[Cialug] WordPress
L. V. Lammert
lvl at omnitec.net
Wed Jul 17 20:37:18 UTC 2019
On Wed, 17 Jul 2019, Todd Walton wrote:
> Question, for anyone with an opinion:
> 1) Can WordPress be made secure enough for a business environment?
>
The simple answer is NO - the admin login is always available for a
hacker, and plugins are a GIANT PITA.
Howerver, we have configured fail2ban to watch the admin logins, which is
a big step, so if you can ensure stuff is updated at least weekly and
maintain veto power over plugins the answer would be a qualified yes.
You will also need scanner plugins that will scan everything regularly for
Base64 code (very common for hackers), et al, but there are more than a
few of those.
Lee
More information about the Cialug
mailing list