«
»

WordPress.org responds to ‘security issues’ claim


A rather vexed member of the WordPress.org team has responded to recent ‘security issues’ suffered by WordPress bloggers hosted with Network Solutions:

Summary: A web host had a crappy server configuration that allowed people on the same box to read each others’ configuration files, and some members of the “security” press have tried to turn this into a “WordPress vulnerability” story…

A properly configured web server will not allow users to access the files of another user, regardless of file permissions. The web server is the responsibility of the hosting provider. The methods for doing this (suexec, et al) have been around for 5+ years.

I’m not even going to link any of the articles because they have so many inaccuracies you become stupider by reading them.

So, just to make it clear: your WordPress installation hosted with Blue Globe is as secure as ever, because we do configure our servers properly. Just in case you had heard any of these security rumours I thought I’d put your mind at rest.

, ,

This entry was posted on April 21, 2010, 6:41 pm and is filed under Wordpress. You can follow any responses to this entry through RSS 2.0. You can leave a response, or trackback from your own site.

  1. No comments yet.
(will not be published)