ATTENTION: You are viewing a page formatted for mobile devices; to view the full web page, click HERE.

Main Area and Open Discussion > General Software Discussion

In search of a lightweight multi-user cms/blog for hosting coders

<< < (3/7) > >>

mouser:
Wordpress does seem to be a target/recipient of attacks disproportionately, but i think having a single install, with minimal 3rd party extensions, which was kept always up to date, would be more secure than having a large number of different frameworks that were sporadically updated if ever..

f0dder:
Wordpress does seem to be a target/recipient of attacks disproportionately, but i think having a single install, with minimal 3rd party extensions, which was kept always up to date, would be more secure than having a large number of different frameworks that were sporadically updated if ever..-mouser (September 03, 2017, 05:02 PM)
--- End quote ---
Emphasis mine.

Either you figure out a way to always auto-update to the newest version, while not breaking anything... or you have to do this manually, figuring out if an update will break things, looking for CVEs to see if you have to zomgupdatenow or if you can keep it on a regular schedule. You'll also have to prevent users from installing just any plugins, since that's how mass-defacements usually happen.

If somebody wants Wordpress, I think they should be going for a managed solution at Wordpress rather than dealing with it themselves.

wraith808:
Wordpress does seem to be a target/recipient of attacks disproportionately, but i think having a single install, with minimal 3rd party extensions, which was kept always up to date, would be more secure than having a large number of different frameworks that were sporadically updated if ever..-mouser (September 03, 2017, 05:02 PM)
--- End quote ---
Emphasis mine.

Either you figure out a way to always auto-update to the newest version, while not breaking anything... or you have to do this manually, figuring out if an update will break things, looking for CVEs to see if you have to zomgupdatenow or if you can keep it on a regular schedule. You'll also have to prevent users from installing just any plugins, since that's how mass-defacements usually happen.

If somebody wants Wordpress, I think they should be going for a managed solution at Wordpress rather than dealing with it themselves.

-f0dder (September 06, 2017, 02:07 PM)
--- End quote ---

Thanks.  That was what I was saying.  And I had minimal plugins/themes.  And it's a pain.

mouser:
An update: I think I have settled on using Wordpress for this function.
It seems to offer the best trade-offs in terms of ease of use and ability to run multiple sites from a single install, and has some reasonable plugins to allow the site owners to host their software downloads.  And of course have their own blogs.
We can have a unified theme for those that want it and those that don't can use a custom one.

mouser:
I think this is going to work -- and will let us provide dc members who want it with a nice clean web area with their own blog and software download area in a very clean simple way, which they can customize and manage to whatever extent they want, and allow us to maintain and backup all member sites very easily.  It's what we originally set out to do with the dcmembers area but never were actually able to do much of because the maintenance and security issues were too much work.

Navigation

[0] Message Index

[#] Next page

[*] Previous page

Go to full version