Word Press in a hosting situation

  • noober

    (@noober)


    19 years, 10 months ago

    Looking at many Open Source blogging systems, WordPress is definitely the standout in my option and I plan to build a personal site with it shortly.
    On the other side of the coin, I’d also like to develop blog hosting service for a community but I’m concerned about the current templating architecture from a security standpoint.
    Can anyone share any insights they may have into using WordPress in a multi-user situation? (based on the current version, a single MySQL backend with multiple frontends; information or speculation on how multiblog WordPress will function is welcome too)
    It seems to me (with the limited time I’ve had to use the system) that any user with templating access is able to execute any code he likes and therefore has complete access to MySQL credentials (for that individual blog), has the ability to increase their user level, etc.

Viewing 3 replies - 1 through 3 (of 3 total)
  • Anonymous

    19 years, 10 months ago

    That is correct. Giving any user access to the template editing screen is not advisable unless you really, really trust them 🙂 The developers do not see this as an issue with WordPress, rather it is an issue for individual site admins.

    Mark (podz)

    (@podz)

    19 years, 10 months ago

    I think that is a little unfair.
    WordPress – as it stands – is promoted as a personal publishing platform, not a CMS.
    I also think that such concerns will be addressed in time.

    davidchait

    (@davidchait)

    19 years, 10 months ago

    Just don’t give users high security levels. Then they will have the ability to post, but not to edit the site.
    If you want to give people individual blogs, you want to look at something like Fantastico for multi-domain installing/hosting.
    -d
    CHAITGEAR

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Word Press in a hosting situation’ is closed to new replies.