Security Matters

Every now and then, I take a peek at the landscape of the blogging world. In case I decide to change my platform. I run this blog on Blogger to save me the headache of worrying about updates and security for my blogging platform.

One of my explorations has me looking at "static" blogging platforms which "bake" your entries into static HTML files. This led me to a static blogging system called "Jeykll" and an article describing a way to run a Jekyll blog on Google AppEngine using DryDrop. That's not the point of this post, I ended up on a tangent due to the fact that the author of the article, though a Wordpress lover, had choosen to leave Wordpress due to security issues.

In his own words:

"I hosted about 25 wordpress blogs on my mosso account for various friends. I kept most of them up to date, but a lot of them were for friends and were not under my control. 100% of them got owned. hah. It was just something they did. no matter how fast or often i updated the wordpress software - it would be owned at least one time. My personal blog was safe for some reason. Maybe it was because I always ran the bleeding edge version from SVN. I will not miss the constant updates and the attacks. The wordpress community does a good job of handling this issue. I, however, was tired of it."

Apart from the Plone sites that I manage, I am responsible for two Wordpress sites (I'm aware of all the cautionary tales so I'm keeping those WP sites up to date, backed up, plus my fingers crossed).

Bottom-line, security matters!

update:
If you're seriously looking into static blogging you may want to check out Ruhoh.