Re: [sussex_mug] WordPress

[Graham Street]

Hacking will be a priority for the website host. It may not affect the 
actual site much but it depends what the hack does. The ones I refer to 
install a plugin that acts as a mailer. Therefore the hacked site starts 
mailing out thousands of junkmails unless its stopped. This has an 
impact on the hosting server and they will close the site and maybe ban 
you from hosting there again. If you're hosting your own WP site(s) you 
must keep the install up to date.

As an aside I know a couple of people using RapidWeaver. It seems like a 
good choice but I've not personally used it.

Graham

Tony Crooks <mailto:tcro...@me.com>
10 November 2015 14:34
I'm not sure, Gilly, if you're making s general enquirer or have a 
specific need. And if you have a need will only one person be 
responsible for the web site during its lifetime?

The advantage of WordPress over Rapidweaver, which I've been using 
since version 2, is that it is platform agnostic. If you host with 
WordPress then you just need a web browser.

Hacking may be an issue but for a low activity web site it isn't 
likely to be a major threat, is it?

I'm just about to build another web site and last year I'd have 
automatically turned to Rapidweaver. Now I'll be using WordPress 
because I will be handing over the admin of the site to another 
person, as yet unamed, and I have no idea whether they will have a 
Mac, Windows, Chrome OS, or Linux system. It's expected to be a low 
activity site with about 25000 web page accesses a year so hacking 
isn't my first priority.

So some context in relation to the query may help to point Gilly in 
the best direction?

Regards,

Tony
Sent from my iPhone
Email: tcro...@gmail.com <mailto:tcro...@gmail.com>
Tel: +44 7428 706227

On 10 Nov 2015, at 19:12, Rob Beattie <rob.beat...@gmail.com 
<mailto:rob.beat...@gmail.com>> wrote:

--
You received this message because you are subscribed to the Google 
Groups "Sussex Mac User Group" group.
To unsubscribe from this group and stop receiving emails from it, send 
an email to smug+unsubscr...@googlegroups.com 
<mailto:smug+unsubscr...@googlegroups.com>.
To post to this group, send email to smug@googlegroups.com 
<mailto:smug@googlegroups.com>.
Visit this group at http://groups.google.com/group/smug.
For more options, visit https://groups.google.com/d/optout.
Graham Street <mailto:grahamstr...@streets-ahead.com>
10 November 2015 12:56
Yes, agreed if the site is hosted at wordpress.com

The failings for WP sites are that are server-hosted are that everyone 
knows the admin login page. This therefore has to be protected from 
attack. We have to keep all WP installs up to date with the latest 
fixes and latest plugin levels. Customers don't do it as they don't 
understand the issues involved if they don't. Today's site crept in 
under the radar. All clients we host are supposed to tell us if they 
plan to use WP so we can put in the protection measures and daily 
monitoring to check all the plugins are up to date. This client 
didn't, and also didn't update the standard WP '2015' theme - only 
installed 2 months ago. It has a vulnerability that was exploited 
today, resulting a new unauthorised plugin being installed that then 
mailed out 3500 junkmails before it was stopped.

If you had HTML/CSS skills I'd always use Perch CMS. We have around 35 
sites developed in it. If I had my way I'd ban WP from being installed 
on all servers we host and just have it installed on wordpress.com. 
Caught me on a bad day with THAT question (LOL).

Graham


Sam - MacAmbulance <mailto:i...@macambulance.co.uk>
10 November 2015 12:44
I think Gilly’s thinking of a wordpress-hosted site, which is very 
secure with a complex password.

In my experience any website can be hacked, usually only ones that 
aren’t properly secured, i.e. out of date plugins, lax file 
permissions, insecure or easy to guess passwords, other accounts on a 
shared hosting platform being compromised, those sorts of things.

There have been vulnerabilities in every CMS out there, Wordpress has 
a great back-end interface and makes it easy to control your content 
but yes it’s only as good as the plugins/themes built for it or the 
server it’s hosted on.

Regards

Sam
MacAmbulance
facebook <http://www.facebook.com/macambulance> 	twitter 
<http://www.twitter.com/macambulance> 	linkedin 
<http://uk.linkedin.com/in/macambulance/>


  MacAmbulance Ltd.


    Providing Affordable Mac/PC Support and Web Development

*Sam Mullen ACMT*
+44 (0)7747778022
i...@macambulance.co.uk <mailto:i...@macambulance.co.uk>
www.macambulance.co.uk <http://www.macambulance.co.uk>
MacAmbulance Ltd. is a registered company in England & Wales, 
registration number 8466597
This email is intended solely for the addressed recipients and may 
contain privileged or confidential information. If you have received 
this email in error please notify the sender and delete the email 
immediately.



--
You received this message because you are subscribed to the Google 
Groups "Sussex Mac User Group" group.
To unsubscribe from this group and stop receiving emails from it, send 
an email to smug+unsubscr...@googlegroups.com 
<mailto:smug+unsubscr...@googlegroups.com>.
To post to this group, send email to smug@googlegroups.com 
<mailto:smug@googlegroups.com>.
Visit this group at http://groups.google.com/group/smug.
For more options, visit https://groups.google.com/d/optout.
Graham Street <mailto:grahamstr...@streets-ahead.com>
10 November 2015 12:34
In my opinion, its the worst as a CMS. But (IMO) the best if you want 
your site hacked.
Today's voice of experience, with one of the WP sites we host hacked 
again. We spend more time protecting servers from the WP sites being 
hacked or continuously attacked, then we do anything else. I would 
never develop a site in WP, but some people love it.
Depends what you want to do. There are loads of other better 
alternatives and it depends on your HTML/CSS skill level.
Graham


--
You received this message because you are subscribed to the Google 
Groups "Sussex Mac User Group" group.
To unsubscribe from this group and stop receiving emails from it, send 
an email to smug+unsubscr...@googlegroups.com 
<mailto:smug+unsubscr...@googlegroups.com>.
To post to this group, send email to smug@googlegroups.com 
<mailto:smug@googlegroups.com>.
Visit this group at http://groups.google.com/group/smug.
For more options, visit https://groups.google.com/d/optout.
Gillian Snoxall <mailto:gilliansnox...@gmail.com>
10 November 2015 12:27
According to the internet, WordPress "is an online, open source 
website creation tool written in PHP. But in non-geek speak, it's 
probably the easiest and most powerful blogging and website content 
management system (or CMS) in existence today.“

Is it still the best and /easiest /(most important!) web-creation tool 
available, does anyone know?

Gilly


--
You received this message because you are subscribed to the Google 
Groups "Sussex Mac User Group" group.
To unsubscribe from this group and stop receiving emails from it, send 
an email to smug+unsubscr...@googlegroups.com 
<mailto:smug+unsubscr...@googlegroups.com>.
To post to this group, send email to smug@googlegroups.com 
<mailto:smug@googlegroups.com>.
Visit this group at http://groups.google.com/group/smug.
For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups "Sussex 
Mac User Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to smug+unsubscr...@googlegroups.com.
To post to this group, send an email to smug@googlegroups.com.
Visit this group at http://groups.google.com/group/smug.
For more options, visit https://groups.google.com/d/optout.