WordPress.org

Ready to get started?Download WordPress

Forums

[resolved] My web host does not want to host WordPress ... (10 posts)

  1. duke-thad
    Member
    Posted 8 years ago #

    Hello,

    This is my first post and I am posting this because my web host does not want to host WordPress because of security issues.

    The exact wording is:
    "There is a known security problem with WordPress, so unless we strip out the
    picture upload ability and the ability for users to leave comments, you
    shouldn't consider using it."

    So, my question is simple, what are these problems and have they recently been fixed.

    I do not want to hear that I should change my web host because they are an amazing company that will bend over backwards for my site and it's security. In other words, please give me logical reasons that I can use to discuss the issues with them.

    Cheers!

  2. James
    Happiness Engineer
    Posted 8 years ago #

    There are no known security conflicts with the picture upload ability or the ability for users to leave comments. Please ask your hosting provider to check with us. All known security holes should have been plugged as of v1.5.1.2.

    They may be getting this confused with allow_url_fopen(), which is a security hole and was used by pingbacks and trackbacks in v1.5. This was fixed and changed to cURL in v1.5.1.

  3. duke-thad
    Member
    Posted 8 years ago #

    Thanks for the quick reply, but how should they contact you? On the contact page, there is not an email address that I can give him for this type of question.

    I thought that this might have been a problem caused by information lag and would like to use WP for my website.

  4. James
    Happiness Engineer
    Posted 8 years ago #

    Oops, sorry about not including that. Contact "m at wordpress dot org" .

    P.S. You would be contacting Matt Mullenweg, the lead WordPress developer, not me (I'm just a volunteer).

  5. Marc
    Member
    Posted 8 years ago #

    I do not want to hear that I should change my web host because they are an amazing company that will bend over backwards for my site and it's security.

    By all means contact Matt.

    But I would dispute the above quote. If your host has so little initiative that they would demean WP to you before first checking on updates to the software just doesn't smell right to me.

    Of course you're in the best position to judge that.

  6. duke-thad
    Member
    Posted 8 years ago #

    macmanx - thanks for your response, I have passed the email on to my host.

    Marc - without explaining the history of why I think that my web host is looking out for the best (not just for me but for their entire system of servers), I would rather have them respond to me with a negative than allow me to use something that MAY not be 100% safe and secure. I am not saying that WP is not safe and secure, but even some commercial products are not safe and secure (and thus not allowed to be used by my web host).

    But, again, thanks for the quick response.

  7. Mark (podz)
    Support Maven
    Posted 8 years ago #

    duke-thad: have you told Matt the name of your host ? He could then work with them to allay their concerns.

  8. duke-thad
    Member
    Posted 8 years ago #

    podz -

    I have forwarded the information on to my web host and I am sure that they will follow-up. Also, I am in the UK and they are in Cali ... so, it will be a later before they get the message.

  9. nmallory
    Member
    Posted 8 years ago #

    I just wanted to add my 2cents. ;)

    I was using Greymatter for a long time and that software does have huge gaping security holes. I had to delete and restart several blogs because once I got over 150 posts, when I updated the site in anyway, I'd get my account shut down because it was using to much CPU time, etc.

    As an alternative, my host actually recommended WP to me. I think they even have one of those easy set up functions though I didn't use it.

    I certainly think that WP is far more stable, feature-rich, and secure than Greymatter so I wonder if your host has WP confused with some other types of journal-ware.

  10. dualravens
    Member
    Posted 8 years ago #

    ipowerweb uses WP as its default blog, allowing novice uses to add a new blog with a file name and a push of a button. They took a long time to make this recent switch and apparently went through several months of testing before they made it a public option.

    That's my one cent.

    I do wonder what your webhost does recommend. It seems that any choice has a measure of security concerns that a good webhost is able to deal with in a way besides banning products.

Topic Closed

This topic has been closed to new replies.

About this Topic