Wordpress Security

Discussion in 'General' started by vk3heg, Nov 9, 2015.

  1. vk3heg

    vk3heg Member

    Hello All,

    With the recent wordpress security issues I've not enabled it as a app's install feature on my setup.
    I might have a need to re-visit that choice, and was wondering if the wordpress app is going to be suffering from the same security issues that have been goin on in the main wordpress world?

  2. till

    till Super Moderator Staff Member ISPConfig Developer

    It does not matter if you install wordpress manually or with an app installer, its alwaysthe same application. Wordpress itself is ok security wise as long as you install updates regularly, most of the WP issues are from insecure extensions.
  3. vk3heg

    vk3heg Member

    Is the updating of apps/wordpress etc done, via isp config or the app it's self? (I can't see a option in the ispconfig app section.)
    I also notice that the apps version of wp is 4.1.1-40, yet the version on the wp website is 4.3.1?

  4. Jesse Norell

    Jesse Norell Active Member

    As a new user, it seems to me:
    The APS installer just automates the download/untar of wordpress, creates teh database user/db, and configures wordpress to use it. ISPconfig does nothing more at any point (doesn't install updates), unless you delete the app.
    Yep, just install the old version for convenience of setup, then immediately hit the wordpress update button once you're logged in.
  5. vk3heg

    vk3heg Member

    Thanks, Till/Jesse.

    I have done a test install and will examine how the system works.

Share This Page