On 08/10/11 04:24, Glenn English wrote: > One of my users wants to put up a blog using WordPress. I notice > there's a package for WordPress in aptitude, but it's in php.
WordPress uses php - regardless of where you get it from. > > I don't do php on my web server because I was told of huge security > problems in it Web servers have huge security problems. The internet has huge security problems. You've been given poor advice. Make sure you keep WordPress up-to-date. > -- and until I turned off the php interpreter in > Apache, I got many break in attempts involving phpAdmin and such. Which is why you don't run the login page as default. Over-simplification == dumbing-down - with a logical conclusion ;-p It's like arguing the obscurity is inferior to open in regards to security. It fallacious logic. It's *not* and either/or situation - a mixture of both is superior to either. Wordpress is a CMS - almost all CMSs use php (and MySQL). All software has insecurities - not using software is *not* the solution. Consider *not* advertising the version or type of software you're using, don't use www.site.tld/admin as the login page, don't use "admin" as the administrator name, don't forget to check your file permissions, do keep your software up-to-date, do keep multiple backups *and* use md5 sums. > > Do any of you know of a similar package in, say, Perl or Python? Or > can anyone convince me that php is safe? > Those are not answerable questions (the latter is a "are you still beating your wife?" type question!). Consider carefully what you want to do, and choose the appropriate software for it. EG. if you want to run a blog then WordPress is a fine choice (provisionally), if you want to run a worm farm then Joomla is an excellent choice (and you'll have lots of company). If you don't want to spent the time becoming an expert in Apache etc - use hosting. WordPress is ideal for people with limited time who want a blog (content changes regularly). It can be "converted" into a website CMS - and a Ferrari can be converted into a manure spreader (but it's less than ideal). I hope that somewhat answers your questions. If not perhaps consider rephrasing them and telling us what you want WordPress for, and in what circumstances you wish to run it - and we'll suggest Debian solutions for it. Cheers -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
