No offense, but what you just said makes zero sense.
An "ftp style install" is not typical at any company I've been at. Most (good) exploits are executable code in the database, and not even visible (unless you know where to look). That also applies to Javascript/Python/C/etc that would survive docker containers and horizontally scaled servers.
The exploits in WordPress (mostly) come from people installing poorly written plugins without validating the quality of the code, professionals don't let their company do that. The same could be said about other dependencies in code everywhere. Always validate your dependencies if you need to ensure quality and security. It doesn't matter what language you're using.
from Hacker News - New Comments: "WordPress" http://bit.ly/2EPwt8t
via IFTTT
No comments:
Post a Comment