Goodbye Wordpress. Again, you have failed me.

Veröffentlicht am 10. Januar 2010 (vor 756 Tagen)

View this post in German: Auf Wiedersehen, Wordpress!

It is not always a good idea to listen to others. But it is probably a good idea to listen to yourself. I have had to learn that the hard way. Last year, I have done quite some Code Review session together with Arne Blankerts and Sebastian Bergmann at various IT conferences, where we showed "Better not do this"-type code examples taken from popular open source PHP projects.

Wordpress was not missing from these examples, after all Wordpress supposedly has a CRAP index of 598398 and is known to have security issues time and again. Unfortunately, though I knew that Wordpress is one of those PHP-based open source applications that you should better not use, I was running my own blog on Wordpress.

So it happened: last week I was incidentally looking at the source code of my latest blog post. To my big surprise, I saw a <div> absolutely positioned out of the viewable area, containing quite some links to "pharmaceutical" web sites. Needless to say that I had not put that <div> into my blog post, but some hacker or exploit did.

So it happened: just like a couple of years back, when that frequently used PHP forum software had to go, after one of my servers had been hacked due to a security issue in that very forum software, Wordpress is now gone forever from my server. Goodbye, and thanks for nothing.

Tags: Wordpress, Relaunch, Blog, PHP, CRAP, hack, fail

Kommentare?

Kommentare bitte per E-Mail.