Wiki Idea Shot Down

jmoore

@tim_g said in Wiki Idea Shot Down:

Did you bother to look at any of those? They are all old vulnerabilities from versions of WordPress you should not be using anymore. If you get hit, your fault!

Yeah Wordpress has always been good to me. I have run 2 websites for years and never got hacked which is really a miracle because at first I had no idea what I was doing. The only problem I've had was hackers doing so many attempts at my log in pages and server root that sometimes the site would go down when the server ran out of memory. I had a small server though and after I researched the issue just saw that it was a misconfiguration from Apache which i long since fixed. No issues since then. Knock on lots of Wood!

Obsolesce

@jmoore said in Wiki Idea Shot Down:

Always willing to try new things. Do you remember any of the plugin names that made this "wiki-style" ?

Theme:
WikiWP

Plugins:
Broken Link Checker
Disable Comments
OnePress Image Elevator
Responsive Lightbox
Table of Contents Plus
TablePress
TinyMCE Advanced

jmoore

@tim_g said in Wiki Idea Shot Down:

@jmoore said in Wiki Idea Shot Down:

Always willing to try new things. Do you remember any of the plugin names that made this "wiki-style" ?

Theme:
WikiWP

Plugins:
Broken Link Checker
Disable Comments
OnePress Image Elevator
Responsive Lightbox
Table of Contents Plus
TablePress
TinyMCE Advanced

Thanks Tim! I want to look at those. Cool that its a theme

Obsolesce

To keep your WP site secure:

1. KEEP IT UPDATED, ALWAYS! THEME, PLUGINS, WP, EVERYTHING!!!
2. Wordfence Security plugin
3. Securi Security plugin

Take the steps those plugins recommend to secure your WP site.

stacksofplates

I've always used Drupal. IMO probably the most secure and flexible CMF there is and built with PHP. Just sounds like someone making excuses.

jmoore

@stacksofplates said in Wiki Idea Shot Down:

I've always used Drupal. IMO probably the most secure and flexible CMF there is and built with PHP. Just sounds like someone making excuses.

Yeah tons of things are built with php. I've never tried Drupal but I suppose I will have to experiment sometime.

scottalanmiller

@jmoore said in Wiki Idea Shot Down:

@stacksofplates said in Wiki Idea Shot Down:

I've always used Drupal. IMO probably the most secure and flexible CMF there is and built with PHP. Just sounds like someone making excuses.

Yeah tons of things are built with php. I've never tried Drupal but I suppose I will have to experiment sometime.

ALmost everything is. Even Facebook and Wikipedia.

stacksofplates

@jmoore said in Wiki Idea Shot Down:

@stacksofplates said in Wiki Idea Shot Down:

I've always used Drupal. IMO probably the most secure and flexible CMF there is and built with PHP. Just sounds like someone making excuses.

Yeah tons of things are built with php. I've never tried Drupal but I suppose I will have to experiment sometime.

The learning curve is fairly steep but once you're over the hump you'll never want to use something else. It's kind of weird it's a really steep learning curve but it's super easy (like minutes) once you understand how to use it.

jmoore

Well it is a programming language in its own way so not really surprising that it takes a while to learn. I only know basics and enough to be dangerous

scottalanmiller

@jmoore said in Wiki Idea Shot Down:

Well it is a programming language in its own way so not really surprising that it takes a while to learn. I only know basics and enough to be dangerous

He means Drupal, not PHP

jmoore

Oops! My fault, your right

scottalanmiller

PHP ranked one of the more secure languages for web development: https://gcn.com/articles/2014/04/24/programming-language-security.aspx?s=gcntech_250414

jmoore

@scottalanmiller Well that is interesting. So any idea what these vulnerability scans were he said he ran that kept giving up php as the culprit?

coliver

@jmoore said in Wiki Idea Shot Down:

@scottalanmiller Well that is interesting. So any idea what these vulnerability scans were he said he ran that kept giving up php as the culprit?

Probably old versions of PHP that needed to be updated 10 years ago. Another example of "keep your shit up to date."

wirestyle22

I didn't read every post here, but your boss is wrong. An internal wiki is a fantastic way to document and i have no idea what he's talking about. It sounds like you're in a similar position as I am where all logic is discarded for seemingly no real reason.

scottalanmiller

@jmoore said in Wiki Idea Shot Down:

@scottalanmiller Well that is interesting. So any idea what these vulnerability scans were he said he ran that kept giving up php as the culprit?

Given everything else described, it is pretty safe to assume he's either just making it up or is not properly maintaining his system and the results are actually telling you that you have a security problem in your IT management.

stacksofplates

@scottalanmiller said in Wiki Idea Shot Down:

@jmoore said in Wiki Idea Shot Down:

@scottalanmiller Well that is interesting. So any idea what these vulnerability scans were he said he ran that kept giving up php as the culprit?

Given everything else described, it is pretty safe to assume he's either just making it up or is not properly maintaining his system and the results are actually telling you that you have a security problem in your IT management.

I'm guessing something like Nessus. We have a couple appliances with web interfaces that we can't update and they show up on scans. It's nothing you can change and means nothing about PHP. Anything is a vulnerability if you don't maintain it.

jmoore

@stacksofplates said in Wiki Idea Shot Down:

I'm guessing something like Nessus. We have a couple appliances with web interfaces that we can't update and they show up on scans. It's nothing you can change and means nothing about PHP. Anything is a vulnerability if you don't maintain it.

Purely Windows here too btw

jmoore

@scottalanmiller said in Wiki Idea Shot Down:

Given everything else described, it is pretty safe to assume he's either just making it up or is not properly maintaining his system and the results are actually telling you that you have a security problem in your IT management.

Ok well thought id ask just in case you know

jmoore

@wirestyle22 said in Wiki Idea Shot Down:

I didn't read every post here, but your boss is wrong. An internal wiki is a fantastic way to document and i have no idea what he's talking about. It sounds like you're in a similar position as I am where all logic is discarded for seemingly no real reason.

Yeah thanks, I thought it was a good idea too. I have one at home and like mine so maybe there is some disconnect somewhere that he thinks it does something else