Jump to content

Interesting Post On Mt Security


salguod

Recommended Posts

What kind of security issues with WordPress? I've been using WordPress for a couple of years now with Spam Karma. I've never had an issue but I also keep it updated.

 

There are a couple of links in that MT article, but there have evidently been a lot of WP sites getting hacked. I guess it's possible that some are hacked and the owners don't even know it.

 

I don't think it's a spam or comment related issue, but I'm not really sure as I don't use WP.

Link to comment
Share on other sites

Well since you pointed it out, I went back and ran a query on WordPress 2.5 and find that there were only 3 vulnerabilities reported. So be very careful when looking at statistics. The charts in the article report 42 year-to-date and the site they link to says 3. So who are you to believe? Since this is propaganda released by Movable Type I'd take it with a grain of salt.

 

Also, there are new vulnerabilities discovered in every piece of software available. It's how fast the developers patch those holes that matters. And you as a user of any software have the responsibility to keep it updated.

Link to comment
Share on other sites

Using the source they provide, yes, if you limit to WP 2.5 you get 3. If you leave it as any version you get what they reported, 42. For MT the only choice is any and you get zero for 2008.

 

It's an apples to apples comparison by a neutral third party, namely the US government. 42 vulnerabilities in all versions of WP so far this year, zero in all versions of MT. Total WP has 122 since 2004, MT has had 11 since 2003 for all versions of either platform.

 

That said, the statistics are perhaps a bit misleading taken at face value, and there is a good discussion of why that may be true in the comments of that post. In short, the numbers include not just WP but plugins as well (same for MT, but there are a lot more WP plugins I guess), and because WP has been open source from the start and MT is only recently, there may have been better reporting for WP vs. MT. Matt (I assume from Automatic/WP) points out that there have been 3 security issues in MT this year, but the stats quoted don't show any. Anil counters with his own arguments on why looking at the big picture, plugins and all, is valid.

 

So I agree, you need to be careful with the stats and understand what you are looking at. I think even taking those things into account, MT has a better track record of security.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...