I'd second this. It's also very unreliable in my experiences, so as YuviPanda says, you'd need a sysadmin to keep it up to date and working.
tom29739 On 12 May 2016 8:55 p.m., "Yuvi Panda" <[email protected]> wrote: > On Thu, May 12, 2016 at 3:41 PM, T Paris <[email protected]> wrote: > > If we didn't need access to any WMF databases and could even IP blacklist > > the instance's IP, would that alleviate some concerns? Also, would the > > auto-update feature help? > > The problem is more of serving your readers malware / accidentally > becoming part of a botnet. The auto-update definitely helps but isn't > enough, IMO - there's no cleanup afterwards that it does, you only > need to be infected once for you to be compromised forever, etc. > > Wordpress is amazingly awesome and I reccomend it to everyone who > wants to publish things on the web, I just want y'all to be also aware > that it does require constant sysadmin help/lookout to keep it secure. > > Good luck! <3 Signpost :) > > -- > Yuvi Panda T > http://yuvi.in/blog > > _______________________________________________ > Labs-l mailing list > [email protected] > https://lists.wikimedia.org/mailman/listinfo/labs-l >
_______________________________________________ Labs-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/labs-l
