Group: Member Post Group: Newbie
Posts: 18
Status:  |
The Good news about WordPress is it is extremely popular, and of course the BAD news about WordPress is that is is extremely popular.
There is an article and conversation taking place over at WP Security Lock (the site is devoted to WordPress Security)
http://www.wpsecuritylock.com/wordpress-security-risks-using-auto-installers-like-fantastico/
Discussing how installing WordPress using a "installer" is not a safe way to install WordPress, or any other software package. While the discussion primarily is centered on Fantastico and Fantastico not really giving you control over the database name, username, database prefix like Softaculous does (a MAJOR plus for Softaculous over Fantastic and SimpleScripts other than the ability to name your own username for the database which should be addressed they have a good point).
The other two items that where pointed out is the file that is created by Fantastico fantversion.php could be a security risk over installing WordPress manually. Is this addressed in Softaculous? And if so what security measures are in place in case the install script is hacked?
And with the ability in the new WordPress for one button upgrade, this seems to cause a issue with Fantastico.
What issues in Softaculous are there if a install of WordPress is done by Softaculous and the new built in upgrade feature is used in WordPress?
Edited by karthost : January 8, 2011, 8:26 pm |
Powered By AEF 1.0.8 © 2007-2008 Electron Inc.
January 8, 2011, 8:25 pm
