Wiki Idea Shot Down
-
@grey said in Wiki Idea Shot Down:
@tim_g said in Wiki Idea Shot Down:
Third, Wordpress is EXTREMELY secure, more-so than almost every other platform out there. Millions and millions of sites are using it without any security issue at all. Only the people who don't properly secure and maintain it get victimized... and rightfully so!
http://www.cvedetails.com/product/4096/Wordpress-Wordpress.html?vendor_id=2337
hmmm....Did you bother to look at any of those? They are all old vulnerabilities from versions of WordPress you should not be using anymore. If you get hit, your fault!
Edit: Literally, like every single one of them!
-
@tim_g said in Wiki Idea Shot Down:
A wiki-style Wordpress site has been a godsend. Copy/paste in anything from clipboard... pics, screenshots, videos... even formatting from the web or Word. It's stupid easy and fast to make a very readable wiki page. What takes 5 minutes to do on our Wordpress wiki can take hours on mediawiki. That's not an exaggeration, I mean that literally.
Always willing to try new things. Do you remember any of the plugin names that made this "wiki-style" ?
Also I like mediawiki because it is much easier to navigate and get to the area you need than is Wordpress from what I have seen anyway. Thats why I chose a wiki for this project.
-
@tim_g said in Wiki Idea Shot Down:
Did you bother to look at any of those? They are all old vulnerabilities from versions of WordPress you should not be using anymore. If you get hit, your fault!
Yeah Wordpress has always been good to me. I have run 2 websites for years and never got hacked which is really a miracle because at first I had no idea what I was doing. The only problem I've had was hackers doing so many attempts at my log in pages and server root that sometimes the site would go down when the server ran out of memory. I had a small server though and after I researched the issue just saw that it was a misconfiguration from Apache which i long since fixed. No issues since then. Knock on lots of Wood!
-
@jmoore said in Wiki Idea Shot Down:
Always willing to try new things. Do you remember any of the plugin names that made this "wiki-style" ?
Theme:
WikiWPPlugins:
Broken Link Checker
Disable Comments
OnePress Image Elevator
Responsive Lightbox
Table of Contents Plus
TablePress
TinyMCE Advanced -
@tim_g said in Wiki Idea Shot Down:
@jmoore said in Wiki Idea Shot Down:
Always willing to try new things. Do you remember any of the plugin names that made this "wiki-style" ?
Theme:
WikiWPPlugins:
Broken Link Checker
Disable Comments
OnePress Image Elevator
Responsive Lightbox
Table of Contents Plus
TablePress
TinyMCE AdvancedThanks Tim! I want to look at those. Cool that its a theme
-
To keep your WP site secure:
- KEEP IT UPDATED, ALWAYS! THEME, PLUGINS, WP, EVERYTHING!!!
- Wordfence Security plugin
- Securi Security plugin
Take the steps those plugins recommend to secure your WP site.
-
I've always used Drupal. IMO probably the most secure and flexible CMF there is and built with PHP. Just sounds like someone making excuses.
-
@stacksofplates said in Wiki Idea Shot Down:
I've always used Drupal. IMO probably the most secure and flexible CMF there is and built with PHP. Just sounds like someone making excuses.
Yeah tons of things are built with php. I've never tried Drupal but I suppose I will have to experiment sometime.
-
@jmoore said in Wiki Idea Shot Down:
@stacksofplates said in Wiki Idea Shot Down:
I've always used Drupal. IMO probably the most secure and flexible CMF there is and built with PHP. Just sounds like someone making excuses.
Yeah tons of things are built with php. I've never tried Drupal but I suppose I will have to experiment sometime.
ALmost everything is. Even Facebook and Wikipedia.
-
@jmoore said in Wiki Idea Shot Down:
@stacksofplates said in Wiki Idea Shot Down:
I've always used Drupal. IMO probably the most secure and flexible CMF there is and built with PHP. Just sounds like someone making excuses.
Yeah tons of things are built with php. I've never tried Drupal but I suppose I will have to experiment sometime.
The learning curve is fairly steep but once you're over the hump you'll never want to use something else. It's kind of weird it's a really steep learning curve but it's super easy (like minutes) once you understand how to use it.
-
Well it is a programming language in its own way so not really surprising that it takes a while to learn. I only know basics and enough to be dangerous
-
@jmoore said in Wiki Idea Shot Down:
Well it is a programming language in its own way so not really surprising that it takes a while to learn. I only know basics and enough to be dangerous
He means Drupal, not PHP
-
Oops! My fault, your right
-
PHP ranked one of the more secure languages for web development: https://gcn.com/articles/2014/04/24/programming-language-security.aspx?s=gcntech_250414
-
@scottalanmiller Well that is interesting. So any idea what these vulnerability scans were he said he ran that kept giving up php as the culprit?
-
@jmoore said in Wiki Idea Shot Down:
@scottalanmiller Well that is interesting. So any idea what these vulnerability scans were he said he ran that kept giving up php as the culprit?
Probably old versions of PHP that needed to be updated 10 years ago. Another example of "keep your shit up to date."
-
I didn't read every post here, but your boss is wrong. An internal wiki is a fantastic way to document and i have no idea what he's talking about. It sounds like you're in a similar position as I am where all logic is discarded for seemingly no real reason.
-
@jmoore said in Wiki Idea Shot Down:
@scottalanmiller Well that is interesting. So any idea what these vulnerability scans were he said he ran that kept giving up php as the culprit?
Given everything else described, it is pretty safe to assume he's either just making it up or is not properly maintaining his system and the results are actually telling you that you have a security problem in your IT management.
-
@scottalanmiller said in Wiki Idea Shot Down:
@jmoore said in Wiki Idea Shot Down:
@scottalanmiller Well that is interesting. So any idea what these vulnerability scans were he said he ran that kept giving up php as the culprit?
Given everything else described, it is pretty safe to assume he's either just making it up or is not properly maintaining his system and the results are actually telling you that you have a security problem in your IT management.
I'm guessing something like Nessus. We have a couple appliances with web interfaces that we can't update and they show up on scans. It's nothing you can change and means nothing about PHP. Anything is a vulnerability if you don't maintain it.
-
@stacksofplates said in Wiki Idea Shot Down:
I'm guessing something like Nessus. We have a couple appliances with web interfaces that we can't update and they show up on scans. It's nothing you can change and means nothing about PHP. Anything is a vulnerability if you don't maintain it.
Purely Windows here too btw
