=== JanC is now known as Guest465 [03:44] good morning [15:11] is it really that hard to lock down WP? :-/ [16:05] * daftykins looks high and low for context [16:21] it was in another channel where discussing it wouldn't have been appropriate :) [16:23] daftykins: it relates to https://xubuntu.org/news/vinyl-online-casino-aus-de-starten/ etc. [19:43] it's certainly difficult to lock down WP. it can be used as a static producer, though, which IMO is the only way it should be used. [20:11] I don't really understand why it can be so hard, unless nobody ever bothered to make it secure? [20:11] I assume they aren't allowed to install random extensions for it? [20:12] the plugins are what bring WordPress down [20:12] ecommerce ones have especially been the weak point i think for installations to get compromised via [20:13] but I would assume that for xubuntu.org they aren't allowed to install random plugins? [20:14] pass [20:17] i think the issue here specifically is that there is insufficient manpower attributed to keeping the installation updated / patching it in time, and patching is probably needed because of the ubuntu SSP integration and non-default separation of access privileges [20:17] s/SSP/SSO/ [20:17] but that's just a guess [20:18] I would assume an SSO plugin doesn't break on every WP upgrade? [20:20] and for the rest it should be updated as part of the OS? [20:20] i'm not sure the modifications (SSO, others) are a plugin, could be just custom code. [20:20] ugh [20:21] that sounds like asking for trouble [20:21] still, just guessing, i have no idea how it really is [20:21] i always see SSO as plugins in sites i've had to babysit [20:21] *seen [20:24] I'd certainly hope a widely-used CMS like WP would have a plugin API for it :) [20:26] it does have a plugin api, and there are various SSO plugins for it [22:51] JanC: oh wow! "Erfahrungen 2025 Bonus 500 + 200 FS + 1 Bonus Crab" BONUS CRAB BONUS CRAB BONUS CRAB