you will be running security scans and paying bug bounties? Sometimes its easier using someone else's work and extending.
-
Always forgive your enemies; nothing annoys them so much. -
That is assuming that the 3rd party is secure.Originally posted by vetran View Post
Wordpress gets a new exploit every week, it seem, or anything else written in PHP for that matter.
Still I agree with the sentiment, Wordpress, especially hosted, that is kept updated, will be more secure than rolling your own.Comment
-
I get asked to do quite a few websites per year and unless ecommerce or just require a couple of static pages I use Wordpress. The WP people are pretty quick to pick up on vulnerabilities and patch them and this can be set to update automatically.Originally posted by yasockie View Post
The issue is plugins. Out of the box I find that WP requires at least a few of these to match the clients requirements and while they might do the job they may not be as secure as the core code. Many plugins do the same job, when was it last updated? Is the plugin author responsive to issues? No site will ever be 100% secure 100% all of the time but I need to know that what I'm using will have timely updates as issues arise.
There are security plugins that will inform you of an updates to any plugins you have installed including themes and very useful they are. So far I've never had an issue but need to do soem effort to make sure theses sites are as up to date as they can be.Comment
-
+1 for Umbraco.Comment
-
Have a look at N2 Cms. It's lightweight and doesn't get in the way like other bigger Cms products.Comment
Comment