[TriLUG] Wordpress alternatives
Matt Pusateri
mpusateri at wickedtrails.com
Tue Apr 1 14:48:05 EDT 2008
Randy Barlow wrote:
> Cristóbal Palmer wrote:
>
>> It's a blog. WTF are you doing worrying about its security? If you
>> want to be "secure" don't blog.
>>
>
> There was a really good photography blog that went down recently
> (Multimedia shooter) due to a vulnerability in Wordpress. Now, I'm a
> smart enough guy to backup my database (unfortunately, they weren't) but
> who wants the hassle of dealing with a compromised website.
>
> My reasons for wanting to host it myself are mainly just for the
> experience and just because I can. I would also like that there aren't
> ads on my blog, so that's why I don't use LiveJournal or the like.
>
> Very good points about not using an OS package manager since it does
> seem like it's very often that these webapps have vulnerabilities
> discovered. Thanks for the input TriLUG!
>
>
iirc, gentoo only publishes a security vulnerability, when they have
fixed something, as a lot of other distros do as well. You really have
to track the upstream source. Since a lot of packages are created by
volunteers, you have to sometimes wait till they get around to updating
them. I recommend if your hosting your own stuff and your not tracking
the mailing lists of your software, then you going to have the potential
for security issues. And people wonder what us sys admins do for a
living :) I think my gmail account has like 45 different software
packages I track :(
More information about the TriLUG
mailing list