murfcat Posted April 23, 2011 Share Posted April 23, 2011 I am going to add a blog to my site using wordpress. I already have wordpress on the site which, of course, has a different database from osCommerce. My plan is to use a subdomain for the blog. I want people to be able to comment on blog posts but I am a bit concerned as to what if any effect this will have on the security of my store. I know from using wordpress on other (non-commercial) sites that people who I would guess to be hackers love to sign up as users and try to post. I moderate posts on my other sites so that their posts cannot go on without my approval and I can delete them as a user if I feel like I should. What I would like to know is how other people who have blogs set them up, how they handle comments, what, if any, added security risks a blog presents to the osCommerce store and how others minimize any risks. I should add that I did have my store hacked because I didn't follow the security measures that have been strongly suggested by so many on these boards and that taught me a lesson so I have secured my admin, added security pro and site monitor, added the .htaccess file to my images directory and taken other recommended security measures. I also check files on a regular basis (last date modified, and size differnces) to make sure that I am the only one altering files. Getting hacked has made me a bit paranoid about security but that is not necessarily a bad thing. Oh yeah, I use 2.2rca2. Link to comment Share on other sites More sharing options...
Guest Posted April 23, 2011 Share Posted April 23, 2011 Gary, Wordpress has a long history of security issues that would effect the integrity of your osCommerce store. I personally WON'T install Wordpress onto a clients site without informing them of the risks involved and having them relinquish me of any responsibility. Chris Link to comment Share on other sites More sharing options...
murfcat Posted April 24, 2011 Author Share Posted April 24, 2011 Gary, Wordpress has a long history of security issues that would effect the integrity of your osCommerce store. I personally WON'T install Wordpress onto a clients site without informing them of the risks involved and having them relinquish me of any responsibility. Chris Thanks for your reply Chris Is there any blogging software that is less of a security risk than wordpress? It seems that, by its very nature, any open source, free software has security issues. Some of these can be mitigated with a little bit of work and diligence and some are more difficult to mitigate. Do you have any ideas that you might be willing to share on alternatives? I am not seeking a recommendation, just looking for ideas that I might explore. Gary Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.