or just gives you an idea on how hacked the software you might be looking at.

the chmod for files is pretty important and who the owner of the file is, if its global writable you also causing your self headaches. I do like wordpress and its fairly easy to upgrade when new *known* exploits are out.

One thing to keep in mind and some people don't like this is to remove any mention of the software and version your using, since alot of hackers would google like "wordpress 1234" knowing that 1234 had an exploit and attack all those sites.. look in headers, footers for this type of information usually.

XXXzidane · 07-01-2007, 07:26 PM

Nothing is completely secure, Someone looking for a bug or error to exploit will eventually find one and exploit it.

Dirty F · 07-01-2007, 07:32 PM

Quote:

Originally Posted by PinPine

I think mainstream blogs are hacked more easily. But I am wondering the same thing.

.

fris · 07-01-2007, 08:08 PM

mainstream? hes talking about software, a lot of peoples code is buggy.

Gateway69 · 07-02-2007, 09:35 AM

.sʞɔɐʇʇɐ buıɥsıɥd ɹo 'ʇoq ɔɹı 'ɯɐds ʇno spuǝs ʇɐɥʇ ǝıqɯoz ɐ oʇuı ɹǝʌɹǝs ɹnoʎ uɹnʇ oʇ ʇuɐʍ ʎǝɥʇ ʎ11ɐnsn .ʎ1ısɐǝ ʎʇʇǝɹd uı ʇıo1dxǝ ɐ puıɟ uɐɔ ɹǝʞɔɐɥ ɐ ʎ1ɹood pǝpoɔ sʇɐɥʇ buıɥʇʎuɐ

headless ghost · 07-02-2007, 09:44 AM

wordpress has been hacked so many times it is now out of fashion for all but the very lame script kiddies
php always has a weak link.
and people who have no clue about servers and linux.

07-01-2007, 04:30 PM	#1
collegeboobies So Fucking Banned Join Date: Jul 2004 Posts: 3,644	How hackable are different blog systems? (RE server security) Is wordpress secure? What blog systems are safer or less exploitable by hackers.

07-01-2007, 04:35 PM	#2
PinPine Confirmed User Join Date: Mar 2007 Posts: 385	I think mainstream blogs are hacked more easily. But I am wondering the same thing. __________________ ICQ: 490974172 Looking for hardlink trades: www.solidteens.com/linkex/

07-01-2007, 06:31 PM	#7
Gateway69 Confirmed User Join Date: Jul 2002 Posts: 1,510	I agree with RawAlex, when it comes to open source your opening a can of worms and potential attacks. What ever your looking it its a good idea to always check this site http://www.securityfocus.com/ and check for any recent hacks or just gives you an idea on how hacked the software you might be looking at. the chmod for files is pretty important and who the owner of the file is, if its global writable you also causing your self headaches. I do like wordpress and its fairly easy to upgrade when new known exploits are out. One thing to keep in mind and some people don't like this is to remove any mention of the software and version your using, since alot of hackers would google like "wordpress 1234" knowing that 1234 had an exploit and attack all those sites.. look in headers, footers for this type of information usually. __________________ Gateway - Tech Guru Dreaming Computers IG

07-01-2007, 08:08 PM	#10
fris Too lazy to set a custom title Industry Role: Join Date: Aug 2002 Posts: 55,372	mainstream? hes talking about software, a lot of peoples code is buggy. __________________ Since 1999: 69 Adult Industry awards for Best Hosting Company and professional excellence. WP Stuff

07-02-2007, 09:35 AM	#11
Gateway69 Confirmed User Join Date: Jul 2002 Posts: 1,510	.sʞɔɐʇʇɐ buıɥsıɥd ɹo 'ʇoq ɔɹı 'ɯɐds ʇno spuǝs ʇɐɥʇ ǝıqɯoz ɐ oʇuı ɹǝʌɹǝs ɹnoʎ uɹnʇ oʇ ʇuɐʍ ʎǝɥʇ ʎ11ɐnsn .ʎ1ısɐǝ ʎʇʇǝɹd uı ʇıo1dxǝ ɐ puıɟ uɐɔ ɹǝʞɔɐɥ ɐ ʎ1ɹood pǝpoɔ sʇɐɥʇ buıɥʇʎuɐ __________________ Gateway - Tech Guru Dreaming Computers IG

07-01-2007, 04:46 PM	#5
RawAlex So Fucking Banned Join Date: Oct 2003 Location: In a house. Posts: 9,465	Any commercial "open source" software is potentially the subject of hacks because it is easy for hackers to look at the code and determine attack paths that will work properly. Wordpress is better than many packages because they don't require risky CMOD file options and such. Wordpress also doesn't require root access or significant server powers to operate or update, which makes it safer. Like all software, it isn't as secure if you don't update it. Significantly out of date version of wordpress (say before 2.1.4 or so) are somewhat to significantly at risk for hacks. CMS are way more likely to get hacked, and they often have much larger access to system resources and can more easily bypass security.

07-01-2007, 07:26 PM	#8
XXXzidane Registered User Join Date: Jun 2007 Posts: 42	Nothing is completely secure, Someone looking for a bug or error to exploit will eventually find one and exploit it.

07-02-2007, 09:44 AM	#12
headless ghost Confirmed User Join Date: May 2005 Posts: 893	wordpress has been hacked so many times it is now out of fashion for all but the very lame script kiddies php always has a weak link. and people who have no clue about servers and linux.