On Thu, Aug 5, 2010 at 9:45 AM, Erika L. Rich wrote: ... > PHP is not known for being the most locked down tight secure code base, but > Wordpress is pretty good. Lots of big fixes, and a huge HUGE base of > programmers keeping it tight.
Huge base of programmers, sure. Keeping it tight? Not so sure. :-) One constant PITA is keeping it up to date. And by keeping it up to date, that means a lot of times you loose X amount of those thousands of nifty plugins (and quite often, X amount of themes). Things have gotten better, though, over the years. I saw they had a compatibility deal with plugins now, which is awesome. One thing to remember about plugins tho, is that they are the weakest link, security-wise. Someday, Real Soon Now, people will seriously start to think before installing nifty plugin X... but until that day, I'm writing tons of exploits for my homies in nigeria. Wordpress is a HUGE target for a *lot* of crap. And in general, I'm with Mama M.: PHP doesn't hold a candle to CFML. Regardless of that though, watch plugin-type-3rd-party-stuff start to get a *lot* more attention in the coming years. :DeN -- Eccentricity has always abounded when and where strength of character had abounded; and the amount of eccentricity in a society has generally been proportional to the amount of genius, mental vigor, and courage which it contained. John Stuart Mill ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology-Michael-Dinowitz/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-community/message.cfm/messageid:324470 Subscription: http://www.houseoffusion.com/groups/cf-community/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-community/unsubscribe.cfm
