On Mon, 6 Oct 2008 21:35:00 -0600, Wade Preston Shearer <[EMAIL PROTECTED]> wrote: > On 6 Oct 2008, at 19:58, MilesTogoe wrote: >> 3) have blog on separate linked page and use blog software or >> service (wordpress, blogspot) > > Yes. >
The only issue I see with using a well known & open source blogging software such as WordPress is that if you do not keep current your site will get hacked. If you forget one of the most famous ones I know of was the following & from what I read back then it had happened a long time before the story was run on it. http://www.theregister.co.uk/2007/11/27/climate_change_hack/ I admit I run WordPress for my blog but I try to keep the version up to date, I keep my plugins up to date (Which is easier with the newer versions for plugins hosted over at wordpress.org), & I run some plugins to deal with security on my site. True it isn't hack proof but it is not going to be the easiest target. Yes I see WordPress blogs hacked all the time by customers not taking the time to secure their sites. I can't remember if I've mentioned this or not but I work for BlueHost. So yes I love WordPress but I really think you need to take the time & effort to keep it secure. Now some sites I recommend customers to go to to see about securing their site. (Please note I'm only affiliated with Blue Host the others are just sites that I've found useful for securing PHP.) This site has some information on PHP & security. http://phpsec.org/projects/guide/ If you want to see how easy it is to hack a site that leaves register_globals enabled in their php.ini, watch this video from http://serapis.net... http://defaced.serapis.net/filez/moviez/hack2.html PHPIDS » Web Application Security 2.0 » Index http://php-ids.org/ http://php-ids.org/downloads/ Now one from the BlueHost KB http://helpdesk.bluehost.com/kb/index.php?x=&mod_id=2&id=319 -- Don't pay malware vendors - boycott Sony _______________________________________________ UPHPU mailing list [email protected] http://uphpu.org/mailman/listinfo/uphpu IRC: #uphpu on irc.freenode.net
