[BlueOnyx:00275] Re: Third party software: Joomla
Dogsbody
dan at dogsbody.org
Sat Jan 17 11:04:26 -05 2009
>>> P.S. Joomla! is insecure as hell, don't use it ;)
>> What do you suggest as more secure?
>
> I'm catching up to some of the posts. But you can try the following:
Ditto :-) Only 196 mails still to read from this list!
> Drupal -- drupal.org
> WordPress -- wordpress.org (or the MU version for multi-user)
> MovableType -- movabletype.org
Which have all been hacked just as much as Joomla! :-)
At the end of the day, if you have and insecure siteadmin they *will*
shoot themselves in a the foot whether it's installing a CMS/blog
insecurely to using a mail-form or just setting all their files to 777.
IMHO all you can try and do is encourage best practices. I so wrote a
little script that scanned all the MySQL databases and files on a server
looking for old versions of phpBB, Joomla, wordpress etc so that I could
then mail them and ask them to please update their site for the sake of
their site and the server. It works quite well and you can even upsell
them consultancy work or more services at the same time! :-p
Just my 0.02 GBP
Dan
More information about the Blueonyx
mailing list