The "Freeola Customer Forum" forum, which includes Retro Game Reviews, has been archived and is now read-only. You cannot post here or create a new thread or review on this forum.
A few years ago I installed Wordpress as a test - just to see how things work as it's so popular.
I had a very basic site - a few photos to play with.
I used a theme available via Wordpress, nothing else clever going on.
The WP install was set to upgrade automatically to try to stay secure...
Yesterday I visited my WP login page (haven't been there for many months) via a browser bookmark - quite surprised as my site seems to have picked up a dodgy malware redirect!!!
I ended up deleting my WP installation as it was only there for playing.
I downloaded the files via FTP on a spare PC first. Sniffing around it looks like some WP files were updated in June this year but couldn't see where the malware was.
The Wordpress forum contains lots of similar tales of woe. My redirect was going to a random .tk domain.
I seem to have escaped from any permanent damage (it looked like a spoof - "phone for Microsoft support" page).
I won't be going near Wordpress for a while!
[s]Hmmm...[/s]
Thanks for the reply.
I'm not giving up on web development (need to eat!) but I'm avoiding CMS based stuff...
[s]Hmmm...[/s]
Best tip is to use WAMP free server software on your PC and develop your site entirely offline, free from any risk of malicious code, then simply upload a pristine copy of your site to your server. If your live site becomes irreversibly corrupted, you can simply upload another instance.
If you make regular backups of your site and database (preferrably automated), damage from corruption and/or infections are easily remedied. MAKE FREQUENT BACKUPS!
I prefer Joomla, a robust and powerful CMS platform, with allot of commercial support for extensions. Free extensions are okay, some good even, but free always comes with hidden risks. Many free extensions fail to remain compliant with core platform updates and frequently cause code conflicts. Hence the sense and ease of building and test your site/s 'offline' first.
Remember recovering from conflict or attack while developing is vastly different when you have allot of active users expecting your site to be functioning flawlessly. backups and offline extension testing is critical for a site's serviceability and is far less stressful for you as a developer when updating and performing recoveries.
Don't give up on WordPress or web development, if you would like help with the commissioning of a stable and secure CMS installation, give me a shout sometime.
Regards
Puniksem
A few years ago I installed Wordpress as a test - just to see how things work as it's so popular.
I had a very basic site - a few photos to play with.
I used a theme available via Wordpress, nothing else clever going on.
The WP install was set to upgrade automatically to try to stay secure...
Yesterday I visited my WP login page (haven't been there for many months) via a browser bookmark - quite surprised as my site seems to have picked up a dodgy malware redirect!!!
I ended up deleting my WP installation as it was only there for playing.
I downloaded the files via FTP on a spare PC first. Sniffing around it looks like some WP files were updated in June this year but couldn't see where the malware was.
The Wordpress forum contains lots of similar tales of woe. My redirect was going to a random .tk domain.
I seem to have escaped from any permanent damage (it looked like a spoof - "phone for Microsoft support" page).
I won't be going near Wordpress for a while!
[s]Hmmm...[/s]