Guilion
♪El mariachi fennec quiere bailar♪
- Messages
- 57
SMF? Simple Machines Forum?Arnox said:Out of curiosity, how would you say SMF's security is?Guilion said:Here is an unpopular opinion on Wordpress from an information security auditor: Fucking don't.
Wordpress is an extremely popular platform for lazy people and organizations that don't want to spend their cash or their time in building their own customized platform while adhering to strict security standards, and as such it's ground zero for trying to dig up exploits and hack multiple websites via botnets at once in a single day.
But hey, surely the people over at the escapist know this and they are going to take the proper defense mechanisms in order to avoid having all of their users databases exposed. Am I right?
Honestly it's a farily unpopular platform and as a result there is very little to concern yourself about.
As long as a site running SMF is updated constantly, the usual PHP risks and known vulnerabilities that apply pretty much everywhere have been addressed and the site is protected against MitM attacks via TLS you have very little to worry about as long as your hosting provider has appropriate perimeter security.